+++ /dev/null
-# cscope/ctag data
-/cscope.files
-/cscope.out
-/tags
-
-# Temporary files
-*.swp
-*~
-The changelog file is obsolete, please view the commits log on github
+The changelog file is obsolete, please view the commits log on github:
https://github.com/lsh123/xmlsec/commits/master
+Or News section on XMLSec website:
-2016-10-15 Aleksey Sanin <aleksey@aleksey.com>
- * 1.2.23 release
-
-2016-10-14 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed gcrypto RSA/DSA keys params ordering
-
-2016-10-12 Aleksey Sanin <aleksey@aleksey.com>
- * Better X509Data templates
-
-2016-10-07 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed memory leak caused by xmlGetProp (patch from Dafan Zhai)
- * Fixed KW transforms (overlapping buffer error) for OpenSSL 1.1.0
- * Fixed pkg-config detection
-
-2016-09-27 Aleksey Sanin <aleksey@aleksey.com>
- * Added initial support OpenSSL 1.1.0 (patch from Andrzej Siewior)
-
-2016-09-19 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed signing with RSA SHA2 via mscrypto (patch from PepaRokos)
-
-2016-07-08 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed mscrypto undeclared XMLSEC_DEFAULT_CRYPTO (patch from vmiklos)
-
-2016-05-31 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed mismatched conditional for XMLSEC_NO_ECDSA (patch from Eric Sproul)
-
-2016-05-20 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed openssl cert depth verification param usage (patch from R-Tur)
-
-2016-04-22 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed stdin/stdout in xmlsec1 app
-
-2016-04-20 Aleksey Sanin <aleksey@aleksey.com>
- * Restored SOAP support for Lasso
- * 1.2.22 release
-
-2016-04-12 Aleksey Sanin <aleksey@aleksey.com>
- * 1.2.21 release
-
-2016-02-17 Aleksey Sanin <aleksey@aleksey.com>
- * Added OOXML Relationships Transform Algorithm (patch from Miklos Vajna)
-
-2016-02-06 Aleksey Sanin <aleksey@aleksey.com>
- * Deprecated XMLSEC_CRYPTO define in favor of xmlSecGetDefaultCrypto() function
-
-2016-02-05 Aleksey Sanin <aleksey@aleksey.com>
- * Revamped manpages/documentation build to completely pass 'make distcheck' tests
-
-2016-01-28 Aleksey Sanin <aleksey@aleksey.com>
- * Added OpenSSL 1.1.0 API support (major refactoring for block ciphers and DSA/ECDSA signatures)
-
-2016-01-28 Aleksey Sanin <aleksey@aleksey.com>
- * Migrated to GitHub (https://github.com/lsh123/xmlsec)
-
-2015-03-10 Aleksey Sanin <aleksey@aleksey.com>
- * Removed support for legacy OpenSSL 0.9.6 (last release: March, 2004) and 0.9.7 (last release: February, 2007)
-
-2014-10-2014 Aleksey Sanin <aleksey@aleksey.com>
- * Added experimental GOST2012 support (patch from Nikolay Shaplov)
-
-2014-06-04 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed several compaints from Clang and Coverity (based on patches from Simo Sorce)
-
-2014-02-25 Aleksey Sanin <aleksey@aleksey.com>
- * Removed XKMS support -- it was never completed and not worth keeping
-
-2013-05-23 Aleksey Sanin <aleksey@aleksey.com>
- * 1.2.20 release
-
-2014-05-23 Aleksey Sanin <aleksey@aleksey.com>
- * fix build on MacOSX (bug #680307)
- * update certs for examples (bug #674572)
- * update test certs to be valid till 2114
- * don't create files on xmlsec-mscrypto when loading the key (bug #633924)
- * clarify min OpenSSL requirements
-
-2014-05-23 Aleksey Sanin <aleksey@aleksey.com>
- * better detect private keys on ext RSA engines (bug #728213)
- * fixed CRL check
-
-2014-02-17 Aleksey Sanin <aleksey@aleksey.com>
- * fixes for RH 6x
-
-2013-07-19 Aleksey Sanin <aleksey@aleksey.com>
- * fixed switch - added missed break keywords (bug #704574)
-
-2013-06-03 Aleksey Sanin <aleksey@aleksey.com>
- * fix memory leak in converting cert subject
-
-2013-05-09 Aleksey Sanin <aleksey@aleksey.com>
- * disable network access during internal xml transform parser
-
-2013-04-12 Aleksey Sanin <aleksey@aleksey.com>
- * fix typo (fixed bug 695605)
-
-2013-03-28 Aleksey Sanin <aleksey@aleksey.com>
- * disable ECDSA if needed (Daniel)
-
-2013-03-24 Aleksey Sanin <aleksey@aleksey.com>
- * docs rebuild
-
-2013-03-24 Aleksey Sanin <aleksey@aleksey.com>
- * 1.2.19 release
-
-2013-01-18 Aleksey Sanin <aleksey@aleksey.com>
- * Added support for DSA-SHA256, ECDSA-SHA1, ECDSA-SHA224, ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512 (Mak Kolybabi)
-
-2011-09-06 Aleksey Sanin <aleksey@aleksey.com>
- * GOST support for xmlsec-openssl (patch from Dmitry Belyavsky)
-
-2011-05-11 Aleksey Sanin <aleksey@aleksey.com>
- * 1.2.18 release
-
-2011-05-01 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed crasher in 64 bit (reported by Roumen)
-
-2011-03-31 Aleksey Sanin <aleksey@aleksey.com>
- * 1.2.17 release
-
-2011-03-30 Aleksey Sanin <aleksey@aleksey.com>
- * Preparations for 1.2.17 release
-
-2011-03-29 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed security issue with libxslt (CVE-2011-1425, reported by Nicolas Gregoire)
-
-2011-02-05 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed pkcs12 file loading (based on patch from Andre de Souza Pinto)
-
-2010-11-23 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed comments (based on patch from Wolfgang Woehl)
-
-2010-11-09 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed extra quotes in configure (bug #631258)
-
-2010-07-19 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed configure issue with empty --with-libxml/libxsl and config scripts in /bin directory
-
-2010-06-27 Aleksey Sanin <aleksey@aleksey.com>
- * Fixed gcrypt init/shutdown (patch from Roumen)
-
-2010-04-25 Aleksey Sanin <aleksey@aleksey.com>
- * 1.2.16 release
-
-2010-04-24 Aleksey Sanin <aleksey@aleksey.com>
- * Preparation for 1.2.16 release
-
-2010-05-23 Aleksey Sanin <aleksey@aleksey.com>
- * Added X509Data support to xmlsec-gnutls
-
-2010-05-12 Aleksey Sanin <aleksey@aleksey.com>
- * Several patches from Roumen: support NSS/NSPR from seamonkey
- package; reorder libxmlsec as dep. lib for mingw; fix gcrypt/src/asn1.h
- include; fix Unicode build for mingw
- * Added RSA/SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160 for xmlsec-gnutls
- * Added DSA/SHA1 for xmlsec-gnutls
-
-2010-05-10 Aleksey Sanin <aleksey@aleksey.com>
- * Added RSA/SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160 for xmlsec-gcrypt
- * Added DSA/SHA1 for xmlsec-gcrypt
-
-2010-05-09 Aleksey Sanin <aleksey@aleksey.com>
- * Added DES KW support for xmlsec-mscrypto
- * Added DES KW support for xmlsec-gnutls
- * Separated xmlsec-gnutls and xmlsec-gcrypt libraries
-
-2010-05-08 Aleksey Sanin <aleksey@aleksey.com>
- * Added AES KW support for xmlsec-mscrypto
- * Added AES KW support for xmlsec-gnutls
-
-2010-04-30 Aleksey Sanin <aleksey@aleksey.com>
- * Added RSA/OAEP support for xmlsec-mscrypto
-
-2010-04-29 Aleksey Sanin <aleksey@aleksey.com>
- * 1.2.15 release
-
-2010-04-28 Aleksey Sanin <aleksey@aleksey.com>
- * Preparation for 1.2.15 release
-
-2010-04-27 Aleksey Sanin <aleksey@aleksey.com>
- * Converted xmlsec-mscrypto to unicode and provided a compile time
- option to switch between unicode/non-unicode builds
- * Deleted support for old gnutls, new required version 2.8.0
- * Added SHA256/384/512 support for xmlsec-gnutls
-
-2010-04-26 Aleksey Sanin <aleksey@aleksey.com>
- * Added support for HMAC with MD5, SHA1, SHA256/384/512 in xmlsec-mscrypto
- * Added support for MD5 RSA/MD5 in xmlsec-mscrypto
-
-2010-04-25 Aleksey Sanin <aleksey@aleksey.com>
- * Added support for SHA256/384/512 for digest, HMAC and RSA in xmlsec-nss
- (requires nss 3.8 + nspr 4.3 or greater)
- * Added support for MD5 for digest and RSA in xmlsec-nss
- * Minor fixes to xmlsec-nss (xmlsec bug #118630), bumping nss min
- version to 3.9 + nspr 4.4.1 or greater
- Other minor fixes for xmlsec-nss
-
-2010-04-24 Aleksey Sanin <aleksey@aleksey.com>
- * Fix PK_CONFIG problem (reported by Roumen)
- * Enable --crypto for transform checks
-
-2010-04-23 Aleksey Sanin <aleksey@aleksey.com>
- * Enable RSA/SHA2 support in xmlsec-mscrypto
- * Misc. cleanups in xmlsec-mscrypto
- * Fix PK_CONFIG problem (reported by Roumen)
- * Fix DSA support in xmlsec-nss (https://bugzilla.mozilla.org/show_bug.cgi?id=561598)
-
-2010-04-23 Aleksey Sanin <aleksey@aleksey.com>
- * Fix search for certificates with UTF-8 subject on Windows in xmlsec-mscrypto
- * Remove spaces at the end of lines
-
-2010-04-22 Aleksey Sanin <aleksey@aleksey.com>
- * Fix search for certificates with Unicode subject on Windows in xmlsec-mscrypto
- * Copy *.manifest files to installation for Windows builds
- * Convert tabs to spaces
-
-2010-04-21 Aleksey Sanin <aleksey@aleksey.com>
- * Fix key name conversion to unicode problem in xmlsec-mscrypto
-
-2010-04-20 Aleksey Sanin <aleksey@aleksey.com>
- * Fix compile warnings in xmlsec-openssl
- * Fix linking order issue (based on patch from Roumen)
-
-2010-03-30 Aleksey Sanin <aleksey@aleksey.com>
- * Fix typo Copyrigth -> Copyright
- * Add xmlsec-mscrypto to the top level copyright file
- * Refresh the copyright date to 2010
- * Add references to licenses
-
-2010-03-18 Aleksey Sanin <aleksey@aleksey.com>
- * Ensure we have only one copy of key's cert after reading pkcs12
- from openssl
-
-2010-01-13 Aleksey Sanin <aleksey@aleksey.com>
- * Fix valgrind's invalid read with chained XPath transforms (based
- on patch from Frank Gross).
-
-2009-09-05 Aleksey Sanin <aleksey@aleksey.com>
- * preparation for 1.2.14 release
-
-2009-11-05 Aleksey Sanin <aleksey@aleksey.com>
- * Use installed ltdl on *nix and native code on Windows
-
-2009-10-25 Aleksey Sanin <aleksey@aleksey.com>
- * Fix --with-libxslt-src (patch from Roumen)
-
-2009-09-12 Aleksey Sanin <aleksey@aleksey.com>
- * Preparation for 1.2.13 release
-
-2009-08-24 Aleksey Sanin <aleksey@aleksey.com>
- * Fix XML dump format
-
-2009-08-06 Aleksey Sanin <aleksey@aleksey.com>
- * fix build for openssl 1.0 (based on patch from Roumen Petrov)
- * cleanup test invocation scripts
- * cleanup configure.in
-
-2009-07-29 Aleksey Sanin <aleksey@aleksey.com>
- * fix a couple minor issues (based on patch from Arfrever
- Frehtes Taifersar Arahesis)
-
-2009-07-17 Aleksey Sanin <aleksey@aleksey.com>
- * preparation for 1.2.13 release
-
-2009-07-14 Aleksey Sanin <aleksey@aleksey.com>
- * increase default min hmac size to 80 bits
- * added support for --with-libxml-src and --with-libxslt-src
- ./configure options
-
-2009-06-25 Aleksey Sanin <aleksey@aleksey.com>
- * implemented c14n 1.1 transform + tests
-
-2009-06-15 Aleksey Sanin <aleksey@aleksey.com>
- * configure.in docs/download.html docs/index.html docs/news.html
- include/xmlsec/version.h: preparation for new 1.2.12 release
-
-2009-06-15 Aleksey Sanin <aleksey@aleksey.com>
- * added support for the GOST implemented by Russian Crypto Pro CSP
- (patch from Dennis Prochko)
-
-2009-06-15 Aleksey Sanin <aleksey@aleksey.com>
- * fixed HMAC vuln with small values of HMAC length
-
-2009-06-13 Aleksey Sanin <aleksey@aleksey.com>
- * fixing gnutls detection (bug #585629)
-
-2009-06-09 Aleksey Sanin <aleksey@aleksey.com>
- * update SVN to GIT references in docs
-
-2009-06-09 Aleksey Sanin <aleksey@aleksey.com>
- * adding configurable Base64 line length
-
-2008-09-10 Aleksey Sanin <aleksey@aleksey.com>
- * fixing bug #501315 (patch from Antony Dovgal)
-
-2008-08-26 Aleksey Sanin <aleksey@aleksey.com>
- * apps/xmlsec.c: fix integer division (patch from Mikhail)
-
-2008-06-10 Aleksey Sanin <aleksey@aleksey.com>
- * src/mscrypto/x509.c src/openssl/x509.c src/nss/x509.c: fix crash
- in the error reporting (based on patch from Frank Gross)
-
-2008-06-04 Aleksey Sanin <aleksey@aleksey.com>
- * src/templates.c src/keyinfo.c src/xmltree.c src/mscrypto/x509.c
- src/openssl/x509.c src/nss/x509.c include/xmlsec/xmltree.h:
- added new function xmlSecNodeEncodeAndSetContent for encoding
- special chars in the node content (bug reported by Cliff Hones)
-
-2008-06-04 Aleksey Sanin <aleksey@aleksey.com>
- * src/xmltree.c, src/xmlenc.c, include/xmlsec/xmltree.h, include/xmlsec/xmlenc.h:
- add an option to return the replaced (encrypted) node(s) to the caller
- (based on the patch from Frank Gross)
-
-2008-05-23 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/mscrypto/app.c: fix MS certificates ref counting
-
-2007-11-06 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html docs/news.html
- include/xmlsec/version.h: preparation for new 1.2.11 release
-
-2007-07-19 Aleksey Sanin <aleksey@aleksey.com>
-
- * bug #454397 - mingw build: added missing files
-
-2007-07-19 Aleksey Sanin <aleksey@aleksey.com>
-
- * bug #454397 - mingw build: normal way to pass def file to linker
- (patch from Roumen Petrov)
-
-2007-07-17 Aleksey Sanin <aleksey@aleksey.com>
-
- * bug #454397 - mingw build: (cross-compilation) and several
- minor cleanups (patch from Roumen Petrov)
-
-2007-06-16 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: configure fixes (patch from Roumen Petrov)
-
-2007-06-06 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/mscrypto/*: better support for non micorsoft CSP's (patch from
- Wouter and Ed Shallow)
-
-2007-02-12 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am xmlsec1.m4: automake macro for xmlsec1 (from Heiko Ronsdorf)
-
-2006-09-04 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/openssl/app.h src/openssl/app.c src/openssl/x509vfy.c:
- added xmlSecOpenSSLAppKeysMngrAddCertsFile() function
- (David Norrel)
-
-2006-08-15 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/x509vfy.c: fixed loading certs from a directory
- during openssl x509 store init (based on idea from David Norrel)
-
-2006-06-12 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/templates.h, src/templates.c, src/xmltree.c:
- support for custom namespaces prefixes for xmldisg namespace
- (based on patch from Barry Ferg)
-
-2006-06-12 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html docs/news.html
- include/xmlsec/version.h: preparation for new 1.2.10 release
-
-2006-06-12 Aleksey Sanin <aleksey@aleksey.com>
-
- * xmlsec-config.in: lib64/ folder patch from Daniel
-
-2006-06-08 Aleksey Sanin <aleksey@aleksey.com>
-
- * config.h.in configure.in xmlsec-nss.pc.in: support different
- packages for NSPR/NSS
-
-2006-05-20 Aleksey Sanin <aleksey@aleksey.com>
- Added xmlSecOpenSSLX509StoreAdoptCrl() function
-
-2006-03-10 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/nss/app.c, src/openssl/x509vfy.c, src/xmldsig.c,
- src/xmlsec-ltdl.c, src/xmlsec-ltdl.patch: cleanup Coverity
- complaints
-
-2006-02-26 Aleksey Sanin <aleksey@aleksey.com>
- * apps/xmlsec.c tests/testDSig.sh: added an ability to skip
- tests for transforms not available in given built
- * tests/: added GOST test from Dmitry Belyavsky
-
-2006-02-16 Aleksey Sanin <aleksey@aleksey.com>
- * src/mscrypto/certkeys.c: fixed memleak in msrypto
-
-2006-02-14 Aleksey Sanin <aleksey@aleksey.com>
- * include/xmlsec/mscrypto/x509.h src/mscrypto/x509vfy.h:
- added an option for disabling system trusted certs
- for mscrypto store (based on patch from Dmitry Belyavsky)
-
-2006-02-10 Aleksey Sanin <aleksey@aleksey.com>
- * authors docs/authors.html
- include/xmlsec/app.h include/xmlsec/private.h
- include/xmlsec/strings.h include/xmlsec/mscrypto/crypto.h
- include/xmlsec/mscrypto/symbols.h src/app.c src/dl.c
- src/strings.c src/transforms.c src/mscrypto/certkeys.c
- src/mscrypto/crypto.c src/mscrypto/digests.c
- src/mscrypto/signatures.c src/skeleton/crypto.c:
- added support for GOST94 for digests and
- GOST 2001 keys/signatures: mscrypto only (patch from
- Dmitry Belyavsky)
-
-2005-12-20 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/mscrypto/x509vfy.c: check MSCrypto store for certs
- (patch from Dmitry Belyavsky); replace tabs with spaces
-
-2005-12-15 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/templates.h src/templates.c: functions
- for adding X509IssuerName and X509SerialNumber nodes
- to the template (patch from Dmitry Belyavsky)
-
-2005-11-14 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: fixing shrext vs. shrext_cmds conflict
-
-2005-09-25 Aleksey Sanin <aleksey@aleksey.com>
- * src/nss/pkikeys.c: fixing xmlsec-nss crash
- * configure.in: change crypto libs order to be openssl/nss/gnutls
-
-2005-07-12 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html docs/news.html:
- preparation for new 1.2.9 release
-
-2005-07-12 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/xmltree.c: fixing a problem with namespaces in the
- nodes created by "template" functions
-
-2005-07-10 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/evp.c: added hack from Erwann ABALEA:
- OpenSSL ENGINE keys are always private since we can't query
- engine and do real check
-
-2005-07-10 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/* include/* src/* tests/*: added support for
- RSA-MD5/RIPEMD160/SHA224/SHA256/SHA384/SHA512 for OpenSSL 0.9.8
-
-2005-07-10 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/ include/ src/ tests/: implemented
- SHA224/256/384/512, HMAC-SHA224/256/384/512, MD5 for OpenSSL 0.9.8
-
-2005-07-10 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/xmldsig.html docs/xmlenc.html
- include/xmlsec/app.h include/xmlsec/private.h include/xmlsec/strings.h
- include/xmlsec/openssl/crypto.h include/xmlsec/openssl/symbols.h
- src/app.c src/dl.c src/strings.c: preparations for SHA224/256/384/512
- and friends
-
-2005-07-09 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in tests/aleksey-xmldsig-01/* tests/keys/*
- tests/merlin-xmldsig-twenty-three/signature.tmpl
- tests/testDSig.sh: updating test certificates for picky
- OpenSSL 0.9.8
-
-
-2005-07-08 Aleksey Sanin <aleksey@aleksey.com>
- * configure.in src/openssl/x509vfy.c: initial support
- for OpenSSL 0.9.8
-
-2005-05-12 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/app.c: fixed "disable-x509" build option
- (patch from Bernd Becker)
-
-2005-05-11 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/signatures.c: fixed "disable-dsa" build option
- (patch from Bernd Becker)
-
-Wed 6 Apr 2005 00:18:21 CEST Igor Zlatkovic <igor@zlatkovic.com>
-
- * .cvsignore: added Eclipse project files
-
-2005-03-31 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/xmltree.c: fixing warning from Solaris (bug #172201)
-
-2005-03-30 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html docs/news.html
- include/xmlsec/version.h: preparing new release 1.2.8
-
-Tue 22 Mar 2005 20:10:19 CET Igor Zlatkovic <igor@zlatkovic.com>
-
- * apps/xmlsec.c: changed the type of the --depth parameter to
- number.
-
-2005-03-06 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/nss/crypto.h src/nss/Makefile.am src/nss/crypto.c
- src/nss/keytrans.c src/nss/kt_rsa.c: better rsa pkcs transform
- using nss wrap/unwrap code (based on the OO.org patch)
-
-2005-03-06 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/nss/crypto.h src/nss/app.c
- src/nss/crypto.c src/nss/x509.c: fixed nss initialization
- problem
-
-2005-03-05 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/nss/pkikeys.c: check that input public and private
- keys have the same type (based on the OO.org patch)
-
-2005-03-05 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/nss/digests.c src/nss/hmac.c src/nss/pkikeys.c
- src/nss/signatures.c src/nss/x509.c src/nss/x509vfy.c:
- print more detailed error message (based on the OO.org patch)
-
-2005-03-04 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/mscrypto/x509vfy.c: fixed cert search (based on the OO.org patch)
-
-2005-03-01 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/mscrypto/app.c: added stubs for adding keys to mscrypto
- keys manager from ms key handle
-
-2005-02-28 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/mscrypto/certkeys.c: WinNT 4.0 support (based on the OO.org patch)
-
-2005-02-28 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/mscrypto/certkeys.c: preparation for WinNT 4.0 support
-
-2005-02-28 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/mscrypto/x509.c: enable private key search for
- a given certificate (based on the OO.org patch)
-
-2005-02-27 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/mscrypto/certkeys.c: use default context when
- getting public key from a cert (based on the OO.org patch)
- * src/mscrypto/x509vfy.c: search both trusted and untrusted
- cert stores when cert with given parameters is needed or
- when certs chain is constructed (based on the OO.org patch)
-
-2005-02-27 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/mscrypto/app.h include/xmlsec/mscrypto/x509.h
- src/mscrypto/app.c src/mscrypto/x509vfy.c:
- added function to add custom MS cert stores
- to the xmlsec-mscrypto default keys manager
- (based on the OO.org patch).
-
-2005-02-22 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/*: updated docs
-
-2005-02-22 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/index.html docs/news.html include/xmlsec/templates.h
- src/templates.c: added functions to create <X509Data/> node
- children in the signature template
-
-2005-02-22 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/bn.c src/mscrypto/crypto.c src/mscrypto/x509.c
- src/mscrypto/x509vfy.c tests/testDSig.sh
- tests/aleksey-xmldsig-01/x509data-sn-test.tmpl
- tests/aleksey-xmldsig-01/x509data-sn-test.xml
- tests/keys/README tests/keys/*: support for
- negative serial numbers, mscrypto cleanup
-
-2005-02-21 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/* docs/api/* man/*: updated docs
-
-2005-02-21 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in, docs/download.html, docs/index.html, docs/news.html,
- include/xmlsec/version.h: preparing new release 1.2.7
-
-2005-01-26 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/bn.c: fixed xmlSecBnFromString function (patch from Michael Mi)
-
-2004-11-08 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/keysmngr.h src/keysmngr.c: added
- xmlSecSimpleKeysStoreGetKeys() function
-
-2004-11-07 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/xmltree.c: fixed xmlSecGenerateID
-
-2004-10-27 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/dl.c: set dl memory functions before initialization (from
- Daniel Vogelheim patch)
-
-2004-10-14 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/x509vfy.c: fixed bug #155329 (parsing quoted values
- in the certificate subject)
-
-2004-09-18 Aleksey Sanin <aleksey@aleksey.com>
- * config.h.in configure.in inlude/xmlsec/private.h src/xmltree.c:
- use xmlParseInNodeContext function to parse encrypted text in
- xmlSecReplaceNodeBuffer, this bumps libxml2 requirements to 2.6.12
- (bug #142358)
-
-2004-08-25 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html
- docs/news.html include/xmlsec/version.h: preparing
- new release
-
-2004-06-21 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/app.h include/xmlsec/gnutls/app.h
- src/app.c src/gnutls/app.c src/skeleton/app.c: added functions
- to load keys and certificates from memory (Bernd Becker)
-
-2004-06-21 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/bn.c: keep a '0' character when we remove '0' from the beggining
-
-2004-06-17 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/xmlenc.c: added NULL check
- * src/xmltree.c: fixed memory leak
-
-2004-06-16 Aleksey Sanin <aleksey@aleksey.com>
-
- * Fixed xmlSecTmplNodeWriteNsList() function
-
-2004-06-09 Igor Zlatkovic <igor@zlatkovic.com>
-
- * win32/configure.js win32/Makefile.* minor changes for the new
- layout of the Windows binary package
-
-2004-05-13 Aleksey Sanin <aleksey@aleksey.com>
-
- * examples/xmldsigverify.c: disable extended debug output
- (fixed a hole found by Pawel)
-
-2004-04-19 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/nodeset.c: fixing C14N bug with processing namespaces from attributes
-
-2004-04-13 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html docs/news.html:
- 1.2.5 release preparation
-
-2004-03-16 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/strings.h src/mscrypto/certkeys.c
- src/nss/pkikeys.c src/openssl/evp.c src/strings.c: added J node
- for DSAKeyValue
- * tests/phaos-xmldsig-three/* tests/testDSig.sh: added new
- phaos-xmldsig-three XMLDSig tests vectors
-
-Mon Feb 23 17:44:29 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * examples/xkms-server.c: finished xkms-server example
-
-Thu Feb 19 16:01:38 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * examples/.cvsignore examples/Makefile examples/Makefile.w32
- examples/xkms-server.c: started work on xkms server example
-
-Thu Feb 19 12:32:55 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/xkms.h include/xmlsec/xmltree.h src/xkms.c
- src/xmlsec.c src/xmltree.c: added ID attribute generation for xkms
- * tests/aleksey-xkms-01/* tests/testXKMS.sh: modified xkms tests
- to ignore Id attribute in comparison
-
-Fri Feb 13 00:05:02 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in include/xmlsec/private.h: fixed libxslt configuration
- problem
-
-Mon Feb 9 08:40:26 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/xmltree.c: fixed bug with encrypting nodes with
- no content (reported by Tomas Seiger)
-
-Sat Feb 7 22:42:11 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/* src/* tests/*: added XKMS SOAP 1.2 bindings
-
-Thu Feb 5 23:37:24 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c include/* src/* tests/*: added XKMS SOAP 1.1 bindings
-
-Thu Feb 5 16:26:40 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: added new params for xkms
- * include/xmlsec/Makefile.am include/xmlsec/private/xkms.h:
- added new private xmlsec headers folder
- * include/xmlsec/xmltree.h src/xmltree.c: created code for
- reading/writing qname values
- * include/xmlsec/strings.h include/xmlsec/soap.h
- src/strings.h src/soap.c src/Makefile.am: created basic soap
- messages parsing framework
- * include/xmlsec/xkms.h src/xkms.c: added xkms request format
- enum and parameters
- * tests/aleksey-xkms-01/ tests/testXKMS.sh: added new tests
-
-Wed Feb 4 01:26:51 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: created new --xkms-format parameter
- (plain/soap-1.1/soap-1.2)
- * configure.in xmlsec.spec.in include/xmlsec/Makefile.am
- include/xmlsec/private/*: move internal xkms declarations to
- a newly created "xmlsec/private" includes folder
- * include/xmlsec/strings.h include/xmlsec/xkms.h
- src/strings.c src/xkms.c tests/testXKMS.sh: preparation for soap
- request/response suppport
-
-Tue Feb 3 22:44:36 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: combined xkms server commands into one
- * include/xmlsec/* src/*: added ValidateRequest/ValidateResult
- StatusRequest/StatusResult and CompoundRequest/CompoundResult
- * tests/aleksey-xkms-01/* tests/testXKMS.sh: added new negative
- test cases
-
-Tue Feb 3 18:12:10 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: added xkms server "expected service" param
- * include/xmlsec/* src/*: created errors fallback when processing
- xkms requests
- * tests/aleksey-xkms-01/* tests/testXKMS.sh: added more negative
- test cases
-
-Tue Feb 3 01:40:29 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: tweaked my debug environment
- * include/xmlsec/xmltree.h src/xmltree.c: created string2int and string2bitmap
- helper klasses
- * include/xmlsec/keys.h src/keyinfo.c src/keys.c: added KeyUseWith list
- to the KeyReq object
- * include/xmlsec/strings.h src/strings.c: added some xkms strings
- * include/xmlsec/xkms.h src/xkms.c: LocateRequest (except signatures)
- and most of LocateResult
-
-Mon Feb 2 16:55:13 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/xkms.h src/strings.c src/xkms.c: read xkms RequestAbstractType
- and write xkms ResponseQbstractType (no signatures)
- * Makefile.am tests/testXKMS.sh: created check-xkms target and script
- * tests/aleksey-xkms-01: even more keys (der/pkcs12 formats),
- "key not found" tests
-
-Mon Feb 2 13:12:07 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c include/xmlsec/xkms.h include/xmlsec/xmlsec.h src/xkms.c:
- updated xkms schemas from xkms 2.0, renamed a couple functions
-
- * tests/aleksey-xkms-01: copied new examples from xkms 2.0 spec
- and created keys for using with these examples
-
-Mon Jan 26 11:48:42 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html docs/news.html
- include/xmlsec/version.h: preparation for 1.2.4 release
- * docs/related.html: added link to PyXmlSec project
-
-Fri Jan 23 16:30:38 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/xmlsec-man.html man/xmlsec1-config.1 man/xmlsec1.1
- xmlsec-config.in: make xmlsec1-config man page generic
-
-Fri Jan 23 09:34:10 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: and one more config bug from John
-
-Thu Jan 22 16:24:44 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: and one more gnutls configuration bug from John
-
-Thu 22 Jan 2004 10:56:33 AM PST <aleksey@aleksey.com>
-
- * src/buffer.c src/list.c: don' pass NULL to xmlRealloc()
-
-Mon Jan 12 13:05:18 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * examples/encrypt3.c include/xmlsec/crypto.h include/xmlsec/nss: make
- exmaples compile with nss (again reported by John)
-
-Mon Jan 12 10:30:24 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * xmlsec-config.in: fixed nss configuration bug (reproted by John)
-
-Sat Jan 10 19:03:17 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in src/gnutls/ciphers.c src/gnutls/digests.c src/gnutls/hmac.c:
- restored support for gnutls < 1.0 by request from John
-
-Mon Jan 5 12:55:44 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html
- docs/news.html docs/xmlsec-man.html include/xmlsec/version.h
- man/xmlsec1-config.1 man/xmlsec1.1: preparing 1.2.3 release
-
-Mon Jan 5 12:42:52 2004 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in src/gnutls/ciphers.c src/gnutls/digests.c
- src/gnutls/hmac.c: upgraded gnutls to 1.0.4 (bug #129190)
-
-Thu 13 Nov 2003 08:19:55 AM PST <aleksey@aleksey.com>
-
- * src/mscrypto/app.c: fixed non-initialized values (Glenn)
-
-2003-11-11 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/download.html docs/index.html docs/news.html
- man/xmlsec1.1: preparing 1.2.2 release
-
-Mon Nov 10 21:22:36 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/bn.c: fixed xmlSecBnToDecString problem (reported by Edward)
-
-Thu Nov 6 22:52:57 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: use pkgconfig for configuration if possible
- (based on Daniel's idea)
- * include/xmlsec/private.h include/xmlsec/xmltree.h
- src/errors.c src/openssl/app.c: made xmlSecStrPrintf and
- xmlSecStrVPrintf declarations private to xmlsec to fix
- examples build failure
-
-Wed Nov 5 14:19:11 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: fixed "--with-html-doc" option (patch from Daniel)
-
-Wed Nov 5 13:39:47 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: fixed "--with-mozilla-ver" option for ./configure
- script (patch from Daniel)
-
-Wed Oct 29 07:55:17 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in include/xmlsec/xmltree.h src/dl.c
- src/errors.c src/mscrypto/crypto.c src/nss/crypto.c
- src/openssl/app.c: fixed snprintf and vsnprintf warnings (bug #125684)
-
-Mon Oct 20 19:34:35 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: created "--with-html-dir" option
- to specify docs installation path
-
-Mon Oct 20 08:40:46 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: load correct static openssl library when
- more than one one openssl version is available (patch
- from Roumen, bug #124534)
-
-Mon Oct 13 19:43:52 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html docs/news.html
- include/xmlsec/version.h: new 1.2.1 release
-
-Mon Oct 13 19:29:55 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/Makefile.am: added support for XMLSEC_DOCDIR
- environment variable to ./configure script and removed *.sgml
- files from docs installation
-
-Sat Oct 11 21:16:54 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/strings.h include/xmlsec/templates.h
- src/strings.c src/templates.c: added template functions
- for creating <enc:KeyReference/> and <enc:DataReference/>
- nodes (based on patch from Wouter)
-
-Thu 09 Oct 2003 03:59:02 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * src/nodeset.c src/transforms.c: don't ignore nodes on the document
- root element level (bug #124245)
-
-Sun Oct 5 01:05:30 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/transforms.h include/xmlsec/xmldsig.h
- src/transforms.c src/xmldsig.c src/xpath.c apps/xmlsec.c
- docs/faq.html: implemented Visa 3D hack to process some
- URI attributes without XPath/XInclude engines
-
-Thu Oct 2 10:28:59 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/dl.c src/openssl/app.c src/openssl/x509vfy.c: fixing
- compilation warnings reported in bug #123692
-
-Wed Oct 1 19:05:13 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/gnutls/README src/mscrypto/README src/nss/README
- src/openssl/README: updated README files
-
-Wed 01 Oct 2003 09:11:58 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/dl.h: moved closing bracket for "extern "C"
- a couple lines up to be in the right place (bug #123640)
-
-Mon 29 Sep 2003 07:27:14 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/download.html docs/index.html docs/news.html: preparation
- for 1.2.0 release
-
-Mon 29 Sep 2003 07:07:07 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * src/mscrypto: 2nd code review pass
-
-Sat Sep 27 18:31:20 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/openssl/crypto.h src/openssl/app.c
- src/openssl/crypto.c src/openssl/x509vfy.c: added "default trusted certs"
- folder and make it an input parameter to xmlSecOpenSSLAppInit method.
- * examples/xmldsigverify.c: make use of this change
-
-Sat 27 Sep 2003 05:23:41 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * examples/ docs/tests/ docs/ : created new xmldsigverify script
- and upgraded tests
-
-Fri 26 Sep 2003 05:27:08 PM PDT Aleksey Sanin <aleksey@aleksey.com>
- * src/mscrypto/ include/xmlsec/mscrypto/ : added API documentation
- from Wouter
- * docs/ : re-run the docs generation to pickup the new documentation
-
-Thu Sep 25 23:10:19 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/authors.html: added "authors and contributors" page
- * docs/ man/: regenerated docs to include xmlsec-mscrypto and link to new
- authors.html page
- * include/ src/: api reference documentation updates
-
-Thu Sep 25 20:47:11 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/keysdata.h: introduced new cert-pem and cert-der
- key formats (public key in a certificate)
- * include/xmlsec/nss/app.h nclude/xmlsec/nss/x509.h
- include/xmlsec/openssl/app.h include/xmlsec/openssl/x509.h
- src/nss/app.c src/nss/crypto.c src/nss/x509.c
- src/openssl/app.c src/openssl/x509.c
- src/mscrypto/app.c: implemented support for new formats
- in OpenSSL, NSS and MSCrypto
- * apps/xmlsec.c: added "--pubkey-cert-pem" and "--pubkey-cert-der" options
- * tests/testDSig.sh tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der:
- use certificate for public keys
-
-Thu 25 Sep 2003 05:51:37 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * include/ src/ win32/ docs/ Makefile.am configure.in: merging
- from XMLSEC_MSCRYPTO_083103 branch - new xmlsec-mscrypto library
- implemented by Wouter, general functions for reading keys and certs
- from memory (openssl/nss/mscrypto), default error callback for nss,
- moving private keys in 01-phaos-enc tests to pkcs12 file.
-
-Thu Sep 25 11:39:22 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: added root nodes namespaces registration
- for "--node-xpath" command line option processing (by request
- from Jan-Olof)
-
-Sat 20 Sep 2003 11:19:14 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * HACKING: added more info about hacking with xmlsec
-
-Tue Sep 16 11:28:03 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/download.html docs/index.html docs/news.html: preparation
- for 1.1.2 release
-
-Tue Sep 16 02:28:41 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/Makefile.am: link xmlsec lib with dl librarias
-
-Sun 14 Sep 2003 02:13:51 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * tests/testEnc.sh: added "--session-key <key>" paramater
- to all tests with <EncryptedKey/> (problem reported by Wouter)
-
-Fri 12 Sep 2003 09:43:21 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/buffer.h src/buffer.c: added functions to convert
- binary buffer to hex string and vice versa (based on patch from Remy)
-
-Thu Sep 11 17:08:15 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/Makefile.am src/dl.c src/xmlsec-ltdl.h src/xmlsec-ltdl.patch
- win32/Makefile.msvc: use ltdl on Windows too
-
-Thu Sep 11 16:39:18 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/ltdl.* src/Makefile.am: upgraded to ltdl from libtool 1.4
-
-Wed Sep 10 18:12:52 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * xmlsec.spec.in: separated xmlsec and xmlsec-devel RPM
- pacakges into xmlsec, xmlsec-openssl, xmlsec-devel and xmlsec-openssl-devel
-
-Wed Sep 10 13:19:10 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/version.h include/xmlsec/version.h.in
- include/xmlsec/xmlsec.h src/xmlsec.c
- src/gnutls/crypto.c src/nss/crypto.c
- src/openssl/crypto.c src/skeleton/crypto.c:
- apps/xmlsec.c examples/*.c
- docs/api/chapters/init-and-shutdown.sgml: implemented new
- function and macroses to check loaded xmlsec library
- version from xmlsec-crypto libraries and apps
-
-Wed Sep 10 12:36:17 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/dl.c win32/Makefile.msvc win32/mycfg.bat: implemented
- dynamic xmlsec-crypto libraries loading for Windows
-
-Wed Sep 10 00:02:55 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am configure.in xmlsec-config.in xmlsec.pc.in: added
- support for xmlsec-crypto DL mode in xmlsec.pc and xmlsec-config files
-
- * examples/*: added support for xmlsec-crypto DL mode to examples
-
- * include/xmlsec/app.h include/xmlsec/private.h
- include/xmlsec/version.h include/xmlsec/x509.h
- src/app.c src/x509.c src/xkms.c: new API reference documentation
-
- * docs/* man/* : included info about xmlsec-crypto DL mode in
- tutorial and re-build docs to include new api reference docs
-
- * tests/testDSig.sh tests/testEnc.sh tests/testKeys.sh: added
- additional information printout
-
- * win32/Makefile.msvc: excluded XKMS from windows builds
-
-Tue Sep 9 16:14:01 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * win32/Makefile.msvc win32/configure.js win32/mycfg.bat win32/mycfg_nss.bat:
- windows build cleanup (bug #121579)
-
-Tue Sep 9 12:52:00 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am apps/* configure.in include/* src/* tests/*: implemented
- loading xmlsec-crypto libraries as plugins (bug #121579)
- * win32/: change build to allow building of more than one
- xmlsec-crypto library (bug #121579)
-
-Sun 24 Aug 2003 05:20:14 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/faq.html: upgraded licenses FAQ section to include
- information about xmlsec-nss and xmlsec-gnutls
-
-Fri Aug 22 11:06:28 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * win32/Makefile.msvc: fixed linkinig problem on Windows (bug #120498)
-
-Fri Aug 22 09:54:04 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in include/xmlsec/errors.h: determine if __FUNCTION__ or
- __func__ are defined from ./configure script. This should fix bug #120469
- and prevent this problem from happening in the future.
- * src/c14n.c src/openssl/kt_rsa.c src/transforms.c: fixed minor
- warnings because of using strcmp, strchr, etc. functions with xmlChar*
- variables by switching to xmlStrcmp, xmlStrchr, etc. (also bug #120469)
-
-Wed Aug 20 21:26:00 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/api/sgml/version.sgml docs/api/xmlsec-version.html
- docs/index.html docs/news.html docs/xmlsec-man.html
- include/xmlsec/version.h man/xmlsec1-config.1 man/xmlsec1.1: new 1.1.1
- release preparation
- * docs/*: re-run docs generation/formatting
-
-Fri Aug 8 22:18:45 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/xpath.c: register namespaces before processing XPointer
- expression in the URI attribute (bug #119462, reported by Steve)
-
-Fri Aug 8 09:06:53 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/keys.h src/keys.c: added xmlsec-core functions to
- read keys from memory (patch from Joachim)
-
-Thu Aug 7 11:38:43 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/openssl/app.h src/openssl/app.c: added functions
- to read keys and certs in xmlsec-openssl from memory and BIOs
- (bug #119350, patch based on the code from Joachim)
-
-Wed Aug 6 08:57:20 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am configure.in xmlsec-gnutls.pc.in xmlsec-nss.pc.in
- xmlsec-openssl.pc.in xmlsecConf.sh.in:
- config bug fixing and improvements from Roumen
-
-Mon Aug 4 19:39:52 2003 Aleksey Sanin <aleksey@aleksey.com>i
-
- * include/xmlsec/Makefile.am include/xmlsec/x509.h src/Makefile.am
- src/x509.c src/openssl/x509.c win32/Makefile.msvc: moved code for
- reading X509Data node content from xmlsec-openssl to xmlsec-core
- to allow sharing with xmlsec-nss
- * src/nss/README src/nss/x509.c: added X509Data templates support
- for xmslec-nss (bug #118636, based on patch from Tej)
-
-Mon 04 Aug 2003 04:06:02 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * docs: rebuilding docs to get nss api reference
-
-Mon Aug 4 14:47:02 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am xmlsec.spec.in: added HACKING file to the distribution
- * docs/download.html docs/index.html docs/news.html: updated docs
- for new 1.1.0 release
-
-Wed Jul 30 18:35:15 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * xmlsec-gnutls.pc.in xmlsec-nss.pc.in xmlsec-openssl.pc.in: and
- one more change for the same bug #118685 - don't put "crypto"
- in version, use xmlsec1-crypto name instead of xmlsec-crypto,
- don't include nss flags and libs for xmlsec1-nss.pc
-
-Wed Jul 30 15:23:17 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am configure.in xmlsec-gnutls.pc.in xmlsec-nss.pc.in
- xmlsec-openssl.pc.in xmlsec.pc.in: more *.pc files fixes
- for the same bug #118685
-
-Wed Jul 30 11:49:20 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am configure.in xmlsec-gnutls.pc.in xmlsec-nss.pc.in
- xmlsec-openssl.pc.in: created separate *.pc files for xmlsec-crypto
- libraries (bug #118685 reported by John)
-
-Tue Jul 29 20:20:33 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/nss/README: created xmlsec bugs for remian xmlsec-nss problems
-
-Tue 29 Jul 2003 07:41:18 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * src/ include/ docs/ man/ configure.in: merged xmlsec-nss
- from the branch (Tej)
-
-Tue Jul 29 08:44:24 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/x509.c: minor patches for errors (Roumen)
- * src/xmltree.c: fixed xmlIsEmptyNode() to return false
- if there is an element child
-
-Mon Jul 28 12:02:40 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/keyinfo.h: added XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE flag
- * include/xmlsec/xmltree.h src/xmltree.c: added xmlSecIsEmptyNode and
- xmlSecIsEmptyString functions
- * src/openssl/x509.c: added an ability to write complex X509Data node
- content (based on patch from Roumen)
- * tests/testDSig.sh tests/aleksey-xmldsig-01/x509data-test.*: new test for
- complex X509Data node writing
- * tests/keys/ca2key.p12 tests/keys/dsakey.p12 tests/keys/rsakey.p12: new
- pkcs12 keys for tests
-
-Sun 20 Jul 2003 08:10:53 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/ include/ src/ docs/api/ Copyright: updated copyrights
- everywhere
-
-Fri 18 Jul 2003 10:30:33 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * HACKING: added a coding and commiting rules
-
-Wed 16 Jul 2003 10:11:23 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * examples/README, examples/binary.dat: added examples of using
- command line tool
-
-Wed 16 Jul 2003 12:50:00 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * examples/myw32make.bat win32/mycfg-nss.bat: rename these
- files to clear exec bit (John)
-
- * man/Makefile.am: use "--no-info" option in help2man
-
-Mon Jul 14 11:06:16 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/api/sgml/version.sgml docs/download.html
- docs/api/xmlsec-version.html docs/index.html docs/news.html
- docs/xmlsec-man.html include/xmlsec/version.h man/xmlsec1-config.1
- man/xmlsec1.1: preparation for 1.0.4 release
- * docs/api/xmlsec-notes-encrypt.html docs/api/xmlsec-notes-sign.html:
- fixed a mistype
- * docs/extra/xmlsec_oscon_2003.ppt: minor update
-
-Fri Jul 11 13:33:28 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am: fixed builddir != sourcedir one more time (use abs_top_*
- instead of top_*)
- * configure.in: upgraded mozilla search path to 1.4
-
-Mon 07 Jul 2003 08:05:18 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/apps.c src/openssl/x509.c src/openssl/x509vfy.c: fixed
- sk_push() return value check problem (reported by Roumen)
-
-Mon 07 Jul 2003 07:02:46 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am: fixed test suite problem when builddir != srcdir
- (reported by Roumen)
-
-Thu Jul 3 07:57:25 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/x509vfy.c: added a const word to suppress
- warnings (Roumen)
-
-Wed Jul 2 08:53:50 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/x509vfy.c: fixed certificates subject
- comparison function to handle multiple occurence
- of entries with the same value (bug report from
- Roumen)
-
-Tue Jun 17 19:22:17 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/download.html: fixing links to tarballs for local
- files (requested by John)
-
- * examples/myw32make.bat win32/mycfg-nss.bat: clearing exec bit
-
-Mon Jun 16 10:43:34 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html docs/news.html
- docs/xmlsec-man.html include/xmlsec/version.h man/xmlsec1-config.1
- man/xmlsec1.1: new 1.0.3 version preparation
-
- * docs/Makefile.am docs/api-0.0.x/*: fixed second level links
- processing
-
- * docs/api/sgml/* docs/api/tmpl/* docs/api/*: added new API calls
-
-Mon Jun 16 09:20:53 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: fixed NSS config bug #115297
-
-Sun Jun 8 20:08:42 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: fix for 'make distclean'
-
-Sat Jun 7 20:35:25 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am apps/* include/xmlsec/keysdata.h src/openssl/app.c tests/*:
- added PKCS#8 support (based on Tej's patch)
-
-Fri Jun 6 14:53:25 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/x509.c: skip ASN1 time check for OpenSSL 0.9.6
-
-Thu Jun 5 19:32:12 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/*: fixing online verifier link
-
-Wed Jun 4 19:12:21 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: added _ALL_SOURCE define for aix
-
-Wed Jun 4 08:25:46 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/x509.c: fix my_gmtime function
-
-Mon 02 Jun 2003 09:38:13 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * removed debian folder
-
-Sun Jun 1 20:30:08 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html docs/news.html
- docs/xmlsec-man.html include/xmlsec/version.h man/xmlsec1-config.1
- man/xmlsec1.1: preparing 1.0.2 release.
- * docs/xmldsig-verifier.html: point online verifier to web site
-
-Thu May 29 17:15:04 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/gnutls/Makefile.am src/nss/Makefile.am
- src/openssl/Makefile.am src/skeleton/Makefile.am: don't use GCC
- options in Makefiles
-
-Tue May 27 20:12:41 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in xmlsec-config.in xmlsecConf.sh.in
- src/gnutls/Makefile.am src/nss/Makefile.am src/openssl/Makefile.am:
- change xmlsec-config script to let user specify crypto engine
- (requested by John Belmonte)
-
-Sun May 25 22:01:45 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c docs/xmlsec-man.html man/xmlsec1-config.1 man/xmlsec1.1:
- fixed help typo (reported by John Belmonte)
- * examples/README: removed obsolete autoconf information (reported by John Belmonte)
- * configure.in: added /usr/include/mozilla to NSS include path search list (reported by John Belmonte)
-
-Thu May 15 03:08:18 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/crypto.c apps/crypto.h apps/xmlsec.c: added command line
- options to support DER keys and certs format (Tej)
- * Makefile.am: use DER format for all tests
- * tests/testDSig.sh tests/testEnc.sh tests/testKeys.sh: added a new
- command line option "key-format" with possible values "der" or "pem"
- * tests/*/*.der tests/merlin-xmldsig-twenty-three/certs/*.crt:
- converted PEM keys and certs to DER format, removed *.crt files that
- used to have DER certificates (Tej)
- * tests/merlin-xmlenc-five/*.p8: re-added *.p8 files with '-kb' option
-
-Mon 12 May 2003 01:38:11 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: use '-rpath-link' instead '-rpath' for NSS (Wan-Teh)
-
-Mon May 12 10:01:30 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: link with NSS using -rpath (Tej)
-
-Mon May 5 08:00:31 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in: new configuration options for NSS (Tej)
- * src/nss/app.c src/nss/ciphers.c src/nss/crypto.c
- src/nss/digests.c src/nss/hmac.c: use NSS style includes (Tej)
-
-Fri 02 May 2003 12:00:47 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/app.c: adopt instead of copy the key cert
- from pkcs12 fil
-
-Thu May 1 08:17:06 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/xmltree.h src/xmltree.c src/keysmngr.c:
- created a new function to quickly create a doc with one root node
- * src/list.c: fixed bug in xmlPtrListEmpty() function
- * src/xkms.c: created framework for Locate request/result processing
-
-Wed Apr 30 16:31:10 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/strings.h src/strings.c: added strings
- for XKMS (XKISS) Locate request/result
-
-Wed Apr 30 01:01:06 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * config.h.in configure.in: added check for timegm function
- * include/xmlsec/keys.h
- * include/xmlsec/xkms.h src/xkms.c apps/xmlsec.c: framework
- for xmlSecXkmsLocate/Validate functions
- * src/keys.c src/openssl/x509.c: added notValidBefore and
- notValidAfter time frame to xmlSecKey
- * src/xmldsig.c src/xmlenc.c: added "output" asserts to
- the *DebugDump() and *DebugXmlDump() functions
- * tests/aleksey-xkms-01/locate-compound.xml
- tests/aleksey-xkms-01/locate-key-from-usewith.xml
- tests/aleksey-xkms-01/locate-keyvalue-from-x509.xml
- tests/aleksey-xkms-01/readme.txt: XKMS test cases
-
-Tue Apr 29 16:37:18 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in include/xmlsec/Makefile.am include/xmlsec/strings.h
- include/xmlsec/xkms.h include/xmlsec/xmlsec.h
- src/Makefile.am src/strings.c src/xkms.c apps/xmlsec.c: first
- XKMS framework (disabled by default)
-
-Mon Apr 28 21:13:03 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/download.html docs/index.html docs/news.html: preparing
- 1.0.1 release.
-
-Sun Apr 27 18:05:23 2003 Igor Zlatkovic <igor@zlatkovic.com>
-
- * win32/Makefile.msvc: defined _REENTRANT to enable compilation
- with threaded libxml2
-
-Thu Apr 24 08:15:32 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * config.h.in configure.in include/xmlsec/xmlsec.h: use
- '#define' instead of 'typedef' for the new xmlSecSize and
- xmlSecByte types in order to keep ABI
-
-Tue Apr 22 13:51:33 2003 Igor Zlatkovic <igor@zlatkovic.com>
-
- * win32/configure.js: updated the email address in the generated
- readme.txt file.
-
-Sun 20 Apr 2003 03:12:02 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/*: updated docs with new xmlSecByte and xmlSecSize types
- * configure.in include/xmlsec/version.h: upgraded version to 1.0.1
-
-Sun 20 Apr 2003 02:57:06 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * src/* include/* apps/*: replaced 'unsigned char' with xmlSecByte
- typedefed to 'unsigned char' to make happy OpenBSD on sparc64
- * examples/*: replaced configure.in with simple Makefile to
- prevent problems on different platforms
-
-Sun 20 Apr 2003 02:37:41 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * src/* include/* apps/*: replaced size_t with xmlSecSize
- typedefed to 'unsigned int' to make happy OpenBSD on sparc64
-
-Sat Apr 19 01:08:30 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/openssl/kw_des.c src/openssl/signatures.c:
- included openssl/sha.h to help OpenBSD port
-
-Wed 26 Mar 2003 01:43:24 AM PST Aleksey Sanin <aleksey@aleksey.com>
-
- * docs: 0.1.1 release
-
-Wed Mar 19 22:56:49 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in include/xmlsec/version.h
- docs/download.html docs/index.html docs/news.html
- xmlsec.pc xmlsec.spec: 0.0.14 release
-
-Wed Mar 19 10:59:41 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: force Signature or EncryptedData node
- selection when specifing start node from xmlsec tool
- command line
-
-Mon Mar 10 07:59:55 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/transforms.c: fixed Reference URI evaluation for
- the "xmlns()xpointer()" construction
-
-Wed Mar 5 19:43:43 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/index.html docs/news.html: new 0.1.0 release
-
-Mon Feb 24 10:04:36 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/xmltree.c src/xslt.c: fixed bug in xmlSecTransformXsltAdd
-
-Fri Feb 21 13:06:44 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in include/xmlsec/version.h
- docs/download.html docs/index.html docs/news.html
- xmlsec.pc xmlsec.spec: 0.0.13 release
-
-Fri Feb 21 12:59:48 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/transforms.c: fixed incorrect processing of more than
- 3 binary transforms in a row
-
-Mon Feb 17 09:34:12 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/api/* include/xmlsec/xmldsig.h
- src/keysmngr.c src/xmldsig.c: minor documentation bug fixes
- based on Jesse Pelton's email
-
-Fri Feb 14 12:44:48 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/x509.c: set "verified" cert when loading pkcs12 file.
-
-Wed Feb 5 09:49:30 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c include/xmlsec/keysmngr.h
- src/keysmngr.c src/x509.c: provide an ability
- to specify max cert verification depth
- (based on patch from Jean-Etienne SCHWARTZ)
-
-Sun Jan 26 22:04:45 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * config.h.in configure.in include/xmlsec/version.h
- docs/news.html docs/download.html docs/index.html
- xmlsec.pc xmlsec.spec: preparation for 0.0.12 release
-
-Sun Jan 26 21:39:56 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/digests.h src/hmac.c: fixed 91 bits HMAC
- bug reported by Rich Salz and Jonathan Wenocur
- * tests/aleksey-xmldsig-01/dtd-hmac-91.dtd
- tests/aleksey-xmldsig-01/dtd-hmac-91.tmpl
- tests/aleksey-xmldsig-01/dtd-hmac-91.xml
- * tests/testDSig.sh: the test case for 91 bits HMAC bug
- from Rich Salz and Jonathan Wenocur
- * apps/xmlsec.c: fixing minor compile warnings for
- the external DTD patch
-
-Sun Jan 26 18:19:49 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/aes.c src/ciphers.c src/des.c: fixed bug with
- EVP ciphers for OpenSSL 0.9.7 when last block was not
- processed for padding
- * tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.data
- tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.tmpl
- tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.xml
- tests/testEnc.sh: new test case for the bug fixed above
-
-Wed Jan 22 11:37:36 2003 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c man/xmlsec.xml: applied patch from Rich Salz
- to allo external DTD specification for the xmlsec application
-
-Mon 30 Dec 2002 09:52:58 AM PST Aleksey Sanin <aleksey@aleksey.com
- * configure.in docs/examples/dsig1/Makefile docs/examples/dsig2/Makefile
- docs/examples/dsig3/Makefile docs/examples/dsig4/Makefile
- docs/examples/dsig5/Makefile docs/examples/enc1/Makefile
- docs/examples/enc2/Makefile src/Makefile.am: fixed bug #102196 --
- Sun CC does ot have -WAll and -ansi options
- * include/xmlsec/errors.h: fixed bug #102194 -- Sun CC does not have
- __FUNCTION__ macro
-
-Sat Dec 21 22:47:33 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: added "--node-xpath" option for specifing
- the operation "start node" (code based on patch from
- Ferrell Moultrie (ISSAtlanta)
- * src/transforms.c: fixed minor compilation warnings
- * src/x509.c: certs and crls are base64 encoded with 60 characters
- lines size (bug #101523)
-
-Mon Dec 2 23:38:34 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * config.h.in configure.in include/xmlsec/version.h
- docs/news.html docs/download.html docs/index.html
- xmlsec.pc xmlsec.spec: new 0.0.11 release updates
- * scripts/build_release.sh scripts/push_release.sh
- scripts/test_release.sh: checking in build scripts I am using
-
-Thu Nov 28 11:57:17 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: print detailed help report only when
- user requests it; don't fail if key is not generated
- when algorithm is disabled
-
-
-Thu Nov 28 10:44:06 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/transforms.c: fixed a bug in numeric references evaluation
- reported by Ingo Fischer
-
-Wed Oct 30 17:14:03 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * config.h.in configure.in: do not add -I/usr/include
- or -L/usr/lib if OpenSSL happens to be there
- (patch proposed by Scott Cantor)
-
-Mon Oct 21 11:28:01 CEST 2002 Igor Zlatkovic <igor@stud.fh-frankfurt.de>
-
- * include/xmlsec/errors.h: fixed the __FUNCTION__ macro logic
-
-2002-10-20 Aleksey Sanin <aleksey@aleksey.com>
-
- * config.h.in configure.in include/xmlsec/version.h
- xmlsec.pc xmlsec.spec docs/download.html
- docs/index.html docs/news.html: preparing 0.0.10 release
-
-Sun 13 Oct 2002 09:37:38 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in apps/Makefile.am: added dynamic linking option
- by request from John Belmonte
-
-Fri Oct 11 09:13:27 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * tests/testDSig.sh configure.in apps/xmlsec.c: applied patch from
- Ferrell Moultrie and removed strptime() function usage completelly
- * include/xmlsec/errors.h src/errors.c src/x509.c: added more
- error to the cert verification
-
-Thu Oct 10 00:44:36 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl
- tests/aleksey-xmldsig-01/enveloping-expired-cert.xml
- tests/keys/expired.crt tests/keys/expired.csr tests/keys/expired.key
- tests/testDSig.sh: added test case to verify the new "expired cert" feature
-
-Wed Oct 9 23:09:46 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c include/xmlsec/x509.h src/keysmngr.c
- src/x509.c: added support for certificate verification parameter
- when OpenSSL 0.9.6 is used
-
-Wed Oct 9 20:58:58 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/keyinfo.h include/xmlsec/keys.h
- include/xmlsec/keysmngr.h include/xmlsec/x509.h
- include/xmlsec/xmldsig.h include/xmlsec/xmlenc.h
- src/keyinfo.c src/keys.c src/keysmngr.c
- src/x509.c src/xmldsig.c src/xmlenc.c: added certificates
- verification time parameter as it was suggested in the
- xmlsec mailing list
- * apps/xmlsec.c: added "--verification-time" parameter
- * config.h.in configure.in: added necessary check for
- strptime() function
-
-Mon Oct 7 19:22:11 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: added "--output" option to spefcify output file
- * docs/xmlsec-man.html man/create.sh man/xmlsec.1 man/xmlsec.xml:
- changed the docs to reflect new "--output" option
- * tests/testDSig.sh tests/testEnc.sh: changed tests to use new
- "--output" option
- * configure.in xmlsec.pc xmlsec.spec: minor config changes
-
-Sun Sep 29 20:12:17 CEST 2002 Igor Zlatkovic <igor@stud.fh-frankfurt.de>
-
- * win32/Makefile.msvc: resolved further static link issues.
-
-Sat Sep 28 19:14:40 CEST 2002 Igor Zlatkovic <igor@stud.fh-frankfurt.de>
-
- * include/xmlsec/errors.h: added MSVC to the list of compilers with
- the predefined __FUNCTION__ macro.
- * include/xmlsec/xmlsec.h: resolved XMLSEC_EXPORT mess.
- * win32/Makefile.msvc: introduced a double-run compilation, resolved
- the static link problems.
- * win32/configure.js: added the iconv=yes|no option, important when
- linking statically to libxml.
-
-Wed 25 Sep 2002 21:28:21 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/x509.h src/x509.c: opened xmlSecX509Data
- structure by request from Moultrie, Ferrell
-
-Wed 04 Sep 2002 06:54:23 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * src/errors.c: aplied a patch from Ferrell Moultrie (additional
- errors strings for OpenSSL errors functions)
-
-Tue 03 Sep 2002 06:24:57 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * xmlsec-config.in: fixed a bug when xslt is not available
-
-Mon 02 Sep 2002 12:20:03 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/*: added LibXML2, LibXSLT and OpenSSL logos
-
-Sat Aug 31 17:12:56 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/keys.h include/xmlsec/x509.h
- include/xmlsec/xmldsig.h include/xmlsec/xmlenc.h
- src/keys.c src/x509.c src/xmldsig.c src/xmlenc.c:
- added new function *DebugXmlDump() to print debug info
- in XML format
- * apps/xmlsec.c man/xmlsec.1 man/xmlsec.xml: added new
- options '--print-xml' and '-print-to-file'
-
-Sat 31 Aug 2002 03:43:20 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/examples: added a new dsig example from Devin Heitmueller
-
-Thu 29 Aug 2002 01:48:35 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/examples/dsig3 docs/examples/dsig4: fixed minor problems
-
-Thu 29 Aug 2002 08:52:02 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: fixed minor copy/paste typo (thanks to Devin Heitmueller)
-
-Wed 28 Aug 2002 04:22:10 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs: new 0.0.9 release to fix release packaging problems
-
-Fri Aug 23 10:54:39 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * configure.in docs/download.html docs/index.html docs/news.html:
- New 0.0.8 release.
-
-Thu Aug 15 21:08:41 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/api/* include/xmlsec/Makefile.am include/xmlsec/xpath.h
- src/xpath.c: removed xpath "here()" function declaration
- from global view and xpath.h file, rebuilt docs.
-
-Thu 15 Aug 2002 08:45:26 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/api/* src/* include/xmlsec/*: finished writing
- documentation for 370+ internal and external symbols
-
-Thu 15 Aug 2002 08:14:50 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * tests/keys/README: applied patch from <xafilac@gmx.de>
- (bug #90824)
-
-Wed Aug 14 19:38:56 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * NEWS README: minor updates
- * docs/documentation.html docs/xmlsec-man.html man/Makefile.am:
- published xmlsec utility man page
-
-Wed Aug 14 19:27:09 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/api/* include/xmlsec/base64.h include/xmlsec/bn.h
- include/xmlsec/transforms.h src/aes.c src/base64.c
- src/bn.c src/buffered.c src/c14n.c src/ciphers.c
- src/des.c src/digests.c src/dsa.c src/enveloped.c
- src/xmltree.c: and more and more documentation
-
-Wed Aug 14 17:32:23 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/api/* include/xmlsec/transforms.h
- include/xmlsec/transformsInternal.h include/xmlsec/version.h
- include/xmlsec/version.h.in src/errors.c src/xpath.c:
- and more documentation...
-
-Wed Aug 14 16:30:44 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/api/* include/xmlsec/keyinfo.h include/xmlsec/keys.h
- include/xmlsec/keysmngr.h include/xmlsec/xmldsig.h
- include/xmlsec/xmlenc.h src/debug.c src/keyinfo.c
- src/keys.c src/keysmngr.c src/xmldsig.c src/xmlenc.c
- tests/keys.xml: more documentation...
-
-Wed Aug 14 13:08:32 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * docs/api/* include/xmlsec/errors.h include/xmlsec/xmldsig.h
- include/xmlsec/xmlenc.h src/errors.c src/xmldsig.c
- src/xmlenc.c src/xmlsec.c: added comments and rebuild documentation
- * docs/faq.html: update FAQ
-
-Wed 14 Aug 2002 09:44:31 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c: fixed random numbers initialization
-
-Tue 13 Aug 2002 09:11:45 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * win32/* src/errors.c apps/xmlsec.c: made required changes
- to support new stuff in win32 port
-
-Tue Aug 13 13:59:32 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * apps/xmlsec.c configure.in src/ciphers.c src/des.c src/dsa.c
- src/hmac.c src/rsa.c: replaced XMLSEC_OPENSSL097 define with
- XMLSEC_OPENSSL096 define
- * docs/api/*: updated docs with new errors reporting functions
-
-Tue 13 Aug 2002 01:36:16 PM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/errors.h src/*.c configure.in: changed
- error reporting system and updated all files accordingly
-
-Thu 08 Aug 2002 10:56:56 AM PDT Aleksey Sanin <aleksey@aleksey.com>
-
- * src/xpath.c: removed XPointer support from XPath 2 filter
-
-Wed Aug 7 14:32:44 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/transforms.h include/xmlsec/xmlsec.h
- src/transforms.c src/xmlsec.c src/xpath.c: added XPointer
- transform (Additional XML Security URIs)
- * tests/aleksey-xmldsig-01/xpointer-hmac.tmpl
- tests/aleksey-xmldsig-01/xpointer-hmac.xml
- tests/merlin-xpath-filter2-three/sign-xfdl.tmpl
- tests/testDSig.sh: test cases for XPointer transform
-
-
-Wed Aug 7 01:08:13 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * src/transforms.c src/xmldsig.c src/xmlenc.c: full
- xpointers support in Reference URIs is added
- * include/xmlsec/xmltree.h src/xmltree.c src/xmlsec.c
- apps/xmlsec.c : removed the IDs hack
- * docs/xmldsig-interop.html: added full XPointers support
- * tests/*: added ID attribute declaration when necessary
-
-Tue Aug 6 09:51:54 2002 Aleksey Sanin <aleksey@aleksey.com>
- * docs/api: updated docs with new stuff
- * man/xmlsec-config.1: fixed minor problems in help file
- * include/xmlsec/nodeset.h src/enveloped.c src/nodeset.c
- src/transforms.c src/xmldsig.c src/xpath.c: changed new
- functions names
-
-Mon Aug 5 22:55:05 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am tests/testDSig.sh tests/testEnc.sh: added
- 'perfcheck' flag to the Makefile for performance testing
-
-Mon Aug 5 21:11:41 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * include/xmlsec/nodeset.h include/xmlsec/transforms.h
- src/enveloped.c src/nodeset.c src/xpath.c: new node set
- code improved performaance (8-10 times!!!)
-
-Mon Aug 5 17:58:31 2002 Aleksey Sanin <aleksey@aleksey.com>
- * Makefile.am configure.in src/xpathalt.c:
- Removed alt xpath trasnform implementation as outdated
- * include/xmlsec/nodeset.h src/nodeset.c
- src/Makefile.am include/xmlsec/Makefile.am
- include/xmlsec/transforms.h include/xmlsec/transformsInternal.h
- src/transforms.c include/xmlsec/xmltree.h src/xmltree.c
- src/c14n.c src/enveloped.c src/xmldsig.c
- src/xpath.c: create xmlsec specific nodes set object
- and start using it everythere
- * src/x509.c: updated the code to use new openssl 0.9.7 builds
-
-Wed Jul 31 23:38:18 2002 Aleksey Sanin <aleksey@aleksey.com>
-
- * Makefile.am configure.in: added "enable-profiling" config option
- * docs/download.html docs/index.html src/c14n.c:
- starting XPath and enveloped transforms performance improvements
- * tests/Makefile.am tests/merlin-c14n-three/* tests/testDSig.sh:
- added one more Merlin's test suite for exc-c14n
-
-Wed Jul 31 15:56:17 2002 Aleksey Sanin <aleksey@aleksey.com>
- * apps/xmlsec.c src/xpath.c tests/testDSig.sh: improved
- XPath2 performance
-
-Wed Jul 31 11:45:09 2002 Aleksey Sanin <aleksey@aleksey.com>
- * include/xmlsec/xmlsec.h src/keyinfo.c src/xmlsec.c src/xpath.c
- tests/Makefile.am tests/testDSig.sh tests/merlin-xpath-filter2-three:
- updated XPath2 transform implementation according to the
- latest spec and added Merlin's tests for it
-
-Thu 18 Jul 2002 08:51:16 AM PDT Aleksey Sanin <aleksey@aleksey.com>
- * src/x509.c: fixed problems with using self-signed certs
- for signatures
-
-Thu Jul 11 19:30:31 2002 Aleksey Sanin <aleksey@aleksey.com>
- * Makefile.am configure.in xmlsec.spec.in xmlsec.pc xmlsec.pc.in:
- Add pkgconfig script
-
- * tests/Makefile.am tests/testDSig.sh tests/testEnc.sh tests/testKeys.sh:
- more fixes for dist
-
-Thu Jul 11 17:17:22 2002 Aleksey Sanin <aleksey@aleksey.com>
- * configure.in src/Makefile.am tests/Makefile.am: fixed
- minor dist bugs
-
-Thu Jul 11 11:47:14 2002 Aleksey Sanin <aleksey@aleksey.com>
- * Makefile.am docs/* docs/api/*: added faq and documentation
- pages
-
-Thu Jul 11 9:19:45 2002 Aleksey Sanin <aleksey@aleksey.com>
- * Makefile.am configure.in docs/api/*: added API docs
- generation
-
-Wed Jul 10 21:39:59 2002 Aleksey Sanin <aleksey@aleksey.com>
- * AUTHORS Makefile.am debian/* : added Debian packaging scripts from
- John Belmonte <jvb@prairienet.org>
-
-Wed Jul 10 21:24:43 2002 Aleksey Sanin <aleksey@aleksey.com>
- * include/xmlsec/*.h src/*.c: some comments added
-
-Wed Jul 10 18:06:12 2002 Aleksey Sanin <aleksey@aleksey.com>
- * Makefile.am config.h.in configure.in man/* xmlsec.spec.in:
- man pages for xmlsec and xmlsec-config were added
- * apps/xmlsec.c: "--version" and "--help" options added
-
-Wed Jul 10 21:41:21 2002 Igor Zlatkovic <igor@stud.fh-frankfurt.de>
- * win32/Makefile.msvc: Fixed minor typos, static link flags
- and bindist target
- * apps/xmlsec.c: Added snprintf -> _snprintf mapping for MS
- C-runtime
-
-Wed Jul 10 8:45:23 2002 Aleksey Sanin <aleksey@aleksey.com>
- * configure.in docs/* : 0.0.7 release
-
-Fri Jun 21 00:48:52 2002 Aleksey Sanin <aleksey@aleksey.com>
- * Makefile.am configure.in: added win32 folder to the
- distribution
-
-2002-06-20 Aleksey Sanin <aleksey@aleksey.com>
- * apps/xmlsec.c: added password protected pem files
- support
-
-2002-06-19 Aleksey Sanin <aleksey@aleksey.com>
- * include/xmlsec/xmltree.h src/xmlsec.c src/xmltree.c:
- fixed ID attribute bug found by Sascha Breite
-
-Mon Jun 3 21:18:54 2002 Aleksey Sanin <aleksey@aleksey.com>
- * src/enveloped.c: improved performance
-
-Thu May 30 21:29:21 2002 Aleksey Sanin <aleksey@aleksey.com>
- * src/xmltree.c: propagating XPath fix from LibXML2
-
-Wed May 29 21:28:13 2002 Aleksey Sanin <aleksey@aleksey.com>
- * apps/xmlsec.c include/xmlsec/keysmngr.h include/xmlsec/x509.h
- src/keysmngr.c src/x509.c tests/keys.xml: pkcs12 support added
-
-Wed 29 May 2002 12:07:35 AM PDT Aleksey Sanin <aleksey@aleksey.com>
- *: merged 0.0.6 release from local CVS
- *: win32 port
- *: xpath filter2
- *: custom network handlers
-
-Mon 29 Apr 2002 12:07:35 AM PDT Aleksey Sanin <aleksey@aleksey.com>
- *: Significant API re-factoring (make it more simple and consistent)
- *: added symmetric Key Wrappers support (AES, DES)
- *: added RIPEMD-160 support
-
-Sat 30 Mar 2002 12:55:30 AM PST Aleksey Sanin <aleksey@aleksey.com>
- *: Finished x509 supprot
- *: Added functions to create signature "on-the-fly"
- *: Updated examples and docs
- *: Fixed header files installation bug
-
-Wed 27 Mar 2002 11:20:42 PM PST Aleksey Sanin <aleksey@aleksey.com>
- *: Added x509 verification support and a skeleton for x509
- x509 based signatures
-
-Tue 26 Mar 2002 06:30:10 PM PST Aleksey Sanin <aleksey@aleksey.com>
- *: The result of operation (sign/verify) is returned in the
- list of xmlDSigSignature objects. Application can examine
- the key and signature method, content just before digesting or
- signing, etc. and decide what to do with it.
- *: The Transform and KeyInfo code was significantly re-written and
- separated from the XMLDSig code with a goal to reuse in in
- XML Signature or whatever.
- *: Added support for RetrievalMethod and Manifests (pretty simple
- adter the first change because both are based on Transforms)
- *: Added XSLT support (based on libxslt from Daniel Veillard)
-
+https://www.aleksey.com/xmlsec/news.html
- Rules for commits on the xmlsec module
- =========================================
+If you are interesting in contributing to XMLSec, then consider sending a PR on github:
-0) DO NOT COMMIT DIRECTLY !
-If you have a patch send a mail to xmlsec@aleksey.com mailing
-list (you must be subscribed to the list, go to
-http://www.aleksey.com/mailman/listinfo/xmlsec to subscribe).
-
-If there is a problem in xmlsec module that prevents you
-from building other major components then feel free to patch
-first and then send a mail. This is an EXCEPTIONAL case and
-you should be VERY carefull when you are doing this.
-
-Igor Zlatkovic get an exception for the send before commit rule.
-
-1) Coding style.
- - Formatting. Just for clarification, the formating is:
-
- tab size=8;indentation=4;insert spaces=yes
-
- - Use explicit "!= NULL", "!= 0", etc. This makes code
- easier to read and remove warnings on some platform.
- Example:
- BAD:
- if(a)
- GOOD:
- if(a != NULL)
- or
- if(a != 0)
-
- - Put figure brackets '{}' even if you have only one operator
- in "if", "for", etc. This also makes code easier to read and
- saves a lot of time when you need to quickly change something.
- Example:
- BAD:
- if(a != NULL)
- xmlFree(a);
- GOOD:
- if(a != NULL) {
- xmlFree(a);
- }
-
- - Use round brackets '()' in conditions to show the precedence order.
- I don't remember what goes first '<<' or '*', do you?
- Example:
- BAD:
- if(privkey == NULL || pubkey == NULL)
- GOOD:
- if((privkey == NULL) || (pubkey == NULL))
-
- - Use round brackets '()' for "return".
- Example:
- BAD:
- return 0;
- GOOD:
- return(0);
-
- - Check for warnings! Use "--enable-pedantic" option
- for "configure.in" script to enable as much warnings as possible.
- Your patch should produce no new warnings and if you'll
- see something that you can fix, then do it.
-
- - Check for memory leaks. There is a built in support for
- valgrind (http://devel-home.kde.org/~sewardj/). In order to use it,
- use "enable_static_linking" option for "configure.in" script to
- force static linking of xmlsec command line utility and run
- "make memcheck" from the top xmlsec source folder. The results are printed
- at the end. More detailed logs could be found in /tmp/test*.log files.
-
-2) Coding practice
- - You should trust nobody! Anyone can fool you: user or another application
- might provide you incorrect data; call to xmlsec or system function might
- fail with an error code; worse, the same call might fail but the return
- code is "success" and so on. The patch fixes a lot of places where the
- original code failed to check input data or function return values.
- One of my favorite examples is the code that *silently* assumed that
- base64 decoded value of a RSA public exponent obtained from XML fits
- in a DWORD. And after that the code did memcpy to copy from xmlSecBuffer
- to a DWORD variable *without* checking how much data are actualy copied!
- The trivial DoS attack (at least DoS!!!) is to put very long base64 string
- in XML file and enjoy the server crash.
- One of the strongest sides of xmlsec library is that there are very few
- known ways to crash it (and all of them are related to running the
- application in an environment with a very limited memory to force a malloc
- failure). To be a little paranoid is good in this context :)
-
- - malloc/free vs. xmlMalloc/xmlFree
- xmlsec library use libxml2 memory management functions. This provides an
- easy way to replace default memory management functions with custom ones.
- And this might be very usefull in some cases.
- Note that crypto library might use a different memory management
- functions! Be very carefully to do not mix them (i.e. get memory
- allocated by crypto library function and free it with xmFree).
-
- - Errors reporting (XMLSEC_ERRORS_R_XMLSEC_FAILED vs. XMLSEC_ERRORS_R_CRYPTO_FAILED)
- The correct usage rule is:
- if the failed function starts with "xmlSec" then use
- xmlSecInternalError() aka XMLSEC_ERRORS_R_XMLSEC_FAILED
- else if it is xmlMalloc/xmlFree/etc then use
- xmlSecMallocError() aka XMLSEC_ERRORS_R_MALLOC_FAILED
- else if the function starts with "xml" or "xslt" (i.e. it comes
- from libxml or libxslt) then use
- xmlSecXmlError/xmlSecXmlParserError aka XMLSEC_ERRORS_R_XML_FAILED
- else if it is related to IO (fopen, fread, fwrite, etc.) then use
- XMLSEC_ERRORS_R_IO_FAILED
- else if the function could be used only from xmlsec-crypto (i.e.
- it is crypto engine related) then use
- xmlSecOpenSSLError/... aka XMLSEC_ERRORS_R_CRYPTO_FAILED
- else if there is another reason (invalid data, invalid size, etc.)
- corresponding error reason should be used
- else
- it is something new and should be discussed
- fi
- Correct error reason is very important. For example, some applications
- ignore all the XMLSEC_ERRORS_R_XMLSEC_FAILED errors to get to the bottom of
- the errors stack and report the actual problem.
-
- - Errors reporting: "size=%d;error=%d" instead of "size %d, error: %d":
- It would be great if xmlsec-crypto libraries can follow the error message
- standard adopted in the other files of xmlsec library:
- "<name1>=<value1>;<name2>=<value2>;..."
- This greatly helps when one needs to write a logs parser. For example, to
- find the reason of memory allocation failures.
-
-3) Preparing and submitting a patch.
-If you want to submit a patch please create a pull request on GitHub and then
- send your pull request along with a short description of the problem or feature
- you are fixing/implementing to the xmlsec@aleksey.com mailing list
- (you must be subscribed to the list, go to http://www.aleksey.com/mailman/listinfo/xmlsec to subscribe).
- If you are fixing a bug, it might be a good idea to create a GitHub ticket first
- (http://www.aleksey.com/xmlsec/bugs.html) for the record.
-
-4) Building a release
-- Cleanup, make sure no other changes are pending
- - make distclean
- - git status
-- Update Changelog
-- Write about release changes in the release
- - docs/index.html and docs/news.html
-- Update release number in
- - configure.in (2 places at the top)
- - docs/download.html
-- Create build
- - ./autogen.sh
- - make
-- Build docs (watch for errors!)
- - make docs
-- Commit the "prepare for X.Y.Z" release
- - git commit -m"prepare for X.Y.Z release" -a
-- Run tests, make sure everything is OK
- - make check
-- Build release
- - sudo ./scripts/build_release.sh
-- Extract tar file, make sure it works
- - cd /tmp
- - tar xvfz /usr/src/redhat/SOURCE/xmlsec1-X.Y.z.tar.gz
- - cd xmlsec1-X.Y.z
- - ./configure
- - make
- - make check
-- Copy tar file to FTP/Web Download
-- Copy docs/ folder to Web folder
-- Write an announcement email to xmlsec@aleksey.com
-- Update freshmeat.net
-- Relax
-
-
-
-
-
-
-
-
-
-
+https://github.com/lsh123/xmlsec
--- /dev/null
+See README.md
+
ChangeLog \
Copyright \
HACKING \
+ README.md \
xmlsec-openssl.pc.in \
xmlsec-nss.pc.in\
xmlsec-gnutls.pc.in \
ABS_SRCDIR=@abs_srcdir@
ABS_BUILDDIR=@abs_builddir@
+XMLSEC_OPENSSL_TEST_CONFIG=@OPENSSL_TEST_CONFIG@
if XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING
PRECHECK_COMMANDS = \
+ export XMLSEC_OPENSSL_TEST_CONFIG="$(XMLSEC_OPENSSL_TEST_CONFIG)" && \
cd $(ABS_SRCDIR) \
$(NULL)
else
PRECHECK_COMMANDS= \
- export LD_LIBRARY_PATH="$(ABS_BUILDDIR)/src/.libs:$$LD_LIBRARY_PATH" ; \
+ export XMLSEC_OPENSSL_TEST_CONFIG="$(XMLSEC_OPENSSL_TEST_CONFIG)" && \
+ export LD_LIBRARY_PATH="$(ABS_BUILDDIR)/src/.libs:$$LD_LIBRARY_PATH" && \
for i in $(XMLSEC_CRYPTO_LIST) ; do \
- export LTDL_LIBRARY_PATH="$(ABS_BUILDDIR)/src/$$i/.libs:$$LTDL_LIBRARY_PATH" ; \
+ export LTDL_LIBRARY_PATH="$(ABS_BUILDDIR)/src/$$i/.libs:$$LTDL_LIBRARY_PATH" ; \
done && \
cd $(ABS_SRCDIR) \
- $(NULL)
+ $(NULL)
endif
CHECK_CRYPTO_LIST = \
$(XMLSEC_CRYPTO_LIST) \
docs: docs-man
@(cd docs && $(MAKE) docs)
-docs-clean:
+docs-clean:
@(cd docs && $(MAKE) clean)
-docs-man:
+docs-man:
@(cd man && $(MAKE) docs)
check: check-all check-info
-check-all: $(TEST_APP)
+check-all: $(TEST_APP)
for crypto in $(CHECK_CRYPTO_LIST) ; do \
make check-crypto-$$crypto || exit 1 ; \
done
-check-crypto-%: $(TEST_APP)
+check-crypto-%: $(TEST_APP)
@($(PRECHECK_COMMANDS) && \
- echo "=================== Checking xmlsec-$* =================================" && \
- $(SHELL) ./tests/testrun.sh \
- $(ABS_SRCDIR)/tests/testKeys.sh \
- $* \
- $(ABS_SRCDIR)/tests \
- $(ABS_BUILDDIR)/$(TEST_APP) der \
- && \
- $(SHELL) ./tests/testrun.sh \
- $(ABS_SRCDIR)/tests/testDSig.sh \
- $* \
- $(ABS_SRCDIR)/tests \
- $(ABS_BUILDDIR)/$(TEST_APP) \
- der \
- && \
- $(SHELL) ./tests/testrun.sh \
- $(ABS_SRCDIR)/tests/testEnc.sh \
- $* \
- $(ABS_SRCDIR)/tests \
- $(ABS_BUILDDIR)/$(TEST_APP) \
- der \
- ; \
+ echo "=================== Checking xmlsec-$* =================================" && \
+ $(SHELL) ./tests/testrun.sh \
+ $(ABS_SRCDIR)/tests/testKeys.sh \
+ $* \
+ $(ABS_SRCDIR)/tests \
+ $(ABS_BUILDDIR)/$(TEST_APP) der \
+ && \
+ $(SHELL) ./tests/testrun.sh \
+ $(ABS_SRCDIR)/tests/testDSig.sh \
+ $* \
+ $(ABS_SRCDIR)/tests \
+ $(ABS_BUILDDIR)/$(TEST_APP) \
+ der \
+ && \
+ $(SHELL) ./tests/testrun.sh \
+ $(ABS_SRCDIR)/tests/testEnc.sh \
+ $* \
+ $(ABS_SRCDIR)/tests \
+ $(ABS_BUILDDIR)/$(TEST_APP) \
+ der \
+ ; \
)
-
+
check-info:
@echo "---------------------------- ATTENTION -----------------------------------"
@echo "--- Some of the tests use resources located on external HTTP servers. ---"
der \
)
-check-dsig: $(TEST_APP)
+check-dsig: $(TEST_APP)
@($(PRECHECK_COMMANDS) && \
$(SHELL) ./tests/testrun.sh \
$(ABS_SRCDIR)/tests/testDSig.sh \
der \
)
-check-enc: $(TEST_APP)
+check-enc: $(TEST_APP)
@($(PRECHECK_COMMANDS) && \
$(SHELL) ./tests/testrun.sh \
$(ABS_SRCDIR)/tests/testEnc.sh \
memcheck: $(TEST_APP)
@(export DEBUG_MEMORY=1 && $(MAKE) check && $(MAKE) memcheck-res)
+memcheck-crypto-%: $(TEST_APP)
+ @(export DEBUG_MEMORY=1 && $(MAKE) check-crypto-$* && $(MAKE) memcheck-res)
+
perfcheck: $(TEST_APP)
@(export PERF_TEST=10 && $(MAKE) check)
@(unset CDPATH && rpmbuild -ta $(distdir).tar.gz)
rpm-release: clean cleantar rpm
-
+
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@XMLSEC_APPS_TRUE@am__append_1 = apps
+@XMLSEC_MANS_TRUE@am__append_2 = man
+@XMLSEC_DOCS_TRUE@am__append_3 = docs
+subdir = .
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(top_srcdir)/configure \
+ $(am__configure_deps) $(am__DIST_COMMON)
+am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
+ configure.lineno config.status.lineno
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = config.h
+CONFIG_CLEAN_FILES = xmlsec1.pc xmlsec1-openssl.pc xmlsec1-gnutls.pc \
+ xmlsec1-gcrypt.pc xmlsec1-nss.pc xmlsec1.spec xmlsec1Conf.sh \
+ xmlsec1-config
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(confexecdir)" \
+ "$(DESTDIR)$(m4datadir)" "$(DESTDIR)$(pkgconfigdir)"
+SCRIPTS = $(bin_SCRIPTS)
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+ ctags-recursive dvi-recursive html-recursive info-recursive \
+ install-data-recursive install-dvi-recursive \
+ install-exec-recursive install-html-recursive \
+ install-info-recursive install-pdf-recursive \
+ install-ps-recursive install-recursive installcheck-recursive \
+ installdirs-recursive pdf-recursive ps-recursive \
+ tags-recursive uninstall-recursive
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+DATA = $(confexec_DATA) $(m4data_DATA) $(pkgconfig_DATA)
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+am__recursive_targets = \
+ $(RECURSIVE_TARGETS) \
+ $(RECURSIVE_CLEAN_TARGETS) \
+ $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
+ cscope distdir distdir-am dist dist-all distcheck
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) \
+ config.h.in
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+DIST_SUBDIRS = include src apps man docs
+am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in \
+ $(srcdir)/xmlsec-config.in $(srcdir)/xmlsec-gcrypt.pc.in \
+ $(srcdir)/xmlsec-gnutls.pc.in $(srcdir)/xmlsec-nss.pc.in \
+ $(srcdir)/xmlsec-openssl.pc.in $(srcdir)/xmlsec.pc.in \
+ $(srcdir)/xmlsec.spec.in $(srcdir)/xmlsecConf.sh.in AUTHORS \
+ COPYING ChangeLog INSTALL NEWS README.md TODO compile \
+ config.guess config.sub depcomp install-sh ltmain.sh missing
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+distdir = $(PACKAGE)-$(VERSION)
+top_distdir = $(distdir)
+am__remove_distdir = \
+ if test -d "$(distdir)"; then \
+ find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \
+ && rm -rf "$(distdir)" \
+ || { sleep 5 && rm -rf "$(distdir)"; }; \
+ else :; fi
+am__post_remove_distdir = $(am__remove_distdir)
+am__relativize = \
+ dir0=`pwd`; \
+ sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+ sed_rest='s,^[^/]*/*,,'; \
+ sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+ sed_butlast='s,/*[^/]*$$,,'; \
+ while test -n "$$dir1"; do \
+ first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+ if test "$$first" != "."; then \
+ if test "$$first" = ".."; then \
+ dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+ dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+ else \
+ first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+ if test "$$first2" = "$$first"; then \
+ dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+ else \
+ dir2="../$$dir2"; \
+ fi; \
+ dir0="$$dir0"/"$$first"; \
+ fi; \
+ fi; \
+ dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+ done; \
+ reldir="$$dir2"
+DIST_ARCHIVES = $(distdir).tar.gz
+GZIP_ENV = --best
+DIST_TARGETS = dist-gzip
+# Exists only to be overridden by the user if desired.
+AM_DISTCHECK_DVI_TARGET = dvi
+distuninstallcheck_listfiles = find . -type f -print
+am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \
+ | sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$'
+distcleancheck_listfiles = find . -type f -print
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+SAFE_VERSION = @XMLSEC_VERSION_SAFE@
+SUBDIRS = include src $(am__append_1) $(am__append_2) $(am__append_3)
+TEST_APP = apps/xmlsec1$(EXEEXT)
+DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+bin_SCRIPTS = xmlsec1-config
+pkgconfig_DATA = xmlsec1.pc @XMLSEC_CRYPTO_PC_FILES_LIST@
+pkgconfigdir = $(libdir)/pkgconfig
+confexecdir = $(libdir)
+confexec_DATA = xmlsec1Conf.sh
+m4datadir = $(datadir)/aclocal
+m4data_DATA = xmlsec1.m4
+ACLOCAL_AMFLAGS = -I m4
+DISTCLEANFILES = \
+ xmlsec1Conf.sh \
+ xmlsec1.pc \
+ xmlsec1-openssl.pc \
+ xmlsec1-nss.pc \
+ xmlsec1-gnutls.pc \
+ xmlsec1-gcrypt.pc \
+ xmlsec1-config \
+ xmlsec1.spec \
+ stamp-h2 \
+ stamp-h3 \
+ stamp-h4 \
+ stamp-h5 \
+ $NULL
+
+EXTRA_DIST = \
+ m4 \
+ examples \
+ scripts \
+ tests \
+ win32 \
+ NEWS \
+ ChangeLog \
+ Copyright \
+ HACKING \
+ README.md \
+ xmlsec-openssl.pc.in \
+ xmlsec-nss.pc.in\
+ xmlsec-gnutls.pc.in \
+ xmlsec-gcrypt.pc.in \
+ xmlsec-config.in \
+ xmlsecConf.sh.in \
+ xmlsec.spec.in \
+ xmlsec1Conf.sh \
+ xmlsec1.pc @XMLSEC_CRYPTO_PC_FILES_LIST@ \
+ xmlsec1-config \
+ xmlsec1.spec \
+ xmlsec1.m4 \
+ $(NULL)
+
+EXTRA_CLEAN = \
+ examples \
+ $(NULL)
+
+ABS_SRCDIR = @abs_srcdir@
+ABS_BUILDDIR = @abs_builddir@
+XMLSEC_OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@PRECHECK_COMMANDS = \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ export XMLSEC_OPENSSL_TEST_CONFIG="$(XMLSEC_OPENSSL_TEST_CONFIG)" && \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ export LD_LIBRARY_PATH="$(ABS_BUILDDIR)/src/.libs:$$LD_LIBRARY_PATH" && \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ for i in $(XMLSEC_CRYPTO_LIST) ; do \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ export LTDL_LIBRARY_PATH="$(ABS_BUILDDIR)/src/$$i/.libs:$$LTDL_LIBRARY_PATH" ; \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ done && \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ cd $(ABS_SRCDIR) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(NULL)
+
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@PRECHECK_COMMANDS = \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ export XMLSEC_OPENSSL_TEST_CONFIG="$(XMLSEC_OPENSSL_TEST_CONFIG)" && \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ cd $(ABS_SRCDIR) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(NULL)
+
+CHECK_CRYPTO_LIST = \
+ $(XMLSEC_CRYPTO_LIST) \
+ $(NULL)
+
+all: config.h
+ $(MAKE) $(AM_MAKEFLAGS) all-recursive
+
+.SUFFIXES:
+am--refresh: Makefile
+ @:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \
+ $(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ echo ' $(SHELL) ./config.status'; \
+ $(SHELL) ./config.status;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ $(SHELL) ./config.status --recheck
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ $(am__cd) $(srcdir) && $(AUTOCONF)
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS)
+$(am__aclocal_m4_deps):
+
+config.h: stamp-h1
+ @test -f $@ || rm -f stamp-h1
+ @test -f $@ || $(MAKE) $(AM_MAKEFLAGS) stamp-h1
+
+stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
+ @rm -f stamp-h1
+ cd $(top_builddir) && $(SHELL) ./config.status config.h
+$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ ($(am__cd) $(top_srcdir) && $(AUTOHEADER))
+ rm -f stamp-h1
+ touch $@
+
+distclean-hdr:
+ -rm -f config.h stamp-h1
+xmlsec1.pc: $(top_builddir)/config.status $(srcdir)/xmlsec.pc.in
+ cd $(top_builddir) && $(SHELL) ./config.status $@
+xmlsec1-openssl.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-openssl.pc.in
+ cd $(top_builddir) && $(SHELL) ./config.status $@
+xmlsec1-gnutls.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-gnutls.pc.in
+ cd $(top_builddir) && $(SHELL) ./config.status $@
+xmlsec1-gcrypt.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-gcrypt.pc.in
+ cd $(top_builddir) && $(SHELL) ./config.status $@
+xmlsec1-nss.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-nss.pc.in
+ cd $(top_builddir) && $(SHELL) ./config.status $@
+xmlsec1.spec: $(top_builddir)/config.status $(srcdir)/xmlsec.spec.in
+ cd $(top_builddir) && $(SHELL) ./config.status $@
+xmlsec1Conf.sh: $(top_builddir)/config.status $(srcdir)/xmlsecConf.sh.in
+ cd $(top_builddir) && $(SHELL) ./config.status $@
+xmlsec1-config: $(top_builddir)/config.status $(srcdir)/xmlsec-config.in
+ cd $(top_builddir) && $(SHELL) ./config.status $@
+install-binSCRIPTS: $(bin_SCRIPTS)
+ @$(NORMAL_INSTALL)
+ @list='$(bin_SCRIPTS)'; test -n "$(bindir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ if test -f "$$d$$p"; then echo "$$d$$p"; echo "$$p"; else :; fi; \
+ done | \
+ sed -e 'p;s,.*/,,;n' \
+ -e 'h;s|.*|.|' \
+ -e 'p;x;s,.*/,,;$(transform)' | sed 'N;N;N;s,\n, ,g' | \
+ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1; } \
+ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \
+ if ($$2 == $$4) { files[d] = files[d] " " $$1; \
+ if (++n[d] == $(am__install_max)) { \
+ print "f", d, files[d]; n[d] = 0; files[d] = "" } } \
+ else { print "f", d "/" $$4, $$1 } } \
+ END { for (d in files) print "f", d, files[d] }' | \
+ while read type dir files; do \
+ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \
+ test -z "$$files" || { \
+ echo " $(INSTALL_SCRIPT) $$files '$(DESTDIR)$(bindir)$$dir'"; \
+ $(INSTALL_SCRIPT) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \
+ } \
+ ; done
+
+uninstall-binSCRIPTS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(bin_SCRIPTS)'; test -n "$(bindir)" || exit 0; \
+ files=`for p in $$list; do echo "$$p"; done | \
+ sed -e 's,.*/,,;$(transform)'`; \
+ dir='$(DESTDIR)$(bindir)'; $(am__uninstall_files_from_dir)
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+distclean-libtool:
+ -rm -f libtool config.lt
+install-confexecDATA: $(confexec_DATA)
+ @$(NORMAL_INSTALL)
+ @list='$(confexec_DATA)'; test -n "$(confexecdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(confexecdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(confexecdir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(confexecdir)'"; \
+ $(INSTALL_DATA) $$files "$(DESTDIR)$(confexecdir)" || exit $$?; \
+ done
+
+uninstall-confexecDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(confexec_DATA)'; test -n "$(confexecdir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ dir='$(DESTDIR)$(confexecdir)'; $(am__uninstall_files_from_dir)
+install-m4dataDATA: $(m4data_DATA)
+ @$(NORMAL_INSTALL)
+ @list='$(m4data_DATA)'; test -n "$(m4datadir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(m4datadir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(m4datadir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(m4datadir)'"; \
+ $(INSTALL_DATA) $$files "$(DESTDIR)$(m4datadir)" || exit $$?; \
+ done
+
+uninstall-m4dataDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(m4data_DATA)'; test -n "$(m4datadir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ dir='$(DESTDIR)$(m4datadir)'; $(am__uninstall_files_from_dir)
+install-pkgconfigDATA: $(pkgconfig_DATA)
+ @$(NORMAL_INSTALL)
+ @list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(pkgconfigdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(pkgconfigdir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pkgconfigdir)'"; \
+ $(INSTALL_DATA) $$files "$(DESTDIR)$(pkgconfigdir)" || exit $$?; \
+ done
+
+uninstall-pkgconfigDATA:
+ @$(NORMAL_UNINSTALL)
+ @list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ dir='$(DESTDIR)$(pkgconfigdir)'; $(am__uninstall_files_from_dir)
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+# (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+ @fail=; \
+ if $(am__make_keepgoing); then \
+ failcom='fail=yes'; \
+ else \
+ failcom='exit 1'; \
+ fi; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-recursive
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-recursive
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscope: cscope.files
+ test ! -s cscope.files \
+ || $(CSCOPE) -b -q $(AM_CSCOPEFLAGS) $(CSCOPEFLAGS) -i cscope.files $(CSCOPE_ARGS)
+clean-cscope:
+ -rm -f cscope.files
+cscope.files: clean-cscope cscopelist
+cscopelist: cscopelist-recursive
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+ -rm -f cscope.out cscope.in.out cscope.po.out cscope.files
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ $(am__remove_distdir)
+ test -d "$(distdir)" || mkdir "$(distdir)"
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+ @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ $(am__make_dryrun) \
+ || test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+ $(am__relativize); \
+ new_distdir=$$reldir; \
+ dir1=$$subdir; dir2="$(top_distdir)"; \
+ $(am__relativize); \
+ new_top_distdir=$$reldir; \
+ echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
+ echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
+ ($(am__cd) $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$new_top_distdir" \
+ distdir="$$new_distdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ am__skip_mode_fix=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$(top_distdir)" distdir="$(distdir)" \
+ dist-hook
+ -test -n "$(am__skip_mode_fix)" \
+ || find "$(distdir)" -type d ! -perm -755 \
+ -exec chmod u+rwx,go+rx {} \; -o \
+ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \
+ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \
+ ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
+ || chmod -R a+r "$(distdir)"
+dist-gzip: distdir
+ tardir=$(distdir) && $(am__tar) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).tar.gz
+ $(am__post_remove_distdir)
+
+dist-bzip2: distdir
+ tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2
+ $(am__post_remove_distdir)
+
+dist-lzip: distdir
+ tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz
+ $(am__post_remove_distdir)
+
+dist-xz: distdir
+ tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz
+ $(am__post_remove_distdir)
+
+dist-zstd: distdir
+ tardir=$(distdir) && $(am__tar) | zstd -c $${ZSTD_CLEVEL-$${ZSTD_OPT--19}} >$(distdir).tar.zst
+ $(am__post_remove_distdir)
+
+dist-tarZ: distdir
+ @echo WARNING: "Support for distribution archives compressed with" \
+ "legacy program 'compress' is deprecated." >&2
+ @echo WARNING: "It will be removed altogether in Automake 2.0" >&2
+ tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z
+ $(am__post_remove_distdir)
+
+dist-shar: distdir
+ @echo WARNING: "Support for shar distribution archives is" \
+ "deprecated." >&2
+ @echo WARNING: "It will be removed altogether in Automake 2.0" >&2
+ shar $(distdir) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).shar.gz
+ $(am__post_remove_distdir)
+
+dist-zip: distdir
+ -rm -f $(distdir).zip
+ zip -rq $(distdir).zip $(distdir)
+ $(am__post_remove_distdir)
+
+dist dist-all:
+ $(MAKE) $(AM_MAKEFLAGS) $(DIST_TARGETS) am__post_remove_distdir='@:'
+ $(am__post_remove_distdir)
+
+# This target untars the dist file and tries a VPATH configuration. Then
+# it guarantees that the distribution is self-contained by making another
+# tarfile.
+distcheck: dist
+ case '$(DIST_ARCHIVES)' in \
+ *.tar.gz*) \
+ eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).tar.gz | $(am__untar) ;;\
+ *.tar.bz2*) \
+ bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
+ *.tar.lz*) \
+ lzip -dc $(distdir).tar.lz | $(am__untar) ;;\
+ *.tar.xz*) \
+ xz -dc $(distdir).tar.xz | $(am__untar) ;;\
+ *.tar.Z*) \
+ uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
+ *.shar.gz*) \
+ eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\
+ *.zip*) \
+ unzip $(distdir).zip ;;\
+ *.tar.zst*) \
+ zstd -dc $(distdir).tar.zst | $(am__untar) ;;\
+ esac
+ chmod -R a-w $(distdir)
+ chmod u+w $(distdir)
+ mkdir $(distdir)/_build $(distdir)/_build/sub $(distdir)/_inst
+ chmod a-w $(distdir)
+ test -d $(distdir)/_build || exit 0; \
+ dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \
+ && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \
+ && am__cwd=`pwd` \
+ && $(am__cd) $(distdir)/_build/sub \
+ && ../../configure \
+ $(AM_DISTCHECK_CONFIGURE_FLAGS) \
+ $(DISTCHECK_CONFIGURE_FLAGS) \
+ --srcdir=../.. --prefix="$$dc_install_base" \
+ && $(MAKE) $(AM_MAKEFLAGS) \
+ && $(MAKE) $(AM_MAKEFLAGS) $(AM_DISTCHECK_DVI_TARGET) \
+ && $(MAKE) $(AM_MAKEFLAGS) check \
+ && $(MAKE) $(AM_MAKEFLAGS) install \
+ && $(MAKE) $(AM_MAKEFLAGS) installcheck \
+ && $(MAKE) $(AM_MAKEFLAGS) uninstall \
+ && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \
+ distuninstallcheck \
+ && chmod -R a-w "$$dc_install_base" \
+ && ({ \
+ (cd ../.. && umask 077 && mkdir "$$dc_destdir") \
+ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \
+ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \
+ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \
+ distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \
+ } || { rm -rf "$$dc_destdir"; exit 1; }) \
+ && rm -rf "$$dc_destdir" \
+ && $(MAKE) $(AM_MAKEFLAGS) dist \
+ && rm -rf $(DIST_ARCHIVES) \
+ && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \
+ && cd "$$am__cwd" \
+ || exit 1
+ $(am__post_remove_distdir)
+ @(echo "$(distdir) archives ready for distribution: "; \
+ list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \
+ sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x'
+distuninstallcheck:
+ @test -n '$(distuninstallcheck_dir)' || { \
+ echo 'ERROR: trying to run $@ with an empty' \
+ '$$(distuninstallcheck_dir)' >&2; \
+ exit 1; \
+ }; \
+ $(am__cd) '$(distuninstallcheck_dir)' || { \
+ echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \
+ exit 1; \
+ }; \
+ test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \
+ || { echo "ERROR: files left after uninstall:" ; \
+ if test -n "$(DESTDIR)"; then \
+ echo " (check DESTDIR support)"; \
+ fi ; \
+ $(distuninstallcheck_listfiles) ; \
+ exit 1; } >&2
+distcleancheck: distclean
+ @if test '$(srcdir)' = . ; then \
+ echo "ERROR: distcleancheck can only run from a VPATH build" ; \
+ exit 1 ; \
+ fi
+ @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \
+ || { echo "ERROR: files left in build directory after distclean:" ; \
+ $(distcleancheck_listfiles) ; \
+ exit 1; } >&2
+check-am: all-am
+check: check-recursive
+all-am: Makefile $(SCRIPTS) $(DATA) config.h
+installdirs: installdirs-recursive
+installdirs-am:
+ for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(confexecdir)" "$(DESTDIR)$(m4datadir)" "$(DESTDIR)$(pkgconfigdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+ -test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -f $(am__CONFIG_DISTCLEAN_FILES)
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-hdr \
+ distclean-libtool distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+html-am:
+
+info: info-recursive
+
+info-am:
+
+install-data-am: install-m4dataDATA install-pkgconfigDATA
+
+install-dvi: install-dvi-recursive
+
+install-dvi-am:
+
+install-exec-am: install-binSCRIPTS install-confexecDATA
+
+install-html: install-html-recursive
+
+install-html-am:
+
+install-info: install-info-recursive
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-pdf-am:
+
+install-ps: install-ps-recursive
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -f $(am__CONFIG_DISTCLEAN_FILES)
+ -rm -rf $(top_srcdir)/autom4te.cache
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am: uninstall-binSCRIPTS uninstall-confexecDATA \
+ uninstall-m4dataDATA uninstall-pkgconfigDATA
+
+.MAKE: $(am__recursive_targets) all install-am install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \
+ am--refresh check check-am clean clean-cscope clean-generic \
+ clean-libtool cscope cscopelist-am ctags ctags-am dist \
+ dist-all dist-bzip2 dist-gzip dist-hook dist-lzip dist-shar \
+ dist-tarZ dist-xz dist-zip dist-zstd distcheck distclean \
+ distclean-generic distclean-hdr distclean-libtool \
+ distclean-tags distcleancheck distdir distuninstallcheck dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-binSCRIPTS install-confexecDATA install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-m4dataDATA install-man install-pdf \
+ install-pdf-am install-pkgconfigDATA install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ installdirs-am maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+ ps ps-am tags tags-am uninstall uninstall-am \
+ uninstall-binSCRIPTS uninstall-confexecDATA \
+ uninstall-m4dataDATA uninstall-pkgconfigDATA
+
+.PRECIOUS: Makefile
+
+
+docs: docs-man
+ @(cd docs && $(MAKE) docs)
+
+docs-clean:
+ @(cd docs && $(MAKE) clean)
+
+docs-man:
+ @(cd man && $(MAKE) docs)
+
+check: check-all check-info
+
+check-all: $(TEST_APP)
+ for crypto in $(CHECK_CRYPTO_LIST) ; do \
+ make check-crypto-$$crypto || exit 1 ; \
+ done
+
+check-crypto-%: $(TEST_APP)
+ @($(PRECHECK_COMMANDS) && \
+ echo "=================== Checking xmlsec-$* =================================" && \
+ $(SHELL) ./tests/testrun.sh \
+ $(ABS_SRCDIR)/tests/testKeys.sh \
+ $* \
+ $(ABS_SRCDIR)/tests \
+ $(ABS_BUILDDIR)/$(TEST_APP) der \
+ && \
+ $(SHELL) ./tests/testrun.sh \
+ $(ABS_SRCDIR)/tests/testDSig.sh \
+ $* \
+ $(ABS_SRCDIR)/tests \
+ $(ABS_BUILDDIR)/$(TEST_APP) \
+ der \
+ && \
+ $(SHELL) ./tests/testrun.sh \
+ $(ABS_SRCDIR)/tests/testEnc.sh \
+ $* \
+ $(ABS_SRCDIR)/tests \
+ $(ABS_BUILDDIR)/$(TEST_APP) \
+ der \
+ ; \
+ )
+
+check-info:
+ @echo "---------------------------- ATTENTION -----------------------------------"
+ @echo "--- Some of the tests use resources located on external HTTP servers. ---"
+ @echo "--- If you have no Internet connection or the external resource is not ---"
+ @echo "--- responding then the test will fail. ---"
+ @echo "---------------------------- ATTENTION -----------------------------------"
+
+check-keys: $(TEST_APP)
+ @($(PRECHECK_COMMANDS) && \
+ $(SHELL) ./tests/testrun.sh \
+ $(ABS_SRCDIR)/tests/testKeys.sh \
+ $(DEFAULT_CRYPTO) \
+ $(ABS_SRCDIR)/tests \
+ $(ABS_BUILDDIR)/$(TEST_APP) \
+ der \
+ )
+
+check-dsig: $(TEST_APP)
+ @($(PRECHECK_COMMANDS) && \
+ $(SHELL) ./tests/testrun.sh \
+ $(ABS_SRCDIR)/tests/testDSig.sh \
+ $(DEFAULT_CRYPTO) \
+ $(ABS_SRCDIR)/tests \
+ $(ABS_BUILDDIR)/$(TEST_APP) \
+ der \
+ )
+
+check-enc: $(TEST_APP)
+ @($(PRECHECK_COMMANDS) && \
+ $(SHELL) ./tests/testrun.sh \
+ $(ABS_SRCDIR)/tests/testEnc.sh \
+ $(DEFAULT_CRYPTO) \
+ $(ABS_SRCDIR)/tests \
+ $(ABS_BUILDDIR)/$(TEST_APP) \
+ der \
+ )
+
+memcheck-res:
+ @grep -i 'ERROR SUMMARY' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
+ @grep -i 'in use at exit' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
+ @grep -i 'definitely lost:' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
+ @grep -i 'indirectly lost:' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
+ @grep -i 'possibly lost:' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
+ @grep -i 'still reachable:' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
+
+memcheck: $(TEST_APP)
+ @(export DEBUG_MEMORY=1 && $(MAKE) check && $(MAKE) memcheck-res)
+
+memcheck-crypto-%: $(TEST_APP)
+ @(export DEBUG_MEMORY=1 && $(MAKE) check-crypto-$* && $(MAKE) memcheck-res)
+
+perfcheck: $(TEST_APP)
+ @(export PERF_TEST=10 && $(MAKE) check)
+
+dist-hook:
+
+cleantar:
+ @($(RM) -f xmlsec*.tar.gz COPYING.LIB)
+
+tar-release: clean cleantar
+ @(unset CDPATH && $(MAKE) dist)
+
+rpm: cleantar tar-release
+ @(unset CDPATH && rpmbuild -ta $(distdir).tar.gz)
+
+rpm-release: clean cleantar rpm
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
-Check ChangeLog file :)
\ No newline at end of file
+See https://www.aleksey.com/xmlsec/news.html
+++ /dev/null
-XMLSec Library
-----------------------------------------------
-
-XMLSec library provides C based implementation for major XML Security
-standards:
-
- * XML Signature Syntax and Processing
- https://www.w3.org/TR/xmldsig-core
-
- * XML Encryption Syntax and Processing
- https://www.w3.org/TR/xmlenc-core/
-
-XMLSec is based on well known LibXML (http://xmlsoft.org), LibXSLT
-(http://xmlsoft.org/XSLT) and OpenSSL (https://www.openssl.org) libraries.
-
-XMLSec library documentation is available here:
-
-https://www.aleksey.com/xmlsec/
-
-This code is released under the MIT Licence see the Copyright file.
-
-Aleksey Sanin <aleksey@aleksey.com>
-
--- /dev/null
+# XMLSec Library
+
+XMLSec library provides C based implementation for major XML Security
+standards:
+- [XML Signature Syntax and Processing](https://www.w3.org/TR/xmldsig-core)
+- [XML Encryption Syntax and Processing](https://www.w3.org/TR/xmlenc-core/)
+
+## Documentation
+Complete XMLSec library documentation is published on [XMLSec website](https://www.aleksey.com/xmlsec/).
+
+## License
+XMLSec library is released under the MIT Licence (see the [Copyright file](Copyright).
+
+## Building and installing XMLSec
+
+### Prerequisites
+XMLSec requires the following libraries:
+- [LibXML2](http://xmlsoft.org)
+- [LibXSLT](http://xmlsoft.org/XSLT/)
+
+And at least one of the following cryptographic libraries:
+- [OpenSSL](http://www.openssl.org)
+- [NSS](https://firefox-source-docs.mozilla.org/security/nss/index.html)
+- [GCrypt/GnuTLS](https://www.gnutls.org/)
+- MS Crypto API (Windows only)
+- MS Crypto API NG (Windows only)
+
+For example, the following packages need to be installed on Ubuntu to build
+XMLSec library:
+```
+ # common build tools
+ apt install automake autoconf libtool libtool-bin gcc
+
+ # ltdl is required to support dynamic crypto libs loading
+ apt install libltdl7 libltdl-dev
+
+ # core libxml2 and libxslt libraries
+ apt install libxml2 libxml2-dev libxslt1.1 libxslt1-dev
+
+ # openssl libraries
+ apt install libssl1.1 libssl-dev
+
+ # nspr/nss libraries
+ apt install libnspr4 libnspr4-dev libnss3 libnss3-dev libnss3-tools
+
+ # gcrypt/gnutls libraries
+ apt install libgcrypt20 libgcrypt20-dev libgnutls28-dev
+
+ # required for building man pages and docs
+ apt install help2man man2html gtk-doc-tools
+```
+
+### Building XMLSec on Linux, Unix, MacOSX, MinGW, Cygwin, etc
+
+To build and install XMLSec library on Unix-like systems run the following commands:
+
+```
+ gunzip -c xmlsec1-xxx.tar.gz | tar xvf -
+ cd xmlsec1-xxxx
+ ./configure [possible options]
+ make
+ make check
+ make install
+```
+
+To see the configuration options, run:
+
+```
+ ./configure --help
+```
+
+
+### Building XMLSec on Windows
+
+See [win32/README.md](win32/README.md) for details.
-https://github.com/lsh123/xmlsec/issues
+See https://github.com/lsh123/xmlsec/issues
--- /dev/null
+# generated automatically by aclocal 1.16.5 -*- Autoconf -*-
+
+# Copyright (C) 1996-2021 Free Software Foundation, Inc.
+
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])])
+m4_ifndef([AC_AUTOCONF_VERSION],
+ [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
+m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.71],,
+[m4_warning([this file was generated for autoconf 2.71.
+You have another version of autoconf. It may work, but is not guaranteed to.
+If you have problems, you may need to regenerate the build system entirely.
+To do so, use the procedure documented by the package, typically 'autoreconf'.])])
+
+# pkg.m4 - Macros to locate and use pkg-config. -*- Autoconf -*-
+# serial 12 (pkg-config-0.29.2)
+
+dnl Copyright © 2004 Scott James Remnant <scott@netsplit.com>.
+dnl Copyright © 2012-2015 Dan Nicholson <dbn.lists@gmail.com>
+dnl
+dnl This program is free software; you can redistribute it and/or modify
+dnl it under the terms of the GNU General Public License as published by
+dnl the Free Software Foundation; either version 2 of the License, or
+dnl (at your option) any later version.
+dnl
+dnl This program is distributed in the hope that it will be useful, but
+dnl WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+dnl General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU General Public License
+dnl along with this program; if not, write to the Free Software
+dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+dnl 02111-1307, USA.
+dnl
+dnl As a special exception to the GNU General Public License, if you
+dnl distribute this file as part of a program that contains a
+dnl configuration script generated by Autoconf, you may include it under
+dnl the same distribution terms that you use for the rest of that
+dnl program.
+
+dnl PKG_PREREQ(MIN-VERSION)
+dnl -----------------------
+dnl Since: 0.29
+dnl
+dnl Verify that the version of the pkg-config macros are at least
+dnl MIN-VERSION. Unlike PKG_PROG_PKG_CONFIG, which checks the user's
+dnl installed version of pkg-config, this checks the developer's version
+dnl of pkg.m4 when generating configure.
+dnl
+dnl To ensure that this macro is defined, also add:
+dnl m4_ifndef([PKG_PREREQ],
+dnl [m4_fatal([must install pkg-config 0.29 or later before running autoconf/autogen])])
+dnl
+dnl See the "Since" comment for each macro you use to see what version
+dnl of the macros you require.
+m4_defun([PKG_PREREQ],
+[m4_define([PKG_MACROS_VERSION], [0.29.2])
+m4_if(m4_version_compare(PKG_MACROS_VERSION, [$1]), -1,
+ [m4_fatal([pkg.m4 version $1 or higher is required but ]PKG_MACROS_VERSION[ found])])
+])dnl PKG_PREREQ
+
+dnl PKG_PROG_PKG_CONFIG([MIN-VERSION])
+dnl ----------------------------------
+dnl Since: 0.16
+dnl
+dnl Search for the pkg-config tool and set the PKG_CONFIG variable to
+dnl first found in the path. Checks that the version of pkg-config found
+dnl is at least MIN-VERSION. If MIN-VERSION is not specified, 0.9.0 is
+dnl used since that's the first version where most current features of
+dnl pkg-config existed.
+AC_DEFUN([PKG_PROG_PKG_CONFIG],
+[m4_pattern_forbid([^_?PKG_[A-Z_]+$])
+m4_pattern_allow([^PKG_CONFIG(_(PATH|LIBDIR|SYSROOT_DIR|ALLOW_SYSTEM_(CFLAGS|LIBS)))?$])
+m4_pattern_allow([^PKG_CONFIG_(DISABLE_UNINSTALLED|TOP_BUILD_DIR|DEBUG_SPEW)$])
+AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility])
+AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path])
+AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path])
+
+if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
+ AC_PATH_TOOL([PKG_CONFIG], [pkg-config])
+fi
+if test -n "$PKG_CONFIG"; then
+ _pkg_min_version=m4_default([$1], [0.9.0])
+ AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version])
+ if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then
+ AC_MSG_RESULT([yes])
+ else
+ AC_MSG_RESULT([no])
+ PKG_CONFIG=""
+ fi
+fi[]dnl
+])dnl PKG_PROG_PKG_CONFIG
+
+dnl PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
+dnl -------------------------------------------------------------------
+dnl Since: 0.18
+dnl
+dnl Check to see whether a particular set of modules exists. Similar to
+dnl PKG_CHECK_MODULES(), but does not set variables or print errors.
+dnl
+dnl Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG])
+dnl only at the first occurrence in configure.ac, so if the first place
+dnl it's called might be skipped (such as if it is within an "if", you
+dnl have to call PKG_CHECK_EXISTS manually
+AC_DEFUN([PKG_CHECK_EXISTS],
+[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
+if test -n "$PKG_CONFIG" && \
+ AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then
+ m4_default([$2], [:])
+m4_ifvaln([$3], [else
+ $3])dnl
+fi])
+
+dnl _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES])
+dnl ---------------------------------------------
+dnl Internal wrapper calling pkg-config via PKG_CONFIG and setting
+dnl pkg_failed based on the result.
+m4_define([_PKG_CONFIG],
+[if test -n "$$1"; then
+ pkg_cv_[]$1="$$1"
+ elif test -n "$PKG_CONFIG"; then
+ PKG_CHECK_EXISTS([$3],
+ [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes ],
+ [pkg_failed=yes])
+ else
+ pkg_failed=untried
+fi[]dnl
+])dnl _PKG_CONFIG
+
+dnl _PKG_SHORT_ERRORS_SUPPORTED
+dnl ---------------------------
+dnl Internal check to see if pkg-config supports short errors.
+AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED],
+[AC_REQUIRE([PKG_PROG_PKG_CONFIG])
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi[]dnl
+])dnl _PKG_SHORT_ERRORS_SUPPORTED
+
+
+dnl PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND],
+dnl [ACTION-IF-NOT-FOUND])
+dnl --------------------------------------------------------------
+dnl Since: 0.4.0
+dnl
+dnl Note that if there is a possibility the first call to
+dnl PKG_CHECK_MODULES might not happen, you should be sure to include an
+dnl explicit call to PKG_PROG_PKG_CONFIG in your configure.ac
+AC_DEFUN([PKG_CHECK_MODULES],
+[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
+AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl
+AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl
+
+pkg_failed=no
+AC_MSG_CHECKING([for $2])
+
+_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2])
+_PKG_CONFIG([$1][_LIBS], [libs], [$2])
+
+m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS
+and $1[]_LIBS to avoid the need to call pkg-config.
+See the pkg-config man page for more details.])
+
+if test $pkg_failed = yes; then
+ AC_MSG_RESULT([no])
+ _PKG_SHORT_ERRORS_SUPPORTED
+ if test $_pkg_short_errors_supported = yes; then
+ $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1`
+ else
+ $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD
+
+ m4_default([$4], [AC_MSG_ERROR(
+[Package requirements ($2) were not met:
+
+$$1_PKG_ERRORS
+
+Consider adjusting the PKG_CONFIG_PATH environment variable if you
+installed software in a non-standard prefix.
+
+_PKG_TEXT])[]dnl
+ ])
+elif test $pkg_failed = untried; then
+ AC_MSG_RESULT([no])
+ m4_default([$4], [AC_MSG_FAILURE(
+[The pkg-config script could not be found or is too old. Make sure it
+is in your PATH or set the PKG_CONFIG environment variable to the full
+path to pkg-config.
+
+_PKG_TEXT
+
+To get pkg-config, see <http://pkg-config.freedesktop.org/>.])[]dnl
+ ])
+else
+ $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS
+ $1[]_LIBS=$pkg_cv_[]$1[]_LIBS
+ AC_MSG_RESULT([yes])
+ $3
+fi[]dnl
+])dnl PKG_CHECK_MODULES
+
+
+dnl PKG_CHECK_MODULES_STATIC(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND],
+dnl [ACTION-IF-NOT-FOUND])
+dnl ---------------------------------------------------------------------
+dnl Since: 0.29
+dnl
+dnl Checks for existence of MODULES and gathers its build flags with
+dnl static libraries enabled. Sets VARIABLE-PREFIX_CFLAGS from --cflags
+dnl and VARIABLE-PREFIX_LIBS from --libs.
+dnl
+dnl Note that if there is a possibility the first call to
+dnl PKG_CHECK_MODULES_STATIC might not happen, you should be sure to
+dnl include an explicit call to PKG_PROG_PKG_CONFIG in your
+dnl configure.ac.
+AC_DEFUN([PKG_CHECK_MODULES_STATIC],
+[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
+_save_PKG_CONFIG=$PKG_CONFIG
+PKG_CONFIG="$PKG_CONFIG --static"
+PKG_CHECK_MODULES($@)
+PKG_CONFIG=$_save_PKG_CONFIG[]dnl
+])dnl PKG_CHECK_MODULES_STATIC
+
+
+dnl PKG_INSTALLDIR([DIRECTORY])
+dnl -------------------------
+dnl Since: 0.27
+dnl
+dnl Substitutes the variable pkgconfigdir as the location where a module
+dnl should install pkg-config .pc files. By default the directory is
+dnl $libdir/pkgconfig, but the default can be changed by passing
+dnl DIRECTORY. The user can override through the --with-pkgconfigdir
+dnl parameter.
+AC_DEFUN([PKG_INSTALLDIR],
+[m4_pushdef([pkg_default], [m4_default([$1], ['${libdir}/pkgconfig'])])
+m4_pushdef([pkg_description],
+ [pkg-config installation directory @<:@]pkg_default[@:>@])
+AC_ARG_WITH([pkgconfigdir],
+ [AS_HELP_STRING([--with-pkgconfigdir], pkg_description)],,
+ [with_pkgconfigdir=]pkg_default)
+AC_SUBST([pkgconfigdir], [$with_pkgconfigdir])
+m4_popdef([pkg_default])
+m4_popdef([pkg_description])
+])dnl PKG_INSTALLDIR
+
+
+dnl PKG_NOARCH_INSTALLDIR([DIRECTORY])
+dnl --------------------------------
+dnl Since: 0.27
+dnl
+dnl Substitutes the variable noarch_pkgconfigdir as the location where a
+dnl module should install arch-independent pkg-config .pc files. By
+dnl default the directory is $datadir/pkgconfig, but the default can be
+dnl changed by passing DIRECTORY. The user can override through the
+dnl --with-noarch-pkgconfigdir parameter.
+AC_DEFUN([PKG_NOARCH_INSTALLDIR],
+[m4_pushdef([pkg_default], [m4_default([$1], ['${datadir}/pkgconfig'])])
+m4_pushdef([pkg_description],
+ [pkg-config arch-independent installation directory @<:@]pkg_default[@:>@])
+AC_ARG_WITH([noarch-pkgconfigdir],
+ [AS_HELP_STRING([--with-noarch-pkgconfigdir], pkg_description)],,
+ [with_noarch_pkgconfigdir=]pkg_default)
+AC_SUBST([noarch_pkgconfigdir], [$with_noarch_pkgconfigdir])
+m4_popdef([pkg_default])
+m4_popdef([pkg_description])
+])dnl PKG_NOARCH_INSTALLDIR
+
+
+dnl PKG_CHECK_VAR(VARIABLE, MODULE, CONFIG-VARIABLE,
+dnl [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
+dnl -------------------------------------------
+dnl Since: 0.28
+dnl
+dnl Retrieves the value of the pkg-config variable for the given module.
+AC_DEFUN([PKG_CHECK_VAR],
+[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
+AC_ARG_VAR([$1], [value of $3 for $2, overriding pkg-config])dnl
+
+_PKG_CONFIG([$1], [variable="][$3]["], [$2])
+AS_VAR_COPY([$1], [pkg_cv_][$1])
+
+AS_VAR_IF([$1], [""], [$5], [$4])dnl
+])dnl PKG_CHECK_VAR
+
+dnl PKG_WITH_MODULES(VARIABLE-PREFIX, MODULES,
+dnl [ACTION-IF-FOUND],[ACTION-IF-NOT-FOUND],
+dnl [DESCRIPTION], [DEFAULT])
+dnl ------------------------------------------
+dnl
+dnl Prepare a "--with-" configure option using the lowercase
+dnl [VARIABLE-PREFIX] name, merging the behaviour of AC_ARG_WITH and
+dnl PKG_CHECK_MODULES in a single macro.
+AC_DEFUN([PKG_WITH_MODULES],
+[
+m4_pushdef([with_arg], m4_tolower([$1]))
+
+m4_pushdef([description],
+ [m4_default([$5], [build with ]with_arg[ support])])
+
+m4_pushdef([def_arg], [m4_default([$6], [auto])])
+m4_pushdef([def_action_if_found], [AS_TR_SH([with_]with_arg)=yes])
+m4_pushdef([def_action_if_not_found], [AS_TR_SH([with_]with_arg)=no])
+
+m4_case(def_arg,
+ [yes],[m4_pushdef([with_without], [--without-]with_arg)],
+ [m4_pushdef([with_without],[--with-]with_arg)])
+
+AC_ARG_WITH(with_arg,
+ AS_HELP_STRING(with_without, description[ @<:@default=]def_arg[@:>@]),,
+ [AS_TR_SH([with_]with_arg)=def_arg])
+
+AS_CASE([$AS_TR_SH([with_]with_arg)],
+ [yes],[PKG_CHECK_MODULES([$1],[$2],$3,$4)],
+ [auto],[PKG_CHECK_MODULES([$1],[$2],
+ [m4_n([def_action_if_found]) $3],
+ [m4_n([def_action_if_not_found]) $4])])
+
+m4_popdef([with_arg])
+m4_popdef([description])
+m4_popdef([def_arg])
+
+])dnl PKG_WITH_MODULES
+
+dnl PKG_HAVE_WITH_MODULES(VARIABLE-PREFIX, MODULES,
+dnl [DESCRIPTION], [DEFAULT])
+dnl -----------------------------------------------
+dnl
+dnl Convenience macro to trigger AM_CONDITIONAL after PKG_WITH_MODULES
+dnl check._[VARIABLE-PREFIX] is exported as make variable.
+AC_DEFUN([PKG_HAVE_WITH_MODULES],
+[
+PKG_WITH_MODULES([$1],[$2],,,[$3],[$4])
+
+AM_CONDITIONAL([HAVE_][$1],
+ [test "$AS_TR_SH([with_]m4_tolower([$1]))" = "yes"])
+])dnl PKG_HAVE_WITH_MODULES
+
+dnl PKG_HAVE_DEFINE_WITH_MODULES(VARIABLE-PREFIX, MODULES,
+dnl [DESCRIPTION], [DEFAULT])
+dnl ------------------------------------------------------
+dnl
+dnl Convenience macro to run AM_CONDITIONAL and AC_DEFINE after
+dnl PKG_WITH_MODULES check. HAVE_[VARIABLE-PREFIX] is exported as make
+dnl and preprocessor variable.
+AC_DEFUN([PKG_HAVE_DEFINE_WITH_MODULES],
+[
+PKG_HAVE_WITH_MODULES([$1],[$2],[$3],[$4])
+
+AS_IF([test "$AS_TR_SH([with_]m4_tolower([$1]))" = "yes"],
+ [AC_DEFINE([HAVE_][$1], 1, [Enable ]m4_tolower([$1])[ support])])
+])dnl PKG_HAVE_DEFINE_WITH_MODULES
+
+# Copyright (C) 2002-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_AUTOMAKE_VERSION(VERSION)
+# ----------------------------
+# Automake X.Y traces this macro to ensure aclocal.m4 has been
+# generated from the m4 files accompanying Automake X.Y.
+# (This private macro should not be called outside this file.)
+AC_DEFUN([AM_AUTOMAKE_VERSION],
+[am__api_version='1.16'
+dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
+dnl require some minimum version. Point them to the right macro.
+m4_if([$1], [1.16.5], [],
+ [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
+])
+
+# _AM_AUTOCONF_VERSION(VERSION)
+# -----------------------------
+# aclocal traces this macro to find the Autoconf version.
+# This is a private macro too. Using m4_define simplifies
+# the logic in aclocal, which can simply ignore this definition.
+m4_define([_AM_AUTOCONF_VERSION], [])
+
+# AM_SET_CURRENT_AUTOMAKE_VERSION
+# -------------------------------
+# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
+# This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
+AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
+[AM_AUTOMAKE_VERSION([1.16.5])dnl
+m4_ifndef([AC_AUTOCONF_VERSION],
+ [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
+_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
+
+# AM_AUX_DIR_EXPAND -*- Autoconf -*-
+
+# Copyright (C) 2001-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets
+# $ac_aux_dir to '$srcdir/foo'. In other projects, it is set to
+# '$srcdir', '$srcdir/..', or '$srcdir/../..'.
+#
+# Of course, Automake must honor this variable whenever it calls a
+# tool from the auxiliary directory. The problem is that $srcdir (and
+# therefore $ac_aux_dir as well) can be either absolute or relative,
+# depending on how configure is run. This is pretty annoying, since
+# it makes $ac_aux_dir quite unusable in subdirectories: in the top
+# source directory, any form will work fine, but in subdirectories a
+# relative path needs to be adjusted first.
+#
+# $ac_aux_dir/missing
+# fails when called from a subdirectory if $ac_aux_dir is relative
+# $top_srcdir/$ac_aux_dir/missing
+# fails if $ac_aux_dir is absolute,
+# fails when called from a subdirectory in a VPATH build with
+# a relative $ac_aux_dir
+#
+# The reason of the latter failure is that $top_srcdir and $ac_aux_dir
+# are both prefixed by $srcdir. In an in-source build this is usually
+# harmless because $srcdir is '.', but things will broke when you
+# start a VPATH build or use an absolute $srcdir.
+#
+# So we could use something similar to $top_srcdir/$ac_aux_dir/missing,
+# iff we strip the leading $srcdir from $ac_aux_dir. That would be:
+# am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"`
+# and then we would define $MISSING as
+# MISSING="\${SHELL} $am_aux_dir/missing"
+# This will work as long as MISSING is not called from configure, because
+# unfortunately $(top_srcdir) has no meaning in configure.
+# However there are other variables, like CC, which are often used in
+# configure, and could therefore not use this "fixed" $ac_aux_dir.
+#
+# Another solution, used here, is to always expand $ac_aux_dir to an
+# absolute PATH. The drawback is that using absolute paths prevent a
+# configured tree to be moved without reconfiguration.
+
+AC_DEFUN([AM_AUX_DIR_EXPAND],
+[AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl
+# Expand $ac_aux_dir to an absolute path.
+am_aux_dir=`cd "$ac_aux_dir" && pwd`
+])
+
+# AM_CONDITIONAL -*- Autoconf -*-
+
+# Copyright (C) 1997-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_CONDITIONAL(NAME, SHELL-CONDITION)
+# -------------------------------------
+# Define a conditional.
+AC_DEFUN([AM_CONDITIONAL],
+[AC_PREREQ([2.52])dnl
+ m4_if([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])],
+ [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl
+AC_SUBST([$1_TRUE])dnl
+AC_SUBST([$1_FALSE])dnl
+_AM_SUBST_NOTMAKE([$1_TRUE])dnl
+_AM_SUBST_NOTMAKE([$1_FALSE])dnl
+m4_define([_AM_COND_VALUE_$1], [$2])dnl
+if $2; then
+ $1_TRUE=
+ $1_FALSE='#'
+else
+ $1_TRUE='#'
+ $1_FALSE=
+fi
+AC_CONFIG_COMMANDS_PRE(
+[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then
+ AC_MSG_ERROR([[conditional "$1" was never defined.
+Usually this means the macro was only invoked conditionally.]])
+fi])])
+
+# Copyright (C) 1999-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+
+# There are a few dirty hacks below to avoid letting 'AC_PROG_CC' be
+# written in clear, in which case automake, when reading aclocal.m4,
+# will think it sees a *use*, and therefore will trigger all it's
+# C support machinery. Also note that it means that autoscan, seeing
+# CC etc. in the Makefile, will ask for an AC_PROG_CC use...
+
+
+# _AM_DEPENDENCIES(NAME)
+# ----------------------
+# See how the compiler implements dependency checking.
+# NAME is "CC", "CXX", "OBJC", "OBJCXX", "UPC", or "GJC".
+# We try a few techniques and use that to set a single cache variable.
+#
+# We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was
+# modified to invoke _AM_DEPENDENCIES(CC); we would have a circular
+# dependency, and given that the user is not expected to run this macro,
+# just rely on AC_PROG_CC.
+AC_DEFUN([_AM_DEPENDENCIES],
+[AC_REQUIRE([AM_SET_DEPDIR])dnl
+AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl
+AC_REQUIRE([AM_MAKE_INCLUDE])dnl
+AC_REQUIRE([AM_DEP_TRACK])dnl
+
+m4_if([$1], [CC], [depcc="$CC" am_compiler_list=],
+ [$1], [CXX], [depcc="$CXX" am_compiler_list=],
+ [$1], [OBJC], [depcc="$OBJC" am_compiler_list='gcc3 gcc'],
+ [$1], [OBJCXX], [depcc="$OBJCXX" am_compiler_list='gcc3 gcc'],
+ [$1], [UPC], [depcc="$UPC" am_compiler_list=],
+ [$1], [GCJ], [depcc="$GCJ" am_compiler_list='gcc3 gcc'],
+ [depcc="$$1" am_compiler_list=])
+
+AC_CACHE_CHECK([dependency style of $depcc],
+ [am_cv_$1_dependencies_compiler_type],
+[if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+ # We make a subdir and do the tests there. Otherwise we can end up
+ # making bogus files that we don't know about and never remove. For
+ # instance it was reported that on HP-UX the gcc test will end up
+ # making a dummy file named 'D' -- because '-MD' means "put the output
+ # in D".
+ rm -rf conftest.dir
+ mkdir conftest.dir
+ # Copy depcomp to subdir because otherwise we won't find it if we're
+ # using a relative directory.
+ cp "$am_depcomp" conftest.dir
+ cd conftest.dir
+ # We will build objects and dependencies in a subdirectory because
+ # it helps to detect inapplicable dependency modes. For instance
+ # both Tru64's cc and ICC support -MD to output dependencies as a
+ # side effect of compilation, but ICC will put the dependencies in
+ # the current directory while Tru64 will put them in the object
+ # directory.
+ mkdir sub
+
+ am_cv_$1_dependencies_compiler_type=none
+ if test "$am_compiler_list" = ""; then
+ am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp`
+ fi
+ am__universal=false
+ m4_case([$1], [CC],
+ [case " $depcc " in #(
+ *\ -arch\ *\ -arch\ *) am__universal=true ;;
+ esac],
+ [CXX],
+ [case " $depcc " in #(
+ *\ -arch\ *\ -arch\ *) am__universal=true ;;
+ esac])
+
+ for depmode in $am_compiler_list; do
+ # Setup a source with many dependencies, because some compilers
+ # like to wrap large dependency lists on column 80 (with \), and
+ # we should not choose a depcomp mode which is confused by this.
+ #
+ # We need to recreate these files for each test, as the compiler may
+ # overwrite some of them when testing with obscure command lines.
+ # This happens at least with the AIX C compiler.
+ : > sub/conftest.c
+ for i in 1 2 3 4 5 6; do
+ echo '#include "conftst'$i'.h"' >> sub/conftest.c
+ # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with
+ # Solaris 10 /bin/sh.
+ echo '/* dummy */' > sub/conftst$i.h
+ done
+ echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+ # We check with '-c' and '-o' for the sake of the "dashmstdout"
+ # mode. It turns out that the SunPro C++ compiler does not properly
+ # handle '-M -o', and we need to detect this. Also, some Intel
+ # versions had trouble with output in subdirs.
+ am__obj=sub/conftest.${OBJEXT-o}
+ am__minus_obj="-o $am__obj"
+ case $depmode in
+ gcc)
+ # This depmode causes a compiler race in universal mode.
+ test "$am__universal" = false || continue
+ ;;
+ nosideeffect)
+ # After this tag, mechanisms are not by side-effect, so they'll
+ # only be used when explicitly requested.
+ if test "x$enable_dependency_tracking" = xyes; then
+ continue
+ else
+ break
+ fi
+ ;;
+ msvc7 | msvc7msys | msvisualcpp | msvcmsys)
+ # This compiler won't grok '-c -o', but also, the minuso test has
+ # not run yet. These depmodes are late enough in the game, and
+ # so weak that their functioning should not be impacted.
+ am__obj=conftest.${OBJEXT-o}
+ am__minus_obj=
+ ;;
+ none) break ;;
+ esac
+ if depmode=$depmode \
+ source=sub/conftest.c object=$am__obj \
+ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \
+ >/dev/null 2>conftest.err &&
+ grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep $am__obj sub/conftest.Po > /dev/null 2>&1 &&
+ ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+ # icc doesn't choke on unknown options, it will just issue warnings
+ # or remarks (even with -Werror). So we grep stderr for any message
+ # that says an option was ignored or not supported.
+ # When given -MP, icc 7.0 and 7.1 complain thusly:
+ # icc: Command line warning: ignoring option '-M'; no argument required
+ # The diagnosis changed in icc 8.0:
+ # icc: Command line remark: option '-MP' not supported
+ if (grep 'ignoring option' conftest.err ||
+ grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+ am_cv_$1_dependencies_compiler_type=$depmode
+ break
+ fi
+ fi
+ done
+
+ cd ..
+ rm -rf conftest.dir
+else
+ am_cv_$1_dependencies_compiler_type=none
+fi
+])
+AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type])
+AM_CONDITIONAL([am__fastdep$1], [
+ test "x$enable_dependency_tracking" != xno \
+ && test "$am_cv_$1_dependencies_compiler_type" = gcc3])
+])
+
+
+# AM_SET_DEPDIR
+# -------------
+# Choose a directory name for dependency files.
+# This macro is AC_REQUIREd in _AM_DEPENDENCIES.
+AC_DEFUN([AM_SET_DEPDIR],
+[AC_REQUIRE([AM_SET_LEADING_DOT])dnl
+AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl
+])
+
+
+# AM_DEP_TRACK
+# ------------
+AC_DEFUN([AM_DEP_TRACK],
+[AC_ARG_ENABLE([dependency-tracking], [dnl
+AS_HELP_STRING(
+ [--enable-dependency-tracking],
+ [do not reject slow dependency extractors])
+AS_HELP_STRING(
+ [--disable-dependency-tracking],
+ [speeds up one-time build])])
+if test "x$enable_dependency_tracking" != xno; then
+ am_depcomp="$ac_aux_dir/depcomp"
+ AMDEPBACKSLASH='\'
+ am__nodep='_no'
+fi
+AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno])
+AC_SUBST([AMDEPBACKSLASH])dnl
+_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl
+AC_SUBST([am__nodep])dnl
+_AM_SUBST_NOTMAKE([am__nodep])dnl
+])
+
+# Generate code to set up dependency tracking. -*- Autoconf -*-
+
+# Copyright (C) 1999-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# _AM_OUTPUT_DEPENDENCY_COMMANDS
+# ------------------------------
+AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
+[{
+ # Older Autoconf quotes --file arguments for eval, but not when files
+ # are listed without --file. Let's play safe and only enable the eval
+ # if we detect the quoting.
+ # TODO: see whether this extra hack can be removed once we start
+ # requiring Autoconf 2.70 or later.
+ AS_CASE([$CONFIG_FILES],
+ [*\'*], [eval set x "$CONFIG_FILES"],
+ [*], [set x $CONFIG_FILES])
+ shift
+ # Used to flag and report bootstrapping failures.
+ am_rc=0
+ for am_mf
+ do
+ # Strip MF so we end up with the name of the file.
+ am_mf=`AS_ECHO(["$am_mf"]) | sed -e 's/:.*$//'`
+ # Check whether this is an Automake generated Makefile which includes
+ # dependency-tracking related rules and includes.
+ # Grep'ing the whole file directly is not great: AIX grep has a line
+ # limit of 2048, but all sed's we know have understand at least 4000.
+ sed -n 's,^am--depfiles:.*,X,p' "$am_mf" | grep X >/dev/null 2>&1 \
+ || continue
+ am_dirpart=`AS_DIRNAME(["$am_mf"])`
+ am_filepart=`AS_BASENAME(["$am_mf"])`
+ AM_RUN_LOG([cd "$am_dirpart" \
+ && sed -e '/# am--include-marker/d' "$am_filepart" \
+ | $MAKE -f - am--depfiles]) || am_rc=$?
+ done
+ if test $am_rc -ne 0; then
+ AC_MSG_FAILURE([Something went wrong bootstrapping makefile fragments
+ for automatic dependency tracking. If GNU make was not used, consider
+ re-running the configure script with MAKE="gmake" (or whatever is
+ necessary). You can also try re-running configure with the
+ '--disable-dependency-tracking' option to at least be able to build
+ the package (albeit without support for automatic dependency tracking).])
+ fi
+ AS_UNSET([am_dirpart])
+ AS_UNSET([am_filepart])
+ AS_UNSET([am_mf])
+ AS_UNSET([am_rc])
+ rm -f conftest-deps.mk
+}
+])# _AM_OUTPUT_DEPENDENCY_COMMANDS
+
+
+# AM_OUTPUT_DEPENDENCY_COMMANDS
+# -----------------------------
+# This macro should only be invoked once -- use via AC_REQUIRE.
+#
+# This code is only required when automatic dependency tracking is enabled.
+# This creates each '.Po' and '.Plo' makefile fragment that we'll need in
+# order to bootstrap the dependency handling code.
+AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
+[AC_CONFIG_COMMANDS([depfiles],
+ [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS],
+ [AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}"])])
+
+# Do all the work for Automake. -*- Autoconf -*-
+
+# Copyright (C) 1996-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This macro actually does too much. Some checks are only needed if
+# your package does certain things. But this isn't really a big deal.
+
+dnl Redefine AC_PROG_CC to automatically invoke _AM_PROG_CC_C_O.
+m4_define([AC_PROG_CC],
+m4_defn([AC_PROG_CC])
+[_AM_PROG_CC_C_O
+])
+
+# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE])
+# AM_INIT_AUTOMAKE([OPTIONS])
+# -----------------------------------------------
+# The call with PACKAGE and VERSION arguments is the old style
+# call (pre autoconf-2.50), which is being phased out. PACKAGE
+# and VERSION should now be passed to AC_INIT and removed from
+# the call to AM_INIT_AUTOMAKE.
+# We support both call styles for the transition. After
+# the next Automake release, Autoconf can make the AC_INIT
+# arguments mandatory, and then we can depend on a new Autoconf
+# release and drop the old call support.
+AC_DEFUN([AM_INIT_AUTOMAKE],
+[AC_PREREQ([2.65])dnl
+m4_ifdef([_$0_ALREADY_INIT],
+ [m4_fatal([$0 expanded multiple times
+]m4_defn([_$0_ALREADY_INIT]))],
+ [m4_define([_$0_ALREADY_INIT], m4_expansion_stack)])dnl
+dnl Autoconf wants to disallow AM_ names. We explicitly allow
+dnl the ones we care about.
+m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl
+AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl
+AC_REQUIRE([AC_PROG_INSTALL])dnl
+if test "`cd $srcdir && pwd`" != "`pwd`"; then
+ # Use -I$(srcdir) only when $(srcdir) != ., so that make's output
+ # is not polluted with repeated "-I."
+ AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl
+ # test to see if srcdir already configured
+ if test -f $srcdir/config.status; then
+ AC_MSG_ERROR([source directory already configured; run "make distclean" there first])
+ fi
+fi
+
+# test whether we have cygpath
+if test -z "$CYGPATH_W"; then
+ if (cygpath --version) >/dev/null 2>/dev/null; then
+ CYGPATH_W='cygpath -w'
+ else
+ CYGPATH_W=echo
+ fi
+fi
+AC_SUBST([CYGPATH_W])
+
+# Define the identity of the package.
+dnl Distinguish between old-style and new-style calls.
+m4_ifval([$2],
+[AC_DIAGNOSE([obsolete],
+ [$0: two- and three-arguments forms are deprecated.])
+m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl
+ AC_SUBST([PACKAGE], [$1])dnl
+ AC_SUBST([VERSION], [$2])],
+[_AM_SET_OPTIONS([$1])dnl
+dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT.
+m4_if(
+ m4_ifset([AC_PACKAGE_NAME], [ok]):m4_ifset([AC_PACKAGE_VERSION], [ok]),
+ [ok:ok],,
+ [m4_fatal([AC_INIT should be called with package and version arguments])])dnl
+ AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl
+ AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl
+
+_AM_IF_OPTION([no-define],,
+[AC_DEFINE_UNQUOTED([PACKAGE], ["$PACKAGE"], [Name of package])
+ AC_DEFINE_UNQUOTED([VERSION], ["$VERSION"], [Version number of package])])dnl
+
+# Some tools Automake needs.
+AC_REQUIRE([AM_SANITY_CHECK])dnl
+AC_REQUIRE([AC_ARG_PROGRAM])dnl
+AM_MISSING_PROG([ACLOCAL], [aclocal-${am__api_version}])
+AM_MISSING_PROG([AUTOCONF], [autoconf])
+AM_MISSING_PROG([AUTOMAKE], [automake-${am__api_version}])
+AM_MISSING_PROG([AUTOHEADER], [autoheader])
+AM_MISSING_PROG([MAKEINFO], [makeinfo])
+AC_REQUIRE([AM_PROG_INSTALL_SH])dnl
+AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl
+AC_REQUIRE([AC_PROG_MKDIR_P])dnl
+# For better backward compatibility. To be removed once Automake 1.9.x
+# dies out for good. For more background, see:
+# <https://lists.gnu.org/archive/html/automake/2012-07/msg00001.html>
+# <https://lists.gnu.org/archive/html/automake/2012-07/msg00014.html>
+AC_SUBST([mkdir_p], ['$(MKDIR_P)'])
+# We need awk for the "check" target (and possibly the TAP driver). The
+# system "awk" is bad on some platforms.
+AC_REQUIRE([AC_PROG_AWK])dnl
+AC_REQUIRE([AC_PROG_MAKE_SET])dnl
+AC_REQUIRE([AM_SET_LEADING_DOT])dnl
+_AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])],
+ [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])],
+ [_AM_PROG_TAR([v7])])])
+_AM_IF_OPTION([no-dependencies],,
+[AC_PROVIDE_IFELSE([AC_PROG_CC],
+ [_AM_DEPENDENCIES([CC])],
+ [m4_define([AC_PROG_CC],
+ m4_defn([AC_PROG_CC])[_AM_DEPENDENCIES([CC])])])dnl
+AC_PROVIDE_IFELSE([AC_PROG_CXX],
+ [_AM_DEPENDENCIES([CXX])],
+ [m4_define([AC_PROG_CXX],
+ m4_defn([AC_PROG_CXX])[_AM_DEPENDENCIES([CXX])])])dnl
+AC_PROVIDE_IFELSE([AC_PROG_OBJC],
+ [_AM_DEPENDENCIES([OBJC])],
+ [m4_define([AC_PROG_OBJC],
+ m4_defn([AC_PROG_OBJC])[_AM_DEPENDENCIES([OBJC])])])dnl
+AC_PROVIDE_IFELSE([AC_PROG_OBJCXX],
+ [_AM_DEPENDENCIES([OBJCXX])],
+ [m4_define([AC_PROG_OBJCXX],
+ m4_defn([AC_PROG_OBJCXX])[_AM_DEPENDENCIES([OBJCXX])])])dnl
+])
+# Variables for tags utilities; see am/tags.am
+if test -z "$CTAGS"; then
+ CTAGS=ctags
+fi
+AC_SUBST([CTAGS])
+if test -z "$ETAGS"; then
+ ETAGS=etags
+fi
+AC_SUBST([ETAGS])
+if test -z "$CSCOPE"; then
+ CSCOPE=cscope
+fi
+AC_SUBST([CSCOPE])
+
+AC_REQUIRE([AM_SILENT_RULES])dnl
+dnl The testsuite driver may need to know about EXEEXT, so add the
+dnl 'am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This
+dnl macro is hooked onto _AC_COMPILER_EXEEXT early, see below.
+AC_CONFIG_COMMANDS_PRE(dnl
+[m4_provide_if([_AM_COMPILER_EXEEXT],
+ [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl
+
+# POSIX will say in a future version that running "rm -f" with no argument
+# is OK; and we want to be able to make that assumption in our Makefile
+# recipes. So use an aggressive probe to check that the usage we want is
+# actually supported "in the wild" to an acceptable degree.
+# See automake bug#10828.
+# To make any issue more visible, cause the running configure to be aborted
+# by default if the 'rm' program in use doesn't match our expectations; the
+# user can still override this though.
+if rm -f && rm -fr && rm -rf; then : OK; else
+ cat >&2 <<'END'
+Oops!
+
+Your 'rm' program seems unable to run without file operands specified
+on the command line, even when the '-f' option is present. This is contrary
+to the behaviour of most rm programs out there, and not conforming with
+the upcoming POSIX standard: <http://austingroupbugs.net/view.php?id=542>
+
+Please tell bug-automake@gnu.org about your system, including the value
+of your $PATH and any error possibly output before this message. This
+can help us improve future automake versions.
+
+END
+ if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then
+ echo 'Configuration will proceed anyway, since you have set the' >&2
+ echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2
+ echo >&2
+ else
+ cat >&2 <<'END'
+Aborting the configuration process, to ensure you take notice of the issue.
+
+You can download and install GNU coreutils to get an 'rm' implementation
+that behaves properly: <https://www.gnu.org/software/coreutils/>.
+
+If you want to complete the configuration process using your problematic
+'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM
+to "yes", and re-run configure.
+
+END
+ AC_MSG_ERROR([Your 'rm' program is bad, sorry.])
+ fi
+fi
+dnl The trailing newline in this macro's definition is deliberate, for
+dnl backward compatibility and to allow trailing 'dnl'-style comments
+dnl after the AM_INIT_AUTOMAKE invocation. See automake bug#16841.
+])
+
+dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion. Do not
+dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further
+dnl mangled by Autoconf and run in a shell conditional statement.
+m4_define([_AC_COMPILER_EXEEXT],
+m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])])
+
+# When config.status generates a header, we must update the stamp-h file.
+# This file resides in the same directory as the config header
+# that is generated. The stamp files are numbered to have different names.
+
+# Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the
+# loop where config.status creates the headers, so we can generate
+# our stamp files there.
+AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK],
+[# Compute $1's index in $config_headers.
+_am_arg=$1
+_am_stamp_count=1
+for _am_header in $config_headers :; do
+ case $_am_header in
+ $_am_arg | $_am_arg:* )
+ break ;;
+ * )
+ _am_stamp_count=`expr $_am_stamp_count + 1` ;;
+ esac
+done
+echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
+
+# Copyright (C) 2001-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_PROG_INSTALL_SH
+# ------------------
+# Define $install_sh.
+AC_DEFUN([AM_PROG_INSTALL_SH],
+[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
+if test x"${install_sh+set}" != xset; then
+ case $am_aux_dir in
+ *\ * | *\ *)
+ install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;;
+ *)
+ install_sh="\${SHELL} $am_aux_dir/install-sh"
+ esac
+fi
+AC_SUBST([install_sh])])
+
+# Copyright (C) 2003-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# Check whether the underlying file-system supports filenames
+# with a leading dot. For instance MS-DOS doesn't.
+AC_DEFUN([AM_SET_LEADING_DOT],
+[rm -rf .tst 2>/dev/null
+mkdir .tst 2>/dev/null
+if test -d .tst; then
+ am__leading_dot=.
+else
+ am__leading_dot=_
+fi
+rmdir .tst 2>/dev/null
+AC_SUBST([am__leading_dot])])
+
+# Add --enable-maintainer-mode option to configure. -*- Autoconf -*-
+# From Jim Meyering
+
+# Copyright (C) 1996-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_MAINTAINER_MODE([DEFAULT-MODE])
+# ----------------------------------
+# Control maintainer-specific portions of Makefiles.
+# Default is to disable them, unless 'enable' is passed literally.
+# For symmetry, 'disable' may be passed as well. Anyway, the user
+# can override the default with the --enable/--disable switch.
+AC_DEFUN([AM_MAINTAINER_MODE],
+[m4_case(m4_default([$1], [disable]),
+ [enable], [m4_define([am_maintainer_other], [disable])],
+ [disable], [m4_define([am_maintainer_other], [enable])],
+ [m4_define([am_maintainer_other], [enable])
+ m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])])
+AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])
+ dnl maintainer-mode's default is 'disable' unless 'enable' is passed
+ AC_ARG_ENABLE([maintainer-mode],
+ [AS_HELP_STRING([--]am_maintainer_other[-maintainer-mode],
+ am_maintainer_other[ make rules and dependencies not useful
+ (and sometimes confusing) to the casual installer])],
+ [USE_MAINTAINER_MODE=$enableval],
+ [USE_MAINTAINER_MODE=]m4_if(am_maintainer_other, [enable], [no], [yes]))
+ AC_MSG_RESULT([$USE_MAINTAINER_MODE])
+ AM_CONDITIONAL([MAINTAINER_MODE], [test $USE_MAINTAINER_MODE = yes])
+ MAINT=$MAINTAINER_MODE_TRUE
+ AC_SUBST([MAINT])dnl
+]
+)
+
+# Check to see how 'make' treats includes. -*- Autoconf -*-
+
+# Copyright (C) 2001-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_MAKE_INCLUDE()
+# -----------------
+# Check whether make has an 'include' directive that can support all
+# the idioms we need for our automatic dependency tracking code.
+AC_DEFUN([AM_MAKE_INCLUDE],
+[AC_MSG_CHECKING([whether ${MAKE-make} supports the include directive])
+cat > confinc.mk << 'END'
+am__doit:
+ @echo this is the am__doit target >confinc.out
+.PHONY: am__doit
+END
+am__include="#"
+am__quote=
+# BSD make does it like this.
+echo '.include "confinc.mk" # ignored' > confmf.BSD
+# Other make implementations (GNU, Solaris 10, AIX) do it like this.
+echo 'include confinc.mk # ignored' > confmf.GNU
+_am_result=no
+for s in GNU BSD; do
+ AM_RUN_LOG([${MAKE-make} -f confmf.$s && cat confinc.out])
+ AS_CASE([$?:`cat confinc.out 2>/dev/null`],
+ ['0:this is the am__doit target'],
+ [AS_CASE([$s],
+ [BSD], [am__include='.include' am__quote='"'],
+ [am__include='include' am__quote=''])])
+ if test "$am__include" != "#"; then
+ _am_result="yes ($s style)"
+ break
+ fi
+done
+rm -f confinc.* confmf.*
+AC_MSG_RESULT([${_am_result}])
+AC_SUBST([am__include])])
+AC_SUBST([am__quote])])
+
+# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*-
+
+# Copyright (C) 1997-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_MISSING_PROG(NAME, PROGRAM)
+# ------------------------------
+AC_DEFUN([AM_MISSING_PROG],
+[AC_REQUIRE([AM_MISSING_HAS_RUN])
+$1=${$1-"${am_missing_run}$2"}
+AC_SUBST($1)])
+
+# AM_MISSING_HAS_RUN
+# ------------------
+# Define MISSING if not defined so far and test if it is modern enough.
+# If it is, set am_missing_run to use it, otherwise, to nothing.
+AC_DEFUN([AM_MISSING_HAS_RUN],
+[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
+AC_REQUIRE_AUX_FILE([missing])dnl
+if test x"${MISSING+set}" != xset; then
+ MISSING="\${SHELL} '$am_aux_dir/missing'"
+fi
+# Use eval to expand $SHELL
+if eval "$MISSING --is-lightweight"; then
+ am_missing_run="$MISSING "
+else
+ am_missing_run=
+ AC_MSG_WARN(['missing' script is too old or missing])
+fi
+])
+
+# Helper functions for option handling. -*- Autoconf -*-
+
+# Copyright (C) 2001-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# _AM_MANGLE_OPTION(NAME)
+# -----------------------
+AC_DEFUN([_AM_MANGLE_OPTION],
+[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])])
+
+# _AM_SET_OPTION(NAME)
+# --------------------
+# Set option NAME. Presently that only means defining a flag for this option.
+AC_DEFUN([_AM_SET_OPTION],
+[m4_define(_AM_MANGLE_OPTION([$1]), [1])])
+
+# _AM_SET_OPTIONS(OPTIONS)
+# ------------------------
+# OPTIONS is a space-separated list of Automake options.
+AC_DEFUN([_AM_SET_OPTIONS],
+[m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])])
+
+# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET])
+# -------------------------------------------
+# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise.
+AC_DEFUN([_AM_IF_OPTION],
+[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
+
+# Copyright (C) 1999-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# _AM_PROG_CC_C_O
+# ---------------
+# Like AC_PROG_CC_C_O, but changed for automake. We rewrite AC_PROG_CC
+# to automatically call this.
+AC_DEFUN([_AM_PROG_CC_C_O],
+[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
+AC_REQUIRE_AUX_FILE([compile])dnl
+AC_LANG_PUSH([C])dnl
+AC_CACHE_CHECK(
+ [whether $CC understands -c and -o together],
+ [am_cv_prog_cc_c_o],
+ [AC_LANG_CONFTEST([AC_LANG_PROGRAM([])])
+ # Make sure it works both with $CC and with simple cc.
+ # Following AC_PROG_CC_C_O, we do the test twice because some
+ # compilers refuse to overwrite an existing .o file with -o,
+ # though they will create one.
+ am_cv_prog_cc_c_o=yes
+ for am_i in 1 2; do
+ if AM_RUN_LOG([$CC -c conftest.$ac_ext -o conftest2.$ac_objext]) \
+ && test -f conftest2.$ac_objext; then
+ : OK
+ else
+ am_cv_prog_cc_c_o=no
+ break
+ fi
+ done
+ rm -f core conftest*
+ unset am_i])
+if test "$am_cv_prog_cc_c_o" != yes; then
+ # Losing compiler, so override with the script.
+ # FIXME: It is wrong to rewrite CC.
+ # But if we don't then we get into trouble of one sort or another.
+ # A longer-term fix would be to have automake use am__CC in this case,
+ # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)"
+ CC="$am_aux_dir/compile $CC"
+fi
+AC_LANG_POP([C])])
+
+# For backward compatibility.
+AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])])
+
+# Copyright (C) 2001-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_RUN_LOG(COMMAND)
+# -------------------
+# Run COMMAND, save the exit status in ac_status, and log it.
+# (This has been adapted from Autoconf's _AC_RUN_LOG macro.)
+AC_DEFUN([AM_RUN_LOG],
+[{ echo "$as_me:$LINENO: $1" >&AS_MESSAGE_LOG_FD
+ ($1) >&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+ (exit $ac_status); }])
+
+# Check to make sure that the build environment is sane. -*- Autoconf -*-
+
+# Copyright (C) 1996-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_SANITY_CHECK
+# ---------------
+AC_DEFUN([AM_SANITY_CHECK],
+[AC_MSG_CHECKING([whether build environment is sane])
+# Reject unsafe characters in $srcdir or the absolute working directory
+# name. Accept space and tab only in the latter.
+am_lf='
+'
+case `pwd` in
+ *[[\\\"\#\$\&\'\`$am_lf]]*)
+ AC_MSG_ERROR([unsafe absolute working directory name]);;
+esac
+case $srcdir in
+ *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*)
+ AC_MSG_ERROR([unsafe srcdir value: '$srcdir']);;
+esac
+
+# Do 'set' in a subshell so we don't clobber the current shell's
+# arguments. Must try -L first in case configure is actually a
+# symlink; some systems play weird games with the mod time of symlinks
+# (eg FreeBSD returns the mod time of the symlink's containing
+# directory).
+if (
+ am_has_slept=no
+ for am_try in 1 2; do
+ echo "timestamp, slept: $am_has_slept" > conftest.file
+ set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null`
+ if test "$[*]" = "X"; then
+ # -L didn't work.
+ set X `ls -t "$srcdir/configure" conftest.file`
+ fi
+ if test "$[*]" != "X $srcdir/configure conftest.file" \
+ && test "$[*]" != "X conftest.file $srcdir/configure"; then
+
+ # If neither matched, then we have a broken ls. This can happen
+ # if, for instance, CONFIG_SHELL is bash and it inherits a
+ # broken ls alias from the environment. This has actually
+ # happened. Such a system could not be considered "sane".
+ AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken
+ alias in your environment])
+ fi
+ if test "$[2]" = conftest.file || test $am_try -eq 2; then
+ break
+ fi
+ # Just in case.
+ sleep 1
+ am_has_slept=yes
+ done
+ test "$[2]" = conftest.file
+ )
+then
+ # Ok.
+ :
+else
+ AC_MSG_ERROR([newly created file is older than distributed files!
+Check your system clock])
+fi
+AC_MSG_RESULT([yes])
+# If we didn't sleep, we still need to ensure time stamps of config.status and
+# generated files are strictly newer.
+am_sleep_pid=
+if grep 'slept: no' conftest.file >/dev/null 2>&1; then
+ ( sleep 1 ) &
+ am_sleep_pid=$!
+fi
+AC_CONFIG_COMMANDS_PRE(
+ [AC_MSG_CHECKING([that generated files are newer than configure])
+ if test -n "$am_sleep_pid"; then
+ # Hide warnings about reused PIDs.
+ wait $am_sleep_pid 2>/dev/null
+ fi
+ AC_MSG_RESULT([done])])
+rm -f conftest.file
+])
+
+# Copyright (C) 2009-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_SILENT_RULES([DEFAULT])
+# --------------------------
+# Enable less verbose build rules; with the default set to DEFAULT
+# ("yes" being less verbose, "no" or empty being verbose).
+AC_DEFUN([AM_SILENT_RULES],
+[AC_ARG_ENABLE([silent-rules], [dnl
+AS_HELP_STRING(
+ [--enable-silent-rules],
+ [less verbose build output (undo: "make V=1")])
+AS_HELP_STRING(
+ [--disable-silent-rules],
+ [verbose build output (undo: "make V=0")])dnl
+])
+case $enable_silent_rules in @%:@ (((
+ yes) AM_DEFAULT_VERBOSITY=0;;
+ no) AM_DEFAULT_VERBOSITY=1;;
+ *) AM_DEFAULT_VERBOSITY=m4_if([$1], [yes], [0], [1]);;
+esac
+dnl
+dnl A few 'make' implementations (e.g., NonStop OS and NextStep)
+dnl do not support nested variable expansions.
+dnl See automake bug#9928 and bug#10237.
+am_make=${MAKE-make}
+AC_CACHE_CHECK([whether $am_make supports nested variables],
+ [am_cv_make_support_nested_variables],
+ [if AS_ECHO([['TRUE=$(BAR$(V))
+BAR0=false
+BAR1=true
+V=1
+am__doit:
+ @$(TRUE)
+.PHONY: am__doit']]) | $am_make -f - >/dev/null 2>&1; then
+ am_cv_make_support_nested_variables=yes
+else
+ am_cv_make_support_nested_variables=no
+fi])
+if test $am_cv_make_support_nested_variables = yes; then
+ dnl Using '$V' instead of '$(V)' breaks IRIX make.
+ AM_V='$(V)'
+ AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)'
+else
+ AM_V=$AM_DEFAULT_VERBOSITY
+ AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY
+fi
+AC_SUBST([AM_V])dnl
+AM_SUBST_NOTMAKE([AM_V])dnl
+AC_SUBST([AM_DEFAULT_V])dnl
+AM_SUBST_NOTMAKE([AM_DEFAULT_V])dnl
+AC_SUBST([AM_DEFAULT_VERBOSITY])dnl
+AM_BACKSLASH='\'
+AC_SUBST([AM_BACKSLASH])dnl
+_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl
+])
+
+# Copyright (C) 2001-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_PROG_INSTALL_STRIP
+# ---------------------
+# One issue with vendor 'install' (even GNU) is that you can't
+# specify the program used to strip binaries. This is especially
+# annoying in cross-compiling environments, where the build's strip
+# is unlikely to handle the host's binaries.
+# Fortunately install-sh will honor a STRIPPROG variable, so we
+# always use install-sh in "make install-strip", and initialize
+# STRIPPROG with the value of the STRIP variable (set by the user).
+AC_DEFUN([AM_PROG_INSTALL_STRIP],
+[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl
+# Installed binaries are usually stripped using 'strip' when the user
+# run "make install-strip". However 'strip' might not be the right
+# tool to use in cross-compilation environments, therefore Automake
+# will honor the 'STRIP' environment variable to overrule this program.
+dnl Don't test for $cross_compiling = yes, because it might be 'maybe'.
+if test "$cross_compiling" != no; then
+ AC_CHECK_TOOL([STRIP], [strip], :)
+fi
+INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
+AC_SUBST([INSTALL_STRIP_PROGRAM])])
+
+# Copyright (C) 2006-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# _AM_SUBST_NOTMAKE(VARIABLE)
+# ---------------------------
+# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in.
+# This macro is traced by Automake.
+AC_DEFUN([_AM_SUBST_NOTMAKE])
+
+# AM_SUBST_NOTMAKE(VARIABLE)
+# --------------------------
+# Public sister of _AM_SUBST_NOTMAKE.
+AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
+
+# Check how to create a tarball. -*- Autoconf -*-
+
+# Copyright (C) 2004-2021 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# _AM_PROG_TAR(FORMAT)
+# --------------------
+# Check how to create a tarball in format FORMAT.
+# FORMAT should be one of 'v7', 'ustar', or 'pax'.
+#
+# Substitute a variable $(am__tar) that is a command
+# writing to stdout a FORMAT-tarball containing the directory
+# $tardir.
+# tardir=directory && $(am__tar) > result.tar
+#
+# Substitute a variable $(am__untar) that extract such
+# a tarball read from stdin.
+# $(am__untar) < result.tar
+#
+AC_DEFUN([_AM_PROG_TAR],
+[# Always define AMTAR for backward compatibility. Yes, it's still used
+# in the wild :-( We should find a proper way to deprecate it ...
+AC_SUBST([AMTAR], ['$${TAR-tar}'])
+
+# We'll loop over all known methods to create a tar archive until one works.
+_am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none'
+
+m4_if([$1], [v7],
+ [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'],
+
+ [m4_case([$1],
+ [ustar],
+ [# The POSIX 1988 'ustar' format is defined with fixed-size fields.
+ # There is notably a 21 bits limit for the UID and the GID. In fact,
+ # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343
+ # and bug#13588).
+ am_max_uid=2097151 # 2^21 - 1
+ am_max_gid=$am_max_uid
+ # The $UID and $GID variables are not portable, so we need to resort
+ # to the POSIX-mandated id(1) utility. Errors in the 'id' calls
+ # below are definitely unexpected, so allow the users to see them
+ # (that is, avoid stderr redirection).
+ am_uid=`id -u || echo unknown`
+ am_gid=`id -g || echo unknown`
+ AC_MSG_CHECKING([whether UID '$am_uid' is supported by ustar format])
+ if test $am_uid -le $am_max_uid; then
+ AC_MSG_RESULT([yes])
+ else
+ AC_MSG_RESULT([no])
+ _am_tools=none
+ fi
+ AC_MSG_CHECKING([whether GID '$am_gid' is supported by ustar format])
+ if test $am_gid -le $am_max_gid; then
+ AC_MSG_RESULT([yes])
+ else
+ AC_MSG_RESULT([no])
+ _am_tools=none
+ fi],
+
+ [pax],
+ [],
+
+ [m4_fatal([Unknown tar format])])
+
+ AC_MSG_CHECKING([how to create a $1 tar archive])
+
+ # Go ahead even if we have the value already cached. We do so because we
+ # need to set the values for the 'am__tar' and 'am__untar' variables.
+ _am_tools=${am_cv_prog_tar_$1-$_am_tools}
+
+ for _am_tool in $_am_tools; do
+ case $_am_tool in
+ gnutar)
+ for _am_tar in tar gnutar gtar; do
+ AM_RUN_LOG([$_am_tar --version]) && break
+ done
+ am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"'
+ am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"'
+ am__untar="$_am_tar -xf -"
+ ;;
+ plaintar)
+ # Must skip GNU tar: if it does not support --format= it doesn't create
+ # ustar tarball either.
+ (tar --version) >/dev/null 2>&1 && continue
+ am__tar='tar chf - "$$tardir"'
+ am__tar_='tar chf - "$tardir"'
+ am__untar='tar xf -'
+ ;;
+ pax)
+ am__tar='pax -L -x $1 -w "$$tardir"'
+ am__tar_='pax -L -x $1 -w "$tardir"'
+ am__untar='pax -r'
+ ;;
+ cpio)
+ am__tar='find "$$tardir" -print | cpio -o -H $1 -L'
+ am__tar_='find "$tardir" -print | cpio -o -H $1 -L'
+ am__untar='cpio -i -H $1 -d'
+ ;;
+ none)
+ am__tar=false
+ am__tar_=false
+ am__untar=false
+ ;;
+ esac
+
+ # If the value was cached, stop now. We just wanted to have am__tar
+ # and am__untar set.
+ test -n "${am_cv_prog_tar_$1}" && break
+
+ # tar/untar a dummy directory, and stop if the command works.
+ rm -rf conftest.dir
+ mkdir conftest.dir
+ echo GrepMe > conftest.dir/file
+ AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar])
+ rm -rf conftest.dir
+ if test -s conftest.tar; then
+ AM_RUN_LOG([$am__untar <conftest.tar])
+ AM_RUN_LOG([cat conftest.dir/file])
+ grep GrepMe conftest.dir/file >/dev/null 2>&1 && break
+ fi
+ done
+ rm -rf conftest.dir
+
+ AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool])
+ AC_MSG_RESULT([$am_cv_prog_tar_$1])])
+
+AC_SUBST([am__tar])
+AC_SUBST([am__untar])
+]) # _AM_PROG_TAR
+
+m4_include([m4/libtool.m4])
+m4_include([m4/ltoptions.m4])
+m4_include([m4/ltsugar.m4])
+m4_include([m4/ltversion.m4])
+m4_include([m4/lt~obsolete.m4])
CRYPTO_DEPS = \
$(top_builddir)/src/@XMLSEC_DEFAULT_CRYPTO@/lib$(XMLSEC_CRYPTO_LIB).la \
- $(NULL)
+ $(NULL)
CRYPTO_INCLUDES = \
$(XMLSEC_CRYPTO_CFLAGS) \
CRYPTO_LD_FLAGS = \
$(NULL)
-
+
CRYPTO_LD_ADD = \
$(CRYPTO_DEPS) \
$(NULL)
-endif
+endif
AM_CFLAGS = \
-DPACKAGE=\"@PACKAGE@\" \
xmlsec1_LDFLAGS = \
@XMLSEC_STATIC_BINARIES@ \
+ @XMLSEC_EXTRA_LDFLAGS@ \
$(CRYPTO_LD_FLAGS) \
$(NULL)
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+bin_PROGRAMS = xmlsec1$(EXEEXT)
+subdir = apps
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__installdirs = "$(DESTDIR)$(bindir)"
+PROGRAMS = $(bin_PROGRAMS)
+am__objects_1 =
+am_xmlsec1_OBJECTS = xmlsec.$(OBJEXT) crypto.$(OBJEXT) \
+ cmdline.$(OBJEXT) $(am__objects_1)
+xmlsec1_OBJECTS = $(am_xmlsec1_OBJECTS)
+am__DEPENDENCIES_1 =
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1)
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@am__DEPENDENCIES_2 = $(top_builddir)/src/@XMLSEC_DEFAULT_CRYPTO@/lib$(XMLSEC_CRYPTO_LIB).la \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(am__DEPENDENCIES_1)
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_2) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(am__DEPENDENCIES_1)
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_1) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(am__DEPENDENCIES_2) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(am__DEPENDENCIES_1)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+xmlsec1_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(xmlsec1_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/cmdline.Po ./$(DEPDIR)/crypto.Po \
+ ./$(DEPDIR)/xmlsec.Po
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(xmlsec1_SOURCES)
+DIST_SOURCES = $(xmlsec1_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = $(top_builddir)/src/libxmlsec1.la
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CRYPTO_DEPS = \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(NULL)
+
+
+# check if we use dynamic loading for xmlsec-crypto or not
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CRYPTO_DEPS = \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(top_builddir)/src/@XMLSEC_DEFAULT_CRYPTO@/lib$(XMLSEC_CRYPTO_LIB).la \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(NULL)
+
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CRYPTO_INCLUDES = \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1
+
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CRYPTO_INCLUDES = \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(XMLSEC_CRYPTO_CFLAGS) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(NULL)
+
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CRYPTO_LD_FLAGS = \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(NULL)
+
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CRYPTO_LD_FLAGS = \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(NULL)
+
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CRYPTO_LD_ADD = \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(CRYPTO_DEPS) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(NULL)
+
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CRYPTO_LD_ADD = \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(XMLSEC_CRYPTO_LIBS) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(CRYPTO_DEPS) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(NULL)
+
+AM_CFLAGS = \
+ -DPACKAGE=\"@PACKAGE@\" \
+ -I../include \
+ -I$(top_srcdir)/include \
+ $(XMLSEC_DEFINES) \
+ $(XMLSEC_APP_DEFINES) \
+ $(CRYPTO_INCLUDES) \
+ $(LIBXSLT_CFLAGS) \
+ $(LIBXML_CFLAGS) \
+ $(XMLSEC_DL_INCLUDES) \
+ $(NULL)
+
+
+# xmlsec command line utility
+xmlsec1_SOURCES = \
+ xmlsec.c \
+ crypto.c crypto.h \
+ cmdline.c cmdline.h \
+ $(NULL)
+
+xmlsec1_LDFLAGS = \
+ @XMLSEC_STATIC_BINARIES@ \
+ @XMLSEC_EXTRA_LDFLAGS@ \
+ $(CRYPTO_LD_FLAGS) \
+ $(NULL)
+
+xmlsec1_LDADD = \
+ $(LIBXSLT_LIBS) \
+ $(LIBXML_LIBS) \
+ $(CRYPTO_LD_ADD) \
+ $(XMLSEC_LIBS) \
+ $(XMLSEC_DL_LIBS) \
+ $(NULL)
+
+xmlsec1_DEPENDENCIES = \
+ $(CRYPTO_DEPS) \
+ $(XMLSEC_LIBS) \
+ $(NULL)
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign apps/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign apps/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+install-binPROGRAMS: $(bin_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \
+ fi; \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed 's/$(EXEEXT)$$//' | \
+ while read p p1; do if test -f $$p \
+ || test -f $$p1 \
+ ; then echo "$$p"; echo "$$p"; else :; fi; \
+ done | \
+ sed -e 'p;s,.*/,,;n;h' \
+ -e 's|.*|.|' \
+ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \
+ sed 'N;N;N;s,\n, ,g' | \
+ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \
+ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \
+ if ($$2 == $$4) files[d] = files[d] " " $$1; \
+ else { print "f", $$3 "/" $$4, $$1; } } \
+ END { for (d in files) print "f", d, files[d] }' | \
+ while read type dir files; do \
+ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \
+ test -z "$$files" || { \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \
+ } \
+ ; done
+
+uninstall-binPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \
+ files=`for p in $$list; do echo "$$p"; done | \
+ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \
+ -e 's/$$/$(EXEEXT)/' \
+ `; \
+ test -n "$$list" || exit 0; \
+ echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \
+ cd "$(DESTDIR)$(bindir)" && rm -f $$files
+
+clean-binPROGRAMS:
+ @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \
+ echo " rm -f" $$list; \
+ rm -f $$list || exit $$?; \
+ test -n "$(EXEEXT)" || exit 0; \
+ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f" $$list; \
+ rm -f $$list
+
+xmlsec1$(EXEEXT): $(xmlsec1_OBJECTS) $(xmlsec1_DEPENDENCIES) $(EXTRA_xmlsec1_DEPENDENCIES)
+ @rm -f xmlsec1$(EXEEXT)
+ $(AM_V_CCLD)$(xmlsec1_LINK) $(xmlsec1_OBJECTS) $(xmlsec1_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cmdline.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmlsec.Po@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+ @$(MKDIR_P) $(@D)
+ @echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(PROGRAMS)
+installdirs:
+ for dir in "$(DESTDIR)$(bindir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f ./$(DEPDIR)/cmdline.Po
+ -rm -f ./$(DEPDIR)/crypto.Po
+ -rm -f ./$(DEPDIR)/xmlsec.Po
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-binPROGRAMS
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f ./$(DEPDIR)/cmdline.Po
+ -rm -f ./$(DEPDIR)/crypto.Po
+ -rm -f ./$(DEPDIR)/xmlsec.Po
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-binPROGRAMS
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+ clean-binPROGRAMS clean-generic clean-libtool cscopelist-am \
+ ctags ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-binPROGRAMS \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-html install-html-am \
+ install-info install-info-am install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-am uninstall uninstall-am uninstall-binPROGRAMS
+
+.PRECIOUS: Makefile
+
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(NULL)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
-/**
+/**
*
* XMLSec library
- *
- *
+ *
+ *
* See Copyright for the status of this software.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#if defined(_MSC_VER) && _MSC_VER < 1900
#define snprintf _snprintf
#include <string.h>
#include <assert.h>
+#include <xmlsec/xmlsec.h>
#include "cmdline.h"
static int xmlSecAppCmdLineMatchParam (const char* argvParam,
xmlSecAppCmdLineParamTopic topics,
const char* name);
static int xmlSecAppCmdLineParamRead (xmlSecAppCmdLineParamPtr param,
- const char** argv,
- int argc,
+ const char** argv,
+ int argc,
int pos);
-static int xmlSecAppCmdLineTimeParamRead (const char* str,
- time_t* t);
+static int xmlSecAppCmdLineTimeParamRead (const char* str,
+ time_t* t,
+ int is_gmt_time);
+
+#if defined(_MSC_VER)
+#define XMLSEC_SCANF sscanf_s
+#define XMLSEC_MKGMTIME _mkgmtime
+#else /* defined(_MSC_VER) */
+#define XMLSEC_SCANF sscanf
+#define XMLSEC_MKGMTIME xmlSecAppGetGmtTime
+
+static time_t xmlSecAppGetGmtTime (struct tm* timeptr);
+#endif /* defined(_MSC_VER) */
int
xmlSecAppCmdLineParamIsSet(xmlSecAppCmdLineParamPtr param) {
return(((param != NULL) && (param->value != NULL)) ? 1 : 0);
}
-const char*
+const char*
xmlSecAppCmdLineParamGetString(xmlSecAppCmdLineParamPtr param) {
if(param->type != xmlSecAppCmdLineParamTypeString) {
fprintf(stderr, "Error: parameter \"%s\" is not string.\n", param->fullName);
return((param->value != NULL) ? param->value->strValue : NULL);
}
-const char*
+const char*
xmlSecAppCmdLineParamGetStringList(xmlSecAppCmdLineParamPtr param) {
if(param->type != xmlSecAppCmdLineParamTypeStringList) {
fprintf(stderr, "Error: parameter \"%s\" is not string list.\n", param->fullName);
return((param->value != NULL) ? param->value->strListValue : NULL);
}
-int
+int
xmlSecAppCmdLineParamGetInt(xmlSecAppCmdLineParamPtr param, int def) {
if(param->type != xmlSecAppCmdLineParamTypeNumber) {
fprintf(stderr, "Error: parameter \"%s\" is not integer.\n", param->fullName);
time_t
xmlSecAppCmdLineParamGetTime(xmlSecAppCmdLineParamPtr param, time_t def) {
- if(param->type != xmlSecAppCmdLineParamTypeTime) {
+ if((param->type != xmlSecAppCmdLineParamTypeTime) && (param->type != xmlSecAppCmdLineParamTypeGmtTime)) {
fprintf(stderr, "Error: parameter \"%s\" is not time.\n", param->fullName);
return(def);
}
return((param->value != NULL) ? param->value->timeValue : def);
}
-int
+int
xmlSecAppCmdLineParamsListParse(xmlSecAppCmdLineParamPtr* params,
xmlSecAppCmdLineParamTopic topics,
const char** argv, int argc, int pos) {
xmlSecAppCmdLineParamPtr param;
int ii;
int ret;
-
+
assert(params != NULL);
assert(argv != NULL);
-
+
while((pos < argc) && (argv[pos][0] == '-') && (strcmp(argv[pos], XMLSEC_STDOUT_FILENAME) != 0)) {
param = xmlSecAppCmdLineParamsListFind(params, topics, argv[pos]);
if(param == NULL) {
fprintf(stderr, "Error: parameter \"%s\" is not supported or the requested\nfeature might have been disabled during compilation.\n", argv[pos]);
return(-1);
}
-
+
ret = xmlSecAppCmdLineParamRead(param, argv, argc, pos);
if(ret < pos) {
fprintf(stderr, "Error: failed to parse parameter \"%s\".\n", argv[pos]);
}
pos = ret + 1;
}
-
+
/* check that all parameters at the end are filenames */
for(ii = pos; (ii < argc); ++ii) {
if((argv[ii][0] == '-') && (strcmp(argv[pos], XMLSEC_STDOUT_FILENAME) != 0)) {
return(pos);
}
-void
+void
xmlSecAppCmdLineParamsListClean(xmlSecAppCmdLineParamPtr* params) {
xmlSecAppCmdLineValuePtr tmp;
size_t i;
-
+
assert(params != NULL);
-
+
for(i = 0; params[i] != NULL; ++i) {
while(params[i]->value != NULL) {
tmp = params[i]->value;
}
}
-void
+void
xmlSecAppCmdLineParamsListPrint(xmlSecAppCmdLineParamPtr* params,
xmlSecAppCmdLineParamTopic topics,
FILE* output) {
assert(params != NULL);
assert(output != NULL);
-
+
for(i = 0; params[i] != NULL; ++i) {
if(((params[i]->topics & topics) != 0) && (params[i]->help != NULL)) {
fprintf(output, " %s\n", params[i]->help);
}
- }
+ }
}
-xmlSecAppCmdLineValuePtr
+xmlSecAppCmdLineValuePtr
xmlSecAppCmdLineValueCreate(xmlSecAppCmdLineParamPtr param, int pos) {
xmlSecAppCmdLineValuePtr value;
-
+
assert(param != NULL);
value = (xmlSecAppCmdLineValuePtr) malloc(sizeof(xmlSecAppCmdLineValue));
if(value == NULL) {
- fprintf(stderr, "Error: malloc failed (%d bytes).\n", (int)sizeof(xmlSecAppCmdLineValue));
+ fprintf(stderr, "Error: malloc failed (" XMLSEC_SIZE_T_FMT " bytes).\n",
+ sizeof(xmlSecAppCmdLineValue));
return(NULL);
}
memset(value, 0, sizeof(xmlSecAppCmdLineValue));
-
+
value->param = param;
value->pos = pos;
return(value);
}
-void
+void
xmlSecAppCmdLineValueDestroy(xmlSecAppCmdLineValuePtr value) {
assert(value != NULL);
-
+
if(value->strListValue != NULL) {
free((void*)value->strListValue);
}
free(value);
}
-static int
+static int
xmlSecAppCmdLineMatchParam(const char* argvParam, const char* paramName,
int canHaveNameString) {
assert(argvParam != NULL);
assert(paramName != NULL);
-
+
if(canHaveNameString != 0) {
size_t len = strlen(paramName);
if((strncmp(argvParam, paramName, len) == 0) &&
((argvParam[len] == '\0') || (argvParam[len] == ':'))) {
-
+
return(1);
}
} else if(strcmp(argvParam, paramName) == 0) {
return(0);
}
-static xmlSecAppCmdLineParamPtr
+static xmlSecAppCmdLineParamPtr
xmlSecAppCmdLineParamsListFind(xmlSecAppCmdLineParamPtr* params, xmlSecAppCmdLineParamTopic topics,
const char* name) {
size_t i;
}
canHaveNameString = ((params[i]->flags & xmlSecAppCmdLineParamFlagParamNameValue) != 0) ? 1 : 0;
- if((params[i]->fullName != NULL) &&
+ if((params[i]->fullName != NULL) &&
(xmlSecAppCmdLineMatchParam(name, params[i]->fullName, canHaveNameString) == 1)) {
-
+
return(params[i]);
}
- if((params[i]->shortName != NULL) &&
+ if((params[i]->shortName != NULL) &&
(xmlSecAppCmdLineMatchParam(name, params[i]->shortName, canHaveNameString) == 1)) {
-
+
return(params[i]);
}
}
-
+
return(NULL);
}
-static int
+static int
xmlSecAppCmdLineParamRead(xmlSecAppCmdLineParamPtr param, const char** argv, int argc, int pos) {
xmlSecAppCmdLineValuePtr value;
xmlSecAppCmdLineValuePtr prev = NULL;
char* buf;
-
+
assert(param != NULL);
assert(argv != NULL);
assert(pos < argc);
-
+
/* first find the previous value in the list */
if((param->flags & xmlSecAppCmdLineParamFlagMultipleValues) != 0) {
- prev = param->value;
+ prev = param->value;
while((prev != NULL) && (prev->next != NULL)) {
- prev = prev->next;
+ prev = prev->next;
}
} else if(param->value != NULL) {
fprintf(stderr, "Error: only one parameter \"%s\" is allowed.\n", argv[pos]);
return(-1);
}
-
+
/* create new value and add to the list */
value = xmlSecAppCmdLineValueCreate(param, pos);
if(value == NULL) {
} else {
param->value = value;
}
-
+
/* if we can have a string value after the name, parse it */
if((param->flags & xmlSecAppCmdLineParamFlagParamNameValue) != 0) {
value->paramNameValue = strchr(argv[pos], ':');
++value->paramNameValue;
}
}
-
+
switch(param->type) {
case xmlSecAppCmdLineParamTypeFlag:
/* do nothing */
break;
case xmlSecAppCmdLineParamTypeStringList:
if(pos + 1 >= argc) {
- fprintf(stderr, "Error: string list argument expected for parameter \"%s\".\n", argv[pos]);
+ fprintf(stderr, "Error: string list argument expected for parameter \"%s\".\n",
+ argv[pos]);
return(-1);
}
value->strValue = argv[++pos];
buf = (char*)malloc(strlen(value->strValue) + 2);
if(buf == NULL) {
- fprintf(stderr, "Error: failed to allocate memory (%d bytes).\n", (int)strlen(value->strValue) + 2);
+ fprintf(stderr, "Error: failed to allocate memory (" XMLSEC_SIZE_T_FMT " bytes).\n",
+ strlen(value->strValue) + 2);
return(-1);
}
memset(buf, 0, strlen(value->strValue) + 2);
if(pos + 1 >= argc) {
fprintf(stderr, "Error: integer argument expected for parameter \"%s\".\n", argv[pos]);
return(-1);
- }
+ }
value->strValue = argv[++pos];
-#ifdef WIN32
- if(sscanf_s(value->strValue, "%d", &(value->intValue)) != 1) {
-#else /* WIN32 */
- if(sscanf(value->strValue, "%d", &(value->intValue)) != 1) {
-#endif /* WIN32 */
+ if(XMLSEC_SCANF(value->strValue, "%d", &(value->intValue)) != 1) {
fprintf(stderr, "Error: integer argument \"%s\" is invalid.\n", value->strValue);
return(-1);
- }
+ }
break;
case xmlSecAppCmdLineParamTypeTime:
if(pos + 1 >= argc) {
return(-1);
}
value->strValue = argv[++pos];
- if(xmlSecAppCmdLineTimeParamRead(value->strValue, &(value->timeValue)) < 0) {
+ if(xmlSecAppCmdLineTimeParamRead(value->strValue, &(value->timeValue), 0) < 0) {
fprintf(stderr, "Error: time argument \"%s\" is invalid, expected format is \"YYYY-MM-DD HH:MM:SS\").\n", value->strValue);
return(-1);
- }
+ }
+ break;
+ case xmlSecAppCmdLineParamTypeGmtTime:
+ if(pos + 1 >= argc) {
+ fprintf(stderr, "Error: gmt time argument expected for parameter \"%s\".\n", argv[pos]);
+ return(-1);
+ }
+ value->strValue = argv[++pos];
+ if(xmlSecAppCmdLineTimeParamRead(value->strValue, &(value->timeValue), 1) < 0) {
+ fprintf(stderr, "Error: gmt time argument \"%s\" is invalid, expected format is \"YYYY-MM-DD HH:MM:SS\").\n", value->strValue);
+ return(-1);
+ }
break;
}
return(pos);
}
-static int
-xmlSecAppCmdLineTimeParamRead(const char* str, time_t* t) {
+#if !defined(_MSC_VER)
+static time_t
+xmlSecAppGetGmtTime(struct tm* timeptr) {
+ time_t t1, t2;
+
+ if(timeptr == NULL) {
+ return(0);
+ }
+
+ /* t1 is gmt time "mapped" to localtime as-is */
+ t1 = mktime(timeptr);
+
+ /* t2 is "mapped" gmt time converted to gmt */
+ t2 = mktime(gmtime(&t1));
+
+ /* shift t1 back by the (t2 - t1) delta */
+ return(t1 - (t2 - t1));
+}
+#endif /* !defined(_MSC_VER) */
+
+static int
+xmlSecAppCmdLineTimeParamRead(const char* str, time_t* t, int is_gmt_time) {
struct tm tm;
int n;
-
+
if((str == NULL) || (t == NULL)) {
return(-1);
}
memset(&tm, 0, sizeof(tm));
tm.tm_isdst = -1;
+ n = XMLSEC_SCANF(str, "%4d-%2d-%2d%*c%2d:%2d:%2d",
+ &tm.tm_year, &tm.tm_mon, &tm.tm_mday,
+ &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
+ if(n != 6) {
+ return(-1);
+ }
-#ifdef WIN32
- n = sscanf_s(str, "%4d-%2d-%2d%*c%2d:%2d:%2d",
- &tm.tm_year, &tm.tm_mon, &tm.tm_mday,
- &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
-#else /* WIN32 */
- n = sscanf(str, "%4d-%2d-%2d%*c%2d:%2d:%2d",
- &tm.tm_year, &tm.tm_mon, &tm.tm_mday,
- &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
-#endif /* WIN32 */
- if((n != 6) || (tm.tm_year < 1900)
- || (tm.tm_mon < 1) || (tm.tm_mon > 12)
- || (tm.tm_mday < 1) || (tm.tm_mday > 31)
- || (tm.tm_hour < 0) || (tm.tm_hour > 23)
- || (tm.tm_min < 0) || (tm.tm_min > 59)
- || (tm.tm_sec < 0) || (tm.tm_sec > 61)) {
- return(-1);
+ if((tm.tm_year < 1900)
+ || (tm.tm_mon < 1) || (tm.tm_mon > 12)
+ || (tm.tm_mday < 1) || (tm.tm_mday > 31)
+ || (tm.tm_hour < 0) || (tm.tm_hour > 23)
+ || (tm.tm_min < 0) || (tm.tm_min > 59)
+ || (tm.tm_sec < 0) || (tm.tm_sec > 61)) {
+ return(-1);
}
tm.tm_year -= 1900; /* tm relative format year */
tm.tm_mon -= 1; /* tm relative format month */
- (*t) = mktime(&tm);
- return(0);
+ if(is_gmt_time != 0) {
+ (*t) = XMLSEC_MKGMTIME(&tm);
+ } else {
+ (*t) = mktime(&tm);
+ }
+ return(0);
}
-
-/**
+/**
* XMLSec library
- *
+ *
* Command line parsing routines
*
* See Copyright for the status of this software.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_APPS_CMDLINE_H__
-#define __XMLSEC_APPS_CMDLINE_H__
+#define __XMLSEC_APPS_CMDLINE_H__
#include <time.h>
#ifdef __cplusplus
extern "C" {
-#endif /* __cplusplus */
+#endif /* __cplusplus */
typedef struct _xmlSecAppCmdLineParam xmlSecAppCmdLineParam,
*xmlSecAppCmdLineParamPtr;
xmlSecAppCmdLineParamTypeString,
xmlSecAppCmdLineParamTypeStringList,
xmlSecAppCmdLineParamTypeNumber,
- xmlSecAppCmdLineParamTypeTime
+ xmlSecAppCmdLineParamTypeTime,
+ xmlSecAppCmdLineParamTypeGmtTime
} xmlSecAppCmdLineParamType;
struct _xmlSecAppCmdLineParam {
xmlSecAppCmdLineValuePtr xmlSecAppCmdLineValueCreate (xmlSecAppCmdLineParamPtr param,
int pos);
-void xmlSecAppCmdLineValueDestroy (xmlSecAppCmdLineValuePtr value);
+void xmlSecAppCmdLineValueDestroy (xmlSecAppCmdLineValuePtr value);
#ifdef __cplusplus
-/**
+/**
*
* XMLSec library
- *
- *
+ *
+ *
* See Copyright for the status of this software.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#if defined(_MSC_VER) && _MSC_VER < 1900
#define snprintf _snprintf
#endif
+#include <stdlib.h>
#include <string.h>
#include <xmlsec/xmlsec.h>
fprintf(stderr, "Error: xmlSecCryptoInit failed\n");
return(-1);
}
-
+
return(0);
}
xmlSecAppCryptoSimpleKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char *filename) {
xmlSecAssert2(mngr != NULL, -1);
xmlSecAssert2(filename != NULL, -1);
-
+
return(xmlSecCryptoAppDefaultKeysMngrLoad(mngr, filename));
}
-int
+int
xmlSecAppCryptoSimpleKeysMngrSave(xmlSecKeysMngrPtr mngr, const char *filename, xmlSecKeyDataType type) {
xmlSecAssert2(mngr != NULL, -1);
xmlSecAssert2(filename != NULL, -1);
-
+
return(xmlSecCryptoAppDefaultKeysMngrSave(mngr, filename, type));
}
-int
-xmlSecAppCryptoSimpleKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
+int
+xmlSecAppCryptoSimpleKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
xmlSecAssert2(mngr != NULL, -1);
xmlSecAssert2(filename != NULL, -1);
-#ifndef XMLSEC_NO_X509
+#ifndef XMLSEC_NO_X509
return(xmlSecCryptoAppKeysMngrCertLoad(mngr, filename, format, type));
#else /* XMLSEC_NO_X509 */
return(-1);
-#endif /* XMLSEC_NO_X509 */
+#endif /* XMLSEC_NO_X509 */
}
-int
-xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(xmlSecKeysMngrPtr mngr,
- const char* files, const char* pwd,
- const char* name,
+int
+xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(xmlSecKeysMngrPtr mngr,
+ const char* files, const char* pwd,
+ const char* name,
xmlSecKeyDataFormat format) {
xmlSecKeyPtr key;
int ret;
xmlSecAssert2(files != NULL, -1);
/* first is the key file */
- key = xmlSecCryptoAppKeyLoad(files, format, pwd,
+ key = xmlSecCryptoAppKeyLoad(files, format, pwd,
xmlSecCryptoAppGetDefaultPwdCallback(), (void*)files);
if(key == NULL) {
fprintf(stderr, "Error: xmlSecCryptoAppKeyLoad failed: file=%s\n",
xmlSecErrorsSafeString(files));
return(-1);
}
-
+
if(name != NULL) {
ret = xmlSecKeySetName(key, BAD_CAST name);
if(ret < 0) {
}
}
-#ifndef XMLSEC_NO_X509
+#ifndef XMLSEC_NO_X509
for(files += strlen(files) + 1; (files[0] != '\0'); files += strlen(files) + 1) {
ret = xmlSecCryptoAppKeyCertLoad(key, files, format);
if(ret < 0) {
fprintf(stderr, "Error: X509 support is disabled\n");
return(-1);
}
-#endif /* XMLSEC_NO_X509 */
+#endif /* XMLSEC_NO_X509 */
ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key);
if(ret < 0) {
xmlSecKeyDestroy(key);
return(-1);
}
-
+
return(0);
}
+int
+xmlSecAppCryptoSimpleKeysMngrEngineKeyAndCertsLoad(xmlSecKeysMngrPtr mngr,
+ const char* engineAndKeyId,
+ const char* certFiles,
+ const char* pwd,
+ const char* name,
+ xmlSecKeyDataFormat keyFormat,
+ xmlSecKeyDataFormat certFormat) {
+ xmlSecKeyPtr key;
+ int ret;
+
+ xmlSecAssert2(mngr != NULL, -1);
+ xmlSecAssert2(engineAndKeyId != NULL, -1);
+ xmlSecAssert2(certFiles != NULL, -1);
+
+ /* load key */
+ key = xmlSecCryptoAppKeyLoad(engineAndKeyId, keyFormat, pwd,
+ xmlSecCryptoAppGetDefaultPwdCallback(), (void*)engineAndKeyId);
+ if(key == NULL) {
+ fprintf(stderr, "Error: xmlSecCryptoAppKeyLoad failed: file=%s\n",
+ xmlSecErrorsSafeString(engineAndKeyId));
+ return(-1);
+ }
+
+ if(name != NULL) {
+ ret = xmlSecKeySetName(key, BAD_CAST name);
+ if(ret < 0) {
+ fprintf(stderr, "Error: xmlSecKeySetName failed: name=%s\n",
+ xmlSecErrorsSafeString(name));
+ xmlSecKeyDestroy(key);
+ return(-1);
+ }
+ }
+
+ /* load certs (if any) */
+#ifndef XMLSEC_NO_X509
+ for(const char *file = certFiles; (file[0] != '\0'); file += strlen(file) + 1) {
+ ret = xmlSecCryptoAppKeyCertLoad(key, file, certFormat);
+ if(ret < 0) {
+ fprintf(stderr, "Error: xmlSecCryptoAppKeyCertLoad failed: file=%s\n",
+ xmlSecErrorsSafeString(file));
+ xmlSecKeyDestroy(key);
+ return(-1);
+ }
+ }
+#else /* XMLSEC_NO_X509 */
+ if(certFiles[0] != '\0') {
+ fprintf(stderr, "Error: X509 support is disabled\n");
+ xmlSecKeyDestroy(key);
+ return(-1);
+ }
+#endif /* XMLSEC_NO_X509 */
+
+ /* add key to KM */
+ ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key);
+ if(ret < 0) {
+ fprintf(stderr, "Error: xmlSecCryptoAppDefaultKeysMngrAdoptKey failed\n");
+ xmlSecKeyDestroy(key);
+ return(-1);
+ }
-int
+ return(0);
+}
+
+int
xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad(xmlSecKeysMngrPtr mngr, const char *filename, const char* pwd, const char *name) {
xmlSecKeyPtr key;
int ret;
xmlSecAssert2(filename != NULL, -1);
#ifndef XMLSEC_NO_X509
- key = xmlSecCryptoAppKeyLoad(filename, xmlSecKeyDataFormatPkcs12, pwd,
+ key = xmlSecCryptoAppKeyLoad(filename, xmlSecKeyDataFormatPkcs12, pwd,
xmlSecCryptoAppGetDefaultPwdCallback(), (void*)filename);
if(key == NULL) {
fprintf(stderr, "Error: xmlSecCryptoAppKeyLoad failed: filename=%s\n",
xmlSecErrorsSafeString(filename));
return(-1);
}
-
+
if(name != NULL) {
ret = xmlSecKeySetName(key, BAD_CAST name);
- if(ret < 0) {
+ if(ret < 0) {
fprintf(stderr, "Error: xmlSecKeySetName failed: name=%s\n",
xmlSecErrorsSafeString(name));
xmlSecKeyDestroy(key);
return(-1);
}
}
-
+
ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key);
if(ret < 0) {
fprintf(stderr, "Error: xmlSecCryptoAppDefaultKeysMngrAdoptKey failed\n");
xmlSecKeyDestroy(key);
return(-1);
}
-
+
return(0);
#else /* XMLSEC_NO_X509 */
fprintf(stderr, "Error: X509 support is disabled\n");
#endif /* XMLSEC_NO_X509 */
}
-int
+int
xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(xmlSecKeysMngrPtr mngr, const char* keyKlass, const char *filename, const char *name) {
xmlSecKeyPtr key;
xmlSecKeyDataId dataId;
xmlSecAssert2(filename != NULL, -1);
/* find requested data */
- dataId = xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), BAD_CAST keyKlass,
+ dataId = xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), BAD_CAST keyKlass,
xmlSecKeyDataUsageAny);
if(dataId == xmlSecKeyDataIdUnknown) {
fprintf(stderr, "Error: xmlSecKeyDataIdListFindByName failed keyKlass=%s\n",
if(key == NULL) {
fprintf(stderr, "Error: xmlSecKeyReadBinaryFile failed filename=%s\n",
xmlSecErrorsSafeString(filename));
- return(-1);
+ return(-1);
}
-
+
ret = xmlSecKeySetName(key, BAD_CAST name);
if(ret < 0) {
fprintf(stderr, "Error: xmlSecKeySetName failed: name=%s\n",
xmlSecErrorsSafeString(name));
xmlSecKeyDestroy(key);
- return(-1);
+ return(-1);
}
- /* finally add it to keys manager */
+ /* finally add it to keys manager */
ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key);
if(ret < 0) {
fprintf(stderr, "Error: xmlSecCryptoAppDefaultKeysMngrAdoptKey failed\n");
}
-int
+int
xmlSecAppCryptoSimpleKeysMngrKeyGenerate(xmlSecKeysMngrPtr mngr, const char* keyKlassAndSize, const char* name) {
xmlSecKeyPtr key;
int ret;
xmlSecAssert2(mngr != NULL, -1);
xmlSecAssert2(keyKlassAndSize != NULL, -1);
-
+
key = xmlSecAppCryptoKeyGenerate(keyKlassAndSize, name, xmlSecKeyDataTypePermanent);
if(key == NULL) {
fprintf(stderr, "Error: xmlSecAppCryptoSimpleKeysMngrKeyGenerate failed: name=%s\n",
xmlSecErrorsSafeString(name));
- return(-1);
- }
+ return(-1);
+ }
ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key);
if(ret < 0) {
return(0);
}
-xmlSecKeyPtr
+xmlSecKeyPtr
xmlSecAppCryptoKeyGenerate(const char* keyKlassAndSize, const char* name, xmlSecKeyDataType type) {
xmlSecKeyPtr key;
char* buf;
char* p;
int size;
int ret;
-
+
xmlSecAssert2(keyKlassAndSize != NULL, NULL);
buf = (char*) xmlStrdup(BAD_CAST keyKlassAndSize);
if(buf == NULL) {
fprintf(stderr, "Error: xmlSecStrdupError(keyKlassAndSize) failed\n");
- return(NULL);
+ return(NULL);
}
-
+
/* separate key klass and size */
p = strchr(buf, '-');
if(p == NULL) {
}
*(p++) = '\0';
size = atoi(p);
+ if(size <= 0) {
+ fprintf(stderr, "Error: key size should be greater than zero \"%s\"\n",
+ xmlSecErrorsSafeString(buf));
+ xmlFree(buf);
+ return(NULL);
+ }
- key = xmlSecKeyGenerateByName(BAD_CAST buf, size, type);
+ key = xmlSecKeyGenerateByName(BAD_CAST buf, (xmlSecSize)size, type);
if(key == NULL) {
- fprintf(stderr, "Error: xmlSecKeyGenerateByName() failed: name=%s;size=%d;type=%d\n",
- xmlSecErrorsSafeString(buf), size, (int)type);
+ fprintf(stderr, "Error: xmlSecKeyGenerateByName() failed: name=%s;size=%d;type=%u\n",
+ xmlSecErrorsSafeString(buf), size, type);
xmlFree(buf);
- return(NULL);
+ return(NULL);
}
ret = xmlSecKeySetName(key, BAD_CAST name);
-/**
+/**
* XMLSec library
*
*
* See Copyright for the status of this software.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_APPS_CRYPTO_H__
-#define __XMLSEC_APPS_CRYPTO_H__
+#define __XMLSEC_APPS_CRYPTO_H__
#include <libxml/tree.h>
#include <xmlsec/xmlsec.h>
*
****************************************************************************/
int xmlSecAppCryptoSimpleKeysMngrInit (xmlSecKeysMngrPtr mngr);
-int xmlSecAppCryptoSimpleKeysMngrLoad (xmlSecKeysMngrPtr mngr,
- const char *filename);
-int xmlSecAppCryptoSimpleKeysMngrSave (xmlSecKeysMngrPtr mngr,
- const char *filename,
+int xmlSecAppCryptoSimpleKeysMngrLoad (xmlSecKeysMngrPtr mngr,
+ const char* filename);
+int xmlSecAppCryptoSimpleKeysMngrSave (xmlSecKeysMngrPtr mngr,
+ const char* filename,
xmlSecKeyDataType type);
-int xmlSecAppCryptoSimpleKeysMngrCertLoad (xmlSecKeysMngrPtr mngr,
- const char *filename,
+int xmlSecAppCryptoSimpleKeysMngrCertLoad (xmlSecKeysMngrPtr mngr,
+ const char* filename,
xmlSecKeyDataFormat format,
xmlSecKeyDataType type);
-int xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad (xmlSecKeysMngrPtr mngr,
- const char *files,
- const char* pwd,
+int xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad (xmlSecKeysMngrPtr mngr,
+ const char* files,
+ const char* pwd,
const char* name,
xmlSecKeyDataFormat format);
-int xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad (xmlSecKeysMngrPtr mngr,
- const char *filename,
- const char* pwd,
- const char *name);
-int xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad (xmlSecKeysMngrPtr mngr,
- const char* keyKlass,
- const char* filename,
- const char *name);
-int xmlSecAppCryptoSimpleKeysMngrKeyGenerate (xmlSecKeysMngrPtr mngr,
+int xmlSecAppCryptoSimpleKeysMngrEngineKeyAndCertsLoad (xmlSecKeysMngrPtr mngr,
+ const char* engineAndKeyId,
+ const char* certFiles,
+ const char* pwd,
+ const char* name,
+ xmlSecKeyDataFormat keyFormat,
+ xmlSecKeyDataFormat certFormat);
+int xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad (xmlSecKeysMngrPtr mngr,
+ const char* filename,
+ const char* pwd,
+ const char* name);
+int xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad (xmlSecKeysMngrPtr mngr,
+ const char* keyKlass,
+ const char* filename,
+ const char* name);
+int xmlSecAppCryptoSimpleKeysMngrKeyGenerate (xmlSecKeysMngrPtr mngr,
const char* keyKlassAndSize,
const char* name);
-/**
+/**
* XML Security standards test: XMLDSig
- *
+ *
* See Copyright for the status of this software.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
#ifndef XMLSEC_NO_XSLT
#include <libxslt/xslt.h>
-#include <libxslt/extensions.h>
+#include <libxslt/extensions.h>
#include <libxslt/xsltInternals.h>
#include <libxslt/xsltutils.h>
#include <libxslt/security.h>
#include <libexslt/exslt.h>
#endif /* XMLSEC_NO_XSLT */
-#define XMLSEC_PRIVATE
#include <xmlsec/xmlsec.h>
#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
static const char copyright[] =
"Written by Aleksey Sanin <aleksey@aleksey.com>.\n\n"
- "Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved..\n"
+ "Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved..\n"
"This is free software: see the source for copying information.\n";
-static const char bugs[] =
+static const char bugs[] =
"Report bugs to http://www.aleksey.com/xmlsec/bugs.html\n";
-static const char helpCommands1[] =
+static const char helpCommands1[] =
"Usage: xmlsec <command> [<options>] [<files>]\n"
"\n"
"xmlsec is a command line tool for signing, verifying, encrypting and\n"
" --version " "\tprint version information and exit\n"
" --keys " "\tkeys XML file manipulation\n";
-static const char helpCommands2[] =
+static const char helpCommands2[] =
#ifndef XMLSEC_NO_XMLDSIG
" --sign " "\tsign data and output XML document\n"
" --verify " "\tverify signed document\n"
#endif /* XMLSEC_NO_XMLENC */
;
-static const char helpVersion[] =
+static const char helpVersion[] =
"Usage: xmlsec version\n"
"Prints version information and exits\n";
-static const char helpKeys[] =
+static const char helpKeys[] =
"Usage: xmlsec keys [<options>] <file>\n"
"Creates a new XML keys file <file>\n";
-
-static const char helpSign[] =
+
+static const char helpSign[] =
"Usage: xmlsec sign [<options>] <file>\n"
"Calculates XML Digital Signature using template file <file>\n";
-
-static const char helpVerify[] =
+
+static const char helpVerify[] =
"Usage: xmlsec verify [<options>] <file>\n"
"Verifies XML Digital Signature in the <file>\n";
-static const char helpSignTmpl[] =
+static const char helpSignTmpl[] =
"Usage: xmlsec sign-tmpl [<options>]\n"
"Creates a simple dynamic template and calculates XML Digital Signature\n"
"(for testing only).\n";
-static const char helpEncrypt[] =
+static const char helpEncrypt[] =
"Usage: xmlsec encrypt [<options>] <file>\n"
"Encrypts data and creates XML Encryption using template file <file>\n";
-static const char helpEncryptTmpl[] =
+static const char helpEncryptTmpl[] =
"Usage: xmlsec encrypt [<options>]\n"
"Creates a simple dynamic template and calculates XML Encryption\n";
-static const char helpDecrypt[] =
+static const char helpDecrypt[] =
"Usage: xmlsec decrypt [<options>] <file>\n"
"Decrypts XML Encryption data in the <file>\n";
-static const char helpListKeyData[] =
+static const char helpListKeyData[] =
"Usage: xmlsec list-key-data\n"
"Prints the list of known key data klasses\n";
-static const char helpCheckKeyData[] =
+static const char helpCheckKeyData[] =
"Usage: xmlsec check-key-data <key-data-name> [<key-data-name> ... ]\n"
"Checks the given key-data against the list of known key-data klasses\n";
-static const char helpListTransforms[] =
+static const char helpListTransforms[] =
"Usage: xmlsec list-transforms\n"
"Prints the list of known transform klasses\n";
-static const char helpCheckTransforms[] =
+static const char helpCheckTransforms[] =
"Usage: xmlsec check-transforms <transform-name> [<transform-name> ... ]\n"
"Checks the given transforms against the list of known transform klasses\n";
* General configuration params
*
***************************************************************/
-static xmlSecAppCmdLineParam helpParam = {
+static xmlSecAppCmdLineParam helpParam = {
xmlSecAppCmdLineTopicGeneral,
"--help",
"-h",
NULL
};
-static xmlSecAppCmdLineParam cryptoParam = {
+static xmlSecAppCmdLineParam cryptoParam = {
xmlSecAppCmdLineTopicCryptoConfig,
"--crypto",
NULL,
NULL
};
-static xmlSecAppCmdLineParam cryptoConfigParam = {
+static xmlSecAppCmdLineParam cryptoConfigParam = {
xmlSecAppCmdLineTopicCryptoConfig,
"--crypto-config",
NULL,
};
-static xmlSecAppCmdLineParam repeatParam = {
+static xmlSecAppCmdLineParam repeatParam = {
xmlSecAppCmdLineTopicCryptoConfig,
"--repeat",
"-r",
};
-static xmlSecAppCmdLineParam disableErrorMsgsParam = {
+static xmlSecAppCmdLineParam disableErrorMsgsParam = {
xmlSecAppCmdLineTopicGeneral,
"--disable-error-msgs",
NULL,
xmlSecAppCmdLineParamTypeFlag,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
+};
-static xmlSecAppCmdLineParam printCryptoErrorMsgsParam = {
+static xmlSecAppCmdLineParam printCryptoErrorMsgsParam = {
xmlSecAppCmdLineTopicGeneral,
"--print-crypto-error-msgs",
NULL,
xmlSecAppCmdLineParamTypeFlag,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
+};
/****************************************************************
*
* Keys Manager params
*
***************************************************************/
-static xmlSecAppCmdLineParam genKeyParam = {
+static xmlSecAppCmdLineParam genKeyParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--gen-key",
"-g",
NULL
};
-static xmlSecAppCmdLineParam keysFileParam = {
+static xmlSecAppCmdLineParam keysFileParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--keys-file",
"-k",
NULL
};
-static xmlSecAppCmdLineParam privkeyParam = {
+static xmlSecAppCmdLineParam privkeyParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--privkey-pem",
"--privkey",
NULL
};
-static xmlSecAppCmdLineParam privkeyDerParam = {
+static xmlSecAppCmdLineParam privkeyDerParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--privkey-der",
NULL,
NULL
};
-static xmlSecAppCmdLineParam pkcs8PemParam = {
+static xmlSecAppCmdLineParam pkcs8PemParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--pkcs8-pem",
"--privkey-p8-pem",
NULL
};
-static xmlSecAppCmdLineParam pkcs8DerParam = {
+static xmlSecAppCmdLineParam pkcs8DerParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--pkcs8-der",
"--privkey-p8-der",
NULL
};
-static xmlSecAppCmdLineParam pubkeyParam = {
+static xmlSecAppCmdLineParam pubkeyParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--pubkey-pem",
"--pubkey",
NULL
};
-static xmlSecAppCmdLineParam pubkeyDerParam = {
+static xmlSecAppCmdLineParam pubkeyDerParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--pubkey-der",
NULL,
};
-#ifndef XMLSEC_NO_AES
-static xmlSecAppCmdLineParam aeskeyParam = {
+#ifndef XMLSEC_NO_AES
+static xmlSecAppCmdLineParam aeskeyParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--aeskey",
NULL,
};
#endif /* XMLSEC_NO_AES */
-#ifndef XMLSEC_NO_DES
-static xmlSecAppCmdLineParam deskeyParam = {
+#ifndef XMLSEC_NO_DES
+static xmlSecAppCmdLineParam deskeyParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--deskey",
NULL,
};
#endif /* XMLSEC_NO_DES */
-#ifndef XMLSEC_NO_HMAC
-static xmlSecAppCmdLineParam hmackeyParam = {
+#ifndef XMLSEC_NO_HMAC
+static xmlSecAppCmdLineParam hmackeyParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--hmackey",
NULL,
};
#endif /* XMLSEC_NO_HMAC */
-static xmlSecAppCmdLineParam pwdParam = {
+static xmlSecAppCmdLineParam pwdParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--pwd",
NULL,
xmlSecAppCmdLineParamTypeString,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
+};
-static xmlSecAppCmdLineParam enabledKeyDataParam = {
+static xmlSecAppCmdLineParam enabledKeyDataParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--enabled-key-data",
NULL,
NULL
};
-static xmlSecAppCmdLineParam enabledRetrievalMethodUrisParam = {
+static xmlSecAppCmdLineParam enabledRetrievalMethodUrisParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--enabled-retrieval-method-uris",
NULL,
NULL
};
+static xmlSecAppCmdLineParam privkeyOpensslEngineParam = {
+ xmlSecAppCmdLineTopicKeysMngr,
+ "--privkey-openssl-engine",
+ NULL,
+ "--privkey-openssl-engine[:<name>] <openssl-engine>;<openssl-key-id>[,<crtfile>[,<crtfile>[...]]]"
+ "\n\tload private key by OpenSSL ENGINE interface; specify the name of engine"
+ "\n\t(like with -engine params), the key specs (like with -inkey or -key params)"
+ "\n\tand optionally certificates that verify this key",
+ xmlSecAppCmdLineParamTypeStringList,
+ xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues,
+ NULL
+};
+
+
/****************************************************************
*
* Common params
*
***************************************************************/
-static xmlSecAppCmdLineParam sessionKeyParam = {
+static xmlSecAppCmdLineParam sessionKeyParam = {
xmlSecAppCmdLineTopicDSigSign | xmlSecAppCmdLineTopicEncEncrypt,
"--session-key",
NULL,
xmlSecAppCmdLineParamTypeString,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
+};
-static xmlSecAppCmdLineParam outputParam = {
- xmlSecAppCmdLineTopicDSigCommon |
+static xmlSecAppCmdLineParam outputParam = {
+ xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicEncCommon,
"--output",
"-o",
NULL
};
-static xmlSecAppCmdLineParam nodeIdParam = {
- xmlSecAppCmdLineTopicDSigCommon |
+static xmlSecAppCmdLineParam nodeIdParam = {
+ xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicEncCommon,
"--node-id",
NULL,
xmlSecAppCmdLineParamTypeString,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
+};
-static xmlSecAppCmdLineParam nodeNameParam = {
- xmlSecAppCmdLineTopicDSigCommon |
+static xmlSecAppCmdLineParam nodeNameParam = {
+ xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicEncCommon,
"--node-name",
- NULL,
+ NULL,
"--node-name [<namespace-uri>:]<name>"
"\n\tset the operation start point to the first node"
"\n\twith given <name> and <namespace> URI",
xmlSecAppCmdLineParamTypeString,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
-
-static xmlSecAppCmdLineParam nodeXPathParam = {
- xmlSecAppCmdLineTopicDSigCommon |
+};
+
+static xmlSecAppCmdLineParam nodeXPathParam = {
+ xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicEncCommon,
"--node-xpath",
- NULL,
+ NULL,
"--node-xpath <expr>"
"\n\tset the operation start point to the first node"
"\n\tselected by the specified XPath expression",
xmlSecAppCmdLineParamTypeString,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
+};
-static xmlSecAppCmdLineParam dtdFileParam = {
- xmlSecAppCmdLineTopicDSigCommon |
+static xmlSecAppCmdLineParam dtdFileParam = {
+ xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicEncCommon,
"--dtd-file",
- NULL,
+ NULL,
"--dtd-file <file>"
"\n\tload the specified file as the DTD",
xmlSecAppCmdLineParamTypeString,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
+};
-static xmlSecAppCmdLineParam printDebugParam = {
- xmlSecAppCmdLineTopicDSigCommon |
+static xmlSecAppCmdLineParam printDebugParam = {
+ xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicEncCommon,
"--print-debug",
- NULL,
+ NULL,
"--print-debug"
"\n\tprint debug information to stdout",
xmlSecAppCmdLineParamTypeFlag,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
+};
-static xmlSecAppCmdLineParam printXmlDebugParam = {
- xmlSecAppCmdLineTopicDSigCommon |
+static xmlSecAppCmdLineParam printXmlDebugParam = {
+ xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicEncCommon,
"--print-xml-debug",
- NULL,
+ NULL,
"--print-xml-debug"
"\n\tprint debug information to stdout in xml format",
xmlSecAppCmdLineParamTypeFlag,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
+};
-static xmlSecAppCmdLineParam idAttrParam = {
- xmlSecAppCmdLineTopicDSigCommon |
+static xmlSecAppCmdLineParam idAttrParam = {
+ xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicEncCommon,
"--id-attr",
- NULL,
+ NULL,
"--id-attr[:<attr-name>] [<node-namespace-uri>:]<node-name>"
"\n\tadds attributes <attr-name> (default value \"id\") from all nodes"
"\n\twith<node-name> and namespace <node-namespace-uri> to the list of"
xmlSecAppCmdLineParamTypeString,
xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues,
NULL
-};
+};
-static xmlSecAppCmdLineParam xxeParam = {
+static xmlSecAppCmdLineParam xxeParam = {
xmlSecAppCmdLineTopicAll,
"--xxe",
- NULL,
+ NULL,
"--xxe"
"\n\tenable External Entity resolution."
"\n\tWARNING: this may allow the reading of arbitrary files and URLs,"
xmlSecAppCmdLineParamTypeFlag,
xmlSecAppCmdLineParamFlagNone,
NULL
-};
+};
-static xmlSecAppCmdLineParam urlMapParam = {
- xmlSecAppCmdLineTopicDSigCommon |
+static xmlSecAppCmdLineParam urlMapParam = {
+ xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicEncCommon,
"--url-map",
NULL,
*
***************************************************************/
#ifndef XMLSEC_NO_XMLDSIG
-static xmlSecAppCmdLineParam ignoreManifestsParam = {
+static xmlSecAppCmdLineParam ignoreManifestsParam = {
xmlSecAppCmdLineTopicDSigCommon,
"--ignore-manifests",
NULL,
NULL
};
-static xmlSecAppCmdLineParam storeReferencesParam = {
+static xmlSecAppCmdLineParam storeReferencesParam = {
xmlSecAppCmdLineTopicDSigCommon,
"--store-references",
NULL,
NULL
};
-static xmlSecAppCmdLineParam storeSignaturesParam = {
+static xmlSecAppCmdLineParam storeSignaturesParam = {
xmlSecAppCmdLineTopicDSigCommon,
"--store-signatures",
NULL,
NULL
};
-static xmlSecAppCmdLineParam enabledRefUrisParam = {
+static xmlSecAppCmdLineParam enabledRefUrisParam = {
xmlSecAppCmdLineTopicDSigCommon,
"--enabled-reference-uris",
NULL,
NULL
};
-static xmlSecAppCmdLineParam enableVisa3DHackParam = {
+static xmlSecAppCmdLineParam enableVisa3DHackParam = {
xmlSecAppCmdLineTopicDSigCommon,
"--enable-visa3d-hack",
NULL,
*
***************************************************************/
#ifndef XMLSEC_NO_XMLENC
-static xmlSecAppCmdLineParam enabledCipherRefUrisParam = {
+static xmlSecAppCmdLineParam enabledCipherRefUrisParam = {
xmlSecAppCmdLineTopicEncCommon,
"--enabled-cipher-reference-uris",
NULL,
NULL
};
-static xmlSecAppCmdLineParam binaryDataParam = {
+static xmlSecAppCmdLineParam binaryDataParam = {
xmlSecAppCmdLineTopicEncEncrypt,
"--binary-data",
"--binary",
NULL
};
-static xmlSecAppCmdLineParam xmlDataParam = {
+static xmlSecAppCmdLineParam xmlDataParam = {
xmlSecAppCmdLineTopicEncEncrypt,
"--xml-data",
NULL,
* X509 params
*
***************************************************************/
-#ifndef XMLSEC_NO_X509
-static xmlSecAppCmdLineParam pkcs12Param = {
+#ifndef XMLSEC_NO_X509
+static xmlSecAppCmdLineParam pkcs12Param = {
xmlSecAppCmdLineTopicKeysMngr,
"--pkcs12",
NULL,
NULL
};
-static xmlSecAppCmdLineParam pubkeyCertParam = {
+static xmlSecAppCmdLineParam pubkeyCertParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--pubkey-cert-pem",
"--pubkey-cert",
NULL
};
-static xmlSecAppCmdLineParam pubkeyCertDerParam = {
+static xmlSecAppCmdLineParam pubkeyCertDerParam = {
xmlSecAppCmdLineTopicKeysMngr,
"--pubkey-cert-der",
NULL,
NULL
};
-static xmlSecAppCmdLineParam trustedParam = {
+static xmlSecAppCmdLineParam trustedParam = {
xmlSecAppCmdLineTopicX509Certs,
"--trusted-pem",
"--trusted",
NULL
};
-static xmlSecAppCmdLineParam untrustedParam = {
+static xmlSecAppCmdLineParam untrustedParam = {
xmlSecAppCmdLineTopicX509Certs,
"--untrusted-pem",
"--untrusted",
NULL
};
-static xmlSecAppCmdLineParam trustedDerParam = {
+static xmlSecAppCmdLineParam trustedDerParam = {
xmlSecAppCmdLineTopicX509Certs,
"--trusted-der",
NULL,
NULL
};
-static xmlSecAppCmdLineParam untrustedDerParam = {
+static xmlSecAppCmdLineParam untrustedDerParam = {
xmlSecAppCmdLineTopicX509Certs,
"--untrusted-der",
NULL,
NULL
};
-static xmlSecAppCmdLineParam verificationTimeParam = {
+static xmlSecAppCmdLineParam verificationTimeParam = {
xmlSecAppCmdLineTopicX509Certs,
"--verification-time",
NULL,
NULL
};
-static xmlSecAppCmdLineParam depthParam = {
+static xmlSecAppCmdLineParam verificationGmtTimeParam = {
+ xmlSecAppCmdLineTopicX509Certs,
+ "--verification-gmt-time",
+ NULL,
+ "--verification-gmt-time <time>"
+ "\n\tthe GMT time in \"YYYY-MM-DD HH:MM:SS\" format"
+ "\n\tused certificates verification",
+ xmlSecAppCmdLineParamTypeGmtTime,
+ xmlSecAppCmdLineParamFlagNone,
+ NULL
+};
+
+static xmlSecAppCmdLineParam depthParam = {
xmlSecAppCmdLineTopicX509Certs,
"--depth",
- NULL,
+ NULL,
"--depth <number>"
"\n\tmaximum certificates chain depth",
xmlSecAppCmdLineParamTypeNumber,
NULL
};
-static xmlSecAppCmdLineParam X509SkipStrictChecksParam = {
+static xmlSecAppCmdLineParam X509SkipStrictChecksParam = {
xmlSecAppCmdLineTopicX509Certs,
"--X509-skip-strict-checks",
- NULL,
+ NULL,
"--X509-skip-strict-checks"
"\n\tskip strict checking of X509 data",
xmlSecAppCmdLineParamTypeFlag,
xmlSecAppCmdLineParamFlagNone,
NULL
};
-#endif /* XMLSEC_NO_X509 */
+#endif /* XMLSEC_NO_X509 */
static xmlSecAppCmdLineParamPtr parameters[] = {
/* common dsig params */
&xmlDataParam,
&enabledCipherRefUrisParam,
#endif /* XMLSEC_NO_XMLENC */
-
+
/* common dsig and enc parameters */
- &sessionKeyParam,
+ &sessionKeyParam,
&outputParam,
&printDebugParam,
- &printXmlDebugParam,
+ &printXmlDebugParam,
&dtdFileParam,
&nodeIdParam,
&nodeNameParam,
&nodeXPathParam,
&idAttrParam,
-
+
/* Keys Manager params */
&enabledKeyDataParam,
&enabledRetrievalMethodUrisParam,
&pkcs8DerParam,
&pubkeyParam,
&pubkeyDerParam,
-#ifndef XMLSEC_NO_AES
+#ifndef XMLSEC_NO_AES
&aeskeyParam,
-#endif /* XMLSEC_NO_AES */
+#endif /* XMLSEC_NO_AES */
#ifndef XMLSEC_NO_DES
&deskeyParam,
-#endif /* XMLSEC_NO_DES */
-#ifndef XMLSEC_NO_HMAC
+#endif /* XMLSEC_NO_DES */
+#ifndef XMLSEC_NO_HMAC
&hmackeyParam,
-#endif /* XMLSEC_NO_HMAC */
+#endif /* XMLSEC_NO_HMAC */
&pwdParam,
#ifndef XMLSEC_NO_X509
&pkcs12Param,
&trustedDerParam,
&untrustedDerParam,
&verificationTimeParam,
- &depthParam,
- &X509SkipStrictChecksParam,
+ &verificationGmtTimeParam,
+ &depthParam,
+ &X509SkipStrictChecksParam,
&X509DontVerifyCerts,
-#endif /* XMLSEC_NO_X509 */
-
+#endif /* XMLSEC_NO_X509 */
+ &privkeyOpensslEngineParam,
+
/* General configuration params */
&cryptoParam,
&cryptoConfigParam,
&helpParam,
&xxeParam,
&urlMapParam,
-
+
/* MUST be the last one */
NULL
};
xmlSecAppCommandHelp,
xmlSecAppCommandListKeyData,
xmlSecAppCommandCheckKeyData,
- xmlSecAppCommandListTransforms,
- xmlSecAppCommandCheckTransforms,
+ xmlSecAppCommandListTransforms,
+ xmlSecAppCommandCheckTransforms,
xmlSecAppCommandVersion,
xmlSecAppCommandKeys,
xmlSecAppCommandSign,
static void xmlSecAppXmlDataDestroy (xmlSecAppXmlDataPtr data);
-static xmlSecAppCommand xmlSecAppParseCommand (const char* cmd,
+static xmlSecAppCommand xmlSecAppParseCommand (const char* cmd,
xmlSecAppCmdLineParamTopic* topics,
xmlSecAppCommand* subCommand);
-static void xmlSecAppPrintHelp (xmlSecAppCommand command,
+static void xmlSecAppPrintHelp (xmlSecAppCommand command,
xmlSecAppCmdLineParamTopic topics);
#define xmlSecAppPrintUsage() xmlSecAppPrintHelp(xmlSecAppCommandUnknown, 0)
static int xmlSecAppInit (void);
static int xmlSecAppAddIDAttr (xmlNodePtr cur,
const xmlChar* attr,
const xmlChar* node,
- const xmlChar* nsHref);
+ const xmlChar* nsHref);
static int xmlSecAppInputMatchCallback (char const * filename);
static void* xmlSecAppInputOpenCallback (char const * filename);
-static int xmlSecAppInputReadCallback (void * context,
- char * buffer,
+static int xmlSecAppInputReadCallback (void * context,
+ char * buffer,
int len);
static int xmlSecAppInputCloseCallback (void * context);
-
+#if defined(XMLSEC_WINDOWS) && defined(UNICODE) && defined(__MINGW32__)
+int wmain(int argc, wchar_t* argv[]);
+#endif /* defined(XMLSEC_WINDOWS) && defined(UNICODE) && defined(__MINGW32__) */
xmlSecKeysMngrPtr gKeysMngr = NULL;
int repeats = 1;
clock_t total_time = 0;
const char* xmlsec_crypto = NULL;
const char* tmp = NULL;
-const char** utf8_argv = NULL; /* TODO: this should be xmlChar** but it will break things downstream */
-#if defined(WIN32) && defined(UNICODE)
-int wmain(int argc, wchar_t *argv[ ], wchar_t *envp[ ]) {
- UNREFERENCED_PARAMETER(envp);
-
-#else /* defined(WIN32) && defined(UNICODE) */
+#if defined(XMLSEC_WINDOWS) && defined(UNICODE)
+int wmain(int argc, wchar_t *argv[]) {
+#else /* defined(XMLSEC_WINDOWS) && defined(UNICODE) */
int main(int argc, const char **argv) {
-#endif /* defined(WIN32) && defined(UNICODE) */
+#endif /* defined(XMLSEC_WINDOWS) && defined(UNICODE) */
+ const char** utf8_argv = NULL; /* TODO: this should be xmlChar** but it will break things downstream */
+#if defined(XMLSEC_WINDOWS)
+ size_t utf8_argv_size;
+#endif /* defined(XMLSEC_WINDOWS) */
+
xmlSecAppCmdLineParamTopic cmdLineTopics;
xmlSecAppCommand command, subCommand;
- int pos, i;
+ int pos, ii;
int res = 1;
-#if defined(WIN32)
+#if defined(XMLSEC_WINDOWS)
/* convert command line to UTF8 from locale or UNICODE */
- utf8_argv = (char**)xmlMalloc(sizeof(char*) * argc);
+ utf8_argv_size = sizeof(char*) * (size_t)argc;
+ utf8_argv = (const char**)xmlMalloc(utf8_argv_size);
if(utf8_argv == NULL) {
- fprintf(stderr, "Error: can not allocate memory (%d bytes)\n", (int)sizeof(char*) * argc);
+ fprintf(stderr, "Error: can not allocate memory (" XMLSEC_SIZE_T_FMT " bytes)\n",
+ utf8_argv_size);
goto fail;
}
- memset((char**)utf8_argv, 0, sizeof(char*) * argc);
- for(i = 0; i < argc; ++i) {
- utf8_argv[i] = (const char*)xmlSecWin32ConvertTstrToUtf8(argv[i]);
- if(utf8_argv[i] == NULL) {
- fprintf(stderr, "Error: can not convert command line parameter at position %d to UTF8\n", i);
+ memset((char**)utf8_argv, 0, utf8_argv_size);
+ for(ii = 0; ii < argc; ++ii) {
+ utf8_argv[ii] = (const char*)xmlSecWin32ConvertTstrToUtf8(argv[ii]);
+ if(utf8_argv[ii] == NULL) {
+ fprintf(stderr, "Error: can not convert command line parameter at position %d to UTF8\n", ii);
goto fail;
}
}
-#else /* defined(WIN32) */
+#else /* defined(XMLSEC_WINDOWS) */
utf8_argv = argv;
-#endif /* defined(WIN32) */
+#endif /* defined(XMLSEC_WINDOWS) */
/* read the command (first argument) */
if(argc < 2) {
goto fail;
}
- /* is it a help request? */
+ /* is it a help request? */
if(xmlSecAppCmdLineParamIsSet(&helpParam)) {
xmlSecAppPrintHelp(command, cmdLineTopics);
goto success;
fprintf(stderr, "Error: initialization failed\n");
xmlSecAppPrintUsage();
goto fail;
- }
-
+ }
+
/* load keys */
if(xmlSecAppLoadKeys() < 0) {
fprintf(stderr, "Error: keys manager creation failed\n");
xmlSecAppPrintUsage();
goto fail;
}
-
+
/* enable XXE? */
if(xmlSecAppCmdLineParamIsSet(&xxeParam)) {
xmlSecSetExternalEntityLoader( NULL ); // reset to libxml2's default handler
}
/* get the "repeats" number */
- if(xmlSecAppCmdLineParamIsSet(&repeatParam) &&
+ if(xmlSecAppCmdLineParamIsSet(&repeatParam) &&
(xmlSecAppCmdLineParamGetInt(&repeatParam, 1) > 0)) {
-
+
repeats = xmlSecAppCmdLineParamGetInt(&repeatParam, 1);
}
xmlSecAppListKeyData();
break;
case xmlSecAppCommandCheckKeyData:
- for(i = pos; i < argc; ++i) {
- if(xmlSecAppCheckKeyData(utf8_argv[i]) < 0) {
- fprintf(stderr, "Error: key data \"%s\" not found\n", utf8_argv[i]);
+ for(ii = pos; ii < argc; ++ii) {
+ if(xmlSecAppCheckKeyData(utf8_argv[ii]) < 0) {
+ fprintf(stderr, "Error: key data \"%s\" not found\n", utf8_argv[ii]);
goto fail;
} else {
- fprintf(stdout, "Key data \"%s\" found\n", utf8_argv[i]);
+ fprintf(stdout, "Key data \"%s\" found\n", utf8_argv[ii]);
}
}
break;
case xmlSecAppCommandListTransforms:
xmlSecAppListTransforms();
- break;
+ break;
case xmlSecAppCommandCheckTransforms:
- for(i = pos; i < argc; ++i) {
- if(xmlSecAppCheckTransform(utf8_argv[i]) < 0) {
- fprintf(stderr, "Error: transform \"%s\" not found\n", utf8_argv[i]);
+ for(ii = pos; ii < argc; ++ii) {
+ if(xmlSecAppCheckTransform(utf8_argv[ii]) < 0) {
+ fprintf(stderr, "Error: transform \"%s\" not found\n", utf8_argv[ii]);
goto fail;
} else {
- fprintf(stdout, "Transforms \"%s\" found\n", utf8_argv[i]);
+ fprintf(stdout, "Transforms \"%s\" found\n", utf8_argv[ii]);
}
}
- break;
+ break;
case xmlSecAppCommandKeys:
- for(i = pos; i < argc; ++i) {
- if(xmlSecAppCryptoSimpleKeysMngrSave(gKeysMngr, utf8_argv[i], xmlSecKeyDataTypeAny) < 0) {
- fprintf(stderr, "Error: failed to save keys to file \"%s\"\n", utf8_argv[i]);
+ for(ii = pos; ii < argc; ++ii) {
+ if(xmlSecAppCryptoSimpleKeysMngrSave(gKeysMngr, utf8_argv[ii], xmlSecKeyDataTypeAny) < 0) {
+ fprintf(stderr, "Error: failed to save keys to file \"%s\"\n", utf8_argv[ii]);
goto fail;
}
}
break;
#ifndef XMLSEC_NO_XMLDSIG
case xmlSecAppCommandSign:
- for(i = pos; i < argc; ++i) {
- if(xmlSecAppSignFile(utf8_argv[i]) < 0) {
- fprintf(stderr, "Error: failed to sign file \"%s\"\n", utf8_argv[i]);
+ for(ii = pos; ii < argc; ++ii) {
+ if(xmlSecAppSignFile(utf8_argv[ii]) < 0) {
+ fprintf(stderr, "Error: failed to sign file \"%s\"\n", utf8_argv[ii]);
goto fail;
}
}
break;
case xmlSecAppCommandVerify:
- for(i = pos; i < argc; ++i) {
- if(xmlSecAppVerifyFile(utf8_argv[i]) < 0) {
- fprintf(stderr, "Error: failed to verify file \"%s\"\n", utf8_argv[i]);
+ for(ii = pos; ii < argc; ++ii) {
+ if(xmlSecAppVerifyFile(utf8_argv[ii]) < 0) {
+ fprintf(stderr, "Error: failed to verify file \"%s\"\n", utf8_argv[ii]);
goto fail;
}
}
#ifndef XMLSEC_NO_XMLENC
case xmlSecAppCommandEncrypt:
- for(i = pos; i < argc; ++i) {
- if(xmlSecAppEncryptFile(utf8_argv[i]) < 0) {
- fprintf(stderr, "Error: failed to encrypt file with template \"%s\"\n", utf8_argv[i]);
+ for(ii = pos; ii < argc; ++ii) {
+ if(xmlSecAppEncryptFile(utf8_argv[ii]) < 0) {
+ fprintf(stderr, "Error: failed to encrypt file with template \"%s\"\n", utf8_argv[ii]);
goto fail;
}
}
break;
case xmlSecAppCommandDecrypt:
- for(i = pos; i < argc; ++i) {
- if(xmlSecAppDecryptFile(utf8_argv[i]) < 0) {
- fprintf(stderr, "Error: failed to decrypt file \"%s\"\n", utf8_argv[i]);
+ for(ii = pos; ii < argc; ++ii) {
+ if(xmlSecAppDecryptFile(utf8_argv[ii]) < 0) {
+ fprintf(stderr, "Error: failed to decrypt file \"%s\"\n", utf8_argv[ii]);
goto fail;
}
}
#endif /* XMLSEC_NO_XMLENC */
default:
- fprintf(stderr, "Error: invalid command %d\n", command);
+ fprintf(stderr, "Error: invalid command %d\n", (int)command);
xmlSecAppPrintUsage();
goto fail;
}
}
/* print perf stats results */
- if(xmlSecAppCmdLineParamIsSet(&repeatParam) &&
+ if(xmlSecAppCmdLineParamIsSet(&repeatParam) &&
(xmlSecAppCmdLineParamGetInt(&repeatParam, 1) > 0)) {
-
+ long double msecs;
+
repeats = xmlSecAppCmdLineParamGetInt(&repeatParam, 1);
- fprintf(stderr, "Executed %d tests in %ld msec\n", repeats, (1000 * total_time) / CLOCKS_PER_SEC);
+ msecs = (1000 * total_time) / (long double)CLOCKS_PER_SEC;
+ fprintf(stderr, "Executed %d tests in %.2Lf msec\n", repeats, msecs);
}
goto success;
}
xmlSecAppShutdown();
xmlSecAppCmdLineParamsListClean(parameters);
-#if defined(WIN32)
+#if defined(XMLSEC_WINDOWS)
if(utf8_argv != NULL) {
- for(i = 0; i < argc; ++i) {
- if(utf8_argv[i] != NULL) {
- xmlFree(BAD_CAST utf8_argv[i]);
- utf8_argv[i] = NULL;
+ for(ii = 0; ii < argc; ++ii) {
+ if(utf8_argv[ii] != NULL) {
+ xmlFree(BAD_CAST utf8_argv[ii]);
+ utf8_argv[ii] = NULL;
}
}
xmlFree(BAD_CAST utf8_argv);
utf8_argv = NULL;
}
-#endif /* defined(WIN32) */
+#endif /* defined(XMLSEC_WINDOWS) */
return(res);
}
#ifndef XMLSEC_NO_XMLDSIG
-static int
+static int
xmlSecAppSignFile(const char* filename) {
xmlSecAppXmlDataPtr data = NULL;
xmlSecDSigCtx dsigCtx;
clock_t start_time;
int res = -1;
-
+
if(filename == NULL) {
return(-1);
}
goto done;
}
-
+
/* sign */
start_time = clock();
if(xmlSecDSigCtxSign(&dsigCtx, data->startNode) < 0) {
fprintf(stderr,"Error: signature failed \n");
goto done;
}
- total_time += clock() - start_time;
+ total_time += clock() - start_time;
- if(repeats <= 1) {
+ if(repeats <= 1) {
FILE* f;
-
+
f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam));
if(f == NULL) {
fprintf(stderr,"Error: failed to open output file \"%s\"\n",
return(res);
}
-static int
+static int
xmlSecAppVerifyFile(const char* filename) {
xmlSecAppXmlDataPtr data = NULL;
xmlSecDSigCtx dsigCtx;
clock_t start_time;
int res = -1;
-
+
if(filename == NULL) {
return(-1);
}
fprintf(stderr, "Error: dsig context preparation failed\n");
goto done;
}
-
+
/* parse template and select start node */
data = xmlSecAppXmlDataCreate(filename, xmlSecNodeSignature, xmlSecDSigNs);
if(data == NULL) {
fprintf(stderr,"Error: signature failed \n");
goto done;
}
- total_time += clock() - start_time;
+ total_time += clock() - start_time;
- if((repeats <= 1) && (dsigCtx.status != xmlSecDSigStatusSucceeded)){
+ if((repeats <= 1) && (dsigCtx.status != xmlSecDSigStatusSucceeded)){
/* return an error if signature does not match */
goto done;
}
xmlSecDSigReferenceCtxPtr dsigRefCtx;
xmlSecSize good, i, size;
FILE* f;
-
+
f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam));
if(f == NULL) {
fprintf(stderr,"Error: failed to open output file \"%s\"\n",
case xmlSecDSigStatusInvalid:
fprintf(stderr, "FAIL\n");
break;
- }
+ }
/* print stats about # of good/bad references/manifests */
size = xmlSecPtrListGetSize(&(dsigCtx.signedInfoReferences));
++good;
}
}
- fprintf(stderr, "SignedInfo References (ok/all): %d/%d\n", good, size);
+ fprintf(stderr, "SignedInfo References (ok/all): " XMLSEC_SIZE_FMT "/" XMLSEC_SIZE_FMT "\n",
+ good, size);
size = xmlSecPtrListGetSize(&(dsigCtx.manifestReferences));
for(i = good = 0; i < size; ++i) {
++good;
}
}
- fprintf(stderr, "Manifests References (ok/all): %d/%d\n", good, size);
+ fprintf(stderr, "Manifests References (ok/all): " XMLSEC_SIZE_FMT "/" XMLSEC_SIZE_FMT "\n",
+ good, size);
xmlSecAppPrintDSigCtx(&dsigCtx);
}
}
#ifndef XMLSEC_NO_TMPL_TEST
-static int
+static int
xmlSecAppSignTmpl(void) {
xmlDocPtr doc = NULL;
xmlNodePtr cur;
xmlSecDSigCtx dsigCtx;
clock_t start_time;
int res = -1;
-
+
if(xmlSecDSigCtxInitialize(&dsigCtx, gKeysMngr) < 0) {
fprintf(stderr, "Error: dsig context initialization failed\n");
return(-1);
fprintf(stderr, "Error: dsig context preparation failed\n");
goto done;
}
-
+
/* prepare template */
doc = xmlNewDoc(BAD_CAST "1.0");
if(doc == NULL) {
fprintf(stderr, "Error: failed to create doc\n");
goto done;
}
-
+
cur = xmlSecTmplSignatureCreate(doc, xmlSecTransformInclC14NId,
xmlSecTransformHmacSha1Id, NULL);
if(cur == NULL) {
fprintf(stderr, "Error: failed to set hmac length\n");
goto done;
}
-
- cur = xmlSecTmplSignatureAddReference(xmlDocGetRootElement(doc),
- xmlSecTransformSha1Id,
+
+ cur = xmlSecTmplSignatureAddReference(xmlDocGetRootElement(doc),
+ xmlSecTransformSha1Id,
BAD_CAST "ref1", NULL, NULL);
if(cur == NULL) {
fprintf(stderr, "Error: failed to add Reference node\n");
goto done;
}
-
+
cur = xmlSecTmplReferenceAddTransform(cur, xmlSecTransformXPath2Id);
if(cur == NULL) {
fprintf(stderr, "Error: failed to add XPath transform\n");
goto done;
}
-
- if(xmlSecTmplTransformAddXPath2(cur, BAD_CAST "intersect",
+
+ if(xmlSecTmplTransformAddXPath2(cur, BAD_CAST "intersect",
BAD_CAST "//*[@Id='object1']", NULL) < 0) {
fprintf(stderr, "Error: failed to set XPath expression\n");
- goto done;
+ goto done;
}
-
- cur = xmlSecTmplSignatureAddObject(xmlDocGetRootElement(doc),
+
+ cur = xmlSecTmplSignatureAddObject(xmlDocGetRootElement(doc),
BAD_CAST "object1", NULL, NULL);
if(cur == NULL) {
fprintf(stderr, "Error: failed to add Object node\n");
cur = xmlSecTmplSignatureEnsureKeyInfo(xmlDocGetRootElement(doc), NULL);
if(cur == NULL) {
fprintf(stderr, "Error: failed to add KeyInfo node\n");
- goto done;
+ goto done;
}
if(xmlSecTmplKeyInfoAddKeyName(cur, NULL) == NULL) {
fprintf(stderr, "Error: failed to add KeyName node\n");
- goto done;
+ goto done;
}
-
+
/* sign */
start_time = clock();
if(xmlSecDSigCtxSign(&dsigCtx, xmlDocGetRootElement(doc)) < 0) {
fprintf(stderr,"Error: signature failed \n");
goto done;
}
- total_time += clock() - start_time;
+ total_time += clock() - start_time;
- if(repeats <= 1) {
+ if(repeats <= 1) {
FILE* f;
-
+
f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam));
if(f == NULL) {
fprintf(stderr,"Error: failed to open output file \"%s\"\n",
/* set dsig params */
if(xmlSecAppCmdLineParamIsSet(&ignoreManifestsParam)) {
- dsigCtx->flags |= XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS;
+ dsigCtx->flags |= XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS;
}
if(xmlSecAppCmdLineParamIsSet(&storeReferencesParam)) {
dsigCtx->flags |= XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES |
- XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES;
+ XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES;
print_debug = 1;
}
if(xmlSecAppCmdLineParamIsSet(&storeSignaturesParam)) {
- dsigCtx->flags |= XMLSEC_DSIG_FLAGS_STORE_SIGNATURE;
+ dsigCtx->flags |= XMLSEC_DSIG_FLAGS_STORE_SIGNATURE;
print_debug = 1;
}
if(xmlSecAppCmdLineParamIsSet(&enableVisa3DHackParam)) {
- dsigCtx->flags |= XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK;
+ dsigCtx->flags |= XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK;
}
-
+
if(xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam) != NULL) {
dsigCtx->enabledReferenceUris = xmlSecAppGetUriType(
xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam));
}
static void
-xmlSecAppPrintDSigCtx(xmlSecDSigCtxPtr dsigCtx) {
+xmlSecAppPrintDSigCtx(xmlSecDSigCtxPtr dsigCtx) {
if(dsigCtx == NULL) {
return;
}
if((print_debug != 0) || xmlSecAppCmdLineParamIsSet(&printDebugParam)) {
xmlSecDSigCtxDebugDump(dsigCtx, stdout);
}
-
- if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) {
+
+ if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) {
xmlSecDSigCtxDebugXmlDump(dsigCtx, stdout);
}
}
#endif /* XMLSEC_NO_XMLDSIG */
#ifndef XMLSEC_NO_XMLENC
-static int
+static int
xmlSecAppEncryptFile(const char* filename) {
xmlSecAppXmlDataPtr data = NULL;
xmlSecEncCtx encCtx;
/* parse doc and find template node */
doc = xmlSecParseFile(filename);
if(doc == NULL) {
- fprintf(stderr, "Error: failed to parse xml file \"%s\"\n",
+ fprintf(stderr, "Error: failed to parse xml file \"%s\"\n",
filename);
goto done;
}
startTmplNode = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
if(startTmplNode == NULL) {
- fprintf(stderr, "Error: failed to find default node with name=\"%s\"\n",
+ fprintf(stderr, "Error: failed to find default node with name=\"%s\"\n",
xmlSecNodeEncryptedData);
goto done;
}
if(xmlSecAppCmdLineParamGetString(&binaryDataParam) != NULL) {
/* encrypt */
- start_time = clock();
+ start_time = clock();
if(xmlSecEncCtxUriEncrypt(&encCtx, startTmplNode, BAD_CAST xmlSecAppCmdLineParamGetString(&binaryDataParam)) < 0) {
- fprintf(stderr, "Error: failed to encrypt file \"%s\"\n",
+ fprintf(stderr, "Error: failed to encrypt file \"%s\"\n",
xmlSecAppCmdLineParamGetString(&binaryDataParam));
goto done;
}
- total_time += clock() - start_time;
+ total_time += clock() - start_time;
} else if(xmlSecAppCmdLineParamGetString(&xmlDataParam) != NULL) {
/* parse file and select node for encryption */
data = xmlSecAppXmlDataCreate(xmlSecAppCmdLineParamGetString(&xmlDataParam), NULL, NULL);
if(data == NULL) {
- fprintf(stderr, "Error: failed to load file \"%s\"\n",
+ fprintf(stderr, "Error: failed to load file \"%s\"\n",
xmlSecAppCmdLineParamGetString(&xmlDataParam));
goto done;
}
/* encrypt */
- start_time = clock();
+ start_time = clock();
if(xmlSecEncCtxXmlEncrypt(&encCtx, startTmplNode, data->startNode) < 0) {
- fprintf(stderr, "Error: failed to encrypt xml file \"%s\"\n",
+ fprintf(stderr, "Error: failed to encrypt xml file \"%s\"\n",
xmlSecAppCmdLineParamGetString(&xmlDataParam));
goto done;
}
- total_time += clock() - start_time;
+ total_time += clock() - start_time;
} else {
fprintf(stderr, "Error: encryption data not specified (use \"--xml\" or \"--binary\" options)\n");
goto done;
}
-
+
/* print out result only once per execution */
if(repeats <= 1) {
if(encCtx.resultReplaced) {
if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) {
goto done;
}
- }
+ }
}
- res = 0;
+ res = 0;
done:
/* print debug info if requested */
return(res);
}
-static int
+static int
xmlSecAppDecryptFile(const char* filename) {
xmlSecAppXmlDataPtr data = NULL;
xmlSecEncCtx encCtx;
goto done;
}
- start_time = clock();
+ start_time = clock();
if(xmlSecEncCtxDecrypt(&encCtx, data->startNode) < 0) {
fprintf(stderr, "Error: failed to decrypt file\n");
goto done;
}
- total_time += clock() - start_time;
-
+ total_time += clock() - start_time;
+
/* print out result only once per execution */
if(repeats <= 1) {
if(encCtx.resultReplaced) {
if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) {
goto done;
}
- }
+ }
}
- res = 0;
+ res = 0;
done:
/* print debug info if requested */
- if(repeats <= 1) {
+ if(repeats <= 1) {
xmlSecAppPrintEncCtx(&encCtx);
}
xmlSecEncCtxFinalize(&encCtx);
}
#ifndef XMLSEC_NO_TMPL_TEST
-static int
+static int
xmlSecAppEncryptTmpl(void) {
const xmlChar data[] = "Hello, World!";
xmlSecEncCtx encCtx;
goto done;
}
- cur = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId,
+ cur = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId,
NULL, NULL, NULL, NULL);
if(cur == NULL) {
fprintf(stderr, "Error: failed to encryption template\n");
- goto done;
+ goto done;
}
xmlDocSetRootElement(doc, cur);
if(xmlSecTmplEncDataEnsureCipherValue(xmlDocGetRootElement(doc)) == NULL) {
fprintf(stderr, "Error: failed to add CipherValue node\n");
- goto done;
+ goto done;
}
/* add key information */
cur = xmlSecTmplEncDataEnsureKeyInfo(xmlDocGetRootElement(doc), NULL);
if(cur == NULL) {
fprintf(stderr, "Error: failed to add KeyInfo node\n");
- goto done;
+ goto done;
}
if(xmlSecTmplKeyInfoAddKeyName(cur, NULL) == NULL) {
fprintf(stderr, "Error: failed to add KeyName node\n");
- goto done;
+ goto done;
}
/* encrypt */
- start_time = clock();
- if(xmlSecEncCtxBinaryEncrypt(&encCtx, xmlDocGetRootElement(doc),
- (const xmlSecByte*)data, xmlStrlen(data)) < 0) {
+ start_time = clock();
+ if(xmlSecEncCtxBinaryEncrypt(&encCtx, xmlDocGetRootElement(doc),
+ (const xmlSecByte*)data, xmlSecStrlen(data)) < 0) {
fprintf(stderr, "Error: failed to encrypt data\n");
- goto done;
+ goto done;
}
- total_time += clock() - start_time;
-
+ total_time += clock() - start_time;
+
/* print out result only once per execution */
if(repeats <= 1) {
if(encCtx.resultReplaced) {
if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) {
goto done;
}
- }
+ }
}
- res = 0;
+ res = 0;
done:
/* print debug info if requested */
#endif /* XMLSEC_NO_TMPL_TEST */
static int
-xmlSecAppPrepareEncCtx(xmlSecEncCtxPtr encCtx) {
+xmlSecAppPrepareEncCtx(xmlSecEncCtxPtr encCtx) {
if(encCtx == NULL) {
fprintf(stderr, "Error: enc context is null\n");
return(-1);
return(0);
}
-static void
+static void
xmlSecAppPrintEncCtx(xmlSecEncCtxPtr encCtx) {
if(encCtx == NULL) {
return;
}
-
+
/* print debug info if requested */
if((print_debug != 0) || xmlSecAppCmdLineParamIsSet(&printDebugParam)) {
xmlSecEncCtxDebugDump(encCtx, stdout);
}
-
- if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) {
+
+ if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) {
xmlSecEncCtxDebugXmlDump(encCtx, stdout);
}
}
#endif /* XMLSEC_NO_XMLENC */
-static void
+static void
xmlSecAppListKeyData(void) {
fprintf(stdout, "Registered key data klasses:\n");
xmlSecKeyDataIdListDebugDump(xmlSecKeyDataIdsGet(), stdout);
}
-static int
+static int
xmlSecAppCheckKeyData(const char * name) {
if(xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), BAD_CAST name, xmlSecKeyDataUsageAny) == xmlSecKeyDataIdUnknown) {
return -1;
return 0;
}
-static void
+static void
xmlSecAppListTransforms(void) {
fprintf(stdout, "Registered transform klasses:\n");
xmlSecTransformIdListDebugDump(xmlSecTransformIdsGet(), stdout);
}
-static int
+static int
xmlSecAppCheckTransform(const char * name) {
if(xmlSecTransformIdListFindByName(xmlSecTransformIdsGet(), BAD_CAST name, xmlSecTransformUsageAny) == xmlSecTransformIdUnknown) {
return -1;
return 0;
}
-static int
+static int
xmlSecAppPrepareKeyInfoReadCtx(xmlSecKeyInfoCtxPtr keyInfoCtx) {
xmlSecAppCmdLineValuePtr value;
int ret;
xmlSecKeyDataId dataId;
const char* p;
-
+
if(keyInfoCtx == NULL) {
fprintf(stderr, "Error: key info context is null\n");
return(-1);
if(xmlSecAppCmdLineParamIsSet(&verificationTimeParam)) {
keyInfoCtx->certsVerificationTime = xmlSecAppCmdLineParamGetTime(&verificationTimeParam, 0);
}
+ if(xmlSecAppCmdLineParamIsSet(&verificationGmtTimeParam)) {
+ keyInfoCtx->certsVerificationTime = xmlSecAppCmdLineParamGetTime(&verificationGmtTimeParam, 0);
+ }
if(xmlSecAppCmdLineParamIsSet(&depthParam)) {
keyInfoCtx->certsVerificationDepth = xmlSecAppCmdLineParamGetInt(&depthParam, 0);
}
/* read enabled key data list */
for(value = enabledKeyDataParam.value; value != NULL; value = value->next) {
if(value->strListValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
enabledKeyDataParam.fullName);
return(-1);
}
return(0);
}
-static int
+static int
xmlSecAppLoadKeys(void) {
xmlSecAppCmdLineValuePtr value;
-
+
if(gKeysMngr != NULL) {
fprintf(stderr, "Error: keys manager already initialized.\n");
- return(-1);
- }
+ return(-1);
+ }
/* create and initialize keys manager */
gKeysMngr = xmlSecKeysMngrCreate();
if(xmlSecAppCryptoSimpleKeysMngrInit(gKeysMngr) < 0) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
return(-1);
- }
+ }
/* generate new key file */
for(value = genKeyParam.value; value != NULL; value = value->next) {
} else if(xmlSecAppCryptoSimpleKeysMngrKeyGenerate(gKeysMngr, value->strValue, value->paramNameValue) < 0) {
fprintf(stderr, "Error: failed to generate key \"%s\".\n", value->strValue);
return(-1);
- }
+ }
}
/* read all xml key files */
} else if(xmlSecAppCryptoSimpleKeysMngrLoad(gKeysMngr, value->strValue) < 0) {
fprintf(stderr, "Error: failed to load xml keys file \"%s\".\n", value->strValue);
return(-1);
- }
+ }
}
/* read all private keys */
for(value = privkeyParam.value; value != NULL; value = value->next) {
- if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ if(value->strListValue == NULL) {
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
privkeyParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
- value->strListValue,
+ } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
+ value->strListValue,
xmlSecAppCmdLineParamGetString(&pwdParam),
- value->paramNameValue,
+ value->paramNameValue,
xmlSecKeyDataFormatPem) < 0) {
- fprintf(stderr, "Error: failed to load private key from \"%s\".\n",
+ fprintf(stderr, "Error: failed to load private key from \"%s\".\n",
value->strListValue);
return(-1);
}
}
for(value = privkeyDerParam.value; value != NULL; value = value->next) {
- if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ if(value->strListValue == NULL) {
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
privkeyDerParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
- value->strListValue,
+ } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
+ value->strListValue,
xmlSecAppCmdLineParamGetString(&pwdParam),
value->paramNameValue,
xmlSecKeyDataFormatDer) < 0) {
- fprintf(stderr, "Error: failed to load private key from \"%s\".\n",
+ fprintf(stderr, "Error: failed to load private key from \"%s\".\n",
value->strListValue);
return(-1);
}
}
for(value = pkcs8PemParam.value; value != NULL; value = value->next) {
- if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ if(value->strListValue == NULL) {
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
pkcs8PemParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
- value->strListValue,
+ } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
+ value->strListValue,
xmlSecAppCmdLineParamGetString(&pwdParam),
value->paramNameValue,
xmlSecKeyDataFormatPkcs8Pem) < 0) {
- fprintf(stderr, "Error: failed to load private key from \"%s\".\n",
+ fprintf(stderr, "Error: failed to load private key from \"%s\".\n",
value->strListValue);
return(-1);
}
}
for(value = pkcs8DerParam.value; value != NULL; value = value->next) {
- if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ if(value->strListValue == NULL) {
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
pkcs8DerParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
- value->strListValue,
+ } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
+ value->strListValue,
xmlSecAppCmdLineParamGetString(&pwdParam),
value->paramNameValue,
xmlSecKeyDataFormatPkcs8Der) < 0) {
- fprintf(stderr, "Error: failed to load private key from \"%s\".\n",
+ fprintf(stderr, "Error: failed to load private key from \"%s\".\n",
value->strListValue);
return(-1);
}
/* read all public keys */
for(value = pubkeyParam.value; value != NULL; value = value->next) {
- if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ if(value->strListValue == NULL) {
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
pubkeyParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
- value->strListValue,
+ } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
+ value->strListValue,
xmlSecAppCmdLineParamGetString(&pwdParam),
value->paramNameValue,
xmlSecKeyDataFormatPem) < 0) {
- fprintf(stderr, "Error: failed to load public key from \"%s\".\n",
+ fprintf(stderr, "Error: failed to load public key from \"%s\".\n",
value->strListValue);
return(-1);
}
}
for(value = pubkeyDerParam.value; value != NULL; value = value->next) {
- if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ if(value->strListValue == NULL) {
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
pubkeyDerParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
- value->strListValue,
+ } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
+ value->strListValue,
xmlSecAppCmdLineParamGetString(&pwdParam),
value->paramNameValue,
xmlSecKeyDataFormatDer) < 0) {
- fprintf(stderr, "Error: failed to load public key from \"%s\".\n",
+ fprintf(stderr, "Error: failed to load public key from \"%s\".\n",
value->strListValue);
return(-1);
}
}
-#ifndef XMLSEC_NO_AES
+#ifndef XMLSEC_NO_AES
/* read all AES keys */
for(value = aeskeyParam.value; value != NULL; value = value->next) {
if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
aeskeyParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr,
+ } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr,
"aes", value->strValue, value->paramNameValue) < 0) {
fprintf(stderr, "Error: failed to load aes key from \"%s\".\n",
value->strValue);
return(-1);
}
}
-#endif /* XMLSEC_NO_AES */
+#endif /* XMLSEC_NO_AES */
-#ifndef XMLSEC_NO_DES
+#ifndef XMLSEC_NO_DES
/* read all des keys */
for(value = deskeyParam.value; value != NULL; value = value->next) {
if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
deskeyParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr,
+ } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr,
"des", value->strValue, value->paramNameValue) < 0) {
fprintf(stderr, "Error: failed to load des key from \"%s\".\n",
value->strValue);
return(-1);
}
}
-#endif /* XMLSEC_NO_DES */
+#endif /* XMLSEC_NO_DES */
-#ifndef XMLSEC_NO_HMAC
+#ifndef XMLSEC_NO_HMAC
/* read all hmac keys */
for(value = hmackeyParam.value; value != NULL; value = value->next) {
if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
hmackeyParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr,
+ } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr,
"hmac", value->strValue, value->paramNameValue) < 0) {
fprintf(stderr, "Error: failed to load hmac key from \"%s\".\n",
value->strValue);
return(-1);
}
}
-#endif /* XMLSEC_NO_HMAC */
+#endif /* XMLSEC_NO_HMAC */
#ifndef XMLSEC_NO_X509
/* read all pkcs12 files */
if(value->strValue == NULL) {
fprintf(stderr, "Error: invalid value for option \"%s\".\n", pkcs12Param.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad(gKeysMngr,
+ } else if(xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad(gKeysMngr,
value->strValue,
xmlSecAppCmdLineParamGetString(&pwdParam),
value->paramNameValue) < 0) {
if(value->strValue == NULL) {
fprintf(stderr, "Error: invalid value for option \"%s\".\n", trustedParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr,
+ } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr,
value->strValue, xmlSecKeyDataFormatPem,
xmlSecKeyDataTypeTrusted) < 0) {
fprintf(stderr, "Error: failed to load trusted cert from \"%s\".\n",
if(value->strValue == NULL) {
fprintf(stderr, "Error: invalid value for option \"%s\".\n", trustedDerParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr,
+ } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr,
value->strValue, xmlSecKeyDataFormatDer,
xmlSecKeyDataTypeTrusted) < 0) {
fprintf(stderr, "Error: failed to load trusted cert from \"%s\".\n",
/* read all public keys in certs */
for(value = pubkeyCertParam.value; value != NULL; value = value->next) {
- if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ if(value->strListValue == NULL) {
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
pubkeyCertParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
- value->strListValue,
+ } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
+ value->strListValue,
xmlSecAppCmdLineParamGetString(&pwdParam),
value->paramNameValue,
xmlSecKeyDataFormatCertPem) < 0) {
- fprintf(stderr, "Error: failed to load public key from \"%s\".\n",
+ fprintf(stderr, "Error: failed to load public key from \"%s\".\n",
value->strListValue);
return(-1);
}
}
for(value = pubkeyCertDerParam.value; value != NULL; value = value->next) {
- if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ if(value->strListValue == NULL) {
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
pubkeyCertDerParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
- value->strListValue,
+ } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr,
+ value->strListValue,
xmlSecAppCmdLineParamGetString(&pwdParam),
value->paramNameValue,
xmlSecKeyDataFormatCertDer) < 0) {
- fprintf(stderr, "Error: failed to load public key from \"%s\".\n",
+ fprintf(stderr, "Error: failed to load public key from \"%s\".\n",
value->strListValue);
return(-1);
}
if(value->strValue == NULL) {
fprintf(stderr, "Error: invalid value for option \"%s\".\n", untrustedParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr,
+ } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr,
value->strValue, xmlSecKeyDataFormatPem,
xmlSecKeyDataTypeNone) < 0) {
fprintf(stderr, "Error: failed to load untrusted cert from \"%s\".\n",
if(value->strValue == NULL) {
fprintf(stderr, "Error: invalid value for option \"%s\".\n", untrustedDerParam.fullName);
return(-1);
- } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr,
+ } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr,
value->strValue, xmlSecKeyDataFormatDer,
xmlSecKeyDataTypeNone) < 0) {
fprintf(stderr, "Error: failed to load untrusted cert from \"%s\".\n",
}
}
-#endif /* XMLSEC_NO_X509 */
+#endif /* XMLSEC_NO_X509 */
+
+ for(value = privkeyOpensslEngineParam.value; value != NULL; value = value->next) {
+ /* we expect at least one parameter for the key's engine+id */
+ if(value->strListValue == NULL || value->strListValue[0] == '\0') {
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n", privkeyOpensslEngineParam.fullName);
+ return(-1);
+ }
+
+ /* the params format is: <openssl-engine>;<openssl-key-id>[,<crtfile>[,<crtfile>[...]]] */
+ if(xmlSecAppCryptoSimpleKeysMngrEngineKeyAndCertsLoad(gKeysMngr,
+ value->strListValue,
+ value->strListValue + strlen(value->strListValue) + 1,
+ xmlSecAppCmdLineParamGetString(&pwdParam),
+ value->paramNameValue,
+ xmlSecKeyDataFormatEngine,
+ xmlSecKeyDataFormatPem) < 0) {
+ fprintf(stderr, "Error: failed to load private key from \"%s\".\n",
+ value->strListValue);
+ return(-1);
+ }
+ }
+
return(0);
}
static int
xmlSecAppInputMatchCallback(char const* filename) {
xmlSecAppCmdLineValuePtr value;
-
+
if(filename == NULL) {
return(0);
}
-
+
for(value = urlMapParam.value; value != NULL; value = value->next) {
if((value->strValue == NULL) || (value->paramNameValue == NULL)) {
continue;
static void*
xmlSecAppInputOpenCallback(char const* filename) {
xmlSecAppCmdLineValuePtr value;
-
+
if(filename == NULL) {
return(NULL);
}
-
+
for(value = urlMapParam.value; value != NULL; value = value->next) {
if((value->strValue == NULL) || (value->paramNameValue == NULL)) {
continue;
}
if(strcmp(filename, value->paramNameValue) == 0) {
FILE * f = NULL;
-#ifdef WIN32
+#if defined(_MSC_VER)
fopen_s(&f, value->strValue, "rb");
-#else /* WIN32 */
+#else /* defined(_MSC_VER) */
f = fopen(value->strValue, "rb");
-#endif /* WIN32 */
+#endif /* defined(_MSC_VER) */
if(f == NULL) {
fprintf(stdout, "Error: can not open file \"%s\" for url \"%s\"\n", value->strValue, filename);
return(NULL);
FILE* f = (FILE*)context;
size_t res;
- if(f == NULL) {
+ if((f == NULL) || (len < 0)) {
return(-1);
}
if(feof(f)) {
return(0);
}
- res = fread(buffer, 1, len, f);
+ res = fread(buffer, 1, (size_t)len, f);
if(ferror(f)) {
return(-1);
}
static int
xmlSecAppInit(void) {
int ret;
-
+
if(intialized != 0) {
return(0);
}
intialized = 1;
-
- /* Init libxml */
+
+ /* Init libxml */
xmlInitParser();
LIBXML_TEST_VERSION
xmlTreeIndentString = "\t";
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
-
-
+
+
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
-
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
+
/* Init xmlsec */
ret = xmlSecInit();
if(ret < 0) {
if(xmlSecAppCryptoShutdown() < 0) {
fprintf(stderr, "Error: xmlsec crypto shutdown failed.\n");
}
-
+
/* Shutdown xmlsec */
if(xmlSecShutdown() < 0) {
fprintf(stderr, "Error: xmlsec shutdown failed.\n");
}
-
+
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
}
-static xmlSecAppXmlDataPtr
+static xmlSecAppXmlDataPtr
xmlSecAppXmlDataCreate(const char* filename, const xmlChar* defStartNodeName, const xmlChar* defStartNodeNs) {
xmlSecAppCmdLineValuePtr value;
xmlSecAppXmlDataPtr data;
xmlChar* nodeName;
xmlChar* nsHref;
xmlChar* buf;
-
+
if(filename == NULL) {
fprintf(stderr, "Error: xml filename is null\n");
return(NULL);
}
-
+
/* create object */
data = (xmlSecAppXmlDataPtr) xmlMalloc(sizeof(xmlSecAppXmlData));
if(data == NULL) {
return(NULL);
}
memset(data, 0, sizeof(xmlSecAppXmlData));
-
+
/* parse doc */
data->doc = xmlSecParseFile(filename);
if(data->doc == NULL) {
- fprintf(stderr, "Error: failed to parse xml file \"%s\"\n",
+ fprintf(stderr, "Error: failed to parse xml file \"%s\"\n",
filename);
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
-
+
/* load dtd and set default attrs and ids */
if(xmlSecAppCmdLineParamGetString(&dtdFileParam) != NULL) {
xmlValidCtxt ctx;
data->dtd = xmlParseDTD(NULL, BAD_CAST xmlSecAppCmdLineParamGetString(&dtdFileParam));
if(data->dtd == NULL) {
- fprintf(stderr, "Error: failed to parse dtd file \"%s\"\n",
+ fprintf(stderr, "Error: failed to parse dtd file \"%s\"\n",
xmlSecAppCmdLineParamGetString(&dtdFileParam));
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
- memset(&ctx, 0, sizeof(ctx));
+ memset(&ctx, 0, sizeof(ctx));
/* we don't care is doc actually valid or not */
xmlValidateDtd(&ctx, data->doc, data->dtd);
}
-
+
/* set ID attributes from command line */
for(value = idAttrParam.value; value != NULL; value = value->next) {
if(value->strValue == NULL) {
- fprintf(stderr, "Error: invalid value for option \"%s\".\n",
+ fprintf(stderr, "Error: invalid value for option \"%s\".\n",
idAttrParam.fullName);
xmlSecAppXmlDataDestroy(data);
return(NULL);
fprintf(stderr, "Error: failed to add ID attribute \"%s\" for node \"%s\"\n", attrName, value->strValue);
xmlFree(buf);
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
cur = xmlSecGetNextElementNode(cur->next);
}
/* now find the start node */
if(xmlSecAppCmdLineParamGetString(&nodeIdParam) != NULL) {
xmlAttrPtr attr;
-
+
attr = xmlGetID(data->doc, BAD_CAST xmlSecAppCmdLineParamGetString(&nodeIdParam));
if(attr == NULL) {
- fprintf(stderr, "Error: failed to find node with id=\"%s\"\n",
+ fprintf(stderr, "Error: failed to find node with id=\"%s\"\n",
xmlSecAppCmdLineParamGetString(&nodeIdParam));
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
cur = attr->parent;
} else if(xmlSecAppCmdLineParamGetString(&nodeNameParam) != NULL) {
xmlChar* name;
xmlChar* ns;
-
+
buf = xmlStrdup(BAD_CAST xmlSecAppCmdLineParamGetString(&nodeNameParam));
if(buf == NULL) {
- fprintf(stderr, "Error: failed to duplicate node \"%s\"\n",
+ fprintf(stderr, "Error: failed to duplicate node \"%s\"\n",
xmlSecAppCmdLineParamGetString(&nodeNameParam));
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
name = (xmlChar*)strrchr((char*)buf, ':');
if(name != NULL) {
name = buf;
ns = NULL;
}
-
+
cur = xmlSecFindNode(xmlDocGetRootElement(data->doc), name, ns);
if(cur == NULL) {
- fprintf(stderr, "Error: failed to find node with name=\"%s\"\n",
+ fprintf(stderr, "Error: failed to find node with name=\"%s\"\n",
name);
xmlFree(buf);
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
xmlFree(buf);
} else if(xmlSecAppCmdLineParamGetString(&nodeXPathParam) != NULL) {
rootNode = xmlDocGetRootElement(data->doc);
if(rootNode == NULL) {
- fprintf(stderr, "Error: failed to find root node\n");
+ fprintf(stderr, "Error: failed to find root node\n");
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
-
+
ctx = xmlXPathNewContext(data->doc);
if(ctx == NULL) {
fprintf(stderr, "Error: failed to create xpath context\n");
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
-
+
/* register namespaces from the root node */
for(ns = rootNode->nsDef; ns != NULL; ns = ns->next) {
if(ns->prefix != NULL){
fprintf(stderr, "Error: failed to register namespace \"%s\"\n", ns->prefix);
xmlXPathFreeContext(ctx);
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
}
}
-
+
obj = xmlXPathEval(BAD_CAST xmlSecAppCmdLineParamGetString(&nodeXPathParam), ctx);
if(obj == NULL) {
fprintf(stderr, "Error: failed to evaluate xpath expression\n");
xmlXPathFreeContext(ctx);
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
if((obj->nodesetval == NULL) || (obj->nodesetval->nodeNr != 1)) {
xmlXPathFreeObject(obj);
xmlXPathFreeContext(ctx);
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
-
+
cur = obj->nodesetval->nodeTab[0];
xmlXPathFreeContext(ctx);
xmlXPathFreeObject(obj);
-
+
} else {
cur = xmlDocGetRootElement(data->doc);
if(cur == NULL) {
- fprintf(stderr, "Error: failed to get root element\n");
+ fprintf(stderr, "Error: failed to get root element\n");
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
}
-
+
if(defStartNodeName != NULL) {
data->startNode = xmlSecFindNode(cur, defStartNodeName, defStartNodeNs);
if(data->startNode == NULL) {
- fprintf(stderr, "Error: failed to find default node with name=\"%s\"\n",
+ fprintf(stderr, "Error: failed to find default node with name=\"%s\"\n",
defStartNodeName);
xmlSecAppXmlDataDestroy(data);
- return(NULL);
+ return(NULL);
}
} else {
data->startNode = cur;
}
-
+
return(data);
}
-static void
+static void
xmlSecAppXmlDataDestroy(xmlSecAppXmlDataPtr data) {
if(data == NULL) {
fprintf(stderr, "Error: xml data is null\n");
xmlFreeDoc(data->doc);
}
memset(data, 0, sizeof(xmlSecAppXmlData));
- xmlFree(data);
+ xmlFree(data);
}
-static xmlSecAppCommand
+static xmlSecAppCommand
xmlSecAppParseCommand(const char* cmd, xmlSecAppCmdLineParamTopic* cmdLineTopics, xmlSecAppCommand* subCommand) {
if(subCommand != NULL) {
(*subCommand) = xmlSecAppCommandUnknown;
if((cmd == NULL) || (cmdLineTopics == NULL)) {
return(xmlSecAppCommandUnknown);
- } else
+ } else
if((strcmp(cmd, "help") == 0) || (strcmp(cmd, "--help") == 0)) {
(*cmdLineTopics) = 0;
return(xmlSecAppCommandHelp);
- } else
+ } else
if((strcmp(cmd, "help-all") == 0) || (strcmp(cmd, "--help-all") == 0)) {
(*cmdLineTopics) = xmlSecAppCmdLineTopicAll;
return(xmlSecAppCommandHelp);
- } else
-
- if((strncmp(cmd, "help-", 5) == 0) || (strncmp(cmd, "--help-", 7) == 0)) {
+ } else
+
+ if((strncmp(cmd, "help-", 5) == 0) || (strncmp(cmd, "--help-", 7) == 0)) {
cmd = (cmd[0] == '-') ? cmd + 7 : cmd + 5;
if(subCommand) {
(*subCommand) = xmlSecAppParseCommand(cmd, cmdLineTopics, NULL);
(*cmdLineTopics) = 0;
}
return(xmlSecAppCommandHelp);
- } else
+ } else
if((strcmp(cmd, "version") == 0) || (strcmp(cmd, "--version") == 0)) {
(*cmdLineTopics) = xmlSecAppCmdLineTopicVersion;
return(xmlSecAppCommandVersion);
- } else
+ } else
if((strcmp(cmd, "list-key-data") == 0) || (strcmp(cmd, "--list-key-data") == 0)) {
(*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig;
return(xmlSecAppCommandListKeyData);
- } else
+ } else
if((strcmp(cmd, "check-key-data") == 0) || (strcmp(cmd, "--check-key-data") == 0)) {
(*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig;
return(xmlSecAppCommandCheckKeyData);
- } else
+ } else
if((strcmp(cmd, "list-transforms") == 0) || (strcmp(cmd, "--list-transforms") == 0)) {
(*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig;
return(xmlSecAppCommandListTransforms);
- } else
+ } else
if((strcmp(cmd, "check-transforms") == 0) || (strcmp(cmd, "--check-transforms") == 0)) {
(*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig;
return(xmlSecAppCommandCheckTransforms);
- } else
-
+ } else
+
if((strcmp(cmd, "keys") == 0) || (strcmp(cmd, "--keys") == 0)) {
- (*cmdLineTopics) =
- xmlSecAppCmdLineTopicGeneral |
+ (*cmdLineTopics) =
+ xmlSecAppCmdLineTopicGeneral |
xmlSecAppCmdLineTopicCryptoConfig |
xmlSecAppCmdLineTopicKeysMngr |
xmlSecAppCmdLineTopicX509Certs;
return(xmlSecAppCommandKeys);
- } else
-
+ } else
+
#ifndef XMLSEC_NO_XMLDSIG
if((strcmp(cmd, "sign") == 0) || (strcmp(cmd, "--sign") == 0)) {
- (*cmdLineTopics) =
+ (*cmdLineTopics) =
xmlSecAppCmdLineTopicGeneral |
xmlSecAppCmdLineTopicCryptoConfig |
xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicKeysMngr |
xmlSecAppCmdLineTopicX509Certs;
return(xmlSecAppCommandSign);
- } else
-
+ } else
+
if((strcmp(cmd, "verify") == 0) || (strcmp(cmd, "--verify") == 0)) {
- (*cmdLineTopics) =
+ (*cmdLineTopics) =
xmlSecAppCmdLineTopicGeneral |
xmlSecAppCmdLineTopicCryptoConfig |
xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicKeysMngr |
xmlSecAppCmdLineTopicX509Certs;
return(xmlSecAppCommandVerify);
- } else
+ } else
#ifndef XMLSEC_NO_TMPL_TEST
if((strcmp(cmd, "sign-tmpl") == 0) || (strcmp(cmd, "--sign-tmpl") == 0)) {
- (*cmdLineTopics) =
+ (*cmdLineTopics) =
xmlSecAppCmdLineTopicGeneral |
xmlSecAppCmdLineTopicCryptoConfig |
xmlSecAppCmdLineTopicDSigCommon |
xmlSecAppCmdLineTopicKeysMngr |
xmlSecAppCmdLineTopicX509Certs;
return(xmlSecAppCommandSignTmpl);
- } else
+ } else
#endif /* XMLSEC_NO_TMPL_TEST */
-
+
#endif /* XMLSEC_NO_XMLDSIG */
#ifndef XMLSEC_NO_XMLENC
if((strcmp(cmd, "encrypt") == 0) || (strcmp(cmd, "--encrypt") == 0)) {
- (*cmdLineTopics) =
+ (*cmdLineTopics) =
xmlSecAppCmdLineTopicGeneral |
xmlSecAppCmdLineTopicCryptoConfig |
xmlSecAppCmdLineTopicEncCommon |
xmlSecAppCmdLineTopicKeysMngr |
xmlSecAppCmdLineTopicX509Certs;
return(xmlSecAppCommandEncrypt);
- } else
+ } else
if((strcmp(cmd, "decrypt") == 0) || (strcmp(cmd, "--decrypt") == 0)) {
- (*cmdLineTopics) =
+ (*cmdLineTopics) =
xmlSecAppCmdLineTopicGeneral |
xmlSecAppCmdLineTopicCryptoConfig |
xmlSecAppCmdLineTopicEncCommon |
xmlSecAppCmdLineTopicKeysMngr |
xmlSecAppCmdLineTopicX509Certs;
return(xmlSecAppCommandDecrypt);
- } else
+ } else
#ifndef XMLSEC_NO_TMPL_TEST
if((strcmp(cmd, "encrypt-tmpl") == 0) || (strcmp(cmd, "--encrypt-tmpl") == 0)) {
- (*cmdLineTopics) =
+ (*cmdLineTopics) =
xmlSecAppCmdLineTopicGeneral |
xmlSecAppCmdLineTopicCryptoConfig |
xmlSecAppCmdLineTopicEncCommon |
xmlSecAppCmdLineTopicKeysMngr |
xmlSecAppCmdLineTopicX509Certs;
return(xmlSecAppCommandEncryptTmpl);
- } else
+ } else
#endif /* XMLSEC_NO_TMPL_TEST */
#endif /* XMLSEC_NO_XMLENC */
return(xmlSecAppCommandUnknown);
}
}
-
-static void
+
+static void
xmlSecAppPrintHelp(xmlSecAppCommand command, xmlSecAppCmdLineParamTopic topics) {
switch(command) {
case xmlSecAppCommandUnknown:
- fprintf(stderr, "Unknown command\n");
- fprintf(stdout, "%s%s\n", helpCommands1, helpCommands2);
+ fprintf(stderr, "Unknown command\n");
+ fprintf(stdout, "%s%s\n", helpCommands1, helpCommands2);
break;
case xmlSecAppCommandHelp:
fprintf(stdout, "%s%s\n", helpCommands1, helpCommands2);
fprintf(stdout, "%s\n", copyright);
}
-static xmlSecTransformUriType
+static xmlSecTransformUriType
xmlSecAppGetUriType(const char* string) {
xmlSecTransformUriType type = xmlSecTransformUriTypeNone;
-
+
while((string != NULL) && (string[0] != '\0')) {
if(strcmp(string, "empty") == 0) {
type |= xmlSecTransformUriTypeEmpty;
return(type);
}
-static FILE*
+static FILE*
xmlSecAppOpenFile(const char* filename) {
FILE* file = NULL;
-
+
if((filename == NULL) || (strcmp(filename, XMLSEC_STDOUT_FILENAME) == 0)) {
return(stdout);
}
-#ifdef WIN32
+#if defined(_MSC_VER)
fopen_s(&file, filename, "wb");
-#else /* WIN32 */
+#else /* defined(_MSC_VER) */
file = fopen(filename, "wb");
-#endif /* WIN32 */
+#endif /* defined(_MSC_VER) */
if(file == NULL) {
fprintf(stderr, "Error: failed to open file \"%s\"\n", filename);
return(NULL);
}
-
+
return(file);
}
-static void
+static void
xmlSecAppCloseFile(FILE* file) {
if((file == NULL) || (file == stdout) || (file == stderr)) {
return;
}
-
+
fclose(file);
}
-static int
+static int
xmlSecAppWriteResult(xmlDocPtr doc, xmlSecBufferPtr buffer) {
FILE* f;
return(-1);
}
if(doc != NULL) {
- xmlDocDump(f, doc);
+ xmlDocDump(f, doc);
} else if((buffer != NULL) && (xmlSecBufferGetData(buffer) != NULL)) {
- (void)fwrite(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), 1, f);
+ (void)fwrite(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), 1, f);
} else {
- fprintf(stderr, "Error: both result doc and result buffer are null\n");
+ fprintf(stderr, "Error: both result doc and result buffer are null\n");
xmlSecAppCloseFile(f);
return(-1);
- }
+ }
xmlSecAppCloseFile(f);
return(0);
}
-static int
+static int
xmlSecAppAddIDAttr(xmlNodePtr node, const xmlChar* attrName, const xmlChar* nodeName, const xmlChar* nsHref) {
xmlAttrPtr attr, tmpAttr;
xmlNodePtr cur;
xmlChar* id;
-
+
if((node == NULL) || (attrName == NULL) || (nodeName == NULL)) {
return(-1);
}
-
+
/* process children first because it does not matter much but does simplify code */
cur = xmlSecGetNextElementNode(node->children);
while(cur != NULL) {
}
cur = xmlSecGetNextElementNode(cur->next);
}
-
+
/* node name must match */
if(!xmlStrEqual(node->name, nodeName)) {
return(0);
}
-
- /* if nsHref is set then it also should match */
+
+ /* if nsHref is set then it also should match */
if((nsHref != NULL) && (node->ns != NULL) && (!xmlStrEqual(nsHref, node->ns->href))) {
return(0);
}
-
+
/* the attribute with name equal to attrName should exist */
for(attr = node->properties; attr != NULL; attr = attr->next) {
if(xmlStrEqual(attr->name, attrName)) {
if(attr == NULL) {
return(0);
}
-
+
/* and this attr should have a value */
id = xmlNodeListGetString(node->doc, attr->children, 1);
if(id == NULL) {
return(0);
}
-
+
/* check that we don't have same ID already */
tmpAttr = xmlGetID(node->doc, id);
if(tmpAttr == NULL) {
xmlAddID(NULL, node->doc, id, attr);
} else if(tmpAttr != attr) {
- fprintf(stderr, "Error: duplicate ID attribute \"%s\"\n", id);
+ fprintf(stderr, "Error: duplicate ID attribute \"%s\"\n", id);
xmlFree(id);
return(-1);
}
--- /dev/null
+#! /bin/sh
+# Wrapper for compilers which do not understand '-c -o'.
+
+scriptversion=2018-03-07.03; # UTC
+
+# Copyright (C) 1999-2021 Free Software Foundation, Inc.
+# Written by Tom Tromey <tromey@cygnus.com>.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# This file is maintained in Automake, please report
+# bugs to <bug-automake@gnu.org> or send patches to
+# <automake-patches@gnu.org>.
+
+nl='
+'
+
+# We need space, tab and new line, in precisely that order. Quoting is
+# there to prevent tools from complaining about whitespace usage.
+IFS=" "" $nl"
+
+file_conv=
+
+# func_file_conv build_file lazy
+# Convert a $build file to $host form and store it in $file
+# Currently only supports Windows hosts. If the determined conversion
+# type is listed in (the comma separated) LAZY, no conversion will
+# take place.
+func_file_conv ()
+{
+ file=$1
+ case $file in
+ / | /[!/]*) # absolute file, and not a UNC file
+ if test -z "$file_conv"; then
+ # lazily determine how to convert abs files
+ case `uname -s` in
+ MINGW*)
+ file_conv=mingw
+ ;;
+ CYGWIN* | MSYS*)
+ file_conv=cygwin
+ ;;
+ *)
+ file_conv=wine
+ ;;
+ esac
+ fi
+ case $file_conv/,$2, in
+ *,$file_conv,*)
+ ;;
+ mingw/*)
+ file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
+ ;;
+ cygwin/* | msys/*)
+ file=`cygpath -m "$file" || echo "$file"`
+ ;;
+ wine/*)
+ file=`winepath -w "$file" || echo "$file"`
+ ;;
+ esac
+ ;;
+ esac
+}
+
+# func_cl_dashL linkdir
+# Make cl look for libraries in LINKDIR
+func_cl_dashL ()
+{
+ func_file_conv "$1"
+ if test -z "$lib_path"; then
+ lib_path=$file
+ else
+ lib_path="$lib_path;$file"
+ fi
+ linker_opts="$linker_opts -LIBPATH:$file"
+}
+
+# func_cl_dashl library
+# Do a library search-path lookup for cl
+func_cl_dashl ()
+{
+ lib=$1
+ found=no
+ save_IFS=$IFS
+ IFS=';'
+ for dir in $lib_path $LIB
+ do
+ IFS=$save_IFS
+ if $shared && test -f "$dir/$lib.dll.lib"; then
+ found=yes
+ lib=$dir/$lib.dll.lib
+ break
+ fi
+ if test -f "$dir/$lib.lib"; then
+ found=yes
+ lib=$dir/$lib.lib
+ break
+ fi
+ if test -f "$dir/lib$lib.a"; then
+ found=yes
+ lib=$dir/lib$lib.a
+ break
+ fi
+ done
+ IFS=$save_IFS
+
+ if test "$found" != yes; then
+ lib=$lib.lib
+ fi
+}
+
+# func_cl_wrapper cl arg...
+# Adjust compile command to suit cl
+func_cl_wrapper ()
+{
+ # Assume a capable shell
+ lib_path=
+ shared=:
+ linker_opts=
+ for arg
+ do
+ if test -n "$eat"; then
+ eat=
+ else
+ case $1 in
+ -o)
+ # configure might choose to run compile as 'compile cc -o foo foo.c'.
+ eat=1
+ case $2 in
+ *.o | *.[oO][bB][jJ])
+ func_file_conv "$2"
+ set x "$@" -Fo"$file"
+ shift
+ ;;
+ *)
+ func_file_conv "$2"
+ set x "$@" -Fe"$file"
+ shift
+ ;;
+ esac
+ ;;
+ -I)
+ eat=1
+ func_file_conv "$2" mingw
+ set x "$@" -I"$file"
+ shift
+ ;;
+ -I*)
+ func_file_conv "${1#-I}" mingw
+ set x "$@" -I"$file"
+ shift
+ ;;
+ -l)
+ eat=1
+ func_cl_dashl "$2"
+ set x "$@" "$lib"
+ shift
+ ;;
+ -l*)
+ func_cl_dashl "${1#-l}"
+ set x "$@" "$lib"
+ shift
+ ;;
+ -L)
+ eat=1
+ func_cl_dashL "$2"
+ ;;
+ -L*)
+ func_cl_dashL "${1#-L}"
+ ;;
+ -static)
+ shared=false
+ ;;
+ -Wl,*)
+ arg=${1#-Wl,}
+ save_ifs="$IFS"; IFS=','
+ for flag in $arg; do
+ IFS="$save_ifs"
+ linker_opts="$linker_opts $flag"
+ done
+ IFS="$save_ifs"
+ ;;
+ -Xlinker)
+ eat=1
+ linker_opts="$linker_opts $2"
+ ;;
+ -*)
+ set x "$@" "$1"
+ shift
+ ;;
+ *.cc | *.CC | *.cxx | *.CXX | *.[cC]++)
+ func_file_conv "$1"
+ set x "$@" -Tp"$file"
+ shift
+ ;;
+ *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO])
+ func_file_conv "$1" mingw
+ set x "$@" "$file"
+ shift
+ ;;
+ *)
+ set x "$@" "$1"
+ shift
+ ;;
+ esac
+ fi
+ shift
+ done
+ if test -n "$linker_opts"; then
+ linker_opts="-link$linker_opts"
+ fi
+ exec "$@" $linker_opts
+ exit 1
+}
+
+eat=
+
+case $1 in
+ '')
+ echo "$0: No command. Try '$0 --help' for more information." 1>&2
+ exit 1;
+ ;;
+ -h | --h*)
+ cat <<\EOF
+Usage: compile [--help] [--version] PROGRAM [ARGS]
+
+Wrapper for compilers which do not understand '-c -o'.
+Remove '-o dest.o' from ARGS, run PROGRAM with the remaining
+arguments, and rename the output as expected.
+
+If you are trying to build a whole package this is not the
+right script to run: please start by reading the file 'INSTALL'.
+
+Report bugs to <bug-automake@gnu.org>.
+EOF
+ exit $?
+ ;;
+ -v | --v*)
+ echo "compile $scriptversion"
+ exit $?
+ ;;
+ cl | *[/\\]cl | cl.exe | *[/\\]cl.exe | \
+ icl | *[/\\]icl | icl.exe | *[/\\]icl.exe )
+ func_cl_wrapper "$@" # Doesn't return...
+ ;;
+esac
+
+ofile=
+cfile=
+
+for arg
+do
+ if test -n "$eat"; then
+ eat=
+ else
+ case $1 in
+ -o)
+ # configure might choose to run compile as 'compile cc -o foo foo.c'.
+ # So we strip '-o arg' only if arg is an object.
+ eat=1
+ case $2 in
+ *.o | *.obj)
+ ofile=$2
+ ;;
+ *)
+ set x "$@" -o "$2"
+ shift
+ ;;
+ esac
+ ;;
+ *.c)
+ cfile=$1
+ set x "$@" "$1"
+ shift
+ ;;
+ *)
+ set x "$@" "$1"
+ shift
+ ;;
+ esac
+ fi
+ shift
+done
+
+if test -z "$ofile" || test -z "$cfile"; then
+ # If no '-o' option was seen then we might have been invoked from a
+ # pattern rule where we don't need one. That is ok -- this is a
+ # normal compilation that the losing compiler can handle. If no
+ # '.c' file was seen then we are probably linking. That is also
+ # ok.
+ exec "$@"
+fi
+
+# Name of file we expect compiler to create.
+cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'`
+
+# Create the lock directory.
+# Note: use '[/\\:.-]' here to ensure that we don't use the same name
+# that we are using for the .o file. Also, base the name on the expected
+# object file name, since that is what matters with a parallel build.
+lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d
+while true; do
+ if mkdir "$lockdir" >/dev/null 2>&1; then
+ break
+ fi
+ sleep 1
+done
+# FIXME: race condition here if user kills between mkdir and trap.
+trap "rmdir '$lockdir'; exit 1" 1 2 15
+
+# Run the compile.
+"$@"
+ret=$?
+
+if test -f "$cofile"; then
+ test "$cofile" = "$ofile" || mv "$cofile" "$ofile"
+elif test -f "${cofile}bj"; then
+ test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile"
+fi
+
+rmdir "$lockdir"
+exit $ret
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'before-save-hook 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC0"
+# time-stamp-end: "; # UTC"
+# End:
--- /dev/null
+#! /bin/sh
+# Attempt to guess a canonical system name.
+# Copyright 1992-2022 Free Software Foundation, Inc.
+
+# shellcheck disable=SC2006,SC2268 # see below for rationale
+
+timestamp='2022-01-09'
+
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that
+# program. This Exception is an additional permission under section 7
+# of the GNU General Public License, version 3 ("GPLv3").
+#
+# Originally written by Per Bothner; maintained since 2000 by Ben Elliston.
+#
+# You can get the latest version of this script from:
+# https://git.savannah.gnu.org/cgit/config.git/plain/config.guess
+#
+# Please send patches to <config-patches@gnu.org>.
+
+
+# The "shellcheck disable" line above the timestamp inhibits complaints
+# about features and limitations of the classic Bourne shell that were
+# superseded or lifted in POSIX. However, this script identifies a wide
+# variety of pre-POSIX systems that do not have POSIX shells at all, and
+# even some reasonably current systems (Solaris 10 as case-in-point) still
+# have a pre-POSIX /bin/sh.
+
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION]
+
+Output the configuration name of the system \`$me' is run on.
+
+Options:
+ -h, --help print this help, then exit
+ -t, --time-stamp print date of last modification, then exit
+ -v, --version print version number, then exit
+
+Report bugs and patches to <config-patches@gnu.org>."
+
+version="\
+GNU config.guess ($timestamp)
+
+Originally written by Per Bothner.
+Copyright 1992-2022 Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions. There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+ case $1 in
+ --time-stamp | --time* | -t )
+ echo "$timestamp" ; exit ;;
+ --version | -v )
+ echo "$version" ; exit ;;
+ --help | --h* | -h )
+ echo "$usage"; exit ;;
+ -- ) # Stop option processing
+ shift; break ;;
+ - ) # Use stdin as input.
+ break ;;
+ -* )
+ echo "$me: invalid option $1$help" >&2
+ exit 1 ;;
+ * )
+ break ;;
+ esac
+done
+
+if test $# != 0; then
+ echo "$me: too many arguments$help" >&2
+ exit 1
+fi
+
+# Just in case it came from the environment.
+GUESS=
+
+# CC_FOR_BUILD -- compiler used by this script. Note that the use of a
+# compiler to aid in system detection is discouraged as it requires
+# temporary files to be created and, as you can see below, it is a
+# headache to deal with in a portable fashion.
+
+# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still
+# use `HOST_CC' if defined, but it is deprecated.
+
+# Portable tmp directory creation inspired by the Autoconf team.
+
+tmp=
+# shellcheck disable=SC2172
+trap 'test -z "$tmp" || rm -fr "$tmp"' 0 1 2 13 15
+
+set_cc_for_build() {
+ # prevent multiple calls if $tmp is already set
+ test "$tmp" && return 0
+ : "${TMPDIR=/tmp}"
+ # shellcheck disable=SC2039,SC3028
+ { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } ||
+ { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir "$tmp" 2>/dev/null) ; } ||
+ { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir "$tmp" 2>/dev/null) && echo "Warning: creating insecure temp directory" >&2 ; } ||
+ { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; }
+ dummy=$tmp/dummy
+ case ${CC_FOR_BUILD-},${HOST_CC-},${CC-} in
+ ,,) echo "int x;" > "$dummy.c"
+ for driver in cc gcc c89 c99 ; do
+ if ($driver -c -o "$dummy.o" "$dummy.c") >/dev/null 2>&1 ; then
+ CC_FOR_BUILD=$driver
+ break
+ fi
+ done
+ if test x"$CC_FOR_BUILD" = x ; then
+ CC_FOR_BUILD=no_compiler_found
+ fi
+ ;;
+ ,,*) CC_FOR_BUILD=$CC ;;
+ ,*,*) CC_FOR_BUILD=$HOST_CC ;;
+ esac
+}
+
+# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
+# (ghazi@noc.rutgers.edu 1994-08-24)
+if test -f /.attbin/uname ; then
+ PATH=$PATH:/.attbin ; export PATH
+fi
+
+UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
+UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
+UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown
+UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
+
+case $UNAME_SYSTEM in
+Linux|GNU|GNU/*)
+ LIBC=unknown
+
+ set_cc_for_build
+ cat <<-EOF > "$dummy.c"
+ #include <features.h>
+ #if defined(__UCLIBC__)
+ LIBC=uclibc
+ #elif defined(__dietlibc__)
+ LIBC=dietlibc
+ #elif defined(__GLIBC__)
+ LIBC=gnu
+ #else
+ #include <stdarg.h>
+ /* First heuristic to detect musl libc. */
+ #ifdef __DEFINED_va_list
+ LIBC=musl
+ #endif
+ #endif
+ EOF
+ cc_set_libc=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^LIBC' | sed 's, ,,g'`
+ eval "$cc_set_libc"
+
+ # Second heuristic to detect musl libc.
+ if [ "$LIBC" = unknown ] &&
+ command -v ldd >/dev/null &&
+ ldd --version 2>&1 | grep -q ^musl; then
+ LIBC=musl
+ fi
+
+ # If the system lacks a compiler, then just pick glibc.
+ # We could probably try harder.
+ if [ "$LIBC" = unknown ]; then
+ LIBC=gnu
+ fi
+ ;;
+esac
+
+# Note: order is significant - the case branches are not exclusive.
+
+case $UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION in
+ *:NetBSD:*:*)
+ # NetBSD (nbsd) targets should (where applicable) match one or
+ # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*,
+ # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently
+ # switched to ELF, *-*-netbsd* would select the old
+ # object file format. This provides both forward
+ # compatibility and a consistent mechanism for selecting the
+ # object file format.
+ #
+ # Note: NetBSD doesn't particularly care about the vendor
+ # portion of the name. We always set it to "unknown".
+ UNAME_MACHINE_ARCH=`(uname -p 2>/dev/null || \
+ /sbin/sysctl -n hw.machine_arch 2>/dev/null || \
+ /usr/sbin/sysctl -n hw.machine_arch 2>/dev/null || \
+ echo unknown)`
+ case $UNAME_MACHINE_ARCH in
+ aarch64eb) machine=aarch64_be-unknown ;;
+ armeb) machine=armeb-unknown ;;
+ arm*) machine=arm-unknown ;;
+ sh3el) machine=shl-unknown ;;
+ sh3eb) machine=sh-unknown ;;
+ sh5el) machine=sh5le-unknown ;;
+ earmv*)
+ arch=`echo "$UNAME_MACHINE_ARCH" | sed -e 's,^e\(armv[0-9]\).*$,\1,'`
+ endian=`echo "$UNAME_MACHINE_ARCH" | sed -ne 's,^.*\(eb\)$,\1,p'`
+ machine=${arch}${endian}-unknown
+ ;;
+ *) machine=$UNAME_MACHINE_ARCH-unknown ;;
+ esac
+ # The Operating System including object format, if it has switched
+ # to ELF recently (or will in the future) and ABI.
+ case $UNAME_MACHINE_ARCH in
+ earm*)
+ os=netbsdelf
+ ;;
+ arm*|i386|m68k|ns32k|sh3*|sparc|vax)
+ set_cc_for_build
+ if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
+ | grep -q __ELF__
+ then
+ # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
+ # Return netbsd for either. FIX?
+ os=netbsd
+ else
+ os=netbsdelf
+ fi
+ ;;
+ *)
+ os=netbsd
+ ;;
+ esac
+ # Determine ABI tags.
+ case $UNAME_MACHINE_ARCH in
+ earm*)
+ expr='s/^earmv[0-9]/-eabi/;s/eb$//'
+ abi=`echo "$UNAME_MACHINE_ARCH" | sed -e "$expr"`
+ ;;
+ esac
+ # The OS release
+ # Debian GNU/NetBSD machines have a different userland, and
+ # thus, need a distinct triplet. However, they do not need
+ # kernel version information, so it can be replaced with a
+ # suitable tag, in the style of linux-gnu.
+ case $UNAME_VERSION in
+ Debian*)
+ release='-gnu'
+ ;;
+ *)
+ release=`echo "$UNAME_RELEASE" | sed -e 's/[-_].*//' | cut -d. -f1,2`
+ ;;
+ esac
+ # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM:
+ # contains redundant information, the shorter form:
+ # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
+ GUESS=$machine-${os}${release}${abi-}
+ ;;
+ *:Bitrig:*:*)
+ UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'`
+ GUESS=$UNAME_MACHINE_ARCH-unknown-bitrig$UNAME_RELEASE
+ ;;
+ *:OpenBSD:*:*)
+ UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'`
+ GUESS=$UNAME_MACHINE_ARCH-unknown-openbsd$UNAME_RELEASE
+ ;;
+ *:SecBSD:*:*)
+ UNAME_MACHINE_ARCH=`arch | sed 's/SecBSD.//'`
+ GUESS=$UNAME_MACHINE_ARCH-unknown-secbsd$UNAME_RELEASE
+ ;;
+ *:LibertyBSD:*:*)
+ UNAME_MACHINE_ARCH=`arch | sed 's/^.*BSD\.//'`
+ GUESS=$UNAME_MACHINE_ARCH-unknown-libertybsd$UNAME_RELEASE
+ ;;
+ *:MidnightBSD:*:*)
+ GUESS=$UNAME_MACHINE-unknown-midnightbsd$UNAME_RELEASE
+ ;;
+ *:ekkoBSD:*:*)
+ GUESS=$UNAME_MACHINE-unknown-ekkobsd$UNAME_RELEASE
+ ;;
+ *:SolidBSD:*:*)
+ GUESS=$UNAME_MACHINE-unknown-solidbsd$UNAME_RELEASE
+ ;;
+ *:OS108:*:*)
+ GUESS=$UNAME_MACHINE-unknown-os108_$UNAME_RELEASE
+ ;;
+ macppc:MirBSD:*:*)
+ GUESS=powerpc-unknown-mirbsd$UNAME_RELEASE
+ ;;
+ *:MirBSD:*:*)
+ GUESS=$UNAME_MACHINE-unknown-mirbsd$UNAME_RELEASE
+ ;;
+ *:Sortix:*:*)
+ GUESS=$UNAME_MACHINE-unknown-sortix
+ ;;
+ *:Twizzler:*:*)
+ GUESS=$UNAME_MACHINE-unknown-twizzler
+ ;;
+ *:Redox:*:*)
+ GUESS=$UNAME_MACHINE-unknown-redox
+ ;;
+ mips:OSF1:*.*)
+ GUESS=mips-dec-osf1
+ ;;
+ alpha:OSF1:*:*)
+ # Reset EXIT trap before exiting to avoid spurious non-zero exit code.
+ trap '' 0
+ case $UNAME_RELEASE in
+ *4.0)
+ UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
+ ;;
+ *5.*)
+ UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
+ ;;
+ esac
+ # According to Compaq, /usr/sbin/psrinfo has been available on
+ # OSF/1 and Tru64 systems produced since 1995. I hope that
+ # covers most systems running today. This code pipes the CPU
+ # types through head -n 1, so we only detect the type of CPU 0.
+ ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1`
+ case $ALPHA_CPU_TYPE in
+ "EV4 (21064)")
+ UNAME_MACHINE=alpha ;;
+ "EV4.5 (21064)")
+ UNAME_MACHINE=alpha ;;
+ "LCA4 (21066/21068)")
+ UNAME_MACHINE=alpha ;;
+ "EV5 (21164)")
+ UNAME_MACHINE=alphaev5 ;;
+ "EV5.6 (21164A)")
+ UNAME_MACHINE=alphaev56 ;;
+ "EV5.6 (21164PC)")
+ UNAME_MACHINE=alphapca56 ;;
+ "EV5.7 (21164PC)")
+ UNAME_MACHINE=alphapca57 ;;
+ "EV6 (21264)")
+ UNAME_MACHINE=alphaev6 ;;
+ "EV6.7 (21264A)")
+ UNAME_MACHINE=alphaev67 ;;
+ "EV6.8CB (21264C)")
+ UNAME_MACHINE=alphaev68 ;;
+ "EV6.8AL (21264B)")
+ UNAME_MACHINE=alphaev68 ;;
+ "EV6.8CX (21264D)")
+ UNAME_MACHINE=alphaev68 ;;
+ "EV6.9A (21264/EV69A)")
+ UNAME_MACHINE=alphaev69 ;;
+ "EV7 (21364)")
+ UNAME_MACHINE=alphaev7 ;;
+ "EV7.9 (21364A)")
+ UNAME_MACHINE=alphaev79 ;;
+ esac
+ # A Pn.n version is a patched version.
+ # A Vn.n version is a released version.
+ # A Tn.n version is a released field test version.
+ # A Xn.n version is an unreleased experimental baselevel.
+ # 1.2 uses "1.2" for uname -r.
+ OSF_REL=`echo "$UNAME_RELEASE" | sed -e 's/^[PVTX]//' | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz`
+ GUESS=$UNAME_MACHINE-dec-osf$OSF_REL
+ ;;
+ Amiga*:UNIX_System_V:4.0:*)
+ GUESS=m68k-unknown-sysv4
+ ;;
+ *:[Aa]miga[Oo][Ss]:*:*)
+ GUESS=$UNAME_MACHINE-unknown-amigaos
+ ;;
+ *:[Mm]orph[Oo][Ss]:*:*)
+ GUESS=$UNAME_MACHINE-unknown-morphos
+ ;;
+ *:OS/390:*:*)
+ GUESS=i370-ibm-openedition
+ ;;
+ *:z/VM:*:*)
+ GUESS=s390-ibm-zvmoe
+ ;;
+ *:OS400:*:*)
+ GUESS=powerpc-ibm-os400
+ ;;
+ arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
+ GUESS=arm-acorn-riscix$UNAME_RELEASE
+ ;;
+ arm*:riscos:*:*|arm*:RISCOS:*:*)
+ GUESS=arm-unknown-riscos
+ ;;
+ SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*)
+ GUESS=hppa1.1-hitachi-hiuxmpp
+ ;;
+ Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*)
+ # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE.
+ case `(/bin/universe) 2>/dev/null` in
+ att) GUESS=pyramid-pyramid-sysv3 ;;
+ *) GUESS=pyramid-pyramid-bsd ;;
+ esac
+ ;;
+ NILE*:*:*:dcosx)
+ GUESS=pyramid-pyramid-svr4
+ ;;
+ DRS?6000:unix:4.0:6*)
+ GUESS=sparc-icl-nx6
+ ;;
+ DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*)
+ case `/usr/bin/uname -p` in
+ sparc) GUESS=sparc-icl-nx7 ;;
+ esac
+ ;;
+ s390x:SunOS:*:*)
+ SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`
+ GUESS=$UNAME_MACHINE-ibm-solaris2$SUN_REL
+ ;;
+ sun4H:SunOS:5.*:*)
+ SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`
+ GUESS=sparc-hal-solaris2$SUN_REL
+ ;;
+ sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
+ SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`
+ GUESS=sparc-sun-solaris2$SUN_REL
+ ;;
+ i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*)
+ GUESS=i386-pc-auroraux$UNAME_RELEASE
+ ;;
+ i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*)
+ set_cc_for_build
+ SUN_ARCH=i386
+ # If there is a compiler, see if it is configured for 64-bit objects.
+ # Note that the Sun cc does not turn __LP64__ into 1 like gcc does.
+ # This test works for both compilers.
+ if test "$CC_FOR_BUILD" != no_compiler_found; then
+ if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \
+ (CCOPTS="" $CC_FOR_BUILD -m64 -E - 2>/dev/null) | \
+ grep IS_64BIT_ARCH >/dev/null
+ then
+ SUN_ARCH=x86_64
+ fi
+ fi
+ SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`
+ GUESS=$SUN_ARCH-pc-solaris2$SUN_REL
+ ;;
+ sun4*:SunOS:6*:*)
+ # According to config.sub, this is the proper way to canonicalize
+ # SunOS6. Hard to guess exactly what SunOS6 will be like, but
+ # it's likely to be more like Solaris than SunOS4.
+ SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`
+ GUESS=sparc-sun-solaris3$SUN_REL
+ ;;
+ sun4*:SunOS:*:*)
+ case `/usr/bin/arch -k` in
+ Series*|S4*)
+ UNAME_RELEASE=`uname -v`
+ ;;
+ esac
+ # Japanese Language versions have a version number like `4.1.3-JL'.
+ SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/-/_/'`
+ GUESS=sparc-sun-sunos$SUN_REL
+ ;;
+ sun3*:SunOS:*:*)
+ GUESS=m68k-sun-sunos$UNAME_RELEASE
+ ;;
+ sun*:*:4.2BSD:*)
+ UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null`
+ test "x$UNAME_RELEASE" = x && UNAME_RELEASE=3
+ case `/bin/arch` in
+ sun3)
+ GUESS=m68k-sun-sunos$UNAME_RELEASE
+ ;;
+ sun4)
+ GUESS=sparc-sun-sunos$UNAME_RELEASE
+ ;;
+ esac
+ ;;
+ aushp:SunOS:*:*)
+ GUESS=sparc-auspex-sunos$UNAME_RELEASE
+ ;;
+ # The situation for MiNT is a little confusing. The machine name
+ # can be virtually everything (everything which is not
+ # "atarist" or "atariste" at least should have a processor
+ # > m68000). The system name ranges from "MiNT" over "FreeMiNT"
+ # to the lowercase version "mint" (or "freemint"). Finally
+ # the system name "TOS" denotes a system which is actually not
+ # MiNT. But MiNT is downward compatible to TOS, so this should
+ # be no problem.
+ atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
+ GUESS=m68k-atari-mint$UNAME_RELEASE
+ ;;
+ atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
+ GUESS=m68k-atari-mint$UNAME_RELEASE
+ ;;
+ *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
+ GUESS=m68k-atari-mint$UNAME_RELEASE
+ ;;
+ milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
+ GUESS=m68k-milan-mint$UNAME_RELEASE
+ ;;
+ hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
+ GUESS=m68k-hades-mint$UNAME_RELEASE
+ ;;
+ *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
+ GUESS=m68k-unknown-mint$UNAME_RELEASE
+ ;;
+ m68k:machten:*:*)
+ GUESS=m68k-apple-machten$UNAME_RELEASE
+ ;;
+ powerpc:machten:*:*)
+ GUESS=powerpc-apple-machten$UNAME_RELEASE
+ ;;
+ RISC*:Mach:*:*)
+ GUESS=mips-dec-mach_bsd4.3
+ ;;
+ RISC*:ULTRIX:*:*)
+ GUESS=mips-dec-ultrix$UNAME_RELEASE
+ ;;
+ VAX*:ULTRIX*:*:*)
+ GUESS=vax-dec-ultrix$UNAME_RELEASE
+ ;;
+ 2020:CLIX:*:* | 2430:CLIX:*:*)
+ GUESS=clipper-intergraph-clix$UNAME_RELEASE
+ ;;
+ mips:*:*:UMIPS | mips:*:*:RISCos)
+ set_cc_for_build
+ sed 's/^ //' << EOF > "$dummy.c"
+#ifdef __cplusplus
+#include <stdio.h> /* for printf() prototype */
+ int main (int argc, char *argv[]) {
+#else
+ int main (argc, argv) int argc; char *argv[]; {
+#endif
+ #if defined (host_mips) && defined (MIPSEB)
+ #if defined (SYSTYPE_SYSV)
+ printf ("mips-mips-riscos%ssysv\\n", argv[1]); exit (0);
+ #endif
+ #if defined (SYSTYPE_SVR4)
+ printf ("mips-mips-riscos%ssvr4\\n", argv[1]); exit (0);
+ #endif
+ #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD)
+ printf ("mips-mips-riscos%sbsd\\n", argv[1]); exit (0);
+ #endif
+ #endif
+ exit (-1);
+ }
+EOF
+ $CC_FOR_BUILD -o "$dummy" "$dummy.c" &&
+ dummyarg=`echo "$UNAME_RELEASE" | sed -n 's/\([0-9]*\).*/\1/p'` &&
+ SYSTEM_NAME=`"$dummy" "$dummyarg"` &&
+ { echo "$SYSTEM_NAME"; exit; }
+ GUESS=mips-mips-riscos$UNAME_RELEASE
+ ;;
+ Motorola:PowerMAX_OS:*:*)
+ GUESS=powerpc-motorola-powermax
+ ;;
+ Motorola:*:4.3:PL8-*)
+ GUESS=powerpc-harris-powermax
+ ;;
+ Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*)
+ GUESS=powerpc-harris-powermax
+ ;;
+ Night_Hawk:Power_UNIX:*:*)
+ GUESS=powerpc-harris-powerunix
+ ;;
+ m88k:CX/UX:7*:*)
+ GUESS=m88k-harris-cxux7
+ ;;
+ m88k:*:4*:R4*)
+ GUESS=m88k-motorola-sysv4
+ ;;
+ m88k:*:3*:R3*)
+ GUESS=m88k-motorola-sysv3
+ ;;
+ AViiON:dgux:*:*)
+ # DG/UX returns AViiON for all architectures
+ UNAME_PROCESSOR=`/usr/bin/uname -p`
+ if test "$UNAME_PROCESSOR" = mc88100 || test "$UNAME_PROCESSOR" = mc88110
+ then
+ if test "$TARGET_BINARY_INTERFACE"x = m88kdguxelfx || \
+ test "$TARGET_BINARY_INTERFACE"x = x
+ then
+ GUESS=m88k-dg-dgux$UNAME_RELEASE
+ else
+ GUESS=m88k-dg-dguxbcs$UNAME_RELEASE
+ fi
+ else
+ GUESS=i586-dg-dgux$UNAME_RELEASE
+ fi
+ ;;
+ M88*:DolphinOS:*:*) # DolphinOS (SVR3)
+ GUESS=m88k-dolphin-sysv3
+ ;;
+ M88*:*:R3*:*)
+ # Delta 88k system running SVR3
+ GUESS=m88k-motorola-sysv3
+ ;;
+ XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
+ GUESS=m88k-tektronix-sysv3
+ ;;
+ Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
+ GUESS=m68k-tektronix-bsd
+ ;;
+ *:IRIX*:*:*)
+ IRIX_REL=`echo "$UNAME_RELEASE" | sed -e 's/-/_/g'`
+ GUESS=mips-sgi-irix$IRIX_REL
+ ;;
+ ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
+ GUESS=romp-ibm-aix # uname -m gives an 8 hex-code CPU id
+ ;; # Note that: echo "'`uname -s`'" gives 'AIX '
+ i*86:AIX:*:*)
+ GUESS=i386-ibm-aix
+ ;;
+ ia64:AIX:*:*)
+ if test -x /usr/bin/oslevel ; then
+ IBM_REV=`/usr/bin/oslevel`
+ else
+ IBM_REV=$UNAME_VERSION.$UNAME_RELEASE
+ fi
+ GUESS=$UNAME_MACHINE-ibm-aix$IBM_REV
+ ;;
+ *:AIX:2:3)
+ if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
+ set_cc_for_build
+ sed 's/^ //' << EOF > "$dummy.c"
+ #include <sys/systemcfg.h>
+
+ main()
+ {
+ if (!__power_pc())
+ exit(1);
+ puts("powerpc-ibm-aix3.2.5");
+ exit(0);
+ }
+EOF
+ if $CC_FOR_BUILD -o "$dummy" "$dummy.c" && SYSTEM_NAME=`"$dummy"`
+ then
+ GUESS=$SYSTEM_NAME
+ else
+ GUESS=rs6000-ibm-aix3.2.5
+ fi
+ elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
+ GUESS=rs6000-ibm-aix3.2.4
+ else
+ GUESS=rs6000-ibm-aix3.2
+ fi
+ ;;
+ *:AIX:*:[4567])
+ IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
+ if /usr/sbin/lsattr -El "$IBM_CPU_ID" | grep ' POWER' >/dev/null 2>&1; then
+ IBM_ARCH=rs6000
+ else
+ IBM_ARCH=powerpc
+ fi
+ if test -x /usr/bin/lslpp ; then
+ IBM_REV=`/usr/bin/lslpp -Lqc bos.rte.libc | \
+ awk -F: '{ print $3 }' | sed s/[0-9]*$/0/`
+ else
+ IBM_REV=$UNAME_VERSION.$UNAME_RELEASE
+ fi
+ GUESS=$IBM_ARCH-ibm-aix$IBM_REV
+ ;;
+ *:AIX:*:*)
+ GUESS=rs6000-ibm-aix
+ ;;
+ ibmrt:4.4BSD:*|romp-ibm:4.4BSD:*)
+ GUESS=romp-ibm-bsd4.4
+ ;;
+ ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and
+ GUESS=romp-ibm-bsd$UNAME_RELEASE # 4.3 with uname added to
+ ;; # report: romp-ibm BSD 4.3
+ *:BOSX:*:*)
+ GUESS=rs6000-bull-bosx
+ ;;
+ DPX/2?00:B.O.S.:*:*)
+ GUESS=m68k-bull-sysv3
+ ;;
+ 9000/[34]??:4.3bsd:1.*:*)
+ GUESS=m68k-hp-bsd
+ ;;
+ hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
+ GUESS=m68k-hp-bsd4.4
+ ;;
+ 9000/[34678]??:HP-UX:*:*)
+ HPUX_REV=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*.[0B]*//'`
+ case $UNAME_MACHINE in
+ 9000/31?) HP_ARCH=m68000 ;;
+ 9000/[34]??) HP_ARCH=m68k ;;
+ 9000/[678][0-9][0-9])
+ if test -x /usr/bin/getconf; then
+ sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
+ sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
+ case $sc_cpu_version in
+ 523) HP_ARCH=hppa1.0 ;; # CPU_PA_RISC1_0
+ 528) HP_ARCH=hppa1.1 ;; # CPU_PA_RISC1_1
+ 532) # CPU_PA_RISC2_0
+ case $sc_kernel_bits in
+ 32) HP_ARCH=hppa2.0n ;;
+ 64) HP_ARCH=hppa2.0w ;;
+ '') HP_ARCH=hppa2.0 ;; # HP-UX 10.20
+ esac ;;
+ esac
+ fi
+ if test "$HP_ARCH" = ""; then
+ set_cc_for_build
+ sed 's/^ //' << EOF > "$dummy.c"
+
+ #define _HPUX_SOURCE
+ #include <stdlib.h>
+ #include <unistd.h>
+
+ int main ()
+ {
+ #if defined(_SC_KERNEL_BITS)
+ long bits = sysconf(_SC_KERNEL_BITS);
+ #endif
+ long cpu = sysconf (_SC_CPU_VERSION);
+
+ switch (cpu)
+ {
+ case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
+ case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
+ case CPU_PA_RISC2_0:
+ #if defined(_SC_KERNEL_BITS)
+ switch (bits)
+ {
+ case 64: puts ("hppa2.0w"); break;
+ case 32: puts ("hppa2.0n"); break;
+ default: puts ("hppa2.0"); break;
+ } break;
+ #else /* !defined(_SC_KERNEL_BITS) */
+ puts ("hppa2.0"); break;
+ #endif
+ default: puts ("hppa1.0"); break;
+ }
+ exit (0);
+ }
+EOF
+ (CCOPTS="" $CC_FOR_BUILD -o "$dummy" "$dummy.c" 2>/dev/null) && HP_ARCH=`"$dummy"`
+ test -z "$HP_ARCH" && HP_ARCH=hppa
+ fi ;;
+ esac
+ if test "$HP_ARCH" = hppa2.0w
+ then
+ set_cc_for_build
+
+ # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating
+ # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler
+ # generating 64-bit code. GNU and HP use different nomenclature:
+ #
+ # $ CC_FOR_BUILD=cc ./config.guess
+ # => hppa2.0w-hp-hpux11.23
+ # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess
+ # => hppa64-hp-hpux11.23
+
+ if echo __LP64__ | (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) |
+ grep -q __LP64__
+ then
+ HP_ARCH=hppa2.0w
+ else
+ HP_ARCH=hppa64
+ fi
+ fi
+ GUESS=$HP_ARCH-hp-hpux$HPUX_REV
+ ;;
+ ia64:HP-UX:*:*)
+ HPUX_REV=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*.[0B]*//'`
+ GUESS=ia64-hp-hpux$HPUX_REV
+ ;;
+ 3050*:HI-UX:*:*)
+ set_cc_for_build
+ sed 's/^ //' << EOF > "$dummy.c"
+ #include <unistd.h>
+ int
+ main ()
+ {
+ long cpu = sysconf (_SC_CPU_VERSION);
+ /* The order matters, because CPU_IS_HP_MC68K erroneously returns
+ true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct
+ results, however. */
+ if (CPU_IS_PA_RISC (cpu))
+ {
+ switch (cpu)
+ {
+ case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
+ case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
+ case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
+ default: puts ("hppa-hitachi-hiuxwe2"); break;
+ }
+ }
+ else if (CPU_IS_HP_MC68K (cpu))
+ puts ("m68k-hitachi-hiuxwe2");
+ else puts ("unknown-hitachi-hiuxwe2");
+ exit (0);
+ }
+EOF
+ $CC_FOR_BUILD -o "$dummy" "$dummy.c" && SYSTEM_NAME=`"$dummy"` &&
+ { echo "$SYSTEM_NAME"; exit; }
+ GUESS=unknown-hitachi-hiuxwe2
+ ;;
+ 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:*)
+ GUESS=hppa1.1-hp-bsd
+ ;;
+ 9000/8??:4.3bsd:*:*)
+ GUESS=hppa1.0-hp-bsd
+ ;;
+ *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*)
+ GUESS=hppa1.0-hp-mpeix
+ ;;
+ hp7??:OSF1:*:* | hp8?[79]:OSF1:*:*)
+ GUESS=hppa1.1-hp-osf
+ ;;
+ hp8??:OSF1:*:*)
+ GUESS=hppa1.0-hp-osf
+ ;;
+ i*86:OSF1:*:*)
+ if test -x /usr/sbin/sysversion ; then
+ GUESS=$UNAME_MACHINE-unknown-osf1mk
+ else
+ GUESS=$UNAME_MACHINE-unknown-osf1
+ fi
+ ;;
+ parisc*:Lites*:*:*)
+ GUESS=hppa1.1-hp-lites
+ ;;
+ C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
+ GUESS=c1-convex-bsd
+ ;;
+ C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
+ if getsysinfo -f scalar_acc
+ then echo c32-convex-bsd
+ else echo c2-convex-bsd
+ fi
+ exit ;;
+ C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
+ GUESS=c34-convex-bsd
+ ;;
+ C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
+ GUESS=c38-convex-bsd
+ ;;
+ C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
+ GUESS=c4-convex-bsd
+ ;;
+ CRAY*Y-MP:*:*:*)
+ CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'`
+ GUESS=ymp-cray-unicos$CRAY_REL
+ ;;
+ CRAY*[A-Z]90:*:*:*)
+ echo "$UNAME_MACHINE"-cray-unicos"$UNAME_RELEASE" \
+ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
+ -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \
+ -e 's/\.[^.]*$/.X/'
+ exit ;;
+ CRAY*TS:*:*:*)
+ CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'`
+ GUESS=t90-cray-unicos$CRAY_REL
+ ;;
+ CRAY*T3E:*:*:*)
+ CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'`
+ GUESS=alphaev5-cray-unicosmk$CRAY_REL
+ ;;
+ CRAY*SV1:*:*:*)
+ CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'`
+ GUESS=sv1-cray-unicos$CRAY_REL
+ ;;
+ *:UNICOS/mp:*:*)
+ CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'`
+ GUESS=craynv-cray-unicosmp$CRAY_REL
+ ;;
+ F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
+ FUJITSU_PROC=`uname -m | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz`
+ FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'`
+ FUJITSU_REL=`echo "$UNAME_RELEASE" | sed -e 's/ /_/'`
+ GUESS=${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}
+ ;;
+ 5000:UNIX_System_V:4.*:*)
+ FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'`
+ FUJITSU_REL=`echo "$UNAME_RELEASE" | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/ /_/'`
+ GUESS=sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}
+ ;;
+ i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
+ GUESS=$UNAME_MACHINE-pc-bsdi$UNAME_RELEASE
+ ;;
+ sparc*:BSD/OS:*:*)
+ GUESS=sparc-unknown-bsdi$UNAME_RELEASE
+ ;;
+ *:BSD/OS:*:*)
+ GUESS=$UNAME_MACHINE-unknown-bsdi$UNAME_RELEASE
+ ;;
+ arm:FreeBSD:*:*)
+ UNAME_PROCESSOR=`uname -p`
+ set_cc_for_build
+ if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \
+ | grep -q __ARM_PCS_VFP
+ then
+ FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'`
+ GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL-gnueabi
+ else
+ FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'`
+ GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL-gnueabihf
+ fi
+ ;;
+ *:FreeBSD:*:*)
+ UNAME_PROCESSOR=`/usr/bin/uname -p`
+ case $UNAME_PROCESSOR in
+ amd64)
+ UNAME_PROCESSOR=x86_64 ;;
+ i386)
+ UNAME_PROCESSOR=i586 ;;
+ esac
+ FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'`
+ GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL
+ ;;
+ i*:CYGWIN*:*)
+ GUESS=$UNAME_MACHINE-pc-cygwin
+ ;;
+ *:MINGW64*:*)
+ GUESS=$UNAME_MACHINE-pc-mingw64
+ ;;
+ *:MINGW*:*)
+ GUESS=$UNAME_MACHINE-pc-mingw32
+ ;;
+ *:MSYS*:*)
+ GUESS=$UNAME_MACHINE-pc-msys
+ ;;
+ i*:PW*:*)
+ GUESS=$UNAME_MACHINE-pc-pw32
+ ;;
+ *:SerenityOS:*:*)
+ GUESS=$UNAME_MACHINE-pc-serenity
+ ;;
+ *:Interix*:*)
+ case $UNAME_MACHINE in
+ x86)
+ GUESS=i586-pc-interix$UNAME_RELEASE
+ ;;
+ authenticamd | genuineintel | EM64T)
+ GUESS=x86_64-unknown-interix$UNAME_RELEASE
+ ;;
+ IA64)
+ GUESS=ia64-unknown-interix$UNAME_RELEASE
+ ;;
+ esac ;;
+ i*:UWIN*:*)
+ GUESS=$UNAME_MACHINE-pc-uwin
+ ;;
+ amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*)
+ GUESS=x86_64-pc-cygwin
+ ;;
+ prep*:SunOS:5.*:*)
+ SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`
+ GUESS=powerpcle-unknown-solaris2$SUN_REL
+ ;;
+ *:GNU:*:*)
+ # the GNU system
+ GNU_ARCH=`echo "$UNAME_MACHINE" | sed -e 's,[-/].*$,,'`
+ GNU_REL=`echo "$UNAME_RELEASE" | sed -e 's,/.*$,,'`
+ GUESS=$GNU_ARCH-unknown-$LIBC$GNU_REL
+ ;;
+ *:GNU/*:*:*)
+ # other systems with GNU libc and userland
+ GNU_SYS=`echo "$UNAME_SYSTEM" | sed 's,^[^/]*/,,' | tr "[:upper:]" "[:lower:]"`
+ GNU_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'`
+ GUESS=$UNAME_MACHINE-unknown-$GNU_SYS$GNU_REL-$LIBC
+ ;;
+ *:Minix:*:*)
+ GUESS=$UNAME_MACHINE-unknown-minix
+ ;;
+ aarch64:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ aarch64_be:Linux:*:*)
+ UNAME_MACHINE=aarch64_be
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ alpha:Linux:*:*)
+ case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' /proc/cpuinfo 2>/dev/null` in
+ EV5) UNAME_MACHINE=alphaev5 ;;
+ EV56) UNAME_MACHINE=alphaev56 ;;
+ PCA56) UNAME_MACHINE=alphapca56 ;;
+ PCA57) UNAME_MACHINE=alphapca56 ;;
+ EV6) UNAME_MACHINE=alphaev6 ;;
+ EV67) UNAME_MACHINE=alphaev67 ;;
+ EV68*) UNAME_MACHINE=alphaev68 ;;
+ esac
+ objdump --private-headers /bin/sh | grep -q ld.so.1
+ if test "$?" = 0 ; then LIBC=gnulibc1 ; fi
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ arc:Linux:*:* | arceb:Linux:*:* | arc32:Linux:*:* | arc64:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ arm*:Linux:*:*)
+ set_cc_for_build
+ if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \
+ | grep -q __ARM_EABI__
+ then
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ else
+ if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \
+ | grep -q __ARM_PCS_VFP
+ then
+ GUESS=$UNAME_MACHINE-unknown-linux-${LIBC}eabi
+ else
+ GUESS=$UNAME_MACHINE-unknown-linux-${LIBC}eabihf
+ fi
+ fi
+ ;;
+ avr32*:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ cris:Linux:*:*)
+ GUESS=$UNAME_MACHINE-axis-linux-$LIBC
+ ;;
+ crisv32:Linux:*:*)
+ GUESS=$UNAME_MACHINE-axis-linux-$LIBC
+ ;;
+ e2k:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ frv:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ hexagon:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ i*86:Linux:*:*)
+ GUESS=$UNAME_MACHINE-pc-linux-$LIBC
+ ;;
+ ia64:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ k1om:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ loongarch32:Linux:*:* | loongarch64:Linux:*:* | loongarchx32:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ m32r*:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ m68*:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ mips:Linux:*:* | mips64:Linux:*:*)
+ set_cc_for_build
+ IS_GLIBC=0
+ test x"${LIBC}" = xgnu && IS_GLIBC=1
+ sed 's/^ //' << EOF > "$dummy.c"
+ #undef CPU
+ #undef mips
+ #undef mipsel
+ #undef mips64
+ #undef mips64el
+ #if ${IS_GLIBC} && defined(_ABI64)
+ LIBCABI=gnuabi64
+ #else
+ #if ${IS_GLIBC} && defined(_ABIN32)
+ LIBCABI=gnuabin32
+ #else
+ LIBCABI=${LIBC}
+ #endif
+ #endif
+
+ #if ${IS_GLIBC} && defined(__mips64) && defined(__mips_isa_rev) && __mips_isa_rev>=6
+ CPU=mipsisa64r6
+ #else
+ #if ${IS_GLIBC} && !defined(__mips64) && defined(__mips_isa_rev) && __mips_isa_rev>=6
+ CPU=mipsisa32r6
+ #else
+ #if defined(__mips64)
+ CPU=mips64
+ #else
+ CPU=mips
+ #endif
+ #endif
+ #endif
+
+ #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
+ MIPS_ENDIAN=el
+ #else
+ #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
+ MIPS_ENDIAN=
+ #else
+ MIPS_ENDIAN=
+ #endif
+ #endif
+EOF
+ cc_set_vars=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^CPU\|^MIPS_ENDIAN\|^LIBCABI'`
+ eval "$cc_set_vars"
+ test "x$CPU" != x && { echo "$CPU${MIPS_ENDIAN}-unknown-linux-$LIBCABI"; exit; }
+ ;;
+ mips64el:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ openrisc*:Linux:*:*)
+ GUESS=or1k-unknown-linux-$LIBC
+ ;;
+ or32:Linux:*:* | or1k*:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ padre:Linux:*:*)
+ GUESS=sparc-unknown-linux-$LIBC
+ ;;
+ parisc64:Linux:*:* | hppa64:Linux:*:*)
+ GUESS=hppa64-unknown-linux-$LIBC
+ ;;
+ parisc:Linux:*:* | hppa:Linux:*:*)
+ # Look for CPU level
+ case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in
+ PA7*) GUESS=hppa1.1-unknown-linux-$LIBC ;;
+ PA8*) GUESS=hppa2.0-unknown-linux-$LIBC ;;
+ *) GUESS=hppa-unknown-linux-$LIBC ;;
+ esac
+ ;;
+ ppc64:Linux:*:*)
+ GUESS=powerpc64-unknown-linux-$LIBC
+ ;;
+ ppc:Linux:*:*)
+ GUESS=powerpc-unknown-linux-$LIBC
+ ;;
+ ppc64le:Linux:*:*)
+ GUESS=powerpc64le-unknown-linux-$LIBC
+ ;;
+ ppcle:Linux:*:*)
+ GUESS=powerpcle-unknown-linux-$LIBC
+ ;;
+ riscv32:Linux:*:* | riscv32be:Linux:*:* | riscv64:Linux:*:* | riscv64be:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ s390:Linux:*:* | s390x:Linux:*:*)
+ GUESS=$UNAME_MACHINE-ibm-linux-$LIBC
+ ;;
+ sh64*:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ sh*:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ sparc:Linux:*:* | sparc64:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ tile*:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ vax:Linux:*:*)
+ GUESS=$UNAME_MACHINE-dec-linux-$LIBC
+ ;;
+ x86_64:Linux:*:*)
+ set_cc_for_build
+ LIBCABI=$LIBC
+ if test "$CC_FOR_BUILD" != no_compiler_found; then
+ if (echo '#ifdef __ILP32__'; echo IS_X32; echo '#endif') | \
+ (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \
+ grep IS_X32 >/dev/null
+ then
+ LIBCABI=${LIBC}x32
+ fi
+ fi
+ GUESS=$UNAME_MACHINE-pc-linux-$LIBCABI
+ ;;
+ xtensa*:Linux:*:*)
+ GUESS=$UNAME_MACHINE-unknown-linux-$LIBC
+ ;;
+ i*86:DYNIX/ptx:4*:*)
+ # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
+ # earlier versions are messed up and put the nodename in both
+ # sysname and nodename.
+ GUESS=i386-sequent-sysv4
+ ;;
+ i*86:UNIX_SV:4.2MP:2.*)
+ # Unixware is an offshoot of SVR4, but it has its own version
+ # number series starting with 2...
+ # I am not positive that other SVR4 systems won't match this,
+ # I just have to hope. -- rms.
+ # Use sysv4.2uw... so that sysv4* matches it.
+ GUESS=$UNAME_MACHINE-pc-sysv4.2uw$UNAME_VERSION
+ ;;
+ i*86:OS/2:*:*)
+ # If we were able to find `uname', then EMX Unix compatibility
+ # is probably installed.
+ GUESS=$UNAME_MACHINE-pc-os2-emx
+ ;;
+ i*86:XTS-300:*:STOP)
+ GUESS=$UNAME_MACHINE-unknown-stop
+ ;;
+ i*86:atheos:*:*)
+ GUESS=$UNAME_MACHINE-unknown-atheos
+ ;;
+ i*86:syllable:*:*)
+ GUESS=$UNAME_MACHINE-pc-syllable
+ ;;
+ i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*)
+ GUESS=i386-unknown-lynxos$UNAME_RELEASE
+ ;;
+ i*86:*DOS:*:*)
+ GUESS=$UNAME_MACHINE-pc-msdosdjgpp
+ ;;
+ i*86:*:4.*:*)
+ UNAME_REL=`echo "$UNAME_RELEASE" | sed 's/\/MP$//'`
+ if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
+ GUESS=$UNAME_MACHINE-univel-sysv$UNAME_REL
+ else
+ GUESS=$UNAME_MACHINE-pc-sysv$UNAME_REL
+ fi
+ ;;
+ i*86:*:5:[678]*)
+ # UnixWare 7.x, OpenUNIX and OpenServer 6.
+ case `/bin/uname -X | grep "^Machine"` in
+ *486*) UNAME_MACHINE=i486 ;;
+ *Pentium) UNAME_MACHINE=i586 ;;
+ *Pent*|*Celeron) UNAME_MACHINE=i686 ;;
+ esac
+ GUESS=$UNAME_MACHINE-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION}
+ ;;
+ i*86:*:3.2:*)
+ if test -f /usr/options/cb.name; then
+ UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
+ GUESS=$UNAME_MACHINE-pc-isc$UNAME_REL
+ elif /bin/uname -X 2>/dev/null >/dev/null ; then
+ UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')`
+ (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486
+ (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \
+ && UNAME_MACHINE=i586
+ (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \
+ && UNAME_MACHINE=i686
+ (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \
+ && UNAME_MACHINE=i686
+ GUESS=$UNAME_MACHINE-pc-sco$UNAME_REL
+ else
+ GUESS=$UNAME_MACHINE-pc-sysv32
+ fi
+ ;;
+ pc:*:*:*)
+ # Left here for compatibility:
+ # uname -m prints for DJGPP always 'pc', but it prints nothing about
+ # the processor, so we play safe by assuming i586.
+ # Note: whatever this is, it MUST be the same as what config.sub
+ # prints for the "djgpp" host, or else GDB configure will decide that
+ # this is a cross-build.
+ GUESS=i586-pc-msdosdjgpp
+ ;;
+ Intel:Mach:3*:*)
+ GUESS=i386-pc-mach3
+ ;;
+ paragon:*:*:*)
+ GUESS=i860-intel-osf1
+ ;;
+ i860:*:4.*:*) # i860-SVR4
+ if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
+ GUESS=i860-stardent-sysv$UNAME_RELEASE # Stardent Vistra i860-SVR4
+ else # Add other i860-SVR4 vendors below as they are discovered.
+ GUESS=i860-unknown-sysv$UNAME_RELEASE # Unknown i860-SVR4
+ fi
+ ;;
+ mini*:CTIX:SYS*5:*)
+ # "miniframe"
+ GUESS=m68010-convergent-sysv
+ ;;
+ mc68k:UNIX:SYSTEM5:3.51m)
+ GUESS=m68k-convergent-sysv
+ ;;
+ M680?0:D-NIX:5.3:*)
+ GUESS=m68k-diab-dnix
+ ;;
+ M68*:*:R3V[5678]*:*)
+ test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;;
+ 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0)
+ OS_REL=''
+ test -r /etc/.relid \
+ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && { echo i486-ncr-sysv4.3"$OS_REL"; exit; }
+ /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+ && { echo i586-ncr-sysv4.3"$OS_REL"; exit; } ;;
+ 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && { echo i486-ncr-sysv4; exit; } ;;
+ NCR*:*:4.2:* | MPRAS*:*:4.2:*)
+ OS_REL='.3'
+ test -r /etc/.relid \
+ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && { echo i486-ncr-sysv4.3"$OS_REL"; exit; }
+ /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+ && { echo i586-ncr-sysv4.3"$OS_REL"; exit; }
+ /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \
+ && { echo i586-ncr-sysv4.3"$OS_REL"; exit; } ;;
+ m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
+ GUESS=m68k-unknown-lynxos$UNAME_RELEASE
+ ;;
+ mc68030:UNIX_System_V:4.*:*)
+ GUESS=m68k-atari-sysv4
+ ;;
+ TSUNAMI:LynxOS:2.*:*)
+ GUESS=sparc-unknown-lynxos$UNAME_RELEASE
+ ;;
+ rs6000:LynxOS:2.*:*)
+ GUESS=rs6000-unknown-lynxos$UNAME_RELEASE
+ ;;
+ PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*)
+ GUESS=powerpc-unknown-lynxos$UNAME_RELEASE
+ ;;
+ SM[BE]S:UNIX_SV:*:*)
+ GUESS=mips-dde-sysv$UNAME_RELEASE
+ ;;
+ RM*:ReliantUNIX-*:*:*)
+ GUESS=mips-sni-sysv4
+ ;;
+ RM*:SINIX-*:*:*)
+ GUESS=mips-sni-sysv4
+ ;;
+ *:SINIX-*:*:*)
+ if uname -p 2>/dev/null >/dev/null ; then
+ UNAME_MACHINE=`(uname -p) 2>/dev/null`
+ GUESS=$UNAME_MACHINE-sni-sysv4
+ else
+ GUESS=ns32k-sni-sysv
+ fi
+ ;;
+ PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
+ # says <Richard.M.Bartel@ccMail.Census.GOV>
+ GUESS=i586-unisys-sysv4
+ ;;
+ *:UNIX_System_V:4*:FTX*)
+ # From Gerald Hewes <hewes@openmarket.com>.
+ # How about differentiating between stratus architectures? -djm
+ GUESS=hppa1.1-stratus-sysv4
+ ;;
+ *:*:*:FTX*)
+ # From seanf@swdc.stratus.com.
+ GUESS=i860-stratus-sysv4
+ ;;
+ i*86:VOS:*:*)
+ # From Paul.Green@stratus.com.
+ GUESS=$UNAME_MACHINE-stratus-vos
+ ;;
+ *:VOS:*:*)
+ # From Paul.Green@stratus.com.
+ GUESS=hppa1.1-stratus-vos
+ ;;
+ mc68*:A/UX:*:*)
+ GUESS=m68k-apple-aux$UNAME_RELEASE
+ ;;
+ news*:NEWS-OS:6*:*)
+ GUESS=mips-sony-newsos6
+ ;;
+ R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
+ if test -d /usr/nec; then
+ GUESS=mips-nec-sysv$UNAME_RELEASE
+ else
+ GUESS=mips-unknown-sysv$UNAME_RELEASE
+ fi
+ ;;
+ BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only.
+ GUESS=powerpc-be-beos
+ ;;
+ BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only.
+ GUESS=powerpc-apple-beos
+ ;;
+ BePC:BeOS:*:*) # BeOS running on Intel PC compatible.
+ GUESS=i586-pc-beos
+ ;;
+ BePC:Haiku:*:*) # Haiku running on Intel PC compatible.
+ GUESS=i586-pc-haiku
+ ;;
+ x86_64:Haiku:*:*)
+ GUESS=x86_64-unknown-haiku
+ ;;
+ SX-4:SUPER-UX:*:*)
+ GUESS=sx4-nec-superux$UNAME_RELEASE
+ ;;
+ SX-5:SUPER-UX:*:*)
+ GUESS=sx5-nec-superux$UNAME_RELEASE
+ ;;
+ SX-6:SUPER-UX:*:*)
+ GUESS=sx6-nec-superux$UNAME_RELEASE
+ ;;
+ SX-7:SUPER-UX:*:*)
+ GUESS=sx7-nec-superux$UNAME_RELEASE
+ ;;
+ SX-8:SUPER-UX:*:*)
+ GUESS=sx8-nec-superux$UNAME_RELEASE
+ ;;
+ SX-8R:SUPER-UX:*:*)
+ GUESS=sx8r-nec-superux$UNAME_RELEASE
+ ;;
+ SX-ACE:SUPER-UX:*:*)
+ GUESS=sxace-nec-superux$UNAME_RELEASE
+ ;;
+ Power*:Rhapsody:*:*)
+ GUESS=powerpc-apple-rhapsody$UNAME_RELEASE
+ ;;
+ *:Rhapsody:*:*)
+ GUESS=$UNAME_MACHINE-apple-rhapsody$UNAME_RELEASE
+ ;;
+ arm64:Darwin:*:*)
+ GUESS=aarch64-apple-darwin$UNAME_RELEASE
+ ;;
+ *:Darwin:*:*)
+ UNAME_PROCESSOR=`uname -p`
+ case $UNAME_PROCESSOR in
+ unknown) UNAME_PROCESSOR=powerpc ;;
+ esac
+ if command -v xcode-select > /dev/null 2> /dev/null && \
+ ! xcode-select --print-path > /dev/null 2> /dev/null ; then
+ # Avoid executing cc if there is no toolchain installed as
+ # cc will be a stub that puts up a graphical alert
+ # prompting the user to install developer tools.
+ CC_FOR_BUILD=no_compiler_found
+ else
+ set_cc_for_build
+ fi
+ if test "$CC_FOR_BUILD" != no_compiler_found; then
+ if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \
+ (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \
+ grep IS_64BIT_ARCH >/dev/null
+ then
+ case $UNAME_PROCESSOR in
+ i386) UNAME_PROCESSOR=x86_64 ;;
+ powerpc) UNAME_PROCESSOR=powerpc64 ;;
+ esac
+ fi
+ # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc
+ if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \
+ (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \
+ grep IS_PPC >/dev/null
+ then
+ UNAME_PROCESSOR=powerpc
+ fi
+ elif test "$UNAME_PROCESSOR" = i386 ; then
+ # uname -m returns i386 or x86_64
+ UNAME_PROCESSOR=$UNAME_MACHINE
+ fi
+ GUESS=$UNAME_PROCESSOR-apple-darwin$UNAME_RELEASE
+ ;;
+ *:procnto*:*:* | *:QNX:[0123456789]*:*)
+ UNAME_PROCESSOR=`uname -p`
+ if test "$UNAME_PROCESSOR" = x86; then
+ UNAME_PROCESSOR=i386
+ UNAME_MACHINE=pc
+ fi
+ GUESS=$UNAME_PROCESSOR-$UNAME_MACHINE-nto-qnx$UNAME_RELEASE
+ ;;
+ *:QNX:*:4*)
+ GUESS=i386-pc-qnx
+ ;;
+ NEO-*:NONSTOP_KERNEL:*:*)
+ GUESS=neo-tandem-nsk$UNAME_RELEASE
+ ;;
+ NSE-*:NONSTOP_KERNEL:*:*)
+ GUESS=nse-tandem-nsk$UNAME_RELEASE
+ ;;
+ NSR-*:NONSTOP_KERNEL:*:*)
+ GUESS=nsr-tandem-nsk$UNAME_RELEASE
+ ;;
+ NSV-*:NONSTOP_KERNEL:*:*)
+ GUESS=nsv-tandem-nsk$UNAME_RELEASE
+ ;;
+ NSX-*:NONSTOP_KERNEL:*:*)
+ GUESS=nsx-tandem-nsk$UNAME_RELEASE
+ ;;
+ *:NonStop-UX:*:*)
+ GUESS=mips-compaq-nonstopux
+ ;;
+ BS2000:POSIX*:*:*)
+ GUESS=bs2000-siemens-sysv
+ ;;
+ DS/*:UNIX_System_V:*:*)
+ GUESS=$UNAME_MACHINE-$UNAME_SYSTEM-$UNAME_RELEASE
+ ;;
+ *:Plan9:*:*)
+ # "uname -m" is not consistent, so use $cputype instead. 386
+ # is converted to i386 for consistency with other x86
+ # operating systems.
+ if test "${cputype-}" = 386; then
+ UNAME_MACHINE=i386
+ elif test "x${cputype-}" != x; then
+ UNAME_MACHINE=$cputype
+ fi
+ GUESS=$UNAME_MACHINE-unknown-plan9
+ ;;
+ *:TOPS-10:*:*)
+ GUESS=pdp10-unknown-tops10
+ ;;
+ *:TENEX:*:*)
+ GUESS=pdp10-unknown-tenex
+ ;;
+ KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*)
+ GUESS=pdp10-dec-tops20
+ ;;
+ XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*)
+ GUESS=pdp10-xkl-tops20
+ ;;
+ *:TOPS-20:*:*)
+ GUESS=pdp10-unknown-tops20
+ ;;
+ *:ITS:*:*)
+ GUESS=pdp10-unknown-its
+ ;;
+ SEI:*:*:SEIUX)
+ GUESS=mips-sei-seiux$UNAME_RELEASE
+ ;;
+ *:DragonFly:*:*)
+ DRAGONFLY_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'`
+ GUESS=$UNAME_MACHINE-unknown-dragonfly$DRAGONFLY_REL
+ ;;
+ *:*VMS:*:*)
+ UNAME_MACHINE=`(uname -p) 2>/dev/null`
+ case $UNAME_MACHINE in
+ A*) GUESS=alpha-dec-vms ;;
+ I*) GUESS=ia64-dec-vms ;;
+ V*) GUESS=vax-dec-vms ;;
+ esac ;;
+ *:XENIX:*:SysV)
+ GUESS=i386-pc-xenix
+ ;;
+ i*86:skyos:*:*)
+ SKYOS_REL=`echo "$UNAME_RELEASE" | sed -e 's/ .*$//'`
+ GUESS=$UNAME_MACHINE-pc-skyos$SKYOS_REL
+ ;;
+ i*86:rdos:*:*)
+ GUESS=$UNAME_MACHINE-pc-rdos
+ ;;
+ i*86:Fiwix:*:*)
+ GUESS=$UNAME_MACHINE-pc-fiwix
+ ;;
+ *:AROS:*:*)
+ GUESS=$UNAME_MACHINE-unknown-aros
+ ;;
+ x86_64:VMkernel:*:*)
+ GUESS=$UNAME_MACHINE-unknown-esx
+ ;;
+ amd64:Isilon\ OneFS:*:*)
+ GUESS=x86_64-unknown-onefs
+ ;;
+ *:Unleashed:*:*)
+ GUESS=$UNAME_MACHINE-unknown-unleashed$UNAME_RELEASE
+ ;;
+esac
+
+# Do we have a guess based on uname results?
+if test "x$GUESS" != x; then
+ echo "$GUESS"
+ exit
+fi
+
+# No uname command or uname output not recognized.
+set_cc_for_build
+cat > "$dummy.c" <<EOF
+#ifdef _SEQUENT_
+#include <sys/types.h>
+#include <sys/utsname.h>
+#endif
+#if defined(ultrix) || defined(_ultrix) || defined(__ultrix) || defined(__ultrix__)
+#if defined (vax) || defined (__vax) || defined (__vax__) || defined(mips) || defined(__mips) || defined(__mips__) || defined(MIPS) || defined(__MIPS__)
+#include <signal.h>
+#if defined(_SIZE_T_) || defined(SIGLOST)
+#include <sys/utsname.h>
+#endif
+#endif
+#endif
+main ()
+{
+#if defined (sony)
+#if defined (MIPSEB)
+ /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed,
+ I don't know.... */
+ printf ("mips-sony-bsd\n"); exit (0);
+#else
+#include <sys/param.h>
+ printf ("m68k-sony-newsos%s\n",
+#ifdef NEWSOS4
+ "4"
+#else
+ ""
+#endif
+ ); exit (0);
+#endif
+#endif
+
+#if defined (NeXT)
+#if !defined (__ARCHITECTURE__)
+#define __ARCHITECTURE__ "m68k"
+#endif
+ int version;
+ version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
+ if (version < 4)
+ printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version);
+ else
+ printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version);
+ exit (0);
+#endif
+
+#if defined (MULTIMAX) || defined (n16)
+#if defined (UMAXV)
+ printf ("ns32k-encore-sysv\n"); exit (0);
+#else
+#if defined (CMU)
+ printf ("ns32k-encore-mach\n"); exit (0);
+#else
+ printf ("ns32k-encore-bsd\n"); exit (0);
+#endif
+#endif
+#endif
+
+#if defined (__386BSD__)
+ printf ("i386-pc-bsd\n"); exit (0);
+#endif
+
+#if defined (sequent)
+#if defined (i386)
+ printf ("i386-sequent-dynix\n"); exit (0);
+#endif
+#if defined (ns32000)
+ printf ("ns32k-sequent-dynix\n"); exit (0);
+#endif
+#endif
+
+#if defined (_SEQUENT_)
+ struct utsname un;
+
+ uname(&un);
+ if (strncmp(un.version, "V2", 2) == 0) {
+ printf ("i386-sequent-ptx2\n"); exit (0);
+ }
+ if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
+ printf ("i386-sequent-ptx1\n"); exit (0);
+ }
+ printf ("i386-sequent-ptx\n"); exit (0);
+#endif
+
+#if defined (vax)
+#if !defined (ultrix)
+#include <sys/param.h>
+#if defined (BSD)
+#if BSD == 43
+ printf ("vax-dec-bsd4.3\n"); exit (0);
+#else
+#if BSD == 199006
+ printf ("vax-dec-bsd4.3reno\n"); exit (0);
+#else
+ printf ("vax-dec-bsd\n"); exit (0);
+#endif
+#endif
+#else
+ printf ("vax-dec-bsd\n"); exit (0);
+#endif
+#else
+#if defined(_SIZE_T_) || defined(SIGLOST)
+ struct utsname un;
+ uname (&un);
+ printf ("vax-dec-ultrix%s\n", un.release); exit (0);
+#else
+ printf ("vax-dec-ultrix\n"); exit (0);
+#endif
+#endif
+#endif
+#if defined(ultrix) || defined(_ultrix) || defined(__ultrix) || defined(__ultrix__)
+#if defined(mips) || defined(__mips) || defined(__mips__) || defined(MIPS) || defined(__MIPS__)
+#if defined(_SIZE_T_) || defined(SIGLOST)
+ struct utsname *un;
+ uname (&un);
+ printf ("mips-dec-ultrix%s\n", un.release); exit (0);
+#else
+ printf ("mips-dec-ultrix\n"); exit (0);
+#endif
+#endif
+#endif
+
+#if defined (alliant) && defined (i860)
+ printf ("i860-alliant-bsd\n"); exit (0);
+#endif
+
+ exit (1);
+}
+EOF
+
+$CC_FOR_BUILD -o "$dummy" "$dummy.c" 2>/dev/null && SYSTEM_NAME=`"$dummy"` &&
+ { echo "$SYSTEM_NAME"; exit; }
+
+# Apollos put the system type in the environment.
+test -d /usr/apollo && { echo "$ISP-apollo-$SYSTYPE"; exit; }
+
+echo "$0: unable to guess system type" >&2
+
+case $UNAME_MACHINE:$UNAME_SYSTEM in
+ mips:Linux | mips64:Linux)
+ # If we got here on MIPS GNU/Linux, output extra information.
+ cat >&2 <<EOF
+
+NOTE: MIPS GNU/Linux systems require a C compiler to fully recognize
+the system type. Please install a C compiler and try again.
+EOF
+ ;;
+esac
+
+cat >&2 <<EOF
+
+This script (version $timestamp), has failed to recognize the
+operating system you are using. If your script is old, overwrite *all*
+copies of config.guess and config.sub with the latest versions from:
+
+ https://git.savannah.gnu.org/cgit/config.git/plain/config.guess
+and
+ https://git.savannah.gnu.org/cgit/config.git/plain/config.sub
+EOF
+
+our_year=`echo $timestamp | sed 's,-.*,,'`
+thisyear=`date +%Y`
+# shellcheck disable=SC2003
+script_age=`expr "$thisyear" - "$our_year"`
+if test "$script_age" -lt 3 ; then
+ cat >&2 <<EOF
+
+If $0 has already been updated, send the following data and any
+information you think might be pertinent to config-patches@gnu.org to
+provide the necessary information to handle your system.
+
+config.guess timestamp = $timestamp
+
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null`
+/bin/uname -X = `(/bin/uname -X) 2>/dev/null`
+
+hostinfo = `(hostinfo) 2>/dev/null`
+/bin/universe = `(/bin/universe) 2>/dev/null`
+/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null`
+/bin/arch = `(/bin/arch) 2>/dev/null`
+/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null`
+
+UNAME_MACHINE = "$UNAME_MACHINE"
+UNAME_RELEASE = "$UNAME_RELEASE"
+UNAME_SYSTEM = "$UNAME_SYSTEM"
+UNAME_VERSION = "$UNAME_VERSION"
+EOF
+fi
+
+exit 1
+
+# Local variables:
+# eval: (add-hook 'before-save-hook 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
/* config.h.in. Generated from configure.ac by autoheader. */
-/* Define to 1 if you have the <ansidecl.h> header file. */
-#undef HAVE_ANSIDECL_H
-
-/* Define to 1 if you have the <ctype.h> header file. */
-#undef HAVE_CTYPE_H
-
/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
*/
#undef HAVE_DIRENT_H
/* Define to 1 if you have the <dlfcn.h> header file. */
#undef HAVE_DLFCN_H
-/* Define to 1 if you have the <errno.h> header file. */
-#undef HAVE_ERRNO_H
-
-/* Define to 1 if you have the `fprintf' function. */
-#undef HAVE_FPRINTF
-
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
#undef HAVE_NDIR_H
-/* Define to 1 if you have the `printf' function. */
-#undef HAVE_PRINTF
-
-/* Define to 1 if you have the `snprintf' function. */
-#undef HAVE_SNPRINTF
-
-/* Define to 1 if you have the `sprintf' function. */
-#undef HAVE_SPRINTF
-
-/* Define to 1 if you have the `sscanf' function. */
-#undef HAVE_SSCANF
-
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
-/* Define to 1 if you have the `strchr' function. */
-#undef HAVE_STRCHR
-
/* Define to 1 if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
-/* Define to 1 if you have the `strrchr' function. */
-#undef HAVE_STRRCHR
-
/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'.
*/
#undef HAVE_SYS_DIR_H
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
-/* Define to 1 if you have the `timegm' function. */
-#undef HAVE_TIMEGM
-
-/* Define to 1 if you have the <time.h> header file. */
-#undef HAVE_TIME_H
-
/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
-/* Define to 1 if you have the `vfprintf' function. */
-#undef HAVE_VFPRINTF
-
-/* Define to 1 if you have the `vsnprintf' function. */
-#undef HAVE_VSNPRINTF
-
-/* Define to 1 if you have the `vsprintf' function. */
-#undef HAVE_VSPRINTF
-
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
- */
+/* Define to the sub-directory where libtool stores uninstalled libraries. */
#undef LT_OBJDIR
/* Name of package */
/* The size of `size_t', as computed by sizeof. */
#undef SIZEOF_SIZE_T
-/* Define to 1 if you have the ANSI C header files. */
+/* Define to 1 if all of the C90 standard headers exist (not just the ones
+ required in a freestanding environment). This macro is provided for
+ backward compatibility; new code need not use it. */
#undef STDC_HEADERS
/* Version number of package */
--- /dev/null
+#! /bin/sh
+# Configuration validation subroutine script.
+# Copyright 1992-2022 Free Software Foundation, Inc.
+
+# shellcheck disable=SC2006,SC2268 # see below for rationale
+
+timestamp='2022-01-03'
+
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that
+# program. This Exception is an additional permission under section 7
+# of the GNU General Public License, version 3 ("GPLv3").
+
+
+# Please send patches to <config-patches@gnu.org>.
+#
+# Configuration subroutine to validate and canonicalize a configuration type.
+# Supply the specified configuration type as an argument.
+# If it is invalid, we print an error message on stderr and exit with code 1.
+# Otherwise, we print the canonical config type on stdout and succeed.
+
+# You can get the latest version of this script from:
+# https://git.savannah.gnu.org/cgit/config.git/plain/config.sub
+
+# This file is supposed to be the same for all GNU packages
+# and recognize all the CPU types, system types and aliases
+# that are meaningful with *any* GNU software.
+# Each package is responsible for reporting which valid configurations
+# it does not support. The user should be able to distinguish
+# a failure to support a valid configuration from a meaningless
+# configuration.
+
+# The goal of this file is to map all the various variations of a given
+# machine specification into a single specification in the form:
+# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# or in some cases, the newer four-part form:
+# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
+# It is wrong to echo any other type of specification.
+
+# The "shellcheck disable" line above the timestamp inhibits complaints
+# about features and limitations of the classic Bourne shell that were
+# superseded or lifted in POSIX. However, this script identifies a wide
+# variety of pre-POSIX systems that do not have POSIX shells at all, and
+# even some reasonably current systems (Solaris 10 as case-in-point) still
+# have a pre-POSIX /bin/sh.
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION] CPU-MFR-OPSYS or ALIAS
+
+Canonicalize a configuration name.
+
+Options:
+ -h, --help print this help, then exit
+ -t, --time-stamp print date of last modification, then exit
+ -v, --version print version number, then exit
+
+Report bugs and patches to <config-patches@gnu.org>."
+
+version="\
+GNU config.sub ($timestamp)
+
+Copyright 1992-2022 Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions. There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+ case $1 in
+ --time-stamp | --time* | -t )
+ echo "$timestamp" ; exit ;;
+ --version | -v )
+ echo "$version" ; exit ;;
+ --help | --h* | -h )
+ echo "$usage"; exit ;;
+ -- ) # Stop option processing
+ shift; break ;;
+ - ) # Use stdin as input.
+ break ;;
+ -* )
+ echo "$me: invalid option $1$help" >&2
+ exit 1 ;;
+
+ *local*)
+ # First pass through any local machine types.
+ echo "$1"
+ exit ;;
+
+ * )
+ break ;;
+ esac
+done
+
+case $# in
+ 0) echo "$me: missing argument$help" >&2
+ exit 1;;
+ 1) ;;
+ *) echo "$me: too many arguments$help" >&2
+ exit 1;;
+esac
+
+# Split fields of configuration type
+# shellcheck disable=SC2162
+saved_IFS=$IFS
+IFS="-" read field1 field2 field3 field4 <<EOF
+$1
+EOF
+IFS=$saved_IFS
+
+# Separate into logical components for further validation
+case $1 in
+ *-*-*-*-*)
+ echo Invalid configuration \`"$1"\': more than four components >&2
+ exit 1
+ ;;
+ *-*-*-*)
+ basic_machine=$field1-$field2
+ basic_os=$field3-$field4
+ ;;
+ *-*-*)
+ # Ambiguous whether COMPANY is present, or skipped and KERNEL-OS is two
+ # parts
+ maybe_os=$field2-$field3
+ case $maybe_os in
+ nto-qnx* | linux-* | uclinux-uclibc* \
+ | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* \
+ | netbsd*-eabi* | kopensolaris*-gnu* | cloudabi*-eabi* \
+ | storm-chaos* | os2-emx* | rtmk-nova*)
+ basic_machine=$field1
+ basic_os=$maybe_os
+ ;;
+ android-linux)
+ basic_machine=$field1-unknown
+ basic_os=linux-android
+ ;;
+ *)
+ basic_machine=$field1-$field2
+ basic_os=$field3
+ ;;
+ esac
+ ;;
+ *-*)
+ # A lone config we happen to match not fitting any pattern
+ case $field1-$field2 in
+ decstation-3100)
+ basic_machine=mips-dec
+ basic_os=
+ ;;
+ *-*)
+ # Second component is usually, but not always the OS
+ case $field2 in
+ # Prevent following clause from handling this valid os
+ sun*os*)
+ basic_machine=$field1
+ basic_os=$field2
+ ;;
+ zephyr*)
+ basic_machine=$field1-unknown
+ basic_os=$field2
+ ;;
+ # Manufacturers
+ dec* | mips* | sequent* | encore* | pc533* | sgi* | sony* \
+ | att* | 7300* | 3300* | delta* | motorola* | sun[234]* \
+ | unicom* | ibm* | next | hp | isi* | apollo | altos* \
+ | convergent* | ncr* | news | 32* | 3600* | 3100* \
+ | hitachi* | c[123]* | convex* | sun | crds | omron* | dg \
+ | ultra | tti* | harris | dolphin | highlevel | gould \
+ | cbm | ns | masscomp | apple | axis | knuth | cray \
+ | microblaze* | sim | cisco \
+ | oki | wec | wrs | winbond)
+ basic_machine=$field1-$field2
+ basic_os=
+ ;;
+ *)
+ basic_machine=$field1
+ basic_os=$field2
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+ *)
+ # Convert single-component short-hands not valid as part of
+ # multi-component configurations.
+ case $field1 in
+ 386bsd)
+ basic_machine=i386-pc
+ basic_os=bsd
+ ;;
+ a29khif)
+ basic_machine=a29k-amd
+ basic_os=udi
+ ;;
+ adobe68k)
+ basic_machine=m68010-adobe
+ basic_os=scout
+ ;;
+ alliant)
+ basic_machine=fx80-alliant
+ basic_os=
+ ;;
+ altos | altos3068)
+ basic_machine=m68k-altos
+ basic_os=
+ ;;
+ am29k)
+ basic_machine=a29k-none
+ basic_os=bsd
+ ;;
+ amdahl)
+ basic_machine=580-amdahl
+ basic_os=sysv
+ ;;
+ amiga)
+ basic_machine=m68k-unknown
+ basic_os=
+ ;;
+ amigaos | amigados)
+ basic_machine=m68k-unknown
+ basic_os=amigaos
+ ;;
+ amigaunix | amix)
+ basic_machine=m68k-unknown
+ basic_os=sysv4
+ ;;
+ apollo68)
+ basic_machine=m68k-apollo
+ basic_os=sysv
+ ;;
+ apollo68bsd)
+ basic_machine=m68k-apollo
+ basic_os=bsd
+ ;;
+ aros)
+ basic_machine=i386-pc
+ basic_os=aros
+ ;;
+ aux)
+ basic_machine=m68k-apple
+ basic_os=aux
+ ;;
+ balance)
+ basic_machine=ns32k-sequent
+ basic_os=dynix
+ ;;
+ blackfin)
+ basic_machine=bfin-unknown
+ basic_os=linux
+ ;;
+ cegcc)
+ basic_machine=arm-unknown
+ basic_os=cegcc
+ ;;
+ convex-c1)
+ basic_machine=c1-convex
+ basic_os=bsd
+ ;;
+ convex-c2)
+ basic_machine=c2-convex
+ basic_os=bsd
+ ;;
+ convex-c32)
+ basic_machine=c32-convex
+ basic_os=bsd
+ ;;
+ convex-c34)
+ basic_machine=c34-convex
+ basic_os=bsd
+ ;;
+ convex-c38)
+ basic_machine=c38-convex
+ basic_os=bsd
+ ;;
+ cray)
+ basic_machine=j90-cray
+ basic_os=unicos
+ ;;
+ crds | unos)
+ basic_machine=m68k-crds
+ basic_os=
+ ;;
+ da30)
+ basic_machine=m68k-da30
+ basic_os=
+ ;;
+ decstation | pmax | pmin | dec3100 | decstatn)
+ basic_machine=mips-dec
+ basic_os=
+ ;;
+ delta88)
+ basic_machine=m88k-motorola
+ basic_os=sysv3
+ ;;
+ dicos)
+ basic_machine=i686-pc
+ basic_os=dicos
+ ;;
+ djgpp)
+ basic_machine=i586-pc
+ basic_os=msdosdjgpp
+ ;;
+ ebmon29k)
+ basic_machine=a29k-amd
+ basic_os=ebmon
+ ;;
+ es1800 | OSE68k | ose68k | ose | OSE)
+ basic_machine=m68k-ericsson
+ basic_os=ose
+ ;;
+ gmicro)
+ basic_machine=tron-gmicro
+ basic_os=sysv
+ ;;
+ go32)
+ basic_machine=i386-pc
+ basic_os=go32
+ ;;
+ h8300hms)
+ basic_machine=h8300-hitachi
+ basic_os=hms
+ ;;
+ h8300xray)
+ basic_machine=h8300-hitachi
+ basic_os=xray
+ ;;
+ h8500hms)
+ basic_machine=h8500-hitachi
+ basic_os=hms
+ ;;
+ harris)
+ basic_machine=m88k-harris
+ basic_os=sysv3
+ ;;
+ hp300 | hp300hpux)
+ basic_machine=m68k-hp
+ basic_os=hpux
+ ;;
+ hp300bsd)
+ basic_machine=m68k-hp
+ basic_os=bsd
+ ;;
+ hppaosf)
+ basic_machine=hppa1.1-hp
+ basic_os=osf
+ ;;
+ hppro)
+ basic_machine=hppa1.1-hp
+ basic_os=proelf
+ ;;
+ i386mach)
+ basic_machine=i386-mach
+ basic_os=mach
+ ;;
+ isi68 | isi)
+ basic_machine=m68k-isi
+ basic_os=sysv
+ ;;
+ m68knommu)
+ basic_machine=m68k-unknown
+ basic_os=linux
+ ;;
+ magnum | m3230)
+ basic_machine=mips-mips
+ basic_os=sysv
+ ;;
+ merlin)
+ basic_machine=ns32k-utek
+ basic_os=sysv
+ ;;
+ mingw64)
+ basic_machine=x86_64-pc
+ basic_os=mingw64
+ ;;
+ mingw32)
+ basic_machine=i686-pc
+ basic_os=mingw32
+ ;;
+ mingw32ce)
+ basic_machine=arm-unknown
+ basic_os=mingw32ce
+ ;;
+ monitor)
+ basic_machine=m68k-rom68k
+ basic_os=coff
+ ;;
+ morphos)
+ basic_machine=powerpc-unknown
+ basic_os=morphos
+ ;;
+ moxiebox)
+ basic_machine=moxie-unknown
+ basic_os=moxiebox
+ ;;
+ msdos)
+ basic_machine=i386-pc
+ basic_os=msdos
+ ;;
+ msys)
+ basic_machine=i686-pc
+ basic_os=msys
+ ;;
+ mvs)
+ basic_machine=i370-ibm
+ basic_os=mvs
+ ;;
+ nacl)
+ basic_machine=le32-unknown
+ basic_os=nacl
+ ;;
+ ncr3000)
+ basic_machine=i486-ncr
+ basic_os=sysv4
+ ;;
+ netbsd386)
+ basic_machine=i386-pc
+ basic_os=netbsd
+ ;;
+ netwinder)
+ basic_machine=armv4l-rebel
+ basic_os=linux
+ ;;
+ news | news700 | news800 | news900)
+ basic_machine=m68k-sony
+ basic_os=newsos
+ ;;
+ news1000)
+ basic_machine=m68030-sony
+ basic_os=newsos
+ ;;
+ necv70)
+ basic_machine=v70-nec
+ basic_os=sysv
+ ;;
+ nh3000)
+ basic_machine=m68k-harris
+ basic_os=cxux
+ ;;
+ nh[45]000)
+ basic_machine=m88k-harris
+ basic_os=cxux
+ ;;
+ nindy960)
+ basic_machine=i960-intel
+ basic_os=nindy
+ ;;
+ mon960)
+ basic_machine=i960-intel
+ basic_os=mon960
+ ;;
+ nonstopux)
+ basic_machine=mips-compaq
+ basic_os=nonstopux
+ ;;
+ os400)
+ basic_machine=powerpc-ibm
+ basic_os=os400
+ ;;
+ OSE68000 | ose68000)
+ basic_machine=m68000-ericsson
+ basic_os=ose
+ ;;
+ os68k)
+ basic_machine=m68k-none
+ basic_os=os68k
+ ;;
+ paragon)
+ basic_machine=i860-intel
+ basic_os=osf
+ ;;
+ parisc)
+ basic_machine=hppa-unknown
+ basic_os=linux
+ ;;
+ psp)
+ basic_machine=mipsallegrexel-sony
+ basic_os=psp
+ ;;
+ pw32)
+ basic_machine=i586-unknown
+ basic_os=pw32
+ ;;
+ rdos | rdos64)
+ basic_machine=x86_64-pc
+ basic_os=rdos
+ ;;
+ rdos32)
+ basic_machine=i386-pc
+ basic_os=rdos
+ ;;
+ rom68k)
+ basic_machine=m68k-rom68k
+ basic_os=coff
+ ;;
+ sa29200)
+ basic_machine=a29k-amd
+ basic_os=udi
+ ;;
+ sei)
+ basic_machine=mips-sei
+ basic_os=seiux
+ ;;
+ sequent)
+ basic_machine=i386-sequent
+ basic_os=
+ ;;
+ sps7)
+ basic_machine=m68k-bull
+ basic_os=sysv2
+ ;;
+ st2000)
+ basic_machine=m68k-tandem
+ basic_os=
+ ;;
+ stratus)
+ basic_machine=i860-stratus
+ basic_os=sysv4
+ ;;
+ sun2)
+ basic_machine=m68000-sun
+ basic_os=
+ ;;
+ sun2os3)
+ basic_machine=m68000-sun
+ basic_os=sunos3
+ ;;
+ sun2os4)
+ basic_machine=m68000-sun
+ basic_os=sunos4
+ ;;
+ sun3)
+ basic_machine=m68k-sun
+ basic_os=
+ ;;
+ sun3os3)
+ basic_machine=m68k-sun
+ basic_os=sunos3
+ ;;
+ sun3os4)
+ basic_machine=m68k-sun
+ basic_os=sunos4
+ ;;
+ sun4)
+ basic_machine=sparc-sun
+ basic_os=
+ ;;
+ sun4os3)
+ basic_machine=sparc-sun
+ basic_os=sunos3
+ ;;
+ sun4os4)
+ basic_machine=sparc-sun
+ basic_os=sunos4
+ ;;
+ sun4sol2)
+ basic_machine=sparc-sun
+ basic_os=solaris2
+ ;;
+ sun386 | sun386i | roadrunner)
+ basic_machine=i386-sun
+ basic_os=
+ ;;
+ sv1)
+ basic_machine=sv1-cray
+ basic_os=unicos
+ ;;
+ symmetry)
+ basic_machine=i386-sequent
+ basic_os=dynix
+ ;;
+ t3e)
+ basic_machine=alphaev5-cray
+ basic_os=unicos
+ ;;
+ t90)
+ basic_machine=t90-cray
+ basic_os=unicos
+ ;;
+ toad1)
+ basic_machine=pdp10-xkl
+ basic_os=tops20
+ ;;
+ tpf)
+ basic_machine=s390x-ibm
+ basic_os=tpf
+ ;;
+ udi29k)
+ basic_machine=a29k-amd
+ basic_os=udi
+ ;;
+ ultra3)
+ basic_machine=a29k-nyu
+ basic_os=sym1
+ ;;
+ v810 | necv810)
+ basic_machine=v810-nec
+ basic_os=none
+ ;;
+ vaxv)
+ basic_machine=vax-dec
+ basic_os=sysv
+ ;;
+ vms)
+ basic_machine=vax-dec
+ basic_os=vms
+ ;;
+ vsta)
+ basic_machine=i386-pc
+ basic_os=vsta
+ ;;
+ vxworks960)
+ basic_machine=i960-wrs
+ basic_os=vxworks
+ ;;
+ vxworks68)
+ basic_machine=m68k-wrs
+ basic_os=vxworks
+ ;;
+ vxworks29k)
+ basic_machine=a29k-wrs
+ basic_os=vxworks
+ ;;
+ xbox)
+ basic_machine=i686-pc
+ basic_os=mingw32
+ ;;
+ ymp)
+ basic_machine=ymp-cray
+ basic_os=unicos
+ ;;
+ *)
+ basic_machine=$1
+ basic_os=
+ ;;
+ esac
+ ;;
+esac
+
+# Decode 1-component or ad-hoc basic machines
+case $basic_machine in
+ # Here we handle the default manufacturer of certain CPU types. It is in
+ # some cases the only manufacturer, in others, it is the most popular.
+ w89k)
+ cpu=hppa1.1
+ vendor=winbond
+ ;;
+ op50n)
+ cpu=hppa1.1
+ vendor=oki
+ ;;
+ op60c)
+ cpu=hppa1.1
+ vendor=oki
+ ;;
+ ibm*)
+ cpu=i370
+ vendor=ibm
+ ;;
+ orion105)
+ cpu=clipper
+ vendor=highlevel
+ ;;
+ mac | mpw | mac-mpw)
+ cpu=m68k
+ vendor=apple
+ ;;
+ pmac | pmac-mpw)
+ cpu=powerpc
+ vendor=apple
+ ;;
+
+ # Recognize the various machine names and aliases which stand
+ # for a CPU type and a company and sometimes even an OS.
+ 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
+ cpu=m68000
+ vendor=att
+ ;;
+ 3b*)
+ cpu=we32k
+ vendor=att
+ ;;
+ bluegene*)
+ cpu=powerpc
+ vendor=ibm
+ basic_os=cnk
+ ;;
+ decsystem10* | dec10*)
+ cpu=pdp10
+ vendor=dec
+ basic_os=tops10
+ ;;
+ decsystem20* | dec20*)
+ cpu=pdp10
+ vendor=dec
+ basic_os=tops20
+ ;;
+ delta | 3300 | motorola-3300 | motorola-delta \
+ | 3300-motorola | delta-motorola)
+ cpu=m68k
+ vendor=motorola
+ ;;
+ dpx2*)
+ cpu=m68k
+ vendor=bull
+ basic_os=sysv3
+ ;;
+ encore | umax | mmax)
+ cpu=ns32k
+ vendor=encore
+ ;;
+ elxsi)
+ cpu=elxsi
+ vendor=elxsi
+ basic_os=${basic_os:-bsd}
+ ;;
+ fx2800)
+ cpu=i860
+ vendor=alliant
+ ;;
+ genix)
+ cpu=ns32k
+ vendor=ns
+ ;;
+ h3050r* | hiux*)
+ cpu=hppa1.1
+ vendor=hitachi
+ basic_os=hiuxwe2
+ ;;
+ hp3k9[0-9][0-9] | hp9[0-9][0-9])
+ cpu=hppa1.0
+ vendor=hp
+ ;;
+ hp9k2[0-9][0-9] | hp9k31[0-9])
+ cpu=m68000
+ vendor=hp
+ ;;
+ hp9k3[2-9][0-9])
+ cpu=m68k
+ vendor=hp
+ ;;
+ hp9k6[0-9][0-9] | hp6[0-9][0-9])
+ cpu=hppa1.0
+ vendor=hp
+ ;;
+ hp9k7[0-79][0-9] | hp7[0-79][0-9])
+ cpu=hppa1.1
+ vendor=hp
+ ;;
+ hp9k78[0-9] | hp78[0-9])
+ # FIXME: really hppa2.0-hp
+ cpu=hppa1.1
+ vendor=hp
+ ;;
+ hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893)
+ # FIXME: really hppa2.0-hp
+ cpu=hppa1.1
+ vendor=hp
+ ;;
+ hp9k8[0-9][13679] | hp8[0-9][13679])
+ cpu=hppa1.1
+ vendor=hp
+ ;;
+ hp9k8[0-9][0-9] | hp8[0-9][0-9])
+ cpu=hppa1.0
+ vendor=hp
+ ;;
+ i*86v32)
+ cpu=`echo "$1" | sed -e 's/86.*/86/'`
+ vendor=pc
+ basic_os=sysv32
+ ;;
+ i*86v4*)
+ cpu=`echo "$1" | sed -e 's/86.*/86/'`
+ vendor=pc
+ basic_os=sysv4
+ ;;
+ i*86v)
+ cpu=`echo "$1" | sed -e 's/86.*/86/'`
+ vendor=pc
+ basic_os=sysv
+ ;;
+ i*86sol2)
+ cpu=`echo "$1" | sed -e 's/86.*/86/'`
+ vendor=pc
+ basic_os=solaris2
+ ;;
+ j90 | j90-cray)
+ cpu=j90
+ vendor=cray
+ basic_os=${basic_os:-unicos}
+ ;;
+ iris | iris4d)
+ cpu=mips
+ vendor=sgi
+ case $basic_os in
+ irix*)
+ ;;
+ *)
+ basic_os=irix4
+ ;;
+ esac
+ ;;
+ miniframe)
+ cpu=m68000
+ vendor=convergent
+ ;;
+ *mint | mint[0-9]* | *MiNT | *MiNT[0-9]*)
+ cpu=m68k
+ vendor=atari
+ basic_os=mint
+ ;;
+ news-3600 | risc-news)
+ cpu=mips
+ vendor=sony
+ basic_os=newsos
+ ;;
+ next | m*-next)
+ cpu=m68k
+ vendor=next
+ case $basic_os in
+ openstep*)
+ ;;
+ nextstep*)
+ ;;
+ ns2*)
+ basic_os=nextstep2
+ ;;
+ *)
+ basic_os=nextstep3
+ ;;
+ esac
+ ;;
+ np1)
+ cpu=np1
+ vendor=gould
+ ;;
+ op50n-* | op60c-*)
+ cpu=hppa1.1
+ vendor=oki
+ basic_os=proelf
+ ;;
+ pa-hitachi)
+ cpu=hppa1.1
+ vendor=hitachi
+ basic_os=hiuxwe2
+ ;;
+ pbd)
+ cpu=sparc
+ vendor=tti
+ ;;
+ pbb)
+ cpu=m68k
+ vendor=tti
+ ;;
+ pc532)
+ cpu=ns32k
+ vendor=pc532
+ ;;
+ pn)
+ cpu=pn
+ vendor=gould
+ ;;
+ power)
+ cpu=power
+ vendor=ibm
+ ;;
+ ps2)
+ cpu=i386
+ vendor=ibm
+ ;;
+ rm[46]00)
+ cpu=mips
+ vendor=siemens
+ ;;
+ rtpc | rtpc-*)
+ cpu=romp
+ vendor=ibm
+ ;;
+ sde)
+ cpu=mipsisa32
+ vendor=sde
+ basic_os=${basic_os:-elf}
+ ;;
+ simso-wrs)
+ cpu=sparclite
+ vendor=wrs
+ basic_os=vxworks
+ ;;
+ tower | tower-32)
+ cpu=m68k
+ vendor=ncr
+ ;;
+ vpp*|vx|vx-*)
+ cpu=f301
+ vendor=fujitsu
+ ;;
+ w65)
+ cpu=w65
+ vendor=wdc
+ ;;
+ w89k-*)
+ cpu=hppa1.1
+ vendor=winbond
+ basic_os=proelf
+ ;;
+ none)
+ cpu=none
+ vendor=none
+ ;;
+ leon|leon[3-9])
+ cpu=sparc
+ vendor=$basic_machine
+ ;;
+ leon-*|leon[3-9]-*)
+ cpu=sparc
+ vendor=`echo "$basic_machine" | sed 's/-.*//'`
+ ;;
+
+ *-*)
+ # shellcheck disable=SC2162
+ saved_IFS=$IFS
+ IFS="-" read cpu vendor <<EOF
+$basic_machine
+EOF
+ IFS=$saved_IFS
+ ;;
+ # We use `pc' rather than `unknown'
+ # because (1) that's what they normally are, and
+ # (2) the word "unknown" tends to confuse beginning users.
+ i*86 | x86_64)
+ cpu=$basic_machine
+ vendor=pc
+ ;;
+ # These rules are duplicated from below for sake of the special case above;
+ # i.e. things that normalized to x86 arches should also default to "pc"
+ pc98)
+ cpu=i386
+ vendor=pc
+ ;;
+ x64 | amd64)
+ cpu=x86_64
+ vendor=pc
+ ;;
+ # Recognize the basic CPU types without company name.
+ *)
+ cpu=$basic_machine
+ vendor=unknown
+ ;;
+esac
+
+unset -v basic_machine
+
+# Decode basic machines in the full and proper CPU-Company form.
+case $cpu-$vendor in
+ # Here we handle the default manufacturer of certain CPU types in canonical form. It is in
+ # some cases the only manufacturer, in others, it is the most popular.
+ craynv-unknown)
+ vendor=cray
+ basic_os=${basic_os:-unicosmp}
+ ;;
+ c90-unknown | c90-cray)
+ vendor=cray
+ basic_os=${Basic_os:-unicos}
+ ;;
+ fx80-unknown)
+ vendor=alliant
+ ;;
+ romp-unknown)
+ vendor=ibm
+ ;;
+ mmix-unknown)
+ vendor=knuth
+ ;;
+ microblaze-unknown | microblazeel-unknown)
+ vendor=xilinx
+ ;;
+ rs6000-unknown)
+ vendor=ibm
+ ;;
+ vax-unknown)
+ vendor=dec
+ ;;
+ pdp11-unknown)
+ vendor=dec
+ ;;
+ we32k-unknown)
+ vendor=att
+ ;;
+ cydra-unknown)
+ vendor=cydrome
+ ;;
+ i370-ibm*)
+ vendor=ibm
+ ;;
+ orion-unknown)
+ vendor=highlevel
+ ;;
+ xps-unknown | xps100-unknown)
+ cpu=xps100
+ vendor=honeywell
+ ;;
+
+ # Here we normalize CPU types with a missing or matching vendor
+ armh-unknown | armh-alt)
+ cpu=armv7l
+ vendor=alt
+ basic_os=${basic_os:-linux-gnueabihf}
+ ;;
+ dpx20-unknown | dpx20-bull)
+ cpu=rs6000
+ vendor=bull
+ basic_os=${basic_os:-bosx}
+ ;;
+
+ # Here we normalize CPU types irrespective of the vendor
+ amd64-*)
+ cpu=x86_64
+ ;;
+ blackfin-*)
+ cpu=bfin
+ basic_os=linux
+ ;;
+ c54x-*)
+ cpu=tic54x
+ ;;
+ c55x-*)
+ cpu=tic55x
+ ;;
+ c6x-*)
+ cpu=tic6x
+ ;;
+ e500v[12]-*)
+ cpu=powerpc
+ basic_os=${basic_os}"spe"
+ ;;
+ mips3*-*)
+ cpu=mips64
+ ;;
+ ms1-*)
+ cpu=mt
+ ;;
+ m68knommu-*)
+ cpu=m68k
+ basic_os=linux
+ ;;
+ m9s12z-* | m68hcs12z-* | hcs12z-* | s12z-*)
+ cpu=s12z
+ ;;
+ openrisc-*)
+ cpu=or32
+ ;;
+ parisc-*)
+ cpu=hppa
+ basic_os=linux
+ ;;
+ pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
+ cpu=i586
+ ;;
+ pentiumpro-* | p6-* | 6x86-* | athlon-* | athalon_*-*)
+ cpu=i686
+ ;;
+ pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*)
+ cpu=i686
+ ;;
+ pentium4-*)
+ cpu=i786
+ ;;
+ pc98-*)
+ cpu=i386
+ ;;
+ ppc-* | ppcbe-*)
+ cpu=powerpc
+ ;;
+ ppcle-* | powerpclittle-*)
+ cpu=powerpcle
+ ;;
+ ppc64-*)
+ cpu=powerpc64
+ ;;
+ ppc64le-* | powerpc64little-*)
+ cpu=powerpc64le
+ ;;
+ sb1-*)
+ cpu=mipsisa64sb1
+ ;;
+ sb1el-*)
+ cpu=mipsisa64sb1el
+ ;;
+ sh5e[lb]-*)
+ cpu=`echo "$cpu" | sed 's/^\(sh.\)e\(.\)$/\1\2e/'`
+ ;;
+ spur-*)
+ cpu=spur
+ ;;
+ strongarm-* | thumb-*)
+ cpu=arm
+ ;;
+ tx39-*)
+ cpu=mipstx39
+ ;;
+ tx39el-*)
+ cpu=mipstx39el
+ ;;
+ x64-*)
+ cpu=x86_64
+ ;;
+ xscale-* | xscalee[bl]-*)
+ cpu=`echo "$cpu" | sed 's/^xscale/arm/'`
+ ;;
+ arm64-* | aarch64le-*)
+ cpu=aarch64
+ ;;
+
+ # Recognize the canonical CPU Types that limit and/or modify the
+ # company names they are paired with.
+ cr16-*)
+ basic_os=${basic_os:-elf}
+ ;;
+ crisv32-* | etraxfs*-*)
+ cpu=crisv32
+ vendor=axis
+ ;;
+ cris-* | etrax*-*)
+ cpu=cris
+ vendor=axis
+ ;;
+ crx-*)
+ basic_os=${basic_os:-elf}
+ ;;
+ neo-tandem)
+ cpu=neo
+ vendor=tandem
+ ;;
+ nse-tandem)
+ cpu=nse
+ vendor=tandem
+ ;;
+ nsr-tandem)
+ cpu=nsr
+ vendor=tandem
+ ;;
+ nsv-tandem)
+ cpu=nsv
+ vendor=tandem
+ ;;
+ nsx-tandem)
+ cpu=nsx
+ vendor=tandem
+ ;;
+ mipsallegrexel-sony)
+ cpu=mipsallegrexel
+ vendor=sony
+ ;;
+ tile*-*)
+ basic_os=${basic_os:-linux-gnu}
+ ;;
+
+ *)
+ # Recognize the canonical CPU types that are allowed with any
+ # company name.
+ case $cpu in
+ 1750a | 580 \
+ | a29k \
+ | aarch64 | aarch64_be \
+ | abacus \
+ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] \
+ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] \
+ | alphapca5[67] | alpha64pca5[67] \
+ | am33_2.0 \
+ | amdgcn \
+ | arc | arceb | arc32 | arc64 \
+ | arm | arm[lb]e | arme[lb] | armv* \
+ | avr | avr32 \
+ | asmjs \
+ | ba \
+ | be32 | be64 \
+ | bfin | bpf | bs2000 \
+ | c[123]* | c30 | [cjt]90 | c4x \
+ | c8051 | clipper | craynv | csky | cydra \
+ | d10v | d30v | dlx | dsp16xx \
+ | e2k | elxsi | epiphany \
+ | f30[01] | f700 | fido | fr30 | frv | ft32 | fx80 \
+ | h8300 | h8500 \
+ | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
+ | hexagon \
+ | i370 | i*86 | i860 | i960 | ia16 | ia64 \
+ | ip2k | iq2000 \
+ | k1om \
+ | le32 | le64 \
+ | lm32 \
+ | loongarch32 | loongarch64 | loongarchx32 \
+ | m32c | m32r | m32rle \
+ | m5200 | m68000 | m680[012346]0 | m68360 | m683?2 | m68k \
+ | m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x \
+ | m88110 | m88k | maxq | mb | mcore | mep | metag \
+ | microblaze | microblazeel \
+ | mips | mipsbe | mipseb | mipsel | mipsle \
+ | mips16 \
+ | mips64 | mips64eb | mips64el \
+ | mips64octeon | mips64octeonel \
+ | mips64orion | mips64orionel \
+ | mips64r5900 | mips64r5900el \
+ | mips64vr | mips64vrel \
+ | mips64vr4100 | mips64vr4100el \
+ | mips64vr4300 | mips64vr4300el \
+ | mips64vr5000 | mips64vr5000el \
+ | mips64vr5900 | mips64vr5900el \
+ | mipsisa32 | mipsisa32el \
+ | mipsisa32r2 | mipsisa32r2el \
+ | mipsisa32r3 | mipsisa32r3el \
+ | mipsisa32r5 | mipsisa32r5el \
+ | mipsisa32r6 | mipsisa32r6el \
+ | mipsisa64 | mipsisa64el \
+ | mipsisa64r2 | mipsisa64r2el \
+ | mipsisa64r3 | mipsisa64r3el \
+ | mipsisa64r5 | mipsisa64r5el \
+ | mipsisa64r6 | mipsisa64r6el \
+ | mipsisa64sb1 | mipsisa64sb1el \
+ | mipsisa64sr71k | mipsisa64sr71kel \
+ | mipsr5900 | mipsr5900el \
+ | mipstx39 | mipstx39el \
+ | mmix \
+ | mn10200 | mn10300 \
+ | moxie \
+ | mt \
+ | msp430 \
+ | nds32 | nds32le | nds32be \
+ | nfp \
+ | nios | nios2 | nios2eb | nios2el \
+ | none | np1 | ns16k | ns32k | nvptx \
+ | open8 \
+ | or1k* \
+ | or32 \
+ | orion \
+ | picochip \
+ | pdp10 | pdp11 | pj | pjl | pn | power \
+ | powerpc | powerpc64 | powerpc64le | powerpcle | powerpcspe \
+ | pru \
+ | pyramid \
+ | riscv | riscv32 | riscv32be | riscv64 | riscv64be \
+ | rl78 | romp | rs6000 | rx \
+ | s390 | s390x \
+ | score \
+ | sh | shl \
+ | sh[1234] | sh[24]a | sh[24]ae[lb] | sh[23]e | she[lb] | sh[lb]e \
+ | sh[1234]e[lb] | sh[12345][lb]e | sh[23]ele | sh64 | sh64le \
+ | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet \
+ | sparclite \
+ | sparcv8 | sparcv9 | sparcv9b | sparcv9v | sv1 | sx* \
+ | spu \
+ | tahoe \
+ | thumbv7* \
+ | tic30 | tic4x | tic54x | tic55x | tic6x | tic80 \
+ | tron \
+ | ubicom32 \
+ | v70 | v850 | v850e | v850e1 | v850es | v850e2 | v850e2v3 \
+ | vax \
+ | visium \
+ | w65 \
+ | wasm32 | wasm64 \
+ | we32k \
+ | x86 | x86_64 | xc16x | xgate | xps100 \
+ | xstormy16 | xtensa* \
+ | ymp \
+ | z8k | z80)
+ ;;
+
+ *)
+ echo Invalid configuration \`"$1"\': machine \`"$cpu-$vendor"\' not recognized 1>&2
+ exit 1
+ ;;
+ esac
+ ;;
+esac
+
+# Here we canonicalize certain aliases for manufacturers.
+case $vendor in
+ digital*)
+ vendor=dec
+ ;;
+ commodore*)
+ vendor=cbm
+ ;;
+ *)
+ ;;
+esac
+
+# Decode manufacturer-specific aliases for certain operating systems.
+
+if test x$basic_os != x
+then
+
+# First recognize some ad-hoc cases, or perhaps split kernel-os, or else just
+# set os.
+case $basic_os in
+ gnu/linux*)
+ kernel=linux
+ os=`echo "$basic_os" | sed -e 's|gnu/linux|gnu|'`
+ ;;
+ os2-emx)
+ kernel=os2
+ os=`echo "$basic_os" | sed -e 's|os2-emx|emx|'`
+ ;;
+ nto-qnx*)
+ kernel=nto
+ os=`echo "$basic_os" | sed -e 's|nto-qnx|qnx|'`
+ ;;
+ *-*)
+ # shellcheck disable=SC2162
+ saved_IFS=$IFS
+ IFS="-" read kernel os <<EOF
+$basic_os
+EOF
+ IFS=$saved_IFS
+ ;;
+ # Default OS when just kernel was specified
+ nto*)
+ kernel=nto
+ os=`echo "$basic_os" | sed -e 's|nto|qnx|'`
+ ;;
+ linux*)
+ kernel=linux
+ os=`echo "$basic_os" | sed -e 's|linux|gnu|'`
+ ;;
+ *)
+ kernel=
+ os=$basic_os
+ ;;
+esac
+
+# Now, normalize the OS (knowing we just have one component, it's not a kernel,
+# etc.)
+case $os in
+ # First match some system type aliases that might get confused
+ # with valid system types.
+ # solaris* is a basic system type, with this one exception.
+ auroraux)
+ os=auroraux
+ ;;
+ bluegene*)
+ os=cnk
+ ;;
+ solaris1 | solaris1.*)
+ os=`echo "$os" | sed -e 's|solaris1|sunos4|'`
+ ;;
+ solaris)
+ os=solaris2
+ ;;
+ unixware*)
+ os=sysv4.2uw
+ ;;
+ # es1800 is here to avoid being matched by es* (a different OS)
+ es1800*)
+ os=ose
+ ;;
+ # Some version numbers need modification
+ chorusos*)
+ os=chorusos
+ ;;
+ isc)
+ os=isc2.2
+ ;;
+ sco6)
+ os=sco5v6
+ ;;
+ sco5)
+ os=sco3.2v5
+ ;;
+ sco4)
+ os=sco3.2v4
+ ;;
+ sco3.2.[4-9]*)
+ os=`echo "$os" | sed -e 's/sco3.2./sco3.2v/'`
+ ;;
+ sco*v* | scout)
+ # Don't match below
+ ;;
+ sco*)
+ os=sco3.2v2
+ ;;
+ psos*)
+ os=psos
+ ;;
+ qnx*)
+ os=qnx
+ ;;
+ hiux*)
+ os=hiuxwe2
+ ;;
+ lynx*178)
+ os=lynxos178
+ ;;
+ lynx*5)
+ os=lynxos5
+ ;;
+ lynxos*)
+ # don't get caught up in next wildcard
+ ;;
+ lynx*)
+ os=lynxos
+ ;;
+ mac[0-9]*)
+ os=`echo "$os" | sed -e 's|mac|macos|'`
+ ;;
+ opened*)
+ os=openedition
+ ;;
+ os400*)
+ os=os400
+ ;;
+ sunos5*)
+ os=`echo "$os" | sed -e 's|sunos5|solaris2|'`
+ ;;
+ sunos6*)
+ os=`echo "$os" | sed -e 's|sunos6|solaris3|'`
+ ;;
+ wince*)
+ os=wince
+ ;;
+ utek*)
+ os=bsd
+ ;;
+ dynix*)
+ os=bsd
+ ;;
+ acis*)
+ os=aos
+ ;;
+ atheos*)
+ os=atheos
+ ;;
+ syllable*)
+ os=syllable
+ ;;
+ 386bsd)
+ os=bsd
+ ;;
+ ctix* | uts*)
+ os=sysv
+ ;;
+ nova*)
+ os=rtmk-nova
+ ;;
+ ns2)
+ os=nextstep2
+ ;;
+ # Preserve the version number of sinix5.
+ sinix5.*)
+ os=`echo "$os" | sed -e 's|sinix|sysv|'`
+ ;;
+ sinix*)
+ os=sysv4
+ ;;
+ tpf*)
+ os=tpf
+ ;;
+ triton*)
+ os=sysv3
+ ;;
+ oss*)
+ os=sysv3
+ ;;
+ svr4*)
+ os=sysv4
+ ;;
+ svr3)
+ os=sysv3
+ ;;
+ sysvr4)
+ os=sysv4
+ ;;
+ ose*)
+ os=ose
+ ;;
+ *mint | mint[0-9]* | *MiNT | MiNT[0-9]*)
+ os=mint
+ ;;
+ dicos*)
+ os=dicos
+ ;;
+ pikeos*)
+ # Until real need of OS specific support for
+ # particular features comes up, bare metal
+ # configurations are quite functional.
+ case $cpu in
+ arm*)
+ os=eabi
+ ;;
+ *)
+ os=elf
+ ;;
+ esac
+ ;;
+ *)
+ # No normalization, but not necessarily accepted, that comes below.
+ ;;
+esac
+
+else
+
+# Here we handle the default operating systems that come with various machines.
+# The value should be what the vendor currently ships out the door with their
+# machine or put another way, the most popular os provided with the machine.
+
+# Note that if you're going to try to match "-MANUFACTURER" here (say,
+# "-sun"), then you have to tell the case statement up towards the top
+# that MANUFACTURER isn't an operating system. Otherwise, code above
+# will signal an error saying that MANUFACTURER isn't an operating
+# system, and we'll never get to this point.
+
+kernel=
+case $cpu-$vendor in
+ score-*)
+ os=elf
+ ;;
+ spu-*)
+ os=elf
+ ;;
+ *-acorn)
+ os=riscix1.2
+ ;;
+ arm*-rebel)
+ kernel=linux
+ os=gnu
+ ;;
+ arm*-semi)
+ os=aout
+ ;;
+ c4x-* | tic4x-*)
+ os=coff
+ ;;
+ c8051-*)
+ os=elf
+ ;;
+ clipper-intergraph)
+ os=clix
+ ;;
+ hexagon-*)
+ os=elf
+ ;;
+ tic54x-*)
+ os=coff
+ ;;
+ tic55x-*)
+ os=coff
+ ;;
+ tic6x-*)
+ os=coff
+ ;;
+ # This must come before the *-dec entry.
+ pdp10-*)
+ os=tops20
+ ;;
+ pdp11-*)
+ os=none
+ ;;
+ *-dec | vax-*)
+ os=ultrix4.2
+ ;;
+ m68*-apollo)
+ os=domain
+ ;;
+ i386-sun)
+ os=sunos4.0.2
+ ;;
+ m68000-sun)
+ os=sunos3
+ ;;
+ m68*-cisco)
+ os=aout
+ ;;
+ mep-*)
+ os=elf
+ ;;
+ mips*-cisco)
+ os=elf
+ ;;
+ mips*-*)
+ os=elf
+ ;;
+ or32-*)
+ os=coff
+ ;;
+ *-tti) # must be before sparc entry or we get the wrong os.
+ os=sysv3
+ ;;
+ sparc-* | *-sun)
+ os=sunos4.1.1
+ ;;
+ pru-*)
+ os=elf
+ ;;
+ *-be)
+ os=beos
+ ;;
+ *-ibm)
+ os=aix
+ ;;
+ *-knuth)
+ os=mmixware
+ ;;
+ *-wec)
+ os=proelf
+ ;;
+ *-winbond)
+ os=proelf
+ ;;
+ *-oki)
+ os=proelf
+ ;;
+ *-hp)
+ os=hpux
+ ;;
+ *-hitachi)
+ os=hiux
+ ;;
+ i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
+ os=sysv
+ ;;
+ *-cbm)
+ os=amigaos
+ ;;
+ *-dg)
+ os=dgux
+ ;;
+ *-dolphin)
+ os=sysv3
+ ;;
+ m68k-ccur)
+ os=rtu
+ ;;
+ m88k-omron*)
+ os=luna
+ ;;
+ *-next)
+ os=nextstep
+ ;;
+ *-sequent)
+ os=ptx
+ ;;
+ *-crds)
+ os=unos
+ ;;
+ *-ns)
+ os=genix
+ ;;
+ i370-*)
+ os=mvs
+ ;;
+ *-gould)
+ os=sysv
+ ;;
+ *-highlevel)
+ os=bsd
+ ;;
+ *-encore)
+ os=bsd
+ ;;
+ *-sgi)
+ os=irix
+ ;;
+ *-siemens)
+ os=sysv4
+ ;;
+ *-masscomp)
+ os=rtu
+ ;;
+ f30[01]-fujitsu | f700-fujitsu)
+ os=uxpv
+ ;;
+ *-rom68k)
+ os=coff
+ ;;
+ *-*bug)
+ os=coff
+ ;;
+ *-apple)
+ os=macos
+ ;;
+ *-atari*)
+ os=mint
+ ;;
+ *-wrs)
+ os=vxworks
+ ;;
+ *)
+ os=none
+ ;;
+esac
+
+fi
+
+# Now, validate our (potentially fixed-up) OS.
+case $os in
+ # Sometimes we do "kernel-libc", so those need to count as OSes.
+ musl* | newlib* | relibc* | uclibc*)
+ ;;
+ # Likewise for "kernel-abi"
+ eabi* | gnueabi*)
+ ;;
+ # VxWorks passes extra cpu info in the 4th filed.
+ simlinux | simwindows | spe)
+ ;;
+ # Now accept the basic system types.
+ # The portable systems comes first.
+ # Each alternative MUST end in a * to match a version number.
+ gnu* | android* | bsd* | mach* | minix* | genix* | ultrix* | irix* \
+ | *vms* | esix* | aix* | cnk* | sunos | sunos[34]* \
+ | hpux* | unos* | osf* | luna* | dgux* | auroraux* | solaris* \
+ | sym* | plan9* | psp* | sim* | xray* | os68k* | v88r* \
+ | hiux* | abug | nacl* | netware* | windows* \
+ | os9* | macos* | osx* | ios* \
+ | mpw* | magic* | mmixware* | mon960* | lnews* \
+ | amigaos* | amigados* | msdos* | newsos* | unicos* | aof* \
+ | aos* | aros* | cloudabi* | sortix* | twizzler* \
+ | nindy* | vxsim* | vxworks* | ebmon* | hms* | mvs* \
+ | clix* | riscos* | uniplus* | iris* | isc* | rtu* | xenix* \
+ | mirbsd* | netbsd* | dicos* | openedition* | ose* \
+ | bitrig* | openbsd* | secbsd* | solidbsd* | libertybsd* | os108* \
+ | ekkobsd* | freebsd* | riscix* | lynxos* | os400* \
+ | bosx* | nextstep* | cxux* | aout* | elf* | oabi* \
+ | ptx* | coff* | ecoff* | winnt* | domain* | vsta* \
+ | udi* | lites* | ieee* | go32* | aux* | hcos* \
+ | chorusrdb* | cegcc* | glidix* | serenity* \
+ | cygwin* | msys* | pe* | moss* | proelf* | rtems* \
+ | midipix* | mingw32* | mingw64* | mint* \
+ | uxpv* | beos* | mpeix* | udk* | moxiebox* \
+ | interix* | uwin* | mks* | rhapsody* | darwin* \
+ | openstep* | oskit* | conix* | pw32* | nonstopux* \
+ | storm-chaos* | tops10* | tenex* | tops20* | its* \
+ | os2* | vos* | palmos* | uclinux* | nucleus* | morphos* \
+ | scout* | superux* | sysv* | rtmk* | tpf* | windiss* \
+ | powermax* | dnix* | nx6 | nx7 | sei* | dragonfly* \
+ | skyos* | haiku* | rdos* | toppers* | drops* | es* \
+ | onefs* | tirtos* | phoenix* | fuchsia* | redox* | bme* \
+ | midnightbsd* | amdhsa* | unleashed* | emscripten* | wasi* \
+ | nsk* | powerunix* | genode* | zvmoe* | qnx* | emx* | zephyr* \
+ | fiwix* )
+ ;;
+ # This one is extra strict with allowed versions
+ sco3.2v2 | sco3.2v[4-9]* | sco5v6*)
+ # Don't forget version if it is 3.2v4 or newer.
+ ;;
+ none)
+ ;;
+ *)
+ echo Invalid configuration \`"$1"\': OS \`"$os"\' not recognized 1>&2
+ exit 1
+ ;;
+esac
+
+# As a final step for OS-related things, validate the OS-kernel combination
+# (given a valid OS), if there is a kernel.
+case $kernel-$os in
+ linux-gnu* | linux-dietlibc* | linux-android* | linux-newlib* \
+ | linux-musl* | linux-relibc* | linux-uclibc* )
+ ;;
+ uclinux-uclibc* )
+ ;;
+ -dietlibc* | -newlib* | -musl* | -relibc* | -uclibc* )
+ # These are just libc implementations, not actual OSes, and thus
+ # require a kernel.
+ echo "Invalid configuration \`$1': libc \`$os' needs explicit kernel." 1>&2
+ exit 1
+ ;;
+ kfreebsd*-gnu* | kopensolaris*-gnu*)
+ ;;
+ vxworks-simlinux | vxworks-simwindows | vxworks-spe)
+ ;;
+ nto-qnx*)
+ ;;
+ os2-emx)
+ ;;
+ *-eabi* | *-gnueabi*)
+ ;;
+ -*)
+ # Blank kernel with real OS is always fine.
+ ;;
+ *-*)
+ echo "Invalid configuration \`$1': Kernel \`$kernel' not known to work with OS \`$os'." 1>&2
+ exit 1
+ ;;
+esac
+
+# Here we handle the case where we know the os, and the CPU type, but not the
+# manufacturer. We pick the logical manufacturer.
+case $vendor in
+ unknown)
+ case $cpu-$os in
+ *-riscix*)
+ vendor=acorn
+ ;;
+ *-sunos*)
+ vendor=sun
+ ;;
+ *-cnk* | *-aix*)
+ vendor=ibm
+ ;;
+ *-beos*)
+ vendor=be
+ ;;
+ *-hpux*)
+ vendor=hp
+ ;;
+ *-mpeix*)
+ vendor=hp
+ ;;
+ *-hiux*)
+ vendor=hitachi
+ ;;
+ *-unos*)
+ vendor=crds
+ ;;
+ *-dgux*)
+ vendor=dg
+ ;;
+ *-luna*)
+ vendor=omron
+ ;;
+ *-genix*)
+ vendor=ns
+ ;;
+ *-clix*)
+ vendor=intergraph
+ ;;
+ *-mvs* | *-opened*)
+ vendor=ibm
+ ;;
+ *-os400*)
+ vendor=ibm
+ ;;
+ s390-* | s390x-*)
+ vendor=ibm
+ ;;
+ *-ptx*)
+ vendor=sequent
+ ;;
+ *-tpf*)
+ vendor=ibm
+ ;;
+ *-vxsim* | *-vxworks* | *-windiss*)
+ vendor=wrs
+ ;;
+ *-aux*)
+ vendor=apple
+ ;;
+ *-hms*)
+ vendor=hitachi
+ ;;
+ *-mpw* | *-macos*)
+ vendor=apple
+ ;;
+ *-*mint | *-mint[0-9]* | *-*MiNT | *-MiNT[0-9]*)
+ vendor=atari
+ ;;
+ *-vos*)
+ vendor=stratus
+ ;;
+ esac
+ ;;
+esac
+
+echo "$cpu-$vendor-${kernel:+$kernel-}$os"
+exit
+
+# Local variables:
+# eval: (add-hook 'before-save-hook 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
--- /dev/null
+#! /bin/sh
+# Guess values for system-dependent variables and create Makefiles.
+# Generated by GNU Autoconf 2.71 for xmlsec1 1.2.39.
+#
+# Report bugs to <http://www.aleksey.com/xmlsec>.
+#
+#
+# Copyright (C) 1992-1996, 1998-2017, 2020-2021 Free Software Foundation,
+# Inc.
+#
+#
+# This configure script is free software; the Free Software Foundation
+# gives unlimited permission to copy, distribute and modify it.
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+as_nop=:
+if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1
+then :
+ emulate sh
+ NULLCMD=:
+ # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '${1+"$@"}'='"$@"'
+ setopt NO_GLOB_SUBST
+else $as_nop
+ case `(set -o) 2>/dev/null` in #(
+ *posix*) :
+ set -o posix ;; #(
+ *) :
+ ;;
+esac
+fi
+
+
+
+# Reset variables that may have inherited troublesome values from
+# the environment.
+
+# IFS needs to be set, to space, tab, and newline, in precisely that order.
+# (If _AS_PATH_WALK were called with IFS unset, it would have the
+# side effect of setting IFS to empty, thus disabling word splitting.)
+# Quoting is to prevent editors from complaining about space-tab.
+as_nl='
+'
+export as_nl
+IFS=" "" $as_nl"
+
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# Ensure predictable behavior from utilities with locale-dependent output.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# We cannot yet rely on "unset" to work, but we need these variables
+# to be unset--not just set to an empty or harmless value--now, to
+# avoid bugs in old shells (e.g. pre-3.0 UWIN ksh). This construct
+# also avoids known problems related to "unset" and subshell syntax
+# in other old shells (e.g. bash 2.01 and pdksh 5.2.14).
+for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH
+do eval test \${$as_var+y} \
+ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+
+# Ensure that fds 0, 1, and 2 are open.
+if (exec 3>&0) 2>/dev/null; then :; else exec 0</dev/null; fi
+if (exec 3>&1) 2>/dev/null; then :; else exec 1>/dev/null; fi
+if (exec 3>&2) ; then :; else exec 2>/dev/null; fi
+
+# The user is always right.
+if ${PATH_SEPARATOR+false} :; then
+ PATH_SEPARATOR=:
+ (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+ (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+ PATH_SEPARATOR=';'
+ }
+fi
+
+
+# Find who we are. Look in the path if we contain no directory separator.
+as_myself=
+case $0 in #((
+ *[\\/]* ) as_myself=$0 ;;
+ *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ test -r "$as_dir$0" && as_myself=$as_dir$0 && break
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+ as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+ printf "%s\n" "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+ exit 1
+fi
+
+
+# Use a proper internal environment variable to ensure we don't fall
+ # into an infinite loop, continuously re-executing ourselves.
+ if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then
+ _as_can_reexec=no; export _as_can_reexec;
+ # We cannot yet assume a decent shell, so we have to provide a
+# neutralization value for shells without unset; and this also
+# works around shells that cannot unset nonexistent variables.
+# Preserve -v and -x to the replacement shell.
+BASH_ENV=/dev/null
+ENV=/dev/null
+(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+case $- in # ((((
+ *v*x* | *x*v* ) as_opts=-vx ;;
+ *v* ) as_opts=-v ;;
+ *x* ) as_opts=-x ;;
+ * ) as_opts= ;;
+esac
+exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
+# Admittedly, this is quite paranoid, since all the known shells bail
+# out after a failed `exec'.
+printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2
+exit 255
+ fi
+ # We don't want this to propagate to other subprocesses.
+ { _as_can_reexec=; unset _as_can_reexec;}
+if test "x$CONFIG_SHELL" = x; then
+ as_bourne_compatible="as_nop=:
+if test \${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1
+then :
+ emulate sh
+ NULLCMD=:
+ # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '\${1+\"\$@\"}'='\"\$@\"'
+ setopt NO_GLOB_SUBST
+else \$as_nop
+ case \`(set -o) 2>/dev/null\` in #(
+ *posix*) :
+ set -o posix ;; #(
+ *) :
+ ;;
+esac
+fi
+"
+ as_required="as_fn_return () { (exit \$1); }
+as_fn_success () { as_fn_return 0; }
+as_fn_failure () { as_fn_return 1; }
+as_fn_ret_success () { return 0; }
+as_fn_ret_failure () { return 1; }
+
+exitcode=0
+as_fn_success || { exitcode=1; echo as_fn_success failed.; }
+as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; }
+as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; }
+as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; }
+if ( set x; as_fn_ret_success y && test x = \"\$1\" )
+then :
+
+else \$as_nop
+ exitcode=1; echo positional parameters were not saved.
+fi
+test x\$exitcode = x0 || exit 1
+blah=\$(echo \$(echo blah))
+test x\"\$blah\" = xblah || exit 1
+test -x / || exit 1"
+ as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO
+ as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO
+ eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" &&
+ test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1
+
+ test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || (
+ ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO
+ ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO
+ PATH=/empty FPATH=/empty; export PATH FPATH
+ test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\
+ || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1
+test \$(( 1 + 1 )) = 2 || exit 1"
+ if (eval "$as_required") 2>/dev/null
+then :
+ as_have_required=yes
+else $as_nop
+ as_have_required=no
+fi
+ if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null
+then :
+
+else $as_nop
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+as_found=false
+for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ as_found=:
+ case $as_dir in #(
+ /*)
+ for as_base in sh bash ksh sh5; do
+ # Try only shells that exist, to save several forks.
+ as_shell=$as_dir$as_base
+ if { test -f "$as_shell" || test -f "$as_shell.exe"; } &&
+ as_run=a "$as_shell" -c "$as_bourne_compatible""$as_required" 2>/dev/null
+then :
+ CONFIG_SHELL=$as_shell as_have_required=yes
+ if as_run=a "$as_shell" -c "$as_bourne_compatible""$as_suggested" 2>/dev/null
+then :
+ break 2
+fi
+fi
+ done;;
+ esac
+ as_found=false
+done
+IFS=$as_save_IFS
+if $as_found
+then :
+
+else $as_nop
+ if { test -f "$SHELL" || test -f "$SHELL.exe"; } &&
+ as_run=a "$SHELL" -c "$as_bourne_compatible""$as_required" 2>/dev/null
+then :
+ CONFIG_SHELL=$SHELL as_have_required=yes
+fi
+fi
+
+
+ if test "x$CONFIG_SHELL" != x
+then :
+ export CONFIG_SHELL
+ # We cannot yet assume a decent shell, so we have to provide a
+# neutralization value for shells without unset; and this also
+# works around shells that cannot unset nonexistent variables.
+# Preserve -v and -x to the replacement shell.
+BASH_ENV=/dev/null
+ENV=/dev/null
+(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+case $- in # ((((
+ *v*x* | *x*v* ) as_opts=-vx ;;
+ *v* ) as_opts=-v ;;
+ *x* ) as_opts=-x ;;
+ * ) as_opts= ;;
+esac
+exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
+# Admittedly, this is quite paranoid, since all the known shells bail
+# out after a failed `exec'.
+printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2
+exit 255
+fi
+
+ if test x$as_have_required = xno
+then :
+ printf "%s\n" "$0: This script requires a shell more modern than all"
+ printf "%s\n" "$0: the shells that I found on your system."
+ if test ${ZSH_VERSION+y} ; then
+ printf "%s\n" "$0: In particular, zsh $ZSH_VERSION has bugs and should"
+ printf "%s\n" "$0: be upgraded to zsh 4.3.4 or later."
+ else
+ printf "%s\n" "$0: Please tell bug-autoconf@gnu.org and
+$0: http://www.aleksey.com/xmlsec about your system,
+$0: including any error possibly output before this
+$0: message. Then install a modern shell, or manually run
+$0: the script under such a shell if you do have one."
+ fi
+ exit 1
+fi
+fi
+fi
+SHELL=${CONFIG_SHELL-/bin/sh}
+export SHELL
+# Unset more variables known to interfere with behavior of common tools.
+CLICOLOR_FORCE= GREP_OPTIONS=
+unset CLICOLOR_FORCE GREP_OPTIONS
+
+## --------------------- ##
+## M4sh Shell Functions. ##
+## --------------------- ##
+# as_fn_unset VAR
+# ---------------
+# Portably unset VAR.
+as_fn_unset ()
+{
+ { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+
+
+# as_fn_set_status STATUS
+# -----------------------
+# Set $? to STATUS, without forking.
+as_fn_set_status ()
+{
+ return $1
+} # as_fn_set_status
+
+# as_fn_exit STATUS
+# -----------------
+# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+ set +e
+ as_fn_set_status $1
+ exit $1
+} # as_fn_exit
+# as_fn_nop
+# ---------
+# Do nothing but, unlike ":", preserve the value of $?.
+as_fn_nop ()
+{
+ return $?
+}
+as_nop=as_fn_nop
+
+# as_fn_mkdir_p
+# -------------
+# Create "$as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+ case $as_dir in #(
+ -*) as_dir=./$as_dir;;
+ esac
+ test -d "$as_dir" || eval $as_mkdir_p || {
+ as_dirs=
+ while :; do
+ case $as_dir in #(
+ *\'*) as_qdir=`printf "%s\n" "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+ *) as_qdir=$as_dir;;
+ esac
+ as_dirs="'$as_qdir' $as_dirs"
+ as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+printf "%s\n" X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ test -d "$as_dir" && break
+ done
+ test -z "$as_dirs" || eval "mkdir $as_dirs"
+ } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} # as_fn_mkdir_p
+
+# as_fn_executable_p FILE
+# -----------------------
+# Test if FILE is an executable regular file.
+as_fn_executable_p ()
+{
+ test -f "$1" && test -x "$1"
+} # as_fn_executable_p
+# as_fn_append VAR VALUE
+# ----------------------
+# Append the text in VALUE to the end of the definition contained in VAR. Take
+# advantage of any shell optimizations that allow amortized linear growth over
+# repeated appends, instead of the typical quadratic growth present in naive
+# implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null
+then :
+ eval 'as_fn_append ()
+ {
+ eval $1+=\$2
+ }'
+else $as_nop
+ as_fn_append ()
+ {
+ eval $1=\$$1\$2
+ }
+fi # as_fn_append
+
+# as_fn_arith ARG...
+# ------------------
+# Perform arithmetic evaluation on the ARGs, and store the result in the
+# global $as_val. Take advantage of shells that can avoid forks. The arguments
+# must be portable across $(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null
+then :
+ eval 'as_fn_arith ()
+ {
+ as_val=$(( $* ))
+ }'
+else $as_nop
+ as_fn_arith ()
+ {
+ as_val=`expr "$@" || test $? -eq 1`
+ }
+fi # as_fn_arith
+
+# as_fn_nop
+# ---------
+# Do nothing but, unlike ":", preserve the value of $?.
+as_fn_nop ()
+{
+ return $?
+}
+as_nop=as_fn_nop
+
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
+# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+# script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+ as_status=$1; test $as_status -eq 0 && as_status=1
+ if test "$4"; then
+ as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
+ fi
+ printf "%s\n" "$as_me: error: $2" >&2
+ as_fn_exit $as_status
+} # as_fn_error
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+ test "X`expr 00001 : '.*\(...\)'`" = X001; then
+ as_expr=expr
+else
+ as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+ as_basename=basename
+else
+ as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+ as_dirname=dirname
+else
+ as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+ X"$0" : 'X\(//\)$' \| \
+ X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+printf "%s\n" X/"$0" |
+ sed '/^.*\/\([^/][^/]*\)\/*$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+
+ as_lineno_1=$LINENO as_lineno_1a=$LINENO
+ as_lineno_2=$LINENO as_lineno_2a=$LINENO
+ eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" &&
+ test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || {
+ # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-)
+ sed -n '
+ p
+ /[$]LINENO/=
+ ' <$as_myself |
+ sed '
+ s/[$]LINENO.*/&-/
+ t lineno
+ b
+ :lineno
+ N
+ :loop
+ s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/
+ t loop
+ s/-\n.*//
+ ' >$as_me.lineno &&
+ chmod +x "$as_me.lineno" ||
+ { printf "%s\n" "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; }
+
+ # If we had to re-execute with $CONFIG_SHELL, we're ensured to have
+ # already done that, so ensure we don't try to do so again and fall
+ # in an infinite loop. This has already happened in practice.
+ _as_can_reexec=no; export _as_can_reexec
+ # Don't try to exec as it changes $[0], causing all sort of problems
+ # (the dirname of $[0] is not the place where we might find the
+ # original and so on. Autoconf is especially sensitive to this).
+ . "./$as_me.lineno"
+ # Exit status is that of the last command.
+ exit
+}
+
+
+# Determine whether it's possible to make 'echo' print without a newline.
+# These variables are no longer used directly by Autoconf, but are AC_SUBSTed
+# for compatibility with existing Makefiles.
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in #(((((
+-n*)
+ case `echo 'xy\c'` in
+ *c*) ECHO_T=' ';; # ECHO_T is single tab character.
+ xy) ECHO_C='\c';;
+ *) echo `echo ksh88 bug on AIX 6.1` > /dev/null
+ ECHO_T=' ';;
+ esac;;
+*)
+ ECHO_N='-n';;
+esac
+
+# For backward compatibility with old third-party macros, we provide
+# the shell variables $as_echo and $as_echo_n. New code should use
+# AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively.
+as_echo='printf %s\n'
+as_echo_n='printf %s'
+
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+ rm -f conf$$.dir/conf$$.file
+else
+ rm -f conf$$.dir
+ mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+ if ln -s conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s='ln -s'
+ # ... but there are two gotchas:
+ # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+ # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+ # In both cases, we have to default to `cp -pR'.
+ ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+ as_ln_s='cp -pR'
+ elif ln conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s=ln
+ else
+ as_ln_s='cp -pR'
+ fi
+else
+ as_ln_s='cp -pR'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+if mkdir -p . 2>/dev/null; then
+ as_mkdir_p='mkdir -p "$as_dir"'
+else
+ test -d ./-p && rmdir ./-p
+ as_mkdir_p=false
+fi
+
+as_test_x='test -x'
+as_executable_p=as_fn_executable_p
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+SHELL=${CONFIG_SHELL-/bin/sh}
+
+
+test -n "$DJDIR" || exec 7<&0 </dev/null
+exec 6>&1
+
+# Name of the host.
+# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status,
+# so uname gets run too.
+ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
+
+#
+# Initializations.
+#
+ac_default_prefix=/usr/local
+ac_clean_files=
+ac_config_libobj_dir=.
+LIBOBJS=
+cross_compiling=no
+subdirs=
+MFLAGS=
+MAKEFLAGS=
+
+# Identity of this package.
+PACKAGE_NAME='xmlsec1'
+PACKAGE_TARNAME='xmlsec1'
+PACKAGE_VERSION='1.2.39'
+PACKAGE_STRING='xmlsec1 1.2.39'
+PACKAGE_BUGREPORT='http://www.aleksey.com/xmlsec'
+PACKAGE_URL=''
+
+# Factoring default headers for most tests.
+ac_includes_default="\
+#include <stddef.h>
+#ifdef HAVE_STDIO_H
+# include <stdio.h>
+#endif
+#ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+#endif
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif
+#ifdef HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
+#ifdef HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif
+#ifdef HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_STAT_H
+# include <sys/stat.h>
+#endif
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif"
+
+ac_header_c_list=
+ac_subst_vars='am__EXEEXT_FALSE
+am__EXEEXT_TRUE
+LTLIBOBJS
+LIBOBJS
+XMLSEC_CRYPTO_PC_FILES_LIST
+XMLSEC_CRYPTO_LIBS
+XMLSEC_CRYPTO_CFLAGS
+XMLSEC_CRYPTO_LIB
+XMLSEC_CRYPTO_DISABLED_LIST
+XMLSEC_CRYPTO_LIST
+XMLSEC_DEFAULT_CRYPTO
+XMLSEC_CRYPTO_EXTRA_LDFLAGS
+XMLSEC_EXTRA_LDFLAGS
+XMLSEC_APP_DEFINES
+XMLSEC_DEFINES
+XMLSEC_LIBS
+XMLSEC_CFLAGS
+XMLSEC_NSS_LIBS
+XMLSEC_NSS_CFLAGS
+XMLSEC_GNUTLS_LIBS
+XMLSEC_GNUTLS_CFLAGS
+XMLSEC_GCRYPT_LIBS
+XMLSEC_GCRYPT_CFLAGS
+XMLSEC_OPENSSL_LIBS
+XMLSEC_OPENSSL_CFLAGS
+XMLSEC_LIBDIR
+XMLSEC_CORE_LIBS
+XMLSEC_CORE_CFLAGS
+XMLSEC_DOCDIR
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE
+XMLSEC_DL_LIBS
+XMLSEC_DL_INCLUDES
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING_FALSE
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING_TRUE
+XMLSEC_STATIC_BINARIES
+XMLSEC_APPS
+XMLSEC_APPS_FALSE
+XMLSEC_APPS_TRUE
+XMLSEC_DOCS
+XMLSEC_DOCS_FALSE
+XMLSEC_DOCS_TRUE
+XMLSEC_MANS
+XMLSEC_MANS_FALSE
+XMLSEC_MANS_TRUE
+XMLSEC_ENABLE_SOAP_FALSE
+XMLSEC_ENABLE_SOAP_TRUE
+XMLSEC_NO_XMLENC
+XMLSEC_NO_XMLENC_FALSE
+XMLSEC_NO_XMLENC_TRUE
+XMLSEC_NO_XMLDSIG
+XMLSEC_NO_XMLDSIG_FALSE
+XMLSEC_NO_XMLDSIG_TRUE
+XMLSEC_NO_GOST2012
+XMLSEC_NO_GOST2012_FALSE
+XMLSEC_NO_GOST2012_TRUE
+XMLSEC_NO_GOST
+XMLSEC_NO_GOST_FALSE
+XMLSEC_NO_GOST_TRUE
+XMLSEC_NO_AES
+XMLSEC_NO_AES_FALSE
+XMLSEC_NO_AES_TRUE
+XMLSEC_NO_DES
+XMLSEC_NO_DES_FALSE
+XMLSEC_NO_DES_TRUE
+XMLSEC_NO_X509
+XMLSEC_NO_X509_FALSE
+XMLSEC_NO_X509_TRUE
+XMLSEC_NO_RSA
+XMLSEC_NO_RSA_FALSE
+XMLSEC_NO_RSA_TRUE
+XMLSEC_NO_DSA
+XMLSEC_NO_DSA_FALSE
+XMLSEC_NO_DSA_TRUE
+XMLSEC_NO_HMAC
+XMLSEC_NO_HMAC_FALSE
+XMLSEC_NO_HMAC_TRUE
+XMLSEC_NO_SHA512
+XMLSEC_NO_SHA512_FALSE
+XMLSEC_NO_SHA512_TRUE
+XMLSEC_NO_SHA384
+XMLSEC_NO_SHA384_FALSE
+XMLSEC_NO_SHA384_TRUE
+XMLSEC_NO_SHA256
+XMLSEC_NO_SHA256_FALSE
+XMLSEC_NO_SHA256_TRUE
+XMLSEC_NO_SHA224
+XMLSEC_NO_SHA224_FALSE
+XMLSEC_NO_SHA224_TRUE
+XMLSEC_NO_SHA1
+XMLSEC_NO_SHA1_FALSE
+XMLSEC_NO_SHA1_TRUE
+XMLSEC_NO_RIPEMD160
+XMLSEC_NO_RIPEMD160_FALSE
+XMLSEC_NO_RIPEMD160_TRUE
+XMLSEC_NO_MD5
+XMLSEC_NO_MD5_FALSE
+XMLSEC_NO_MD5_TRUE
+XMLSEC_NO_HTTP
+XMLSEC_NO_HTTP_FALSE
+XMLSEC_NO_HTTP_TRUE
+XMLSEC_NO_FTP
+XMLSEC_NO_FTP_FALSE
+XMLSEC_NO_FTP_TRUE
+XMLSEC_NO_FILES
+XMLSEC_NO_FILES_FALSE
+XMLSEC_NO_FILES_TRUE
+MSCNG_CRYPTO_LIB
+MSCNG_LIBS
+MSCNG_CFLAGS
+XMLSEC_NO_MSCNG
+XMLSEC_NO_MSCNG_FALSE
+XMLSEC_NO_MSCNG_TRUE
+MSCRYPTO_CRYPTO_LIB
+MSCRYPTO_LIBS
+MSCRYPTO_CFLAGS
+XMLSEC_NO_MSCRYPTO
+XMLSEC_NO_MSCRYPTO_FALSE
+XMLSEC_NO_MSCRYPTO_TRUE
+GNUTLS_MIN_VERSION
+GNUTLS_CRYPTO_LIB
+XMLSEC_NO_GNUTLS
+XMLSEC_NO_GNUTLS_FALSE
+XMLSEC_NO_GNUTLS_TRUE
+GNUTLS_LIBS
+GNUTLS_CFLAGS
+GCRYPT_MIN_VERSION
+GCRYPT_CRYPTO_LIB
+XMLSEC_NO_GCRYPT
+XMLSEC_NO_GCRYPT_FALSE
+XMLSEC_NO_GCRYPT_TRUE
+GCRYPT_CONFIG_PATH
+GCRYPT_LIBS
+GCRYPT_CFLAGS
+MOZILLA_MIN_VERSION
+NSPR_MIN_VERSION
+NSS_MIN_VERSION
+NSS_CRYPTO_LIB
+NSS_PACKAGE
+NSPR_PACKAGE
+XMLSEC_NO_NSS
+XMLSEC_NO_NSS_FALSE
+XMLSEC_NO_NSS_TRUE
+NSS_LIBS
+NSS_CFLAGS
+NSPR_LIBS
+NSPR_CFLAGS
+OPENSSL_MIN_VERSION
+OPENSSL_TEST_CONFIG
+OPENSSL_CRYPTO_LIB
+XMLSEC_NO_OPENSSL
+XMLSEC_NO_OPENSSL_FALSE
+XMLSEC_NO_OPENSSL_TRUE
+OPENSSL_LIBS
+OPENSSL_CFLAGS
+LIBXSLT_PC_FILE_COND
+LIBXSLT_MIN_VERSION
+LIBXSLT_CONFIG
+XMLSEC_NO_LIBXSLT
+LIBXSLT_CONFIG_PATH
+LIBXSLT_LIBS
+LIBXSLT_CFLAGS
+LIBXML_MIN_VERSION
+LIBXML_CONFIG
+CPP
+LIBXML_CONFIG_PATH
+LIBXML_LIBS
+LIBXML_CFLAGS
+PKG_CONFIG_LIBDIR
+PKG_CONFIG_PATH
+PKG_CONFIG
+BUILD_API_DOCS_FALSE
+BUILD_API_DOCS_TRUE
+BUILD_MAN_DOCS_FALSE
+BUILD_MAN_DOCS_TRUE
+BUILD_MANPAGES_FALSE
+BUILD_MANPAGES_TRUE
+HAS_XSLTPROC_FALSE
+HAS_XSLTPROC_TRUE
+HAS_MAN2HTML_FALSE
+HAS_MAN2HTML_TRUE
+HAS_HELP2MAN_FALSE
+HAS_HELP2MAN_TRUE
+GTKDOC_SCAN
+GTKDOC_MKDB
+GTKDOC_MKHTML
+MAN2HTML
+XSLTPROC
+HELP2MAN
+PERL
+TAR
+MV
+CP
+RM
+LT_SYS_LIBRARY_PATH
+OTOOL64
+OTOOL
+LIPO
+NMEDIT
+DSYMUTIL
+MANIFEST_TOOL
+RANLIB
+ac_ct_AR
+AR
+DLLTOOL
+OBJDUMP
+FILECMD
+LN_S
+NM
+ac_ct_DUMPBIN
+DUMPBIN
+LD
+FGREP
+EGREP
+GREP
+SED
+LIBTOOL
+am__fastdepCC_FALSE
+am__fastdepCC_TRUE
+CCDEPMODE
+am__nodep
+AMDEPBACKSLASH
+AMDEP_FALSE
+AMDEP_TRUE
+am__include
+DEPDIR
+OBJEXT
+EXEEXT
+ac_ct_CC
+CPPFLAGS
+LDFLAGS
+CFLAGS
+CC
+MAINT
+MAINTAINER_MODE_FALSE
+MAINTAINER_MODE_TRUE
+AM_BACKSLASH
+AM_DEFAULT_VERBOSITY
+AM_DEFAULT_V
+AM_V
+CSCOPE
+ETAGS
+CTAGS
+am__untar
+am__tar
+AMTAR
+am__leading_dot
+SET_MAKE
+AWK
+mkdir_p
+MKDIR_P
+INSTALL_STRIP_PROGRAM
+STRIP
+install_sh
+MAKEINFO
+AUTOHEADER
+AUTOMAKE
+AUTOCONF
+ACLOCAL
+VERSION
+PACKAGE
+CYGPATH_W
+am__isrc
+INSTALL_DATA
+INSTALL_SCRIPT
+INSTALL_PROGRAM
+XMLSEC_VERSION_INFO
+XMLSEC_VERSION_SUBMINOR
+XMLSEC_VERSION_MINOR
+XMLSEC_VERSION_MAJOR
+XMLSEC_VERSION_SAFE
+XMLSEC_PACKAGE
+XMLSEC_VERSION
+host_os
+host_vendor
+host_cpu
+host
+build_os
+build_vendor
+build_cpu
+build
+target_alias
+host_alias
+build_alias
+LIBS
+ECHO_T
+ECHO_N
+ECHO_C
+DEFS
+mandir
+localedir
+libdir
+psdir
+pdfdir
+dvidir
+htmldir
+infodir
+docdir
+oldincludedir
+includedir
+runstatedir
+localstatedir
+sharedstatedir
+sysconfdir
+datadir
+datarootdir
+libexecdir
+sbindir
+bindir
+program_transform_name
+prefix
+exec_prefix
+PACKAGE_URL
+PACKAGE_BUGREPORT
+PACKAGE_STRING
+PACKAGE_VERSION
+PACKAGE_TARNAME
+PACKAGE_NAME
+PATH_SEPARATOR
+SHELL
+am__quote'
+ac_subst_files=''
+ac_user_opts='
+enable_option_checking
+enable_silent_rules
+enable_maintainer_mode
+enable_dependency_tracking
+enable_shared
+enable_static
+with_pic
+enable_fast_install
+with_aix_soname
+with_gnu_ld
+with_sysroot
+enable_libtool_lock
+enable_development
+enable_manpages_build
+enable_docs_build
+enable_pkgconfig
+enable_custom_configs
+enable_folders_search
+enable_size_t
+with_libxml
+with_libxml_src
+with_libxslt
+with_libxslt_src
+with_openssl
+enable_openssl3_engines
+with_nss
+with_nspr
+with_seamonkey_ver
+with_mozilla_ver
+with_gcrypt
+with_gnutls
+enable_mscrypto
+enable_mscng
+with_default_crypto
+enable_unicode
+enable_files
+enable_ftp
+enable_http
+enable_md5
+enable_ripemd160
+enable_sha1
+enable_sha224
+enable_sha256
+enable_sha384
+enable_sha512
+enable_hmac
+enable_dsa
+enable_rsa
+enable_x509
+enable_des
+enable_aes
+enable_gost
+enable_gost2012
+enable_xmldsig
+enable_xmlenc
+enable_soap
+enable_mans
+enable_docs
+enable_apps
+enable_static_linking
+enable_crypto_dl
+enable_apps_crypto_dl
+with_html_dir
+enable_skm
+enable_tmpl_tests
+enable_debugging
+enable_werror
+enable_profiling
+enable_pedantic
+enable_secure_memset
+'
+ ac_precious_vars='build_alias
+host_alias
+target_alias
+CC
+CFLAGS
+LDFLAGS
+LIBS
+CPPFLAGS
+LT_SYS_LIBRARY_PATH
+PKG_CONFIG
+PKG_CONFIG_PATH
+PKG_CONFIG_LIBDIR
+LIBXML_CFLAGS
+LIBXML_LIBS
+CPP
+LIBXSLT_CFLAGS
+LIBXSLT_LIBS
+OPENSSL_CFLAGS
+OPENSSL_LIBS
+NSPR_CFLAGS
+NSPR_LIBS
+NSS_CFLAGS
+NSS_LIBS
+GCRYPT_CFLAGS
+GCRYPT_LIBS
+GNUTLS_CFLAGS
+GNUTLS_LIBS'
+
+
+# Initialize some variables set by options.
+ac_init_help=
+ac_init_version=false
+ac_unrecognized_opts=
+ac_unrecognized_sep=
+# The variables have the same names as the options, with
+# dashes changed to underlines.
+cache_file=/dev/null
+exec_prefix=NONE
+no_create=
+no_recursion=
+prefix=NONE
+program_prefix=NONE
+program_suffix=NONE
+program_transform_name=s,x,x,
+silent=
+site=
+srcdir=
+verbose=
+x_includes=NONE
+x_libraries=NONE
+
+# Installation directory options.
+# These are left unexpanded so users can "make install exec_prefix=/foo"
+# and all the variables that are supposed to be based on exec_prefix
+# by default will actually change.
+# Use braces instead of parens because sh, perl, etc. also accept them.
+# (The list follows the same order as the GNU Coding Standards.)
+bindir='${exec_prefix}/bin'
+sbindir='${exec_prefix}/sbin'
+libexecdir='${exec_prefix}/libexec'
+datarootdir='${prefix}/share'
+datadir='${datarootdir}'
+sysconfdir='${prefix}/etc'
+sharedstatedir='${prefix}/com'
+localstatedir='${prefix}/var'
+runstatedir='${localstatedir}/run'
+includedir='${prefix}/include'
+oldincludedir='/usr/include'
+docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
+infodir='${datarootdir}/info'
+htmldir='${docdir}'
+dvidir='${docdir}'
+pdfdir='${docdir}'
+psdir='${docdir}'
+libdir='${exec_prefix}/lib'
+localedir='${datarootdir}/locale'
+mandir='${datarootdir}/man'
+
+ac_prev=
+ac_dashdash=
+for ac_option
+do
+ # If the previous option needs an argument, assign it.
+ if test -n "$ac_prev"; then
+ eval $ac_prev=\$ac_option
+ ac_prev=
+ continue
+ fi
+
+ case $ac_option in
+ *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
+ *=) ac_optarg= ;;
+ *) ac_optarg=yes ;;
+ esac
+
+ case $ac_dashdash$ac_option in
+ --)
+ ac_dashdash=yes ;;
+
+ -bindir | --bindir | --bindi | --bind | --bin | --bi)
+ ac_prev=bindir ;;
+ -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
+ bindir=$ac_optarg ;;
+
+ -build | --build | --buil | --bui | --bu)
+ ac_prev=build_alias ;;
+ -build=* | --build=* | --buil=* | --bui=* | --bu=*)
+ build_alias=$ac_optarg ;;
+
+ -cache-file | --cache-file | --cache-fil | --cache-fi \
+ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
+ ac_prev=cache_file ;;
+ -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
+ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
+ cache_file=$ac_optarg ;;
+
+ --config-cache | -C)
+ cache_file=config.cache ;;
+
+ -datadir | --datadir | --datadi | --datad)
+ ac_prev=datadir ;;
+ -datadir=* | --datadir=* | --datadi=* | --datad=*)
+ datadir=$ac_optarg ;;
+
+ -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \
+ | --dataroo | --dataro | --datar)
+ ac_prev=datarootdir ;;
+ -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \
+ | --dataroot=* | --dataroo=* | --dataro=* | --datar=*)
+ datarootdir=$ac_optarg ;;
+
+ -disable-* | --disable-*)
+ ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+ as_fn_error $? "invalid feature name: \`$ac_useropt'"
+ ac_useropt_orig=$ac_useropt
+ ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'`
+ case $ac_user_opts in
+ *"
+"enable_$ac_useropt"
+"*) ;;
+ *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig"
+ ac_unrecognized_sep=', ';;
+ esac
+ eval enable_$ac_useropt=no ;;
+
+ -docdir | --docdir | --docdi | --doc | --do)
+ ac_prev=docdir ;;
+ -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*)
+ docdir=$ac_optarg ;;
+
+ -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv)
+ ac_prev=dvidir ;;
+ -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*)
+ dvidir=$ac_optarg ;;
+
+ -enable-* | --enable-*)
+ ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+ as_fn_error $? "invalid feature name: \`$ac_useropt'"
+ ac_useropt_orig=$ac_useropt
+ ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'`
+ case $ac_user_opts in
+ *"
+"enable_$ac_useropt"
+"*) ;;
+ *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig"
+ ac_unrecognized_sep=', ';;
+ esac
+ eval enable_$ac_useropt=\$ac_optarg ;;
+
+ -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
+ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
+ | --exec | --exe | --ex)
+ ac_prev=exec_prefix ;;
+ -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
+ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
+ | --exec=* | --exe=* | --ex=*)
+ exec_prefix=$ac_optarg ;;
+
+ -gas | --gas | --ga | --g)
+ # Obsolete; use --with-gas.
+ with_gas=yes ;;
+
+ -help | --help | --hel | --he | -h)
+ ac_init_help=long ;;
+ -help=r* | --help=r* | --hel=r* | --he=r* | -hr*)
+ ac_init_help=recursive ;;
+ -help=s* | --help=s* | --hel=s* | --he=s* | -hs*)
+ ac_init_help=short ;;
+
+ -host | --host | --hos | --ho)
+ ac_prev=host_alias ;;
+ -host=* | --host=* | --hos=* | --ho=*)
+ host_alias=$ac_optarg ;;
+
+ -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht)
+ ac_prev=htmldir ;;
+ -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \
+ | --ht=*)
+ htmldir=$ac_optarg ;;
+
+ -includedir | --includedir | --includedi | --included | --include \
+ | --includ | --inclu | --incl | --inc)
+ ac_prev=includedir ;;
+ -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
+ | --includ=* | --inclu=* | --incl=* | --inc=*)
+ includedir=$ac_optarg ;;
+
+ -infodir | --infodir | --infodi | --infod | --info | --inf)
+ ac_prev=infodir ;;
+ -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
+ infodir=$ac_optarg ;;
+
+ -libdir | --libdir | --libdi | --libd)
+ ac_prev=libdir ;;
+ -libdir=* | --libdir=* | --libdi=* | --libd=*)
+ libdir=$ac_optarg ;;
+
+ -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
+ | --libexe | --libex | --libe)
+ ac_prev=libexecdir ;;
+ -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
+ | --libexe=* | --libex=* | --libe=*)
+ libexecdir=$ac_optarg ;;
+
+ -localedir | --localedir | --localedi | --localed | --locale)
+ ac_prev=localedir ;;
+ -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*)
+ localedir=$ac_optarg ;;
+
+ -localstatedir | --localstatedir | --localstatedi | --localstated \
+ | --localstate | --localstat | --localsta | --localst | --locals)
+ ac_prev=localstatedir ;;
+ -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
+ | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*)
+ localstatedir=$ac_optarg ;;
+
+ -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
+ ac_prev=mandir ;;
+ -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
+ mandir=$ac_optarg ;;
+
+ -nfp | --nfp | --nf)
+ # Obsolete; use --without-fp.
+ with_fp=no ;;
+
+ -no-create | --no-create | --no-creat | --no-crea | --no-cre \
+ | --no-cr | --no-c | -n)
+ no_create=yes ;;
+
+ -no-recursion | --no-recursion | --no-recursio | --no-recursi \
+ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
+ no_recursion=yes ;;
+
+ -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
+ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
+ | --oldin | --oldi | --old | --ol | --o)
+ ac_prev=oldincludedir ;;
+ -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
+ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
+ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
+ oldincludedir=$ac_optarg ;;
+
+ -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
+ ac_prev=prefix ;;
+ -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
+ prefix=$ac_optarg ;;
+
+ -program-prefix | --program-prefix | --program-prefi | --program-pref \
+ | --program-pre | --program-pr | --program-p)
+ ac_prev=program_prefix ;;
+ -program-prefix=* | --program-prefix=* | --program-prefi=* \
+ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
+ program_prefix=$ac_optarg ;;
+
+ -program-suffix | --program-suffix | --program-suffi | --program-suff \
+ | --program-suf | --program-su | --program-s)
+ ac_prev=program_suffix ;;
+ -program-suffix=* | --program-suffix=* | --program-suffi=* \
+ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
+ program_suffix=$ac_optarg ;;
+
+ -program-transform-name | --program-transform-name \
+ | --program-transform-nam | --program-transform-na \
+ | --program-transform-n | --program-transform- \
+ | --program-transform | --program-transfor \
+ | --program-transfo | --program-transf \
+ | --program-trans | --program-tran \
+ | --progr-tra | --program-tr | --program-t)
+ ac_prev=program_transform_name ;;
+ -program-transform-name=* | --program-transform-name=* \
+ | --program-transform-nam=* | --program-transform-na=* \
+ | --program-transform-n=* | --program-transform-=* \
+ | --program-transform=* | --program-transfor=* \
+ | --program-transfo=* | --program-transf=* \
+ | --program-trans=* | --program-tran=* \
+ | --progr-tra=* | --program-tr=* | --program-t=*)
+ program_transform_name=$ac_optarg ;;
+
+ -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd)
+ ac_prev=pdfdir ;;
+ -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*)
+ pdfdir=$ac_optarg ;;
+
+ -psdir | --psdir | --psdi | --psd | --ps)
+ ac_prev=psdir ;;
+ -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*)
+ psdir=$ac_optarg ;;
+
+ -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+ | -silent | --silent | --silen | --sile | --sil)
+ silent=yes ;;
+
+ -runstatedir | --runstatedir | --runstatedi | --runstated \
+ | --runstate | --runstat | --runsta | --runst | --runs \
+ | --run | --ru | --r)
+ ac_prev=runstatedir ;;
+ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
+ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
+ | --run=* | --ru=* | --r=*)
+ runstatedir=$ac_optarg ;;
+
+ -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+ ac_prev=sbindir ;;
+ -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+ | --sbi=* | --sb=*)
+ sbindir=$ac_optarg ;;
+
+ -sharedstatedir | --sharedstatedir | --sharedstatedi \
+ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
+ | --sharedst | --shareds | --shared | --share | --shar \
+ | --sha | --sh)
+ ac_prev=sharedstatedir ;;
+ -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
+ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
+ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
+ | --sha=* | --sh=*)
+ sharedstatedir=$ac_optarg ;;
+
+ -site | --site | --sit)
+ ac_prev=site ;;
+ -site=* | --site=* | --sit=*)
+ site=$ac_optarg ;;
+
+ -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
+ ac_prev=srcdir ;;
+ -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
+ srcdir=$ac_optarg ;;
+
+ -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
+ | --syscon | --sysco | --sysc | --sys | --sy)
+ ac_prev=sysconfdir ;;
+ -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
+ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
+ sysconfdir=$ac_optarg ;;
+
+ -target | --target | --targe | --targ | --tar | --ta | --t)
+ ac_prev=target_alias ;;
+ -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
+ target_alias=$ac_optarg ;;
+
+ -v | -verbose | --verbose | --verbos | --verbo | --verb)
+ verbose=yes ;;
+
+ -version | --version | --versio | --versi | --vers | -V)
+ ac_init_version=: ;;
+
+ -with-* | --with-*)
+ ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+ as_fn_error $? "invalid package name: \`$ac_useropt'"
+ ac_useropt_orig=$ac_useropt
+ ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'`
+ case $ac_user_opts in
+ *"
+"with_$ac_useropt"
+"*) ;;
+ *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig"
+ ac_unrecognized_sep=', ';;
+ esac
+ eval with_$ac_useropt=\$ac_optarg ;;
+
+ -without-* | --without-*)
+ ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+ as_fn_error $? "invalid package name: \`$ac_useropt'"
+ ac_useropt_orig=$ac_useropt
+ ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'`
+ case $ac_user_opts in
+ *"
+"with_$ac_useropt"
+"*) ;;
+ *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig"
+ ac_unrecognized_sep=', ';;
+ esac
+ eval with_$ac_useropt=no ;;
+
+ --x)
+ # Obsolete; use --with-x.
+ with_x=yes ;;
+
+ -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
+ | --x-incl | --x-inc | --x-in | --x-i)
+ ac_prev=x_includes ;;
+ -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
+ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
+ x_includes=$ac_optarg ;;
+
+ -x-libraries | --x-libraries | --x-librarie | --x-librari \
+ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
+ ac_prev=x_libraries ;;
+ -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
+ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
+ x_libraries=$ac_optarg ;;
+
+ -*) as_fn_error $? "unrecognized option: \`$ac_option'
+Try \`$0 --help' for more information"
+ ;;
+
+ *=*)
+ ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
+ # Reject names that are not valid shell variable names.
+ case $ac_envvar in #(
+ '' | [0-9]* | *[!_$as_cr_alnum]* )
+ as_fn_error $? "invalid variable name: \`$ac_envvar'" ;;
+ esac
+ eval $ac_envvar=\$ac_optarg
+ export $ac_envvar ;;
+
+ *)
+ # FIXME: should be removed in autoconf 3.0.
+ printf "%s\n" "$as_me: WARNING: you should use --build, --host, --target" >&2
+ expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+ printf "%s\n" "$as_me: WARNING: invalid host type: $ac_option" >&2
+ : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}"
+ ;;
+
+ esac
+done
+
+if test -n "$ac_prev"; then
+ ac_option=--`echo $ac_prev | sed 's/_/-/g'`
+ as_fn_error $? "missing argument to $ac_option"
+fi
+
+if test -n "$ac_unrecognized_opts"; then
+ case $enable_option_checking in
+ no) ;;
+ fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;;
+ *) printf "%s\n" "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
+ esac
+fi
+
+# Check all directory arguments for consistency.
+for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
+ datadir sysconfdir sharedstatedir localstatedir includedir \
+ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+ libdir localedir mandir runstatedir
+do
+ eval ac_val=\$$ac_var
+ # Remove trailing slashes.
+ case $ac_val in
+ */ )
+ ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'`
+ eval $ac_var=\$ac_val;;
+ esac
+ # Be sure to have absolute directory names.
+ case $ac_val in
+ [\\/$]* | ?:[\\/]* ) continue;;
+ NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
+ esac
+ as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val"
+done
+
+# There might be people who depend on the old broken behavior: `$host'
+# used to hold the argument of --host etc.
+# FIXME: To remove some day.
+build=$build_alias
+host=$host_alias
+target=$target_alias
+
+# FIXME: To remove some day.
+if test "x$host_alias" != x; then
+ if test "x$build_alias" = x; then
+ cross_compiling=maybe
+ elif test "x$build_alias" != "x$host_alias"; then
+ cross_compiling=yes
+ fi
+fi
+
+ac_tool_prefix=
+test -n "$host_alias" && ac_tool_prefix=$host_alias-
+
+test "$silent" = yes && exec 6>/dev/null
+
+
+ac_pwd=`pwd` && test -n "$ac_pwd" &&
+ac_ls_di=`ls -di .` &&
+ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
+ as_fn_error $? "working directory cannot be determined"
+test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
+ as_fn_error $? "pwd does not report name of working directory"
+
+
+# Find the source files, if location was not specified.
+if test -z "$srcdir"; then
+ ac_srcdir_defaulted=yes
+ # Try the directory containing this script, then the parent directory.
+ ac_confdir=`$as_dirname -- "$as_myself" ||
+$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_myself" : 'X\(//\)[^/]' \| \
+ X"$as_myself" : 'X\(//\)$' \| \
+ X"$as_myself" : 'X\(/\)' \| . 2>/dev/null ||
+printf "%s\n" X"$as_myself" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ srcdir=$ac_confdir
+ if test ! -r "$srcdir/$ac_unique_file"; then
+ srcdir=..
+ fi
+else
+ ac_srcdir_defaulted=no
+fi
+if test ! -r "$srcdir/$ac_unique_file"; then
+ test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
+ as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir"
+fi
+ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
+ac_abs_confdir=`(
+ cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg"
+ pwd)`
+# When building in place, set srcdir=.
+if test "$ac_abs_confdir" = "$ac_pwd"; then
+ srcdir=.
+fi
+# Remove unnecessary trailing slashes from srcdir.
+# Double slashes in file names in object file debugging info
+# mess up M-x gdb in Emacs.
+case $srcdir in
+*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;;
+esac
+for ac_var in $ac_precious_vars; do
+ eval ac_env_${ac_var}_set=\${${ac_var}+set}
+ eval ac_env_${ac_var}_value=\$${ac_var}
+ eval ac_cv_env_${ac_var}_set=\${${ac_var}+set}
+ eval ac_cv_env_${ac_var}_value=\$${ac_var}
+done
+
+#
+# Report the --help message.
+#
+if test "$ac_init_help" = "long"; then
+ # Omit some internal or obsolete options to make the list less imposing.
+ # This message is too long to be a string in the A/UX 3.1 sh.
+ cat <<_ACEOF
+\`configure' configures xmlsec1 1.2.39 to adapt to many kinds of systems.
+
+Usage: $0 [OPTION]... [VAR=VALUE]...
+
+To assign environment variables (e.g., CC, CFLAGS...), specify them as
+VAR=VALUE. See below for descriptions of some of the useful variables.
+
+Defaults for the options are specified in brackets.
+
+Configuration:
+ -h, --help display this help and exit
+ --help=short display options specific to this package
+ --help=recursive display the short help of all the included packages
+ -V, --version display version information and exit
+ -q, --quiet, --silent do not print \`checking ...' messages
+ --cache-file=FILE cache test results in FILE [disabled]
+ -C, --config-cache alias for \`--cache-file=config.cache'
+ -n, --no-create do not create output files
+ --srcdir=DIR find the sources in DIR [configure dir or \`..']
+
+Installation directories:
+ --prefix=PREFIX install architecture-independent files in PREFIX
+ [$ac_default_prefix]
+ --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
+ [PREFIX]
+
+By default, \`make install' will install all the files in
+\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify
+an installation prefix other than \`$ac_default_prefix' using \`--prefix',
+for instance \`--prefix=\$HOME'.
+
+For better control, use the options below.
+
+Fine tuning of the installation directories:
+ --bindir=DIR user executables [EPREFIX/bin]
+ --sbindir=DIR system admin executables [EPREFIX/sbin]
+ --libexecdir=DIR program executables [EPREFIX/libexec]
+ --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
+ --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
+ --localstatedir=DIR modifiable single-machine data [PREFIX/var]
+ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
+ --libdir=DIR object code libraries [EPREFIX/lib]
+ --includedir=DIR C header files [PREFIX/include]
+ --oldincludedir=DIR C header files for non-gcc [/usr/include]
+ --datarootdir=DIR read-only arch.-independent data root [PREFIX/share]
+ --datadir=DIR read-only architecture-independent data [DATAROOTDIR]
+ --infodir=DIR info documentation [DATAROOTDIR/info]
+ --localedir=DIR locale-dependent data [DATAROOTDIR/locale]
+ --mandir=DIR man documentation [DATAROOTDIR/man]
+ --docdir=DIR documentation root [DATAROOTDIR/doc/xmlsec1]
+ --htmldir=DIR html documentation [DOCDIR]
+ --dvidir=DIR dvi documentation [DOCDIR]
+ --pdfdir=DIR pdf documentation [DOCDIR]
+ --psdir=DIR ps documentation [DOCDIR]
+_ACEOF
+
+ cat <<\_ACEOF
+
+Program names:
+ --program-prefix=PREFIX prepend PREFIX to installed program names
+ --program-suffix=SUFFIX append SUFFIX to installed program names
+ --program-transform-name=PROGRAM run sed PROGRAM on installed program names
+
+System types:
+ --build=BUILD configure for building on BUILD [guessed]
+ --host=HOST cross-compile to build programs to run on HOST [BUILD]
+_ACEOF
+fi
+
+if test -n "$ac_init_help"; then
+ case $ac_init_help in
+ short | recursive ) echo "Configuration of xmlsec1 1.2.39:";;
+ esac
+ cat <<\_ACEOF
+
+Optional Features:
+ --disable-option-checking ignore unrecognized --enable/--with options
+ --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
+ --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
+ --enable-silent-rules less verbose build output (undo: "make V=1")
+ --disable-silent-rules verbose build output (undo: "make V=0")
+ --enable-maintainer-mode
+ enable make rules and dependencies not useful (and
+ sometimes confusing) to the casual installer
+ --enable-dependency-tracking
+ do not reject slow dependency extractors
+ --disable-dependency-tracking
+ speeds up one-time build
+ --enable-shared[=PKGS] build shared libraries [default=yes]
+ --enable-static[=PKGS] build static libraries [default=yes]
+ --enable-fast-install[=PKGS]
+ optimize for fast installation [default=yes]
+ --disable-libtool-lock avoid locking (might break parallel builds)
+ --enable-development enable development environment (no)
+ --enable-manpages-build man pages build (no)
+ --enable-docs-build docs build (no)
+ --enable-pkgconfig enable pkgconfig for configuration (yes)
+ --enable-custom-configs enable package-specific custom scripts for
+ configuration (yes)
+ --enable-folders-search enable searching for package installation in typical
+ folders (yes)
+ --enable-size-t enable xmsSecSize typedef to size_t (no)
+ --enable-openssl3-engines
+ enable engines support for OpenSSL 3+ (no)
+ --enable-mscrypto enable mscrypto (no)
+ --enable-mscng enable mscng (no)
+ --enable-unicode enable Unicode support on Windows (yes)
+ --enable-files enable files support (yes)
+ --enable-ftp enable FTP support (no, deprecated)
+ --enable-http enable HTTP support (yes)
+ --enable-md5 enable MD5 support (yes)
+ --enable-ripemd160 enable RIPEMD-160 support (yes)
+ --enable-sha1 enable SHA1 support (yes)
+ --enable-sha224 enable SHA224 support (yes)
+ --enable-sha256 enable SHA256 support (yes)
+ --enable-sha384 enable SHA384 support (yes)
+ --enable-sha512 enable SHA512 support (yes)
+ --enable-hmac enable HMAC support (yes)
+ --enable-dsa enable DSA support (yes)
+ --enable-md5 enable MD5 support (no, deprecated)
+ --enable-rsa enable RSA support (yes)
+ --enable-x509 enable x509 support (yes)
+ --enable-des enable DES support (yes)
+ --enable-aes enable AES support
+ --enable-gost enable GOST support (no)
+ --enable-gost2012 enable EXPERMIENTAL GOST2012 support (no)
+ --enable-xmldsig enable XMLDSig support (yes)
+ --enable-xmlenc enable XMLEnc support (yes)
+ --enable-soap enable soap support (no)
+ --enable-mans enable manual pages (yes)
+ --enable-docs enable documentation (yes)
+ --enable-apps enable applications (yes)
+ --enable-static-linking enable static linking (no)
+ --enable-crypto-dl enable dynamic loading support for xmlsec-crypto
+ libraries (yes)
+ --enable-apps-crypto-dl enable dynamic loading support for xmlsec-crypto
+ libraries in xmlsec command line tool (yes)
+ --enable-skm enable Simple Keys Manager testing (yes)
+ --enable-tmpl-tests enable templates testing in xmlsec utility (yes)
+ --enable-debugging enable debugging compilation flags (no)
+ --enable-werror handle warnings as errors (no)
+ --enable-profiling enable profiling compilation flags (no)
+ --enable-pedantic enable pedantic compilation flags (no)
+ --enable-secure-memset enable secure memset compilation flags (yes)
+
+Optional Packages:
+ --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
+ --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
+ --with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use
+ both]
+ --with-aix-soname=aix|svr4|both
+ shared library versioning (aka "SONAME") variant to
+ provide on AIX, [default=aix].
+ --with-gnu-ld assume the C compiler uses GNU ld [default=no]
+ --with-sysroot[=DIR] Search for dependent libraries within DIR (or the
+ compiler's sysroot if not specified).
+ --with-libxml[=PFX] libxml2 location
+ --with-libxml-src[=PFX] libxml2 source tree location
+ --with-libxslt[=PFX] libxslt location
+ --with-libxslt-src[=PFX]
+ libxslt source tree location
+ --with-openssl[=PFX] openssl location
+ --with-nss[=PFX] nss location
+ --with-nspr[=PFX] nspr location (needed for NSS)
+ --with-seamonkey-ver[=VER]
+ mozilla version (alt to --with-nss, --with-nspr)
+ --with-mozilla-ver[=VER]
+ mozilla version (alt to --with-nss, --with-nspr)
+ --with-gcrypt[=PFX] gcrypt location
+ --with-gnutls[=PFX] gnutls location
+ --with-default-crypto=name
+ default crypto name
+ --with-html-dir=PATH path to installed docs
+
+Some influential environment variables:
+ CC C compiler command
+ CFLAGS C compiler flags
+ LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
+ nonstandard directory <lib dir>
+ LIBS libraries to pass to the linker, e.g. -l<library>
+ CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
+ you have headers in a nonstandard directory <include dir>
+ LT_SYS_LIBRARY_PATH
+ User-defined run-time library search path.
+ PKG_CONFIG path to pkg-config utility
+ PKG_CONFIG_PATH
+ directories to add to pkg-config's search path
+ PKG_CONFIG_LIBDIR
+ path overriding pkg-config's built-in search path
+ LIBXML_CFLAGS
+ C compiler flags for LIBXML, overriding pkg-config
+ LIBXML_LIBS linker flags for LIBXML, overriding pkg-config
+ CPP C preprocessor
+ LIBXSLT_CFLAGS
+ C compiler flags for LIBXSLT, overriding pkg-config
+ LIBXSLT_LIBS
+ linker flags for LIBXSLT, overriding pkg-config
+ OPENSSL_CFLAGS
+ C compiler flags for OPENSSL, overriding pkg-config
+ OPENSSL_LIBS
+ linker flags for OPENSSL, overriding pkg-config
+ NSPR_CFLAGS C compiler flags for NSPR, overriding pkg-config
+ NSPR_LIBS linker flags for NSPR, overriding pkg-config
+ NSS_CFLAGS C compiler flags for NSS, overriding pkg-config
+ NSS_LIBS linker flags for NSS, overriding pkg-config
+ GCRYPT_CFLAGS
+ C compiler flags for GCRYPT, overriding pkg-config
+ GCRYPT_LIBS linker flags for GCRYPT, overriding pkg-config
+ GNUTLS_CFLAGS
+ C compiler flags for GNUTLS, overriding pkg-config
+ GNUTLS_LIBS linker flags for GNUTLS, overriding pkg-config
+
+Use these variables to override the choices made by `configure' or to help
+it to find libraries and programs with nonstandard names/locations.
+
+Report bugs to <http://www.aleksey.com/xmlsec>.
+_ACEOF
+ac_status=$?
+fi
+
+if test "$ac_init_help" = "recursive"; then
+ # If there are subdirs, report their specific --help.
+ for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
+ test -d "$ac_dir" ||
+ { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } ||
+ continue
+ ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+ ac_dir_suffix=/`printf "%s\n" "$ac_dir" | sed 's|^\.[\\/]||'`
+ # A ".." for each directory in $ac_dir_suffix.
+ ac_top_builddir_sub=`printf "%s\n" "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+ case $ac_top_builddir_sub in
+ "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+ *) ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+ esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+ .) # We are building in place.
+ ac_srcdir=.
+ ac_top_srcdir=$ac_top_builddir_sub
+ ac_abs_top_srcdir=$ac_pwd ;;
+ [\\/]* | ?:[\\/]* ) # Absolute name.
+ ac_srcdir=$srcdir$ac_dir_suffix;
+ ac_top_srcdir=$srcdir
+ ac_abs_top_srcdir=$srcdir ;;
+ *) # Relative name.
+ ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+ ac_top_srcdir=$ac_top_build_prefix$srcdir
+ ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+ cd "$ac_dir" || { ac_status=$?; continue; }
+ # Check for configure.gnu first; this name is used for a wrapper for
+ # Metaconfig's "Configure" on case-insensitive file systems.
+ if test -f "$ac_srcdir/configure.gnu"; then
+ echo &&
+ $SHELL "$ac_srcdir/configure.gnu" --help=recursive
+ elif test -f "$ac_srcdir/configure"; then
+ echo &&
+ $SHELL "$ac_srcdir/configure" --help=recursive
+ else
+ printf "%s\n" "$as_me: WARNING: no configuration information is in $ac_dir" >&2
+ fi || ac_status=$?
+ cd "$ac_pwd" || { ac_status=$?; break; }
+ done
+fi
+
+test -n "$ac_init_help" && exit $ac_status
+if $ac_init_version; then
+ cat <<\_ACEOF
+xmlsec1 configure 1.2.39
+generated by GNU Autoconf 2.71
+
+Copyright (C) 2021 Free Software Foundation, Inc.
+This configure script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it.
+_ACEOF
+ exit
+fi
+
+## ------------------------ ##
+## Autoconf initialization. ##
+## ------------------------ ##
+
+# ac_fn_c_try_compile LINENO
+# --------------------------
+# Try to compile conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_compile ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ rm -f conftest.$ac_objext conftest.beam
+ if { { ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_compile") 2>conftest.err
+ ac_status=$?
+ if test -s conftest.err; then
+ grep -v '^ *+' conftest.err >conftest.er1
+ cat conftest.er1 >&5
+ mv -f conftest.er1 conftest.err
+ fi
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext
+then :
+ ac_retval=0
+else $as_nop
+ printf "%s\n" "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_retval=1
+fi
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_compile
+
+# ac_fn_c_try_link LINENO
+# -----------------------
+# Try to link conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_link ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ rm -f conftest.$ac_objext conftest.beam conftest$ac_exeext
+ if { { ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_link") 2>conftest.err
+ ac_status=$?
+ if test -s conftest.err; then
+ grep -v '^ *+' conftest.err >conftest.er1
+ cat conftest.er1 >&5
+ mv -f conftest.er1 conftest.err
+ fi
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext && {
+ test "$cross_compiling" = yes ||
+ test -x conftest$ac_exeext
+ }
+then :
+ ac_retval=0
+else $as_nop
+ printf "%s\n" "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_retval=1
+fi
+ # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information
+ # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would
+ # interfere with the next link command; also delete a directory that is
+ # left behind by Apple's compiler. We do this before executing the actions.
+ rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_link
+
+# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES
+# -------------------------------------------------------
+# Tests whether HEADER exists and can be compiled using the include files in
+# INCLUDES, setting the cache variable VAR accordingly.
+ac_fn_c_check_header_compile ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+printf %s "checking for $2... " >&6; }
+if eval test \${$3+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+#include <$2>
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ eval "$3=yes"
+else $as_nop
+ eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+eval ac_res=\$$3
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+printf "%s\n" "$ac_res" >&6; }
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_header_compile
+
+# ac_fn_c_check_func LINENO FUNC VAR
+# ----------------------------------
+# Tests whether FUNC exists, setting the cache variable VAR accordingly
+ac_fn_c_check_func ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+printf %s "checking for $2... " >&6; }
+if eval test \${$3+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+/* Define $2 to an innocuous variant, in case <limits.h> declares $2.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define $2 innocuous_$2
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $2 (); below. */
+
+#include <limits.h>
+#undef $2
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $2 ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_$2 || defined __stub___$2
+choke me
+#endif
+
+int
+main (void)
+{
+return $2 ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ eval "$3=yes"
+else $as_nop
+ eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+printf "%s\n" "$ac_res" >&6; }
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_func
+
+# ac_fn_c_try_run LINENO
+# ----------------------
+# Try to run conftest.$ac_ext, and return whether this succeeded. Assumes that
+# executables *can* be run.
+ac_fn_c_try_run ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ if { { ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_link") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && { ac_try='./conftest$ac_exeext'
+ { { case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }
+then :
+ ac_retval=0
+else $as_nop
+ printf "%s\n" "$as_me: program exited with status $ac_status" >&5
+ printf "%s\n" "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_retval=$ac_status
+fi
+ rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_run
+
+# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES
+# --------------------------------------------
+# Tries to find the compile-time value of EXPR in a program that includes
+# INCLUDES, setting VAR accordingly. Returns whether the value could be
+# computed
+ac_fn_c_compute_int ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ if test "$cross_compiling" = yes; then
+ # Depending upon the size, compute the lo and hi bounds.
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main (void)
+{
+static int test_array [1 - 2 * !(($2) >= 0)];
+test_array [0] = 0;
+return test_array [0];
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_lo=0 ac_mid=0
+ while :; do
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main (void)
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0;
+return test_array [0];
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_hi=$ac_mid; break
+else $as_nop
+ as_fn_arith $ac_mid + 1 && ac_lo=$as_val
+ if test $ac_lo -le $ac_mid; then
+ ac_lo= ac_hi=
+ break
+ fi
+ as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+ done
+else $as_nop
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main (void)
+{
+static int test_array [1 - 2 * !(($2) < 0)];
+test_array [0] = 0;
+return test_array [0];
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_hi=-1 ac_mid=-1
+ while :; do
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main (void)
+{
+static int test_array [1 - 2 * !(($2) >= $ac_mid)];
+test_array [0] = 0;
+return test_array [0];
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_lo=$ac_mid; break
+else $as_nop
+ as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val
+ if test $ac_mid -le $ac_hi; then
+ ac_lo= ac_hi=
+ break
+ fi
+ as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+ done
+else $as_nop
+ ac_lo= ac_hi=
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+# Binary search between lo and hi bounds.
+while test "x$ac_lo" != "x$ac_hi"; do
+ as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main (void)
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0;
+return test_array [0];
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_hi=$ac_mid
+else $as_nop
+ as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+done
+case $ac_lo in #((
+?*) eval "$3=\$ac_lo"; ac_retval=0 ;;
+'') ac_retval=1 ;;
+esac
+ else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+static long int longval (void) { return $2; }
+static unsigned long int ulongval (void) { return $2; }
+#include <stdio.h>
+#include <stdlib.h>
+int
+main (void)
+{
+
+ FILE *f = fopen ("conftest.val", "w");
+ if (! f)
+ return 1;
+ if (($2) < 0)
+ {
+ long int i = longval ();
+ if (i != ($2))
+ return 1;
+ fprintf (f, "%ld", i);
+ }
+ else
+ {
+ unsigned long int i = ulongval ();
+ if (i != ($2))
+ return 1;
+ fprintf (f, "%lu", i);
+ }
+ /* Do not output a trailing newline, as this causes \r\n confusion
+ on some platforms. */
+ return ferror (f) || fclose (f) != 0;
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"
+then :
+ echo >>conftest.val; read $3 <conftest.val; ac_retval=0
+else $as_nop
+ ac_retval=1
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+ conftest.$ac_objext conftest.beam conftest.$ac_ext
+rm -f conftest.val
+
+ fi
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_compute_int
+
+# ac_fn_c_try_cpp LINENO
+# ----------------------
+# Try to preprocess conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_cpp ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ if { { ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err
+ ac_status=$?
+ if test -s conftest.err; then
+ grep -v '^ *+' conftest.err >conftest.er1
+ cat conftest.er1 >&5
+ mv -f conftest.er1 conftest.err
+ fi
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; } > conftest.i && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }
+then :
+ ac_retval=0
+else $as_nop
+ printf "%s\n" "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_retval=1
+fi
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_cpp
+ac_configure_args_raw=
+for ac_arg
+do
+ case $ac_arg in
+ *\'*)
+ ac_arg=`printf "%s\n" "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
+ esac
+ as_fn_append ac_configure_args_raw " '$ac_arg'"
+done
+
+case $ac_configure_args_raw in
+ *$as_nl*)
+ ac_safe_unquote= ;;
+ *)
+ ac_unsafe_z='|&;<>()$`\\"*?[ '' ' # This string ends in space, tab.
+ ac_unsafe_a="$ac_unsafe_z#~"
+ ac_safe_unquote="s/ '\\([^$ac_unsafe_a][^$ac_unsafe_z]*\\)'/ \\1/g"
+ ac_configure_args_raw=` printf "%s\n" "$ac_configure_args_raw" | sed "$ac_safe_unquote"`;;
+esac
+
+cat >config.log <<_ACEOF
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+
+It was created by xmlsec1 $as_me 1.2.39, which was
+generated by GNU Autoconf 2.71. Invocation command line was
+
+ $ $0$ac_configure_args_raw
+
+_ACEOF
+exec 5>>config.log
+{
+cat <<_ASUNAME
+## --------- ##
+## Platform. ##
+## --------- ##
+
+hostname = `(hostname || uname -n) 2>/dev/null | sed 1q`
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown`
+/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown`
+
+/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown`
+/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
+/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown`
+/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown`
+/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown`
+/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown`
+
+_ASUNAME
+
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ printf "%s\n" "PATH: $as_dir"
+ done
+IFS=$as_save_IFS
+
+} >&5
+
+cat >&5 <<_ACEOF
+
+
+## ----------- ##
+## Core tests. ##
+## ----------- ##
+
+_ACEOF
+
+
+# Keep a trace of the command line.
+# Strip out --no-create and --no-recursion so they do not pile up.
+# Strip out --silent because we don't want to record it for future runs.
+# Also quote any args containing shell meta-characters.
+# Make two passes to allow for proper duplicate-argument suppression.
+ac_configure_args=
+ac_configure_args0=
+ac_configure_args1=
+ac_must_keep_next=false
+for ac_pass in 1 2
+do
+ for ac_arg
+ do
+ case $ac_arg in
+ -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;;
+ -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+ | -silent | --silent | --silen | --sile | --sil)
+ continue ;;
+ *\'*)
+ ac_arg=`printf "%s\n" "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
+ esac
+ case $ac_pass in
+ 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;;
+ 2)
+ as_fn_append ac_configure_args1 " '$ac_arg'"
+ if test $ac_must_keep_next = true; then
+ ac_must_keep_next=false # Got value, back to normal.
+ else
+ case $ac_arg in
+ *=* | --config-cache | -C | -disable-* | --disable-* \
+ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \
+ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \
+ | -with-* | --with-* | -without-* | --without-* | --x)
+ case "$ac_configure_args0 " in
+ "$ac_configure_args1"*" '$ac_arg' "* ) continue ;;
+ esac
+ ;;
+ -* ) ac_must_keep_next=true ;;
+ esac
+ fi
+ as_fn_append ac_configure_args " '$ac_arg'"
+ ;;
+ esac
+ done
+done
+{ ac_configure_args0=; unset ac_configure_args0;}
+{ ac_configure_args1=; unset ac_configure_args1;}
+
+# When interrupted or exit'd, cleanup temporary files, and complete
+# config.log. We remove comments because anyway the quotes in there
+# would cause problems or look ugly.
+# WARNING: Use '\'' to represent an apostrophe within the trap.
+# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug.
+trap 'exit_status=$?
+ # Sanitize IFS.
+ IFS=" "" $as_nl"
+ # Save into config.log some information that might help in debugging.
+ {
+ echo
+
+ printf "%s\n" "## ---------------- ##
+## Cache variables. ##
+## ---------------- ##"
+ echo
+ # The following way of writing the cache mishandles newlines in values,
+(
+ for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do
+ eval ac_val=\$$ac_var
+ case $ac_val in #(
+ *${as_nl}*)
+ case $ac_var in #(
+ *_cv_*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
+printf "%s\n" "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+ esac
+ case $ac_var in #(
+ _ | IFS | as_nl) ;; #(
+ BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+ *) { eval $ac_var=; unset $ac_var;} ;;
+ esac ;;
+ esac
+ done
+ (set) 2>&1 |
+ case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #(
+ *${as_nl}ac_space=\ *)
+ sed -n \
+ "s/'\''/'\''\\\\'\'''\''/g;
+ s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p"
+ ;; #(
+ *)
+ sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
+ ;;
+ esac |
+ sort
+)
+ echo
+
+ printf "%s\n" "## ----------------- ##
+## Output variables. ##
+## ----------------- ##"
+ echo
+ for ac_var in $ac_subst_vars
+ do
+ eval ac_val=\$$ac_var
+ case $ac_val in
+ *\'\''*) ac_val=`printf "%s\n" "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+ esac
+ printf "%s\n" "$ac_var='\''$ac_val'\''"
+ done | sort
+ echo
+
+ if test -n "$ac_subst_files"; then
+ printf "%s\n" "## ------------------- ##
+## File substitutions. ##
+## ------------------- ##"
+ echo
+ for ac_var in $ac_subst_files
+ do
+ eval ac_val=\$$ac_var
+ case $ac_val in
+ *\'\''*) ac_val=`printf "%s\n" "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+ esac
+ printf "%s\n" "$ac_var='\''$ac_val'\''"
+ done | sort
+ echo
+ fi
+
+ if test -s confdefs.h; then
+ printf "%s\n" "## ----------- ##
+## confdefs.h. ##
+## ----------- ##"
+ echo
+ cat confdefs.h
+ echo
+ fi
+ test "$ac_signal" != 0 &&
+ printf "%s\n" "$as_me: caught signal $ac_signal"
+ printf "%s\n" "$as_me: exit $exit_status"
+ } >&5
+ rm -f core *.core core.conftest.* &&
+ rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
+ exit $exit_status
+' 0
+for ac_signal in 1 2 13 15; do
+ trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal
+done
+ac_signal=0
+
+# confdefs.h avoids OS command line length limits that DEFS can exceed.
+rm -f -r conftest* confdefs.h
+
+printf "%s\n" "/* confdefs.h */" > confdefs.h
+
+# Predefined preprocessor variables.
+
+printf "%s\n" "#define PACKAGE_NAME \"$PACKAGE_NAME\"" >>confdefs.h
+
+printf "%s\n" "#define PACKAGE_TARNAME \"$PACKAGE_TARNAME\"" >>confdefs.h
+
+printf "%s\n" "#define PACKAGE_VERSION \"$PACKAGE_VERSION\"" >>confdefs.h
+
+printf "%s\n" "#define PACKAGE_STRING \"$PACKAGE_STRING\"" >>confdefs.h
+
+printf "%s\n" "#define PACKAGE_BUGREPORT \"$PACKAGE_BUGREPORT\"" >>confdefs.h
+
+printf "%s\n" "#define PACKAGE_URL \"$PACKAGE_URL\"" >>confdefs.h
+
+
+# Let the site file select an alternate cache file if it wants to.
+# Prefer an explicitly selected file to automatically selected ones.
+if test -n "$CONFIG_SITE"; then
+ ac_site_files="$CONFIG_SITE"
+elif test "x$prefix" != xNONE; then
+ ac_site_files="$prefix/share/config.site $prefix/etc/config.site"
+else
+ ac_site_files="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site"
+fi
+
+for ac_site_file in $ac_site_files
+do
+ case $ac_site_file in #(
+ */*) :
+ ;; #(
+ *) :
+ ac_site_file=./$ac_site_file ;;
+esac
+ if test -f "$ac_site_file" && test -r "$ac_site_file"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5
+printf "%s\n" "$as_me: loading site script $ac_site_file" >&6;}
+ sed 's/^/| /' "$ac_site_file" >&5
+ . "$ac_site_file" \
+ || { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "failed to load site script $ac_site_file
+See \`config.log' for more details" "$LINENO" 5; }
+ fi
+done
+
+if test -r "$cache_file"; then
+ # Some versions of bash will fail to source /dev/null (special files
+ # actually), so we avoid doing that. DJGPP emulates it as a regular file.
+ if test /dev/null != "$cache_file" && test -f "$cache_file"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5
+printf "%s\n" "$as_me: loading cache $cache_file" >&6;}
+ case $cache_file in
+ [\\/]* | ?:[\\/]* ) . "$cache_file";;
+ *) . "./$cache_file";;
+ esac
+ fi
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5
+printf "%s\n" "$as_me: creating cache $cache_file" >&6;}
+ >$cache_file
+fi
+
+# Test code for whether the C compiler supports C89 (global declarations)
+ac_c_conftest_c89_globals='
+/* Does the compiler advertise C89 conformance?
+ Do not test the value of __STDC__, because some compilers set it to 0
+ while being otherwise adequately conformant. */
+#if !defined __STDC__
+# error "Compiler does not advertise C89 conformance"
+#endif
+
+#include <stddef.h>
+#include <stdarg.h>
+struct stat;
+/* Most of the following tests are stolen from RCS 5.7 src/conf.sh. */
+struct buf { int x; };
+struct buf * (*rcsopen) (struct buf *, struct stat *, int);
+static char *e (p, i)
+ char **p;
+ int i;
+{
+ return p[i];
+}
+static char *f (char * (*g) (char **, int), char **p, ...)
+{
+ char *s;
+ va_list v;
+ va_start (v,p);
+ s = g (p, va_arg (v,int));
+ va_end (v);
+ return s;
+}
+
+/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has
+ function prototypes and stuff, but not \xHH hex character constants.
+ These do not provoke an error unfortunately, instead are silently treated
+ as an "x". The following induces an error, until -std is added to get
+ proper ANSI mode. Curiously \x00 != x always comes out true, for an
+ array size at least. It is necessary to write \x00 == 0 to get something
+ that is true only with -std. */
+int osf4_cc_array ['\''\x00'\'' == 0 ? 1 : -1];
+
+/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
+ inside strings and character constants. */
+#define FOO(x) '\''x'\''
+int xlc6_cc_array[FOO(a) == '\''x'\'' ? 1 : -1];
+
+int test (int i, double x);
+struct s1 {int (*f) (int a);};
+struct s2 {int (*f) (double a);};
+int pairnames (int, char **, int *(*)(struct buf *, struct stat *, int),
+ int, int);'
+
+# Test code for whether the C compiler supports C89 (body of main).
+ac_c_conftest_c89_main='
+ok |= (argc == 0 || f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]);
+'
+
+# Test code for whether the C compiler supports C99 (global declarations)
+ac_c_conftest_c99_globals='
+// Does the compiler advertise C99 conformance?
+#if !defined __STDC_VERSION__ || __STDC_VERSION__ < 199901L
+# error "Compiler does not advertise C99 conformance"
+#endif
+
+#include <stdbool.h>
+extern int puts (const char *);
+extern int printf (const char *, ...);
+extern int dprintf (int, const char *, ...);
+extern void *malloc (size_t);
+
+// Check varargs macros. These examples are taken from C99 6.10.3.5.
+// dprintf is used instead of fprintf to avoid needing to declare
+// FILE and stderr.
+#define debug(...) dprintf (2, __VA_ARGS__)
+#define showlist(...) puts (#__VA_ARGS__)
+#define report(test,...) ((test) ? puts (#test) : printf (__VA_ARGS__))
+static void
+test_varargs_macros (void)
+{
+ int x = 1234;
+ int y = 5678;
+ debug ("Flag");
+ debug ("X = %d\n", x);
+ showlist (The first, second, and third items.);
+ report (x>y, "x is %d but y is %d", x, y);
+}
+
+// Check long long types.
+#define BIG64 18446744073709551615ull
+#define BIG32 4294967295ul
+#define BIG_OK (BIG64 / BIG32 == 4294967297ull && BIG64 % BIG32 == 0)
+#if !BIG_OK
+ #error "your preprocessor is broken"
+#endif
+#if BIG_OK
+#else
+ #error "your preprocessor is broken"
+#endif
+static long long int bignum = -9223372036854775807LL;
+static unsigned long long int ubignum = BIG64;
+
+struct incomplete_array
+{
+ int datasize;
+ double data[];
+};
+
+struct named_init {
+ int number;
+ const wchar_t *name;
+ double average;
+};
+
+typedef const char *ccp;
+
+static inline int
+test_restrict (ccp restrict text)
+{
+ // See if C++-style comments work.
+ // Iterate through items via the restricted pointer.
+ // Also check for declarations in for loops.
+ for (unsigned int i = 0; *(text+i) != '\''\0'\''; ++i)
+ continue;
+ return 0;
+}
+
+// Check varargs and va_copy.
+static bool
+test_varargs (const char *format, ...)
+{
+ va_list args;
+ va_start (args, format);
+ va_list args_copy;
+ va_copy (args_copy, args);
+
+ const char *str = "";
+ int number = 0;
+ float fnumber = 0;
+
+ while (*format)
+ {
+ switch (*format++)
+ {
+ case '\''s'\'': // string
+ str = va_arg (args_copy, const char *);
+ break;
+ case '\''d'\'': // int
+ number = va_arg (args_copy, int);
+ break;
+ case '\''f'\'': // float
+ fnumber = va_arg (args_copy, double);
+ break;
+ default:
+ break;
+ }
+ }
+ va_end (args_copy);
+ va_end (args);
+
+ return *str && number && fnumber;
+}
+'
+
+# Test code for whether the C compiler supports C99 (body of main).
+ac_c_conftest_c99_main='
+ // Check bool.
+ _Bool success = false;
+ success |= (argc != 0);
+
+ // Check restrict.
+ if (test_restrict ("String literal") == 0)
+ success = true;
+ char *restrict newvar = "Another string";
+
+ // Check varargs.
+ success &= test_varargs ("s, d'\'' f .", "string", 65, 34.234);
+ test_varargs_macros ();
+
+ // Check flexible array members.
+ struct incomplete_array *ia =
+ malloc (sizeof (struct incomplete_array) + (sizeof (double) * 10));
+ ia->datasize = 10;
+ for (int i = 0; i < ia->datasize; ++i)
+ ia->data[i] = i * 1.234;
+
+ // Check named initializers.
+ struct named_init ni = {
+ .number = 34,
+ .name = L"Test wide string",
+ .average = 543.34343,
+ };
+
+ ni.number = 58;
+
+ int dynamic_array[ni.number];
+ dynamic_array[0] = argv[0][0];
+ dynamic_array[ni.number - 1] = 543;
+
+ // work around unused variable warnings
+ ok |= (!success || bignum == 0LL || ubignum == 0uLL || newvar[0] == '\''x'\''
+ || dynamic_array[ni.number - 1] != 543);
+'
+
+# Test code for whether the C compiler supports C11 (global declarations)
+ac_c_conftest_c11_globals='
+// Does the compiler advertise C11 conformance?
+#if !defined __STDC_VERSION__ || __STDC_VERSION__ < 201112L
+# error "Compiler does not advertise C11 conformance"
+#endif
+
+// Check _Alignas.
+char _Alignas (double) aligned_as_double;
+char _Alignas (0) no_special_alignment;
+extern char aligned_as_int;
+char _Alignas (0) _Alignas (int) aligned_as_int;
+
+// Check _Alignof.
+enum
+{
+ int_alignment = _Alignof (int),
+ int_array_alignment = _Alignof (int[100]),
+ char_alignment = _Alignof (char)
+};
+_Static_assert (0 < -_Alignof (int), "_Alignof is signed");
+
+// Check _Noreturn.
+int _Noreturn does_not_return (void) { for (;;) continue; }
+
+// Check _Static_assert.
+struct test_static_assert
+{
+ int x;
+ _Static_assert (sizeof (int) <= sizeof (long int),
+ "_Static_assert does not work in struct");
+ long int y;
+};
+
+// Check UTF-8 literals.
+#define u8 syntax error!
+char const utf8_literal[] = u8"happens to be ASCII" "another string";
+
+// Check duplicate typedefs.
+typedef long *long_ptr;
+typedef long int *long_ptr;
+typedef long_ptr long_ptr;
+
+// Anonymous structures and unions -- taken from C11 6.7.2.1 Example 1.
+struct anonymous
+{
+ union {
+ struct { int i; int j; };
+ struct { int k; long int l; } w;
+ };
+ int m;
+} v1;
+'
+
+# Test code for whether the C compiler supports C11 (body of main).
+ac_c_conftest_c11_main='
+ _Static_assert ((offsetof (struct anonymous, i)
+ == offsetof (struct anonymous, w.k)),
+ "Anonymous union alignment botch");
+ v1.i = 2;
+ v1.w.k = 5;
+ ok |= v1.i != 5;
+'
+
+# Test code for whether the C compiler supports C11 (complete).
+ac_c_conftest_c11_program="${ac_c_conftest_c89_globals}
+${ac_c_conftest_c99_globals}
+${ac_c_conftest_c11_globals}
+
+int
+main (int argc, char **argv)
+{
+ int ok = 0;
+ ${ac_c_conftest_c89_main}
+ ${ac_c_conftest_c99_main}
+ ${ac_c_conftest_c11_main}
+ return ok;
+}
+"
+
+# Test code for whether the C compiler supports C99 (complete).
+ac_c_conftest_c99_program="${ac_c_conftest_c89_globals}
+${ac_c_conftest_c99_globals}
+
+int
+main (int argc, char **argv)
+{
+ int ok = 0;
+ ${ac_c_conftest_c89_main}
+ ${ac_c_conftest_c99_main}
+ return ok;
+}
+"
+
+# Test code for whether the C compiler supports C89 (complete).
+ac_c_conftest_c89_program="${ac_c_conftest_c89_globals}
+
+int
+main (int argc, char **argv)
+{
+ int ok = 0;
+ ${ac_c_conftest_c89_main}
+ return ok;
+}
+"
+
+as_fn_append ac_header_c_list " stdio.h stdio_h HAVE_STDIO_H"
+as_fn_append ac_header_c_list " stdlib.h stdlib_h HAVE_STDLIB_H"
+as_fn_append ac_header_c_list " string.h string_h HAVE_STRING_H"
+as_fn_append ac_header_c_list " inttypes.h inttypes_h HAVE_INTTYPES_H"
+as_fn_append ac_header_c_list " stdint.h stdint_h HAVE_STDINT_H"
+as_fn_append ac_header_c_list " strings.h strings_h HAVE_STRINGS_H"
+as_fn_append ac_header_c_list " sys/stat.h sys_stat_h HAVE_SYS_STAT_H"
+as_fn_append ac_header_c_list " sys/types.h sys_types_h HAVE_SYS_TYPES_H"
+as_fn_append ac_header_c_list " unistd.h unistd_h HAVE_UNISTD_H"
+
+# Auxiliary files required by this configure script.
+ac_aux_files="ltmain.sh compile missing install-sh config.guess config.sub"
+
+# Locations in which to look for auxiliary files.
+ac_aux_dir_candidates="${srcdir}${PATH_SEPARATOR}${srcdir}/..${PATH_SEPARATOR}${srcdir}/../.."
+
+# Search for a directory containing all of the required auxiliary files,
+# $ac_aux_files, from the $PATH-style list $ac_aux_dir_candidates.
+# If we don't find one directory that contains all the files we need,
+# we report the set of missing files from the *first* directory in
+# $ac_aux_dir_candidates and give up.
+ac_missing_aux_files=""
+ac_first_candidate=:
+printf "%s\n" "$as_me:${as_lineno-$LINENO}: looking for aux files: $ac_aux_files" >&5
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+as_found=false
+for as_dir in $ac_aux_dir_candidates
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ as_found=:
+
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: trying $as_dir" >&5
+ ac_aux_dir_found=yes
+ ac_install_sh=
+ for ac_aux in $ac_aux_files
+ do
+ # As a special case, if "install-sh" is required, that requirement
+ # can be satisfied by any of "install-sh", "install.sh", or "shtool",
+ # and $ac_install_sh is set appropriately for whichever one is found.
+ if test x"$ac_aux" = x"install-sh"
+ then
+ if test -f "${as_dir}install-sh"; then
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}install-sh found" >&5
+ ac_install_sh="${as_dir}install-sh -c"
+ elif test -f "${as_dir}install.sh"; then
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}install.sh found" >&5
+ ac_install_sh="${as_dir}install.sh -c"
+ elif test -f "${as_dir}shtool"; then
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}shtool found" >&5
+ ac_install_sh="${as_dir}shtool install -c"
+ else
+ ac_aux_dir_found=no
+ if $ac_first_candidate; then
+ ac_missing_aux_files="${ac_missing_aux_files} install-sh"
+ else
+ break
+ fi
+ fi
+ else
+ if test -f "${as_dir}${ac_aux}"; then
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}${ac_aux} found" >&5
+ else
+ ac_aux_dir_found=no
+ if $ac_first_candidate; then
+ ac_missing_aux_files="${ac_missing_aux_files} ${ac_aux}"
+ else
+ break
+ fi
+ fi
+ fi
+ done
+ if test "$ac_aux_dir_found" = yes; then
+ ac_aux_dir="$as_dir"
+ break
+ fi
+ ac_first_candidate=false
+
+ as_found=false
+done
+IFS=$as_save_IFS
+if $as_found
+then :
+
+else $as_nop
+ as_fn_error $? "cannot find required auxiliary files:$ac_missing_aux_files" "$LINENO" 5
+fi
+
+
+# These three variables are undocumented and unsupported,
+# and are intended to be withdrawn in a future Autoconf release.
+# They can cause serious problems if a builder's source tree is in a directory
+# whose full name contains unusual characters.
+if test -f "${ac_aux_dir}config.guess"; then
+ ac_config_guess="$SHELL ${ac_aux_dir}config.guess"
+fi
+if test -f "${ac_aux_dir}config.sub"; then
+ ac_config_sub="$SHELL ${ac_aux_dir}config.sub"
+fi
+if test -f "$ac_aux_dir/configure"; then
+ ac_configure="$SHELL ${ac_aux_dir}configure"
+fi
+
+# Check that the precious variables saved in the cache have kept the same
+# value.
+ac_cache_corrupted=false
+for ac_var in $ac_precious_vars; do
+ eval ac_old_set=\$ac_cv_env_${ac_var}_set
+ eval ac_new_set=\$ac_env_${ac_var}_set
+ eval ac_old_val=\$ac_cv_env_${ac_var}_value
+ eval ac_new_val=\$ac_env_${ac_var}_value
+ case $ac_old_set,$ac_new_set in
+ set,)
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
+printf "%s\n" "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
+ ac_cache_corrupted=: ;;
+ ,set)
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5
+printf "%s\n" "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
+ ac_cache_corrupted=: ;;
+ ,);;
+ *)
+ if test "x$ac_old_val" != "x$ac_new_val"; then
+ # differences in whitespace do not lead to failure.
+ ac_old_val_w=`echo x $ac_old_val`
+ ac_new_val_w=`echo x $ac_new_val`
+ if test "$ac_old_val_w" != "$ac_new_val_w"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5
+printf "%s\n" "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
+ ac_cache_corrupted=:
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5
+printf "%s\n" "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;}
+ eval $ac_var=\$ac_old_val
+ fi
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5
+printf "%s\n" "$as_me: former value: \`$ac_old_val'" >&2;}
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5
+printf "%s\n" "$as_me: current value: \`$ac_new_val'" >&2;}
+ fi;;
+ esac
+ # Pass precious variables to config.status.
+ if test "$ac_new_set" = set; then
+ case $ac_new_val in
+ *\'*) ac_arg=$ac_var=`printf "%s\n" "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
+ *) ac_arg=$ac_var=$ac_new_val ;;
+ esac
+ case " $ac_configure_args " in
+ *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy.
+ *) as_fn_append ac_configure_args " '$ac_arg'" ;;
+ esac
+ fi
+done
+if $ac_cache_corrupted; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5
+printf "%s\n" "$as_me: error: changes in the environment can compromise the build" >&2;}
+ as_fn_error $? "run \`${MAKE-make} distclean' and/or \`rm $cache_file'
+ and start over" "$LINENO" 5
+fi
+## -------------------- ##
+## Main body of script. ##
+## -------------------- ##
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+
+XMLSEC_PACKAGE=xmlsec1
+XMLSEC_VERSION_MAJOR=1
+XMLSEC_VERSION_MINOR=2
+XMLSEC_VERSION_SUBMINOR=39
+XMLSEC_VERSION="$XMLSEC_VERSION_MAJOR.$XMLSEC_VERSION_MINOR.$XMLSEC_VERSION_SUBMINOR"
+XMLSEC_VERSION_INFO=`echo $XMLSEC_VERSION | awk -F. '{ printf "%d:%d:%d", $1+$2, $3, $2 }'`
+XMLSEC_VERSION_SAFE=`echo $XMLSEC_VERSION | sed 's/\./_/g'`
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+
+
+ # Make sure we can run config.sub.
+$SHELL "${ac_aux_dir}config.sub" sun4 >/dev/null 2>&1 ||
+ as_fn_error $? "cannot run $SHELL ${ac_aux_dir}config.sub" "$LINENO" 5
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking build system type" >&5
+printf %s "checking build system type... " >&6; }
+if test ${ac_cv_build+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_build_alias=$build_alias
+test "x$ac_build_alias" = x &&
+ ac_build_alias=`$SHELL "${ac_aux_dir}config.guess"`
+test "x$ac_build_alias" = x &&
+ as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5
+ac_cv_build=`$SHELL "${ac_aux_dir}config.sub" $ac_build_alias` ||
+ as_fn_error $? "$SHELL ${ac_aux_dir}config.sub $ac_build_alias failed" "$LINENO" 5
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5
+printf "%s\n" "$ac_cv_build" >&6; }
+case $ac_cv_build in
+*-*-*) ;;
+*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;;
+esac
+build=$ac_cv_build
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_build
+shift
+build_cpu=$1
+build_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+build_os=$*
+IFS=$ac_save_IFS
+case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking host system type" >&5
+printf %s "checking host system type... " >&6; }
+if test ${ac_cv_host+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test "x$host_alias" = x; then
+ ac_cv_host=$ac_cv_build
+else
+ ac_cv_host=`$SHELL "${ac_aux_dir}config.sub" $host_alias` ||
+ as_fn_error $? "$SHELL ${ac_aux_dir}config.sub $host_alias failed" "$LINENO" 5
+fi
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5
+printf "%s\n" "$ac_cv_host" >&6; }
+case $ac_cv_host in
+*-*-*) ;;
+*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;;
+esac
+host=$ac_cv_host
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_host
+shift
+host_cpu=$1
+host_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+host_os=$*
+IFS=$ac_save_IFS
+case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac
+
+
+
+
+
+
+
+
+
+
+
+
+am__api_version='1.16'
+
+
+ # Find a good install program. We prefer a C program (faster),
+# so one script is as good as another. But avoid the broken or
+# incompatible versions:
+# SysV /etc/install, /usr/sbin/install
+# SunOS /usr/etc/install
+# IRIX /sbin/install
+# AIX /bin/install
+# AmigaOS /C/install, which installs bootblocks on floppy discs
+# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
+# AFS /usr/afsws/bin/install, which mishandles nonexistent args
+# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
+# OS/2's system install, which has a completely different semantic
+# ./install, which can be erroneously created by make from ./install.sh.
+# Reject install programs that cannot install multiple files.
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5
+printf %s "checking for a BSD-compatible install... " >&6; }
+if test -z "$INSTALL"; then
+if test ${ac_cv_path_install+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ # Account for fact that we put trailing slashes in our PATH walk.
+case $as_dir in #((
+ ./ | /[cC]/* | \
+ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \
+ ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \
+ /usr/ucb/* ) ;;
+ *)
+ # OSF1 and SCO ODT 3.0 have their own names for install.
+ # Don't use installbsd from OSF since it installs stuff as root
+ # by default.
+ for ac_prog in ginstall scoinst install; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_prog$ac_exec_ext"; then
+ if test $ac_prog = install &&
+ grep dspmsg "$as_dir$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+ # AIX install. It has an incompatible calling convention.
+ :
+ elif test $ac_prog = install &&
+ grep pwplus "$as_dir$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+ # program-specific install script used by HP pwplus--don't use.
+ :
+ else
+ rm -rf conftest.one conftest.two conftest.dir
+ echo one > conftest.one
+ echo two > conftest.two
+ mkdir conftest.dir
+ if "$as_dir$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir/" &&
+ test -s conftest.one && test -s conftest.two &&
+ test -s conftest.dir/conftest.one &&
+ test -s conftest.dir/conftest.two
+ then
+ ac_cv_path_install="$as_dir$ac_prog$ac_exec_ext -c"
+ break 3
+ fi
+ fi
+ fi
+ done
+ done
+ ;;
+esac
+
+ done
+IFS=$as_save_IFS
+
+rm -rf conftest.one conftest.two conftest.dir
+
+fi
+ if test ${ac_cv_path_install+y}; then
+ INSTALL=$ac_cv_path_install
+ else
+ # As a last resort, use the slow shell script. Don't cache a
+ # value for INSTALL within a source directory, because that will
+ # break other packages using the cache if that directory is
+ # removed, or if the value is a relative name.
+ INSTALL=$ac_install_sh
+ fi
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5
+printf "%s\n" "$INSTALL" >&6; }
+
+# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
+# It thinks the first close brace ends the variable substitution.
+test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
+
+test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}'
+
+test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5
+printf %s "checking whether build environment is sane... " >&6; }
+# Reject unsafe characters in $srcdir or the absolute working directory
+# name. Accept space and tab only in the latter.
+am_lf='
+'
+case `pwd` in
+ *[\\\"\#\$\&\'\`$am_lf]*)
+ as_fn_error $? "unsafe absolute working directory name" "$LINENO" 5;;
+esac
+case $srcdir in
+ *[\\\"\#\$\&\'\`$am_lf\ \ ]*)
+ as_fn_error $? "unsafe srcdir value: '$srcdir'" "$LINENO" 5;;
+esac
+
+# Do 'set' in a subshell so we don't clobber the current shell's
+# arguments. Must try -L first in case configure is actually a
+# symlink; some systems play weird games with the mod time of symlinks
+# (eg FreeBSD returns the mod time of the symlink's containing
+# directory).
+if (
+ am_has_slept=no
+ for am_try in 1 2; do
+ echo "timestamp, slept: $am_has_slept" > conftest.file
+ set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null`
+ if test "$*" = "X"; then
+ # -L didn't work.
+ set X `ls -t "$srcdir/configure" conftest.file`
+ fi
+ if test "$*" != "X $srcdir/configure conftest.file" \
+ && test "$*" != "X conftest.file $srcdir/configure"; then
+
+ # If neither matched, then we have a broken ls. This can happen
+ # if, for instance, CONFIG_SHELL is bash and it inherits a
+ # broken ls alias from the environment. This has actually
+ # happened. Such a system could not be considered "sane".
+ as_fn_error $? "ls -t appears to fail. Make sure there is not a broken
+ alias in your environment" "$LINENO" 5
+ fi
+ if test "$2" = conftest.file || test $am_try -eq 2; then
+ break
+ fi
+ # Just in case.
+ sleep 1
+ am_has_slept=yes
+ done
+ test "$2" = conftest.file
+ )
+then
+ # Ok.
+ :
+else
+ as_fn_error $? "newly created file is older than distributed files!
+Check your system clock" "$LINENO" 5
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+# If we didn't sleep, we still need to ensure time stamps of config.status and
+# generated files are strictly newer.
+am_sleep_pid=
+if grep 'slept: no' conftest.file >/dev/null 2>&1; then
+ ( sleep 1 ) &
+ am_sleep_pid=$!
+fi
+
+rm -f conftest.file
+
+test "$program_prefix" != NONE &&
+ program_transform_name="s&^&$program_prefix&;$program_transform_name"
+# Use a double $ so make ignores it.
+test "$program_suffix" != NONE &&
+ program_transform_name="s&\$&$program_suffix&;$program_transform_name"
+# Double any \ or $.
+# By default was `s,x,x', remove it if useless.
+ac_script='s/[\\$]/&&/g;s/;s,x,x,$//'
+program_transform_name=`printf "%s\n" "$program_transform_name" | sed "$ac_script"`
+
+
+# Expand $ac_aux_dir to an absolute path.
+am_aux_dir=`cd "$ac_aux_dir" && pwd`
+
+
+ if test x"${MISSING+set}" != xset; then
+ MISSING="\${SHELL} '$am_aux_dir/missing'"
+fi
+# Use eval to expand $SHELL
+if eval "$MISSING --is-lightweight"; then
+ am_missing_run="$MISSING "
+else
+ am_missing_run=
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5
+printf "%s\n" "$as_me: WARNING: 'missing' script is too old or missing" >&2;}
+fi
+
+if test x"${install_sh+set}" != xset; then
+ case $am_aux_dir in
+ *\ * | *\ *)
+ install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;;
+ *)
+ install_sh="\${SHELL} $am_aux_dir/install-sh"
+ esac
+fi
+
+# Installed binaries are usually stripped using 'strip' when the user
+# run "make install-strip". However 'strip' might not be the right
+# tool to use in cross-compilation environments, therefore Automake
+# will honor the 'STRIP' environment variable to overrule this program.
+if test "$cross_compiling" != no; then
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
+set dummy ${ac_tool_prefix}strip; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_STRIP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$STRIP"; then
+ ac_cv_prog_STRIP="$STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_STRIP="${ac_tool_prefix}strip"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+STRIP=$ac_cv_prog_STRIP
+if test -n "$STRIP"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5
+printf "%s\n" "$STRIP" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_STRIP"; then
+ ac_ct_STRIP=$STRIP
+ # Extract the first word of "strip", so it can be a program name with args.
+set dummy strip; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_STRIP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_STRIP"; then
+ ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_STRIP="strip"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP
+if test -n "$ac_ct_STRIP"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5
+printf "%s\n" "$ac_ct_STRIP" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_STRIP" = x; then
+ STRIP=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ STRIP=$ac_ct_STRIP
+ fi
+else
+ STRIP="$ac_cv_prog_STRIP"
+fi
+
+fi
+INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
+
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a race-free mkdir -p" >&5
+printf %s "checking for a race-free mkdir -p... " >&6; }
+if test -z "$MKDIR_P"; then
+ if test ${ac_cv_path_mkdir+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_prog in mkdir gmkdir; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ as_fn_executable_p "$as_dir$ac_prog$ac_exec_ext" || continue
+ case `"$as_dir$ac_prog$ac_exec_ext" --version 2>&1` in #(
+ 'mkdir ('*'coreutils) '* | \
+ 'BusyBox '* | \
+ 'mkdir (fileutils) '4.1*)
+ ac_cv_path_mkdir=$as_dir$ac_prog$ac_exec_ext
+ break 3;;
+ esac
+ done
+ done
+ done
+IFS=$as_save_IFS
+
+fi
+
+ test -d ./--version && rmdir ./--version
+ if test ${ac_cv_path_mkdir+y}; then
+ MKDIR_P="$ac_cv_path_mkdir -p"
+ else
+ # As a last resort, use the slow shell script. Don't cache a
+ # value for MKDIR_P within a source directory, because that will
+ # break other packages using the cache if that directory is
+ # removed, or if the value is a relative name.
+ MKDIR_P="$ac_install_sh -d"
+ fi
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5
+printf "%s\n" "$MKDIR_P" >&6; }
+
+for ac_prog in gawk mawk nawk awk
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_AWK+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$AWK"; then
+ ac_cv_prog_AWK="$AWK" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_AWK="$ac_prog"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+AWK=$ac_cv_prog_AWK
+if test -n "$AWK"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5
+printf "%s\n" "$AWK" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ test -n "$AWK" && break
+done
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5
+printf %s "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; }
+set x ${MAKE-make}
+ac_make=`printf "%s\n" "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
+if eval test \${ac_cv_prog_make_${ac_make}_set+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ cat >conftest.make <<\_ACEOF
+SHELL = /bin/sh
+all:
+ @echo '@@@%%%=$(MAKE)=@@@%%%'
+_ACEOF
+# GNU make sometimes prints "make[1]: Entering ...", which would confuse us.
+case `${MAKE-make} -f conftest.make 2>/dev/null` in
+ *@@@%%%=?*=@@@%%%*)
+ eval ac_cv_prog_make_${ac_make}_set=yes;;
+ *)
+ eval ac_cv_prog_make_${ac_make}_set=no;;
+esac
+rm -f conftest.make
+fi
+if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ SET_MAKE=
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ SET_MAKE="MAKE=${MAKE-make}"
+fi
+
+rm -rf .tst 2>/dev/null
+mkdir .tst 2>/dev/null
+if test -d .tst; then
+ am__leading_dot=.
+else
+ am__leading_dot=_
+fi
+rmdir .tst 2>/dev/null
+
+# Check whether --enable-silent-rules was given.
+if test ${enable_silent_rules+y}
+then :
+ enableval=$enable_silent_rules;
+fi
+
+case $enable_silent_rules in # (((
+ yes) AM_DEFAULT_VERBOSITY=0;;
+ no) AM_DEFAULT_VERBOSITY=1;;
+ *) AM_DEFAULT_VERBOSITY=1;;
+esac
+am_make=${MAKE-make}
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5
+printf %s "checking whether $am_make supports nested variables... " >&6; }
+if test ${am_cv_make_support_nested_variables+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if printf "%s\n" 'TRUE=$(BAR$(V))
+BAR0=false
+BAR1=true
+V=1
+am__doit:
+ @$(TRUE)
+.PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then
+ am_cv_make_support_nested_variables=yes
+else
+ am_cv_make_support_nested_variables=no
+fi
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5
+printf "%s\n" "$am_cv_make_support_nested_variables" >&6; }
+if test $am_cv_make_support_nested_variables = yes; then
+ AM_V='$(V)'
+ AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)'
+else
+ AM_V=$AM_DEFAULT_VERBOSITY
+ AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY
+fi
+AM_BACKSLASH='\'
+
+if test "`cd $srcdir && pwd`" != "`pwd`"; then
+ # Use -I$(srcdir) only when $(srcdir) != ., so that make's output
+ # is not polluted with repeated "-I."
+ am__isrc=' -I$(srcdir)'
+ # test to see if srcdir already configured
+ if test -f $srcdir/config.status; then
+ as_fn_error $? "source directory already configured; run \"make distclean\" there first" "$LINENO" 5
+ fi
+fi
+
+# test whether we have cygpath
+if test -z "$CYGPATH_W"; then
+ if (cygpath --version) >/dev/null 2>/dev/null; then
+ CYGPATH_W='cygpath -w'
+ else
+ CYGPATH_W=echo
+ fi
+fi
+
+
+# Define the identity of the package.
+ PACKAGE='xmlsec1'
+ VERSION='1.2.39'
+
+
+printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h
+
+
+printf "%s\n" "#define VERSION \"$VERSION\"" >>confdefs.h
+
+# Some tools Automake needs.
+
+ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"}
+
+
+AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"}
+
+
+AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"}
+
+
+AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"}
+
+
+MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}
+
+# For better backward compatibility. To be removed once Automake 1.9.x
+# dies out for good. For more background, see:
+# <https://lists.gnu.org/archive/html/automake/2012-07/msg00001.html>
+# <https://lists.gnu.org/archive/html/automake/2012-07/msg00014.html>
+mkdir_p='$(MKDIR_P)'
+
+# We need awk for the "check" target (and possibly the TAP driver). The
+# system "awk" is bad on some platforms.
+# Always define AMTAR for backward compatibility. Yes, it's still used
+# in the wild :-( We should find a proper way to deprecate it ...
+AMTAR='$${TAR-tar}'
+
+
+# We'll loop over all known methods to create a tar archive until one works.
+_am_tools='gnutar plaintar pax cpio none'
+
+# The POSIX 1988 'ustar' format is defined with fixed-size fields.
+ # There is notably a 21 bits limit for the UID and the GID. In fact,
+ # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343
+ # and bug#13588).
+ am_max_uid=2097151 # 2^21 - 1
+ am_max_gid=$am_max_uid
+ # The $UID and $GID variables are not portable, so we need to resort
+ # to the POSIX-mandated id(1) utility. Errors in the 'id' calls
+ # below are definitely unexpected, so allow the users to see them
+ # (that is, avoid stderr redirection).
+ am_uid=`id -u || echo unknown`
+ am_gid=`id -g || echo unknown`
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether UID '$am_uid' is supported by ustar format" >&5
+printf %s "checking whether UID '$am_uid' is supported by ustar format... " >&6; }
+ if test $am_uid -le $am_max_uid; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ _am_tools=none
+ fi
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether GID '$am_gid' is supported by ustar format" >&5
+printf %s "checking whether GID '$am_gid' is supported by ustar format... " >&6; }
+ if test $am_gid -le $am_max_gid; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ _am_tools=none
+ fi
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to create a ustar tar archive" >&5
+printf %s "checking how to create a ustar tar archive... " >&6; }
+
+ # Go ahead even if we have the value already cached. We do so because we
+ # need to set the values for the 'am__tar' and 'am__untar' variables.
+ _am_tools=${am_cv_prog_tar_ustar-$_am_tools}
+
+ for _am_tool in $_am_tools; do
+ case $_am_tool in
+ gnutar)
+ for _am_tar in tar gnutar gtar; do
+ { echo "$as_me:$LINENO: $_am_tar --version" >&5
+ ($_am_tar --version) >&5 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && break
+ done
+ am__tar="$_am_tar --format=ustar -chf - "'"$$tardir"'
+ am__tar_="$_am_tar --format=ustar -chf - "'"$tardir"'
+ am__untar="$_am_tar -xf -"
+ ;;
+ plaintar)
+ # Must skip GNU tar: if it does not support --format= it doesn't create
+ # ustar tarball either.
+ (tar --version) >/dev/null 2>&1 && continue
+ am__tar='tar chf - "$$tardir"'
+ am__tar_='tar chf - "$tardir"'
+ am__untar='tar xf -'
+ ;;
+ pax)
+ am__tar='pax -L -x ustar -w "$$tardir"'
+ am__tar_='pax -L -x ustar -w "$tardir"'
+ am__untar='pax -r'
+ ;;
+ cpio)
+ am__tar='find "$$tardir" -print | cpio -o -H ustar -L'
+ am__tar_='find "$tardir" -print | cpio -o -H ustar -L'
+ am__untar='cpio -i -H ustar -d'
+ ;;
+ none)
+ am__tar=false
+ am__tar_=false
+ am__untar=false
+ ;;
+ esac
+
+ # If the value was cached, stop now. We just wanted to have am__tar
+ # and am__untar set.
+ test -n "${am_cv_prog_tar_ustar}" && break
+
+ # tar/untar a dummy directory, and stop if the command works.
+ rm -rf conftest.dir
+ mkdir conftest.dir
+ echo GrepMe > conftest.dir/file
+ { echo "$as_me:$LINENO: tardir=conftest.dir && eval $am__tar_ >conftest.tar" >&5
+ (tardir=conftest.dir && eval $am__tar_ >conftest.tar) >&5 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+ rm -rf conftest.dir
+ if test -s conftest.tar; then
+ { echo "$as_me:$LINENO: $am__untar <conftest.tar" >&5
+ ($am__untar <conftest.tar) >&5 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+ { echo "$as_me:$LINENO: cat conftest.dir/file" >&5
+ (cat conftest.dir/file) >&5 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+ grep GrepMe conftest.dir/file >/dev/null 2>&1 && break
+ fi
+ done
+ rm -rf conftest.dir
+
+ if test ${am_cv_prog_tar_ustar+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ am_cv_prog_tar_ustar=$_am_tool
+fi
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_tar_ustar" >&5
+printf "%s\n" "$am_cv_prog_tar_ustar" >&6; }
+
+
+
+
+
+# Variables for tags utilities; see am/tags.am
+if test -z "$CTAGS"; then
+ CTAGS=ctags
+fi
+
+if test -z "$ETAGS"; then
+ ETAGS=etags
+fi
+
+if test -z "$CSCOPE"; then
+ CSCOPE=cscope
+fi
+
+
+
+# POSIX will say in a future version that running "rm -f" with no argument
+# is OK; and we want to be able to make that assumption in our Makefile
+# recipes. So use an aggressive probe to check that the usage we want is
+# actually supported "in the wild" to an acceptable degree.
+# See automake bug#10828.
+# To make any issue more visible, cause the running configure to be aborted
+# by default if the 'rm' program in use doesn't match our expectations; the
+# user can still override this though.
+if rm -f && rm -fr && rm -rf; then : OK; else
+ cat >&2 <<'END'
+Oops!
+
+Your 'rm' program seems unable to run without file operands specified
+on the command line, even when the '-f' option is present. This is contrary
+to the behaviour of most rm programs out there, and not conforming with
+the upcoming POSIX standard: <http://austingroupbugs.net/view.php?id=542>
+
+Please tell bug-automake@gnu.org about your system, including the value
+of your $PATH and any error possibly output before this message. This
+can help us improve future automake versions.
+
+END
+ if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then
+ echo 'Configuration will proceed anyway, since you have set the' >&2
+ echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2
+ echo >&2
+ else
+ cat >&2 <<'END'
+Aborting the configuration process, to ensure you take notice of the issue.
+
+You can download and install GNU coreutils to get an 'rm' implementation
+that behaves properly: <https://www.gnu.org/software/coreutils/>.
+
+If you want to complete the configuration process using your problematic
+'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM
+to "yes", and re-run configure.
+
+END
+ as_fn_error $? "Your 'rm' program is bad, sorry." "$LINENO" 5
+ fi
+fi
+
+ac_config_headers="$ac_config_headers config.h"
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5
+printf %s "checking whether to enable maintainer-specific portions of Makefiles... " >&6; }
+ # Check whether --enable-maintainer-mode was given.
+if test ${enable_maintainer_mode+y}
+then :
+ enableval=$enable_maintainer_mode; USE_MAINTAINER_MODE=$enableval
+else $as_nop
+ USE_MAINTAINER_MODE=no
+fi
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $USE_MAINTAINER_MODE" >&5
+printf "%s\n" "$USE_MAINTAINER_MODE" >&6; }
+ if test $USE_MAINTAINER_MODE = yes; then
+ MAINTAINER_MODE_TRUE=
+ MAINTAINER_MODE_FALSE='#'
+else
+ MAINTAINER_MODE_TRUE='#'
+ MAINTAINER_MODE_FALSE=
+fi
+
+ MAINT=$MAINTAINER_MODE_TRUE
+
+
+
+# Support silent build rules, requires at least automake-1.11. Disable
+# by either passing --disable-silent-rules to configure or passing V=1
+# to make
+# Check whether --enable-silent-rules was given.
+if test ${enable_silent_rules+y}
+then :
+ enableval=$enable_silent_rules;
+fi
+
+case $enable_silent_rules in # (((
+ yes) AM_DEFAULT_VERBOSITY=0;;
+ no) AM_DEFAULT_VERBOSITY=1;;
+ *) AM_DEFAULT_VERBOSITY=0;;
+esac
+am_make=${MAKE-make}
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5
+printf %s "checking whether $am_make supports nested variables... " >&6; }
+if test ${am_cv_make_support_nested_variables+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if printf "%s\n" 'TRUE=$(BAR$(V))
+BAR0=false
+BAR1=true
+V=1
+am__doit:
+ @$(TRUE)
+.PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then
+ am_cv_make_support_nested_variables=yes
+else
+ am_cv_make_support_nested_variables=no
+fi
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5
+printf "%s\n" "$am_cv_make_support_nested_variables" >&6; }
+if test $am_cv_make_support_nested_variables = yes; then
+ AM_V='$(V)'
+ AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)'
+else
+ AM_V=$AM_DEFAULT_VERBOSITY
+ AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY
+fi
+AM_BACKSLASH='\'
+
+
+
+
+
+
+
+
+
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}gcc; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_CC+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_CC="${ac_tool_prefix}gcc"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+printf "%s\n" "$CC" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_CC"; then
+ ac_ct_CC=$CC
+ # Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_CC+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_CC"; then
+ ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_CC="gcc"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+printf "%s\n" "$ac_ct_CC" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_CC" = x; then
+ CC=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ CC=$ac_ct_CC
+ fi
+else
+ CC="$ac_cv_prog_CC"
+fi
+
+if test -z "$CC"; then
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}cc; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_CC+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_CC="${ac_tool_prefix}cc"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+printf "%s\n" "$CC" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ fi
+fi
+if test -z "$CC"; then
+ # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_CC+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+ ac_prog_rejected=no
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ if test "$as_dir$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
+ ac_prog_rejected=yes
+ continue
+ fi
+ ac_cv_prog_CC="cc"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+if test $ac_prog_rejected = yes; then
+ # We found a bogon in the path, so make sure we never use it.
+ set dummy $ac_cv_prog_CC
+ shift
+ if test $# != 0; then
+ # We chose a different compiler from the bogus one.
+ # However, it has the same basename, so the bogon will be chosen
+ # first if we set CC to just the basename; use the full file name.
+ shift
+ ac_cv_prog_CC="$as_dir$ac_word${1+' '}$@"
+ fi
+fi
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+printf "%s\n" "$CC" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$CC"; then
+ if test -n "$ac_tool_prefix"; then
+ for ac_prog in cl.exe
+ do
+ # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_CC+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+printf "%s\n" "$CC" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ test -n "$CC" && break
+ done
+fi
+if test -z "$CC"; then
+ ac_ct_CC=$CC
+ for ac_prog in cl.exe
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_CC+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_CC"; then
+ ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_CC="$ac_prog"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+printf "%s\n" "$ac_ct_CC" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ test -n "$ac_ct_CC" && break
+done
+
+ if test "x$ac_ct_CC" = x; then
+ CC=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ CC=$ac_ct_CC
+ fi
+fi
+
+fi
+if test -z "$CC"; then
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}clang", so it can be a program name with args.
+set dummy ${ac_tool_prefix}clang; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_CC+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_CC="${ac_tool_prefix}clang"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+printf "%s\n" "$CC" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_CC"; then
+ ac_ct_CC=$CC
+ # Extract the first word of "clang", so it can be a program name with args.
+set dummy clang; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_CC+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_CC"; then
+ ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_CC="clang"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+printf "%s\n" "$ac_ct_CC" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_CC" = x; then
+ CC=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ CC=$ac_ct_CC
+ fi
+else
+ CC="$ac_cv_prog_CC"
+fi
+
+fi
+
+
+test -z "$CC" && { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "no acceptable C compiler found in \$PATH
+See \`config.log' for more details" "$LINENO" 5; }
+
+# Provide some information about the compiler.
+printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
+set X $ac_compile
+ac_compiler=$2
+for ac_option in --version -v -V -qversion -version; do
+ { { ac_try="$ac_compiler $ac_option >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_compiler $ac_option >&5") 2>conftest.err
+ ac_status=$?
+ if test -s conftest.err; then
+ sed '10a\
+... rest of stderr output deleted ...
+ 10q' conftest.err >conftest.er1
+ cat conftest.er1 >&5
+ fi
+ rm -f conftest.er1 conftest.err
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+done
+
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
+# Try to create an executable without -o first, disregard a.out.
+# It will help us diagnose broken compilers, and finding out an intuition
+# of exeext.
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5
+printf %s "checking whether the C compiler works... " >&6; }
+ac_link_default=`printf "%s\n" "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
+
+# The possible output files:
+ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*"
+
+ac_rmfiles=
+for ac_file in $ac_files
+do
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+ * ) ac_rmfiles="$ac_rmfiles $ac_file";;
+ esac
+done
+rm -f $ac_rmfiles
+
+if { { ac_try="$ac_link_default"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_link_default") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+then :
+ # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
+# So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
+# in a Makefile. We should not override ac_cv_exeext if it was cached,
+# so that the user can short-circuit this test for compilers unknown to
+# Autoconf.
+for ac_file in $ac_files ''
+do
+ test -f "$ac_file" || continue
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj )
+ ;;
+ [ab].out )
+ # We found the default executable, but exeext='' is most
+ # certainly right.
+ break;;
+ *.* )
+ if test ${ac_cv_exeext+y} && test "$ac_cv_exeext" != no;
+ then :; else
+ ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+ fi
+ # We set ac_cv_exeext here because the later test for it is not
+ # safe: cross compilers may not add the suffix if given an `-o'
+ # argument, so we may need to know it at that point already.
+ # Even if this section looks crufty: it has the advantage of
+ # actually working.
+ break;;
+ * )
+ break;;
+ esac
+done
+test "$ac_cv_exeext" = no && ac_cv_exeext=
+
+else $as_nop
+ ac_file=''
+fi
+if test -z "$ac_file"
+then :
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+printf "%s\n" "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "C compiler cannot create executables
+See \`config.log' for more details" "$LINENO" 5; }
+else $as_nop
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5
+printf %s "checking for C compiler default output file name... " >&6; }
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5
+printf "%s\n" "$ac_file" >&6; }
+ac_exeext=$ac_cv_exeext
+
+rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
+ac_clean_files=$ac_clean_files_save
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5
+printf %s "checking for suffix of executables... " >&6; }
+if { { ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_link") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+then :
+ # If both `conftest.exe' and `conftest' are `present' (well, observable)
+# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will
+# work properly (i.e., refer to `conftest.exe'), while it won't with
+# `rm'.
+for ac_file in conftest.exe conftest conftest.*; do
+ test -f "$ac_file" || continue
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+ *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+ break;;
+ * ) break;;
+ esac
+done
+else $as_nop
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot compute suffix of executables: cannot compile and link
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+rm -f conftest conftest$ac_cv_exeext
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5
+printf "%s\n" "$ac_cv_exeext" >&6; }
+
+rm -f conftest.$ac_ext
+EXEEXT=$ac_cv_exeext
+ac_exeext=$EXEEXT
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <stdio.h>
+int
+main (void)
+{
+FILE *f = fopen ("conftest.out", "w");
+ return ferror (f) || fclose (f) != 0;
+
+ ;
+ return 0;
+}
+_ACEOF
+ac_clean_files="$ac_clean_files conftest.out"
+# Check that the compiler produces executables we can run. If not, either
+# the compiler is broken, or we cross compile.
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5
+printf %s "checking whether we are cross compiling... " >&6; }
+if test "$cross_compiling" != yes; then
+ { { ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_link") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+ if { ac_try='./conftest$ac_cv_exeext'
+ { { case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }; then
+ cross_compiling=no
+ else
+ if test "$cross_compiling" = maybe; then
+ cross_compiling=yes
+ else
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot run C compiled programs.
+If you meant to cross compile, use \`--host'.
+See \`config.log' for more details" "$LINENO" 5; }
+ fi
+ fi
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5
+printf "%s\n" "$cross_compiling" >&6; }
+
+rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out
+ac_clean_files=$ac_clean_files_save
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5
+printf %s "checking for suffix of object files... " >&6; }
+if test ${ac_cv_objext+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.o conftest.obj
+if { { ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+printf "%s\n" "$ac_try_echo"; } >&5
+ (eval "$ac_compile") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+then :
+ for ac_file in conftest.o conftest.obj conftest.*; do
+ test -f "$ac_file" || continue;
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;;
+ *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
+ break;;
+ esac
+done
+else $as_nop
+ printf "%s\n" "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot compute suffix of object files: cannot compile
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+rm -f conftest.$ac_cv_objext conftest.$ac_ext
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5
+printf "%s\n" "$ac_cv_objext" >&6; }
+OBJEXT=$ac_cv_objext
+ac_objext=$OBJEXT
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports GNU C" >&5
+printf %s "checking whether the compiler supports GNU C... " >&6; }
+if test ${ac_cv_c_compiler_gnu+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+#ifndef __GNUC__
+ choke me
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_compiler_gnu=yes
+else $as_nop
+ ac_compiler_gnu=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+ac_cv_c_compiler_gnu=$ac_compiler_gnu
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
+printf "%s\n" "$ac_cv_c_compiler_gnu" >&6; }
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+if test $ac_compiler_gnu = yes; then
+ GCC=yes
+else
+ GCC=
+fi
+ac_test_CFLAGS=${CFLAGS+y}
+ac_save_CFLAGS=$CFLAGS
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
+printf %s "checking whether $CC accepts -g... " >&6; }
+if test ${ac_cv_prog_cc_g+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_save_c_werror_flag=$ac_c_werror_flag
+ ac_c_werror_flag=yes
+ ac_cv_prog_cc_g=no
+ CFLAGS="-g"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_cv_prog_cc_g=yes
+else $as_nop
+ CFLAGS=""
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+
+else $as_nop
+ ac_c_werror_flag=$ac_save_c_werror_flag
+ CFLAGS="-g"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_cv_prog_cc_g=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+ ac_c_werror_flag=$ac_save_c_werror_flag
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
+printf "%s\n" "$ac_cv_prog_cc_g" >&6; }
+if test $ac_test_CFLAGS; then
+ CFLAGS=$ac_save_CFLAGS
+elif test $ac_cv_prog_cc_g = yes; then
+ if test "$GCC" = yes; then
+ CFLAGS="-g -O2"
+ else
+ CFLAGS="-g"
+ fi
+else
+ if test "$GCC" = yes; then
+ CFLAGS="-O2"
+ else
+ CFLAGS=
+ fi
+fi
+ac_prog_cc_stdc=no
+if test x$ac_prog_cc_stdc = xno
+then :
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C11 features" >&5
+printf %s "checking for $CC option to enable C11 features... " >&6; }
+if test ${ac_cv_prog_cc_c11+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_cv_prog_cc_c11=no
+ac_save_CC=$CC
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$ac_c_conftest_c11_program
+_ACEOF
+for ac_arg in '' -std=gnu11
+do
+ CC="$ac_save_CC $ac_arg"
+ if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_cv_prog_cc_c11=$ac_arg
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam
+ test "x$ac_cv_prog_cc_c11" != "xno" && break
+done
+rm -f conftest.$ac_ext
+CC=$ac_save_CC
+fi
+
+if test "x$ac_cv_prog_cc_c11" = xno
+then :
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
+printf "%s\n" "unsupported" >&6; }
+else $as_nop
+ if test "x$ac_cv_prog_cc_c11" = x
+then :
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
+printf "%s\n" "none needed" >&6; }
+else $as_nop
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c11" >&5
+printf "%s\n" "$ac_cv_prog_cc_c11" >&6; }
+ CC="$CC $ac_cv_prog_cc_c11"
+fi
+ ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c11
+ ac_prog_cc_stdc=c11
+fi
+fi
+if test x$ac_prog_cc_stdc = xno
+then :
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C99 features" >&5
+printf %s "checking for $CC option to enable C99 features... " >&6; }
+if test ${ac_cv_prog_cc_c99+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_cv_prog_cc_c99=no
+ac_save_CC=$CC
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$ac_c_conftest_c99_program
+_ACEOF
+for ac_arg in '' -std=gnu99 -std=c99 -c99 -qlanglvl=extc1x -qlanglvl=extc99 -AC99 -D_STDC_C99=
+do
+ CC="$ac_save_CC $ac_arg"
+ if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_cv_prog_cc_c99=$ac_arg
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam
+ test "x$ac_cv_prog_cc_c99" != "xno" && break
+done
+rm -f conftest.$ac_ext
+CC=$ac_save_CC
+fi
+
+if test "x$ac_cv_prog_cc_c99" = xno
+then :
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
+printf "%s\n" "unsupported" >&6; }
+else $as_nop
+ if test "x$ac_cv_prog_cc_c99" = x
+then :
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
+printf "%s\n" "none needed" >&6; }
+else $as_nop
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5
+printf "%s\n" "$ac_cv_prog_cc_c99" >&6; }
+ CC="$CC $ac_cv_prog_cc_c99"
+fi
+ ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c99
+ ac_prog_cc_stdc=c99
+fi
+fi
+if test x$ac_prog_cc_stdc = xno
+then :
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C89 features" >&5
+printf %s "checking for $CC option to enable C89 features... " >&6; }
+if test ${ac_cv_prog_cc_c89+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_cv_prog_cc_c89=no
+ac_save_CC=$CC
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$ac_c_conftest_c89_program
+_ACEOF
+for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+do
+ CC="$ac_save_CC $ac_arg"
+ if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_cv_prog_cc_c89=$ac_arg
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam
+ test "x$ac_cv_prog_cc_c89" != "xno" && break
+done
+rm -f conftest.$ac_ext
+CC=$ac_save_CC
+fi
+
+if test "x$ac_cv_prog_cc_c89" = xno
+then :
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
+printf "%s\n" "unsupported" >&6; }
+else $as_nop
+ if test "x$ac_cv_prog_cc_c89" = x
+then :
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
+printf "%s\n" "none needed" >&6; }
+else $as_nop
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5
+printf "%s\n" "$ac_cv_prog_cc_c89" >&6; }
+ CC="$CC $ac_cv_prog_cc_c89"
+fi
+ ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c89
+ ac_prog_cc_stdc=c89
+fi
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+ ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5
+printf %s "checking whether $CC understands -c and -o together... " >&6; }
+if test ${am_cv_prog_cc_c_o+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+ # Make sure it works both with $CC and with simple cc.
+ # Following AC_PROG_CC_C_O, we do the test twice because some
+ # compilers refuse to overwrite an existing .o file with -o,
+ # though they will create one.
+ am_cv_prog_cc_c_o=yes
+ for am_i in 1 2; do
+ if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5
+ ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } \
+ && test -f conftest2.$ac_objext; then
+ : OK
+ else
+ am_cv_prog_cc_c_o=no
+ break
+ fi
+ done
+ rm -f core conftest*
+ unset am_i
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5
+printf "%s\n" "$am_cv_prog_cc_c_o" >&6; }
+if test "$am_cv_prog_cc_c_o" != yes; then
+ # Losing compiler, so override with the script.
+ # FIXME: It is wrong to rewrite CC.
+ # But if we don't then we get into trouble of one sort or another.
+ # A longer-term fix would be to have automake use am__CC in this case,
+ # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)"
+ CC="$am_aux_dir/compile $CC"
+fi
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+DEPDIR="${am__leading_dot}deps"
+
+ac_config_commands="$ac_config_commands depfiles"
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} supports the include directive" >&5
+printf %s "checking whether ${MAKE-make} supports the include directive... " >&6; }
+cat > confinc.mk << 'END'
+am__doit:
+ @echo this is the am__doit target >confinc.out
+.PHONY: am__doit
+END
+am__include="#"
+am__quote=
+# BSD make does it like this.
+echo '.include "confinc.mk" # ignored' > confmf.BSD
+# Other make implementations (GNU, Solaris 10, AIX) do it like this.
+echo 'include confinc.mk # ignored' > confmf.GNU
+_am_result=no
+for s in GNU BSD; do
+ { echo "$as_me:$LINENO: ${MAKE-make} -f confmf.$s && cat confinc.out" >&5
+ (${MAKE-make} -f confmf.$s && cat confinc.out) >&5 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }
+ case $?:`cat confinc.out 2>/dev/null` in #(
+ '0:this is the am__doit target') :
+ case $s in #(
+ BSD) :
+ am__include='.include' am__quote='"' ;; #(
+ *) :
+ am__include='include' am__quote='' ;;
+esac ;; #(
+ *) :
+ ;;
+esac
+ if test "$am__include" != "#"; then
+ _am_result="yes ($s style)"
+ break
+ fi
+done
+rm -f confinc.* confmf.*
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: ${_am_result}" >&5
+printf "%s\n" "${_am_result}" >&6; }
+
+# Check whether --enable-dependency-tracking was given.
+if test ${enable_dependency_tracking+y}
+then :
+ enableval=$enable_dependency_tracking;
+fi
+
+if test "x$enable_dependency_tracking" != xno; then
+ am_depcomp="$ac_aux_dir/depcomp"
+ AMDEPBACKSLASH='\'
+ am__nodep='_no'
+fi
+ if test "x$enable_dependency_tracking" != xno; then
+ AMDEP_TRUE=
+ AMDEP_FALSE='#'
+else
+ AMDEP_TRUE='#'
+ AMDEP_FALSE=
+fi
+
+
+
+depcc="$CC" am_compiler_list=
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5
+printf %s "checking dependency style of $depcc... " >&6; }
+if test ${am_cv_CC_dependencies_compiler_type+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+ # We make a subdir and do the tests there. Otherwise we can end up
+ # making bogus files that we don't know about and never remove. For
+ # instance it was reported that on HP-UX the gcc test will end up
+ # making a dummy file named 'D' -- because '-MD' means "put the output
+ # in D".
+ rm -rf conftest.dir
+ mkdir conftest.dir
+ # Copy depcomp to subdir because otherwise we won't find it if we're
+ # using a relative directory.
+ cp "$am_depcomp" conftest.dir
+ cd conftest.dir
+ # We will build objects and dependencies in a subdirectory because
+ # it helps to detect inapplicable dependency modes. For instance
+ # both Tru64's cc and ICC support -MD to output dependencies as a
+ # side effect of compilation, but ICC will put the dependencies in
+ # the current directory while Tru64 will put them in the object
+ # directory.
+ mkdir sub
+
+ am_cv_CC_dependencies_compiler_type=none
+ if test "$am_compiler_list" = ""; then
+ am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp`
+ fi
+ am__universal=false
+ case " $depcc " in #(
+ *\ -arch\ *\ -arch\ *) am__universal=true ;;
+ esac
+
+ for depmode in $am_compiler_list; do
+ # Setup a source with many dependencies, because some compilers
+ # like to wrap large dependency lists on column 80 (with \), and
+ # we should not choose a depcomp mode which is confused by this.
+ #
+ # We need to recreate these files for each test, as the compiler may
+ # overwrite some of them when testing with obscure command lines.
+ # This happens at least with the AIX C compiler.
+ : > sub/conftest.c
+ for i in 1 2 3 4 5 6; do
+ echo '#include "conftst'$i'.h"' >> sub/conftest.c
+ # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with
+ # Solaris 10 /bin/sh.
+ echo '/* dummy */' > sub/conftst$i.h
+ done
+ echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+ # We check with '-c' and '-o' for the sake of the "dashmstdout"
+ # mode. It turns out that the SunPro C++ compiler does not properly
+ # handle '-M -o', and we need to detect this. Also, some Intel
+ # versions had trouble with output in subdirs.
+ am__obj=sub/conftest.${OBJEXT-o}
+ am__minus_obj="-o $am__obj"
+ case $depmode in
+ gcc)
+ # This depmode causes a compiler race in universal mode.
+ test "$am__universal" = false || continue
+ ;;
+ nosideeffect)
+ # After this tag, mechanisms are not by side-effect, so they'll
+ # only be used when explicitly requested.
+ if test "x$enable_dependency_tracking" = xyes; then
+ continue
+ else
+ break
+ fi
+ ;;
+ msvc7 | msvc7msys | msvisualcpp | msvcmsys)
+ # This compiler won't grok '-c -o', but also, the minuso test has
+ # not run yet. These depmodes are late enough in the game, and
+ # so weak that their functioning should not be impacted.
+ am__obj=conftest.${OBJEXT-o}
+ am__minus_obj=
+ ;;
+ none) break ;;
+ esac
+ if depmode=$depmode \
+ source=sub/conftest.c object=$am__obj \
+ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \
+ >/dev/null 2>conftest.err &&
+ grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep $am__obj sub/conftest.Po > /dev/null 2>&1 &&
+ ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+ # icc doesn't choke on unknown options, it will just issue warnings
+ # or remarks (even with -Werror). So we grep stderr for any message
+ # that says an option was ignored or not supported.
+ # When given -MP, icc 7.0 and 7.1 complain thusly:
+ # icc: Command line warning: ignoring option '-M'; no argument required
+ # The diagnosis changed in icc 8.0:
+ # icc: Command line remark: option '-MP' not supported
+ if (grep 'ignoring option' conftest.err ||
+ grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+ am_cv_CC_dependencies_compiler_type=$depmode
+ break
+ fi
+ fi
+ done
+
+ cd ..
+ rm -rf conftest.dir
+else
+ am_cv_CC_dependencies_compiler_type=none
+fi
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5
+printf "%s\n" "$am_cv_CC_dependencies_compiler_type" >&6; }
+CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type
+
+ if
+ test "x$enable_dependency_tracking" != xno \
+ && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then
+ am__fastdepCC_TRUE=
+ am__fastdepCC_FALSE='#'
+else
+ am__fastdepCC_TRUE='#'
+ am__fastdepCC_FALSE=
+fi
+
+
+
+case `pwd` in
+ *\ * | *\ *)
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5
+printf "%s\n" "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;;
+esac
+
+
+
+macro_version='2.4.7'
+macro_revision='2.4.7'
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ltmain=$ac_aux_dir/ltmain.sh
+
+# Backslashify metacharacters that are still active within
+# double-quoted strings.
+sed_quote_subst='s/\(["`$\\]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\(["`\\]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to delay expansion of an escaped single quote.
+delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+
+ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5
+printf %s "checking how to print strings... " >&6; }
+# Test print first, because it will be a builtin if present.
+if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \
+ test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then
+ ECHO='print -r --'
+elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then
+ ECHO='printf %s\n'
+else
+ # Use this function as a fallback that always works.
+ func_fallback_echo ()
+ {
+ eval 'cat <<_LTECHO_EOF
+$1
+_LTECHO_EOF'
+ }
+ ECHO='func_fallback_echo'
+fi
+
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+ $ECHO ""
+}
+
+case $ECHO in
+ printf*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: printf" >&5
+printf "%s\n" "printf" >&6; } ;;
+ print*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: print -r" >&5
+printf "%s\n" "print -r" >&6; } ;;
+ *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: cat" >&5
+printf "%s\n" "cat" >&6; } ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5
+printf %s "checking for a sed that does not truncate output... " >&6; }
+if test ${ac_cv_path_SED+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/
+ for ac_i in 1 2 3 4 5 6 7; do
+ ac_script="$ac_script$as_nl$ac_script"
+ done
+ echo "$ac_script" 2>/dev/null | sed 99q >conftest.sed
+ { ac_script=; unset ac_script;}
+ if test -z "$SED"; then
+ ac_path_SED_found=false
+ # Loop through the user's path and test for each of PROGNAME-LIST
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_prog in sed gsed
+ do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_SED="$as_dir$ac_prog$ac_exec_ext"
+ as_fn_executable_p "$ac_path_SED" || continue
+# Check for GNU ac_path_SED and select it if it is found.
+ # Check for GNU $ac_path_SED
+case `"$ac_path_SED" --version 2>&1` in
+*GNU*)
+ ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;;
+*)
+ ac_count=0
+ printf %s 0123456789 >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ printf "%s\n" '' >> "conftest.nl"
+ "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ as_fn_arith $ac_count + 1 && ac_count=$as_val
+ if test $ac_count -gt ${ac_path_SED_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_SED="$ac_path_SED"
+ ac_path_SED_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+ $ac_path_SED_found && break 3
+ done
+ done
+ done
+IFS=$as_save_IFS
+ if test -z "$ac_cv_path_SED"; then
+ as_fn_error $? "no acceptable sed could be found in \$PATH" "$LINENO" 5
+ fi
+else
+ ac_cv_path_SED=$SED
+fi
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5
+printf "%s\n" "$ac_cv_path_SED" >&6; }
+ SED="$ac_cv_path_SED"
+ rm -f conftest.sed
+
+test -z "$SED" && SED=sed
+Xsed="$SED -e 1s/^X//"
+
+
+
+
+
+
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5
+printf %s "checking for grep that handles long lines and -e... " >&6; }
+if test ${ac_cv_path_GREP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -z "$GREP"; then
+ ac_path_GREP_found=false
+ # Loop through the user's path and test for each of PROGNAME-LIST
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_prog in grep ggrep
+ do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_GREP="$as_dir$ac_prog$ac_exec_ext"
+ as_fn_executable_p "$ac_path_GREP" || continue
+# Check for GNU ac_path_GREP and select it if it is found.
+ # Check for GNU $ac_path_GREP
+case `"$ac_path_GREP" --version 2>&1` in
+*GNU*)
+ ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;;
+*)
+ ac_count=0
+ printf %s 0123456789 >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ printf "%s\n" 'GREP' >> "conftest.nl"
+ "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ as_fn_arith $ac_count + 1 && ac_count=$as_val
+ if test $ac_count -gt ${ac_path_GREP_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_GREP="$ac_path_GREP"
+ ac_path_GREP_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+ $ac_path_GREP_found && break 3
+ done
+ done
+ done
+IFS=$as_save_IFS
+ if test -z "$ac_cv_path_GREP"; then
+ as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+ fi
+else
+ ac_cv_path_GREP=$GREP
+fi
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5
+printf "%s\n" "$ac_cv_path_GREP" >&6; }
+ GREP="$ac_cv_path_GREP"
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5
+printf %s "checking for egrep... " >&6; }
+if test ${ac_cv_path_EGREP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
+ then ac_cv_path_EGREP="$GREP -E"
+ else
+ if test -z "$EGREP"; then
+ ac_path_EGREP_found=false
+ # Loop through the user's path and test for each of PROGNAME-LIST
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_prog in egrep
+ do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_EGREP="$as_dir$ac_prog$ac_exec_ext"
+ as_fn_executable_p "$ac_path_EGREP" || continue
+# Check for GNU ac_path_EGREP and select it if it is found.
+ # Check for GNU $ac_path_EGREP
+case `"$ac_path_EGREP" --version 2>&1` in
+*GNU*)
+ ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
+*)
+ ac_count=0
+ printf %s 0123456789 >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ printf "%s\n" 'EGREP' >> "conftest.nl"
+ "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ as_fn_arith $ac_count + 1 && ac_count=$as_val
+ if test $ac_count -gt ${ac_path_EGREP_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_EGREP="$ac_path_EGREP"
+ ac_path_EGREP_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+ $ac_path_EGREP_found && break 3
+ done
+ done
+ done
+IFS=$as_save_IFS
+ if test -z "$ac_cv_path_EGREP"; then
+ as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+ fi
+else
+ ac_cv_path_EGREP=$EGREP
+fi
+
+ fi
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5
+printf "%s\n" "$ac_cv_path_EGREP" >&6; }
+ EGREP="$ac_cv_path_EGREP"
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5
+printf %s "checking for fgrep... " >&6; }
+if test ${ac_cv_path_FGREP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1
+ then ac_cv_path_FGREP="$GREP -F"
+ else
+ if test -z "$FGREP"; then
+ ac_path_FGREP_found=false
+ # Loop through the user's path and test for each of PROGNAME-LIST
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_prog in fgrep
+ do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_FGREP="$as_dir$ac_prog$ac_exec_ext"
+ as_fn_executable_p "$ac_path_FGREP" || continue
+# Check for GNU ac_path_FGREP and select it if it is found.
+ # Check for GNU $ac_path_FGREP
+case `"$ac_path_FGREP" --version 2>&1` in
+*GNU*)
+ ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;;
+*)
+ ac_count=0
+ printf %s 0123456789 >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ printf "%s\n" 'FGREP' >> "conftest.nl"
+ "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ as_fn_arith $ac_count + 1 && ac_count=$as_val
+ if test $ac_count -gt ${ac_path_FGREP_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_FGREP="$ac_path_FGREP"
+ ac_path_FGREP_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+ $ac_path_FGREP_found && break 3
+ done
+ done
+ done
+IFS=$as_save_IFS
+ if test -z "$ac_cv_path_FGREP"; then
+ as_fn_error $? "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+ fi
+else
+ ac_cv_path_FGREP=$FGREP
+fi
+
+ fi
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_FGREP" >&5
+printf "%s\n" "$ac_cv_path_FGREP" >&6; }
+ FGREP="$ac_cv_path_FGREP"
+
+
+test -z "$GREP" && GREP=grep
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+# Check whether --with-gnu-ld was given.
+if test ${with_gnu_ld+y}
+then :
+ withval=$with_gnu_ld; test no = "$withval" || with_gnu_ld=yes
+else $as_nop
+ with_gnu_ld=no
+fi
+
+ac_prog=ld
+if test yes = "$GCC"; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5
+printf %s "checking for ld used by $CC... " >&6; }
+ case $host in
+ *-*-mingw*)
+ # gcc leaves a trailing carriage return, which upsets mingw
+ ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+ *)
+ ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+ esac
+ case $ac_prog in
+ # Accept absolute paths.
+ [\\/]* | ?:[\\/]*)
+ re_direlt='/[^/][^/]*/\.\./'
+ # Canonicalize the pathname of ld
+ ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'`
+ while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do
+ ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"`
+ done
+ test -z "$LD" && LD=$ac_prog
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test yes = "$with_gnu_ld"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5
+printf %s "checking for GNU ld... " >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5
+printf %s "checking for non-GNU ld... " >&6; }
+fi
+if test ${lt_cv_path_LD+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -z "$LD"; then
+ lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH; do
+ IFS=$lt_save_ifs
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+ lt_cv_path_LD=$ac_dir/$ac_prog
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some variants of GNU ld only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ case `"$lt_cv_path_LD" -v 2>&1 </dev/null` in
+ *GNU* | *'with BFD'*)
+ test no != "$with_gnu_ld" && break
+ ;;
+ *)
+ test yes != "$with_gnu_ld" && break
+ ;;
+ esac
+ fi
+ done
+ IFS=$lt_save_ifs
+else
+ lt_cv_path_LD=$LD # Let the user override the test with a path.
+fi
+fi
+
+LD=$lt_cv_path_LD
+if test -n "$LD"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LD" >&5
+printf "%s\n" "$LD" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5
+printf %s "checking if the linker ($LD) is GNU ld... " >&6; }
+if test ${lt_cv_prog_gnu_ld+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ # I'd rather use --version here, but apparently some GNU lds only accept -v.
+case `$LD -v 2>&1 </dev/null` in
+*GNU* | *'with BFD'*)
+ lt_cv_prog_gnu_ld=yes
+ ;;
+*)
+ lt_cv_prog_gnu_ld=no
+ ;;
+esac
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_gnu_ld" >&5
+printf "%s\n" "$lt_cv_prog_gnu_ld" >&6; }
+with_gnu_ld=$lt_cv_prog_gnu_ld
+
+
+
+
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5
+printf %s "checking for BSD- or MS-compatible name lister (nm)... " >&6; }
+if test ${lt_cv_path_NM+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$NM"; then
+ # Let the user override the test.
+ lt_cv_path_NM=$NM
+else
+ lt_nm_to_check=${ac_tool_prefix}nm
+ if test -n "$ac_tool_prefix" && test "$build" = "$host"; then
+ lt_nm_to_check="$lt_nm_to_check nm"
+ fi
+ for lt_tmp_nm in $lt_nm_to_check; do
+ lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do
+ IFS=$lt_save_ifs
+ test -z "$ac_dir" && ac_dir=.
+ tmp_nm=$ac_dir/$lt_tmp_nm
+ if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext"; then
+ # Check to see if the nm accepts a BSD-compat flag.
+ # Adding the 'sed 1q' prevents false positives on HP-UX, which says:
+ # nm: unknown option "B" ignored
+ # Tru64's nm complains that /dev/null is an invalid object file
+ # MSYS converts /dev/null to NUL, MinGW nm treats NUL as empty
+ case $build_os in
+ mingw*) lt_bad_file=conftest.nm/nofile ;;
+ *) lt_bad_file=/dev/null ;;
+ esac
+ case `"$tmp_nm" -B $lt_bad_file 2>&1 | $SED '1q'` in
+ *$lt_bad_file* | *'Invalid file or object type'*)
+ lt_cv_path_NM="$tmp_nm -B"
+ break 2
+ ;;
+ *)
+ case `"$tmp_nm" -p /dev/null 2>&1 | $SED '1q'` in
+ */dev/null*)
+ lt_cv_path_NM="$tmp_nm -p"
+ break 2
+ ;;
+ *)
+ lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but
+ continue # so that we can try to find one that supports BSD flags
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ done
+ IFS=$lt_save_ifs
+ done
+ : ${lt_cv_path_NM=no}
+fi
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_NM" >&5
+printf "%s\n" "$lt_cv_path_NM" >&6; }
+if test no != "$lt_cv_path_NM"; then
+ NM=$lt_cv_path_NM
+else
+ # Didn't find any BSD compatible name lister, look for dumpbin.
+ if test -n "$DUMPBIN"; then :
+ # Let the user override the test.
+ else
+ if test -n "$ac_tool_prefix"; then
+ for ac_prog in dumpbin "link -dump"
+ do
+ # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_DUMPBIN+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$DUMPBIN"; then
+ ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+DUMPBIN=$ac_cv_prog_DUMPBIN
+if test -n "$DUMPBIN"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DUMPBIN" >&5
+printf "%s\n" "$DUMPBIN" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ test -n "$DUMPBIN" && break
+ done
+fi
+if test -z "$DUMPBIN"; then
+ ac_ct_DUMPBIN=$DUMPBIN
+ for ac_prog in dumpbin "link -dump"
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_DUMPBIN+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_DUMPBIN"; then
+ ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_DUMPBIN="$ac_prog"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN
+if test -n "$ac_ct_DUMPBIN"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DUMPBIN" >&5
+printf "%s\n" "$ac_ct_DUMPBIN" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ test -n "$ac_ct_DUMPBIN" && break
+done
+
+ if test "x$ac_ct_DUMPBIN" = x; then
+ DUMPBIN=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ DUMPBIN=$ac_ct_DUMPBIN
+ fi
+fi
+
+ case `$DUMPBIN -symbols -headers /dev/null 2>&1 | $SED '1q'` in
+ *COFF*)
+ DUMPBIN="$DUMPBIN -symbols -headers"
+ ;;
+ *)
+ DUMPBIN=:
+ ;;
+ esac
+ fi
+
+ if test : != "$DUMPBIN"; then
+ NM=$DUMPBIN
+ fi
+fi
+test -z "$NM" && NM=nm
+
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5
+printf %s "checking the name lister ($NM) interface... " >&6; }
+if test ${lt_cv_nm_interface+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_nm_interface="BSD nm"
+ echo "int some_variable = 0;" > conftest.$ac_ext
+ (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5)
+ (eval "$ac_compile" 2>conftest.err)
+ cat conftest.err >&5
+ (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
+ (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
+ cat conftest.err >&5
+ (eval echo "\"\$as_me:$LINENO: output\"" >&5)
+ cat conftest.out >&5
+ if $GREP 'External.*some_variable' conftest.out > /dev/null; then
+ lt_cv_nm_interface="MS dumpbin"
+ fi
+ rm -f conftest*
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5
+printf "%s\n" "$lt_cv_nm_interface" >&6; }
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5
+printf %s "checking whether ln -s works... " >&6; }
+LN_S=$as_ln_s
+if test "$LN_S" = "ln -s"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5
+printf "%s\n" "no, using $LN_S" >&6; }
+fi
+
+# find the maximum length of command line arguments
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5
+printf %s "checking the maximum length of command line arguments... " >&6; }
+if test ${lt_cv_sys_max_cmd_len+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ i=0
+ teststring=ABCD
+
+ case $build_os in
+ msdosdjgpp*)
+ # On DJGPP, this test can blow up pretty badly due to problems in libc
+ # (any single argument exceeding 2000 bytes causes a buffer overrun
+ # during glob expansion). Even if it were fixed, the result of this
+ # check would be larger than it should be.
+ lt_cv_sys_max_cmd_len=12288; # 12K is about right
+ ;;
+
+ gnu*)
+ # Under GNU Hurd, this test is not required because there is
+ # no limit to the length of command line arguments.
+ # Libtool will interpret -1 as no limit whatsoever
+ lt_cv_sys_max_cmd_len=-1;
+ ;;
+
+ cygwin* | mingw* | cegcc*)
+ # On Win9x/ME, this test blows up -- it succeeds, but takes
+ # about 5 minutes as the teststring grows exponentially.
+ # Worse, since 9x/ME are not pre-emptively multitasking,
+ # you end up with a "frozen" computer, even though with patience
+ # the test eventually succeeds (with a max line length of 256k).
+ # Instead, let's just punt: use the minimum linelength reported by
+ # all of the supported platforms: 8192 (on NT/2K/XP).
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ mint*)
+ # On MiNT this can take a long time and run out of memory.
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ amigaos*)
+ # On AmigaOS with pdksh, this test takes hours, literally.
+ # So we just punt and use a minimum line length of 8192.
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ bitrig* | darwin* | dragonfly* | freebsd* | midnightbsd* | netbsd* | openbsd*)
+ # This has been around since 386BSD, at least. Likely further.
+ if test -x /sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
+ elif test -x /usr/sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax`
+ else
+ lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs
+ fi
+ # And add a safety zone
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+ ;;
+
+ interix*)
+ # We know the value 262144 and hardcode it with a safety zone (like BSD)
+ lt_cv_sys_max_cmd_len=196608
+ ;;
+
+ os2*)
+ # The test takes a long time on OS/2.
+ lt_cv_sys_max_cmd_len=8192
+ ;;
+
+ osf*)
+ # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
+ # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
+ # nice to cause kernel panics so lets avoid the loop below.
+ # First set a reasonable default.
+ lt_cv_sys_max_cmd_len=16384
+ #
+ if test -x /sbin/sysconfig; then
+ case `/sbin/sysconfig -q proc exec_disable_arg_limit` in
+ *1*) lt_cv_sys_max_cmd_len=-1 ;;
+ esac
+ fi
+ ;;
+ sco3.2v5*)
+ lt_cv_sys_max_cmd_len=102400
+ ;;
+ sysv5* | sco5v6* | sysv4.2uw2*)
+ kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
+ if test -n "$kargmax"; then
+ lt_cv_sys_max_cmd_len=`echo $kargmax | $SED 's/.*[ ]//'`
+ else
+ lt_cv_sys_max_cmd_len=32768
+ fi
+ ;;
+ *)
+ lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null`
+ if test -n "$lt_cv_sys_max_cmd_len" && \
+ test undefined != "$lt_cv_sys_max_cmd_len"; then
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+ else
+ # Make teststring a little bigger before we do anything with it.
+ # a 1K string should be a reasonable start.
+ for i in 1 2 3 4 5 6 7 8; do
+ teststring=$teststring$teststring
+ done
+ SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
+ # If test is not a shell built-in, we'll probably end up computing a
+ # maximum length that is only half of the actual maximum length, but
+ # we can't tell.
+ while { test X`env echo "$teststring$teststring" 2>/dev/null` \
+ = "X$teststring$teststring"; } >/dev/null 2>&1 &&
+ test 17 != "$i" # 1/2 MB should be enough
+ do
+ i=`expr $i + 1`
+ teststring=$teststring$teststring
+ done
+ # Only check the string length outside the loop.
+ lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1`
+ teststring=
+ # Add a significant safety factor because C++ compilers can tack on
+ # massive amounts of additional arguments before passing them to the
+ # linker. It appears as though 1/2 is a usable value.
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2`
+ fi
+ ;;
+ esac
+
+fi
+
+if test -n "$lt_cv_sys_max_cmd_len"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sys_max_cmd_len" >&5
+printf "%s\n" "$lt_cv_sys_max_cmd_len" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none" >&5
+printf "%s\n" "none" >&6; }
+fi
+max_cmd_len=$lt_cv_sys_max_cmd_len
+
+
+
+
+
+
+: ${CP="cp -f"}
+: ${MV="mv -f"}
+: ${RM="rm -f"}
+
+if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
+ lt_unset=unset
+else
+ lt_unset=false
+fi
+
+
+
+
+
+# test EBCDIC or ASCII
+case `echo X|tr X '\101'` in
+ A) # ASCII based system
+ # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr
+ lt_SP2NL='tr \040 \012'
+ lt_NL2SP='tr \015\012 \040\040'
+ ;;
+ *) # EBCDIC based system
+ lt_SP2NL='tr \100 \n'
+ lt_NL2SP='tr \r\n \100\100'
+ ;;
+esac
+
+
+
+
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5
+printf %s "checking how to convert $build file names to $host format... " >&6; }
+if test ${lt_cv_to_host_file_cmd+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $host in
+ *-*-mingw* )
+ case $build in
+ *-*-mingw* ) # actually msys
+ lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32
+ ;;
+ *-*-cygwin* )
+ lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32
+ ;;
+ * ) # otherwise, assume *nix
+ lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32
+ ;;
+ esac
+ ;;
+ *-*-cygwin* )
+ case $build in
+ *-*-mingw* ) # actually msys
+ lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin
+ ;;
+ *-*-cygwin* )
+ lt_cv_to_host_file_cmd=func_convert_file_noop
+ ;;
+ * ) # otherwise, assume *nix
+ lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin
+ ;;
+ esac
+ ;;
+ * ) # unhandled hosts (and "normal" native builds)
+ lt_cv_to_host_file_cmd=func_convert_file_noop
+ ;;
+esac
+
+fi
+
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5
+printf "%s\n" "$lt_cv_to_host_file_cmd" >&6; }
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5
+printf %s "checking how to convert $build file names to toolchain format... " >&6; }
+if test ${lt_cv_to_tool_file_cmd+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ #assume ordinary cross tools, or native build.
+lt_cv_to_tool_file_cmd=func_convert_file_noop
+case $host in
+ *-*-mingw* )
+ case $build in
+ *-*-mingw* ) # actually msys
+ lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32
+ ;;
+ esac
+ ;;
+esac
+
+fi
+
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5
+printf "%s\n" "$lt_cv_to_tool_file_cmd" >&6; }
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5
+printf %s "checking for $LD option to reload object files... " >&6; }
+if test ${lt_cv_ld_reload_flag+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_ld_reload_flag='-r'
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_reload_flag" >&5
+printf "%s\n" "$lt_cv_ld_reload_flag" >&6; }
+reload_flag=$lt_cv_ld_reload_flag
+case $reload_flag in
+"" | " "*) ;;
+*) reload_flag=" $reload_flag" ;;
+esac
+reload_cmds='$LD$reload_flag -o $output$reload_objs'
+case $host_os in
+ cygwin* | mingw* | pw32* | cegcc*)
+ if test yes != "$GCC"; then
+ reload_cmds=false
+ fi
+ ;;
+ darwin*)
+ if test yes = "$GCC"; then
+ reload_cmds='$LTCC $LTCFLAGS -nostdlib $wl-r -o $output$reload_objs'
+ else
+ reload_cmds='$LD$reload_flag -o $output$reload_objs'
+ fi
+ ;;
+esac
+
+
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}file", so it can be a program name with args.
+set dummy ${ac_tool_prefix}file; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_FILECMD+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$FILECMD"; then
+ ac_cv_prog_FILECMD="$FILECMD" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_FILECMD="${ac_tool_prefix}file"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+FILECMD=$ac_cv_prog_FILECMD
+if test -n "$FILECMD"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $FILECMD" >&5
+printf "%s\n" "$FILECMD" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_FILECMD"; then
+ ac_ct_FILECMD=$FILECMD
+ # Extract the first word of "file", so it can be a program name with args.
+set dummy file; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_FILECMD+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_FILECMD"; then
+ ac_cv_prog_ac_ct_FILECMD="$ac_ct_FILECMD" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_FILECMD="file"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_FILECMD=$ac_cv_prog_ac_ct_FILECMD
+if test -n "$ac_ct_FILECMD"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_FILECMD" >&5
+printf "%s\n" "$ac_ct_FILECMD" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_FILECMD" = x; then
+ FILECMD=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ FILECMD=$ac_ct_FILECMD
+ fi
+else
+ FILECMD="$ac_cv_prog_FILECMD"
+fi
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args.
+set dummy ${ac_tool_prefix}objdump; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_OBJDUMP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$OBJDUMP"; then
+ ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+OBJDUMP=$ac_cv_prog_OBJDUMP
+if test -n "$OBJDUMP"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5
+printf "%s\n" "$OBJDUMP" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_OBJDUMP"; then
+ ac_ct_OBJDUMP=$OBJDUMP
+ # Extract the first word of "objdump", so it can be a program name with args.
+set dummy objdump; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_OBJDUMP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_OBJDUMP"; then
+ ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_OBJDUMP="objdump"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP
+if test -n "$ac_ct_OBJDUMP"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5
+printf "%s\n" "$ac_ct_OBJDUMP" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_OBJDUMP" = x; then
+ OBJDUMP="false"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ OBJDUMP=$ac_ct_OBJDUMP
+ fi
+else
+ OBJDUMP="$ac_cv_prog_OBJDUMP"
+fi
+
+test -z "$OBJDUMP" && OBJDUMP=objdump
+
+
+
+
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5
+printf %s "checking how to recognize dependent libraries... " >&6; }
+if test ${lt_cv_deplibs_check_method+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_file_magic_cmd='$MAGIC_CMD'
+lt_cv_file_magic_test_file=
+lt_cv_deplibs_check_method='unknown'
+# Need to set the preceding variable on all platforms that support
+# interlibrary dependencies.
+# 'none' -- dependencies not supported.
+# 'unknown' -- same as none, but documents that we really don't know.
+# 'pass_all' -- all dependencies passed with no checks.
+# 'test_compile' -- check by making test program.
+# 'file_magic [[regex]]' -- check by looking for files in library path
+# that responds to the $file_magic_cmd with a given extended regex.
+# If you have 'file' or equivalent on your system and you're not sure
+# whether 'pass_all' will *always* work, you probably want this one.
+
+case $host_os in
+aix[4-9]*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+beos*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+bsdi[45]*)
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)'
+ lt_cv_file_magic_cmd='$FILECMD -L'
+ lt_cv_file_magic_test_file=/shlib/libc.so
+ ;;
+
+cygwin*)
+ # func_win32_libid is a shell function defined in ltmain.sh
+ lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+ lt_cv_file_magic_cmd='func_win32_libid'
+ ;;
+
+mingw* | pw32*)
+ # Base MSYS/MinGW do not provide the 'file' command needed by
+ # func_win32_libid shell function, so use a weaker test based on 'objdump',
+ # unless we find 'file', for example because we are cross-compiling.
+ if ( file / ) >/dev/null 2>&1; then
+ lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+ lt_cv_file_magic_cmd='func_win32_libid'
+ else
+ # Keep this pattern in sync with the one in func_win32_libid.
+ lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)'
+ lt_cv_file_magic_cmd='$OBJDUMP -f'
+ fi
+ ;;
+
+cegcc*)
+ # use the weaker test based on 'objdump'. See mingw*.
+ lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?'
+ lt_cv_file_magic_cmd='$OBJDUMP -f'
+ ;;
+
+darwin* | rhapsody*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+freebsd* | dragonfly* | midnightbsd*)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+ case $host_cpu in
+ i*86 )
+ # Not sure whether the presence of OpenBSD here was a mistake.
+ # Let's accept both of them until this is cleared up.
+ lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library'
+ lt_cv_file_magic_cmd=$FILECMD
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
+ ;;
+ esac
+ else
+ lt_cv_deplibs_check_method=pass_all
+ fi
+ ;;
+
+haiku*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+hpux10.20* | hpux11*)
+ lt_cv_file_magic_cmd=$FILECMD
+ case $host_cpu in
+ ia64*)
+ lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64'
+ lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
+ ;;
+ hppa*64*)
+ lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]'
+ lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
+ ;;
+ *)
+ lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9]\.[0-9]) shared library'
+ lt_cv_file_magic_test_file=/usr/lib/libc.sl
+ ;;
+ esac
+ ;;
+
+interix[3-9]*)
+ # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$'
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $LD in
+ *-32|*"-32 ") libmagic=32-bit;;
+ *-n32|*"-n32 ") libmagic=N32;;
+ *-64|*"-64 ") libmagic=64-bit;;
+ *) libmagic=never-match;;
+ esac
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+netbsd* | netbsdelf*-gnu)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$'
+ fi
+ ;;
+
+newos6*)
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)'
+ lt_cv_file_magic_cmd=$FILECMD
+ lt_cv_file_magic_test_file=/usr/lib/libnls.so
+ ;;
+
+*nto* | *qnx*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+openbsd* | bitrig*)
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`"; then
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$'
+ fi
+ ;;
+
+osf3* | osf4* | osf5*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+rdos*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+solaris*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+sysv4 | sysv4.3*)
+ case $host_vendor in
+ motorola)
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]'
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*`
+ ;;
+ ncr)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ sequent)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )'
+ ;;
+ sni)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib"
+ lt_cv_file_magic_test_file=/lib/libc.so
+ ;;
+ siemens)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ pc)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ esac
+ ;;
+
+tpf*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+os2*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+esac
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_deplibs_check_method" >&5
+printf "%s\n" "$lt_cv_deplibs_check_method" >&6; }
+
+file_magic_glob=
+want_nocaseglob=no
+if test "$build" = "$host"; then
+ case $host_os in
+ mingw* | pw32*)
+ if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then
+ want_nocaseglob=yes
+ else
+ file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[\1]\/[\1]\/g;/g"`
+ fi
+ ;;
+ esac
+fi
+
+file_magic_cmd=$lt_cv_file_magic_cmd
+deplibs_check_method=$lt_cv_deplibs_check_method
+test -z "$deplibs_check_method" && deplibs_check_method=unknown
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args.
+set dummy ${ac_tool_prefix}dlltool; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_DLLTOOL+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$DLLTOOL"; then
+ ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+DLLTOOL=$ac_cv_prog_DLLTOOL
+if test -n "$DLLTOOL"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5
+printf "%s\n" "$DLLTOOL" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_DLLTOOL"; then
+ ac_ct_DLLTOOL=$DLLTOOL
+ # Extract the first word of "dlltool", so it can be a program name with args.
+set dummy dlltool; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_DLLTOOL+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_DLLTOOL"; then
+ ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_DLLTOOL="dlltool"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL
+if test -n "$ac_ct_DLLTOOL"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5
+printf "%s\n" "$ac_ct_DLLTOOL" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_DLLTOOL" = x; then
+ DLLTOOL="false"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ DLLTOOL=$ac_ct_DLLTOOL
+ fi
+else
+ DLLTOOL="$ac_cv_prog_DLLTOOL"
+fi
+
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+
+
+
+
+
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to associate runtime and link libraries" >&5
+printf %s "checking how to associate runtime and link libraries... " >&6; }
+if test ${lt_cv_sharedlib_from_linklib_cmd+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_sharedlib_from_linklib_cmd='unknown'
+
+case $host_os in
+cygwin* | mingw* | pw32* | cegcc*)
+ # two different shell functions defined in ltmain.sh;
+ # decide which one to use based on capabilities of $DLLTOOL
+ case `$DLLTOOL --help 2>&1` in
+ *--identify-strict*)
+ lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib
+ ;;
+ *)
+ lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback
+ ;;
+ esac
+ ;;
+*)
+ # fallback: assume linklib IS sharedlib
+ lt_cv_sharedlib_from_linklib_cmd=$ECHO
+ ;;
+esac
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5
+printf "%s\n" "$lt_cv_sharedlib_from_linklib_cmd" >&6; }
+sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd
+test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO
+
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ for ac_prog in ar
+ do
+ # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_AR+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$AR"; then
+ ac_cv_prog_AR="$AR" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_AR="$ac_tool_prefix$ac_prog"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+AR=$ac_cv_prog_AR
+if test -n "$AR"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $AR" >&5
+printf "%s\n" "$AR" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ test -n "$AR" && break
+ done
+fi
+if test -z "$AR"; then
+ ac_ct_AR=$AR
+ for ac_prog in ar
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_AR+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_AR"; then
+ ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_AR="$ac_prog"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_AR=$ac_cv_prog_ac_ct_AR
+if test -n "$ac_ct_AR"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5
+printf "%s\n" "$ac_ct_AR" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ test -n "$ac_ct_AR" && break
+done
+
+ if test "x$ac_ct_AR" = x; then
+ AR="false"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ AR=$ac_ct_AR
+ fi
+fi
+
+: ${AR=ar}
+
+
+
+
+
+
+# Use ARFLAGS variable as AR's operation code to sync the variable naming with
+# Automake. If both AR_FLAGS and ARFLAGS are specified, AR_FLAGS should have
+# higher priority because thats what people were doing historically (setting
+# ARFLAGS for automake and AR_FLAGS for libtool). FIXME: Make the AR_FLAGS
+# variable obsoleted/removed.
+
+test ${AR_FLAGS+y} || AR_FLAGS=${ARFLAGS-cr}
+lt_ar_flags=$AR_FLAGS
+
+
+
+
+
+
+# Make AR_FLAGS overridable by 'make ARFLAGS='. Don't try to run-time override
+# by AR_FLAGS because that was never working and AR_FLAGS is about to die.
+
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for archiver @FILE support" >&5
+printf %s "checking for archiver @FILE support... " >&6; }
+if test ${lt_cv_ar_at_file+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_ar_at_file=no
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ echo conftest.$ac_objext > conftest.lst
+ lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&5'
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5
+ (eval $lt_ar_try) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+ if test 0 -eq "$ac_status"; then
+ # Ensure the archiver fails upon bogus file names.
+ rm -f conftest.$ac_objext libconftest.a
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5
+ (eval $lt_ar_try) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+ if test 0 -ne "$ac_status"; then
+ lt_cv_ar_at_file=@
+ fi
+ fi
+ rm -f conftest.* libconftest.a
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ar_at_file" >&5
+printf "%s\n" "$lt_cv_ar_at_file" >&6; }
+
+if test no = "$lt_cv_ar_at_file"; then
+ archiver_list_spec=
+else
+ archiver_list_spec=$lt_cv_ar_at_file
+fi
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
+set dummy ${ac_tool_prefix}strip; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_STRIP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$STRIP"; then
+ ac_cv_prog_STRIP="$STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_STRIP="${ac_tool_prefix}strip"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+STRIP=$ac_cv_prog_STRIP
+if test -n "$STRIP"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5
+printf "%s\n" "$STRIP" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_STRIP"; then
+ ac_ct_STRIP=$STRIP
+ # Extract the first word of "strip", so it can be a program name with args.
+set dummy strip; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_STRIP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_STRIP"; then
+ ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_STRIP="strip"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP
+if test -n "$ac_ct_STRIP"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5
+printf "%s\n" "$ac_ct_STRIP" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_STRIP" = x; then
+ STRIP=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ STRIP=$ac_ct_STRIP
+ fi
+else
+ STRIP="$ac_cv_prog_STRIP"
+fi
+
+test -z "$STRIP" && STRIP=:
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args.
+set dummy ${ac_tool_prefix}ranlib; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_RANLIB+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$RANLIB"; then
+ ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+RANLIB=$ac_cv_prog_RANLIB
+if test -n "$RANLIB"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5
+printf "%s\n" "$RANLIB" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_RANLIB"; then
+ ac_ct_RANLIB=$RANLIB
+ # Extract the first word of "ranlib", so it can be a program name with args.
+set dummy ranlib; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_RANLIB+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_RANLIB"; then
+ ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_RANLIB="ranlib"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB
+if test -n "$ac_ct_RANLIB"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5
+printf "%s\n" "$ac_ct_RANLIB" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_RANLIB" = x; then
+ RANLIB=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ RANLIB=$ac_ct_RANLIB
+ fi
+else
+ RANLIB="$ac_cv_prog_RANLIB"
+fi
+
+test -z "$RANLIB" && RANLIB=:
+
+
+
+
+
+
+# Determine commands to create old-style static archives.
+old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs'
+old_postinstall_cmds='chmod 644 $oldlib'
+old_postuninstall_cmds=
+
+if test -n "$RANLIB"; then
+ case $host_os in
+ bitrig* | openbsd*)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib"
+ ;;
+ *)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib"
+ ;;
+ esac
+ old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib"
+fi
+
+case $host_os in
+ darwin*)
+ lock_old_archive_extraction=yes ;;
+ *)
+ lock_old_archive_extraction=no ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+
+# Check for command to grab the raw symbol name followed by C symbol from nm.
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking command to parse $NM output from $compiler object" >&5
+printf %s "checking command to parse $NM output from $compiler object... " >&6; }
+if test ${lt_cv_sys_global_symbol_pipe+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+
+# These are sane defaults that work on at least a few old systems.
+# [They come from Ultrix. What could be older than Ultrix?!! ;)]
+
+# Character class describing NM global symbol codes.
+symcode='[BCDEGRST]'
+
+# Regexp to match symbols that can be accessed directly from C.
+sympat='\([_A-Za-z][_A-Za-z0-9]*\)'
+
+# Define system-specific variables.
+case $host_os in
+aix*)
+ symcode='[BCDT]'
+ ;;
+cygwin* | mingw* | pw32* | cegcc*)
+ symcode='[ABCDGISTW]'
+ ;;
+hpux*)
+ if test ia64 = "$host_cpu"; then
+ symcode='[ABCDEGRST]'
+ fi
+ ;;
+irix* | nonstopux*)
+ symcode='[BCDEGRST]'
+ ;;
+osf*)
+ symcode='[BCDEGQRST]'
+ ;;
+solaris*)
+ symcode='[BDRT]'
+ ;;
+sco3.2v5*)
+ symcode='[DT]'
+ ;;
+sysv4.2uw2*)
+ symcode='[DT]'
+ ;;
+sysv5* | sco5v6* | unixware* | OpenUNIX*)
+ symcode='[ABDT]'
+ ;;
+sysv4)
+ symcode='[DFNSTU]'
+ ;;
+esac
+
+# If we're using GNU nm, then use its standard symbol codes.
+case `$NM -V 2>&1` in
+*GNU* | *'with BFD'*)
+ symcode='[ABCDGIRSTW]' ;;
+esac
+
+if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+ # Gets list of data symbols to import.
+ lt_cv_sys_global_symbol_to_import="$SED -n -e 's/^I .* \(.*\)$/\1/p'"
+ # Adjust the below global symbol transforms to fixup imported variables.
+ lt_cdecl_hook=" -e 's/^I .* \(.*\)$/extern __declspec(dllimport) char \1;/p'"
+ lt_c_name_hook=" -e 's/^I .* \(.*\)$/ {\"\1\", (void *) 0},/p'"
+ lt_c_name_lib_hook="\
+ -e 's/^I .* \(lib.*\)$/ {\"\1\", (void *) 0},/p'\
+ -e 's/^I .* \(.*\)$/ {\"lib\1\", (void *) 0},/p'"
+else
+ # Disable hooks by default.
+ lt_cv_sys_global_symbol_to_import=
+ lt_cdecl_hook=
+ lt_c_name_hook=
+ lt_c_name_lib_hook=
+fi
+
+# Transform an extracted symbol line into a proper C declaration.
+# Some systems (esp. on ia64) link data and code symbols differently,
+# so use this general approach.
+lt_cv_sys_global_symbol_to_cdecl="$SED -n"\
+$lt_cdecl_hook\
+" -e 's/^T .* \(.*\)$/extern int \1();/p'"\
+" -e 's/^$symcode$symcode* .* \(.*\)$/extern char \1;/p'"
+
+# Transform an extracted symbol line into symbol name and symbol address
+lt_cv_sys_global_symbol_to_c_name_address="$SED -n"\
+$lt_c_name_hook\
+" -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\
+" -e 's/^$symcode$symcode* .* \(.*\)$/ {\"\1\", (void *) \&\1},/p'"
+
+# Transform an extracted symbol line into symbol name with lib prefix and
+# symbol address.
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="$SED -n"\
+$lt_c_name_lib_hook\
+" -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\
+" -e 's/^$symcode$symcode* .* \(lib.*\)$/ {\"\1\", (void *) \&\1},/p'"\
+" -e 's/^$symcode$symcode* .* \(.*\)$/ {\"lib\1\", (void *) \&\1},/p'"
+
+# Handle CRLF in mingw tool chain
+opt_cr=
+case $build_os in
+mingw*)
+ opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp
+ ;;
+esac
+
+# Try without a prefix underscore, then with it.
+for ac_symprfx in "" "_"; do
+
+ # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol.
+ symxfrm="\\1 $ac_symprfx\\2 \\2"
+
+ # Write the raw and C identifiers.
+ if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+ # Fake it for dumpbin and say T for any non-static function,
+ # D for any global variable and I for any imported variable.
+ # Also find C++ and __fastcall symbols from MSVC++ or ICC,
+ # which start with @ or ?.
+ lt_cv_sys_global_symbol_pipe="$AWK '"\
+" {last_section=section; section=\$ 3};"\
+" /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\
+" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\
+" /^ *Symbol name *: /{split(\$ 0,sn,\":\"); si=substr(sn[2],2)};"\
+" /^ *Type *: code/{print \"T\",si,substr(si,length(prfx))};"\
+" /^ *Type *: data/{print \"I\",si,substr(si,length(prfx))};"\
+" \$ 0!~/External *\|/{next};"\
+" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\
+" {if(hide[section]) next};"\
+" {f=\"D\"}; \$ 0~/\(\).*\|/{f=\"T\"};"\
+" {split(\$ 0,a,/\||\r/); split(a[2],s)};"\
+" s[1]~/^[@?]/{print f,s[1],s[1]; next};"\
+" s[1]~prfx {split(s[1],t,\"@\"); print f,t[1],substr(t[1],length(prfx))}"\
+" ' prfx=^$ac_symprfx"
+ else
+ lt_cv_sys_global_symbol_pipe="$SED -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
+ fi
+ lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | $SED '/ __gnu_lto/d'"
+
+ # Check to see that the pipe works correctly.
+ pipe_works=no
+
+ rm -f conftest*
+ cat > conftest.$ac_ext <<_LT_EOF
+#ifdef __cplusplus
+extern "C" {
+#endif
+char nm_test_var;
+void nm_test_func(void);
+void nm_test_func(void){}
+#ifdef __cplusplus
+}
+#endif
+int main(){nm_test_var='a';nm_test_func();return(0);}
+_LT_EOF
+
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ # Now try to grab the symbols.
+ nlist=conftest.nm
+ $ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&5
+ if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&5 && test -s "$nlist"; then
+ # Try sorting and uniquifying the output.
+ if sort "$nlist" | uniq > "$nlist"T; then
+ mv -f "$nlist"T "$nlist"
+ else
+ rm -f "$nlist"T
+ fi
+
+ # Make sure that we snagged all the symbols we need.
+ if $GREP ' nm_test_var$' "$nlist" >/dev/null; then
+ if $GREP ' nm_test_func$' "$nlist" >/dev/null; then
+ cat <<_LT_EOF > conftest.$ac_ext
+/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */
+#if defined _WIN32 || defined __CYGWIN__ || defined _WIN32_WCE
+/* DATA imports from DLLs on WIN32 can't be const, because runtime
+ relocations are performed -- see ld's documentation on pseudo-relocs. */
+# define LT_DLSYM_CONST
+#elif defined __osf__
+/* This system does not cope well with relocations in const data. */
+# define LT_DLSYM_CONST
+#else
+# define LT_DLSYM_CONST const
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+_LT_EOF
+ # Now generate the symbol file.
+ eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext'
+
+ cat <<_LT_EOF >> conftest.$ac_ext
+
+/* The mapping between symbol names and symbols. */
+LT_DLSYM_CONST struct {
+ const char *name;
+ void *address;
+}
+lt__PROGRAM__LTX_preloaded_symbols[] =
+{
+ { "@PROGRAM@", (void *) 0 },
+_LT_EOF
+ $SED "s/^$symcode$symcode* .* \(.*\)$/ {\"\1\", (void *) \&\1},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext
+ cat <<\_LT_EOF >> conftest.$ac_ext
+ {0, (void *) 0}
+};
+
+/* This works around a problem in FreeBSD linker */
+#ifdef FREEBSD_WORKAROUND
+static const void *lt_preloaded_setup() {
+ return lt__PROGRAM__LTX_preloaded_symbols;
+}
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+_LT_EOF
+ # Now try linking the two files.
+ mv conftest.$ac_objext conftstm.$ac_objext
+ lt_globsym_save_LIBS=$LIBS
+ lt_globsym_save_CFLAGS=$CFLAGS
+ LIBS=conftstm.$ac_objext
+ CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag"
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && test -s conftest$ac_exeext; then
+ pipe_works=yes
+ fi
+ LIBS=$lt_globsym_save_LIBS
+ CFLAGS=$lt_globsym_save_CFLAGS
+ else
+ echo "cannot find nm_test_func in $nlist" >&5
+ fi
+ else
+ echo "cannot find nm_test_var in $nlist" >&5
+ fi
+ else
+ echo "cannot run $lt_cv_sys_global_symbol_pipe" >&5
+ fi
+ else
+ echo "$progname: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ fi
+ rm -rf conftest* conftst*
+
+ # Do not use the global_symbol_pipe unless it works.
+ if test yes = "$pipe_works"; then
+ break
+ else
+ lt_cv_sys_global_symbol_pipe=
+ fi
+done
+
+fi
+
+if test -z "$lt_cv_sys_global_symbol_pipe"; then
+ lt_cv_sys_global_symbol_to_cdecl=
+fi
+if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: failed" >&5
+printf "%s\n" "failed" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: ok" >&5
+printf "%s\n" "ok" >&6; }
+fi
+
+# Response file support.
+if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+ nm_file_list_spec='@'
+elif $NM --help 2>/dev/null | grep '[@]FILE' >/dev/null; then
+ nm_file_list_spec='@'
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for sysroot" >&5
+printf %s "checking for sysroot... " >&6; }
+
+# Check whether --with-sysroot was given.
+if test ${with_sysroot+y}
+then :
+ withval=$with_sysroot;
+else $as_nop
+ with_sysroot=no
+fi
+
+
+lt_sysroot=
+case $with_sysroot in #(
+ yes)
+ if test yes = "$GCC"; then
+ lt_sysroot=`$CC --print-sysroot 2>/dev/null`
+ fi
+ ;; #(
+ /*)
+ lt_sysroot=`echo "$with_sysroot" | $SED -e "$sed_quote_subst"`
+ ;; #(
+ no|'')
+ ;; #(
+ *)
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $with_sysroot" >&5
+printf "%s\n" "$with_sysroot" >&6; }
+ as_fn_error $? "The sysroot must be an absolute path." "$LINENO" 5
+ ;;
+esac
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: ${lt_sysroot:-no}" >&5
+printf "%s\n" "${lt_sysroot:-no}" >&6; }
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a working dd" >&5
+printf %s "checking for a working dd... " >&6; }
+if test ${ac_cv_path_lt_DD+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ printf 0123456789abcdef0123456789abcdef >conftest.i
+cat conftest.i conftest.i >conftest2.i
+: ${lt_DD:=$DD}
+if test -z "$lt_DD"; then
+ ac_path_lt_DD_found=false
+ # Loop through the user's path and test for each of PROGNAME-LIST
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_prog in dd
+ do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_lt_DD="$as_dir$ac_prog$ac_exec_ext"
+ as_fn_executable_p "$ac_path_lt_DD" || continue
+if "$ac_path_lt_DD" bs=32 count=1 <conftest2.i >conftest.out 2>/dev/null; then
+ cmp -s conftest.i conftest.out \
+ && ac_cv_path_lt_DD="$ac_path_lt_DD" ac_path_lt_DD_found=:
+fi
+ $ac_path_lt_DD_found && break 3
+ done
+ done
+ done
+IFS=$as_save_IFS
+ if test -z "$ac_cv_path_lt_DD"; then
+ :
+ fi
+else
+ ac_cv_path_lt_DD=$lt_DD
+fi
+
+rm -f conftest.i conftest2.i conftest.out
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_lt_DD" >&5
+printf "%s\n" "$ac_cv_path_lt_DD" >&6; }
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to truncate binary pipes" >&5
+printf %s "checking how to truncate binary pipes... " >&6; }
+if test ${lt_cv_truncate_bin+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ printf 0123456789abcdef0123456789abcdef >conftest.i
+cat conftest.i conftest.i >conftest2.i
+lt_cv_truncate_bin=
+if "$ac_cv_path_lt_DD" bs=32 count=1 <conftest2.i >conftest.out 2>/dev/null; then
+ cmp -s conftest.i conftest.out \
+ && lt_cv_truncate_bin="$ac_cv_path_lt_DD bs=4096 count=1"
+fi
+rm -f conftest.i conftest2.i conftest.out
+test -z "$lt_cv_truncate_bin" && lt_cv_truncate_bin="$SED -e 4q"
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_truncate_bin" >&5
+printf "%s\n" "$lt_cv_truncate_bin" >&6; }
+
+
+
+
+
+
+
+# Calculate cc_basename. Skip known compiler wrappers and cross-prefix.
+func_cc_basename ()
+{
+ for cc_temp in $*""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+ done
+ func_cc_basename_result=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"`
+}
+
+# Check whether --enable-libtool-lock was given.
+if test ${enable_libtool_lock+y}
+then :
+ enableval=$enable_libtool_lock;
+fi
+
+test no = "$enable_libtool_lock" || enable_libtool_lock=yes
+
+# Some flags need to be propagated to the compiler or linker for good
+# libtool support.
+case $host in
+ia64-*-hpux*)
+ # Find out what ABI is being produced by ac_compile, and set mode
+ # options accordingly.
+ echo 'int i;' > conftest.$ac_ext
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ case `$FILECMD conftest.$ac_objext` in
+ *ELF-32*)
+ HPUX_IA64_MODE=32
+ ;;
+ *ELF-64*)
+ HPUX_IA64_MODE=64
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+*-*-irix6*)
+ # Find out what ABI is being produced by ac_compile, and set linker
+ # options accordingly.
+ echo '#line '$LINENO' "configure"' > conftest.$ac_ext
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ if test yes = "$lt_cv_prog_gnu_ld"; then
+ case `$FILECMD conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -melf32bsmip"
+ ;;
+ *N32*)
+ LD="${LD-ld} -melf32bmipn32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -melf64bmip"
+ ;;
+ esac
+ else
+ case `$FILECMD conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -32"
+ ;;
+ *N32*)
+ LD="${LD-ld} -n32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -64"
+ ;;
+ esac
+ fi
+ fi
+ rm -rf conftest*
+ ;;
+
+mips64*-*linux*)
+ # Find out what ABI is being produced by ac_compile, and set linker
+ # options accordingly.
+ echo '#line '$LINENO' "configure"' > conftest.$ac_ext
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ emul=elf
+ case `$FILECMD conftest.$ac_objext` in
+ *32-bit*)
+ emul="${emul}32"
+ ;;
+ *64-bit*)
+ emul="${emul}64"
+ ;;
+ esac
+ case `$FILECMD conftest.$ac_objext` in
+ *MSB*)
+ emul="${emul}btsmip"
+ ;;
+ *LSB*)
+ emul="${emul}ltsmip"
+ ;;
+ esac
+ case `$FILECMD conftest.$ac_objext` in
+ *N32*)
+ emul="${emul}n32"
+ ;;
+ esac
+ LD="${LD-ld} -m $emul"
+ fi
+ rm -rf conftest*
+ ;;
+
+x86_64-*kfreebsd*-gnu|x86_64-*linux*|powerpc*-*linux*| \
+s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
+ # Find out what ABI is being produced by ac_compile, and set linker
+ # options accordingly. Note that the listed cases only cover the
+ # situations where additional linker options are needed (such as when
+ # doing 32-bit compilation for a host where ld defaults to 64-bit, or
+ # vice versa); the common cases where no linker options are needed do
+ # not appear in the list.
+ echo 'int i;' > conftest.$ac_ext
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ case `$FILECMD conftest.o` in
+ *32-bit*)
+ case $host in
+ x86_64-*kfreebsd*-gnu)
+ LD="${LD-ld} -m elf_i386_fbsd"
+ ;;
+ x86_64-*linux*)
+ case `$FILECMD conftest.o` in
+ *x86-64*)
+ LD="${LD-ld} -m elf32_x86_64"
+ ;;
+ *)
+ LD="${LD-ld} -m elf_i386"
+ ;;
+ esac
+ ;;
+ powerpc64le-*linux*)
+ LD="${LD-ld} -m elf32lppclinux"
+ ;;
+ powerpc64-*linux*)
+ LD="${LD-ld} -m elf32ppclinux"
+ ;;
+ s390x-*linux*)
+ LD="${LD-ld} -m elf_s390"
+ ;;
+ sparc64-*linux*)
+ LD="${LD-ld} -m elf32_sparc"
+ ;;
+ esac
+ ;;
+ *64-bit*)
+ case $host in
+ x86_64-*kfreebsd*-gnu)
+ LD="${LD-ld} -m elf_x86_64_fbsd"
+ ;;
+ x86_64-*linux*)
+ LD="${LD-ld} -m elf_x86_64"
+ ;;
+ powerpcle-*linux*)
+ LD="${LD-ld} -m elf64lppc"
+ ;;
+ powerpc-*linux*)
+ LD="${LD-ld} -m elf64ppc"
+ ;;
+ s390*-*linux*|s390*-*tpf*)
+ LD="${LD-ld} -m elf64_s390"
+ ;;
+ sparc*-*linux*)
+ LD="${LD-ld} -m elf64_sparc"
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+
+*-*-sco3.2v5*)
+ # On SCO OpenServer 5, we need -belf to get full-featured binaries.
+ SAVE_CFLAGS=$CFLAGS
+ CFLAGS="$CFLAGS -belf"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the C compiler needs -belf" >&5
+printf %s "checking whether the C compiler needs -belf... " >&6; }
+if test ${lt_cv_cc_needs_belf+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ lt_cv_cc_needs_belf=yes
+else $as_nop
+ lt_cv_cc_needs_belf=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_cc_needs_belf" >&5
+printf "%s\n" "$lt_cv_cc_needs_belf" >&6; }
+ if test yes != "$lt_cv_cc_needs_belf"; then
+ # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
+ CFLAGS=$SAVE_CFLAGS
+ fi
+ ;;
+*-*solaris*)
+ # Find out what ABI is being produced by ac_compile, and set linker
+ # options accordingly.
+ echo 'int i;' > conftest.$ac_ext
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ case `$FILECMD conftest.o` in
+ *64-bit*)
+ case $lt_cv_prog_gnu_ld in
+ yes*)
+ case $host in
+ i?86-*-solaris*|x86_64-*-solaris*)
+ LD="${LD-ld} -m elf_x86_64"
+ ;;
+ sparc*-*-solaris*)
+ LD="${LD-ld} -m elf64_sparc"
+ ;;
+ esac
+ # GNU ld 2.21 introduced _sol2 emulations. Use them if available.
+ if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then
+ LD=${LD-ld}_sol2
+ fi
+ ;;
+ *)
+ if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
+ LD="${LD-ld} -64"
+ fi
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+esac
+
+need_locks=$enable_libtool_lock
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}mt", so it can be a program name with args.
+set dummy ${ac_tool_prefix}mt; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_MANIFEST_TOOL+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$MANIFEST_TOOL"; then
+ ac_cv_prog_MANIFEST_TOOL="$MANIFEST_TOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+MANIFEST_TOOL=$ac_cv_prog_MANIFEST_TOOL
+if test -n "$MANIFEST_TOOL"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MANIFEST_TOOL" >&5
+printf "%s\n" "$MANIFEST_TOOL" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_MANIFEST_TOOL"; then
+ ac_ct_MANIFEST_TOOL=$MANIFEST_TOOL
+ # Extract the first word of "mt", so it can be a program name with args.
+set dummy mt; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_MANIFEST_TOOL+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_MANIFEST_TOOL"; then
+ ac_cv_prog_ac_ct_MANIFEST_TOOL="$ac_ct_MANIFEST_TOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_MANIFEST_TOOL="mt"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_MANIFEST_TOOL=$ac_cv_prog_ac_ct_MANIFEST_TOOL
+if test -n "$ac_ct_MANIFEST_TOOL"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_MANIFEST_TOOL" >&5
+printf "%s\n" "$ac_ct_MANIFEST_TOOL" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_MANIFEST_TOOL" = x; then
+ MANIFEST_TOOL=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ MANIFEST_TOOL=$ac_ct_MANIFEST_TOOL
+ fi
+else
+ MANIFEST_TOOL="$ac_cv_prog_MANIFEST_TOOL"
+fi
+
+test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $MANIFEST_TOOL is a manifest tool" >&5
+printf %s "checking if $MANIFEST_TOOL is a manifest tool... " >&6; }
+if test ${lt_cv_path_mainfest_tool+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_path_mainfest_tool=no
+ echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&5
+ $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out
+ cat conftest.err >&5
+ if $GREP 'Manifest Tool' conftest.out > /dev/null; then
+ lt_cv_path_mainfest_tool=yes
+ fi
+ rm -f conftest*
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_mainfest_tool" >&5
+printf "%s\n" "$lt_cv_path_mainfest_tool" >&6; }
+if test yes != "$lt_cv_path_mainfest_tool"; then
+ MANIFEST_TOOL=:
+fi
+
+
+
+
+
+
+ case $host_os in
+ rhapsody* | darwin*)
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}dsymutil", so it can be a program name with args.
+set dummy ${ac_tool_prefix}dsymutil; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_DSYMUTIL+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$DSYMUTIL"; then
+ ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+DSYMUTIL=$ac_cv_prog_DSYMUTIL
+if test -n "$DSYMUTIL"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DSYMUTIL" >&5
+printf "%s\n" "$DSYMUTIL" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_DSYMUTIL"; then
+ ac_ct_DSYMUTIL=$DSYMUTIL
+ # Extract the first word of "dsymutil", so it can be a program name with args.
+set dummy dsymutil; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_DSYMUTIL+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_DSYMUTIL"; then
+ ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_DSYMUTIL="dsymutil"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL
+if test -n "$ac_ct_DSYMUTIL"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DSYMUTIL" >&5
+printf "%s\n" "$ac_ct_DSYMUTIL" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_DSYMUTIL" = x; then
+ DSYMUTIL=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ DSYMUTIL=$ac_ct_DSYMUTIL
+ fi
+else
+ DSYMUTIL="$ac_cv_prog_DSYMUTIL"
+fi
+
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}nmedit", so it can be a program name with args.
+set dummy ${ac_tool_prefix}nmedit; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_NMEDIT+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$NMEDIT"; then
+ ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+NMEDIT=$ac_cv_prog_NMEDIT
+if test -n "$NMEDIT"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $NMEDIT" >&5
+printf "%s\n" "$NMEDIT" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_NMEDIT"; then
+ ac_ct_NMEDIT=$NMEDIT
+ # Extract the first word of "nmedit", so it can be a program name with args.
+set dummy nmedit; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_NMEDIT+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_NMEDIT"; then
+ ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_NMEDIT="nmedit"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT
+if test -n "$ac_ct_NMEDIT"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_NMEDIT" >&5
+printf "%s\n" "$ac_ct_NMEDIT" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_NMEDIT" = x; then
+ NMEDIT=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ NMEDIT=$ac_ct_NMEDIT
+ fi
+else
+ NMEDIT="$ac_cv_prog_NMEDIT"
+fi
+
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}lipo", so it can be a program name with args.
+set dummy ${ac_tool_prefix}lipo; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_LIPO+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$LIPO"; then
+ ac_cv_prog_LIPO="$LIPO" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_LIPO="${ac_tool_prefix}lipo"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+LIPO=$ac_cv_prog_LIPO
+if test -n "$LIPO"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIPO" >&5
+printf "%s\n" "$LIPO" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_LIPO"; then
+ ac_ct_LIPO=$LIPO
+ # Extract the first word of "lipo", so it can be a program name with args.
+set dummy lipo; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_LIPO+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_LIPO"; then
+ ac_cv_prog_ac_ct_LIPO="$ac_ct_LIPO" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_LIPO="lipo"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_LIPO=$ac_cv_prog_ac_ct_LIPO
+if test -n "$ac_ct_LIPO"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_LIPO" >&5
+printf "%s\n" "$ac_ct_LIPO" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_LIPO" = x; then
+ LIPO=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ LIPO=$ac_ct_LIPO
+ fi
+else
+ LIPO="$ac_cv_prog_LIPO"
+fi
+
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}otool", so it can be a program name with args.
+set dummy ${ac_tool_prefix}otool; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_OTOOL+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$OTOOL"; then
+ ac_cv_prog_OTOOL="$OTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_OTOOL="${ac_tool_prefix}otool"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+OTOOL=$ac_cv_prog_OTOOL
+if test -n "$OTOOL"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OTOOL" >&5
+printf "%s\n" "$OTOOL" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_OTOOL"; then
+ ac_ct_OTOOL=$OTOOL
+ # Extract the first word of "otool", so it can be a program name with args.
+set dummy otool; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_OTOOL+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_OTOOL"; then
+ ac_cv_prog_ac_ct_OTOOL="$ac_ct_OTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_OTOOL="otool"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_OTOOL=$ac_cv_prog_ac_ct_OTOOL
+if test -n "$ac_ct_OTOOL"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL" >&5
+printf "%s\n" "$ac_ct_OTOOL" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_OTOOL" = x; then
+ OTOOL=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ OTOOL=$ac_ct_OTOOL
+ fi
+else
+ OTOOL="$ac_cv_prog_OTOOL"
+fi
+
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}otool64", so it can be a program name with args.
+set dummy ${ac_tool_prefix}otool64; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_OTOOL64+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$OTOOL64"; then
+ ac_cv_prog_OTOOL64="$OTOOL64" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+OTOOL64=$ac_cv_prog_OTOOL64
+if test -n "$OTOOL64"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OTOOL64" >&5
+printf "%s\n" "$OTOOL64" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_OTOOL64"; then
+ ac_ct_OTOOL64=$OTOOL64
+ # Extract the first word of "otool64", so it can be a program name with args.
+set dummy otool64; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_prog_ac_ct_OTOOL64+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test -n "$ac_ct_OTOOL64"; then
+ ac_cv_prog_ac_ct_OTOOL64="$ac_ct_OTOOL64" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_prog_ac_ct_OTOOL64="otool64"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_OTOOL64=$ac_cv_prog_ac_ct_OTOOL64
+if test -n "$ac_ct_OTOOL64"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL64" >&5
+printf "%s\n" "$ac_ct_OTOOL64" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_ct_OTOOL64" = x; then
+ OTOOL64=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ OTOOL64=$ac_ct_OTOOL64
+ fi
+else
+ OTOOL64="$ac_cv_prog_OTOOL64"
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for -single_module linker flag" >&5
+printf %s "checking for -single_module linker flag... " >&6; }
+if test ${lt_cv_apple_cc_single_mod+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_apple_cc_single_mod=no
+ if test -z "$LT_MULTI_MODULE"; then
+ # By default we will add the -single_module flag. You can override
+ # by either setting the environment variable LT_MULTI_MODULE
+ # non-empty at configure time, or by adding -multi_module to the
+ # link flags.
+ rm -rf libconftest.dylib*
+ echo "int foo(void){return 1;}" > conftest.c
+ echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+-dynamiclib -Wl,-single_module conftest.c" >&5
+ $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+ -dynamiclib -Wl,-single_module conftest.c 2>conftest.err
+ _lt_result=$?
+ # If there is a non-empty error log, and "single_module"
+ # appears in it, assume the flag caused a linker warning
+ if test -s conftest.err && $GREP single_module conftest.err; then
+ cat conftest.err >&5
+ # Otherwise, if the output was created with a 0 exit code from
+ # the compiler, it worked.
+ elif test -f libconftest.dylib && test 0 = "$_lt_result"; then
+ lt_cv_apple_cc_single_mod=yes
+ else
+ cat conftest.err >&5
+ fi
+ rm -rf libconftest.dylib*
+ rm -f conftest.*
+ fi
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5
+printf "%s\n" "$lt_cv_apple_cc_single_mod" >&6; }
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for -exported_symbols_list linker flag" >&5
+printf %s "checking for -exported_symbols_list linker flag... " >&6; }
+if test ${lt_cv_ld_exported_symbols_list+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_ld_exported_symbols_list=no
+ save_LDFLAGS=$LDFLAGS
+ echo "_main" > conftest.sym
+ LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ lt_cv_ld_exported_symbols_list=yes
+else $as_nop
+ lt_cv_ld_exported_symbols_list=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ LDFLAGS=$save_LDFLAGS
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5
+printf "%s\n" "$lt_cv_ld_exported_symbols_list" >&6; }
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for -force_load linker flag" >&5
+printf %s "checking for -force_load linker flag... " >&6; }
+if test ${lt_cv_ld_force_load+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_ld_force_load=no
+ cat > conftest.c << _LT_EOF
+int forced_loaded() { return 2;}
+_LT_EOF
+ echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5
+ $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5
+ echo "$AR $AR_FLAGS libconftest.a conftest.o" >&5
+ $AR $AR_FLAGS libconftest.a conftest.o 2>&5
+ echo "$RANLIB libconftest.a" >&5
+ $RANLIB libconftest.a 2>&5
+ cat > conftest.c << _LT_EOF
+int main() { return 0;}
+_LT_EOF
+ echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&5
+ $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err
+ _lt_result=$?
+ if test -s conftest.err && $GREP force_load conftest.err; then
+ cat conftest.err >&5
+ elif test -f conftest && test 0 = "$_lt_result" && $GREP forced_load conftest >/dev/null 2>&1; then
+ lt_cv_ld_force_load=yes
+ else
+ cat conftest.err >&5
+ fi
+ rm -f conftest.err libconftest.a conftest conftest.c
+ rm -rf conftest.dSYM
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_force_load" >&5
+printf "%s\n" "$lt_cv_ld_force_load" >&6; }
+ case $host_os in
+ rhapsody* | darwin1.[012])
+ _lt_dar_allow_undefined='$wl-undefined ${wl}suppress' ;;
+ darwin1.*)
+ _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
+ darwin*)
+ case $MACOSX_DEPLOYMENT_TARGET,$host in
+ 10.[012],*|,*powerpc*-darwin[5-8]*)
+ _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
+ *)
+ _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
+ esac
+ ;;
+ esac
+ if test yes = "$lt_cv_apple_cc_single_mod"; then
+ _lt_dar_single_mod='$single_module'
+ fi
+ if test yes = "$lt_cv_ld_exported_symbols_list"; then
+ _lt_dar_export_syms=' $wl-exported_symbols_list,$output_objdir/$libname-symbols.expsym'
+ else
+ _lt_dar_export_syms='~$NMEDIT -s $output_objdir/$libname-symbols.expsym $lib'
+ fi
+ if test : != "$DSYMUTIL" && test no = "$lt_cv_ld_force_load"; then
+ _lt_dsymutil='~$DSYMUTIL $lib || :'
+ else
+ _lt_dsymutil=
+ fi
+ ;;
+ esac
+
+# func_munge_path_list VARIABLE PATH
+# -----------------------------------
+# VARIABLE is name of variable containing _space_ separated list of
+# directories to be munged by the contents of PATH, which is string
+# having a format:
+# "DIR[:DIR]:"
+# string "DIR[ DIR]" will be prepended to VARIABLE
+# ":DIR[:DIR]"
+# string "DIR[ DIR]" will be appended to VARIABLE
+# "DIRP[:DIRP]::[DIRA:]DIRA"
+# string "DIRP[ DIRP]" will be prepended to VARIABLE and string
+# "DIRA[ DIRA]" will be appended to VARIABLE
+# "DIR[:DIR]"
+# VARIABLE will be replaced by "DIR[ DIR]"
+func_munge_path_list ()
+{
+ case x$2 in
+ x)
+ ;;
+ *:)
+ eval $1=\"`$ECHO $2 | $SED 's/:/ /g'` \$$1\"
+ ;;
+ x:*)
+ eval $1=\"\$$1 `$ECHO $2 | $SED 's/:/ /g'`\"
+ ;;
+ *::*)
+ eval $1=\"\$$1\ `$ECHO $2 | $SED -e 's/.*:://' -e 's/:/ /g'`\"
+ eval $1=\"`$ECHO $2 | $SED -e 's/::.*//' -e 's/:/ /g'`\ \$$1\"
+ ;;
+ *)
+ eval $1=\"`$ECHO $2 | $SED 's/:/ /g'`\"
+ ;;
+ esac
+}
+
+ac_header= ac_cache=
+for ac_item in $ac_header_c_list
+do
+ if test $ac_cache; then
+ ac_fn_c_check_header_compile "$LINENO" $ac_header ac_cv_header_$ac_cache "$ac_includes_default"
+ if eval test \"x\$ac_cv_header_$ac_cache\" = xyes; then
+ printf "%s\n" "#define $ac_item 1" >> confdefs.h
+ fi
+ ac_header= ac_cache=
+ elif test $ac_header; then
+ ac_cache=$ac_item
+ else
+ ac_header=$ac_item
+ fi
+done
+
+
+
+
+
+
+
+
+if test $ac_cv_header_stdlib_h = yes && test $ac_cv_header_string_h = yes
+then :
+
+printf "%s\n" "#define STDC_HEADERS 1" >>confdefs.h
+
+fi
+ac_fn_c_check_header_compile "$LINENO" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default
+"
+if test "x$ac_cv_header_dlfcn_h" = xyes
+then :
+ printf "%s\n" "#define HAVE_DLFCN_H 1" >>confdefs.h
+
+fi
+
+
+
+
+
+# Set options
+
+
+
+ enable_dlopen=no
+
+
+ enable_win32_dll=no
+
+
+ # Check whether --enable-shared was given.
+if test ${enable_shared+y}
+then :
+ enableval=$enable_shared; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_shared=yes ;;
+ no) enable_shared=no ;;
+ *)
+ enable_shared=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
+ for pkg in $enableval; do
+ IFS=$lt_save_ifs
+ if test "X$pkg" = "X$p"; then
+ enable_shared=yes
+ fi
+ done
+ IFS=$lt_save_ifs
+ ;;
+ esac
+else $as_nop
+ enable_shared=yes
+fi
+
+
+
+
+
+
+
+
+
+ # Check whether --enable-static was given.
+if test ${enable_static+y}
+then :
+ enableval=$enable_static; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_static=yes ;;
+ no) enable_static=no ;;
+ *)
+ enable_static=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
+ for pkg in $enableval; do
+ IFS=$lt_save_ifs
+ if test "X$pkg" = "X$p"; then
+ enable_static=yes
+ fi
+ done
+ IFS=$lt_save_ifs
+ ;;
+ esac
+else $as_nop
+ enable_static=yes
+fi
+
+
+
+
+
+
+
+
+
+
+# Check whether --with-pic was given.
+if test ${with_pic+y}
+then :
+ withval=$with_pic; lt_p=${PACKAGE-default}
+ case $withval in
+ yes|no) pic_mode=$withval ;;
+ *)
+ pic_mode=default
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
+ for lt_pkg in $withval; do
+ IFS=$lt_save_ifs
+ if test "X$lt_pkg" = "X$lt_p"; then
+ pic_mode=yes
+ fi
+ done
+ IFS=$lt_save_ifs
+ ;;
+ esac
+else $as_nop
+ pic_mode=default
+fi
+
+
+
+
+
+
+
+
+ # Check whether --enable-fast-install was given.
+if test ${enable_fast_install+y}
+then :
+ enableval=$enable_fast_install; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_fast_install=yes ;;
+ no) enable_fast_install=no ;;
+ *)
+ enable_fast_install=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
+ for pkg in $enableval; do
+ IFS=$lt_save_ifs
+ if test "X$pkg" = "X$p"; then
+ enable_fast_install=yes
+ fi
+ done
+ IFS=$lt_save_ifs
+ ;;
+ esac
+else $as_nop
+ enable_fast_install=yes
+fi
+
+
+
+
+
+
+
+
+ shared_archive_member_spec=
+case $host,$enable_shared in
+power*-*-aix[5-9]*,yes)
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking which variant of shared library versioning to provide" >&5
+printf %s "checking which variant of shared library versioning to provide... " >&6; }
+
+# Check whether --with-aix-soname was given.
+if test ${with_aix_soname+y}
+then :
+ withval=$with_aix_soname; case $withval in
+ aix|svr4|both)
+ ;;
+ *)
+ as_fn_error $? "Unknown argument to --with-aix-soname" "$LINENO" 5
+ ;;
+ esac
+ lt_cv_with_aix_soname=$with_aix_soname
+else $as_nop
+ if test ${lt_cv_with_aix_soname+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_with_aix_soname=aix
+fi
+
+ with_aix_soname=$lt_cv_with_aix_soname
+fi
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $with_aix_soname" >&5
+printf "%s\n" "$with_aix_soname" >&6; }
+ if test aix != "$with_aix_soname"; then
+ # For the AIX way of multilib, we name the shared archive member
+ # based on the bitwidth used, traditionally 'shr.o' or 'shr_64.o',
+ # and 'shr.imp' or 'shr_64.imp', respectively, for the Import File.
+ # Even when GNU compilers ignore OBJECT_MODE but need '-maix64' flag,
+ # the AIX toolchain works better with OBJECT_MODE set (default 32).
+ if test 64 = "${OBJECT_MODE-32}"; then
+ shared_archive_member_spec=shr_64
+ else
+ shared_archive_member_spec=shr
+ fi
+ fi
+ ;;
+*)
+ with_aix_soname=aix
+ ;;
+esac
+
+
+
+
+
+
+
+
+
+
+# This can be used to rebuild libtool when needed
+LIBTOOL_DEPS=$ltmain
+
+# Always use our own libtool.
+LIBTOOL='$(SHELL) $(top_builddir)/libtool'
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+test -z "$LN_S" && LN_S="ln -s"
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+if test -n "${ZSH_VERSION+set}"; then
+ setopt NO_GLOB_SUBST
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for objdir" >&5
+printf %s "checking for objdir... " >&6; }
+if test ${lt_cv_objdir+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ rm -f .libs 2>/dev/null
+mkdir .libs 2>/dev/null
+if test -d .libs; then
+ lt_cv_objdir=.libs
+else
+ # MS-DOS does not allow filenames that begin with a dot.
+ lt_cv_objdir=_libs
+fi
+rmdir .libs 2>/dev/null
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_objdir" >&5
+printf "%s\n" "$lt_cv_objdir" >&6; }
+objdir=$lt_cv_objdir
+
+
+
+
+
+printf "%s\n" "#define LT_OBJDIR \"$lt_cv_objdir/\"" >>confdefs.h
+
+
+
+
+case $host_os in
+aix3*)
+ # AIX sometimes has problems with the GCC collect2 program. For some
+ # reason, if we set the COLLECT_NAMES environment variable, the problems
+ # vanish in a puff of smoke.
+ if test set != "${COLLECT_NAMES+set}"; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+ fi
+ ;;
+esac
+
+# Global variables:
+ofile=libtool
+can_build_shared=yes
+
+# All known linkers require a '.a' archive for static linking (except MSVC and
+# ICC, which need '.lib').
+libext=a
+
+with_gnu_ld=$lt_cv_prog_gnu_ld
+
+old_CC=$CC
+old_CFLAGS=$CFLAGS
+
+# Set sane defaults for various variables
+test -z "$CC" && CC=cc
+test -z "$LTCC" && LTCC=$CC
+test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS
+test -z "$LD" && LD=ld
+test -z "$ac_objext" && ac_objext=o
+
+func_cc_basename $compiler
+cc_basename=$func_cc_basename_result
+
+
+# Only perform the check for file, if the check method requires it
+test -z "$MAGIC_CMD" && MAGIC_CMD=file
+case $deplibs_check_method in
+file_magic*)
+ if test "$file_magic_cmd" = '$MAGIC_CMD'; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ${ac_tool_prefix}file" >&5
+printf %s "checking for ${ac_tool_prefix}file... " >&6; }
+if test ${lt_cv_path_MAGIC_CMD+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $MAGIC_CMD in
+[\\/*] | ?:[\\/]*)
+ lt_cv_path_MAGIC_CMD=$MAGIC_CMD # Let the user override the test with a path.
+ ;;
+*)
+ lt_save_MAGIC_CMD=$MAGIC_CMD
+ lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR
+ ac_dummy="/usr/bin$PATH_SEPARATOR$PATH"
+ for ac_dir in $ac_dummy; do
+ IFS=$lt_save_ifs
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/${ac_tool_prefix}file"; then
+ lt_cv_path_MAGIC_CMD=$ac_dir/"${ac_tool_prefix}file"
+ if test -n "$file_magic_test_file"; then
+ case $deplibs_check_method in
+ "file_magic "*)
+ file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+ MAGIC_CMD=$lt_cv_path_MAGIC_CMD
+ if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+ $EGREP "$file_magic_regex" > /dev/null; then
+ :
+ else
+ cat <<_LT_EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such. This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem. Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+_LT_EOF
+ fi ;;
+ esac
+ fi
+ break
+ fi
+ done
+ IFS=$lt_save_ifs
+ MAGIC_CMD=$lt_save_MAGIC_CMD
+ ;;
+esac
+fi
+
+MAGIC_CMD=$lt_cv_path_MAGIC_CMD
+if test -n "$MAGIC_CMD"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5
+printf "%s\n" "$MAGIC_CMD" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+
+
+
+if test -z "$lt_cv_path_MAGIC_CMD"; then
+ if test -n "$ac_tool_prefix"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for file" >&5
+printf %s "checking for file... " >&6; }
+if test ${lt_cv_path_MAGIC_CMD+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $MAGIC_CMD in
+[\\/*] | ?:[\\/]*)
+ lt_cv_path_MAGIC_CMD=$MAGIC_CMD # Let the user override the test with a path.
+ ;;
+*)
+ lt_save_MAGIC_CMD=$MAGIC_CMD
+ lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR
+ ac_dummy="/usr/bin$PATH_SEPARATOR$PATH"
+ for ac_dir in $ac_dummy; do
+ IFS=$lt_save_ifs
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/file"; then
+ lt_cv_path_MAGIC_CMD=$ac_dir/"file"
+ if test -n "$file_magic_test_file"; then
+ case $deplibs_check_method in
+ "file_magic "*)
+ file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+ MAGIC_CMD=$lt_cv_path_MAGIC_CMD
+ if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+ $EGREP "$file_magic_regex" > /dev/null; then
+ :
+ else
+ cat <<_LT_EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such. This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem. Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+_LT_EOF
+ fi ;;
+ esac
+ fi
+ break
+ fi
+ done
+ IFS=$lt_save_ifs
+ MAGIC_CMD=$lt_save_MAGIC_CMD
+ ;;
+esac
+fi
+
+MAGIC_CMD=$lt_cv_path_MAGIC_CMD
+if test -n "$MAGIC_CMD"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5
+printf "%s\n" "$MAGIC_CMD" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ else
+ MAGIC_CMD=:
+ fi
+fi
+
+ fi
+ ;;
+esac
+
+# Use C for the default configuration in the libtool script
+
+lt_save_CC=$CC
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+# Source file extension for C test sources.
+ac_ext=c
+
+# Object file extension for compiled C test sources.
+objext=o
+objext=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="int some_variable = 0;"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='int main(){return(0);}'
+
+
+
+
+
+
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+# Save the default compiler, since it gets overwritten when the other
+# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP.
+compiler_DEFAULT=$CC
+
+# save warnings/boilerplate of simple test code
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$RM conftest*
+
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$RM -r conftest*
+
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+
+lt_prog_compiler_no_builtin_flag=
+
+if test yes = "$GCC"; then
+ case $cc_basename in
+ nvcc*)
+ lt_prog_compiler_no_builtin_flag=' -Xcompiler -fno-builtin' ;;
+ *)
+ lt_prog_compiler_no_builtin_flag=' -fno-builtin' ;;
+ esac
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -fno-rtti -fno-exceptions" >&5
+printf %s "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; }
+if test ${lt_cv_prog_compiler_rtti_exceptions+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_prog_compiler_rtti_exceptions=no
+ ac_outfile=conftest.$ac_objext
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="-fno-rtti -fno-exceptions" ## exclude from sc_useless_quotes_in_assignment
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_rtti_exceptions=yes
+ fi
+ fi
+ $RM conftest*
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_rtti_exceptions" >&5
+printf "%s\n" "$lt_cv_prog_compiler_rtti_exceptions" >&6; }
+
+if test yes = "$lt_cv_prog_compiler_rtti_exceptions"; then
+ lt_prog_compiler_no_builtin_flag="$lt_prog_compiler_no_builtin_flag -fno-rtti -fno-exceptions"
+else
+ :
+fi
+
+fi
+
+
+
+
+
+
+ lt_prog_compiler_wl=
+lt_prog_compiler_pic=
+lt_prog_compiler_static=
+
+
+ if test yes = "$GCC"; then
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_static='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test ia64 = "$host_cpu"; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static='-Bstatic'
+ fi
+ lt_prog_compiler_pic='-fPIC'
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ lt_prog_compiler_pic='-fPIC'
+ ;;
+ m68k)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the '-m68020' flag to GCC prevents building anything better,
+ # like '-m68040'.
+ lt_prog_compiler_pic='-m68020 -resident32 -malways-restore-a4'
+ ;;
+ esac
+ ;;
+
+ beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+
+ mingw* | cygwin* | pw32* | os2* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ # Although the cygwin gcc ignores -fPIC, still need this for old-style
+ # (--disable-auto-import) libraries
+ lt_prog_compiler_pic='-DDLL_EXPORT'
+ case $host_os in
+ os2*)
+ lt_prog_compiler_static='$wl-static'
+ ;;
+ esac
+ ;;
+
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ lt_prog_compiler_pic='-fno-common'
+ ;;
+
+ haiku*)
+ # PIC is the default for Haiku.
+ # The "-static" flag exists, but is broken.
+ lt_prog_compiler_static=
+ ;;
+
+ hpux*)
+ # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
+ # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag
+ # sets the default TLS model and affects inlining.
+ case $host_cpu in
+ hppa*64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic='-fPIC'
+ ;;
+ esac
+ ;;
+
+ interix[3-9]*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+
+ msdosdjgpp*)
+ # Just because we use GCC doesn't mean we suddenly get shared libraries
+ # on systems that don't support them.
+ lt_prog_compiler_can_build_shared=no
+ enable_shared=no
+ ;;
+
+ *nto* | *qnx*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ lt_prog_compiler_pic='-fPIC -shared'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ lt_prog_compiler_pic=-Kconform_pic
+ fi
+ ;;
+
+ *)
+ lt_prog_compiler_pic='-fPIC'
+ ;;
+ esac
+
+ case $cc_basename in
+ nvcc*) # Cuda Compiler Driver 2.2
+ lt_prog_compiler_wl='-Xlinker '
+ if test -n "$lt_prog_compiler_pic"; then
+ lt_prog_compiler_pic="-Xcompiler $lt_prog_compiler_pic"
+ fi
+ ;;
+ esac
+ else
+ # PORTME Check for flag to pass linker flags through the system compiler.
+ case $host_os in
+ aix*)
+ lt_prog_compiler_wl='-Wl,'
+ if test ia64 = "$host_cpu"; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static='-Bstatic'
+ else
+ lt_prog_compiler_static='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ lt_prog_compiler_pic='-fno-common'
+ case $cc_basename in
+ nagfor*)
+ # NAG Fortran compiler
+ lt_prog_compiler_wl='-Wl,-Wl,,'
+ lt_prog_compiler_pic='-PIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+ esac
+ ;;
+
+ mingw* | cygwin* | pw32* | os2* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ lt_prog_compiler_pic='-DDLL_EXPORT'
+ case $host_os in
+ os2*)
+ lt_prog_compiler_static='$wl-static'
+ ;;
+ esac
+ ;;
+
+ hpux9* | hpux10* | hpux11*)
+ lt_prog_compiler_wl='-Wl,'
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic='+Z'
+ ;;
+ esac
+ # Is there a better lt_prog_compiler_static that works with the bundled CC?
+ lt_prog_compiler_static='$wl-a ${wl}archive'
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ lt_prog_compiler_wl='-Wl,'
+ # PIC (with -KPIC) is the default.
+ lt_prog_compiler_static='-non_shared'
+ ;;
+
+ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*)
+ case $cc_basename in
+ # old Intel for x86_64, which still supported -KPIC.
+ ecc*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-static'
+ ;;
+ # flang / f18. f95 an alias for gfortran or flang on Debian
+ flang* | f18* | f95*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fPIC'
+ lt_prog_compiler_static='-static'
+ ;;
+ # icc used to be incompatible with GCC.
+ # ICC 10 doesn't accept -KPIC any more.
+ icc* | ifort*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fPIC'
+ lt_prog_compiler_static='-static'
+ ;;
+ # Lahey Fortran 8.1.
+ lf95*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='--shared'
+ lt_prog_compiler_static='--static'
+ ;;
+ nagfor*)
+ # NAG Fortran compiler
+ lt_prog_compiler_wl='-Wl,-Wl,,'
+ lt_prog_compiler_pic='-PIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+ tcc*)
+ # Fabrice Bellard et al's Tiny C Compiler
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fPIC'
+ lt_prog_compiler_static='-static'
+ ;;
+ pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*)
+ # Portland Group compilers (*not* the Pentium gcc compiler,
+ # which looks to be a dead project)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fpic'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+ ccc*)
+ lt_prog_compiler_wl='-Wl,'
+ # All Alpha code is PIC.
+ lt_prog_compiler_static='-non_shared'
+ ;;
+ xl* | bgxl* | bgf* | mpixl*)
+ # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-qpic'
+ lt_prog_compiler_static='-qstaticlink'
+ ;;
+ *)
+ case `$CC -V 2>&1 | $SED 5q` in
+ *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [1-7].* | *Sun*Fortran*\ 8.[0-3]*)
+ # Sun Fortran 8.3 passes all unrecognized flags to the linker
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ lt_prog_compiler_wl=''
+ ;;
+ *Sun\ F* | *Sun*Fortran*)
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ lt_prog_compiler_wl='-Qoption ld '
+ ;;
+ *Sun\ C*)
+ # Sun C 5.9
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ lt_prog_compiler_wl='-Wl,'
+ ;;
+ *Intel*\ [CF]*Compiler*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fPIC'
+ lt_prog_compiler_static='-static'
+ ;;
+ *Portland\ Group*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fpic'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+
+ newsos6)
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ *nto* | *qnx*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ lt_prog_compiler_pic='-fPIC -shared'
+ ;;
+
+ osf3* | osf4* | osf5*)
+ lt_prog_compiler_wl='-Wl,'
+ # All OSF/1 code is PIC.
+ lt_prog_compiler_static='-non_shared'
+ ;;
+
+ rdos*)
+ lt_prog_compiler_static='-non_shared'
+ ;;
+
+ solaris*)
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ case $cc_basename in
+ f77* | f90* | f95* | sunf77* | sunf90* | sunf95*)
+ lt_prog_compiler_wl='-Qoption ld ';;
+ *)
+ lt_prog_compiler_wl='-Wl,';;
+ esac
+ ;;
+
+ sunos4*)
+ lt_prog_compiler_wl='-Qoption ld '
+ lt_prog_compiler_pic='-PIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ sysv4 | sysv4.2uw2* | sysv4.3*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ lt_prog_compiler_pic='-Kconform_pic'
+ lt_prog_compiler_static='-Bstatic'
+ fi
+ ;;
+
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ unicos*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_can_build_shared=no
+ ;;
+
+ uts4*)
+ lt_prog_compiler_pic='-pic'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ *)
+ lt_prog_compiler_can_build_shared=no
+ ;;
+ esac
+ fi
+
+case $host_os in
+ # For platforms that do not support PIC, -DPIC is meaningless:
+ *djgpp*)
+ lt_prog_compiler_pic=
+ ;;
+ *)
+ lt_prog_compiler_pic="$lt_prog_compiler_pic -DPIC"
+ ;;
+esac
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5
+printf %s "checking for $compiler option to produce PIC... " >&6; }
+if test ${lt_cv_prog_compiler_pic+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_prog_compiler_pic=$lt_prog_compiler_pic
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic" >&5
+printf "%s\n" "$lt_cv_prog_compiler_pic" >&6; }
+lt_prog_compiler_pic=$lt_cv_prog_compiler_pic
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$lt_prog_compiler_pic"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5
+printf %s "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; }
+if test ${lt_cv_prog_compiler_pic_works+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_prog_compiler_pic_works=no
+ ac_outfile=conftest.$ac_objext
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="$lt_prog_compiler_pic -DPIC" ## exclude from sc_useless_quotes_in_assignment
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_pic_works=yes
+ fi
+ fi
+ $RM conftest*
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works" >&5
+printf "%s\n" "$lt_cv_prog_compiler_pic_works" >&6; }
+
+if test yes = "$lt_cv_prog_compiler_pic_works"; then
+ case $lt_prog_compiler_pic in
+ "" | " "*) ;;
+ *) lt_prog_compiler_pic=" $lt_prog_compiler_pic" ;;
+ esac
+else
+ lt_prog_compiler_pic=
+ lt_prog_compiler_can_build_shared=no
+fi
+
+fi
+
+
+
+
+
+
+
+
+
+
+
+#
+# Check to make sure the static flag actually works.
+#
+wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\"
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5
+printf %s "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; }
+if test ${lt_cv_prog_compiler_static_works+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_prog_compiler_static_works=no
+ save_LDFLAGS=$LDFLAGS
+ LDFLAGS="$LDFLAGS $lt_tmp_static_flag"
+ echo "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&5
+ $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_static_works=yes
+ fi
+ else
+ lt_cv_prog_compiler_static_works=yes
+ fi
+ fi
+ $RM -r conftest*
+ LDFLAGS=$save_LDFLAGS
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works" >&5
+printf "%s\n" "$lt_cv_prog_compiler_static_works" >&6; }
+
+if test yes = "$lt_cv_prog_compiler_static_works"; then
+ :
+else
+ lt_prog_compiler_static=
+fi
+
+
+
+
+
+
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5
+printf %s "checking if $compiler supports -c -o file.$ac_objext... " >&6; }
+if test ${lt_cv_prog_compiler_c_o+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_prog_compiler_c_o=no
+ $RM -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_c_o=yes
+ fi
+ fi
+ chmod u+w . 2>&5
+ $RM conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+ $RM out/* && rmdir out
+ cd ..
+ $RM -r conftest
+ $RM conftest*
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5
+printf "%s\n" "$lt_cv_prog_compiler_c_o" >&6; }
+
+
+
+
+
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5
+printf %s "checking if $compiler supports -c -o file.$ac_objext... " >&6; }
+if test ${lt_cv_prog_compiler_c_o+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_prog_compiler_c_o=no
+ $RM -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_c_o=yes
+ fi
+ fi
+ chmod u+w . 2>&5
+ $RM conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+ $RM out/* && rmdir out
+ cd ..
+ $RM -r conftest
+ $RM conftest*
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5
+printf "%s\n" "$lt_cv_prog_compiler_c_o" >&6; }
+
+
+
+
+hard_links=nottested
+if test no = "$lt_cv_prog_compiler_c_o" && test no != "$need_locks"; then
+ # do not overwrite the value of need_locks provided by the user
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5
+printf %s "checking if we can lock with hard links... " >&6; }
+ hard_links=yes
+ $RM conftest*
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ touch conftest.a
+ ln conftest.a conftest.b 2>&5 || hard_links=no
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5
+printf "%s\n" "$hard_links" >&6; }
+ if test no = "$hard_links"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: '$CC' does not support '-c -o', so 'make -j' may be unsafe" >&5
+printf "%s\n" "$as_me: WARNING: '$CC' does not support '-c -o', so 'make -j' may be unsafe" >&2;}
+ need_locks=warn
+ fi
+else
+ need_locks=no
+fi
+
+
+
+
+
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5
+printf %s "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; }
+
+ runpath_var=
+ allow_undefined_flag=
+ always_export_symbols=no
+ archive_cmds=
+ archive_expsym_cmds=
+ compiler_needs_object=no
+ enable_shared_with_static_runtimes=no
+ export_dynamic_flag_spec=
+ export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ hardcode_automatic=no
+ hardcode_direct=no
+ hardcode_direct_absolute=no
+ hardcode_libdir_flag_spec=
+ hardcode_libdir_separator=
+ hardcode_minus_L=no
+ hardcode_shlibpath_var=unsupported
+ inherit_rpath=no
+ link_all_deplibs=unknown
+ module_cmds=
+ module_expsym_cmds=
+ old_archive_from_new_cmds=
+ old_archive_from_expsyms_cmds=
+ thread_safe_flag_spec=
+ whole_archive_flag_spec=
+ # include_expsyms should be a list of space-separated symbols to be *always*
+ # included in the symbol list
+ include_expsyms=
+ # exclude_expsyms can be an extended regexp of symbols to exclude
+ # it will be wrapped by ' (' and ')$', so one must not match beginning or
+ # end of line. Example: 'a|bc|.*d.*' will exclude the symbols 'a' and 'bc',
+ # as well as any symbol that contains 'd'.
+ exclude_expsyms='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'
+ # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+ # platforms (ab)use it in PIC code, but their linkers get confused if
+ # the symbol is explicitly referenced. Since portable code cannot
+ # rely on this symbol name, it's probably fine to never include it in
+ # preloaded symbol tables.
+ # Exclude shared library initialization/finalization symbols.
+ extract_expsyms_cmds=
+
+ case $host_os in
+ cygwin* | mingw* | pw32* | cegcc*)
+ # FIXME: the MSVC++ and ICC port hasn't been tested in a loooong time
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++ or Intel C++ Compiler.
+ if test yes != "$GCC"; then
+ with_gnu_ld=no
+ fi
+ ;;
+ interix*)
+ # we just hope/assume this is gcc and not c89 (= MSVC++ or ICC)
+ with_gnu_ld=yes
+ ;;
+ openbsd* | bitrig*)
+ with_gnu_ld=no
+ ;;
+ linux* | k*bsd*-gnu | gnu*)
+ link_all_deplibs=no
+ ;;
+ esac
+
+ ld_shlibs=yes
+
+ # On some targets, GNU ld is compatible enough with the native linker
+ # that we're better off using the native interface for both.
+ lt_use_gnu_ld_interface=no
+ if test yes = "$with_gnu_ld"; then
+ case $host_os in
+ aix*)
+ # The AIX port of GNU ld has always aspired to compatibility
+ # with the native linker. However, as the warning in the GNU ld
+ # block says, versions before 2.19.5* couldn't really create working
+ # shared libraries, regardless of the interface used.
+ case `$LD -v 2>&1` in
+ *\ \(GNU\ Binutils\)\ 2.19.5*) ;;
+ *\ \(GNU\ Binutils\)\ 2.[2-9]*) ;;
+ *\ \(GNU\ Binutils\)\ [3-9]*) ;;
+ *)
+ lt_use_gnu_ld_interface=yes
+ ;;
+ esac
+ ;;
+ *)
+ lt_use_gnu_ld_interface=yes
+ ;;
+ esac
+ fi
+
+ if test yes = "$lt_use_gnu_ld_interface"; then
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ wlarc='$wl'
+
+ # Set some defaults for GNU ld with shared library support. These
+ # are reset later if shared libraries are not supported. Putting them
+ # here allows them to be overridden if necessary.
+ runpath_var=LD_RUN_PATH
+ hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
+ export_dynamic_flag_spec='$wl--export-dynamic'
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then
+ whole_archive_flag_spec=$wlarc'--whole-archive$convenience '$wlarc'--no-whole-archive'
+ else
+ whole_archive_flag_spec=
+ fi
+ supports_anon_versioning=no
+ case `$LD -v | $SED -e 's/([^)]\+)\s\+//' 2>&1` in
+ *GNU\ gold*) supports_anon_versioning=yes ;;
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11
+ *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
+ *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
+ *\ 2.11.*) ;; # other 2.11 versions
+ *) supports_anon_versioning=yes ;;
+ esac
+
+ # See if GNU ld supports shared libraries.
+ case $host_os in
+ aix[3-9]*)
+ # On AIX/PPC, the GNU linker is very broken
+ if test ia64 != "$host_cpu"; then
+ ld_shlibs=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.19, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support. If you
+*** really care for shared libraries, you may want to install binutils
+*** 2.20 or above, or modify your PATH so that a non-GNU linker is found.
+*** You will then need to restart the configuration process.
+
+_LT_EOF
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ archive_expsym_cmds=''
+ ;;
+ m68k)
+ archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ ;;
+ esac
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ allow_undefined_flag=unsupported
+ # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ archive_cmds='$CC -nostart $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ cygwin* | mingw* | pw32* | cegcc*)
+ # _LT_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless,
+ # as there is no search path for DLLs.
+ hardcode_libdir_flag_spec='-L$libdir'
+ export_dynamic_flag_spec='$wl--export-all-symbols'
+ allow_undefined_flag=unsupported
+ always_export_symbols=no
+ enable_shared_with_static_runtimes=yes
+ export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols'
+ exclude_expsyms='[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'
+
+ if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname $wl--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file, use it as
+ # is; otherwise, prepend EXPORTS...
+ archive_expsym_cmds='if test DEF = "`$SED -n -e '\''s/^[ ]*//'\'' -e '\''/^\(;.*\)*$/d'\'' -e '\''s/^\(EXPORTS\|LIBRARY\)\([ ].*\)*$/DEF/p'\'' -e q $export_symbols`" ; then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname $wl--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ haiku*)
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ link_all_deplibs=yes
+ ;;
+
+ os2*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ allow_undefined_flag=unsupported
+ shrext_cmds=.dll
+ archive_cmds='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~
+ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~
+ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~
+ $ECHO EXPORTS >> $output_objdir/$libname.def~
+ emxexp $libobjs | $SED /"_DLL_InitTerm"/d >> $output_objdir/$libname.def~
+ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~
+ emximp -o $lib $output_objdir/$libname.def'
+ archive_expsym_cmds='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~
+ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~
+ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~
+ $ECHO EXPORTS >> $output_objdir/$libname.def~
+ prefix_cmds="$SED"~
+ if test EXPORTS = "`$SED 1q $export_symbols`"; then
+ prefix_cmds="$prefix_cmds -e 1d";
+ fi~
+ prefix_cmds="$prefix_cmds -e \"s/^\(.*\)$/_\1/g\""~
+ cat $export_symbols | $prefix_cmds >> $output_objdir/$libname.def~
+ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~
+ emximp -o $lib $output_objdir/$libname.def'
+ old_archive_From_new_cmds='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def'
+ enable_shared_with_static_runtimes=yes
+ file_list_spec='@'
+ ;;
+
+ interix[3-9]*)
+ hardcode_direct=no
+ hardcode_shlibpath_var=no
+ hardcode_libdir_flag_spec='$wl-rpath,$libdir'
+ export_dynamic_flag_spec='$wl-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ archive_expsym_cmds='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+
+ gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu)
+ tmp_diet=no
+ if test linux-dietlibc = "$host_os"; then
+ case $cc_basename in
+ diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn)
+ esac
+ fi
+ if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \
+ && test no = "$tmp_diet"
+ then
+ tmp_addflag=' $pic_flag'
+ tmp_sharedflag='-shared'
+ case $cc_basename,$host_cpu in
+ pgcc*) # Portland Group C compiler
+ whole_archive_flag_spec='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
+ tmp_addflag=' $pic_flag'
+ ;;
+ pgf77* | pgf90* | pgf95* | pgfortran*)
+ # Portland Group f77 and f90 compilers
+ whole_archive_flag_spec='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
+ tmp_addflag=' $pic_flag -Mnomain' ;;
+ ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64
+ tmp_addflag=' -i_dynamic' ;;
+ efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64
+ tmp_addflag=' -i_dynamic -nofor_main' ;;
+ ifc* | ifort*) # Intel Fortran compiler
+ tmp_addflag=' -nofor_main' ;;
+ lf95*) # Lahey Fortran 8.1
+ whole_archive_flag_spec=
+ tmp_sharedflag='--shared' ;;
+ nagfor*) # NAGFOR 5.3
+ tmp_sharedflag='-Wl,-shared' ;;
+ xl[cC]* | bgxl[cC]* | mpixl[cC]*) # IBM XL C 8.0 on PPC (deal with xlf below)
+ tmp_sharedflag='-qmkshrobj'
+ tmp_addflag= ;;
+ nvcc*) # Cuda Compiler Driver 2.2
+ whole_archive_flag_spec='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
+ compiler_needs_object=yes
+ ;;
+ esac
+ case `$CC -V 2>&1 | $SED 5q` in
+ *Sun\ C*) # Sun C 5.9
+ whole_archive_flag_spec='$wl--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
+ compiler_needs_object=yes
+ tmp_sharedflag='-G' ;;
+ *Sun\ F*) # Sun Fortran 8.3
+ tmp_sharedflag='-G' ;;
+ esac
+ archive_cmds='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+
+ if test yes = "$supports_anon_versioning"; then
+ archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ echo "local: *; };" >> $output_objdir/$libname.ver~
+ $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib'
+ fi
+
+ case $cc_basename in
+ tcc*)
+ hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
+ export_dynamic_flag_spec='-rdynamic'
+ ;;
+ xlf* | bgf* | bgxlf* | mpixlf*)
+ # IBM XL Fortran 10.1 on PPC cannot create shared libs itself
+ whole_archive_flag_spec='--whole-archive$convenience --no-whole-archive'
+ hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
+ archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib'
+ if test yes = "$supports_anon_versioning"; then
+ archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ echo "local: *; };" >> $output_objdir/$libname.ver~
+ $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
+ fi
+ ;;
+ esac
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ netbsd* | netbsdelf*-gnu)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
+ wlarc=
+ else
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ fi
+ ;;
+
+ solaris*)
+ if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then
+ ld_shlibs=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+ case `$LD -v 2>&1` in
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*)
+ ld_shlibs=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 cannot
+*** reliably create shared libraries on SCO systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.16.91.0.3 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ ;;
+ *)
+ # For security reasons, it is highly recommended that you always
+ # use absolute paths for naming shared libraries, and exclude the
+ # DT_RUNPATH tag from executables and libraries. But doing so
+ # requires that you compile everything twice, which is a pain.
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ esac
+ ;;
+
+ sunos4*)
+ archive_cmds='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ wlarc=
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ *)
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ esac
+
+ if test no = "$ld_shlibs"; then
+ runpath_var=
+ hardcode_libdir_flag_spec=
+ export_dynamic_flag_spec=
+ whole_archive_flag_spec=
+ fi
+ else
+ # PORTME fill in a description of your system's linker (not GNU ld)
+ case $host_os in
+ aix3*)
+ allow_undefined_flag=unsupported
+ always_export_symbols=yes
+ archive_expsym_cmds='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
+ # Note: this linker hardcodes the directories in LIBPATH if there
+ # are no directories specified by -L.
+ hardcode_minus_L=yes
+ if test yes = "$GCC" && test -z "$lt_prog_compiler_static"; then
+ # Neither direct hardcoding nor static linking is supported with a
+ # broken collect2.
+ hardcode_direct=unsupported
+ fi
+ ;;
+
+ aix[4-9]*)
+ if test ia64 = "$host_cpu"; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=
+ else
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to GNU nm, but means don't demangle to AIX nm.
+ # Without the "-l" option, or with the "-B" option, AIX nm treats
+ # weak defined symbols like other global defined symbols, whereas
+ # GNU nm marks them as "W".
+ # While the 'weak' keyword is ignored in the Export File, we need
+ # it in the Import File for the 'aix-soname' feature, so we have
+ # to replace the "-B" option with "-P" for AIX nm.
+ if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
+ export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols'
+ else
+ export_symbols_cmds='`func_echo_all $NM | $SED -e '\''s/B\([^B]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && (substr(\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols'
+ fi
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # have runtime linking enabled, and use it for executables.
+ # For shared libraries, we enable/disable runtime linking
+ # depending on the kind of the shared library created -
+ # when "with_aix_soname,aix_use_runtimelinking" is:
+ # "aix,no" lib.a(lib.so.V) shared, rtl:no, for executables
+ # "aix,yes" lib.so shared, rtl:yes, for executables
+ # lib.a static archive
+ # "both,no" lib.so.V(shr.o) shared, rtl:yes
+ # lib.a(lib.so.V) shared, rtl:no, for executables
+ # "both,yes" lib.so.V(shr.o) shared, rtl:yes, for executables
+ # lib.a(lib.so.V) shared, rtl:no
+ # "svr4,*" lib.so.V(shr.o) shared, rtl:yes, for executables
+ # lib.a static archive
+ case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*)
+ for ld_flag in $LDFLAGS; do
+ if (test x-brtl = "x$ld_flag" || test x-Wl,-brtl = "x$ld_flag"); then
+ aix_use_runtimelinking=yes
+ break
+ fi
+ done
+ if test svr4,no = "$with_aix_soname,$aix_use_runtimelinking"; then
+ # With aix-soname=svr4, we create the lib.so.V shared archives only,
+ # so we don't have lib.a shared libs to link our executables.
+ # We have to force runtime linking in this case.
+ aix_use_runtimelinking=yes
+ LDFLAGS="$LDFLAGS -Wl,-brtl"
+ fi
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ archive_cmds=''
+ hardcode_direct=yes
+ hardcode_direct_absolute=yes
+ hardcode_libdir_separator=':'
+ link_all_deplibs=yes
+ file_list_spec='$wl-f,'
+ case $with_aix_soname,$aix_use_runtimelinking in
+ aix,*) ;; # traditional, no import file
+ svr4,* | *,yes) # use import file
+ # The Import File defines what to hardcode.
+ hardcode_direct=no
+ hardcode_direct_absolute=no
+ ;;
+ esac
+
+ if test yes = "$GCC"; then
+ case $host_os in aix4.[012]|aix4.[012].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`$CC -print-prog-name=collect2`
+ if test -f "$collect2name" &&
+ strings "$collect2name" | $GREP resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ :
+ else
+ # We have old collect2
+ hardcode_direct=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ hardcode_minus_L=yes
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_libdir_separator=
+ fi
+ ;;
+ esac
+ shared_flag='-shared'
+ if test yes = "$aix_use_runtimelinking"; then
+ shared_flag="$shared_flag "'$wl-G'
+ fi
+ # Need to ensure runtime linking is disabled for the traditional
+ # shared library, or the linker may eventually find shared libraries
+ # /with/ Import File - we do not want to mix them.
+ shared_flag_aix='-shared'
+ shared_flag_svr4='-shared $wl-G'
+ else
+ # not using gcc
+ if test ia64 = "$host_cpu"; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test yes = "$aix_use_runtimelinking"; then
+ shared_flag='$wl-G'
+ else
+ shared_flag='$wl-bM:SRE'
+ fi
+ shared_flag_aix='$wl-bM:SRE'
+ shared_flag_svr4='$wl-G'
+ fi
+ fi
+
+ export_dynamic_flag_spec='$wl-bexpall'
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to export.
+ always_export_symbols=yes
+ if test aix,yes = "$with_aix_soname,$aix_use_runtimelinking"; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ allow_undefined_flag='-berok'
+ # Determine the default libpath from the value encoded in an
+ # empty executable.
+ if test set = "${lt_cv_aix_libpath+set}"; then
+ aix_libpath=$lt_cv_aix_libpath
+else
+ if test ${lt_cv_aix_libpath_+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ lt_aix_libpath_sed='
+ /Import File Strings/,/^$/ {
+ /^0/ {
+ s/^0 *\([^ ]*\) *$/\1/
+ p
+ }
+ }'
+ lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+ # Check for a 64-bit object if we didn't find anything.
+ if test -z "$lt_cv_aix_libpath_"; then
+ lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+ fi
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ if test -z "$lt_cv_aix_libpath_"; then
+ lt_cv_aix_libpath_=/usr/lib:/lib
+ fi
+
+fi
+
+ aix_libpath=$lt_cv_aix_libpath_
+fi
+
+ hardcode_libdir_flag_spec='$wl-blibpath:$libdir:'"$aix_libpath"
+ archive_expsym_cmds='$CC -o $output_objdir/$soname $libobjs $deplibs $wl'$no_entry_flag' $compiler_flags `if test -n "$allow_undefined_flag"; then func_echo_all "$wl$allow_undefined_flag"; else :; fi` $wl'$exp_sym_flag:\$export_symbols' '$shared_flag
+ else
+ if test ia64 = "$host_cpu"; then
+ hardcode_libdir_flag_spec='$wl-R $libdir:/usr/lib:/lib'
+ allow_undefined_flag="-z nodefs"
+ archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\$wl$no_entry_flag"' $compiler_flags $wl$allow_undefined_flag '"\$wl$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an
+ # empty executable.
+ if test set = "${lt_cv_aix_libpath+set}"; then
+ aix_libpath=$lt_cv_aix_libpath
+else
+ if test ${lt_cv_aix_libpath_+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ lt_aix_libpath_sed='
+ /Import File Strings/,/^$/ {
+ /^0/ {
+ s/^0 *\([^ ]*\) *$/\1/
+ p
+ }
+ }'
+ lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+ # Check for a 64-bit object if we didn't find anything.
+ if test -z "$lt_cv_aix_libpath_"; then
+ lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+ fi
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ if test -z "$lt_cv_aix_libpath_"; then
+ lt_cv_aix_libpath_=/usr/lib:/lib
+ fi
+
+fi
+
+ aix_libpath=$lt_cv_aix_libpath_
+fi
+
+ hardcode_libdir_flag_spec='$wl-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ no_undefined_flag=' $wl-bernotok'
+ allow_undefined_flag=' $wl-berok'
+ if test yes = "$with_gnu_ld"; then
+ # We only use this code for GNU lds that support --whole-archive.
+ whole_archive_flag_spec='$wl--whole-archive$convenience $wl--no-whole-archive'
+ else
+ # Exported symbols can be pulled into shared objects from archives
+ whole_archive_flag_spec='$convenience'
+ fi
+ archive_cmds_need_lc=yes
+ archive_expsym_cmds='$RM -r $output_objdir/$realname.d~$MKDIR $output_objdir/$realname.d'
+ # -brtl affects multiple linker settings, -berok does not and is overridden later
+ compiler_flags_filtered='`func_echo_all "$compiler_flags " | $SED -e "s%-brtl\\([, ]\\)%-berok\\1%g"`'
+ if test svr4 != "$with_aix_soname"; then
+ # This is similar to how AIX traditionally builds its shared libraries.
+ archive_expsym_cmds="$archive_expsym_cmds"'~$CC '$shared_flag_aix' -o $output_objdir/$realname.d/$soname $libobjs $deplibs $wl-bnoentry '$compiler_flags_filtered'$wl-bE:$export_symbols$allow_undefined_flag~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$realname.d/$soname'
+ fi
+ if test aix != "$with_aix_soname"; then
+ archive_expsym_cmds="$archive_expsym_cmds"'~$CC '$shared_flag_svr4' -o $output_objdir/$realname.d/$shared_archive_member_spec.o $libobjs $deplibs $wl-bnoentry '$compiler_flags_filtered'$wl-bE:$export_symbols$allow_undefined_flag~$STRIP -e $output_objdir/$realname.d/$shared_archive_member_spec.o~( func_echo_all "#! $soname($shared_archive_member_spec.o)"; if test shr_64 = "$shared_archive_member_spec"; then func_echo_all "# 64"; else func_echo_all "# 32"; fi; cat $export_symbols ) > $output_objdir/$realname.d/$shared_archive_member_spec.imp~$AR $AR_FLAGS $output_objdir/$soname $output_objdir/$realname.d/$shared_archive_member_spec.o $output_objdir/$realname.d/$shared_archive_member_spec.imp'
+ else
+ # used by -dlpreopen to get the symbols
+ archive_expsym_cmds="$archive_expsym_cmds"'~$MV $output_objdir/$realname.d/$soname $output_objdir'
+ fi
+ archive_expsym_cmds="$archive_expsym_cmds"'~$RM -r $output_objdir/$realname.d'
+ fi
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ archive_expsym_cmds=''
+ ;;
+ m68k)
+ archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ ;;
+ esac
+ ;;
+
+ bsdi[45]*)
+ export_dynamic_flag_spec=-rdynamic
+ ;;
+
+ cygwin* | mingw* | pw32* | cegcc*)
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++ or Intel C++ Compiler.
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ case $cc_basename in
+ cl* | icl*)
+ # Native MSVC or ICC
+ hardcode_libdir_flag_spec=' '
+ allow_undefined_flag=unsupported
+ always_export_symbols=yes
+ file_list_spec='@'
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=.dll
+ # FIXME: Setting linknames here is a bad hack.
+ archive_cmds='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~linknames='
+ archive_expsym_cmds='if test DEF = "`$SED -n -e '\''s/^[ ]*//'\'' -e '\''/^\(;.*\)*$/d'\'' -e '\''s/^\(EXPORTS\|LIBRARY\)\([ ].*\)*$/DEF/p'\'' -e q $export_symbols`" ; then
+ cp "$export_symbols" "$output_objdir/$soname.def";
+ echo "$tool_output_objdir$soname.def" > "$output_objdir/$soname.exp";
+ else
+ $SED -e '\''s/^/-link -EXPORT:/'\'' < $export_symbols > $output_objdir/$soname.exp;
+ fi~
+ $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+ linknames='
+ # The linker will not automatically build a static lib if we build a DLL.
+ # _LT_TAGVAR(old_archive_from_new_cmds, )='true'
+ enable_shared_with_static_runtimes=yes
+ exclude_expsyms='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+ export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1,DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols'
+ # Don't use ranlib
+ old_postinstall_cmds='chmod 644 $oldlib'
+ postlink_cmds='lt_outputfile="@OUTPUT@"~
+ lt_tool_outputfile="@TOOL_OUTPUT@"~
+ case $lt_outputfile in
+ *.exe|*.EXE) ;;
+ *)
+ lt_outputfile=$lt_outputfile.exe
+ lt_tool_outputfile=$lt_tool_outputfile.exe
+ ;;
+ esac~
+ if test : != "$MANIFEST_TOOL" && test -f "$lt_outputfile.manifest"; then
+ $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+ $RM "$lt_outputfile.manifest";
+ fi'
+ ;;
+ *)
+ # Assume MSVC and ICC wrapper
+ hardcode_libdir_flag_spec=' '
+ allow_undefined_flag=unsupported
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=.dll
+ # FIXME: Setting linknames here is a bad hack.
+ archive_cmds='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames='
+ # The linker will automatically build a .lib file if we build a DLL.
+ old_archive_from_new_cmds='true'
+ # FIXME: Should let the user specify the lib program.
+ old_archive_cmds='lib -OUT:$oldlib$oldobjs$old_deplibs'
+ enable_shared_with_static_runtimes=yes
+ ;;
+ esac
+ ;;
+
+ darwin* | rhapsody*)
+
+
+ archive_cmds_need_lc=no
+ hardcode_direct=no
+ hardcode_automatic=yes
+ hardcode_shlibpath_var=unsupported
+ if test yes = "$lt_cv_ld_force_load"; then
+ whole_archive_flag_spec='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience $wl-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`'
+
+ else
+ whole_archive_flag_spec=''
+ fi
+ link_all_deplibs=yes
+ allow_undefined_flag=$_lt_dar_allow_undefined
+ case $cc_basename in
+ ifort*|nagfor*) _lt_dar_can_shared=yes ;;
+ *) _lt_dar_can_shared=$GCC ;;
+ esac
+ if test yes = "$_lt_dar_can_shared"; then
+ output_verbose_link_cmd=func_echo_all
+ archive_cmds="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dsymutil"
+ module_cmds="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dsymutil"
+ archive_expsym_cmds="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil"
+ module_expsym_cmds="$SED -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil"
+
+ else
+ ld_shlibs=no
+ fi
+
+ ;;
+
+ dgux*)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_shlibpath_var=no
+ ;;
+
+ # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+ # support. Future versions do this automatically, but an explicit c++rt0.o
+ # does not break anything, and helps significantly (at the cost of a little
+ # extra space).
+ freebsd2.2*)
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+ freebsd2.*)
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=yes
+ hardcode_minus_L=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+ freebsd* | dragonfly* | midnightbsd*)
+ archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ hpux9*)
+ if test yes = "$GCC"; then
+ archive_cmds='$RM $output_objdir/$soname~$CC -shared $pic_flag $wl+b $wl$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib'
+ else
+ archive_cmds='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib'
+ fi
+ hardcode_libdir_flag_spec='$wl+b $wl$libdir'
+ hardcode_libdir_separator=:
+ hardcode_direct=yes
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ export_dynamic_flag_spec='$wl-E'
+ ;;
+
+ hpux10*)
+ if test yes,no = "$GCC,$with_gnu_ld"; then
+ archive_cmds='$CC -shared $pic_flag $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ if test no = "$with_gnu_ld"; then
+ hardcode_libdir_flag_spec='$wl+b $wl$libdir'
+ hardcode_libdir_separator=:
+ hardcode_direct=yes
+ hardcode_direct_absolute=yes
+ export_dynamic_flag_spec='$wl-E'
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ fi
+ ;;
+
+ hpux11*)
+ if test yes,no = "$GCC,$with_gnu_ld"; then
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds='$CC -shared $wl+h $wl$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds='$CC -shared $pic_flag $wl+h $wl$soname $wl+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ archive_cmds='$CC -shared $pic_flag $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ else
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds='$CC -b $wl+h $wl$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds='$CC -b $wl+h $wl$soname $wl+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+
+ # Older versions of the 11.00 compiler do not understand -b yet
+ # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does)
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC understands -b" >&5
+printf %s "checking if $CC understands -b... " >&6; }
+if test ${lt_cv_prog_compiler__b+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_prog_compiler__b=no
+ save_LDFLAGS=$LDFLAGS
+ LDFLAGS="$LDFLAGS -b"
+ echo "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&5
+ $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler__b=yes
+ fi
+ else
+ lt_cv_prog_compiler__b=yes
+ fi
+ fi
+ $RM -r conftest*
+ LDFLAGS=$save_LDFLAGS
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler__b" >&5
+printf "%s\n" "$lt_cv_prog_compiler__b" >&6; }
+
+if test yes = "$lt_cv_prog_compiler__b"; then
+ archive_cmds='$CC -b $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+else
+ archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+fi
+
+ ;;
+ esac
+ fi
+ if test no = "$with_gnu_ld"; then
+ hardcode_libdir_flag_spec='$wl+b $wl$libdir'
+ hardcode_libdir_separator=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ hardcode_direct=no
+ hardcode_shlibpath_var=no
+ ;;
+ *)
+ hardcode_direct=yes
+ hardcode_direct_absolute=yes
+ export_dynamic_flag_spec='$wl-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ ;;
+ esac
+ fi
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ if test yes = "$GCC"; then
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib'
+ # Try to use the -exported_symbol ld option, if it does not
+ # work, assume that -exports_file does not work either and
+ # implicitly export all symbols.
+ # This should be the same for all languages, so no per-tag cache variable.
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the $host_os linker accepts -exported_symbol" >&5
+printf %s "checking whether the $host_os linker accepts -exported_symbol... " >&6; }
+if test ${lt_cv_irix_exported_symbol+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ save_LDFLAGS=$LDFLAGS
+ LDFLAGS="$LDFLAGS -shared $wl-exported_symbol ${wl}foo $wl-update_registry $wl/dev/null"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+int foo (void) { return 0; }
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ lt_cv_irix_exported_symbol=yes
+else $as_nop
+ lt_cv_irix_exported_symbol=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ LDFLAGS=$save_LDFLAGS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5
+printf "%s\n" "$lt_cv_irix_exported_symbol" >&6; }
+ if test yes = "$lt_cv_irix_exported_symbol"; then
+ archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations $wl-exports_file $wl$export_symbols -o $lib'
+ fi
+ link_all_deplibs=no
+ else
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
+ archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -exports_file $export_symbols -o $lib'
+ fi
+ archive_cmds_need_lc='no'
+ hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
+ hardcode_libdir_separator=:
+ inherit_rpath=yes
+ link_all_deplibs=yes
+ ;;
+
+ linux*)
+ case $cc_basename in
+ tcc*)
+ # Fabrice Bellard et al's Tiny C Compiler
+ ld_shlibs=yes
+ archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
+ ;;
+ esac
+ ;;
+
+ netbsd* | netbsdelf*-gnu)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
+ else
+ archive_cmds='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF
+ fi
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ newsos6)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=yes
+ hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
+ hardcode_libdir_separator=:
+ hardcode_shlibpath_var=no
+ ;;
+
+ *nto* | *qnx*)
+ ;;
+
+ openbsd* | bitrig*)
+ if test -f /usr/libexec/ld.so; then
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ hardcode_direct_absolute=yes
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`"; then
+ archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags $wl-retain-symbols-file,$export_symbols'
+ hardcode_libdir_flag_spec='$wl-rpath,$libdir'
+ export_dynamic_flag_spec='$wl-E'
+ else
+ archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec='$wl-rpath,$libdir'
+ fi
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ os2*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ allow_undefined_flag=unsupported
+ shrext_cmds=.dll
+ archive_cmds='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~
+ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~
+ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~
+ $ECHO EXPORTS >> $output_objdir/$libname.def~
+ emxexp $libobjs | $SED /"_DLL_InitTerm"/d >> $output_objdir/$libname.def~
+ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~
+ emximp -o $lib $output_objdir/$libname.def'
+ archive_expsym_cmds='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~
+ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~
+ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~
+ $ECHO EXPORTS >> $output_objdir/$libname.def~
+ prefix_cmds="$SED"~
+ if test EXPORTS = "`$SED 1q $export_symbols`"; then
+ prefix_cmds="$prefix_cmds -e 1d";
+ fi~
+ prefix_cmds="$prefix_cmds -e \"s/^\(.*\)$/_\1/g\""~
+ cat $export_symbols | $prefix_cmds >> $output_objdir/$libname.def~
+ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~
+ emximp -o $lib $output_objdir/$libname.def'
+ old_archive_From_new_cmds='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def'
+ enable_shared_with_static_runtimes=yes
+ file_list_spec='@'
+ ;;
+
+ osf3*)
+ if test yes = "$GCC"; then
+ allow_undefined_flag=' $wl-expect_unresolved $wl\*'
+ archive_cmds='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib'
+ else
+ allow_undefined_flag=' -expect_unresolved \*'
+ archive_cmds='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
+ fi
+ archive_cmds_need_lc='no'
+ hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
+ hardcode_libdir_separator=:
+ ;;
+
+ osf4* | osf5*) # as osf3* with the addition of -msym flag
+ if test yes = "$GCC"; then
+ allow_undefined_flag=' $wl-expect_unresolved $wl\*'
+ archive_cmds='$CC -shared$allow_undefined_flag $pic_flag $libobjs $deplibs $compiler_flags $wl-msym $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib'
+ hardcode_libdir_flag_spec='$wl-rpath $wl$libdir'
+ else
+ allow_undefined_flag=' -expect_unresolved \*'
+ archive_cmds='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
+ archive_expsym_cmds='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~
+ $CC -shared$allow_undefined_flag $wl-input $wl$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib~$RM $lib.exp'
+
+ # Both c and cxx compiler support -rpath directly
+ hardcode_libdir_flag_spec='-rpath $libdir'
+ fi
+ archive_cmds_need_lc='no'
+ hardcode_libdir_separator=:
+ ;;
+
+ solaris*)
+ no_undefined_flag=' -z defs'
+ if test yes = "$GCC"; then
+ wlarc='$wl'
+ archive_cmds='$CC -shared $pic_flag $wl-z ${wl}text $wl-h $wl$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -shared $pic_flag $wl-z ${wl}text $wl-M $wl$lib.exp $wl-h $wl$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+ else
+ case `$CC -V 2>&1` in
+ *"Compilers 5.0"*)
+ wlarc=''
+ archive_cmds='$LD -G$allow_undefined_flag -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $LD -G$allow_undefined_flag -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp'
+ ;;
+ *)
+ wlarc='$wl'
+ archive_cmds='$CC -G$allow_undefined_flag -h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -G$allow_undefined_flag -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+ ;;
+ esac
+ fi
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_shlibpath_var=no
+ case $host_os in
+ solaris2.[0-5] | solaris2.[0-5].*) ;;
+ *)
+ # The compiler driver will combine and reorder linker options,
+ # but understands '-z linker_flag'. GCC discards it without '$wl',
+ # but is careful enough not to reorder.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ if test yes = "$GCC"; then
+ whole_archive_flag_spec='$wl-z ${wl}allextract$convenience $wl-z ${wl}defaultextract'
+ else
+ whole_archive_flag_spec='-z allextract$convenience -z defaultextract'
+ fi
+ ;;
+ esac
+ link_all_deplibs=yes
+ ;;
+
+ sunos4*)
+ if test sequent = "$host_vendor"; then
+ # Use $CC to link under sequent, because it throws in some extra .o
+ # files that make .init and .fini sections work.
+ archive_cmds='$CC -G $wl-h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_direct=yes
+ hardcode_minus_L=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ sysv4)
+ case $host_vendor in
+ sni)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=yes # is this really true???
+ ;;
+ siemens)
+ ## LD is ld it makes a PLAMLIB
+ ## CC just makes a GrossModule.
+ archive_cmds='$LD -G -o $lib $libobjs $deplibs $linker_flags'
+ reload_cmds='$CC -r -o $output$reload_objs'
+ hardcode_direct=no
+ ;;
+ motorola)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=no #Motorola manual says yes, but my tests say they lie
+ ;;
+ esac
+ runpath_var='LD_RUN_PATH'
+ hardcode_shlibpath_var=no
+ ;;
+
+ sysv4.3*)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_shlibpath_var=no
+ export_dynamic_flag_spec='-Bexport'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_shlibpath_var=no
+ runpath_var=LD_RUN_PATH
+ hardcode_runpath_var=yes
+ ld_shlibs=yes
+ fi
+ ;;
+
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*)
+ no_undefined_flag='$wl-z,text'
+ archive_cmds_need_lc=no
+ hardcode_shlibpath_var=no
+ runpath_var='LD_RUN_PATH'
+
+ if test yes = "$GCC"; then
+ archive_cmds='$CC -shared $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -shared $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$CC -G $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -G $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We CANNOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ no_undefined_flag='$wl-z,text'
+ allow_undefined_flag='$wl-z,nodefs'
+ archive_cmds_need_lc=no
+ hardcode_shlibpath_var=no
+ hardcode_libdir_flag_spec='$wl-R,$libdir'
+ hardcode_libdir_separator=':'
+ link_all_deplibs=yes
+ export_dynamic_flag_spec='$wl-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ if test yes = "$GCC"; then
+ archive_cmds='$CC -shared $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -shared $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$CC -G $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -G $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ uts4*)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_shlibpath_var=no
+ ;;
+
+ *)
+ ld_shlibs=no
+ ;;
+ esac
+
+ if test sni = "$host_vendor"; then
+ case $host in
+ sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
+ export_dynamic_flag_spec='$wl-Blargedynsym'
+ ;;
+ esac
+ fi
+ fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs" >&5
+printf "%s\n" "$ld_shlibs" >&6; }
+test no = "$ld_shlibs" && can_build_shared=no
+
+with_gnu_ld=$with_gnu_ld
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$archive_cmds_need_lc" in
+x|xyes)
+ # Assume -lc should be added
+ archive_cmds_need_lc=yes
+
+ if test yes,yes = "$GCC,$enable_shared"; then
+ case $archive_cmds in
+ *'~'*)
+ # FIXME: we may have to deal with multi-command sequences.
+ ;;
+ '$CC '*)
+ # Test whether the compiler implicitly links with -lc since on some
+ # systems, -lgcc has to come before -lc. If gcc already passes -lc
+ # to ld, don't add -lc before -lgcc.
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5
+printf %s "checking whether -lc should be explicitly linked in... " >&6; }
+if test ${lt_cv_archive_cmds_need_lc+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ $RM conftest*
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; } 2>conftest.err; then
+ soname=conftest
+ lib=conftest
+ libobjs=conftest.$ac_objext
+ deplibs=
+ wl=$lt_prog_compiler_wl
+ pic_flag=$lt_prog_compiler_pic
+ compiler_flags=-v
+ linker_flags=-v
+ verstring=
+ output_objdir=.
+ libname=conftest
+ lt_save_allow_undefined_flag=$allow_undefined_flag
+ allow_undefined_flag=
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5
+ (eval $archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+ then
+ lt_cv_archive_cmds_need_lc=no
+ else
+ lt_cv_archive_cmds_need_lc=yes
+ fi
+ allow_undefined_flag=$lt_save_allow_undefined_flag
+ else
+ cat conftest.err 1>&5
+ fi
+ $RM conftest*
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc" >&5
+printf "%s\n" "$lt_cv_archive_cmds_need_lc" >&6; }
+ archive_cmds_need_lc=$lt_cv_archive_cmds_need_lc
+ ;;
+ esac
+ fi
+ ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5
+printf %s "checking dynamic linker characteristics... " >&6; }
+
+if test yes = "$GCC"; then
+ case $host_os in
+ darwin*) lt_awk_arg='/^libraries:/,/LR/' ;;
+ *) lt_awk_arg='/^libraries:/' ;;
+ esac
+ case $host_os in
+ mingw* | cegcc*) lt_sed_strip_eq='s|=\([A-Za-z]:\)|\1|g' ;;
+ *) lt_sed_strip_eq='s|=/|/|g' ;;
+ esac
+ lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq`
+ case $lt_search_path_spec in
+ *\;*)
+ # if the path contains ";" then we assume it to be the separator
+ # otherwise default to the standard path separator (i.e. ":") - it is
+ # assumed that no part of a normal pathname contains ";" but that should
+ # okay in the real world where ";" in dirpaths is itself problematic.
+ lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'`
+ ;;
+ *)
+ lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"`
+ ;;
+ esac
+ # Ok, now we have the path, separated by spaces, we can step through it
+ # and add multilib dir if necessary...
+ lt_tmp_lt_search_path_spec=
+ lt_multi_os_dir=/`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null`
+ # ...but if some path component already ends with the multilib dir we assume
+ # that all is fine and trust -print-search-dirs as is (GCC 4.2? or newer).
+ case "$lt_multi_os_dir; $lt_search_path_spec " in
+ "/; "* | "/.; "* | "/./; "* | *"$lt_multi_os_dir "* | *"$lt_multi_os_dir/ "*)
+ lt_multi_os_dir=
+ ;;
+ esac
+ for lt_sys_path in $lt_search_path_spec; do
+ if test -d "$lt_sys_path$lt_multi_os_dir"; then
+ lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path$lt_multi_os_dir"
+ elif test -n "$lt_multi_os_dir"; then
+ test -d "$lt_sys_path" && \
+ lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
+ fi
+ done
+ lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk '
+BEGIN {RS = " "; FS = "/|\n";} {
+ lt_foo = "";
+ lt_count = 0;
+ for (lt_i = NF; lt_i > 0; lt_i--) {
+ if ($lt_i != "" && $lt_i != ".") {
+ if ($lt_i == "..") {
+ lt_count++;
+ } else {
+ if (lt_count == 0) {
+ lt_foo = "/" $lt_i lt_foo;
+ } else {
+ lt_count--;
+ }
+ }
+ }
+ }
+ if (lt_foo != "") { lt_freq[lt_foo]++; }
+ if (lt_freq[lt_foo] == 1) { print lt_foo; }
+}'`
+ # AWK program above erroneously prepends '/' to C:/dos/paths
+ # for these hosts.
+ case $host_os in
+ mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\
+ $SED 's|/\([A-Za-z]:\)|\1|g'` ;;
+ esac
+ sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP`
+else
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=.so
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+
+
+case $host_os in
+aix3*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname$release$shared_ext$versuffix $libname.a'
+ shlibpath_var=LIBPATH
+
+ # AIX 3 has no versioning support, so we append a major version to the name.
+ soname_spec='$libname$release$shared_ext$major'
+ ;;
+
+aix[4-9]*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ hardcode_into_libs=yes
+ if test ia64 = "$host_cpu"; then
+ # AIX 5 supports IA64
+ library_names_spec='$libname$release$shared_ext$major $libname$release$shared_ext$versuffix $libname$shared_ext'
+ shlibpath_var=LD_LIBRARY_PATH
+ else
+ # With GCC up to 2.95.x, collect2 would create an import file
+ # for dependence libraries. The import file would start with
+ # the line '#! .'. This would cause the generated library to
+ # depend on '.', always an invalid library. This was fixed in
+ # development snapshots of GCC prior to 3.0.
+ case $host_os in
+ aix4 | aix4.[01] | aix4.[01].*)
+ if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+ echo ' yes '
+ echo '#endif'; } | $CC -E - | $GREP yes > /dev/null; then
+ :
+ else
+ can_build_shared=no
+ fi
+ ;;
+ esac
+ # Using Import Files as archive members, it is possible to support
+ # filename-based versioning of shared library archives on AIX. While
+ # this would work for both with and without runtime linking, it will
+ # prevent static linking of such archives. So we do filename-based
+ # shared library versioning with .so extension only, which is used
+ # when both runtime linking and shared linking is enabled.
+ # Unfortunately, runtime linking may impact performance, so we do
+ # not want this to be the default eventually. Also, we use the
+ # versioned .so libs for executables only if there is the -brtl
+ # linker flag in LDFLAGS as well, or --with-aix-soname=svr4 only.
+ # To allow for filename-based versioning support, we need to create
+ # libNAME.so.V as an archive file, containing:
+ # *) an Import File, referring to the versioned filename of the
+ # archive as well as the shared archive member, telling the
+ # bitwidth (32 or 64) of that shared object, and providing the
+ # list of exported symbols of that shared object, eventually
+ # decorated with the 'weak' keyword
+ # *) the shared object with the F_LOADONLY flag set, to really avoid
+ # it being seen by the linker.
+ # At run time we better use the real file rather than another symlink,
+ # but for link time we create the symlink libNAME.so -> libNAME.so.V
+
+ case $with_aix_soname,$aix_use_runtimelinking in
+ # AIX (on Power*) has no versioning support, so currently we cannot hardcode correct
+ # soname into executable. Probably we can add versioning support to
+ # collect2, so additional links can be useful in future.
+ aix,yes) # traditional libtool
+ dynamic_linker='AIX unversionable lib.so'
+ # If using run time linking (on AIX 4.2 or later) use lib<name>.so
+ # instead of lib<name>.a to let people know that these are not
+ # typical AIX shared libraries.
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ ;;
+ aix,no) # traditional AIX only
+ dynamic_linker='AIX lib.a(lib.so.V)'
+ # We preserve .a as extension for shared libraries through AIX4.2
+ # and later when we are not doing run time linking.
+ library_names_spec='$libname$release.a $libname.a'
+ soname_spec='$libname$release$shared_ext$major'
+ ;;
+ svr4,*) # full svr4 only
+ dynamic_linker="AIX lib.so.V($shared_archive_member_spec.o)"
+ library_names_spec='$libname$release$shared_ext$major $libname$shared_ext'
+ # We do not specify a path in Import Files, so LIBPATH fires.
+ shlibpath_overrides_runpath=yes
+ ;;
+ *,yes) # both, prefer svr4
+ dynamic_linker="AIX lib.so.V($shared_archive_member_spec.o), lib.a(lib.so.V)"
+ library_names_spec='$libname$release$shared_ext$major $libname$shared_ext'
+ # unpreferred sharedlib libNAME.a needs extra handling
+ postinstall_cmds='test -n "$linkname" || linkname="$realname"~func_stripname "" ".so" "$linkname"~$install_shared_prog "$dir/$func_stripname_result.$libext" "$destdir/$func_stripname_result.$libext"~test -z "$tstripme" || test -z "$striplib" || $striplib "$destdir/$func_stripname_result.$libext"'
+ postuninstall_cmds='for n in $library_names $old_library; do :; done~func_stripname "" ".so" "$n"~test "$func_stripname_result" = "$n" || func_append rmfiles " $odir/$func_stripname_result.$libext"'
+ # We do not specify a path in Import Files, so LIBPATH fires.
+ shlibpath_overrides_runpath=yes
+ ;;
+ *,no) # both, prefer aix
+ dynamic_linker="AIX lib.a(lib.so.V), lib.so.V($shared_archive_member_spec.o)"
+ library_names_spec='$libname$release.a $libname.a'
+ soname_spec='$libname$release$shared_ext$major'
+ # unpreferred sharedlib libNAME.so.V and symlink libNAME.so need extra handling
+ postinstall_cmds='test -z "$dlname" || $install_shared_prog $dir/$dlname $destdir/$dlname~test -z "$tstripme" || test -z "$striplib" || $striplib $destdir/$dlname~test -n "$linkname" || linkname=$realname~func_stripname "" ".a" "$linkname"~(cd "$destdir" && $LN_S -f $dlname $func_stripname_result.so)'
+ postuninstall_cmds='test -z "$dlname" || func_append rmfiles " $odir/$dlname"~for n in $old_library $library_names; do :; done~func_stripname "" ".a" "$n"~func_append rmfiles " $odir/$func_stripname_result.so"'
+ ;;
+ esac
+ shlibpath_var=LIBPATH
+ fi
+ ;;
+
+amigaos*)
+ case $host_cpu in
+ powerpc)
+ # Since July 2007 AmigaOS4 officially supports .so libraries.
+ # When compiling the executable, add -use-dynld -Lsobjs: to the compileline.
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ ;;
+ m68k)
+ library_names_spec='$libname.ixlibrary $libname.a'
+ # Create ${libname}_ixlibrary.a entries in /sys/libs.
+ finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+ ;;
+ esac
+ ;;
+
+beos*)
+ library_names_spec='$libname$shared_ext'
+ dynamic_linker="$host_os ld.so"
+ shlibpath_var=LIBRARY_PATH
+ ;;
+
+bsdi[45]*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+ # the default ld.so.conf also contains /usr/contrib/lib and
+ # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+ # libtool to hard-code these into programs
+ ;;
+
+cygwin* | mingw* | pw32* | cegcc*)
+ version_type=windows
+ shrext_cmds=.dll
+ need_version=no
+ need_lib_prefix=no
+
+ case $GCC,$cc_basename in
+ yes,*)
+ # gcc
+ library_names_spec='$libname.dll.a'
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \$file`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\$base_file'\''i; echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname~
+ if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then
+ eval '\''$striplib \$dldir/$dlname'\'' || exit \$?;
+ fi'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $RM \$dlpath'
+ shlibpath_overrides_runpath=yes
+
+ case $host_os in
+ cygwin*)
+ # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+ soname_spec='`echo $libname | $SED -e 's/^lib/cyg/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext'
+
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"
+ ;;
+ mingw* | cegcc*)
+ # MinGW DLLs use traditional 'lib' prefix
+ soname_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext'
+ ;;
+ pw32*)
+ # pw32 DLLs use 'pw' prefix rather than 'lib'
+ library_names_spec='`echo $libname | $SED -e 's/^lib/pw/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext'
+ ;;
+ esac
+ dynamic_linker='Win32 ld.exe'
+ ;;
+
+ *,cl* | *,icl*)
+ # Native MSVC or ICC
+ libname_spec='$name'
+ soname_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext'
+ library_names_spec='$libname.dll.lib'
+
+ case $build_os in
+ mingw*)
+ sys_lib_search_path_spec=
+ lt_save_ifs=$IFS
+ IFS=';'
+ for lt_path in $LIB
+ do
+ IFS=$lt_save_ifs
+ # Let DOS variable expansion print the short 8.3 style file name.
+ lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"`
+ sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path"
+ done
+ IFS=$lt_save_ifs
+ # Convert to MSYS style.
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'`
+ ;;
+ cygwin*)
+ # Convert to unix form, then to dos form, then back to unix form
+ # but this time dos style (no spaces!) so that the unix form looks
+ # like /cygdrive/c/PROGRA~1:/cygdr...
+ sys_lib_search_path_spec=`cygpath --path --unix "$LIB"`
+ sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null`
+ sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ ;;
+ *)
+ sys_lib_search_path_spec=$LIB
+ if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then
+ # It is most probably a Windows format PATH.
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+ # FIXME: find the short name or the path components, as spaces are
+ # common. (e.g. "Program Files" -> "PROGRA~1")
+ ;;
+ esac
+
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \$file`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\$base_file'\''i; echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $RM \$dlpath'
+ shlibpath_overrides_runpath=yes
+ dynamic_linker='Win32 link.exe'
+ ;;
+
+ *)
+ # Assume MSVC and ICC wrapper
+ library_names_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext $libname.lib'
+ dynamic_linker='Win32 ld.exe'
+ ;;
+ esac
+ # FIXME: first we should search . and the directory the executable is in
+ shlibpath_var=PATH
+ ;;
+
+darwin* | rhapsody*)
+ dynamic_linker="$host_os dyld"
+ version_type=darwin
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$major$shared_ext $libname$shared_ext'
+ soname_spec='$libname$release$major$shared_ext'
+ shlibpath_overrides_runpath=yes
+ shlibpath_var=DYLD_LIBRARY_PATH
+ shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"
+ sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+ ;;
+
+dgux*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+freebsd* | dragonfly* | midnightbsd*)
+ # DragonFly does not have aout. When/if they implement a new
+ # versioning mechanism, adjust this.
+ if test -x /usr/bin/objformat; then
+ objformat=`/usr/bin/objformat`
+ else
+ case $host_os in
+ freebsd[23].*) objformat=aout ;;
+ *) objformat=elf ;;
+ esac
+ fi
+ version_type=freebsd-$objformat
+ case $version_type in
+ freebsd-elf*)
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ need_version=no
+ need_lib_prefix=no
+ ;;
+ freebsd-*)
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix'
+ need_version=yes
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_os in
+ freebsd2.*)
+ shlibpath_overrides_runpath=yes
+ ;;
+ freebsd3.[01]* | freebsdelf3.[01]*)
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
+ freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+ *) # from 4.6 on, and DragonFly
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ esac
+ ;;
+
+haiku*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ dynamic_linker="$host_os runtime_loader"
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
+ hardcode_into_libs=yes
+ ;;
+
+hpux9* | hpux10* | hpux11*)
+ # Give a soname corresponding to the major version so that dld.sl refuses to
+ # link against other versions.
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ case $host_cpu in
+ ia64*)
+ shrext_cmds='.so'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.so"
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ if test 32 = "$HPUX_IA64_MODE"; then
+ sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+ sys_lib_dlsearch_path_spec=/usr/lib/hpux32
+ else
+ sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+ sys_lib_dlsearch_path_spec=/usr/lib/hpux64
+ fi
+ ;;
+ hppa*64*)
+ shrext_cmds='.sl'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ *)
+ shrext_cmds='.sl'
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=SHLIB_PATH
+ shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ ;;
+ esac
+ # HP-UX runs *really* slowly unless shared libraries are mode 555, ...
+ postinstall_cmds='chmod 555 $lib'
+ # or fails outright, so override atomically:
+ install_override_mode=555
+ ;;
+
+interix[3-9]*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $host_os in
+ nonstopux*) version_type=nonstopux ;;
+ *)
+ if test yes = "$lt_cv_prog_gnu_ld"; then
+ version_type=linux # correct to gnu/linux during the next big refactor
+ else
+ version_type=irix
+ fi ;;
+ esac
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='$libname$release$shared_ext$major'
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$release$shared_ext $libname$shared_ext'
+ case $host_os in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in # libtool.m4 will add one of these switches to LD
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+ libsuff= shlibsuff= libmagic=32-bit;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+ libsuff=32 shlibsuff=N32 libmagic=N32;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+ libsuff=64 shlibsuff=64 libmagic=64-bit;;
+ *) libsuff= shlibsuff= libmagic=never-match;;
+ esac
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec="/usr/lib$libsuff /lib$libsuff /usr/local/lib$libsuff"
+ sys_lib_dlsearch_path_spec="/usr/lib$libsuff /lib$libsuff"
+ hardcode_into_libs=yes
+ ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+ dynamic_linker=no
+ ;;
+
+linux*android*)
+ version_type=none # Android doesn't support versioned libraries.
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext'
+ soname_spec='$libname$release$shared_ext'
+ finish_cmds=
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ dynamic_linker='Android linker'
+ # Don't embed -rpath directories since the linker doesn't support them.
+ hardcode_libdir_flag_spec='-L$libdir'
+ ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+
+ # Some binutils ld are patched to set DT_RUNPATH
+ if test ${lt_cv_shlibpath_overrides_runpath+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ lt_cv_shlibpath_overrides_runpath=no
+ save_LDFLAGS=$LDFLAGS
+ save_libdir=$libdir
+ eval "libdir=/foo; wl=\"$lt_prog_compiler_wl\"; \
+ LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec\""
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null
+then :
+ lt_cv_shlibpath_overrides_runpath=yes
+fi
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ LDFLAGS=$save_LDFLAGS
+ libdir=$save_libdir
+
+fi
+
+ shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath
+
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ # Ideally, we could use ldconfig to report *all* directores which are
+ # searched for libraries, however this is still not possible. Aside from not
+ # being certain /sbin/ldconfig is available, command
+ # 'ldconfig -N -X -v | grep ^/' on 64bit Fedora does not report /usr/lib64,
+ # even though it is searched at run-time. Try to do the best guess by
+ # appending ld.so.conf contents (and includes) to the search path.
+ if test -f /etc/ld.so.conf; then
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
+ sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ fi
+
+ # We used to test for /lib/ld.so.1 and disable shared libraries on
+ # powerpc, because MkLinux only supported shared libraries with the
+ # GNU dynamic linker. Since this was broken with cross compilers,
+ # most powerpc-linux boxes support dynamic linking these days and
+ # people can always --disable-shared, the test was removed, and we
+ # assume the GNU/Linux dynamic linker is in use.
+ dynamic_linker='GNU/Linux ld.so'
+ ;;
+
+netbsdelf*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='NetBSD ld.elf_so'
+ ;;
+
+netbsd*)
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ dynamic_linker='NetBSD (a.out) ld.so'
+ else
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ dynamic_linker='NetBSD ld.elf_so'
+ fi
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+
+newsos6)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+*nto* | *qnx*)
+ version_type=qnx
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='ldqnx.so'
+ ;;
+
+openbsd* | bitrig*)
+ version_type=sunos
+ sys_lib_dlsearch_path_spec=/usr/lib
+ need_lib_prefix=no
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`"; then
+ need_version=no
+ else
+ need_version=yes
+ fi
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+os2*)
+ libname_spec='$name'
+ version_type=windows
+ shrext_cmds=.dll
+ need_version=no
+ need_lib_prefix=no
+ # OS/2 can only load a DLL with a base name of 8 characters or less.
+ soname_spec='`test -n "$os2dllname" && libname="$os2dllname";
+ v=$($ECHO $release$versuffix | tr -d .-);
+ n=$($ECHO $libname | cut -b -$((8 - ${#v})) | tr . _);
+ $ECHO $n$v`$shared_ext'
+ library_names_spec='${libname}_dll.$libext'
+ dynamic_linker='OS/2 ld.exe'
+ shlibpath_var=BEGINLIBPATH
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ postinstall_cmds='base_file=`basename \$file`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\$base_file'\''i; $ECHO \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname~
+ if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then
+ eval '\''$striplib \$dldir/$dlname'\'' || exit \$?;
+ fi'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; $ECHO \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $RM \$dlpath'
+ ;;
+
+osf3* | osf4* | osf5*)
+ version_type=osf
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='$libname$release$shared_ext$major'
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+
+rdos*)
+ dynamic_linker=no
+ ;;
+
+solaris*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ # ldd complains unless libraries are executable
+ postinstall_cmds='chmod +x $lib'
+ ;;
+
+sunos4*)
+ version_type=sunos
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix'
+ finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ if test yes = "$with_gnu_ld"; then
+ need_lib_prefix=no
+ fi
+ need_version=yes
+ ;;
+
+sysv4 | sysv4.3*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_vendor in
+ sni)
+ shlibpath_overrides_runpath=no
+ need_lib_prefix=no
+ runpath_var=LD_RUN_PATH
+ ;;
+ siemens)
+ need_lib_prefix=no
+ ;;
+ motorola)
+ need_lib_prefix=no
+ need_version=no
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+ ;;
+ esac
+ ;;
+
+sysv4*MP*)
+ if test -d /usr/nec; then
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname$shared_ext.$versuffix $libname$shared_ext.$major $libname$shared_ext'
+ soname_spec='$libname$shared_ext.$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ fi
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ version_type=sco
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ if test yes = "$with_gnu_ld"; then
+ sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+ else
+ sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+ case $host_os in
+ sco3.2v5*)
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+ ;;
+ esac
+ fi
+ sys_lib_dlsearch_path_spec='/usr/lib'
+ ;;
+
+tpf*)
+ # TPF is a cross-target only. Preferred cross-host = GNU/Linux.
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+uts4*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+*)
+ dynamic_linker=no
+ ;;
+esac
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5
+printf "%s\n" "$dynamic_linker" >&6; }
+test no = "$dynamic_linker" && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test yes = "$GCC"; then
+ variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+if test set = "${lt_cv_sys_lib_search_path_spec+set}"; then
+ sys_lib_search_path_spec=$lt_cv_sys_lib_search_path_spec
+fi
+
+if test set = "${lt_cv_sys_lib_dlsearch_path_spec+set}"; then
+ sys_lib_dlsearch_path_spec=$lt_cv_sys_lib_dlsearch_path_spec
+fi
+
+# remember unaugmented sys_lib_dlsearch_path content for libtool script decls...
+configure_time_dlsearch_path=$sys_lib_dlsearch_path_spec
+
+# ... but it needs LT_SYS_LIBRARY_PATH munging for other configure-time code
+func_munge_path_list sys_lib_dlsearch_path_spec "$LT_SYS_LIBRARY_PATH"
+
+# to be used as default LT_SYS_LIBRARY_PATH value in generated libtool
+configure_time_lt_sys_library_path=$LT_SYS_LIBRARY_PATH
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5
+printf %s "checking how to hardcode library paths into programs... " >&6; }
+hardcode_action=
+if test -n "$hardcode_libdir_flag_spec" ||
+ test -n "$runpath_var" ||
+ test yes = "$hardcode_automatic"; then
+
+ # We can hardcode non-existent directories.
+ if test no != "$hardcode_direct" &&
+ # If the only mechanism to avoid hardcoding is shlibpath_var, we
+ # have to relink, otherwise we might link with an installed library
+ # when we should be linking with a yet-to-be-installed one
+ ## test no != "$_LT_TAGVAR(hardcode_shlibpath_var, )" &&
+ test no != "$hardcode_minus_L"; then
+ # Linking always hardcodes the temporary library directory.
+ hardcode_action=relink
+ else
+ # We can link without hardcoding, and we can hardcode nonexisting dirs.
+ hardcode_action=immediate
+ fi
+else
+ # We cannot hardcode anything, or else we can only hardcode existing
+ # directories.
+ hardcode_action=unsupported
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $hardcode_action" >&5
+printf "%s\n" "$hardcode_action" >&6; }
+
+if test relink = "$hardcode_action" ||
+ test yes = "$inherit_rpath"; then
+ # Fast installation is not supported
+ enable_fast_install=no
+elif test yes = "$shlibpath_overrides_runpath" ||
+ test no = "$enable_shared"; then
+ # Fast installation is not necessary
+ enable_fast_install=needless
+fi
+
+
+
+
+
+
+ if test yes != "$enable_dlopen"; then
+ enable_dlopen=unknown
+ enable_dlopen_self=unknown
+ enable_dlopen_self_static=unknown
+else
+ lt_cv_dlopen=no
+ lt_cv_dlopen_libs=
+
+ case $host_os in
+ beos*)
+ lt_cv_dlopen=load_add_on
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+ ;;
+
+ mingw* | pw32* | cegcc*)
+ lt_cv_dlopen=LoadLibrary
+ lt_cv_dlopen_libs=
+ ;;
+
+ cygwin*)
+ lt_cv_dlopen=dlopen
+ lt_cv_dlopen_libs=
+ ;;
+
+ darwin*)
+ # if libdl is installed we need to link against it
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5
+printf %s "checking for dlopen in -ldl... " >&6; }
+if test ${ac_cv_lib_dl_dlopen+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldl $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+char dlopen ();
+int
+main (void)
+{
+return dlopen ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ ac_cv_lib_dl_dlopen=yes
+else $as_nop
+ ac_cv_lib_dl_dlopen=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5
+printf "%s\n" "$ac_cv_lib_dl_dlopen" >&6; }
+if test "x$ac_cv_lib_dl_dlopen" = xyes
+then :
+ lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-ldl
+else $as_nop
+
+ lt_cv_dlopen=dyld
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+
+fi
+
+ ;;
+
+ tpf*)
+ # Don't try to run any link tests for TPF. We know it's impossible
+ # because TPF is a cross-compiler, and we know how we open DSOs.
+ lt_cv_dlopen=dlopen
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=no
+ ;;
+
+ *)
+ ac_fn_c_check_func "$LINENO" "shl_load" "ac_cv_func_shl_load"
+if test "x$ac_cv_func_shl_load" = xyes
+then :
+ lt_cv_dlopen=shl_load
+else $as_nop
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5
+printf %s "checking for shl_load in -ldld... " >&6; }
+if test ${ac_cv_lib_dld_shl_load+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldld $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+char shl_load ();
+int
+main (void)
+{
+return shl_load ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ ac_cv_lib_dld_shl_load=yes
+else $as_nop
+ ac_cv_lib_dld_shl_load=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_shl_load" >&5
+printf "%s\n" "$ac_cv_lib_dld_shl_load" >&6; }
+if test "x$ac_cv_lib_dld_shl_load" = xyes
+then :
+ lt_cv_dlopen=shl_load lt_cv_dlopen_libs=-ldld
+else $as_nop
+ ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen"
+if test "x$ac_cv_func_dlopen" = xyes
+then :
+ lt_cv_dlopen=dlopen
+else $as_nop
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5
+printf %s "checking for dlopen in -ldl... " >&6; }
+if test ${ac_cv_lib_dl_dlopen+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldl $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+char dlopen ();
+int
+main (void)
+{
+return dlopen ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ ac_cv_lib_dl_dlopen=yes
+else $as_nop
+ ac_cv_lib_dl_dlopen=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5
+printf "%s\n" "$ac_cv_lib_dl_dlopen" >&6; }
+if test "x$ac_cv_lib_dl_dlopen" = xyes
+then :
+ lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-ldl
+else $as_nop
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5
+printf %s "checking for dlopen in -lsvld... " >&6; }
+if test ${ac_cv_lib_svld_dlopen+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lsvld $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+char dlopen ();
+int
+main (void)
+{
+return dlopen ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ ac_cv_lib_svld_dlopen=yes
+else $as_nop
+ ac_cv_lib_svld_dlopen=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_svld_dlopen" >&5
+printf "%s\n" "$ac_cv_lib_svld_dlopen" >&6; }
+if test "x$ac_cv_lib_svld_dlopen" = xyes
+then :
+ lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-lsvld
+else $as_nop
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5
+printf %s "checking for dld_link in -ldld... " >&6; }
+if test ${ac_cv_lib_dld_dld_link+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldld $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+char dld_link ();
+int
+main (void)
+{
+return dld_link ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ ac_cv_lib_dld_dld_link=yes
+else $as_nop
+ ac_cv_lib_dld_dld_link=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_dld_link" >&5
+printf "%s\n" "$ac_cv_lib_dld_dld_link" >&6; }
+if test "x$ac_cv_lib_dld_dld_link" = xyes
+then :
+ lt_cv_dlopen=dld_link lt_cv_dlopen_libs=-ldld
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+ ;;
+ esac
+
+ if test no = "$lt_cv_dlopen"; then
+ enable_dlopen=no
+ else
+ enable_dlopen=yes
+ fi
+
+ case $lt_cv_dlopen in
+ dlopen)
+ save_CPPFLAGS=$CPPFLAGS
+ test yes = "$ac_cv_header_dlfcn_h" && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
+
+ save_LDFLAGS=$LDFLAGS
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
+
+ save_LIBS=$LIBS
+ LIBS="$lt_cv_dlopen_libs $LIBS"
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether a program can dlopen itself" >&5
+printf %s "checking whether a program can dlopen itself... " >&6; }
+if test ${lt_cv_dlopen_self+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test yes = "$cross_compiling"; then :
+ lt_cv_dlopen_self=cross
+else
+ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+ lt_status=$lt_dlunknown
+ cat > conftest.$ac_ext <<_LT_EOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LT_DLGLOBAL RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+# define LT_DLGLOBAL DL_GLOBAL
+# else
+# define LT_DLGLOBAL 0
+# endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+ find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+# ifdef RTLD_LAZY
+# define LT_DLLAZY_OR_NOW RTLD_LAZY
+# else
+# ifdef DL_LAZY
+# define LT_DLLAZY_OR_NOW DL_LAZY
+# else
+# ifdef RTLD_NOW
+# define LT_DLLAZY_OR_NOW RTLD_NOW
+# else
+# ifdef DL_NOW
+# define LT_DLLAZY_OR_NOW DL_NOW
+# else
+# define LT_DLLAZY_OR_NOW 0
+# endif
+# endif
+# endif
+# endif
+#endif
+
+/* When -fvisibility=hidden is used, assume the code has been annotated
+ correspondingly for the symbols needed. */
+#if defined __GNUC__ && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
+int main ()
+{
+ void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+ int status = $lt_dlunknown;
+
+ if (self)
+ {
+ if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
+ else
+ {
+ if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ else puts (dlerror ());
+ }
+ /* dlclose (self); */
+ }
+ else
+ puts (dlerror ());
+
+ return status;
+}
+_LT_EOF
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && test -s "conftest$ac_exeext" 2>/dev/null; then
+ (./conftest; exit; ) >&5 2>/dev/null
+ lt_status=$?
+ case x$lt_status in
+ x$lt_dlno_uscore) lt_cv_dlopen_self=yes ;;
+ x$lt_dlneed_uscore) lt_cv_dlopen_self=yes ;;
+ x$lt_dlunknown|x*) lt_cv_dlopen_self=no ;;
+ esac
+ else :
+ # compilation failed
+ lt_cv_dlopen_self=no
+ fi
+fi
+rm -fr conftest*
+
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self" >&5
+printf "%s\n" "$lt_cv_dlopen_self" >&6; }
+
+ if test yes = "$lt_cv_dlopen_self"; then
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether a statically linked program can dlopen itself" >&5
+printf %s "checking whether a statically linked program can dlopen itself... " >&6; }
+if test ${lt_cv_dlopen_self_static+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if test yes = "$cross_compiling"; then :
+ lt_cv_dlopen_self_static=cross
+else
+ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+ lt_status=$lt_dlunknown
+ cat > conftest.$ac_ext <<_LT_EOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LT_DLGLOBAL RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+# define LT_DLGLOBAL DL_GLOBAL
+# else
+# define LT_DLGLOBAL 0
+# endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+ find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+# ifdef RTLD_LAZY
+# define LT_DLLAZY_OR_NOW RTLD_LAZY
+# else
+# ifdef DL_LAZY
+# define LT_DLLAZY_OR_NOW DL_LAZY
+# else
+# ifdef RTLD_NOW
+# define LT_DLLAZY_OR_NOW RTLD_NOW
+# else
+# ifdef DL_NOW
+# define LT_DLLAZY_OR_NOW DL_NOW
+# else
+# define LT_DLLAZY_OR_NOW 0
+# endif
+# endif
+# endif
+# endif
+#endif
+
+/* When -fvisibility=hidden is used, assume the code has been annotated
+ correspondingly for the symbols needed. */
+#if defined __GNUC__ && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
+int main ()
+{
+ void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+ int status = $lt_dlunknown;
+
+ if (self)
+ {
+ if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
+ else
+ {
+ if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ else puts (dlerror ());
+ }
+ /* dlclose (self); */
+ }
+ else
+ puts (dlerror ());
+
+ return status;
+}
+_LT_EOF
+ if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && test -s "conftest$ac_exeext" 2>/dev/null; then
+ (./conftest; exit; ) >&5 2>/dev/null
+ lt_status=$?
+ case x$lt_status in
+ x$lt_dlno_uscore) lt_cv_dlopen_self_static=yes ;;
+ x$lt_dlneed_uscore) lt_cv_dlopen_self_static=yes ;;
+ x$lt_dlunknown|x*) lt_cv_dlopen_self_static=no ;;
+ esac
+ else :
+ # compilation failed
+ lt_cv_dlopen_self_static=no
+ fi
+fi
+rm -fr conftest*
+
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self_static" >&5
+printf "%s\n" "$lt_cv_dlopen_self_static" >&6; }
+ fi
+
+ CPPFLAGS=$save_CPPFLAGS
+ LDFLAGS=$save_LDFLAGS
+ LIBS=$save_LIBS
+ ;;
+ esac
+
+ case $lt_cv_dlopen_self in
+ yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
+ *) enable_dlopen_self=unknown ;;
+ esac
+
+ case $lt_cv_dlopen_self_static in
+ yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
+ *) enable_dlopen_self_static=unknown ;;
+ esac
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+striplib=
+old_striplib=
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5
+printf %s "checking whether stripping libraries is possible... " >&6; }
+if test -z "$STRIP"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+else
+ if $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then
+ old_striplib="$STRIP --strip-debug"
+ striplib="$STRIP --strip-unneeded"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ case $host_os in
+ darwin*)
+ # FIXME - insert some real tests, host_os isn't really good enough
+ striplib="$STRIP -x"
+ old_striplib="$STRIP -S"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ ;;
+ freebsd*)
+ if $STRIP -V 2>&1 | $GREP "elftoolchain" >/dev/null; then
+ old_striplib="$STRIP --strip-debug"
+ striplib="$STRIP --strip-unneeded"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ fi
+ ;;
+ *)
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ ;;
+ esac
+ fi
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+ # Report what library types will actually be built
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if libtool supports shared libraries" >&5
+printf %s "checking if libtool supports shared libraries... " >&6; }
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $can_build_shared" >&5
+printf "%s\n" "$can_build_shared" >&6; }
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to build shared libraries" >&5
+printf %s "checking whether to build shared libraries... " >&6; }
+ test no = "$can_build_shared" && enable_shared=no
+
+ # On AIX, shared libraries and static libraries use the same namespace, and
+ # are all built from PIC.
+ case $host_os in
+ aix3*)
+ test yes = "$enable_shared" && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+
+ aix[4-9]*)
+ if test ia64 != "$host_cpu"; then
+ case $enable_shared,$with_aix_soname,$aix_use_runtimelinking in
+ yes,aix,yes) ;; # shared object as lib.so file only
+ yes,svr4,*) ;; # shared object as lib.so archive member only
+ yes,*) enable_static=no ;; # shared object in lib.a archive as well
+ esac
+ fi
+ ;;
+ esac
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $enable_shared" >&5
+printf "%s\n" "$enable_shared" >&6; }
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to build static libraries" >&5
+printf %s "checking whether to build static libraries... " >&6; }
+ # Make sure either enable_shared or enable_static is yes.
+ test yes = "$enable_shared" || enable_static=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $enable_static" >&5
+printf "%s\n" "$enable_static" >&6; }
+
+
+
+
+fi
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+CC=$lt_save_CC
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ ac_config_commands="$ac_config_commands libtool"
+
+
+
+
+# Only expand once:
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5
+printf %s "checking for egrep... " >&6; }
+if test ${ac_cv_path_EGREP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
+ then ac_cv_path_EGREP="$GREP -E"
+ else
+ if test -z "$EGREP"; then
+ ac_path_EGREP_found=false
+ # Loop through the user's path and test for each of PROGNAME-LIST
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_prog in egrep
+ do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_EGREP="$as_dir$ac_prog$ac_exec_ext"
+ as_fn_executable_p "$ac_path_EGREP" || continue
+# Check for GNU ac_path_EGREP and select it if it is found.
+ # Check for GNU $ac_path_EGREP
+case `"$ac_path_EGREP" --version 2>&1` in
+*GNU*)
+ ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
+*)
+ ac_count=0
+ printf %s 0123456789 >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ printf "%s\n" 'EGREP' >> "conftest.nl"
+ "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ as_fn_arith $ac_count + 1 && ac_count=$as_val
+ if test $ac_count -gt ${ac_path_EGREP_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_EGREP="$ac_path_EGREP"
+ ac_path_EGREP_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+ $ac_path_EGREP_found && break 3
+ done
+ done
+ done
+IFS=$as_save_IFS
+ if test -z "$ac_cv_path_EGREP"; then
+ as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+ fi
+else
+ ac_cv_path_EGREP=$EGREP
+fi
+
+ fi
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5
+printf "%s\n" "$ac_cv_path_EGREP" >&6; }
+ EGREP="$ac_cv_path_EGREP"
+
+
+
+
+
+if test "z$RM" = "z" ; then
+ # Extract the first word of "rm", so it can be a program name with args.
+set dummy rm; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_RM+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $RM in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_RM="$RM" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_RM="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ test -z "$ac_cv_path_RM" && ac_cv_path_RM="/bin/rm"
+ ;;
+esac
+fi
+RM=$ac_cv_path_RM
+if test -n "$RM"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $RM" >&5
+printf "%s\n" "$RM" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+# Extract the first word of "cp", so it can be a program name with args.
+set dummy cp; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_CP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $CP in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_CP="$CP" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_CP="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ test -z "$ac_cv_path_CP" && ac_cv_path_CP="/bin/cp"
+ ;;
+esac
+fi
+CP=$ac_cv_path_CP
+if test -n "$CP"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CP" >&5
+printf "%s\n" "$CP" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+# Extract the first word of "mv", so it can be a program name with args.
+set dummy mv; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_MV+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $MV in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_MV="$MV" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_MV="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ test -z "$ac_cv_path_MV" && ac_cv_path_MV="/bin/mv"
+ ;;
+esac
+fi
+MV=$ac_cv_path_MV
+if test -n "$MV"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MV" >&5
+printf "%s\n" "$MV" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+# Extract the first word of "tar", so it can be a program name with args.
+set dummy tar; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_TAR+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $TAR in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_TAR="$TAR" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_TAR="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ test -z "$ac_cv_path_TAR" && ac_cv_path_TAR="/bin/tar"
+ ;;
+esac
+fi
+TAR=$ac_cv_path_TAR
+if test -n "$TAR"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $TAR" >&5
+printf "%s\n" "$TAR" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+# Extract the first word of "perl", so it can be a program name with args.
+set dummy perl; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_PERL+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $PERL in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_PERL="$PERL" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_PERL="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+PERL=$ac_cv_path_PERL
+if test -n "$PERL"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PERL" >&5
+printf "%s\n" "$PERL" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+
+# Extract the first word of "help2man", so it can be a program name with args.
+set dummy help2man; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_HELP2MAN+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $HELP2MAN in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_HELP2MAN="$HELP2MAN" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_HELP2MAN="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+HELP2MAN=$ac_cv_path_HELP2MAN
+if test -n "$HELP2MAN"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $HELP2MAN" >&5
+printf "%s\n" "$HELP2MAN" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+# Extract the first word of "xsltproc", so it can be a program name with args.
+set dummy xsltproc; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_XSLTPROC+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $XSLTPROC in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_XSLTPROC="$XSLTPROC" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_XSLTPROC="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+XSLTPROC=$ac_cv_path_XSLTPROC
+if test -n "$XSLTPROC"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $XSLTPROC" >&5
+printf "%s\n" "$XSLTPROC" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+# Extract the first word of "man2html", so it can be a program name with args.
+set dummy man2html; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_MAN2HTML+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $MAN2HTML in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_MAN2HTML="$MAN2HTML" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_MAN2HTML="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+MAN2HTML=$ac_cv_path_MAN2HTML
+if test -n "$MAN2HTML"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MAN2HTML" >&5
+printf "%s\n" "$MAN2HTML" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+# Extract the first word of "gtkdoc-mkhtml", so it can be a program name with args.
+set dummy gtkdoc-mkhtml; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_GTKDOC_MKHTML+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $GTKDOC_MKHTML in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_GTKDOC_MKHTML="$GTKDOC_MKHTML" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_GTKDOC_MKHTML="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+GTKDOC_MKHTML=$ac_cv_path_GTKDOC_MKHTML
+if test -n "$GTKDOC_MKHTML"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GTKDOC_MKHTML" >&5
+printf "%s\n" "$GTKDOC_MKHTML" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+# Extract the first word of "gtkdoc-mkdb", so it can be a program name with args.
+set dummy gtkdoc-mkdb; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_GTKDOC_MKDB+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $GTKDOC_MKDB in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_GTKDOC_MKDB="$GTKDOC_MKDB" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_GTKDOC_MKDB="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+GTKDOC_MKDB=$ac_cv_path_GTKDOC_MKDB
+if test -n "$GTKDOC_MKDB"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GTKDOC_MKDB" >&5
+printf "%s\n" "$GTKDOC_MKDB" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+# Extract the first word of "gtkdoc-scan", so it can be a program name with args.
+set dummy gtkdoc-scan; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_GTKDOC_SCAN+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $GTKDOC_SCAN in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_GTKDOC_SCAN="$GTKDOC_SCAN" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_GTKDOC_SCAN="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+GTKDOC_SCAN=$ac_cv_path_GTKDOC_SCAN
+if test -n "$GTKDOC_SCAN"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GTKDOC_SCAN" >&5
+printf "%s\n" "$GTKDOC_SCAN" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ if test x"$HELP2MAN" != x; then
+ HAS_HELP2MAN_TRUE=
+ HAS_HELP2MAN_FALSE='#'
+else
+ HAS_HELP2MAN_TRUE='#'
+ HAS_HELP2MAN_FALSE=
+fi
+
+ if test x"$MAN2HTML" != x; then
+ HAS_MAN2HTML_TRUE=
+ HAS_MAN2HTML_FALSE='#'
+else
+ HAS_MAN2HTML_TRUE='#'
+ HAS_MAN2HTML_FALSE=
+fi
+
+ if test x"$XSLTPROC" != x; then
+ HAS_XSLTPROC_TRUE=
+ HAS_XSLTPROC_FALSE='#'
+else
+ HAS_XSLTPROC_TRUE='#'
+ HAS_XSLTPROC_FALSE=
+fi
+
+
+ac_header_dirent=no
+for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h; do
+ as_ac_Header=`printf "%s\n" "ac_cv_header_dirent_$ac_hdr" | $as_tr_sh`
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_hdr that defines DIR" >&5
+printf %s "checking for $ac_hdr that defines DIR... " >&6; }
+if eval test \${$as_ac_Header+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <sys/types.h>
+#include <$ac_hdr>
+
+int
+main (void)
+{
+if ((DIR *) 0)
+return 0;
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ eval "$as_ac_Header=yes"
+else $as_nop
+ eval "$as_ac_Header=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+eval ac_res=\$$as_ac_Header
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+printf "%s\n" "$ac_res" >&6; }
+if eval test \"x\$"$as_ac_Header"\" = x"yes"
+then :
+ cat >>confdefs.h <<_ACEOF
+#define `printf "%s\n" "HAVE_$ac_hdr" | $as_tr_cpp` 1
+_ACEOF
+
+ac_header_dirent=$ac_hdr; break
+fi
+
+done
+# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix.
+if test $ac_header_dirent = dirent.h; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5
+printf %s "checking for library containing opendir... " >&6; }
+if test ${ac_cv_search_opendir+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+char opendir ();
+int
+main (void)
+{
+return opendir ();
+ ;
+ return 0;
+}
+_ACEOF
+for ac_lib in '' dir
+do
+ if test -z "$ac_lib"; then
+ ac_res="none required"
+ else
+ ac_res=-l$ac_lib
+ LIBS="-l$ac_lib $ac_func_search_save_LIBS"
+ fi
+ if ac_fn_c_try_link "$LINENO"
+then :
+ ac_cv_search_opendir=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext
+ if test ${ac_cv_search_opendir+y}
+then :
+ break
+fi
+done
+if test ${ac_cv_search_opendir+y}
+then :
+
+else $as_nop
+ ac_cv_search_opendir=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_opendir" >&5
+printf "%s\n" "$ac_cv_search_opendir" >&6; }
+ac_res=$ac_cv_search_opendir
+if test "$ac_res" != no
+then :
+ test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+fi
+
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5
+printf %s "checking for library containing opendir... " >&6; }
+if test ${ac_cv_search_opendir+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+char opendir ();
+int
+main (void)
+{
+return opendir ();
+ ;
+ return 0;
+}
+_ACEOF
+for ac_lib in '' x
+do
+ if test -z "$ac_lib"; then
+ ac_res="none required"
+ else
+ ac_res=-l$ac_lib
+ LIBS="-l$ac_lib $ac_func_search_save_LIBS"
+ fi
+ if ac_fn_c_try_link "$LINENO"
+then :
+ ac_cv_search_opendir=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext
+ if test ${ac_cv_search_opendir+y}
+then :
+ break
+fi
+done
+if test ${ac_cv_search_opendir+y}
+then :
+
+else $as_nop
+ ac_cv_search_opendir=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_opendir" >&5
+printf "%s\n" "$ac_cv_search_opendir" >&6; }
+ac_res=$ac_cv_search_opendir
+if test "$ac_res" != no
+then :
+ test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+fi
+
+fi
+
+
+
+XMLSEC_DEFINES=
+XMLSEC_APP_DEFINES=
+XMLSEC_EXTRA_LDFLAGS=
+XMLSEC_CRYPTO_EXTRA_LDFLAGS=
+
+
+build_on_aix=no
+build_on_windows=no
+build_on_mac=no
+build_on_linux=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for build OS" >&5
+printf %s "checking for build OS... " >&6; }
+
+if test -n "$shrext"; then
+ XMLSEC_SHLIBSFX="$shrext"
+else
+ XMLSEC_SHLIBSFX="$shrext_cmds"
+fi
+
+case "${host}" in
+ *aix* )
+ CFLAGS="${CFLAGS} -D_ALL_SOURCE"
+
+ build_on_aix=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: \"AIX\"" >&5
+printf "%s\n" "\"AIX\"" >&6; }
+ ;;
+ *-*-mingw*)
+ XMLSEC_EXTRA_LDFLAGS="$XMLSEC_EXTRA_LDFLAGS -no-undefined -avoid-version"
+ XMLSEC_CRYPTO_EXTRA_LDFLAGS="$XMLSEC_CRYPTO_EXTRA_LDFLAGS -no-undefined -avoid-version"
+ XMLSEC_SHLIBSFX=".dll.a"
+
+ build_on_windows=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: \"Windows (MinGW)\"" >&5
+printf "%s\n" "\"Windows (MinGW)\"" >&6; }
+ ;;
+ *-*-cygwin*)
+ XMLSEC_EXTRA_LDFLAGS="$XMLSEC_EXTRA_LDFLAGS -no-undefined"
+ XMLSEC_CRYPTO_EXTRA_LDFLAGS="$XMLSEC_CRYPTO_EXTRA_LDFLAGS -no-undefined"
+
+ build_on_windows=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: \"Windows (Cygwin)\"" >&5
+printf "%s\n" "\"Windows (Cygwin)\"" >&6; }
+ ;;
+ *-*-darwin*)
+ XMLSEC_SHLIBSFX=".dylib"
+
+ build_on_mac=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: \"MacOSX\"" >&5
+printf "%s\n" "\"MacOSX\"" >&6; }
+ ;;
+ *-*-linux*)
+ build_on_linux=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: \"Linux\"" >&5
+printf "%s\n" "\"Linux\"" >&6; }
+ ;;
+ *)
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: \"Other\"" >&5
+printf "%s\n" "\"Other\"" >&6; }
+ ;;
+esac
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for development environment" >&5
+printf %s "checking for development environment... " >&6; }
+# Check whether --enable-development was given.
+if test ${enable_development+y}
+then :
+ enableval=$enable_development;
+fi
+
+if test "z$enable_development" = "zyes" ; then
+ enable_debugging="yes"
+ enable_pedantic="yes"
+ enable_static_linking="yes"
+ enable_manpages_build="no"
+ enable_docs_build="no"
+ enable_crypto_dl="no"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for man pages build" >&5
+printf %s "checking for man pages build... " >&6; }
+# Check whether --enable-manpages_build was given.
+if test ${enable_manpages_build+y}
+then :
+ enableval=$enable_manpages_build;
+fi
+
+if test "z$enable_manpages_build" = "zyes" ; then
+ if test x"$HELP2MAN" != x; then
+ BUILD_MANPAGES_TRUE=
+ BUILD_MANPAGES_FALSE='#'
+else
+ BUILD_MANPAGES_TRUE='#'
+ BUILD_MANPAGES_FALSE=
+fi
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ if test "x" = "y"; then
+ BUILD_MANPAGES_TRUE=
+ BUILD_MANPAGES_FALSE='#'
+else
+ BUILD_MANPAGES_TRUE='#'
+ BUILD_MANPAGES_FALSE=
+fi
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for docs build" >&5
+printf %s "checking for docs build... " >&6; }
+# Check whether --enable-docs_build was given.
+if test ${enable_docs_build+y}
+then :
+ enableval=$enable_docs_build;
+fi
+
+if test "z$enable_docs_build" = "zyes" ; then
+ if test x"$PERL" != x && test x"$XSLTPROC" != x && test x"$MAN2HTML" != x; then
+ BUILD_MAN_DOCS_TRUE=
+ BUILD_MAN_DOCS_FALSE='#'
+else
+ BUILD_MAN_DOCS_TRUE='#'
+ BUILD_MAN_DOCS_FALSE=
+fi
+
+ if test x"$PERL" != x && test x"$XSLTPROC" != x && test x"$GTKDOC_MKHTML" != x && test x"$GTKDOC_MKDB" != x && test x"$GTKDOC_SCAN" != x; then
+ BUILD_API_DOCS_TRUE=
+ BUILD_API_DOCS_FALSE='#'
+else
+ BUILD_API_DOCS_TRUE='#'
+ BUILD_API_DOCS_FALSE=
+fi
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ if test "x" = "y"; then
+ BUILD_MAN_DOCS_TRUE=
+ BUILD_MAN_DOCS_FALSE='#'
+else
+ BUILD_MAN_DOCS_TRUE='#'
+ BUILD_MAN_DOCS_FALSE=
+fi
+
+ if test "x" = "y"; then
+ BUILD_API_DOCS_TRUE=
+ BUILD_API_DOCS_FALSE='#'
+else
+ BUILD_API_DOCS_TRUE='#'
+ BUILD_API_DOCS_FALSE=
+fi
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+if test "z$shrext" = "z" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for shared library suffix" >&5
+printf %s "checking for shared library suffix... " >&6; }
+ module=no
+ eval shrext=$shrext_cmds
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $shrext" >&5
+printf "%s\n" "$shrext" >&6; }
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for __FUNCTION__ or __func__" >&5
+printf %s "checking for __FUNCTION__ or __func__... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+char *foo = __FUNCTION__;
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_function_exists=yes
+else $as_nop
+ ac_function_exists=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main (void)
+{
+char *foo = __func__;
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"
+then :
+ ac_func_exists=yes
+else $as_nop
+ ac_func_exists=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
+if test "z$ac_func_exists" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: __func__" >&5
+printf "%s\n" "__func__" >&6; }
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -D__XMLSEC_FUNCTION__=__func__"
+elif test "z$ac_function_exists" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: __FUNCTION__" >&5
+printf "%s\n" "__FUNCTION__" >&6; }
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -D__XMLSEC_FUNCTION__=__FUNCTION__"
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: \"no\"" >&5
+printf "%s\n" "\"no\"" >&6; }
+fi
+
+PKGCONFIG_FOUND="no"
+# Check whether --enable-pkgconfig was given.
+if test ${enable_pkgconfig+y}
+then :
+ enableval=$enable_pkgconfig;
+fi
+
+if test "z$enable_pkgconfig" != "zno" ; then
+
+
+
+
+
+
+
+if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args.
+set dummy ${ac_tool_prefix}pkg-config; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_PKG_CONFIG+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $PKG_CONFIG in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_PKG_CONFIG="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+PKG_CONFIG=$ac_cv_path_PKG_CONFIG
+if test -n "$PKG_CONFIG"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG" >&5
+printf "%s\n" "$PKG_CONFIG" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_path_PKG_CONFIG"; then
+ ac_pt_PKG_CONFIG=$PKG_CONFIG
+ # Extract the first word of "pkg-config", so it can be a program name with args.
+set dummy pkg-config; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_ac_pt_PKG_CONFIG+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $ac_pt_PKG_CONFIG in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_ac_pt_PKG_CONFIG="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG
+if test -n "$ac_pt_PKG_CONFIG"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKG_CONFIG" >&5
+printf "%s\n" "$ac_pt_PKG_CONFIG" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+ if test "x$ac_pt_PKG_CONFIG" = x; then
+ PKG_CONFIG=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ PKG_CONFIG=$ac_pt_PKG_CONFIG
+ fi
+else
+ PKG_CONFIG="$ac_cv_path_PKG_CONFIG"
+fi
+
+fi
+if test -n "$PKG_CONFIG"; then
+ _pkg_min_version=0.9.0
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking pkg-config is at least version $_pkg_min_version" >&5
+printf %s "checking pkg-config is at least version $_pkg_min_version... " >&6; }
+ if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ PKG_CONFIG=""
+ fi
+fi
+ PKGCONFIG_FOUND="yes"
+else
+ PKGCONFIG_FOUND="no"
+fi
+
+ENABLE_CUSTOM_CONFIGS="no"
+# Check whether --enable-custom-configs was given.
+if test ${enable_custom_configs+y}
+then :
+ enableval=$enable_custom_configs;
+fi
+
+if test "z$enable_custom_configs" != "zno" ; then
+ ENABLE_CUSTOM_CONFIGS="yes"
+else
+ ENABLE_CUSTOM_CONFIGS="no"
+fi
+
+ENABLE_FOLDERS_SEARCH="no"
+# Check whether --enable-folders-search was given.
+if test ${enable_folders_search+y}
+then :
+ enableval=$enable_folders_search;
+fi
+
+if test "z$enable_folders_search" != "zno" ; then
+ ENABLE_FOLDERS_SEARCH="yes"
+else
+ ENABLE_FOLDERS_SEARCH="no"
+fi
+
+COMMON_INCLUDE_DIR="/usr/include /usr/local/include"
+COMMON_LIB_DIR="/usr/lib /usr/lib64 /usr/local/lib"
+case $host in
+ i*86-*-linux-gnu) COMMON_LIB_DIR="$COMMON_LIB_DIR /usr/lib/i386-linux-gnu" ;;
+ x86_64-*-linux-gnu) COMMON_LIB_DIR="$COMMON_LIB_DIR /usr/lib/x86_64-linux-gnu" ;;
+ *) COMMON_LIB_DIR="$COMMON_LIB_DIR /usr/lib/$host" ;;
+esac
+
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking size of size_t" >&5
+printf %s "checking size of size_t... " >&6; }
+if test ${ac_cv_sizeof_size_t+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (size_t))" "ac_cv_sizeof_size_t" "$ac_includes_default"
+then :
+
+else $as_nop
+ if test "$ac_cv_type_size_t" = yes; then
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (size_t)
+See \`config.log' for more details" "$LINENO" 5; }
+ else
+ ac_cv_sizeof_size_t=0
+ fi
+fi
+
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_size_t" >&5
+printf "%s\n" "$ac_cv_sizeof_size_t" >&6; }
+
+
+
+printf "%s\n" "#define SIZEOF_SIZE_T $ac_cv_sizeof_size_t" >>confdefs.h
+
+
+
+XMLSEC_USE_SIZE_T="no"
+# Check whether --enable-size-t was given.
+if test ${enable_size_t+y}
+then :
+ enableval=$enable_size_t;
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for using size_t" >&5
+printf %s "checking for using size_t... " >&6; }
+if test "z$enable_size_t" = "zyes" ; then
+ XMLSEC_USE_SIZE_T="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ XMLSEC_USE_SIZE_T="no"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+if test "z$XMLSEC_USE_SIZE_T" != "zyes" -a "$ac_cv_sizeof_size_t" -ne "4" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SIZE_T"
+fi
+
+LIBXML_MIN_VERSION="2.8.0"
+LIBXML_INCLUDE_DIR="$COMMON_INCLUDE_DIR /usr/include/libxml2 /usr/local/include/libxml2 /usr/local/libxml2/include"
+LIBXML_LIB_DIR="$COMMON_LIB_DIR /usr/local/libxml2/lib"
+LIBXML_INCLUDE_MARKER="libxml/xmlversion.h"
+LIBXML_SHARED_LIB_MARKER="libxml2$shrext"
+LIBXML_STATIC_LIB_MARKER="libxml2.$libext"
+LIBXML_LIBS_LIST="-lxml2"
+LIBXML_CONFIG="xml2-config"
+
+LIBXML_INCLUDE_PATH=
+LIBXML_LIB_PATH=
+LIBXML_CONFIG_PATH=
+LIBXML_FOUND="no"
+
+# Check whether --with-libxml was given.
+if test ${with_libxml+y}
+then :
+ withval=$with_libxml;
+fi
+
+
+# Check whether --with-libxml-src was given.
+if test ${with_libxml_src+y}
+then :
+ withval=$with_libxml_src;
+fi
+
+
+if test "z$with_libxml" = "zno" -o "z$with_libxml_src" = "zno"; then
+ LIBXML_FOUND="disabled"
+fi
+
+if test "z$LIBXML_FOUND" = "zno" -a "z$with_libxml_src" != "z" -a "z$with_libxml_src" != "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxml2 library source tree in \"$with_libxml_src\" folder" >&5
+printf %s "checking for libxml2 library source tree in \"$with_libxml_src\" folder... " >&6; }
+ if test -f "$with_libxml_src/include/$LIBXML_INCLUDE_MARKER" -a -f "$with_libxml_src/.libs/$LIBXML_SHARED_LIB_MARKER" -o -f "$with_libxml_src/.libs/$LIBXML_STATIC_LIB_MARKER" ; then
+ LIBXML_INCLUDE_PATH="$with_libxml_src/include"
+ LIBXML_LIB_PATH="$with_libxml_src/.libs"
+ LIBXML_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ as_fn_error $? "not found: \"$with_libxml_src/include/$LIBXML_INCLUDE_MARKER\" or \"$with_libxml_src/.libs/$LIBXML_SHARED_LIB_MARKER\" or \"$with_libxml_src/.libs/$LIBXML_STATIC_LIB_MARKER\" files don't exist), typo?" "$LINENO" 5
+ fi
+fi
+
+if test "z$LIBXML_FOUND" = "zno" -a "z$with_libxml" != "z" -a "z$with_libxml" != "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxml2 library installation in \"$with_libxml\" folder" >&5
+printf %s "checking for libxml2 library installation in \"$with_libxml\" folder... " >&6; }
+ if test "z$ENABLE_CUSTOM_CONFIGS" = "zyes" -a -f "$with_libxml/bin/$LIBXML_CONFIG" ; then
+ LIBXML_CONFIG_PATH="$with_libxml/bin/$LIBXML_CONFIG"
+ LIBXML_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ elif test -f "$with_libxml/include/libxml2/$LIBXML_INCLUDE_MARKER" -a -f "$with_libxml/lib/$LIBXML_SHARED_LIB_MARKER" -o -f "$with_libxml/lib/$LIBXML_STATIC_LIB_MARKER" ; then
+ LIBXML_INCLUDE_PATH="$with_libxml/include/libxml2"
+ LIBXML_LIB_PATH="$with_libxml/lib"
+ LIBXML_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ as_fn_error $? "not found: \"$with_libxml/bin/$LIBXML_CONFIG\" tool, or \"$with_libxml/include/libxml2/$LIBXML_INCLUDE_MARKER\" and/or \"$with_libxml/lib/$LIBXML_SHARED_LIB_MARKER\" or \"$with_libxml/lib/$LIBXML_STATIC_LIB_MARKER\" files don't exist), typo?" "$LINENO" 5
+ fi
+fi
+
+if test "z$LIBXML_FOUND" = "zno" -a "z$LIBXML_CFLAGS" != "z" -a "z$LIBXML_LIBS" != "z" ; then
+ LIBXML_FOUND="yes"
+fi
+
+if test "z$LIBXML_FOUND" = "zno" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxml-2.0 >= $LIBXML_MIN_VERSION" >&5
+printf %s "checking for libxml-2.0 >= $LIBXML_MIN_VERSION... " >&6; }
+
+if test -n "$LIBXML_CFLAGS"; then
+ pkg_cv_LIBXML_CFLAGS="$LIBXML_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libxml-2.0 >= \$LIBXML_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libxml-2.0 >= $LIBXML_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_LIBXML_CFLAGS=`$PKG_CONFIG --cflags "libxml-2.0 >= $LIBXML_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$LIBXML_LIBS"; then
+ pkg_cv_LIBXML_LIBS="$LIBXML_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libxml-2.0 >= \$LIBXML_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libxml-2.0 >= $LIBXML_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_LIBXML_LIBS=`$PKG_CONFIG --libs "libxml-2.0 >= $LIBXML_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ LIBXML_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libxml-2.0 >= $LIBXML_MIN_VERSION" 2>&1`
+ else
+ LIBXML_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libxml-2.0 >= $LIBXML_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$LIBXML_PKG_ERRORS" >&5
+
+ LIBXML_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ LIBXML_FOUND=no
+else
+ LIBXML_CFLAGS=$pkg_cv_LIBXML_CFLAGS
+ LIBXML_LIBS=$pkg_cv_LIBXML_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ LIBXML_FOUND=yes
+fi
+fi
+
+if test "z$LIBXML_FOUND" = "zno" -a "z$ENABLE_CUSTOM_CONFIGS" = "zyes" ; then
+ # Extract the first word of "$LIBXML_CONFIG", so it can be a program name with args.
+set dummy $LIBXML_CONFIG; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_LIBXML_CONFIG_PATH+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $LIBXML_CONFIG_PATH in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_LIBXML_CONFIG_PATH="$LIBXML_CONFIG_PATH" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_LIBXML_CONFIG_PATH="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+LIBXML_CONFIG_PATH=$ac_cv_path_LIBXML_CONFIG_PATH
+if test -n "$LIBXML_CONFIG_PATH"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBXML_CONFIG_PATH" >&5
+printf "%s\n" "$LIBXML_CONFIG_PATH" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ if test "z$LIBXML_CONFIG_PATH" != "z" ; then
+ LIBXML_FOUND="yes"
+ fi
+fi
+
+if test "z$LIBXML_FOUND" = "zno" -a "z$ENABLE_FOLDERS_SEARCH" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxml2 library installation in the typical folders" >&5
+printf %s "checking for libxml2 library installation in the typical folders... " >&6; }
+ if test "z$LIBXML_INCLUDE_PATH" = "z" ; then
+
+ for dir in $LIBXML_INCLUDE_DIR ; do
+ if test -f "$dir/$LIBXML_INCLUDE_MARKER" ; then
+ LIBXML_INCLUDE_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$LIBXML_LIB_PATH" = "z" ; then
+
+ for dir in $LIBXML_LIB_DIR ; do
+ if test -f "$dir/$LIBXML_SHARED_LIB_MARKER" ; then
+ LIBXML_LIB_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$LIBXML_LIB_PATH" = "z" ; then
+
+ for dir in $LIBXML_LIB_DIR ; do
+ if test -f "$dir/$LIBXML_STATIC_LIB_MARKER" ; then
+ LIBXML_LIB_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$LIBXML_INCLUDE_PATH" != "z" -a "z$LIBXML_LIB_PATH" != "z" ; then
+ LIBXML_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (\"-I$LIBXML_INCLUDE_PATH -L$LIBXML_LIB_PATH\")" >&5
+printf "%s\n" "yes (\"-I$LIBXML_INCLUDE_PATH -L$LIBXML_LIB_PATH\")" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+ fi
+fi
+
+if test "z$LIBXML_FOUND" = "zno" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxml2 library installation" >&5
+printf %s "checking for libxml2 library installation... " >&6; }
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $LIBXML_CFLAGS"
+ OLD_LIBS=$LIBS
+ LIBS="$LIBS $LIBXML_LIBS $LIBXML_LIBS_LIST"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+
+ #include <libxml/xmlversion.h>
+
+int
+main (void)
+{
+
+ int main () { xmlCheckVersion(0);; return(0); }
+
+ ;
+ return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ LIBXML_FOUND=yes
+ LIBXML_LIBS="$LIBXML_LIBS $LIBXML_LIBS_LIST"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+
+else $as_nop
+
+ LIBXML_FOUND=no
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ CPPFLAGS=$OLD_CPPFLAGS
+ LIBS=$OLD_LIBS
+fi
+
+if test "z$LIBXML_FOUND" = "zyes" ; then
+ if test "z$LIBXML_CONFIG_PATH" != "z" -a "z$ENABLE_CUSTOM_CONFIGS" = "zyes" ; then
+ if test "z$LIBXML_CFLAGS" = "z" ; then
+ LIBXML_CFLAGS="`$LIBXML_CONFIG_PATH --cflags`"
+ fi
+ if test "z$LIBXML_LIBS" = "z"; then
+ LIBXML_LIBS="`$LIBXML_CONFIG_PATH --libs`"
+ fi
+ LIBXML_CONFIG=$LIBXML_CONFIG_PATH
+ LIBXML_FOUND="yes"
+ else
+ if test "z$LIBXML_INCLUDE_PATH" != "z" ; then
+ LIBXML_CFLAGS="$LIBXML_CFLAGS -I$LIBXML_INCLUDE_PATH"
+ fi
+ if test "z$LIBXML_LIB_PATH" != "z" ; then
+ if test "z$with_gnu_ld" = "zyes" ; then
+ LIBXML_LIBS="$LIBXML_LIBS -Wl,-rpath-link -Wl,$LIBXML_LIB_PATH"
+ fi
+ LIBXML_LIBS="$LIBXML_LIBS -L$LIBXML_LIB_PATH $LIBXML_LIBS_LIST"
+ fi
+ fi
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxml2 library >= $LIBXML_MIN_VERSION" >&5
+printf %s "checking for libxml2 library >= $LIBXML_MIN_VERSION... " >&6; }
+if test "z$LIBXML_FOUND" = "zyes" ; then
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $LIBXML_CFLAGS"
+ minvers=`echo $LIBXML_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 100 + $2) * 100 + $3;}'`
+ ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5
+printf %s "checking how to run the C preprocessor... " >&6; }
+# On Suns, sometimes $CPP names a directory.
+if test -n "$CPP" && test -d "$CPP"; then
+ CPP=
+fi
+if test -z "$CPP"; then
+ if test ${ac_cv_prog_CPP+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ # Double quotes because $CC needs to be expanded
+ for CPP in "$CC -E" "$CC -E -traditional-cpp" cpp /lib/cpp
+ do
+ ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+ # Use a header file that comes with gcc, so configuring glibc
+ # with a fresh cross-compiler works.
+ # On the NeXT, cc -E runs the code through the compiler's parser,
+ # not just through cpp. "Syntax error" is here to catch this case.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <limits.h>
+ Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"
+then :
+
+else $as_nop
+ # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+ # OK, works on sane cases. Now check whether nonexistent headers
+ # can be detected and how.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"
+then :
+ # Broken: success on invalid input.
+continue
+else $as_nop
+ # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok
+then :
+ break
+fi
+
+ done
+ ac_cv_prog_CPP=$CPP
+
+fi
+ CPP=$ac_cv_prog_CPP
+else
+ ac_cv_prog_CPP=$CPP
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5
+printf "%s\n" "$CPP" >&6; }
+ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+ # Use a header file that comes with gcc, so configuring glibc
+ # with a fresh cross-compiler works.
+ # On the NeXT, cc -E runs the code through the compiler's parser,
+ # not just through cpp. "Syntax error" is here to catch this case.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <limits.h>
+ Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"
+then :
+
+else $as_nop
+ # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+ # OK, works on sane cases. Now check whether nonexistent headers
+ # can be detected and how.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"
+then :
+ # Broken: success on invalid input.
+continue
+else $as_nop
+ # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok
+then :
+
+else $as_nop
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <libxml/xmlversion.h>
+ #if LIBXML_VERSION >= $minvers
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ LIBXML_FOUND=yes
+
+else $as_nop
+
+ LIBXML_FOUND=no
+
+fi
+rm -rf conftest*
+
+ CPPFLAGS=$OLD_CPPFLAGS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBXML_FOUND" >&5
+printf "%s\n" "$LIBXML_FOUND" >&6; }
+
+if test "z$LIBXML_FOUND" != "zyes" ; then
+ as_fn_error $? "libxml2 library >= $LIBXML_MIN_VERSION is required for this version of $XMLSEC_PACKAGE" "$LINENO" 5
+fi
+
+
+
+
+
+
+LIBXSLT_MIN_VERSION=1.0.20
+LIBXSLT_INCLUDE_DIR="$COMMON_INCLUDE_DIR /usr/local/libxslt/include"
+LIBXSLT_LIB_DIR="$COMMON_LIB_DIR /usr/local/libxslt/lib"
+LIBXSLT_CONFIG="xslt-config"
+LIBXSLT_INCLUDE_MARKER="libxslt/xsltconfig.h"
+LIBXSLT_SHARED_LIB_MARKER="libxslt$shrext"
+LIBXSLT_STATIC_LIB_MARKER="libxslt.$libext"
+LIBXSLT_LIBS_LIST="-lxslt"
+
+XMLSEC_NO_LIBXSLT="1"
+LIBXSLT_INCLUDE_PATH=
+LIBXSLT_LIB_PATH=
+LIBXSLT_CONFIG_PATH=
+LIBXSLT_FOUND="no"
+
+# Check whether --with-libxslt was given.
+if test ${with_libxslt+y}
+then :
+ withval=$with_libxslt;
+fi
+
+
+# Check whether --with-libxslt-src was given.
+if test ${with_libxslt_src+y}
+then :
+ withval=$with_libxslt_src;
+fi
+
+
+if test "z$with_libxslt" = "zno" -o "z$with_libxslt_src" = "zno" ; then
+ LIBXSLT_FOUND="disabled"
+fi
+
+if test "z$LIBXSLT_FOUND" = "zno" -a "z$with_libxslt_src" != "z" -a "z$with_libxslt_src" != "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxslt library source tree in \"$with_libxslt_src\" folder" >&5
+printf %s "checking for libxslt library source tree in \"$with_libxslt_src\" folder... " >&6; }
+ if test -f "$with_libxslt_src/$LIBXSLT_INCLUDE_MARKER" -a -f "$with_libxslt_src/libxslt/.libs/$LIBXSLT_SHARED_LIB_MARKER" -o -f "$with_libxslt_src/libxslt/.libs/$LIBXSLT_STATIC_LIB_MARKER" ; then
+ LIBXSLT_INCLUDE_PATH="$with_libxslt_src"
+ LIBXSLT_LIB_PATH="$with_libxslt_src/libxslt/.libs"
+ LIBXSLT_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ as_fn_error $? "not found: \"$with_libxslt_src/$LIBXSLT_INCLUDE_MARKER\" and/or \"$with_libxslt_src/libxslt/.libs/$LIBXSLT_SHARED_LIB_MARKER\" or \"$with_libxslt_src/libxslt/.libs/$LIBXSLT_STATIC_LIB_MARKER\" files don't exist), typo?" "$LINENO" 5
+ fi
+fi
+
+if test "z$LIBXSLT_FOUND" = "zno" -a "z$with_libxslt" != "z" -a "z$with_libxslt" != "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxslt library installation in \"$with_libxslt\" folder" >&5
+printf %s "checking for libxslt library installation in \"$with_libxslt\" folder... " >&6; }
+ if test "z$ENABLE_CUSTOM_CONFIGS" = "zyes" -a -f "$with_libxslt/bin/$LIBXSLT_CONFIG" ; then
+ LIBXSLT_CONFIG_PATH="$with_libxslt/bin/$LIBXSLT_CONFIG"
+ LIBXSLT_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ elif test -f "$with_libxslt/include/$LIBXSLT_INCLUDE_MARKER" -a -f "$with_libxslt/lib/$LIBXSLT_SHARED_LIB_MARKER" -o -f "$with_libxslt/lib/$LIBXSLT_STATIC_LIB_MARKER" ; then
+ LIBXSLT_INCLUDE_PATH="$with_libxslt/include"
+ LIBXSLT_LIB_PATH="$with_libxslt/lib"
+ LIBXSLT_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ as_fn_error $? "not found: \"$with_libxslt/bin/$LIBXSLT_CONFIG\" tool, or \"$with_libxslt/include/$LIBXSLT_INCLUDE_MARKER\" and/or \"$with_libxslt/lib/$LIBXSLT_SHARED_LIB_MARKER\" or \"$with_libxslt/lib/$LIBXSLT_STATIC_LIB_MARKER\" files don't exist), typo?" "$LINENO" 5
+ fi
+fi
+
+if test "z$LIBXSLT_FOUND" = "zno" -a "z$LIBXSLT_CFLAGS" != "z" -a "z$LIBXSLT_LIBS" != "z" ; then
+ LIBXSLT_FOUND="yes"
+fi
+
+if test "z$LIBXSLT_FOUND" = "zno" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxslt >= $LIBXSLT_MIN_VERSION" >&5
+printf %s "checking for libxslt >= $LIBXSLT_MIN_VERSION... " >&6; }
+
+if test -n "$LIBXSLT_CFLAGS"; then
+ pkg_cv_LIBXSLT_CFLAGS="$LIBXSLT_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libxslt >= \$LIBXSLT_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libxslt >= $LIBXSLT_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_LIBXSLT_CFLAGS=`$PKG_CONFIG --cflags "libxslt >= $LIBXSLT_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$LIBXSLT_LIBS"; then
+ pkg_cv_LIBXSLT_LIBS="$LIBXSLT_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libxslt >= \$LIBXSLT_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libxslt >= $LIBXSLT_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_LIBXSLT_LIBS=`$PKG_CONFIG --libs "libxslt >= $LIBXSLT_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ LIBXSLT_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libxslt >= $LIBXSLT_MIN_VERSION" 2>&1`
+ else
+ LIBXSLT_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libxslt >= $LIBXSLT_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$LIBXSLT_PKG_ERRORS" >&5
+
+ LIBXSLT_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ LIBXSLT_FOUND=no
+else
+ LIBXSLT_CFLAGS=$pkg_cv_LIBXSLT_CFLAGS
+ LIBXSLT_LIBS=$pkg_cv_LIBXSLT_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ LIBXSLT_FOUND=yes
+fi
+fi
+
+if test "z$LIBXSLT_FOUND" = "zno" -a "z$ENABLE_CUSTOM_CONFIGS" = "zyes" ; then
+ # Extract the first word of "$LIBXSLT_CONFIG", so it can be a program name with args.
+set dummy $LIBXSLT_CONFIG; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_LIBXSLT_CONFIG_PATH+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $LIBXSLT_CONFIG_PATH in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_LIBXSLT_CONFIG_PATH="$LIBXSLT_CONFIG_PATH" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_LIBXSLT_CONFIG_PATH="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+LIBXSLT_CONFIG_PATH=$ac_cv_path_LIBXSLT_CONFIG_PATH
+if test -n "$LIBXSLT_CONFIG_PATH"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBXSLT_CONFIG_PATH" >&5
+printf "%s\n" "$LIBXSLT_CONFIG_PATH" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ if test "z$LIBXSLT_CONFIG_PATH" != "z" ; then
+ LIBXSLT_FOUND="yes"
+ fi
+fi
+
+if test "z$LIBXSLT_FOUND" = "zno" -a "z$ENABLE_FOLDERS_SEARCH" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxslt library installation in the typical folders" >&5
+printf %s "checking for libxslt library installation in the typical folders... " >&6; }
+ if test "z$LIBXSLT_INCLUDE_PATH" = "z" ; then
+
+ for dir in $LIBXSLT_INCLUDE_DIR ; do
+ if test -f "$dir/$LIBXSLT_INCLUDE_MARKER" ; then
+ LIBXSLT_INCLUDE_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$LIBXSLT_LIB_PATH" = "z" ; then
+
+ for dir in $LIBXSLT_LIB_DIR ; do
+ if test -f "$dir/$LIBXSLT_SHARED_LIB_MARKER" ; then
+ LIBXSLT_LIB_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$LIBXSLT_LIB_PATH" = "z" ; then
+
+ for dir in $LIBXSLT_LIB_DIR ; do
+ if test -f "$dir/$LIBXSLT_STATIC_LIB_MARKER" ; then
+ LIBXSLT_LIB_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$LIBXSLT_INCLUDE_PATH" != "z" -a "z$LIBXSLT_LIB_PATH" != "z" ; then
+ LIBXSLT_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (\"-I$LIBXSLT_INCLUDE_PATH -L$LIBXSLT_LIB_PATH\")" >&5
+printf "%s\n" "yes (\"-I$LIBXSLT_INCLUDE_PATH -L$LIBXSLT_LIB_PATH\")" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+ fi
+fi
+
+if test "z$LIBXSLT_FOUND" = "zno" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxslt library installation" >&5
+printf %s "checking for libxslt library installation... " >&6; }
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $LIBXML_CFLAGS $LIBXSLT_CFLAGS"
+ OLD_LIBS=$LIBS
+ LIBS="$LIBS $LIBXML_LIBS $LIBXSLT_LIBS $LIBXSLT_LIBS_LIST"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+
+ #include <libxslt/xslt.h>
+
+int
+main (void)
+{
+
+ int main () { xsltInit(); return(0); }
+
+ ;
+ return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ LIBXSLT_FOUND=yes
+ LIBXSLT_LIBS="$LIBXSLT_LIBS $LIBXSLT_LIBS_LIST"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+
+else $as_nop
+
+ LIBXSLT_FOUND=no
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ CPPFLAGS=$OLD_CPPFLAGS
+ LIBS=$OLD_LIBS
+fi
+
+if test "z$LIBXSLT_FOUND" = "zyes" ; then
+ if test "z$LIBXSLT_CONFIG_PATH" != "z" -a "z$ENABLE_CUSTOM_CONFIGS" = "zyes" ; then
+ if test "z$LIBXSLT_CFLAGS" = "z" ; then
+ LIBXSLT_CFLAGS="`$LIBXSLT_CONFIG_PATH --cflags`"
+ fi
+ if test "z$LIBXSLT_LIBS" = "z"; then
+ LIBXSLT_LIBS="`$LIBXSLT_CONFIG_PATH --libs`"
+ fi
+ LIBXSLT_CONFIG=$LIBXSLT_CONFIG_PATH
+ LIBXSLT_FOUND="yes"
+ else
+ if test "z$LIBXSLT_INCLUDE_PATH" != "z" ; then
+ LIBXSLT_CFLAGS="$LIBXSLT_CFLAGS -I$LIBXSLT_INCLUDE_PATH"
+ fi
+ if test "z$LIBXSLT_LIB_PATH" != "z" ; then
+ if test "z$with_gnu_ld" = "zyes" ; then
+ LIBXSLT_LIBS="$LIBXSLT_LIBS -Wl,-rpath-link -Wl,$LIBXSLT_LIB_PATH"
+ fi
+ LIBXSLT_LIBS="$LIBXSLT_LIBS -L$LIBXSLT_LIB_PATH $LIBXSLT_LIBS_LIST"
+ fi
+ fi
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libxslt library >= $LIBXSLT_MIN_VERSION" >&5
+printf %s "checking for libxslt library >= $LIBXSLT_MIN_VERSION... " >&6; }
+if test "z$LIBXSLT_FOUND" = "zyes" ; then
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $LIBXSLT_CFLAGS"
+ minvers=`echo $LIBXSLT_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 100 + $2) * 100 + $3;}'`
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <libxslt/xsltconfig.h>
+ #if LIBXSLT_VERSION >= $minvers
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ LIBXSLT_FOUND=yes
+
+else $as_nop
+
+ LIBXSLT_FOUND=no
+
+fi
+rm -rf conftest*
+
+ CPPFLAGS=$OLD_CPPFLAGS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBXSLT_FOUND" >&5
+printf "%s\n" "$LIBXSLT_FOUND" >&6; }
+
+if test "z$LIBXSLT_FOUND" = "zyes" ; then
+ XMLSEC_NO_LIBXSLT="0"
+ LIBXSLT_PC_FILE_COND="libxslt >= $LIBXSLT_MIN_VERSION"
+else
+ XMLSEC_NO_LIBXSLT="1"
+ LIBXSLT_PC_FILE_COND=""
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_XSLT=1"
+fi
+
+
+
+
+
+
+
+XMLSEC_CRYPTO_LIST=""
+XMLSEC_CRYPTO_DISABLED_LIST=""
+
+OPENSSL_MIN_VERSION="1.0.0"
+OPENSSL_INCLUDE_DIR="$COMMON_INCLUDE_DIR /usr/local/ssl/include"
+OPENSSL_LIB_DIR="$COMMON_LIB_DIR /usr/local/ssl/lib /usr/local/ssl/lib64"
+OPENSSL_CRYPTO_LIB="$XMLSEC_PACKAGE-openssl"
+OPENSSL_INCLUDE_MARKER="openssl/opensslv.h"
+OPENSSL_LIB_SHARED_MARKER="libcrypto$shrext"
+OPENSSL_LIB_STATIC_MARKER="libcrypto.a"
+OPENSSL_LIBS_LIST="-lcrypto"
+case $host in
+ *-*-mingw*) OPENSSL_EXTRA_LIBS=;;
+ *-*-osf5*) OPENSSL_EXTRA_LIBS=;;
+ *-*-openbsd*) OPENSSL_EXTRA_LIBS=;;
+ *-*-netbsd*) OPENSSL_EXTRA_LIBS=;;
+ *-*-freebsd*|*-*-dragonfly*) OPENSSL_EXTRA_LIBS=;;
+ *-*-darwin*) OPENSSL_EXTRA_LIBS=;;
+ #FIXME: check if lib "dl" is required
+ *) OPENSSL_EXTRA_LIBS=-ldl;;
+esac
+
+XMLSEC_NO_OPENSSL="1"
+OPENSSL_VERSION=""
+OPENSSL_INCLUDE_PATH=
+OPENSSL_LIB_PATH=
+OPENSSL_TEST_CONFIG=
+OPENSSL_FOUND=no
+
+# Check whether --with-openssl was given.
+if test ${with_openssl+y}
+then :
+ withval=$with_openssl;
+fi
+
+
+if test "z$with_openssl" = "zno" ; then
+ OPENSSL_FOUND=disabled
+fi
+
+if test "z$OPENSSL_FOUND" = "zno" -a "z$with_openssl" != "z" -a "z$with_openssl" != "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for openssl library installation in \"$with_openssl\" folder" >&5
+printf %s "checking for openssl library installation in \"$with_openssl\" folder... " >&6; }
+ if test -f "$with_openssl/include/$OPENSSL_INCLUDE_MARKER" -a -f "$with_openssl/lib/$OPENSSL_LIB_SHARED_MARKER" ; then
+ OPENSSL_INCLUDE_PATH="$with_openssl/include"
+ OPENSSL_LIB_PATH="$with_openssl/lib"
+ OPENSSL_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ elif test -f "$with_openssl/include/$OPENSSL_INCLUDE_MARKER" -a -f "$with_openssl/lib64/$OPENSSL_LIB_SHARED_MARKER" ; then
+ OPENSSL_INCLUDE_PATH="$with_openssl/include"
+ OPENSSL_LIB_PATH="$with_openssl/lib64"
+ OPENSSL_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ elif test -f "$with_openssl/include/$OPENSSL_INCLUDE_MARKER" -a -f "$with_openssl/lib/$OPENSSL_LIB_STATIC_MARKER" ; then
+ OPENSSL_INCLUDE_PATH="$with_openssl/include"
+ OPENSSL_LIB_PATH="$with_openssl/lib"
+ OPENSSL_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ elif test -f "$with_openssl/include/$OPENSSL_INCLUDE_MARKER" -a -f "$with_openssl/libi64/$OPENSSL_LIB_STATIC_MARKER" ; then
+ OPENSSL_INCLUDE_PATH="$with_openssl/include"
+ OPENSSL_LIB_PATH="$with_openssl/lib64"
+ OPENSSL_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ as_fn_error $? "not found: \"$with_openssl/include/$OPENSSL_INCLUDE_MARKER\" or \"$with_openssl/lib(64)/$OPENSSL_LIB_SHARED_MARKER\" or \"$with_openssl/lib(64)/$OPENSSL_LIB_STATIC_MARKER\" files don't exist), typo?" "$LINENO" 5
+ fi
+fi
+
+if test "z$OPENSSL_FOUND" = "zno" -a "z$OPENSSL_CFLAGS" != "z" -a "z$OPENSSL_LIBS" != "z" ; then
+ OPENSSL_FOUND="yes"
+fi
+
+if test "z$OPENSSL_FOUND" = "zno" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for openssl >= $OPENSSL_MIN_VERSION" >&5
+printf %s "checking for openssl >= $OPENSSL_MIN_VERSION... " >&6; }
+
+if test -n "$OPENSSL_CFLAGS"; then
+ pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= \$OPENSSL_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "openssl >= $OPENSSL_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl >= $OPENSSL_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$OPENSSL_LIBS"; then
+ pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= \$OPENSSL_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "openssl >= $OPENSSL_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl >= $OPENSSL_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl >= $OPENSSL_MIN_VERSION" 2>&1`
+ else
+ OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl >= $OPENSSL_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$OPENSSL_PKG_ERRORS" >&5
+
+ OPENSSL_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ OPENSSL_FOUND=no
+else
+ OPENSSL_CFLAGS=$pkg_cv_OPENSSL_CFLAGS
+ OPENSSL_LIBS=$pkg_cv_OPENSSL_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ OPENSSL_FOUND=yes
+fi
+fi
+
+if test "z$OPENSSL_FOUND" = "zno" -a "z$ENABLE_FOLDERS_SEARCH" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for openssl library installation in the typical folders" >&5
+printf %s "checking for openssl library installation in the typical folders... " >&6; }
+ if test "z$OPENSSL_INCLUDE_PATH" = "z" ; then
+
+ for dir in $OPENSSL_INCLUDE_DIR ; do
+ if test -f "$dir/$OPENSSL_INCLUDE_MARKER" ; then
+ OPENSSL_INCLUDE_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$OPENSSL_LIB_PATH" = "z" ; then
+
+ for dir in $OPENSSL_LIB_DIR ; do
+ if test -f "$dir/$OPENSSL_LIB_SHARED_MARKER" ; then
+ OPENSSL_LIB_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$OPENSSL_LIB_PATH" = "z" ; then
+
+ for dir in $OPENSSL_LIB_DIR ; do
+ if test -f "$dir/$OPENSSL_LIB_STATIC_MARKER" ; then
+ OPENSSL_LIB_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$OPENSSL_INCLUDE_PATH" != "z" -a "z$OPENSSL_LIB_PATH" != "z" ; then
+ OPENSSL_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (\"-I$OPENSSL_INCLUDE_PATH -L$OPENSSL_LIB_PATH\")" >&5
+printf "%s\n" "yes (\"-I$OPENSSL_INCLUDE_PATH -L$OPENSSL_LIB_PATH\")" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+ fi
+fi
+
+if test "z$OPENSSL_FOUND" = "zno" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for openssl library installation" >&5
+printf %s "checking for openssl library installation... " >&6; }
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $OPENSSL_CFLAGS"
+ OLD_LIBS=$LIBS
+ LIBS="$LIBS $OPENSSL_LIBS $OPENSSL_LIBS_LIST"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+
+ #include <openssl/ssl.h>
+
+int
+main (void)
+{
+
+ int main () {
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
+ SSL_library_init();
+ #else
+ OPENSSL_init_ssl(0, NULL);
+ #endif
+ return(0);
+ }
+
+ ;
+ return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ OPENSSL_FOUND=yes
+ OPENSSL_LIBS="$OPENSSL_LIBS $OPENSSL_LIBS_LIST"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+
+else $as_nop
+
+ OPENSSL_FOUND=no
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ CPPFLAGS=$OLD_CPPFLAGS
+ LIBS=$OLD_LIBS
+fi
+
+if test "z$OPENSSL_FOUND" = "zyes" -a "z$OPENSSL_INCLUDE_PATH" != "z" ; then
+ OPENSSL_CFLAGS="$OPENSSL_CFLAGS -I$OPENSSL_INCLUDE_PATH -I$OPENSSL_INCLUDE_PATH/openssl"
+fi
+if test "z$OPENSSL_FOUND" = "zyes" -a "z$OPENSSL_LIB_PATH" != "z" ; then
+ if test -f "$OPENSSL_LIB_PATH/$OPENSSL_LIB_SHARED_MARKER" ; then
+ if test "z$with_gnu_ld" = "zyes" ; then
+ OPENSSL_LIBS="$OPENSSL_LIBS -Wl,-rpath-link -Wl,$OPENSSL_LIB_PATH"
+ fi
+ fi
+ OPENSSL_LIBS="$OPENSSL_LIBS -L$OPENSSL_LIB_PATH $OPENSSL_LIBS_LIST $OPENSSL_EXTRA_LIBS"
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for openssl library >= $OPENSSL_MIN_VERSION" >&5
+printf %s "checking for openssl library >= $OPENSSL_MIN_VERSION... " >&6; }
+if test "z$OPENSSL_FOUND" = "zyes" ; then
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $OPENSSL_CFLAGS"
+ if test "z$OPENSSL_VERSION" = "z" ; then
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <openssl/opensslv.h>
+ #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ OPENSSL_VERSION="1.0.0 (LibreSSL < 2.7)"
+
+else $as_nop
+
+ OPENSSL_VERSION=""
+
+fi
+rm -rf conftest*
+
+ fi
+
+ if test "z$OPENSSL_VERSION" = "z" ; then
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <openssl/opensslv.h>
+ #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ OPENSSL_VERSION="1.1.0 (LibreSSL >= 2.7)"
+
+else $as_nop
+
+ OPENSSL_VERSION=""
+
+fi
+rm -rf conftest*
+
+ fi
+
+ if test "z$OPENSSL_VERSION" = "z" ; then
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <openssl/opensslv.h>
+ #include <openssl/crypto.h>
+ #if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ #ifdef OPENSSL_IS_BORINGSSL
+ greater-than-minvers
+ #endif
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ OPENSSL_VERSION="1.1.0 (BoringSSL)"
+ enable_ripemd160=no
+ enable_dsa=no
+
+else $as_nop
+
+ OPENSSL_VERSION=""
+
+fi
+rm -rf conftest*
+
+ fi
+
+ if test "z$OPENSSL_VERSION" = "z" ; then
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <openssl/opensslv.h>
+ #if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ OPENSSL_VERSION="3.0.0"
+ OPENSSL_TEST_CONFIG="openssl3.cnf"
+
+else $as_nop
+
+ OPENSSL_VERSION=""
+
+fi
+rm -rf conftest*
+
+ fi
+
+ if test "z$OPENSSL_VERSION" = "z" ; then
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <openssl/opensslv.h>
+ #if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ OPENSSL_VERSION="1.1.0"
+
+else $as_nop
+
+ OPENSSL_VERSION=""
+
+fi
+rm -rf conftest*
+
+ fi
+
+ if test "z$OPENSSL_VERSION" = "z" ; then
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <openssl/opensslv.h>
+ #if OPENSSL_VERSION_NUMBER >= 0x10000000L
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ OPENSSL_VERSION="1.0.0"
+
+else $as_nop
+
+ OPENSSL_VERSION=""
+
+fi
+rm -rf conftest*
+
+ fi
+ CPPFLAGS=$OLD_CPPFLAGS
+
+ if test "z$OPENSSL_VERSION" != "z" ; then
+ OPENSSL_FOUND=yes
+ else
+ OPENSSL_FOUND=no
+ fi
+fi
+if test "z$OPENSSL_FOUND" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (openssl version '$OPENSSL_VERSION')" >&5
+printf "%s\n" "yes (openssl version '$OPENSSL_VERSION')" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OPENSSL_FOUND" >&5
+printf "%s\n" "$OPENSSL_FOUND" >&6; }
+fi
+
+if test "z$OPENSSL_FOUND" = "zyes" ; then
+ XMLSEC_NO_OPENSSL="0"
+ OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_CRYPTO_OPENSSL=1"
+ XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST openssl"
+else
+ XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST openssl"
+fi
+
+ if test "z$XMLSEC_NO_OPENSSL" = "z1"; then
+ XMLSEC_NO_OPENSSL_TRUE=
+ XMLSEC_NO_OPENSSL_FALSE='#'
+else
+ XMLSEC_NO_OPENSSL_TRUE='#'
+ XMLSEC_NO_OPENSSL_FALSE=
+fi
+
+
+
+
+
+
+
+
+# Check whether --enable-openssl3_engines was given.
+if test ${enable_openssl3_engines+y}
+then :
+ enableval=$enable_openssl3_engines;
+fi
+
+if test "z$OPENSSL_VERSION" = "z3.0.0" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for OpenSSL 3+ engines support" >&5
+printf %s "checking for OpenSSL 3+ engines support... " >&6; }
+ if test "z$enable_openssl3_engines" = "zyes" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_OPENSSL3_ENGINES=1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: enabled" >&5
+printf "%s\n" "enabled" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+ fi
+fi
+
+NSS_MIN_VERSION="3.49"
+NSPR_MIN_VERSION="4.25.0"
+SEAMONKEY_MIN_VERSION="1.0"
+MOZILLA_MIN_VERSION="1.4"
+NSS_CRYPTO_LIB="$XMLSEC_PACKAGE-nss"
+NSPR_PACKAGE=mozilla-nspr
+NSS_PACKAGE=mozilla-nss
+NSPR_INCLUDE_MARKER="nspr/nspr.h"
+NSPR_LIB_MARKER="libnspr4$shrext"
+NSPR_LIBS_LIST="-lnspr4 -lplds4 -lplc4"
+NSS_INCLUDE_MARKER="nss/nss.h"
+NSS_LIB_MARKER="libnss3$shrext"
+NSS_LIBS_LIST="-lnss3 -lsmime3"
+
+XMLSEC_NO_NSS="1"
+NSPR_INCLUDE_PATH=
+NSPR_LIB_PATH=
+NSS_INCLUDE_PATH=
+NSS_LIB_PATH=
+NSS_FOUND="no"
+NSPR_FOUND="no"
+
+# Check whether --with-nss was given.
+if test ${with_nss+y}
+then :
+ withval=$with_nss;
+fi
+
+
+# Check whether --with-nspr was given.
+if test ${with_nspr+y}
+then :
+ withval=$with_nspr;
+fi
+
+
+# Check whether --with-seamonkey_ver was given.
+if test ${with_seamonkey_ver+y}
+then :
+ withval=$with_seamonkey_ver;
+fi
+
+
+# Check whether --with-mozilla_ver was given.
+if test ${with_mozilla_ver+y}
+then :
+ withval=$with_mozilla_ver;
+fi
+
+
+if test "z$with_nss" = "zno" -o "z$with_nspr" = "zno" ; then
+ NSS_FOUND="disabled"
+ NSPR_FOUND="disabled"
+fi
+
+if test "z$NSPR_FOUND" = "zno" -a "z$with_nspr" != "z" -a "z$with_nspr" != "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for nspr library installation in \"$with_nspr\" folder" >&5
+printf %s "checking for nspr library installation in \"$with_nspr\" folder... " >&6; }
+ if test -f "$with_nspr/include/$NSPR_INCLUDE_MARKER" -a -f "$with_nspr/lib/$NSPR_LIB_MARKER" ; then
+ NSPR_INCLUDE_PATH="$with_nspr/include"
+ NSPR_LIB_PATH="$with_nspr/lib"
+ NSPR_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ as_fn_error $? "not found: \"$with_nspr/include/$NSPR_INCLUDE_MARKER\" and/or \"$with_nspr/lib/$NSPR_LIB_MARKER\" files don't exist), typo?" "$LINENO" 5
+ fi
+fi
+if test "z$NSS_FOUND" = "zno" -a "z$with_nss" != "z" -a "z$with_nss" != "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for nss library installation in \"$with_nss\" folder" >&5
+printf %s "checking for nss library installation in \"$with_nss\" folder... " >&6; }
+ if test -f "$with_nss/include/$NSS_INCLUDE_MARKER" -a -f "$with_nss/lib/$NSS_LIB_MARKER" ; then
+ NSS_INCLUDE_PATH="$with_nss/include"
+ NSS_LIB_PATH="$with_nss/lib"
+ NSS_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ as_fn_error $? "not found: \"$with_nss/include/$NSS_INCLUDE_MARKER\" and/or \"$with_nss/lib/$NSS_LIB_MARKER\" files don't exist), typo?" "$LINENO" 5
+ fi
+fi
+
+if test "z$NSPR_FOUND" = "zno" -a "z$NSPR_CFLAGS" != "z" -a "z$NSPR_LIBS" != "z" ; then
+ NSPR_FOUND="yes"
+fi
+if test "z$NSS_FOUND" = "zno" -a "z$NSS_CFLAGS" != "z" -a "z$NSS_LIBS" != "z" ; then
+ NSS_FOUND="yes"
+fi
+
+if test "z$NSPR_FOUND" = "zno" -a "z$PKGCONFIG_FOUND" = "zyes" -a "z$with_mozilla_ver" = "z" -a "z$with_seamonkey_ver" ; then
+ if test "z$NSPR_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for seamonkey-nspr >= $NSPR_MIN_VERSION" >&5
+printf %s "checking for seamonkey-nspr >= $NSPR_MIN_VERSION... " >&6; }
+
+if test -n "$NSPR_CFLAGS"; then
+ pkg_cv_NSPR_CFLAGS="$NSPR_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"seamonkey-nspr >= \$NSPR_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "seamonkey-nspr >= $NSPR_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSPR_CFLAGS=`$PKG_CONFIG --cflags "seamonkey-nspr >= $NSPR_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$NSPR_LIBS"; then
+ pkg_cv_NSPR_LIBS="$NSPR_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"seamonkey-nspr >= \$NSPR_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "seamonkey-nspr >= $NSPR_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSPR_LIBS=`$PKG_CONFIG --libs "seamonkey-nspr >= $NSPR_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ NSPR_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "seamonkey-nspr >= $NSPR_MIN_VERSION" 2>&1`
+ else
+ NSPR_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "seamonkey-nspr >= $NSPR_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$NSPR_PKG_ERRORS" >&5
+
+ NSPR_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ NSPR_FOUND=no
+else
+ NSPR_CFLAGS=$pkg_cv_NSPR_CFLAGS
+ NSPR_LIBS=$pkg_cv_NSPR_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ NSPR_FOUND=yes NSPR_PACKAGE=seamonkey-nspr
+fi
+ fi
+ if test "z$NSPR_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for mozilla-nspr >= $MOZILLA_MIN_VERSION" >&5
+printf %s "checking for mozilla-nspr >= $MOZILLA_MIN_VERSION... " >&6; }
+
+if test -n "$NSPR_CFLAGS"; then
+ pkg_cv_NSPR_CFLAGS="$NSPR_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"mozilla-nspr >= \$MOZILLA_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "mozilla-nspr >= $MOZILLA_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSPR_CFLAGS=`$PKG_CONFIG --cflags "mozilla-nspr >= $MOZILLA_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$NSPR_LIBS"; then
+ pkg_cv_NSPR_LIBS="$NSPR_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"mozilla-nspr >= \$MOZILLA_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "mozilla-nspr >= $MOZILLA_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSPR_LIBS=`$PKG_CONFIG --libs "mozilla-nspr >= $MOZILLA_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ NSPR_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "mozilla-nspr >= $MOZILLA_MIN_VERSION" 2>&1`
+ else
+ NSPR_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "mozilla-nspr >= $MOZILLA_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$NSPR_PKG_ERRORS" >&5
+
+ NSPR_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ NSPR_FOUND=no
+else
+ NSPR_CFLAGS=$pkg_cv_NSPR_CFLAGS
+ NSPR_LIBS=$pkg_cv_NSPR_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ NSPR_FOUND=yes NSPR_PACKAGE=mozilla-nspr
+fi
+ fi
+ if test "z$NSPR_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for xulrunner-nspr >= $NSPR_MIN_VERSION" >&5
+printf %s "checking for xulrunner-nspr >= $NSPR_MIN_VERSION... " >&6; }
+
+if test -n "$NSPR_CFLAGS"; then
+ pkg_cv_NSPR_CFLAGS="$NSPR_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"xulrunner-nspr >= \$NSPR_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "xulrunner-nspr >= $NSPR_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSPR_CFLAGS=`$PKG_CONFIG --cflags "xulrunner-nspr >= $NSPR_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$NSPR_LIBS"; then
+ pkg_cv_NSPR_LIBS="$NSPR_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"xulrunner-nspr >= \$NSPR_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "xulrunner-nspr >= $NSPR_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSPR_LIBS=`$PKG_CONFIG --libs "xulrunner-nspr >= $NSPR_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ NSPR_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "xulrunner-nspr >= $NSPR_MIN_VERSION" 2>&1`
+ else
+ NSPR_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "xulrunner-nspr >= $NSPR_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$NSPR_PKG_ERRORS" >&5
+
+ NSPR_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ NSPR_FOUND=no
+else
+ NSPR_CFLAGS=$pkg_cv_NSPR_CFLAGS
+ NSPR_LIBS=$pkg_cv_NSPR_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ NSPR_FOUND=yes NSPR_PACKAGE=xulrunner-nspr
+fi
+ fi
+ if test "z$NSPR_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for nspr >= $NSPR_MIN_VERSION" >&5
+printf %s "checking for nspr >= $NSPR_MIN_VERSION... " >&6; }
+
+if test -n "$NSPR_CFLAGS"; then
+ pkg_cv_NSPR_CFLAGS="$NSPR_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"nspr >= \$NSPR_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "nspr >= $NSPR_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSPR_CFLAGS=`$PKG_CONFIG --cflags "nspr >= $NSPR_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$NSPR_LIBS"; then
+ pkg_cv_NSPR_LIBS="$NSPR_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"nspr >= \$NSPR_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "nspr >= $NSPR_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSPR_LIBS=`$PKG_CONFIG --libs "nspr >= $NSPR_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ NSPR_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "nspr >= $NSPR_MIN_VERSION" 2>&1`
+ else
+ NSPR_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "nspr >= $NSPR_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$NSPR_PKG_ERRORS" >&5
+
+ NSPR_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ NSPR_FOUND=no
+else
+ NSPR_CFLAGS=$pkg_cv_NSPR_CFLAGS
+ NSPR_LIBS=$pkg_cv_NSPR_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ NSPR_FOUND=yes NSPR_PACKAGE=nspr
+fi
+ fi
+fi
+if test "z$NSS_FOUND" = "zno" -a "z$PKGCONFIG_FOUND" = "zyes" -a "z$with_mozilla_ver" = "z" -a "z$with_seamonkey_ver" ; then
+ if test "z$NSS_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for seamonkey-nss >= $SEAMONKEY_MIN_VERSION" >&5
+printf %s "checking for seamonkey-nss >= $SEAMONKEY_MIN_VERSION... " >&6; }
+
+if test -n "$NSS_CFLAGS"; then
+ pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"seamonkey-nss >= \$SEAMONKEY_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "seamonkey-nss >= $SEAMONKEY_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSS_CFLAGS=`$PKG_CONFIG --cflags "seamonkey-nss >= $SEAMONKEY_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$NSS_LIBS"; then
+ pkg_cv_NSS_LIBS="$NSS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"seamonkey-nss >= \$SEAMONKEY_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "seamonkey-nss >= $SEAMONKEY_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSS_LIBS=`$PKG_CONFIG --libs "seamonkey-nss >= $SEAMONKEY_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "seamonkey-nss >= $SEAMONKEY_MIN_VERSION" 2>&1`
+ else
+ NSS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "seamonkey-nss >= $SEAMONKEY_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$NSS_PKG_ERRORS" >&5
+
+ NSS_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ NSS_FOUND=no
+else
+ NSS_CFLAGS=$pkg_cv_NSS_CFLAGS
+ NSS_LIBS=$pkg_cv_NSS_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ NSS_FOUND=yes NSS_PACKAGE=seamonkey-nss
+fi
+ fi
+ if test "z$NSS_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for mozilla-nss >= $MOZILLA_MIN_VERSION" >&5
+printf %s "checking for mozilla-nss >= $MOZILLA_MIN_VERSION... " >&6; }
+
+if test -n "$NSS_CFLAGS"; then
+ pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"mozilla-nss >= \$MOZILLA_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "mozilla-nss >= $MOZILLA_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSS_CFLAGS=`$PKG_CONFIG --cflags "mozilla-nss >= $MOZILLA_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$NSS_LIBS"; then
+ pkg_cv_NSS_LIBS="$NSS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"mozilla-nss >= \$MOZILLA_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "mozilla-nss >= $MOZILLA_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSS_LIBS=`$PKG_CONFIG --libs "mozilla-nss >= $MOZILLA_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "mozilla-nss >= $MOZILLA_MIN_VERSION" 2>&1`
+ else
+ NSS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "mozilla-nss >= $MOZILLA_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$NSS_PKG_ERRORS" >&5
+
+ NSS_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ NSS_FOUND=no
+else
+ NSS_CFLAGS=$pkg_cv_NSS_CFLAGS
+ NSS_LIBS=$pkg_cv_NSS_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ NSS_FOUND=yes NSS_PACKAGE=mozilla-nss
+fi
+ fi
+ if test "z$NSS_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for xulrunner-nss >= $NSS_MIN_VERSION" >&5
+printf %s "checking for xulrunner-nss >= $NSS_MIN_VERSION... " >&6; }
+
+if test -n "$NSS_CFLAGS"; then
+ pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"xulrunner-nss >= \$NSS_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "xulrunner-nss >= $NSS_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSS_CFLAGS=`$PKG_CONFIG --cflags "xulrunner-nss >= $NSS_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$NSS_LIBS"; then
+ pkg_cv_NSS_LIBS="$NSS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"xulrunner-nss >= \$NSS_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "xulrunner-nss >= $NSS_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSS_LIBS=`$PKG_CONFIG --libs "xulrunner-nss >= $NSS_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "xulrunner-nss >= $NSS_MIN_VERSION" 2>&1`
+ else
+ NSS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "xulrunner-nss >= $NSS_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$NSS_PKG_ERRORS" >&5
+
+ NSS_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ NSS_FOUND=no
+else
+ NSS_CFLAGS=$pkg_cv_NSS_CFLAGS
+ NSS_LIBS=$pkg_cv_NSS_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ NSS_FOUND=yes NSS_PACKAGE=xulrunner-nss
+fi
+ fi
+ if test "z$NSS_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for nss >= $NSS_MIN_VERSION" >&5
+printf %s "checking for nss >= $NSS_MIN_VERSION... " >&6; }
+
+if test -n "$NSS_CFLAGS"; then
+ pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"nss >= \$NSS_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "nss >= $NSS_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSS_CFLAGS=`$PKG_CONFIG --cflags "nss >= $NSS_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$NSS_LIBS"; then
+ pkg_cv_NSS_LIBS="$NSS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"nss >= \$NSS_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "nss >= $NSS_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_NSS_LIBS=`$PKG_CONFIG --libs "nss >= $NSS_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "nss >= $NSS_MIN_VERSION" 2>&1`
+ else
+ NSS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "nss >= $NSS_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$NSS_PKG_ERRORS" >&5
+
+ NSS_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ NSS_FOUND=no
+else
+ NSS_CFLAGS=$pkg_cv_NSS_CFLAGS
+ NSS_LIBS=$pkg_cv_NSS_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ NSS_FOUND=yes NSS_PACKAGE=nss
+fi
+ fi
+fi
+
+if test "z$with_seamonkey_ver" != "z" ; then
+ NSS_MOZILLA_NAME=seamonkey-$with_seamonkey_ver
+elif test "z$with_mozilla_ver" != "z" ; then
+ NSS_MOZILLA_NAME=mozilla-$with_mozilla_ver
+else
+ NSS_MOZILLA_NAME=mozilla-$MOZILLA_MIN_VERSION
+fi
+NSS_INCLUDE_DIR="$COMMON_INCLUDE_DIR /usr/include/mozilla /usr/local/include/mozilla /usr/include/$NSS_MOZILLA_NAME /usr/local/include/$NSS_MOZILLA_NAME"
+NSS_LIB_DIR="$COMMON_LIB_DIR /usr/lib/$NSS_MOZILLA_NAME /usr/local/lib/$NSS_MOZILLA_NAME"
+if test "z$NSPR_FOUND" = "zno" -a "z$ENABLE_FOLDERS_SEARCH" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for nspr library installation in the typical folders" >&5
+printf %s "checking for nspr library installation in the typical folders... " >&6; }
+ if test "z$NSPR_INCLUDE_PATH" = "z" ; then
+
+ for dir in $NSS_INCLUDE_DIR ; do
+ if test -f "$dir/$NSPR_INCLUDE_MARKER" ; then
+ NSPR_INCLUDE_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$NSPR_LIB_PATH" = "z" ; then
+
+ for dir in $NSS_LIB_DIR ; do
+ if test -f "$dir/$NSPR_LIB_MARKER" ; then
+ NSPR_LIB_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$NSPR_INCLUDE_PATH" != "z" -a "z$NSPR_LIB_PATH" != "z" ; then
+ NSPR_FOUND=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (\"-I$NSPR_INCLUDE_PATH -L$NSPR_LIB_PATH\")" >&5
+printf "%s\n" "yes (\"-I$NSPR_INCLUDE_PATH -L$NSPR_LIB_PATH\")" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+ fi
+fi
+if test "z$NSS_FOUND" = "zno" -a "z$ENABLE_FOLDERS_SEARCH" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for nss library installation in the typical folders" >&5
+printf %s "checking for nss library installation in the typical folders... " >&6; }
+ if test "z$NSS_INCLUDE_PATH" = "z" ; then
+
+ for dir in $NSS_INCLUDE_DIR ; do
+ if test -f "$dir/$NSS_INCLUDE_MARKER" ; then
+ NSS_INCLUDE_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$NSS_LIB_PATH" = "z" ; then
+
+ for dir in $NSS_LIB_DIR ; do
+ if test -f "$dir/$NSS_LIB_MARKER" ; then
+ NSS_LIB_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$NSS_INCLUDE_PATH" != "z" -a "z$NSS_LIB_PATH" != "z" ; then
+ NSS_FOUND=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (\"-I$NSS_INCLUDE_PATH -L$NSS_LIB_PATH\")" >&5
+printf "%s\n" "yes (\"-I$NSS_INCLUDE_PATH -L$NSS_LIB_PATH\")" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+ fi
+fi
+
+if test "z$NSPR_FOUND" = "zno" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for nspr library installation" >&5
+printf %s "checking for nspr library installation... " >&6; }
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $NSPR_CFLAGS"
+ OLD_LIBS=$LIBS
+ LIBS="$LIBS $NSPR_LIBS $NSPR_LIBS_LIST"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+
+ #include <stdio.h>
+ #include <nspr/nspr.h>
+
+int
+main (void)
+{
+
+ int main () { printf("v=%s\n", PR_GetVersion()); return(0); }
+
+ ;
+ return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ NSPR_FOUND=yes
+ NSPR_LIBS="$NSPR_LIBS $NSPR_LIBS_LIST"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+
+else $as_nop
+
+ NSPR_FOUND=no
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ CPPFLAGS=$OLD_CPPFLAGS
+ LIBS=$OLD_LIBS
+fi
+
+if test "z$NSPR_FOUND" = "zyes" -a "z$NSPR_INCLUDE_PATH" != "z" ; then
+ NSPR_CFLAGS="$NSPR_CFLAGS -I$NSPR_INCLUDE_PATH -I$NSPR_INCLUDE_PATH/nspr"
+fi
+if test "z$NSPR_FOUND" = "zyes" -a "z$NSPR_LIB_PATH" != "z" ; then
+ if test "z$with_gnu_ld" = "zyes" ; then
+ NSPR_LIBS="$NSPR_LIBS -Wl,-rpath-link -Wl,$NSPR_LIB_PATH"
+ fi
+ NSPR_LIBS="$NSPR_LIBS -L$NSPR_LIB_PATH/lib $NSPR_LIBS_LIST"
+fi
+
+if test "z$NSS_FOUND" = "zno" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for nss library installation" >&5
+printf %s "checking for nss library installation... " >&6; }
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $NSPR_CFLAGS $NSS_CFLAGS"
+ OLD_LIBS=$LIBS
+ LIBS="$LIBS $NSS_LIBS $NSPR_LIBS $NSS_LIBS_LIST"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+
+ #include <stdio.h>
+ #include <nss/nss.h>
+
+int
+main (void)
+{
+
+ int main () { printf("v=%s\n", NSS_GetVersion()); return(0); }
+
+ ;
+ return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ NSS_FOUND=yes
+ NSS_LIBS="$NSS_LIBS $NSS_LIBS_LIST"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+
+else $as_nop
+
+ NSS_FOUND=no
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ CPPFLAGS=$OLD_CPPFLAGS
+ LIBS=$OLD_LIBS
+fi
+
+if test "z$NSS_FOUND" = "zyes" -a "z$NSS_INCLUDE_PATH" != "z" ; then
+ NSS_CFLAGS="$NSS_CFLAGS -I$NSS_INCLUDE_PATH -I$NSS_INCLUDE_PATH/nss"
+fi
+if test "z$NSS_FOUND" = "zyes" -a "z$NSS_LIB_PATH" != "z" ; then
+ if test "z$with_gnu_ld" = "zyes" ; then
+ NSS_LIBS="$NSS_LIBS -Wl,-rpath-link -Wl,$NSS_LIB_PATH"
+ fi
+ NSS_LIBS="$NSS_LIBS -L$NSS_LIB_PATH/lib $NSS_LIBS_LIST"
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for nspr library >= $NSPR_MIN_VERSION" >&5
+printf %s "checking for nspr library >= $NSPR_MIN_VERSION... " >&6; }
+if test "z$NSPR_FOUND" = "zyes" ; then
+ minvers=`echo $NSPR_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 100 + $2) * 100 + $3;}'`
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $NSPR_CFLAGS"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <prinit.h>
+ #if ((PR_VMAJOR * 100 + PR_VMINOR) * 100 + PR_VPATCH) >= $minvers
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ NSPR_FOUND=yes
+
+else $as_nop
+
+ NSPR_FOUND=no
+
+fi
+rm -rf conftest*
+
+ CPPFLAGS="$OLD_CPPFLAGS"
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $NSPR_FOUND" >&5
+printf "%s\n" "$NSPR_FOUND" >&6; }
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for nss library >= $NSS_MIN_VERSION" >&5
+printf %s "checking for nss library >= $NSS_MIN_VERSION... " >&6; }
+if test "z$NSS_FOUND" = "zyes" ; then
+ minvers=`echo $NSS_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 100 + $2) * 100 + $3;}'`
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $NSPR_CFLAGS $NSS_CFLAGS"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <nss.h>
+ #if ((NSS_VMAJOR * 100 + NSS_VMINOR) * 100 + NSS_VPATCH) >= $minvers
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ NSS_FOUND=yes
+
+else $as_nop
+
+ NSS_FOUND=no
+
+fi
+rm -rf conftest*
+
+ CPPFLAGS="$OLD_CPPFLAGS"
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $NSS_FOUND" >&5
+printf "%s\n" "$NSS_FOUND" >&6; }
+
+if test "z$NSPR_FOUND" = "zyes" -a "z$NSS_FOUND" = "zyes" ; then
+ NSS_CFLAGS="$NSS_CFLAGS $NSPR_CFLAGS"
+ NSS_LIBS="$NSS_LIBS $NSPR_LIBS"
+elif test "z$NSPR_FOUND" != "zyes" -a "z$NSS_FOUND" = "zyes" ; then
+ NSS_FOUND="no"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: NSPR library is required for NSS, ignoring NSS library we have found" >&5
+printf "%s\n" "NSPR library is required for NSS, ignoring NSS library we have found" >&6; }
+fi
+
+if test "z$NSS_FOUND" = "zyes" ; then
+ XMLSEC_NO_NSS="0"
+ NSS_CFLAGS="$NSS_CFLAGS -DXMLSEC_CRYPTO_NSS=1"
+ XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST nss"
+else
+ XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST nss"
+fi
+
+ if test "z$XMLSEC_NO_NSS" = "z1"; then
+ XMLSEC_NO_NSS_TRUE=
+ XMLSEC_NO_NSS_FALSE='#'
+else
+ XMLSEC_NO_NSS_TRUE='#'
+ XMLSEC_NO_NSS_FALSE=
+fi
+
+
+
+
+
+
+
+
+
+
+
+GCRYPT_MIN_VERSION="1.4.0"
+GCRYPT_INCLUDE_DIR="$COMMON_INCLUDE_DIR /usr/local/gcrypt/include"
+GCRYPT_LIB_DIR="$COMMON_LIB_DIR /usr/local/gcrypt/lib"
+GCRYPT_CONFIG="libgcrypt-config"
+GCRYPT_INCLUDE_MARKER="gcrypt.h"
+GCRYPT_LIB_MARKER="libgcrypt$shrext"
+GCRYPT_CRYPTO_LIB="$XMLSEC_PACKAGE-gcrypt"
+GCRYPT_LIBS_LIST="-lgcrypt"
+
+XMLSEC_NO_GCRYPT="1"
+GCRYPT_VERSION=
+GCRYPT_INCLUDE_PATH=
+GCRYPT_LIB_PATH=
+GCRYPT_FOUND="no"
+
+# Check whether --with-gcrypt was given.
+if test ${with_gcrypt+y}
+then :
+ withval=$with_gcrypt;
+fi
+
+
+if test "z$with_gcrypt" = "zno" ; then
+ GCRYPT_FOUND="disabled"
+fi
+
+if test "z$GCRYPT_FOUND" = "zno" -a "z$with_gcrypt" != "z" -a "z$with_gcrypt" != "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgcrypt library installation in \"$with_gcrypt\" folder" >&5
+printf %s "checking for libgcrypt library installation in \"$with_gcrypt\" folder... " >&6; }
+ if test "z$ENABLE_CUSTOM_CONFIGS" = "zyes" -a -f "$with_gcrypt/bin/$GCRYPT_CONFIG" ; then
+ GCRYPT_CONFIG_PATH="$with_gcrypt/bin/$GCRYPT_CONFIG"
+ GCRYPT_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ elif test -f "$with_gcrypt/include/$GCRYPT_INCLUDE_MARKER" -a -f "$with_gcrypt/lib/$GCRYPT_LIB_MARKER" ; then
+ GCRYPT_INCLUDE_PATH="$with_gcrypt/include"
+ GCRYPT_LIB_PATH="$with_gcrypt/lib"
+ GCRYPT_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ as_fn_error $? "not found: \"$with_gcrypt/bin/$GCRYPT_CONFIG\" tool, or \"$with_gcrypt/include/$GCRYPT_INCLUDE_MARKER\" and/or \"$with_gcrypt/lib/$GCRYPT_LIB_MARKER\" files don't exist), typo?" "$LINENO" 5
+ fi
+fi
+
+if test "z$GCRYPT_FOUND" = "zno" -a "z$GCRYPT_CFLAGS" != "z" -a "z$GCRYPT_LIBS" != "z" ; then
+ GCRYPT_FOUND="yes"
+fi
+
+if test "z$GCRYPT_FOUND" = "zno" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
+ if test "z$GCRYPT_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gcrypt >= $GCRYPT_MIN_VERSION" >&5
+printf %s "checking for gcrypt >= $GCRYPT_MIN_VERSION... " >&6; }
+
+if test -n "$GCRYPT_CFLAGS"; then
+ pkg_cv_GCRYPT_CFLAGS="$GCRYPT_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gcrypt >= \$GCRYPT_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "gcrypt >= $GCRYPT_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GCRYPT_CFLAGS=`$PKG_CONFIG --cflags "gcrypt >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$GCRYPT_LIBS"; then
+ pkg_cv_GCRYPT_LIBS="$GCRYPT_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gcrypt >= \$GCRYPT_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "gcrypt >= $GCRYPT_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GCRYPT_LIBS=`$PKG_CONFIG --libs "gcrypt >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ GCRYPT_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "gcrypt >= $GCRYPT_MIN_VERSION" 2>&1`
+ else
+ GCRYPT_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "gcrypt >= $GCRYPT_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$GCRYPT_PKG_ERRORS" >&5
+
+ GCRYPT_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ GCRYPT_FOUND=no
+else
+ GCRYPT_CFLAGS=$pkg_cv_GCRYPT_CFLAGS
+ GCRYPT_LIBS=$pkg_cv_GCRYPT_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ GCRYPT_FOUND=yes
+fi
+ fi
+ if test "z$GCRYPT_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgcrypt20 >= $GCRYPT_MIN_VERSION" >&5
+printf %s "checking for libgcrypt20 >= $GCRYPT_MIN_VERSION... " >&6; }
+
+if test -n "$GCRYPT_CFLAGS"; then
+ pkg_cv_GCRYPT_CFLAGS="$GCRYPT_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgcrypt20 >= \$GCRYPT_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libgcrypt20 >= $GCRYPT_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GCRYPT_CFLAGS=`$PKG_CONFIG --cflags "libgcrypt20 >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$GCRYPT_LIBS"; then
+ pkg_cv_GCRYPT_LIBS="$GCRYPT_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgcrypt20 >= \$GCRYPT_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libgcrypt20 >= $GCRYPT_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GCRYPT_LIBS=`$PKG_CONFIG --libs "libgcrypt20 >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ GCRYPT_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libgcrypt20 >= $GCRYPT_MIN_VERSION" 2>&1`
+ else
+ GCRYPT_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libgcrypt20 >= $GCRYPT_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$GCRYPT_PKG_ERRORS" >&5
+
+ GCRYPT_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ GCRYPT_FOUND=no
+else
+ GCRYPT_CFLAGS=$pkg_cv_GCRYPT_CFLAGS
+ GCRYPT_LIBS=$pkg_cv_GCRYPT_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ GCRYPT_FOUND=yes
+fi
+ fi
+ if test "z$GCRYPT_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgcrypt11 >= $GCRYPT_MIN_VERSION" >&5
+printf %s "checking for libgcrypt11 >= $GCRYPT_MIN_VERSION... " >&6; }
+
+if test -n "$GCRYPT_CFLAGS"; then
+ pkg_cv_GCRYPT_CFLAGS="$GCRYPT_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgcrypt11 >= \$GCRYPT_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libgcrypt11 >= $GCRYPT_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GCRYPT_CFLAGS=`$PKG_CONFIG --cflags "libgcrypt11 >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$GCRYPT_LIBS"; then
+ pkg_cv_GCRYPT_LIBS="$GCRYPT_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgcrypt11 >= \$GCRYPT_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libgcrypt11 >= $GCRYPT_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GCRYPT_LIBS=`$PKG_CONFIG --libs "libgcrypt11 >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ GCRYPT_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libgcrypt11 >= $GCRYPT_MIN_VERSION" 2>&1`
+ else
+ GCRYPT_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libgcrypt11 >= $GCRYPT_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$GCRYPT_PKG_ERRORS" >&5
+
+ GCRYPT_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ GCRYPT_FOUND=no
+else
+ GCRYPT_CFLAGS=$pkg_cv_GCRYPT_CFLAGS
+ GCRYPT_LIBS=$pkg_cv_GCRYPT_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ GCRYPT_FOUND=yes
+fi
+ fi
+ if test "z$GCRYPT_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgcrypt >= $GCRYPT_MIN_VERSION" >&5
+printf %s "checking for libgcrypt >= $GCRYPT_MIN_VERSION... " >&6; }
+
+if test -n "$GCRYPT_CFLAGS"; then
+ pkg_cv_GCRYPT_CFLAGS="$GCRYPT_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgcrypt >= \$GCRYPT_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libgcrypt >= $GCRYPT_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GCRYPT_CFLAGS=`$PKG_CONFIG --cflags "libgcrypt >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$GCRYPT_LIBS"; then
+ pkg_cv_GCRYPT_LIBS="$GCRYPT_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgcrypt >= \$GCRYPT_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libgcrypt >= $GCRYPT_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GCRYPT_LIBS=`$PKG_CONFIG --libs "libgcrypt >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ GCRYPT_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libgcrypt >= $GCRYPT_MIN_VERSION" 2>&1`
+ else
+ GCRYPT_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libgcrypt >= $GCRYPT_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$GCRYPT_PKG_ERRORS" >&5
+
+ GCRYPT_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ GCRYPT_FOUND=no
+else
+ GCRYPT_CFLAGS=$pkg_cv_GCRYPT_CFLAGS
+ GCRYPT_LIBS=$pkg_cv_GCRYPT_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ GCRYPT_FOUND=yes
+fi
+ fi
+fi
+
+if test "z$GCRYPT_FOUND" = "zno" -a "z$ENABLE_CUSTOM_CONFIGS" = "zyes" ; then
+ # Extract the first word of "$GCRYPT_CONFIG", so it can be a program name with args.
+set dummy $GCRYPT_CONFIG; ac_word=$2
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+printf %s "checking for $ac_word... " >&6; }
+if test ${ac_cv_path_GCRYPT_CONFIG_PATH+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ case $GCRYPT_CONFIG_PATH in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_GCRYPT_CONFIG_PATH="$GCRYPT_CONFIG_PATH" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
+ ac_cv_path_GCRYPT_CONFIG_PATH="$as_dir$ac_word$ac_exec_ext"
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+GCRYPT_CONFIG_PATH=$ac_cv_path_GCRYPT_CONFIG_PATH
+if test -n "$GCRYPT_CONFIG_PATH"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GCRYPT_CONFIG_PATH" >&5
+printf "%s\n" "$GCRYPT_CONFIG_PATH" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+fi
+
+
+ if test "z$GCRYPT_CONFIG_PATH" != "z" ; then
+ GCRYPT_FOUND="yes"
+ fi
+fi
+
+if test "z$GCRYPT_FOUND" = "zno" -a "z$ENABLE_FOLDERS_SEARCH" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgcrypt library installation in the typical folders" >&5
+printf %s "checking for libgcrypt library installation in the typical folders... " >&6; }
+ if test "z$GCRYPT_INCLUDE_PATH" = "z" ; then
+
+ for dir in $GCRYPT_INCLUDE_DIR ; do
+ if test -f "$dir/$GCRYPT_INCLUDE_MARKER" ; then
+ GCRYPT_INCLUDE_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$GCRYPT_LIB_PATH" = "z" ; then
+
+ for dir in $GCRYPT_LIB_DIR ; do
+ if test -f "$dir/$GCRYPT_LIB_MARKER" ; then
+ GCRYPT_LIB_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$GCRYPT_INCLUDE_PATH" != "z" -a "z$GCRYPT_LIB_PATH" != "z" ; then
+ GCRYPT_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (\"-I$GCRYPT_INCLUDE_PATH -L$GCRYPT_LIB_PATH\")" >&5
+printf "%s\n" "yes (\"-I$GCRYPT_INCLUDE_PATH -L$GCRYPT_LIB_PATH\")" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+ fi
+fi
+
+if test "z$GCRYPT_FOUND" = "zno" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gcrypt library installation" >&5
+printf %s "checking for gcrypt library installation... " >&6; }
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $GCRYPT_CFLAGS"
+ OLD_LIBS=$LIBS
+ LIBS="$LIBS $GCRYPT_LIBS $GCRYPT_LIBS_LIST"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+
+ #include <gcrypt.h>
+
+int
+main (void)
+{
+
+ int main () { printf("v=%s\n", gcry_check_version("0")); return(0); }
+
+ ;
+ return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ GCRYPT_FOUND=yes
+ GCRYPT_LIBS="$GCRYPT_LIBS $GCRYPT_LIBS_LIST"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+
+else $as_nop
+
+ GCRYPT_FOUND=no
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ CPPFLAGS=$OLD_CPPFLAGS
+ LIBS=$OLD_LIBS
+fi
+
+if test "z$GCRYPT_FOUND" = "zyes" ; then
+ if test "z$GCRYPT_CONFIG_PATH" != "z" -a "z$ENABLE_CUSTOM_CONFIGS" = "zyes" ; then
+ if test "z$GCRYPT_CFLAGS" = "z" ; then
+ GCRYPT_CFLAGS="`$GCRYPT_CONFIG_PATH --cflags`"
+ fi
+ if test "z$GCRYPT_LIBS" = "z"; then
+ GCRYPT_LIBS="`$GCRYPT_CONFIG_PATH --libs`"
+ fi
+ GCRYPT_CONFIG=$GCRYPT_CONFIG_PATH
+ GCRYPT_FOUND="yes"
+ else
+ if test "z$GCRYPT_INCLUDE_PATH" != "z" ; then
+ GCRYPT_CFLAGS="$GCRYPT_CFLAGS -I$GCRYPT_INCLUDE_PATH"
+ fi
+ if test "z$GCRYPT_LIB_PATH" != "z" ; then
+ if test "z$with_gnu_ld" = "zyes" ; then
+ GCRYPT_LIBS="$GCRYPT_LIBS -Wl,-rpath-link -Wl,$GCRYPT_LIB_PATH"
+ fi
+ GCRYPT_LIBS="$GCRYPT_LIBS -L$GCRYPT_LIB_PATH $GCRYPT_LIBS_LIST"
+ fi
+ fi
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgcrypt library >= $GCRYPT_MIN_VERSION" >&5
+printf %s "checking for libgcrypt library >= $GCRYPT_MIN_VERSION... " >&6; }
+if test "z$GCRYPT_FOUND" = "zyes" ; then
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $GCRYPT_CFLAGS"
+ minvers=`echo $GCRYPT_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 256 + $2) * 256 + $3;}'`
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <gcrypt.h>
+ #if GCRYPT_VERSION_NUMBER >= $minvers
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ GCRYPT_FOUND=yes
+
+else $as_nop
+
+ GCRYPT_FOUND=no
+
+fi
+rm -rf conftest*
+
+ CPPFLAGS=$OLD_CPPFLAGS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GCRYPT_FOUND" >&5
+printf "%s\n" "$GCRYPT_FOUND" >&6; }
+
+if test "z$GCRYPT_FOUND" = "zyes" ; then
+ XMLSEC_NO_GCRYPT="0"
+ GCRYPT_CFLAGS="$GCRYPT_CFLAGS -DXMLSEC_CRYPTO_GCRYPT=1"
+ XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST gcrypt"
+else
+ XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST gcrypt"
+fi
+
+ if test "z$XMLSEC_NO_GCRYPT" = "z1"; then
+ XMLSEC_NO_GCRYPT_TRUE=
+ XMLSEC_NO_GCRYPT_FALSE='#'
+else
+ XMLSEC_NO_GCRYPT_TRUE='#'
+ XMLSEC_NO_GCRYPT_FALSE=
+fi
+
+
+
+
+
+
+
+GNUTLS_MIN_VERSION="2.8.0"
+GNUTLS_INCLUDE_DIR="$COMMON_INCLUDE_DIR /usr/local/gnutls/include"
+GNUTLS_LIB_DIR="$COMMON_LIB_DIR /usr/local/gnutls/lib"
+GNUTLS_INCLUDE_MARKER="gnutls/gnutls.h"
+GNUTLS_LIB_MARKER="libgnutls$shrext"
+GNUTLS_CRYPTO_LIB="$XMLSEC_PACKAGE-gnutls"
+GNUTLS_LIBS_LIST="-lgnutls"
+
+XMLSEC_NO_GNUTLS="1"
+GNUTLS_INCLUDE_PATH=
+GNUTLS_LIB_PATH=
+GNUTLS_FOUND="no"
+
+# Check whether --with-gnutls was given.
+if test ${with_gnutls+y}
+then :
+ withval=$with_gnutls;
+fi
+
+
+if test "z$with_gnutls" = "zno" ; then
+ GNUTLS_FOUND="disabled"
+fi
+
+if test "z$GNUTLS_FOUND" = "zno" -a "z$with_gnutls" != "z" -a "z$with_gnutls" != "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgnutls library installation in \"$with_gnutls\" folder" >&5
+printf %s "checking for libgnutls library installation in \"$with_gnutls\" folder... " >&6; }
+ if test -f "$with_gnutls/include/$GNUTLS_INCLUDE_MARKER" -a -f "$with_gnutls/lib/$GNUTLS_LIB_MARKER" ; then
+ GNUTLS_INCLUDE_PATH="$with_gnutls/include"
+ GNUTLS_LIB_PATH="$with_gnutls/lib"
+ GNUTLS_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ as_fn_error $? "not found: \"$with_gnutls/bin/$GNUTLS_CONFIG\" tool, or \"$with_gnutls/include/$GNUTLS_INCLUDE_MARKER\" and/or \"$with_gnutls/lib/$GNUTLS_LIB_MARKER\" files don't exist), typo?" "$LINENO" 5
+ fi
+fi
+
+if test "z$GNUTLS_FOUND" = "zno" -a "z$GNUTLS_CFLAGS" != "z" -a "z$GNUTLS_LIBS" != "z" ; then
+ GNUTLS_FOUND="yes"
+fi
+
+if test "z$GNUTLS_FOUND" = "zno" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
+ if test "z$GNUTLS_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gnutls >= $GNUTLS_MIN_VERSION" >&5
+printf %s "checking for gnutls >= $GNUTLS_MIN_VERSION... " >&6; }
+
+if test -n "$GNUTLS_CFLAGS"; then
+ pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= \$GNUTLS_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "gnutls >= $GNUTLS_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls >= $GNUTLS_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$GNUTLS_LIBS"; then
+ pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= \$GNUTLS_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "gnutls >= $GNUTLS_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls >= $GNUTLS_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "gnutls >= $GNUTLS_MIN_VERSION" 2>&1`
+ else
+ GNUTLS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "gnutls >= $GNUTLS_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$GNUTLS_PKG_ERRORS" >&5
+
+ GNUTLS_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ GNUTLS_FOUND=no
+else
+ GNUTLS_CFLAGS=$pkg_cv_GNUTLS_CFLAGS
+ GNUTLS_LIBS=$pkg_cv_GNUTLS_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ GNUTLS_FOUND=yes
+fi
+ fi
+ if test "z$GNUTLS_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgnutls >= $GNUTLS_MIN_VERSION" >&5
+printf %s "checking for libgnutls >= $GNUTLS_MIN_VERSION... " >&6; }
+
+if test -n "$GNUTLS_CFLAGS"; then
+ pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgnutls >= \$GNUTLS_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libgnutls >= $GNUTLS_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GNUTLS_CFLAGS=`$PKG_CONFIG --cflags "libgnutls >= $GNUTLS_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+if test -n "$GNUTLS_LIBS"; then
+ pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgnutls >= \$GNUTLS_MIN_VERSION\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "libgnutls >= $GNUTLS_MIN_VERSION") 2>&5
+ ac_status=$?
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ pkg_cv_GNUTLS_LIBS=`$PKG_CONFIG --libs "libgnutls >= $GNUTLS_MIN_VERSION" 2>/dev/null`
+ test "x$?" != "x0" && pkg_failed=yes
+else
+ pkg_failed=yes
+fi
+ else
+ pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+ _pkg_short_errors_supported=yes
+else
+ _pkg_short_errors_supported=no
+fi
+ if test $_pkg_short_errors_supported = yes; then
+ GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libgnutls >= $GNUTLS_MIN_VERSION" 2>&1`
+ else
+ GNUTLS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libgnutls >= $GNUTLS_MIN_VERSION" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$GNUTLS_PKG_ERRORS" >&5
+
+ GNUTLS_FOUND=no
+elif test $pkg_failed = untried; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ GNUTLS_FOUND=no
+else
+ GNUTLS_CFLAGS=$pkg_cv_GNUTLS_CFLAGS
+ GNUTLS_LIBS=$pkg_cv_GNUTLS_LIBS
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ GNUTLS_FOUND=yes
+fi
+ fi
+fi
+
+if test "z$GNUTLS_FOUND" = "zno" -a "z$ENABLE_FOLDERS_SEARCH" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgnutls library installation in the typical folders" >&5
+printf %s "checking for libgnutls library installation in the typical folders... " >&6; }
+ if test "z$GNUTLS_INCLUDE_PATH" = "z" ; then
+
+ for dir in $GNUTLS_INCLUDE_DIR ; do
+ if test -f "$dir/$GNUTLS_INCLUDE_MARKER" ; then
+ GNUTLS_INCLUDE_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$GNUTLS_LIB_PATH" = "z" ; then
+
+ for dir in $GNUTLS_LIB_DIR ; do
+ if test -f "$dir/$GNUTLS_LIB_MARKER" ; then
+ GNUTLS_LIB_PATH="$dir"
+ break;
+ fi
+ done
+
+ fi
+ if test "z$GNUTLS_INCLUDE_PATH" != "z" -a "z$GNUTLS_LIB_PATH" != "z" ; then
+ GNUTLS_FOUND="yes"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (\"-I$GNUTLS_INCLUDE_PATH -L$GNUTLS_LIB_PATH\")" >&5
+printf "%s\n" "yes (\"-I$GNUTLS_INCLUDE_PATH -L$GNUTLS_LIB_PATH\")" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+ fi
+fi
+
+if test "z$GNUTLS_FOUND" = "zno" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gnutls library installation" >&5
+printf %s "checking for gnutls library installation... " >&6; }
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $GCRYPT_CFLAGS $GNUTLS_CFLAGS"
+ OLD_LIBS=$LIBS
+ LIBS="$LIBS $GNUTLS_LIBS $GCRYPT_LIBS $GNUTLS_LIBS_LIST"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+
+ #include <gnutls/gnutls.h>
+
+int
+main (void)
+{
+
+ int main () { gnutls_global_init(); return(0); }
+
+ ;
+ return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ GNUTLS_FOUND=yes
+ GNUTLS_LIBS="$GNUTLS_LIBS $GNUTLS_LIBS_LIST"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+
+else $as_nop
+
+ GNUTLS_FOUND=no
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ CPPFLAGS=$OLD_CPPFLAGS
+ LIBS=$OLD_LIBS
+fi
+
+if test "z$GNUTLS_FOUND" = "zyes" ; then
+ if test "z$GNUTLS_INCLUDE_PATH" != "z" ; then
+ GNUTLS_CFLAGS="$GNUTLS_CFLAGS -I$GNUTLS_INCLUDE_PATH"
+ fi
+ if test "z$GNUTLS_LIB_PATH" != "z" ; then
+ if test "z$with_gnu_ld" = "zyes" ; then
+ GNUTLS_LIBS="$GNUTLS_LIBS -Wl,-rpath-link -Wl,$GNUTLS_LIB_PATH"
+ fi
+ GNUTLS_LIBS="$GNUTLS_LIBS -L$GNUTLS_LIB_PATH $GNUTLS_LIBS_LIST"
+ fi
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libgnutls library >= $GNUTLS_MIN_VERSION" >&5
+printf %s "checking for libgnutls library >= $GNUTLS_MIN_VERSION... " >&6; }
+if test "z$GNUTLS_FOUND" = "zyes" ; then
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $GNUTLS_CFLAGS"
+ minvers=`echo $GNUTLS_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 256 + $2) * 256 + $3;}'`
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <gnutls/gnutls.h>
+ #if GNUTLS_VERSION_NUMBER >= $minvers
+ greater-than-minvers
+ #endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "greater-than-minvers" >/dev/null 2>&1
+then :
+
+ GNUTLS_FOUND=yes
+
+else $as_nop
+
+ GNUTLS_FOUND=no
+
+fi
+rm -rf conftest*
+
+ CPPFLAGS=$OLD_CPPFLAGS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GNUTLS_FOUND" >&5
+printf "%s\n" "$GNUTLS_FOUND" >&6; }
+
+if test "z$GNUTLS_FOUND" = "zyes" -a "z$GCRYPT_FOUND" != "zyes" ; then
+ GNUTLS_FOUND="no"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: xmlsec-gnutls library requires xmlsec-gcrypt library which is disabled or missing, ignoring libgnutls library we have found" >&5
+printf "%s\n" "xmlsec-gnutls library requires xmlsec-gcrypt library which is disabled or missing, ignoring libgnutls library we have found" >&6; }
+fi
+
+if test "z$GNUTLS_FOUND" = "zyes" ; then
+ XMLSEC_NO_GNUTLS="0"
+ GNUTLS_CFLAGS="$GNUTLS_CFLAGS -DXMLSEC_CRYPTO_GNUTLS=1"
+ XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST gnutls"
+else
+ XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST gnutls"
+fi
+
+ if test "z$XMLSEC_NO_GNUTLS" = "z1"; then
+ XMLSEC_NO_GNUTLS_TRUE=
+ XMLSEC_NO_GNUTLS_FALSE='#'
+else
+ XMLSEC_NO_GNUTLS_TRUE='#'
+ XMLSEC_NO_GNUTLS_FALSE=
+fi
+
+
+
+
+
+
+
+
+MSCRYPTO_CRYPTO_LIB="$XMLSEC_PACKAGE-mscrypto"
+case $host in
+*-w64-mingw*)
+ MSCRYPTO_XMLSEC_DEFINES=
+ MSCRYPTO_LIBS_LIST="-lcrypt32"
+ ;;
+*-*-mingw*)
+ MSCRYPTO_XMLSEC_DEFINES="-DXMLSEC_CUSTOM_CRYPT32=1"
+ MSCRYPTO_LIBS_LIST="-Wl,$(srcdir)/mingw-crypt32.def"
+ ;;
+*)
+ MSCRYPTO_XMLSEC_DEFINES=
+ MSCRYPTO_LIBS_LIST="-lcrypt32"
+ ;;
+esac
+
+XMLSEC_NO_MSCRYPTO="1"
+MSCRYPTO_FOUND="no"
+# Check whether --enable-mscrypto was given.
+if test ${enable_mscrypto+y}
+then :
+ enableval=$enable_mscrypto;
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for mscrypto" >&5
+printf %s "checking for mscrypto... " >&6; }
+
+if test "z$enable_mscrypto" != "zyes" ; then
+ MSCRYPTO_FOUND="disabled"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+if test "z$MSCRYPTO_FOUND" = "zno" -a "z$MSCRYPTO_CFLAGS" != "z" -a "z$MSCRYPTO_LIBS" != "z" ; then
+ MSCRYPTO_FOUND=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+
+if test "z$MSCRYPTO_FOUND" = "zno" ; then
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $MSCRYPTO_CFLAGS"
+ OLD_LIBS=$LIBS
+ LIBS="$LIBS $MSCRYPTO_LIBS $MSCRYPTO_LIBS_LIST"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+
+ #include <windows.h>
+ #include <wincrypt.h>
+
+int
+main (void)
+{
+
+ CertOpenStore(0,0,0,0,0);
+
+ ;
+ return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ MSCRYPTO_FOUND=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+
+else $as_nop
+
+ MSCRYPTO_FOUND=no
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ CPPFLAGS=$OLD_CPPFLAGS
+ LIBS=$OLD_LIBS
+fi
+
+if test "z$MSCRYPTO_FOUND" = "zyes" ; then
+ if test "z$MSCRYPTO_CFLAGS" = "z" -o "z$MSCRYPTO_LIBS" = "z" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES $MSCRYPTO_XMLSEC_DEFINES"
+ MSCRYPTO_LIBS="$MSCRYPTO_LIBS $MSCRYPTO_LIBS_LIST"
+ fi
+fi
+
+if test "z$MSCRYPTO_FOUND" = "zyes" ; then
+ XMLSEC_NO_MSCRYPTO="0"
+ MSCRYPTO_CFLAGS="$MSCRYPTO_CFLAGS -DXMLSEC_CRYPTO_MSCRYPTO=1"
+ XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST mscrypto"
+else
+ XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST mscrypto"
+fi
+
+ if test "z$XMLSEC_NO_MSCRYPTO" = "z1"; then
+ XMLSEC_NO_MSCRYPTO_TRUE=
+ XMLSEC_NO_MSCRYPTO_FALSE='#'
+else
+ XMLSEC_NO_MSCRYPTO_TRUE='#'
+ XMLSEC_NO_MSCRYPTO_FALSE=
+fi
+
+
+
+
+
+
+
+MSCNG_CRYPTO_LIB="$XMLSEC_PACKAGE-mscng"
+MSCNG_XMLSEC_DEFINES=
+MSCNG_LIBS_LIST="-lcrypt32 -lbcrypt -lncrypt"
+
+XMLSEC_NO_MSCNG="1"
+MSCNG_FOUND="no"
+# Check whether --enable-mscng was given.
+if test ${enable_mscng+y}
+then :
+ enableval=$enable_mscng;
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for mscng" >&5
+printf %s "checking for mscng... " >&6; }
+
+if test "z$enable_mscng" != "zyes" ; then
+ MSCNG_FOUND="disabled"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+if test "z$MSCNG_FOUND" = "zno" -a "z$MSCNG_CFLAGS" != "z" -a "z$MSCNG_LIBS" != "z" ; then
+ MSCNG_FOUND=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+
+if test "z$MSCNG_FOUND" = "zno" ; then
+ OLD_CPPFLAGS=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $MSCNG_CFLAGS"
+ OLD_LIBS=$LIBS
+ LIBS="$LIBS $MSCNG_LIBS $MSCNG_LIBS_LIST"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+
+ #include <windows.h>
+ #include <wincrypt.h>
+
+int
+main (void)
+{
+
+ BCRYPT_ALG_HANDLE hAlg;
+ BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_SHA256_ALGORITHM, NULL, 0);
+
+ ;
+ return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+
+ MSCNG_FOUND=yes
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+
+else $as_nop
+
+ MSCNG_FOUND=no
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5
+printf "%s\n" "not found" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+ CPPFLAGS=$OLD_CPPFLAGS
+ LIBS=$OLD_LIBS
+fi
+
+if test "z$MSCNG_FOUND" = "zyes" ; then
+ if test "z$MSCNG_CFLAGS" = "z" -o "z$MSCNG_LIBS" = "z" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES $MSCNG_XMLSEC_DEFINES"
+ MSCNG_LIBS="$MSCNG_LIBS $MSCNG_LIBS_LIST"
+ fi
+fi
+
+if test "z$MSCNG_FOUND" = "zyes" ; then
+ XMLSEC_NO_MSCNG="0"
+ MSCNG_CFLAGS="$MSCNG_CFLAGS -DXMLSEC_CRYPTO_MSCNG=1"
+ XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST mscng"
+else
+ XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST mscng"
+fi
+
+ if test "z$XMLSEC_NO_MSCNG" = "z1"; then
+ XMLSEC_NO_MSCNG_TRUE=
+ XMLSEC_NO_MSCNG_FALSE='#'
+else
+ XMLSEC_NO_MSCNG_TRUE='#'
+ XMLSEC_NO_MSCNG_FALSE=
+fi
+
+
+
+
+
+
+
+XMLSEC_DEFAULT_CRYPTO=""
+XMLSEC_CRYPTO_LIB=""
+XMLSEC_CRYPTO_CFLAGS=""
+XMLSEC_CRYPTO_LIBS=""
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for default crypto library" >&5
+printf %s "checking for default crypto library... " >&6; }
+
+# Check whether --with-default_crypto was given.
+if test ${with_default_crypto+y}
+then :
+ withval=$with_default_crypto;
+fi
+
+
+# check the argument
+case "z$with_default_crypto" in
+ 'zmscrypto')
+ if test "z$XMLSEC_NO_MSCRYPTO" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="mscrypto"
+ else
+ as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+ fi
+ ;;
+ 'zmscng')
+ if test "z$XMLSEC_NO_MSCNG" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="mscng"
+ else
+ as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+ fi
+ ;;
+ 'zopenssl')
+ if test "z$XMLSEC_NO_OPENSSL" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="openssl"
+ else
+ as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+ fi
+ ;;
+ 'znss')
+ if test "z$XMLSEC_NO_NSS" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="nss"
+ else
+ as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+ fi
+ ;;
+ 'zgnutls')
+ if test "z$XMLSEC_NO_GNUTLS" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="gnutls"
+ else
+ as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+ fi
+ ;;
+ 'zgcrypt')
+ if test "z$XMLSEC_NO_GCRYPT" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="gcrypt"
+ else
+ as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+ fi
+ ;;
+ 'z')
+ if test "z$XMLSEC_NO_MSCRYPTO" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="mscrypto"
+ elif test "z$XMLSEC_NO_MSCNG" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="mscng"
+ elif test "z$XMLSEC_NO_OPENSSL" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="openssl"
+ elif test "z$XMLSEC_NO_NSS" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="nss"
+ elif test "z$XMLSEC_NO_GNUTLS" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="gnutls"
+ elif test "z$XMLSEC_NO_GCRYPT" != "z1" ; then
+ XMLSEC_DEFAULT_CRYPTO="gcrypt"
+ else
+ as_fn_error $? "At least one crypto library should exist for $XMLSEC_PACKAGE" "$LINENO" 5
+ fi
+ ;;
+ *)
+ as_fn_error $? "The value '$with_default_crypto' is not a recongnized crypto library name" "$LINENO" 5
+ ;;
+esac
+
+case "$XMLSEC_DEFAULT_CRYPTO" in
+ 'mscrypto')
+ XMLSEC_CRYPTO_LIB="$MSCRYPTO_CRYPTO_LIB"
+ XMLSEC_CRYPTO_CFLAGS="$MSCRYPTO_CFLAGS"
+ XMLSEC_CRYPTO_LIBS="$MSCRYPTO_LIBS"
+ ;;
+ 'mscng')
+ XMLSEC_CRYPTO_LIB="$MSCNG_CRYPTO_LIB"
+ XMLSEC_CRYPTO_CFLAGS="$MSCNG_CFLAGS"
+ XMLSEC_CRYPTO_LIBS="$MSCNG_LIBS"
+ ;;
+ 'openssl')
+ XMLSEC_CRYPTO_LIB="$OPENSSL_CRYPTO_LIB"
+ XMLSEC_CRYPTO_CFLAGS="$OPENSSL_CFLAGS"
+ XMLSEC_CRYPTO_LIBS="$OPENSSL_LIBS"
+ ;;
+ 'nss')
+ XMLSEC_CRYPTO_LIB="$NSS_CRYPTO_LIB"
+ XMLSEC_CRYPTO_CFLAGS="$NSS_CFLAGS"
+ XMLSEC_CRYPTO_LIBS="$NSS_LIBS"
+ ;;
+ 'gnutls')
+ XMLSEC_CRYPTO_LIB="$GNUTLS_CRYPTO_LIB"
+ XMLSEC_CRYPTO_CFLAGS="$GNUTLS_CFLAGS"
+ XMLSEC_CRYPTO_LIBS="$GNUTLS_LIBS"
+ ;;
+ 'gcrypt')
+ XMLSEC_CRYPTO_LIB="$GCRYPT_CRYPTO_LIB"
+ XMLSEC_CRYPTO_CFLAGS="$GCRYPT_CFLAGS"
+ XMLSEC_CRYPTO_LIBS="$GCRYPT_LIBS"
+ ;;
+ *)
+ as_fn_error $? "The value '$XMLSEC_DEFAULT_CRYPTO' is not a recongnized crypto library name" "$LINENO" 5
+ ;;
+esac
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (\"$XMLSEC_DEFAULT_CRYPTO\")" >&5
+printf "%s\n" "yes (\"$XMLSEC_DEFAULT_CRYPTO\")" >&6; }
+
+if test "z$build_on_windows" = "zyes" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for Unicode support" >&5
+printf %s "checking for Unicode support... " >&6; }
+ # Check whether --enable-unicode was given.
+if test ${enable_unicode+y}
+then :
+ enableval=$enable_unicode;
+fi
+
+ if test "z$enable_unicode" = "zyes" -o "z$enable_unicode" = "ztrue" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DUNICODE=1 -D_UNICODE=1"
+ case "${host}" in
+ *-*-mingw*)
+ XMLSEC_EXTRA_LDFLAGS="$XMLSEC_EXTRA_LDFLAGS -municode"
+ XMLSEC_CRYPTO_EXTRA_LDFLAGS="$XMLSEC_CRYPTO_EXTRA_LDFLAGS -municode"
+ ;;
+ *)
+ ;;
+ esac
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+ fi
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for files support" >&5
+printf %s "checking for files support... " >&6; }
+# Check whether --enable-files was given.
+if test ${enable_files+y}
+then :
+ enableval=$enable_files;
+fi
+
+if test "z$enable_files" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_FILES=1"
+ XMLSEC_NO_FILES="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no (tests will be broken!)" >&5
+printf "%s\n" "no (tests will be broken!)" >&6; }
+else
+ XMLSEC_NO_FILES="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_FILES" = "z1"; then
+ XMLSEC_NO_FILES_TRUE=
+ XMLSEC_NO_FILES_FALSE='#'
+else
+ XMLSEC_NO_FILES_TRUE='#'
+ XMLSEC_NO_FILES_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for FTP support" >&5
+printf %s "checking for FTP support... " >&6; }
+# Check whether --enable-ftp was given.
+if test ${enable_ftp+y}
+then :
+ enableval=$enable_ftp;
+fi
+
+if test "z$enable_ftp" = "zyes" ; then
+ XMLSEC_NO_FTP="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (deprecated)" >&5
+printf "%s\n" "yes (deprecated)" >&6; }
+else
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_FTP=1"
+ XMLSEC_NO_FTP="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+ if test "z$XMLSEC_NO_FTP" = "z1"; then
+ XMLSEC_NO_FTP_TRUE=
+ XMLSEC_NO_FTP_FALSE='#'
+else
+ XMLSEC_NO_FTP_TRUE='#'
+ XMLSEC_NO_FTP_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for HTTP support" >&5
+printf %s "checking for HTTP support... " >&6; }
+# Check whether --enable-http was given.
+if test ${enable_http+y}
+then :
+ enableval=$enable_http;
+fi
+
+if test "z$enable_http" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_HTTP=1"
+ XMLSEC_NO_HTTP="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+else
+ XMLSEC_NO_HTTP="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_HTTP" = "z1"; then
+ XMLSEC_NO_HTTP_TRUE=
+ XMLSEC_NO_HTTP_FALSE='#'
+else
+ XMLSEC_NO_HTTP_TRUE='#'
+ XMLSEC_NO_HTTP_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for MD5 support" >&5
+printf %s "checking for MD5 support... " >&6; }
+# Check whether --enable-md5 was given.
+if test ${enable_md5+y}
+then :
+ enableval=$enable_md5;
+fi
+
+if test "z$enable_md5" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_MD5=1"
+ XMLSEC_NO_MD5="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_MD5="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_MD5" = "z1"; then
+ XMLSEC_NO_MD5_TRUE=
+ XMLSEC_NO_MD5_FALSE='#'
+else
+ XMLSEC_NO_MD5_TRUE='#'
+ XMLSEC_NO_MD5_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for RIPEMD-160 support" >&5
+printf %s "checking for RIPEMD-160 support... " >&6; }
+# Check whether --enable-ripemd160 was given.
+if test ${enable_ripemd160+y}
+then :
+ enableval=$enable_ripemd160;
+fi
+
+if test "z$enable_ripemd160" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_RIPEMD160=1"
+ XMLSEC_NO_RIPEMD160="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_RIPEMD160="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_RIPEMD160" = "z1"; then
+ XMLSEC_NO_RIPEMD160_TRUE=
+ XMLSEC_NO_RIPEMD160_FALSE='#'
+else
+ XMLSEC_NO_RIPEMD160_TRUE='#'
+ XMLSEC_NO_RIPEMD160_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for SHA1 support" >&5
+printf %s "checking for SHA1 support... " >&6; }
+# Check whether --enable-sha1 was given.
+if test ${enable_sha1+y}
+then :
+ enableval=$enable_sha1;
+fi
+
+if test "z$enable_sha1" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SHA1=1"
+ XMLSEC_NO_SHA1="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_SHA1="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_SHA1" = "z1"; then
+ XMLSEC_NO_SHA1_TRUE=
+ XMLSEC_NO_SHA1_FALSE='#'
+else
+ XMLSEC_NO_SHA1_TRUE='#'
+ XMLSEC_NO_SHA1_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for SHA224 support" >&5
+printf %s "checking for SHA224 support... " >&6; }
+# Check whether --enable-sha224 was given.
+if test ${enable_sha224+y}
+then :
+ enableval=$enable_sha224;
+fi
+
+if test "z$enable_sha224" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SHA224=1"
+ XMLSEC_NO_SHA224="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_SHA224="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_SHA224" = "z1"; then
+ XMLSEC_NO_SHA224_TRUE=
+ XMLSEC_NO_SHA224_FALSE='#'
+else
+ XMLSEC_NO_SHA224_TRUE='#'
+ XMLSEC_NO_SHA224_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for SHA256 support" >&5
+printf %s "checking for SHA256 support... " >&6; }
+# Check whether --enable-sha256 was given.
+if test ${enable_sha256+y}
+then :
+ enableval=$enable_sha256;
+fi
+
+if test "z$enable_sha256" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SHA256=1"
+ XMLSEC_NO_SHA256="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_SHA256="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_SHA256" = "z1"; then
+ XMLSEC_NO_SHA256_TRUE=
+ XMLSEC_NO_SHA256_FALSE='#'
+else
+ XMLSEC_NO_SHA256_TRUE='#'
+ XMLSEC_NO_SHA256_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for SHA384 support" >&5
+printf %s "checking for SHA384 support... " >&6; }
+# Check whether --enable-sha384 was given.
+if test ${enable_sha384+y}
+then :
+ enableval=$enable_sha384;
+fi
+
+if test "z$enable_sha384" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SHA384=1"
+ XMLSEC_NO_SHA384="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_SHA384="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_SHA384" = "z1"; then
+ XMLSEC_NO_SHA384_TRUE=
+ XMLSEC_NO_SHA384_FALSE='#'
+else
+ XMLSEC_NO_SHA384_TRUE='#'
+ XMLSEC_NO_SHA384_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for SHA512 support" >&5
+printf %s "checking for SHA512 support... " >&6; }
+# Check whether --enable-sha512 was given.
+if test ${enable_sha512+y}
+then :
+ enableval=$enable_sha512;
+fi
+
+if test "z$enable_sha512" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SHA512=1"
+ XMLSEC_NO_SHA512="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_SHA512="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_SHA512" = "z1"; then
+ XMLSEC_NO_SHA512_TRUE=
+ XMLSEC_NO_SHA512_FALSE='#'
+else
+ XMLSEC_NO_SHA512_TRUE='#'
+ XMLSEC_NO_SHA512_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for HMAC support" >&5
+printf %s "checking for HMAC support... " >&6; }
+# Check whether --enable-hmac was given.
+if test ${enable_hmac+y}
+then :
+ enableval=$enable_hmac;
+fi
+
+if test "z$enable_hmac" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_HMAC=1"
+ XMLSEC_NO_HMAC="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_HMAC="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_HMAC" = "z1"; then
+ XMLSEC_NO_HMAC_TRUE=
+ XMLSEC_NO_HMAC_FALSE='#'
+else
+ XMLSEC_NO_HMAC_TRUE='#'
+ XMLSEC_NO_HMAC_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for DSA support" >&5
+printf %s "checking for DSA support... " >&6; }
+# Check whether --enable-dsa was given.
+if test ${enable_dsa+y}
+then :
+ enableval=$enable_dsa;
+fi
+
+if test "z$enable_dsa" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_DSA=1"
+ XMLSEC_NO_DSA="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_DSA="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_DSA" = "z1"; then
+ XMLSEC_NO_DSA_TRUE=
+ XMLSEC_NO_DSA_FALSE='#'
+else
+ XMLSEC_NO_DSA_TRUE='#'
+ XMLSEC_NO_DSA_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for MD5 support" >&5
+printf %s "checking for MD5 support... " >&6; }
+# Check whether --enable-md5 was given.
+if test ${enable_md5+y}
+then :
+ enableval=$enable_md5;
+fi
+
+if test "z$enable_md5" = "zyes" ; then
+ XMLSEC_NO_MD5="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (deprecated)" >&5
+printf "%s\n" "yes (deprecated)" >&6; }
+else
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_MD5=1"
+ XMLSEC_NO_MD5="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+ if test "z$XMLSEC_NO_MD5" = "z1"; then
+ XMLSEC_NO_MD5_TRUE=
+ XMLSEC_NO_MD5_FALSE='#'
+else
+ XMLSEC_NO_MD5_TRUE='#'
+ XMLSEC_NO_MD5_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for RSA support" >&5
+printf %s "checking for RSA support... " >&6; }
+# Check whether --enable-rsa was given.
+if test ${enable_rsa+y}
+then :
+ enableval=$enable_rsa;
+fi
+
+if test "z$enable_rsa" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_RSA=1"
+ XMLSEC_NO_RSA="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_RSA="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_RSA" = "z1"; then
+ XMLSEC_NO_RSA_TRUE=
+ XMLSEC_NO_RSA_FALSE='#'
+else
+ XMLSEC_NO_RSA_TRUE='#'
+ XMLSEC_NO_RSA_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for x509 support" >&5
+printf %s "checking for x509 support... " >&6; }
+# Check whether --enable-x509 was given.
+if test ${enable_x509+y}
+then :
+ enableval=$enable_x509;
+fi
+
+if test "z$enable_x509" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_X509=1"
+ XMLSEC_NO_X509="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_X509="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_X509" = "z1"; then
+ XMLSEC_NO_X509_TRUE=
+ XMLSEC_NO_X509_FALSE='#'
+else
+ XMLSEC_NO_X509_TRUE='#'
+ XMLSEC_NO_X509_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for DES support" >&5
+printf %s "checking for DES support... " >&6; }
+# Check whether --enable-des was given.
+if test ${enable_des+y}
+then :
+ enableval=$enable_des;
+fi
+
+if test "z$enable_des" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_DES=1"
+ XMLSEC_NO_DES="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_DES="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_DES" = "z1"; then
+ XMLSEC_NO_DES_TRUE=
+ XMLSEC_NO_DES_FALSE='#'
+else
+ XMLSEC_NO_DES_TRUE='#'
+ XMLSEC_NO_DES_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for AES support" >&5
+printf %s "checking for AES support... " >&6; }
+# Check whether --enable-aes was given.
+if test ${enable_aes+y}
+then :
+ enableval=$enable_aes;
+fi
+
+if test "z$enable_aes" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_AES=1"
+ XMLSEC_NO_AES="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_AES="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_AES" = "z1"; then
+ XMLSEC_NO_AES_TRUE=
+ XMLSEC_NO_AES_FALSE='#'
+else
+ XMLSEC_NO_AES_TRUE='#'
+ XMLSEC_NO_AES_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for GOST support" >&5
+printf %s "checking for GOST support... " >&6; }
+# Check whether --enable-gost was given.
+if test ${enable_gost+y}
+then :
+ enableval=$enable_gost;
+fi
+
+if test "z$enable_gost" != "zyes" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_GOST=1"
+ XMLSEC_NO_GOST="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_GOST="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_GOST" = "z1"; then
+ XMLSEC_NO_GOST_TRUE=
+ XMLSEC_NO_GOST_FALSE='#'
+else
+ XMLSEC_NO_GOST_TRUE='#'
+ XMLSEC_NO_GOST_FALSE=
+fi
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for EXPERMIENTAL GOST2012 support" >&5
+printf %s "checking for EXPERMIENTAL GOST2012 support... " >&6; }
+# Check whether --enable-gost2012 was given.
+if test ${enable_gost2012+y}
+then :
+ enableval=$enable_gost2012;
+fi
+
+if test "z$enable_gost2012" != "zyes" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_GOST2012=1"
+ XMLSEC_NO_GOST2012="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_GOST2012="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_GOST2012" = "z1"; then
+ XMLSEC_NO_GOST2012_TRUE=
+ XMLSEC_NO_GOST2012_FALSE='#'
+else
+ XMLSEC_NO_GOST2012_TRUE='#'
+ XMLSEC_NO_GOST2012_FALSE=
+fi
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for XMLDSig support" >&5
+printf %s "checking for XMLDSig support... " >&6; }
+# Check whether --enable-xmldsig was given.
+if test ${enable_xmldsig+y}
+then :
+ enableval=$enable_xmldsig;
+fi
+
+if test "z$enable_xmldsig" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_XMLDSIG=1"
+ XMLSEC_NO_XMLDSIG="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_XMLDSIG="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_XMLDSIG" = "z1"; then
+ XMLSEC_NO_XMLDSIG_TRUE=
+ XMLSEC_NO_XMLDSIG_FALSE='#'
+else
+ XMLSEC_NO_XMLDSIG_TRUE='#'
+ XMLSEC_NO_XMLDSIG_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for XMLEnc support" >&5
+printf %s "checking for XMLEnc support... " >&6; }
+# Check whether --enable-xmlenc was given.
+if test ${enable_xmlenc+y}
+then :
+ enableval=$enable_xmlenc;
+fi
+
+if test "z$enable_xmlenc" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_XMLENC=1"
+ XMLSEC_NO_XMLENC="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_NO_XMLENC="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_XMLENC" = "z1"; then
+ XMLSEC_NO_XMLENC_TRUE=
+ XMLSEC_NO_XMLENC_FALSE='#'
+else
+ XMLSEC_NO_XMLENC_TRUE='#'
+ XMLSEC_NO_XMLENC_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for soap support" >&5
+printf %s "checking for soap support... " >&6; }
+# Check whether --enable-soap was given.
+if test ${enable_soap+y}
+then :
+ enableval=$enable_soap;
+fi
+
+if test "z$enable_soap" = "zyes" ; then
+ XMLSEC_ENABLE_SOAP="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ XMLSEC_ENABLE_SOAP="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+ if test "z$XMLSEC_ENABLE_SOAP" = "z1"; then
+ XMLSEC_ENABLE_SOAP_TRUE=
+ XMLSEC_ENABLE_SOAP_FALSE='#'
+else
+ XMLSEC_ENABLE_SOAP_TRUE='#'
+ XMLSEC_ENABLE_SOAP_FALSE=
+fi
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for mans" >&5
+printf %s "checking for mans... " >&6; }
+# Check whether --enable-mans was given.
+if test ${enable_mans+y}
+then :
+ enableval=$enable_mans;
+fi
+
+if test "z$enable_mans" = "zno" ; then
+ XMLSEC_MANS="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_MANS="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_MANS" = "z1"; then
+ XMLSEC_MANS_TRUE=
+ XMLSEC_MANS_FALSE='#'
+else
+ XMLSEC_MANS_TRUE='#'
+ XMLSEC_MANS_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for docs" >&5
+printf %s "checking for docs... " >&6; }
+# Check whether --enable-docs was given.
+if test ${enable_docs+y}
+then :
+ enableval=$enable_docs;
+fi
+
+if test "z$enable_docs" = "zno" ; then
+ XMLSEC_DOCS="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_DOCS="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_DOCS" = "z1"; then
+ XMLSEC_DOCS_TRUE=
+ XMLSEC_DOCS_FALSE='#'
+else
+ XMLSEC_DOCS_TRUE='#'
+ XMLSEC_DOCS_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for apps" >&5
+printf %s "checking for apps... " >&6; }
+# Check whether --enable-apps was given.
+if test ${enable_apps+y}
+then :
+ enableval=$enable_apps;
+fi
+
+if test "z$enable_apps" = "zno" ; then
+ XMLSEC_APPS="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ XMLSEC_APPS="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_APPS" = "z1"; then
+ XMLSEC_APPS_TRUE=
+ XMLSEC_APPS_FALSE='#'
+else
+ XMLSEC_APPS_TRUE='#'
+ XMLSEC_APPS_FALSE=
+fi
+
+
+
+XMLSEC_STATIC_BINARIES=""
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for static linking" >&5
+printf %s "checking for static linking... " >&6; }
+# Check whether --enable-static_linking was given.
+if test ${enable_static_linking+y}
+then :
+ enableval=$enable_static_linking;
+fi
+
+if test "z$enable_static_linking" = "zyes" -o "z$enable_static_linking" = "ztrue" ; then
+ XMLSEC_STATIC_BINARIES="-static"
+ if test "z$build_on_windows" = "zyes" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_STATIC=1"
+ fi
+ XMLSEC_APP_DEFINES="$XMLSEC_APP_DEFINES -DXMLSEC_STATIC=1"
+ enable_crypto_dl="no"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+
+XMLSEC_DL_INCLUDES=""
+XMLSEC_DL_LIBS=""
+# Check whether --enable-crypto_dl was given.
+if test ${enable_crypto_dl+y}
+then :
+ enableval=$enable_crypto_dl;
+fi
+
+if test "z$enable_crypto_dl" = "zno" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for xmlsec-crypto dynamic loading support" >&5
+printf %s "checking for xmlsec-crypto dynamic loading support... " >&6; }
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_CRYPTO_DYNAMIC_LOADING=1"
+ XMLSEC_NO_CRYPTO_DYNAMIC_LOADING="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ ac_fn_c_check_header_compile "$LINENO" "ltdl.h" "ac_cv_header_ltdl_h" "$ac_includes_default"
+if test "x$ac_cv_header_ltdl_h" = xyes
+then :
+
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_DL_LIBLTDL=1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for lt_dlopenext in -lltdl" >&5
+printf %s "checking for lt_dlopenext in -lltdl... " >&6; }
+if test ${ac_cv_lib_ltdl_lt_dlopenext+y}
+then :
+ printf %s "(cached) " >&6
+else $as_nop
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lltdl $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+char lt_dlopenext ();
+int
+main (void)
+{
+return lt_dlopenext ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"
+then :
+ ac_cv_lib_ltdl_lt_dlopenext=yes
+else $as_nop
+ ac_cv_lib_ltdl_lt_dlopenext=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.beam \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ltdl_lt_dlopenext" >&5
+printf "%s\n" "$ac_cv_lib_ltdl_lt_dlopenext" >&6; }
+if test "x$ac_cv_lib_ltdl_lt_dlopenext" = xyes
+then :
+ LIBLTDL=-lltdl
+else $as_nop
+ LIBLTDL=
+
+fi
+
+
+else $as_nop
+
+ LIBLTDL=
+
+fi
+
+
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for xmlsec-crypto dynamic loading support" >&5
+printf %s "checking for xmlsec-crypto dynamic loading support... " >&6; }
+ if test "z$LIBLTDL" != "z" ; then
+ XMLSEC_DL_INCLUDES="$INCLTDL"
+ XMLSEC_DL_LIBS="$LIBLTDL"
+ XMLSEC_NO_CRYPTO_DYNAMIC_LOADING="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+ else
+ as_fn_error $? "libltdl is required for xmlsec-crypto dynamic loading" "$LINENO" 5
+ fi
+fi
+ if test "z$XMLSEC_NO_CRYPTO_DYNAMIC_LOADING" = "z1"; then
+ XMLSEC_NO_CRYPTO_DYNAMIC_LOADING_TRUE=
+ XMLSEC_NO_CRYPTO_DYNAMIC_LOADING_FALSE='#'
+else
+ XMLSEC_NO_CRYPTO_DYNAMIC_LOADING_TRUE='#'
+ XMLSEC_NO_CRYPTO_DYNAMIC_LOADING_FALSE=
+fi
+
+
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for xmlsec-crypto dynamic loading support in command line tool" >&5
+printf %s "checking for xmlsec-crypto dynamic loading support in command line tool... " >&6; }
+# Check whether --enable-apps_crypto_dl was given.
+if test ${enable_apps_crypto_dl+y}
+then :
+ enableval=$enable_apps_crypto_dl;
+fi
+
+if test "z$enable_apps_crypto_dl" = "z" ; then
+ enable_apps_crypto_dl="$enable_crypto_dl"
+fi
+if test "z$enable_apps_crypto_dl" = "zno" ; then
+ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING="1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+elif test "z$enable_crypto_dl" = "zno" ; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+ as_fn_error $? "xmlsec-crypto libraries dynamic loading support in xmlsec command line tool is requested but no dynamic loading in xmlsec itself is disabled" "$LINENO" 5
+else
+ XMLSEC_APP_DEFINES="$XMLSEC_APP_DEFINES -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1"
+ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING="0"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+ if test "z$XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING" = "z1"; then
+ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE=
+ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE='#'
+else
+ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE='#'
+ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE=
+fi
+
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for docs folder" >&5
+printf %s "checking for docs folder... " >&6; }
+
+# Check whether --with-html-dir was given.
+if test ${with_html_dir+y}
+then :
+ withval=$with_html_dir;
+fi
+
+if test "z$with_html_dir" != "z" ; then
+ XMLSEC_DOCDIR="$with_html_dir"
+elif test "z$htmldir" != "z" ; then
+ XMLSEC_DOCDIR='$(htmldir)'
+else
+ XMLSEC_DOCDIR='$(datadir)/doc/xmlsec1'
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $XMLSEC_DOCDIR" >&5
+printf "%s\n" "$XMLSEC_DOCDIR" >&6; }
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for Simple Keys Manager testing" >&5
+printf %s "checking for Simple Keys Manager testing... " >&6; }
+# Check whether --enable-skm was given.
+if test ${enable_skm+y}
+then :
+ enableval=$enable_skm;
+fi
+
+if test "z$enable_skm" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SKM_TEST=1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for templates testing" >&5
+printf %s "checking for templates testing... " >&6; }
+# Check whether --enable-tmpl_tests was given.
+if test ${enable_tmpl_tests+y}
+then :
+ enableval=$enable_tmpl_tests;
+fi
+
+if test "z$enable_tmpl_tests" = "zyes" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_TMPL_TEST=1"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for debugging" >&5
+printf %s "checking for debugging... " >&6; }
+# Check whether --enable-debugging was given.
+if test ${enable_debugging+y}
+then :
+ enableval=$enable_debugging;
+fi
+
+if test "z$enable_debugging" = "zyes" ; then
+ CFLAGS="$CFLAGS -g"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for warnings as errors" >&5
+printf %s "checking for warnings as errors... " >&6; }
+# Check whether --enable-werror was given.
+if test ${enable_werror+y}
+then :
+ enableval=$enable_werror;
+fi
+
+if test "z$enable_werror" = "zyes" ; then
+ CFLAGS="$CFLAGS -Werror"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for profiling" >&5
+printf %s "checking for profiling... " >&6; }
+# Check whether --enable-profiling was given.
+if test ${enable_profiling+y}
+then :
+ enableval=$enable_profiling;
+fi
+
+if test "z$enable_profiling" = "zyes" ; then
+ CFLAGS="$CFLAGS -pg"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for pedantic" >&5
+printf %s "checking for pedantic... " >&6; }
+# Check whether --enable-pedantic was given.
+if test ${enable_pedantic+y}
+then :
+ enableval=$enable_pedantic;
+fi
+
+if test "z$enable_pedantic" = "zyes" ; then
+ CFLAGS="$CFLAGS -O -std=c99 -pedantic -pedantic-errors -W -Wall -Wextra"
+ CFLAGS="$CFLAGS -fno-inline -Wnull-dereference -Wdouble-promotion"
+ CFLAGS="$CFLAGS -Wformat=2 -Wformat-security -Wformat-nonliteral"
+ CFLAGS="$CFLAGS -Wconversion -Wunused -Wshadow -Wpointer-arith -Wcast-align"
+ CFLAGS="$CFLAGS -Wwrite-strings -Waggregate-return -Wmissing-prototypes"
+ CFLAGS="$CFLAGS -Wnested-externs -Wredundant-decls"
+
+ if test "z$build_on_mac" = "zno" ; then
+ CFLAGS="$CFLAGS -Wformat-overflow=2 -Wformat-signedness"
+ fi
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for secure memset" >&5
+printf %s "checking for secure memset... " >&6; }
+# Check whether --enable-secure-memset was given.
+if test ${enable_secure_memset+y}
+then :
+ enableval=$enable_secure_memset;
+fi
+
+if test "z$enable_secure_memset" != "zno" ; then
+ CFLAGS="$CFLAGS -fno-builtin-memset"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
+printf "%s\n" "disabled" >&6; }
+fi
+
+
+XMLSEC_CORE_CFLAGS="$XMLSEC_DEFINES -I${includedir}/xmlsec1 $XMLSEC_DL_INCLUDES"
+XMLSEC_CORE_LIBS="-lxmlsec1 $XMLSEC_DL_LIBS "
+
+
+
+XMLSEC_LIBDIR="${libdir}"
+
+
+XMLSEC_OPENSSL_CFLAGS="$XMLSEC_CORE_CFLAGS $OPENSSL_CFLAGS"
+XMLSEC_OPENSSL_LIBS="-L${libdir} -l$OPENSSL_CRYPTO_LIB $XMLSEC_CORE_LIBS $OPENSSL_LIBS"
+
+
+
+XMLSEC_GCRYPT_CFLAGS="$XMLSEC_CORE_CFLAGS $GCRYPT_CFLAGS"
+XMLSEC_GCRYPT_LIBS="-L${libdir} -l$GCRYPT_CRYPTO_LIB $XMLSEC_CORE_LIBS $GCRYPT_LIBS"
+
+
+
+# xmlsec-gnutls is using xmlsec-gcrypt
+XMLSEC_GNUTLS_CFLAGS="$XMLSEC_CORE_CFLAGS $GNUTLS_CFLAGS"
+XMLSEC_GNUTLS_LIBS="-L${libdir} -l$GNUTLS_CRYPTO_LIB -l$GCRYPT_CRYPTO_LIB $XMLSEC_CORE_LIBS $GNUTLS_LIBS"
+
+
+
+XMLSEC_NSS_CFLAGS="$XMLSEC_CORE_CFLAGS $NSS_CFLAGS"
+XMLSEC_NSS_LIBS="-L${libdir} -l$NSS_CRYPTO_LIB $XMLSEC_CORE_LIBS $NSS_LIBS"
+
+
+
+
+
+XMLSEC_CFLAGS="$XMLSEC_CORE_CFLAGS $LIBXML_CFLAGS $LIBXSLT_CFLAGS $XMLSEC_CRYPTO_CFLAGS"
+XMLSEC_LIBS="-L${libdir} -l$XMLSEC_CRYPTO_LIB $XMLSEC_CORE_LIBS $LIBXML_LIBS $LIBXSLT_LIBS $XMLSEC_CRYPTO_LIBS"
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+XMLSEC_CRYPTO_PC_FILES_LIST=""
+for i in $XMLSEC_CRYPTO_LIST ; do
+ test x$i = xmscrypto && continue
+ test x$i = xmscng && continue
+ XMLSEC_CRYPTO_PC_FILES_LIST="$XMLSEC_CRYPTO_PC_FILES_LIST $XMLSEC_PACKAGE-$i.pc"
+done
+
+
+if test "z$XMLSEC_NO_OPENSSL" != "z1" ; then
+ac_config_files="$ac_config_files include/xmlsec/openssl/Makefile src/openssl/Makefile"
+
+fi
+
+if test "z$XMLSEC_NO_GNUTLS" != "z1" ; then
+ac_config_files="$ac_config_files include/xmlsec/gnutls/Makefile src/gnutls/Makefile"
+
+fi
+
+if test "z$XMLSEC_NO_GCRYPT" != "z1" ; then
+ac_config_files="$ac_config_files include/xmlsec/gcrypt/Makefile src/gcrypt/Makefile"
+
+fi
+
+if test "z$XMLSEC_NO_NSS" != "z1" ; then
+ac_config_files="$ac_config_files include/xmlsec/nss/Makefile src/nss/Makefile"
+
+fi
+
+if test "z$XMLSEC_NO_MSCRYPTO" != "z1" ; then
+ac_config_files="$ac_config_files include/xmlsec/mscrypto/Makefile src/mscrypto/Makefile"
+
+fi
+
+if test "z$XMLSEC_NO_MSCNG" != "z1" ; then
+ac_config_files="$ac_config_files include/xmlsec/mscng/Makefile src/mscng/Makefile"
+
+fi
+
+if test "z$XMLSEC_NO_CRYPTO_DYNAMIC_LOADING" = "z1" ; then
+(rm -f xmlsec1.pc && $LN_S xmlsec1-$XMLSEC_DEFAULT_CRYPTO.pc xmlsec1.pc)
+else
+ac_config_files="$ac_config_files xmlsec1.pc:xmlsec.pc.in"
+
+fi
+
+ac_config_files="$ac_config_files include/xmlsec/version.h Makefile include/Makefile include/xmlsec/Makefile src/Makefile apps/Makefile docs/Makefile docs/api/Makefile man/Makefile xmlsec1-openssl.pc:xmlsec-openssl.pc.in xmlsec1-gnutls.pc:xmlsec-gnutls.pc.in xmlsec1-gcrypt.pc:xmlsec-gcrypt.pc.in xmlsec1-nss.pc:xmlsec-nss.pc.in xmlsec1.spec:xmlsec.spec.in"
+
+ac_config_files="$ac_config_files xmlsec1Conf.sh:xmlsecConf.sh.in"
+
+ac_config_files="$ac_config_files xmlsec1-config:xmlsec-config.in"
+
+cat >confcache <<\_ACEOF
+# This file is a shell script that caches the results of configure
+# tests run on this system so they can be shared between configure
+# scripts and configure runs, see configure's option --config-cache.
+# It is not useful on other systems. If it contains results you don't
+# want to keep, you may remove or edit it.
+#
+# config.status only pays attention to the cache file if you give it
+# the --recheck option to rerun configure.
+#
+# `ac_cv_env_foo' variables (set or unset) will be overridden when
+# loading this file, other *unset* `ac_cv_foo' will be assigned the
+# following values.
+
+_ACEOF
+
+# The following way of writing the cache mishandles newlines in values,
+# but we know of no workaround that is simple, portable, and efficient.
+# So, we kill variables containing newlines.
+# Ultrix sh set writes to stderr and can't be redirected directly,
+# and sets the high bit in the cache file unless we assign to the vars.
+(
+ for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do
+ eval ac_val=\$$ac_var
+ case $ac_val in #(
+ *${as_nl}*)
+ case $ac_var in #(
+ *_cv_*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
+printf "%s\n" "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+ esac
+ case $ac_var in #(
+ _ | IFS | as_nl) ;; #(
+ BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+ *) { eval $ac_var=; unset $ac_var;} ;;
+ esac ;;
+ esac
+ done
+
+ (set) 2>&1 |
+ case $as_nl`(ac_space=' '; set) 2>&1` in #(
+ *${as_nl}ac_space=\ *)
+ # `set' does not quote correctly, so add quotes: double-quote
+ # substitution turns \\\\ into \\, and sed turns \\ into \.
+ sed -n \
+ "s/'/'\\\\''/g;
+ s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
+ ;; #(
+ *)
+ # `set' quotes correctly as required by POSIX, so do not add quotes.
+ sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
+ ;;
+ esac |
+ sort
+) |
+ sed '
+ /^ac_cv_env_/b end
+ t clear
+ :clear
+ s/^\([^=]*\)=\(.*[{}].*\)$/test ${\1+y} || &/
+ t end
+ s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
+ :end' >>confcache
+if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
+ if test -w "$cache_file"; then
+ if test "x$cache_file" != "x/dev/null"; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5
+printf "%s\n" "$as_me: updating cache $cache_file" >&6;}
+ if test ! -f "$cache_file" || test -h "$cache_file"; then
+ cat confcache >"$cache_file"
+ else
+ case $cache_file in #(
+ */* | ?:*)
+ mv -f confcache "$cache_file"$$ &&
+ mv -f "$cache_file"$$ "$cache_file" ;; #(
+ *)
+ mv -f confcache "$cache_file" ;;
+ esac
+ fi
+ fi
+ else
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5
+printf "%s\n" "$as_me: not updating unwritable cache $cache_file" >&6;}
+ fi
+fi
+rm -f confcache
+
+test "x$prefix" = xNONE && prefix=$ac_default_prefix
+# Let make expand exec_prefix.
+test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
+
+DEFS=-DHAVE_CONFIG_H
+
+ac_libobjs=
+ac_ltlibobjs=
+U=
+for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
+ # 1. Remove the extension, and $U if already installed.
+ ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
+ ac_i=`printf "%s\n" "$ac_i" | sed "$ac_script"`
+ # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR
+ # will be set to the directory where LIBOBJS objects are built.
+ as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext"
+ as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo'
+done
+LIBOBJS=$ac_libobjs
+
+LTLIBOBJS=$ac_ltlibobjs
+
+
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5
+printf %s "checking that generated files are newer than configure... " >&6; }
+ if test -n "$am_sleep_pid"; then
+ # Hide warnings about reused PIDs.
+ wait $am_sleep_pid 2>/dev/null
+ fi
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: done" >&5
+printf "%s\n" "done" >&6; }
+ if test -n "$EXEEXT"; then
+ am__EXEEXT_TRUE=
+ am__EXEEXT_FALSE='#'
+else
+ am__EXEEXT_TRUE='#'
+ am__EXEEXT_FALSE=
+fi
+
+if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then
+ as_fn_error $? "conditional \"MAINTAINER_MODE\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then
+ as_fn_error $? "conditional \"AMDEP\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then
+ as_fn_error $? "conditional \"am__fastdepCC\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${HAS_HELP2MAN_TRUE}" && test -z "${HAS_HELP2MAN_FALSE}"; then
+ as_fn_error $? "conditional \"HAS_HELP2MAN\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${HAS_MAN2HTML_TRUE}" && test -z "${HAS_MAN2HTML_FALSE}"; then
+ as_fn_error $? "conditional \"HAS_MAN2HTML\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${HAS_XSLTPROC_TRUE}" && test -z "${HAS_XSLTPROC_FALSE}"; then
+ as_fn_error $? "conditional \"HAS_XSLTPROC\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_MANPAGES_TRUE}" && test -z "${BUILD_MANPAGES_FALSE}"; then
+ as_fn_error $? "conditional \"BUILD_MANPAGES\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_MANPAGES_TRUE}" && test -z "${BUILD_MANPAGES_FALSE}"; then
+ as_fn_error $? "conditional \"BUILD_MANPAGES\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_MAN_DOCS_TRUE}" && test -z "${BUILD_MAN_DOCS_FALSE}"; then
+ as_fn_error $? "conditional \"BUILD_MAN_DOCS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_API_DOCS_TRUE}" && test -z "${BUILD_API_DOCS_FALSE}"; then
+ as_fn_error $? "conditional \"BUILD_API_DOCS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_MAN_DOCS_TRUE}" && test -z "${BUILD_MAN_DOCS_FALSE}"; then
+ as_fn_error $? "conditional \"BUILD_MAN_DOCS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_API_DOCS_TRUE}" && test -z "${BUILD_API_DOCS_FALSE}"; then
+ as_fn_error $? "conditional \"BUILD_API_DOCS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_OPENSSL_TRUE}" && test -z "${XMLSEC_NO_OPENSSL_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_OPENSSL\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_NSS_TRUE}" && test -z "${XMLSEC_NO_NSS_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_NSS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_GCRYPT_TRUE}" && test -z "${XMLSEC_NO_GCRYPT_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_GCRYPT\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_GNUTLS_TRUE}" && test -z "${XMLSEC_NO_GNUTLS_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_GNUTLS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_MSCRYPTO_TRUE}" && test -z "${XMLSEC_NO_MSCRYPTO_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_MSCRYPTO\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_MSCNG_TRUE}" && test -z "${XMLSEC_NO_MSCNG_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_MSCNG\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_FILES_TRUE}" && test -z "${XMLSEC_NO_FILES_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_FILES\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_FTP_TRUE}" && test -z "${XMLSEC_NO_FTP_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_FTP\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_HTTP_TRUE}" && test -z "${XMLSEC_NO_HTTP_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_HTTP\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_MD5_TRUE}" && test -z "${XMLSEC_NO_MD5_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_MD5\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_RIPEMD160_TRUE}" && test -z "${XMLSEC_NO_RIPEMD160_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_RIPEMD160\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_SHA1_TRUE}" && test -z "${XMLSEC_NO_SHA1_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_SHA1\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_SHA224_TRUE}" && test -z "${XMLSEC_NO_SHA224_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_SHA224\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_SHA256_TRUE}" && test -z "${XMLSEC_NO_SHA256_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_SHA256\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_SHA384_TRUE}" && test -z "${XMLSEC_NO_SHA384_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_SHA384\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_SHA512_TRUE}" && test -z "${XMLSEC_NO_SHA512_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_SHA512\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_HMAC_TRUE}" && test -z "${XMLSEC_NO_HMAC_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_HMAC\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_DSA_TRUE}" && test -z "${XMLSEC_NO_DSA_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_DSA\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_MD5_TRUE}" && test -z "${XMLSEC_NO_MD5_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_MD5\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_RSA_TRUE}" && test -z "${XMLSEC_NO_RSA_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_RSA\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_X509_TRUE}" && test -z "${XMLSEC_NO_X509_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_X509\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_DES_TRUE}" && test -z "${XMLSEC_NO_DES_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_DES\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_AES_TRUE}" && test -z "${XMLSEC_NO_AES_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_AES\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_GOST_TRUE}" && test -z "${XMLSEC_NO_GOST_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_GOST\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_GOST2012_TRUE}" && test -z "${XMLSEC_NO_GOST2012_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_GOST2012\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_XMLDSIG_TRUE}" && test -z "${XMLSEC_NO_XMLDSIG_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_XMLDSIG\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_XMLENC_TRUE}" && test -z "${XMLSEC_NO_XMLENC_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_XMLENC\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_ENABLE_SOAP_TRUE}" && test -z "${XMLSEC_ENABLE_SOAP_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_ENABLE_SOAP\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_MANS_TRUE}" && test -z "${XMLSEC_MANS_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_MANS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_DOCS_TRUE}" && test -z "${XMLSEC_DOCS_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_DOCS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_APPS_TRUE}" && test -z "${XMLSEC_APPS_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_APPS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_CRYPTO_DYNAMIC_LOADING_TRUE}" && test -z "${XMLSEC_NO_CRYPTO_DYNAMIC_LOADING_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_CRYPTO_DYNAMIC_LOADING\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE}" && test -z "${XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE}"; then
+ as_fn_error $? "conditional \"XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+
+: "${CONFIG_STATUS=./config.status}"
+ac_write_fail=0
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files $CONFIG_STATUS"
+{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5
+printf "%s\n" "$as_me: creating $CONFIG_STATUS" >&6;}
+as_write_fail=0
+cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1
+#! $SHELL
+# Generated by $as_me.
+# Run this file to recreate the current configuration.
+# Compiler output produced by configure, useful for debugging
+# configure, is in config.log if it exists.
+
+debug=false
+ac_cs_recheck=false
+ac_cs_silent=false
+
+SHELL=\${CONFIG_SHELL-$SHELL}
+export SHELL
+_ASEOF
+cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+as_nop=:
+if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1
+then :
+ emulate sh
+ NULLCMD=:
+ # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '${1+"$@"}'='"$@"'
+ setopt NO_GLOB_SUBST
+else $as_nop
+ case `(set -o) 2>/dev/null` in #(
+ *posix*) :
+ set -o posix ;; #(
+ *) :
+ ;;
+esac
+fi
+
+
+
+# Reset variables that may have inherited troublesome values from
+# the environment.
+
+# IFS needs to be set, to space, tab, and newline, in precisely that order.
+# (If _AS_PATH_WALK were called with IFS unset, it would have the
+# side effect of setting IFS to empty, thus disabling word splitting.)
+# Quoting is to prevent editors from complaining about space-tab.
+as_nl='
+'
+export as_nl
+IFS=" "" $as_nl"
+
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# Ensure predictable behavior from utilities with locale-dependent output.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# We cannot yet rely on "unset" to work, but we need these variables
+# to be unset--not just set to an empty or harmless value--now, to
+# avoid bugs in old shells (e.g. pre-3.0 UWIN ksh). This construct
+# also avoids known problems related to "unset" and subshell syntax
+# in other old shells (e.g. bash 2.01 and pdksh 5.2.14).
+for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH
+do eval test \${$as_var+y} \
+ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+
+# Ensure that fds 0, 1, and 2 are open.
+if (exec 3>&0) 2>/dev/null; then :; else exec 0</dev/null; fi
+if (exec 3>&1) 2>/dev/null; then :; else exec 1>/dev/null; fi
+if (exec 3>&2) ; then :; else exec 2>/dev/null; fi
+
+# The user is always right.
+if ${PATH_SEPARATOR+false} :; then
+ PATH_SEPARATOR=:
+ (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+ (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+ PATH_SEPARATOR=';'
+ }
+fi
+
+
+# Find who we are. Look in the path if we contain no directory separator.
+as_myself=
+case $0 in #((
+ *[\\/]* ) as_myself=$0 ;;
+ *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ case $as_dir in #(((
+ '') as_dir=./ ;;
+ */) ;;
+ *) as_dir=$as_dir/ ;;
+ esac
+ test -r "$as_dir$0" && as_myself=$as_dir$0 && break
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+ as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+ printf "%s\n" "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+ exit 1
+fi
+
+
+
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
+# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+# script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+ as_status=$1; test $as_status -eq 0 && as_status=1
+ if test "$4"; then
+ as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
+ fi
+ printf "%s\n" "$as_me: error: $2" >&2
+ as_fn_exit $as_status
+} # as_fn_error
+
+
+
+# as_fn_set_status STATUS
+# -----------------------
+# Set $? to STATUS, without forking.
+as_fn_set_status ()
+{
+ return $1
+} # as_fn_set_status
+
+# as_fn_exit STATUS
+# -----------------
+# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+ set +e
+ as_fn_set_status $1
+ exit $1
+} # as_fn_exit
+
+# as_fn_unset VAR
+# ---------------
+# Portably unset VAR.
+as_fn_unset ()
+{
+ { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+
+# as_fn_append VAR VALUE
+# ----------------------
+# Append the text in VALUE to the end of the definition contained in VAR. Take
+# advantage of any shell optimizations that allow amortized linear growth over
+# repeated appends, instead of the typical quadratic growth present in naive
+# implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null
+then :
+ eval 'as_fn_append ()
+ {
+ eval $1+=\$2
+ }'
+else $as_nop
+ as_fn_append ()
+ {
+ eval $1=\$$1\$2
+ }
+fi # as_fn_append
+
+# as_fn_arith ARG...
+# ------------------
+# Perform arithmetic evaluation on the ARGs, and store the result in the
+# global $as_val. Take advantage of shells that can avoid forks. The arguments
+# must be portable across $(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null
+then :
+ eval 'as_fn_arith ()
+ {
+ as_val=$(( $* ))
+ }'
+else $as_nop
+ as_fn_arith ()
+ {
+ as_val=`expr "$@" || test $? -eq 1`
+ }
+fi # as_fn_arith
+
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+ test "X`expr 00001 : '.*\(...\)'`" = X001; then
+ as_expr=expr
+else
+ as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+ as_basename=basename
+else
+ as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+ as_dirname=dirname
+else
+ as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+ X"$0" : 'X\(//\)$' \| \
+ X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+printf "%s\n" X/"$0" |
+ sed '/^.*\/\([^/][^/]*\)\/*$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+
+# Determine whether it's possible to make 'echo' print without a newline.
+# These variables are no longer used directly by Autoconf, but are AC_SUBSTed
+# for compatibility with existing Makefiles.
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in #(((((
+-n*)
+ case `echo 'xy\c'` in
+ *c*) ECHO_T=' ';; # ECHO_T is single tab character.
+ xy) ECHO_C='\c';;
+ *) echo `echo ksh88 bug on AIX 6.1` > /dev/null
+ ECHO_T=' ';;
+ esac;;
+*)
+ ECHO_N='-n';;
+esac
+
+# For backward compatibility with old third-party macros, we provide
+# the shell variables $as_echo and $as_echo_n. New code should use
+# AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively.
+as_echo='printf %s\n'
+as_echo_n='printf %s'
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+ rm -f conf$$.dir/conf$$.file
+else
+ rm -f conf$$.dir
+ mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+ if ln -s conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s='ln -s'
+ # ... but there are two gotchas:
+ # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+ # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+ # In both cases, we have to default to `cp -pR'.
+ ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+ as_ln_s='cp -pR'
+ elif ln conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s=ln
+ else
+ as_ln_s='cp -pR'
+ fi
+else
+ as_ln_s='cp -pR'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+
+# as_fn_mkdir_p
+# -------------
+# Create "$as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+ case $as_dir in #(
+ -*) as_dir=./$as_dir;;
+ esac
+ test -d "$as_dir" || eval $as_mkdir_p || {
+ as_dirs=
+ while :; do
+ case $as_dir in #(
+ *\'*) as_qdir=`printf "%s\n" "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+ *) as_qdir=$as_dir;;
+ esac
+ as_dirs="'$as_qdir' $as_dirs"
+ as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+printf "%s\n" X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ test -d "$as_dir" && break
+ done
+ test -z "$as_dirs" || eval "mkdir $as_dirs"
+ } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} # as_fn_mkdir_p
+if mkdir -p . 2>/dev/null; then
+ as_mkdir_p='mkdir -p "$as_dir"'
+else
+ test -d ./-p && rmdir ./-p
+ as_mkdir_p=false
+fi
+
+
+# as_fn_executable_p FILE
+# -----------------------
+# Test if FILE is an executable regular file.
+as_fn_executable_p ()
+{
+ test -f "$1" && test -x "$1"
+} # as_fn_executable_p
+as_test_x='test -x'
+as_executable_p=as_fn_executable_p
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+exec 6>&1
+## ----------------------------------- ##
+## Main body of $CONFIG_STATUS script. ##
+## ----------------------------------- ##
+_ASEOF
+test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# Save the log message, to keep $0 and so on meaningful, and to
+# report actual input values of CONFIG_FILES etc. instead of their
+# values after options handling.
+ac_log="
+This file was extended by xmlsec1 $as_me 1.2.39, which was
+generated by GNU Autoconf 2.71. Invocation command line was
+
+ CONFIG_FILES = $CONFIG_FILES
+ CONFIG_HEADERS = $CONFIG_HEADERS
+ CONFIG_LINKS = $CONFIG_LINKS
+ CONFIG_COMMANDS = $CONFIG_COMMANDS
+ $ $0 $@
+
+on `(hostname || uname -n) 2>/dev/null | sed 1q`
+"
+
+_ACEOF
+
+case $ac_config_files in *"
+"*) set x $ac_config_files; shift; ac_config_files=$*;;
+esac
+
+case $ac_config_headers in *"
+"*) set x $ac_config_headers; shift; ac_config_headers=$*;;
+esac
+
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+# Files that config.status was made for.
+config_files="$ac_config_files"
+config_headers="$ac_config_headers"
+config_commands="$ac_config_commands"
+
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ac_cs_usage="\
+\`$as_me' instantiates files and other configuration actions
+from templates according to the current configuration. Unless the files
+and actions are specified as TAGs, all are instantiated by default.
+
+Usage: $0 [OPTION]... [TAG]...
+
+ -h, --help print this help, then exit
+ -V, --version print version number and configuration settings, then exit
+ --config print configuration, then exit
+ -q, --quiet, --silent
+ do not print progress messages
+ -d, --debug don't remove temporary files
+ --recheck update $as_me by reconfiguring in the same conditions
+ --file=FILE[:TEMPLATE]
+ instantiate the configuration file FILE
+ --header=FILE[:TEMPLATE]
+ instantiate the configuration header FILE
+
+Configuration files:
+$config_files
+
+Configuration headers:
+$config_headers
+
+Configuration commands:
+$config_commands
+
+Report bugs to <http://www.aleksey.com/xmlsec>."
+
+_ACEOF
+ac_cs_config=`printf "%s\n" "$ac_configure_args" | sed "$ac_safe_unquote"`
+ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\''/g"`
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_cs_config='$ac_cs_config_escaped'
+ac_cs_version="\\
+xmlsec1 config.status 1.2.39
+configured by $0, generated by GNU Autoconf 2.71,
+ with options \\"\$ac_cs_config\\"
+
+Copyright (C) 2021 Free Software Foundation, Inc.
+This config.status script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it."
+
+ac_pwd='$ac_pwd'
+srcdir='$srcdir'
+INSTALL='$INSTALL'
+MKDIR_P='$MKDIR_P'
+AWK='$AWK'
+test -n "\$AWK" || AWK=awk
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# The default lists apply if the user does not specify any file.
+ac_need_defaults=:
+while test $# != 0
+do
+ case $1 in
+ --*=?*)
+ ac_option=`expr "X$1" : 'X\([^=]*\)='`
+ ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
+ ac_shift=:
+ ;;
+ --*=)
+ ac_option=`expr "X$1" : 'X\([^=]*\)='`
+ ac_optarg=
+ ac_shift=:
+ ;;
+ *)
+ ac_option=$1
+ ac_optarg=$2
+ ac_shift=shift
+ ;;
+ esac
+
+ case $ac_option in
+ # Handling of the options.
+ -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+ ac_cs_recheck=: ;;
+ --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
+ printf "%s\n" "$ac_cs_version"; exit ;;
+ --config | --confi | --conf | --con | --co | --c )
+ printf "%s\n" "$ac_cs_config"; exit ;;
+ --debug | --debu | --deb | --de | --d | -d )
+ debug=: ;;
+ --file | --fil | --fi | --f )
+ $ac_shift
+ case $ac_optarg in
+ *\'*) ac_optarg=`printf "%s\n" "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+ '') as_fn_error $? "missing file argument" ;;
+ esac
+ as_fn_append CONFIG_FILES " '$ac_optarg'"
+ ac_need_defaults=false;;
+ --header | --heade | --head | --hea )
+ $ac_shift
+ case $ac_optarg in
+ *\'*) ac_optarg=`printf "%s\n" "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+ esac
+ as_fn_append CONFIG_HEADERS " '$ac_optarg'"
+ ac_need_defaults=false;;
+ --he | --h)
+ # Conflict between --help and --header
+ as_fn_error $? "ambiguous option: \`$1'
+Try \`$0 --help' for more information.";;
+ --help | --hel | -h )
+ printf "%s\n" "$ac_cs_usage"; exit ;;
+ -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+ | -silent | --silent | --silen | --sile | --sil | --si | --s)
+ ac_cs_silent=: ;;
+
+ # This is an error.
+ -*) as_fn_error $? "unrecognized option: \`$1'
+Try \`$0 --help' for more information." ;;
+
+ *) as_fn_append ac_config_targets " $1"
+ ac_need_defaults=false ;;
+
+ esac
+ shift
+done
+
+ac_configure_extra_args=
+
+if $ac_cs_silent; then
+ exec 6>/dev/null
+ ac_configure_extra_args="$ac_configure_extra_args --silent"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+if \$ac_cs_recheck; then
+ set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
+ shift
+ \printf "%s\n" "running CONFIG_SHELL=$SHELL \$*" >&6
+ CONFIG_SHELL='$SHELL'
+ export CONFIG_SHELL
+ exec "\$@"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+exec 5>>config.log
+{
+ echo
+ sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
+## Running $as_me. ##
+_ASBOX
+ printf "%s\n" "$ac_log"
+} >&5
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+#
+# INIT-COMMANDS
+#
+AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}"
+
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+sed_quote_subst='$sed_quote_subst'
+double_quote_subst='$double_quote_subst'
+delay_variable_subst='$delay_variable_subst'
+macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`'
+macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`'
+enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`'
+enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`'
+pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`'
+enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`'
+shared_archive_member_spec='`$ECHO "$shared_archive_member_spec" | $SED "$delay_single_quote_subst"`'
+SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`'
+ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`'
+PATH_SEPARATOR='`$ECHO "$PATH_SEPARATOR" | $SED "$delay_single_quote_subst"`'
+host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`'
+host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`'
+host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`'
+build_alias='`$ECHO "$build_alias" | $SED "$delay_single_quote_subst"`'
+build='`$ECHO "$build" | $SED "$delay_single_quote_subst"`'
+build_os='`$ECHO "$build_os" | $SED "$delay_single_quote_subst"`'
+SED='`$ECHO "$SED" | $SED "$delay_single_quote_subst"`'
+Xsed='`$ECHO "$Xsed" | $SED "$delay_single_quote_subst"`'
+GREP='`$ECHO "$GREP" | $SED "$delay_single_quote_subst"`'
+EGREP='`$ECHO "$EGREP" | $SED "$delay_single_quote_subst"`'
+FGREP='`$ECHO "$FGREP" | $SED "$delay_single_quote_subst"`'
+LD='`$ECHO "$LD" | $SED "$delay_single_quote_subst"`'
+NM='`$ECHO "$NM" | $SED "$delay_single_quote_subst"`'
+LN_S='`$ECHO "$LN_S" | $SED "$delay_single_quote_subst"`'
+max_cmd_len='`$ECHO "$max_cmd_len" | $SED "$delay_single_quote_subst"`'
+ac_objext='`$ECHO "$ac_objext" | $SED "$delay_single_quote_subst"`'
+exeext='`$ECHO "$exeext" | $SED "$delay_single_quote_subst"`'
+lt_unset='`$ECHO "$lt_unset" | $SED "$delay_single_quote_subst"`'
+lt_SP2NL='`$ECHO "$lt_SP2NL" | $SED "$delay_single_quote_subst"`'
+lt_NL2SP='`$ECHO "$lt_NL2SP" | $SED "$delay_single_quote_subst"`'
+lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_quote_subst"`'
+lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`'
+reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`'
+reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`'
+FILECMD='`$ECHO "$FILECMD" | $SED "$delay_single_quote_subst"`'
+OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`'
+deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`'
+file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`'
+file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`'
+want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`'
+DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`'
+sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`'
+AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`'
+lt_ar_flags='`$ECHO "$lt_ar_flags" | $SED "$delay_single_quote_subst"`'
+AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`'
+archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`'
+STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`'
+RANLIB='`$ECHO "$RANLIB" | $SED "$delay_single_quote_subst"`'
+old_postinstall_cmds='`$ECHO "$old_postinstall_cmds" | $SED "$delay_single_quote_subst"`'
+old_postuninstall_cmds='`$ECHO "$old_postuninstall_cmds" | $SED "$delay_single_quote_subst"`'
+old_archive_cmds='`$ECHO "$old_archive_cmds" | $SED "$delay_single_quote_subst"`'
+lock_old_archive_extraction='`$ECHO "$lock_old_archive_extraction" | $SED "$delay_single_quote_subst"`'
+CC='`$ECHO "$CC" | $SED "$delay_single_quote_subst"`'
+CFLAGS='`$ECHO "$CFLAGS" | $SED "$delay_single_quote_subst"`'
+compiler='`$ECHO "$compiler" | $SED "$delay_single_quote_subst"`'
+GCC='`$ECHO "$GCC" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_import='`$ECHO "$lt_cv_sys_global_symbol_to_import" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`'
+lt_cv_nm_interface='`$ECHO "$lt_cv_nm_interface" | $SED "$delay_single_quote_subst"`'
+nm_file_list_spec='`$ECHO "$nm_file_list_spec" | $SED "$delay_single_quote_subst"`'
+lt_sysroot='`$ECHO "$lt_sysroot" | $SED "$delay_single_quote_subst"`'
+lt_cv_truncate_bin='`$ECHO "$lt_cv_truncate_bin" | $SED "$delay_single_quote_subst"`'
+objdir='`$ECHO "$objdir" | $SED "$delay_single_quote_subst"`'
+MAGIC_CMD='`$ECHO "$MAGIC_CMD" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_no_builtin_flag='`$ECHO "$lt_prog_compiler_no_builtin_flag" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_pic='`$ECHO "$lt_prog_compiler_pic" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_static='`$ECHO "$lt_prog_compiler_static" | $SED "$delay_single_quote_subst"`'
+lt_cv_prog_compiler_c_o='`$ECHO "$lt_cv_prog_compiler_c_o" | $SED "$delay_single_quote_subst"`'
+need_locks='`$ECHO "$need_locks" | $SED "$delay_single_quote_subst"`'
+MANIFEST_TOOL='`$ECHO "$MANIFEST_TOOL" | $SED "$delay_single_quote_subst"`'
+DSYMUTIL='`$ECHO "$DSYMUTIL" | $SED "$delay_single_quote_subst"`'
+NMEDIT='`$ECHO "$NMEDIT" | $SED "$delay_single_quote_subst"`'
+LIPO='`$ECHO "$LIPO" | $SED "$delay_single_quote_subst"`'
+OTOOL='`$ECHO "$OTOOL" | $SED "$delay_single_quote_subst"`'
+OTOOL64='`$ECHO "$OTOOL64" | $SED "$delay_single_quote_subst"`'
+libext='`$ECHO "$libext" | $SED "$delay_single_quote_subst"`'
+shrext_cmds='`$ECHO "$shrext_cmds" | $SED "$delay_single_quote_subst"`'
+extract_expsyms_cmds='`$ECHO "$extract_expsyms_cmds" | $SED "$delay_single_quote_subst"`'
+archive_cmds_need_lc='`$ECHO "$archive_cmds_need_lc" | $SED "$delay_single_quote_subst"`'
+enable_shared_with_static_runtimes='`$ECHO "$enable_shared_with_static_runtimes" | $SED "$delay_single_quote_subst"`'
+export_dynamic_flag_spec='`$ECHO "$export_dynamic_flag_spec" | $SED "$delay_single_quote_subst"`'
+whole_archive_flag_spec='`$ECHO "$whole_archive_flag_spec" | $SED "$delay_single_quote_subst"`'
+compiler_needs_object='`$ECHO "$compiler_needs_object" | $SED "$delay_single_quote_subst"`'
+old_archive_from_new_cmds='`$ECHO "$old_archive_from_new_cmds" | $SED "$delay_single_quote_subst"`'
+old_archive_from_expsyms_cmds='`$ECHO "$old_archive_from_expsyms_cmds" | $SED "$delay_single_quote_subst"`'
+archive_cmds='`$ECHO "$archive_cmds" | $SED "$delay_single_quote_subst"`'
+archive_expsym_cmds='`$ECHO "$archive_expsym_cmds" | $SED "$delay_single_quote_subst"`'
+module_cmds='`$ECHO "$module_cmds" | $SED "$delay_single_quote_subst"`'
+module_expsym_cmds='`$ECHO "$module_expsym_cmds" | $SED "$delay_single_quote_subst"`'
+with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`'
+allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`'
+no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`'
+hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`'
+hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`'
+hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`'
+hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`'
+hardcode_minus_L='`$ECHO "$hardcode_minus_L" | $SED "$delay_single_quote_subst"`'
+hardcode_shlibpath_var='`$ECHO "$hardcode_shlibpath_var" | $SED "$delay_single_quote_subst"`'
+hardcode_automatic='`$ECHO "$hardcode_automatic" | $SED "$delay_single_quote_subst"`'
+inherit_rpath='`$ECHO "$inherit_rpath" | $SED "$delay_single_quote_subst"`'
+link_all_deplibs='`$ECHO "$link_all_deplibs" | $SED "$delay_single_quote_subst"`'
+always_export_symbols='`$ECHO "$always_export_symbols" | $SED "$delay_single_quote_subst"`'
+export_symbols_cmds='`$ECHO "$export_symbols_cmds" | $SED "$delay_single_quote_subst"`'
+exclude_expsyms='`$ECHO "$exclude_expsyms" | $SED "$delay_single_quote_subst"`'
+include_expsyms='`$ECHO "$include_expsyms" | $SED "$delay_single_quote_subst"`'
+prelink_cmds='`$ECHO "$prelink_cmds" | $SED "$delay_single_quote_subst"`'
+postlink_cmds='`$ECHO "$postlink_cmds" | $SED "$delay_single_quote_subst"`'
+file_list_spec='`$ECHO "$file_list_spec" | $SED "$delay_single_quote_subst"`'
+variables_saved_for_relink='`$ECHO "$variables_saved_for_relink" | $SED "$delay_single_quote_subst"`'
+need_lib_prefix='`$ECHO "$need_lib_prefix" | $SED "$delay_single_quote_subst"`'
+need_version='`$ECHO "$need_version" | $SED "$delay_single_quote_subst"`'
+version_type='`$ECHO "$version_type" | $SED "$delay_single_quote_subst"`'
+runpath_var='`$ECHO "$runpath_var" | $SED "$delay_single_quote_subst"`'
+shlibpath_var='`$ECHO "$shlibpath_var" | $SED "$delay_single_quote_subst"`'
+shlibpath_overrides_runpath='`$ECHO "$shlibpath_overrides_runpath" | $SED "$delay_single_quote_subst"`'
+libname_spec='`$ECHO "$libname_spec" | $SED "$delay_single_quote_subst"`'
+library_names_spec='`$ECHO "$library_names_spec" | $SED "$delay_single_quote_subst"`'
+soname_spec='`$ECHO "$soname_spec" | $SED "$delay_single_quote_subst"`'
+install_override_mode='`$ECHO "$install_override_mode" | $SED "$delay_single_quote_subst"`'
+postinstall_cmds='`$ECHO "$postinstall_cmds" | $SED "$delay_single_quote_subst"`'
+postuninstall_cmds='`$ECHO "$postuninstall_cmds" | $SED "$delay_single_quote_subst"`'
+finish_cmds='`$ECHO "$finish_cmds" | $SED "$delay_single_quote_subst"`'
+finish_eval='`$ECHO "$finish_eval" | $SED "$delay_single_quote_subst"`'
+hardcode_into_libs='`$ECHO "$hardcode_into_libs" | $SED "$delay_single_quote_subst"`'
+sys_lib_search_path_spec='`$ECHO "$sys_lib_search_path_spec" | $SED "$delay_single_quote_subst"`'
+configure_time_dlsearch_path='`$ECHO "$configure_time_dlsearch_path" | $SED "$delay_single_quote_subst"`'
+configure_time_lt_sys_library_path='`$ECHO "$configure_time_lt_sys_library_path" | $SED "$delay_single_quote_subst"`'
+hardcode_action='`$ECHO "$hardcode_action" | $SED "$delay_single_quote_subst"`'
+enable_dlopen='`$ECHO "$enable_dlopen" | $SED "$delay_single_quote_subst"`'
+enable_dlopen_self='`$ECHO "$enable_dlopen_self" | $SED "$delay_single_quote_subst"`'
+enable_dlopen_self_static='`$ECHO "$enable_dlopen_self_static" | $SED "$delay_single_quote_subst"`'
+old_striplib='`$ECHO "$old_striplib" | $SED "$delay_single_quote_subst"`'
+striplib='`$ECHO "$striplib" | $SED "$delay_single_quote_subst"`'
+
+LTCC='$LTCC'
+LTCFLAGS='$LTCFLAGS'
+compiler='$compiler_DEFAULT'
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+ eval 'cat <<_LTECHO_EOF
+\$1
+_LTECHO_EOF'
+}
+
+# Quote evaled strings.
+for var in SHELL \
+ECHO \
+PATH_SEPARATOR \
+SED \
+GREP \
+EGREP \
+FGREP \
+LD \
+NM \
+LN_S \
+lt_SP2NL \
+lt_NL2SP \
+reload_flag \
+FILECMD \
+OBJDUMP \
+deplibs_check_method \
+file_magic_cmd \
+file_magic_glob \
+want_nocaseglob \
+DLLTOOL \
+sharedlib_from_linklib_cmd \
+AR \
+archiver_list_spec \
+STRIP \
+RANLIB \
+CC \
+CFLAGS \
+compiler \
+lt_cv_sys_global_symbol_pipe \
+lt_cv_sys_global_symbol_to_cdecl \
+lt_cv_sys_global_symbol_to_import \
+lt_cv_sys_global_symbol_to_c_name_address \
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix \
+lt_cv_nm_interface \
+nm_file_list_spec \
+lt_cv_truncate_bin \
+lt_prog_compiler_no_builtin_flag \
+lt_prog_compiler_pic \
+lt_prog_compiler_wl \
+lt_prog_compiler_static \
+lt_cv_prog_compiler_c_o \
+need_locks \
+MANIFEST_TOOL \
+DSYMUTIL \
+NMEDIT \
+LIPO \
+OTOOL \
+OTOOL64 \
+shrext_cmds \
+export_dynamic_flag_spec \
+whole_archive_flag_spec \
+compiler_needs_object \
+with_gnu_ld \
+allow_undefined_flag \
+no_undefined_flag \
+hardcode_libdir_flag_spec \
+hardcode_libdir_separator \
+exclude_expsyms \
+include_expsyms \
+file_list_spec \
+variables_saved_for_relink \
+libname_spec \
+library_names_spec \
+soname_spec \
+install_override_mode \
+finish_eval \
+old_striplib \
+striplib; do
+ case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
+ *[\\\\\\\`\\"\\\$]*)
+ eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" ## exclude from sc_prohibit_nested_quotes
+ ;;
+ *)
+ eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+ ;;
+ esac
+done
+
+# Double-quote double-evaled strings.
+for var in reload_cmds \
+old_postinstall_cmds \
+old_postuninstall_cmds \
+old_archive_cmds \
+extract_expsyms_cmds \
+old_archive_from_new_cmds \
+old_archive_from_expsyms_cmds \
+archive_cmds \
+archive_expsym_cmds \
+module_cmds \
+module_expsym_cmds \
+export_symbols_cmds \
+prelink_cmds \
+postlink_cmds \
+postinstall_cmds \
+postuninstall_cmds \
+finish_cmds \
+sys_lib_search_path_spec \
+configure_time_dlsearch_path \
+configure_time_lt_sys_library_path; do
+ case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
+ *[\\\\\\\`\\"\\\$]*)
+ eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" ## exclude from sc_prohibit_nested_quotes
+ ;;
+ *)
+ eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+ ;;
+ esac
+done
+
+ac_aux_dir='$ac_aux_dir'
+
+# See if we are running on zsh, and set the options that allow our
+# commands through without removal of \ escapes INIT.
+if test -n "\${ZSH_VERSION+set}"; then
+ setopt NO_GLOB_SUBST
+fi
+
+
+ PACKAGE='$PACKAGE'
+ VERSION='$VERSION'
+ RM='$RM'
+ ofile='$ofile'
+
+
+
+
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+
+# Handling of arguments.
+for ac_config_target in $ac_config_targets
+do
+ case $ac_config_target in
+ "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
+ "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;;
+ "libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;;
+ "include/xmlsec/openssl/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/openssl/Makefile" ;;
+ "src/openssl/Makefile") CONFIG_FILES="$CONFIG_FILES src/openssl/Makefile" ;;
+ "include/xmlsec/gnutls/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/gnutls/Makefile" ;;
+ "src/gnutls/Makefile") CONFIG_FILES="$CONFIG_FILES src/gnutls/Makefile" ;;
+ "include/xmlsec/gcrypt/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/gcrypt/Makefile" ;;
+ "src/gcrypt/Makefile") CONFIG_FILES="$CONFIG_FILES src/gcrypt/Makefile" ;;
+ "include/xmlsec/nss/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/nss/Makefile" ;;
+ "src/nss/Makefile") CONFIG_FILES="$CONFIG_FILES src/nss/Makefile" ;;
+ "include/xmlsec/mscrypto/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/mscrypto/Makefile" ;;
+ "src/mscrypto/Makefile") CONFIG_FILES="$CONFIG_FILES src/mscrypto/Makefile" ;;
+ "include/xmlsec/mscng/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/mscng/Makefile" ;;
+ "src/mscng/Makefile") CONFIG_FILES="$CONFIG_FILES src/mscng/Makefile" ;;
+ "xmlsec1.pc") CONFIG_FILES="$CONFIG_FILES xmlsec1.pc:xmlsec.pc.in" ;;
+ "include/xmlsec/version.h") CONFIG_FILES="$CONFIG_FILES include/xmlsec/version.h" ;;
+ "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
+ "include/Makefile") CONFIG_FILES="$CONFIG_FILES include/Makefile" ;;
+ "include/xmlsec/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/Makefile" ;;
+ "src/Makefile") CONFIG_FILES="$CONFIG_FILES src/Makefile" ;;
+ "apps/Makefile") CONFIG_FILES="$CONFIG_FILES apps/Makefile" ;;
+ "docs/Makefile") CONFIG_FILES="$CONFIG_FILES docs/Makefile" ;;
+ "docs/api/Makefile") CONFIG_FILES="$CONFIG_FILES docs/api/Makefile" ;;
+ "man/Makefile") CONFIG_FILES="$CONFIG_FILES man/Makefile" ;;
+ "xmlsec1-openssl.pc") CONFIG_FILES="$CONFIG_FILES xmlsec1-openssl.pc:xmlsec-openssl.pc.in" ;;
+ "xmlsec1-gnutls.pc") CONFIG_FILES="$CONFIG_FILES xmlsec1-gnutls.pc:xmlsec-gnutls.pc.in" ;;
+ "xmlsec1-gcrypt.pc") CONFIG_FILES="$CONFIG_FILES xmlsec1-gcrypt.pc:xmlsec-gcrypt.pc.in" ;;
+ "xmlsec1-nss.pc") CONFIG_FILES="$CONFIG_FILES xmlsec1-nss.pc:xmlsec-nss.pc.in" ;;
+ "xmlsec1.spec") CONFIG_FILES="$CONFIG_FILES xmlsec1.spec:xmlsec.spec.in" ;;
+ "xmlsec1Conf.sh") CONFIG_FILES="$CONFIG_FILES xmlsec1Conf.sh:xmlsecConf.sh.in" ;;
+ "xmlsec1-config") CONFIG_FILES="$CONFIG_FILES xmlsec1-config:xmlsec-config.in" ;;
+
+ *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
+ esac
+done
+
+
+# If the user did not use the arguments to specify the items to instantiate,
+# then the envvar interface is used. Set only those that are not.
+# We use the long form for the default assignment because of an extremely
+# bizarre bug on SunOS 4.1.3.
+if $ac_need_defaults; then
+ test ${CONFIG_FILES+y} || CONFIG_FILES=$config_files
+ test ${CONFIG_HEADERS+y} || CONFIG_HEADERS=$config_headers
+ test ${CONFIG_COMMANDS+y} || CONFIG_COMMANDS=$config_commands
+fi
+
+# Have a temporary directory for convenience. Make it in the build tree
+# simply because there is no reason against having it here, and in addition,
+# creating and moving files from /tmp can sometimes cause problems.
+# Hook for its removal unless debugging.
+# Note that there is a small window in which the directory will not be cleaned:
+# after its creation but before its name has been assigned to `$tmp'.
+$debug ||
+{
+ tmp= ac_tmp=
+ trap 'exit_status=$?
+ : "${ac_tmp:=$tmp}"
+ { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
+' 0
+ trap 'as_fn_exit 1' 1 2 13 15
+}
+# Create a (secure) tmp directory for tmp files.
+
+{
+ tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
+ test -d "$tmp"
+} ||
+{
+ tmp=./conf$$-$RANDOM
+ (umask 077 && mkdir "$tmp")
+} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5
+ac_tmp=$tmp
+
+# Set up the scripts for CONFIG_FILES section.
+# No need to generate them if there are no CONFIG_FILES.
+# This happens for instance with `./config.status config.h'.
+if test -n "$CONFIG_FILES"; then
+
+
+ac_cr=`echo X | tr X '\015'`
+# On cygwin, bash can eat \r inside `` if the user requested igncr.
+# But we know of no other shell where ac_cr would be empty at this
+# point, so we can use a bashism as a fallback.
+if test "x$ac_cr" = x; then
+ eval ac_cr=\$\'\\r\'
+fi
+ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
+if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
+ ac_cs_awk_cr='\\r'
+else
+ ac_cs_awk_cr=$ac_cr
+fi
+
+echo 'BEGIN {' >"$ac_tmp/subs1.awk" &&
+_ACEOF
+
+
+{
+ echo "cat >conf$$subs.awk <<_ACEOF" &&
+ echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
+ echo "_ACEOF"
+} >conf$$subs.sh ||
+ as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'`
+ac_delim='%!_!# '
+for ac_last_try in false false false false false :; do
+ . ./conf$$subs.sh ||
+ as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+
+ ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
+ if test $ac_delim_n = $ac_delim_num; then
+ break
+ elif $ac_last_try; then
+ as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+ else
+ ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+ fi
+done
+rm -f conf$$subs.sh
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK &&
+_ACEOF
+sed -n '
+h
+s/^/S["/; s/!.*/"]=/
+p
+g
+s/^[^!]*!//
+:repl
+t repl
+s/'"$ac_delim"'$//
+t delim
+:nl
+h
+s/\(.\{148\}\)..*/\1/
+t more1
+s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
+p
+n
+b repl
+:more1
+s/["\\]/\\&/g; s/^/"/; s/$/"\\/
+p
+g
+s/.\{148\}//
+t nl
+:delim
+h
+s/\(.\{148\}\)..*/\1/
+t more2
+s/["\\]/\\&/g; s/^/"/; s/$/"/
+p
+b
+:more2
+s/["\\]/\\&/g; s/^/"/; s/$/"\\/
+p
+g
+s/.\{148\}//
+t delim
+' <conf$$subs.awk | sed '
+/^[^""]/{
+ N
+ s/\n//
+}
+' >>$CONFIG_STATUS || ac_write_fail=1
+rm -f conf$$subs.awk
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+_ACAWK
+cat >>"\$ac_tmp/subs1.awk" <<_ACAWK &&
+ for (key in S) S_is_set[key] = 1
+ FS = "\a"
+
+}
+{
+ line = $ 0
+ nfields = split(line, field, "@")
+ substed = 0
+ len = length(field[1])
+ for (i = 2; i < nfields; i++) {
+ key = field[i]
+ keylen = length(key)
+ if (S_is_set[key]) {
+ value = S[key]
+ line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
+ len += length(value) + length(field[++i])
+ substed = 1
+ } else
+ len += 1 + keylen
+ }
+
+ print line
+}
+
+_ACAWK
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
+ sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
+else
+ cat
+fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \
+ || as_fn_error $? "could not setup config files machinery" "$LINENO" 5
+_ACEOF
+
+# VPATH may cause trouble with some makes, so we remove sole $(srcdir),
+# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and
+# trailing colons and then remove the whole line if VPATH becomes empty
+# (actually we leave an empty line to preserve line numbers).
+if test "x$srcdir" = x.; then
+ ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{
+h
+s///
+s/^/:/
+s/[ ]*$/:/
+s/:\$(srcdir):/:/g
+s/:\${srcdir}:/:/g
+s/:@srcdir@:/:/g
+s/^:*//
+s/:*$//
+x
+s/\(=[ ]*\).*/\1/
+G
+s/\n//
+s/^[^=]*=[ ]*$//
+}'
+fi
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+fi # test -n "$CONFIG_FILES"
+
+# Set up the scripts for CONFIG_HEADERS section.
+# No need to generate them if there are no CONFIG_HEADERS.
+# This happens for instance with `./config.status Makefile'.
+if test -n "$CONFIG_HEADERS"; then
+cat >"$ac_tmp/defines.awk" <<\_ACAWK ||
+BEGIN {
+_ACEOF
+
+# Transform confdefs.h into an awk script `defines.awk', embedded as
+# here-document in config.status, that substitutes the proper values into
+# config.h.in to produce config.h.
+
+# Create a delimiter string that does not exist in confdefs.h, to ease
+# handling of long lines.
+ac_delim='%!_!# '
+for ac_last_try in false false :; do
+ ac_tt=`sed -n "/$ac_delim/p" confdefs.h`
+ if test -z "$ac_tt"; then
+ break
+ elif $ac_last_try; then
+ as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5
+ else
+ ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+ fi
+done
+
+# For the awk script, D is an array of macro values keyed by name,
+# likewise P contains macro parameters if any. Preserve backslash
+# newline sequences.
+
+ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]*
+sed -n '
+s/.\{148\}/&'"$ac_delim"'/g
+t rset
+:rset
+s/^[ ]*#[ ]*define[ ][ ]*/ /
+t def
+d
+:def
+s/\\$//
+t bsnl
+s/["\\]/\\&/g
+s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\
+D["\1"]=" \3"/p
+s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p
+d
+:bsnl
+s/["\\]/\\&/g
+s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\
+D["\1"]=" \3\\\\\\n"\\/p
+t cont
+s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p
+t cont
+d
+:cont
+n
+s/.\{148\}/&'"$ac_delim"'/g
+t clear
+:clear
+s/\\$//
+t bsnlc
+s/["\\]/\\&/g; s/^/"/; s/$/"/p
+d
+:bsnlc
+s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p
+b cont
+' <confdefs.h | sed '
+s/'"$ac_delim"'/"\\\
+"/g' >>$CONFIG_STATUS || ac_write_fail=1
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ for (key in D) D_is_set[key] = 1
+ FS = "\a"
+}
+/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ {
+ line = \$ 0
+ split(line, arg, " ")
+ if (arg[1] == "#") {
+ defundef = arg[2]
+ mac1 = arg[3]
+ } else {
+ defundef = substr(arg[1], 2)
+ mac1 = arg[2]
+ }
+ split(mac1, mac2, "(") #)
+ macro = mac2[1]
+ prefix = substr(line, 1, index(line, defundef) - 1)
+ if (D_is_set[macro]) {
+ # Preserve the white space surrounding the "#".
+ print prefix "define", macro P[macro] D[macro]
+ next
+ } else {
+ # Replace #undef with comments. This is necessary, for example,
+ # in the case of _POSIX_SOURCE, which is predefined and required
+ # on some systems where configure will not decide to define it.
+ if (defundef == "undef") {
+ print "/*", prefix defundef, macro, "*/"
+ next
+ }
+ }
+}
+{ print }
+_ACAWK
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ as_fn_error $? "could not setup config headers machinery" "$LINENO" 5
+fi # test -n "$CONFIG_HEADERS"
+
+
+eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS"
+shift
+for ac_tag
+do
+ case $ac_tag in
+ :[FHLC]) ac_mode=$ac_tag; continue;;
+ esac
+ case $ac_mode$ac_tag in
+ :[FHL]*:*);;
+ :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;;
+ :[FH]-) ac_tag=-:-;;
+ :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
+ esac
+ ac_save_IFS=$IFS
+ IFS=:
+ set x $ac_tag
+ IFS=$ac_save_IFS
+ shift
+ ac_file=$1
+ shift
+
+ case $ac_mode in
+ :L) ac_source=$1;;
+ :[FH])
+ ac_file_inputs=
+ for ac_f
+ do
+ case $ac_f in
+ -) ac_f="$ac_tmp/stdin";;
+ *) # Look for the file first in the build tree, then in the source tree
+ # (if the path is not absolute). The absolute path cannot be DOS-style,
+ # because $ac_f cannot contain `:'.
+ test -f "$ac_f" ||
+ case $ac_f in
+ [\\/$]*) false;;
+ *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
+ esac ||
+ as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;;
+ esac
+ case $ac_f in *\'*) ac_f=`printf "%s\n" "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
+ as_fn_append ac_file_inputs " '$ac_f'"
+ done
+
+ # Let's still pretend it is `configure' which instantiates (i.e., don't
+ # use $as_me), people would be surprised to read:
+ # /* config.h. Generated by config.status. */
+ configure_input='Generated from '`
+ printf "%s\n" "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
+ `' by configure.'
+ if test x"$ac_file" != x-; then
+ configure_input="$ac_file. $configure_input"
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5
+printf "%s\n" "$as_me: creating $ac_file" >&6;}
+ fi
+ # Neutralize special characters interpreted by sed in replacement strings.
+ case $configure_input in #(
+ *\&* | *\|* | *\\* )
+ ac_sed_conf_input=`printf "%s\n" "$configure_input" |
+ sed 's/[\\\\&|]/\\\\&/g'`;; #(
+ *) ac_sed_conf_input=$configure_input;;
+ esac
+
+ case $ac_tag in
+ *:-:* | *:-) cat >"$ac_tmp/stdin" \
+ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;;
+ esac
+ ;;
+ esac
+
+ ac_dir=`$as_dirname -- "$ac_file" ||
+$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$ac_file" : 'X\(//\)[^/]' \| \
+ X"$ac_file" : 'X\(//\)$' \| \
+ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
+printf "%s\n" X"$ac_file" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ as_dir="$ac_dir"; as_fn_mkdir_p
+ ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+ ac_dir_suffix=/`printf "%s\n" "$ac_dir" | sed 's|^\.[\\/]||'`
+ # A ".." for each directory in $ac_dir_suffix.
+ ac_top_builddir_sub=`printf "%s\n" "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+ case $ac_top_builddir_sub in
+ "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+ *) ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+ esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+ .) # We are building in place.
+ ac_srcdir=.
+ ac_top_srcdir=$ac_top_builddir_sub
+ ac_abs_top_srcdir=$ac_pwd ;;
+ [\\/]* | ?:[\\/]* ) # Absolute name.
+ ac_srcdir=$srcdir$ac_dir_suffix;
+ ac_top_srcdir=$srcdir
+ ac_abs_top_srcdir=$srcdir ;;
+ *) # Relative name.
+ ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+ ac_top_srcdir=$ac_top_build_prefix$srcdir
+ ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+
+ case $ac_mode in
+ :F)
+ #
+ # CONFIG_FILE
+ #
+
+ case $INSTALL in
+ [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
+ *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;;
+ esac
+ ac_MKDIR_P=$MKDIR_P
+ case $MKDIR_P in
+ [\\/$]* | ?:[\\/]* ) ;;
+ */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;;
+ esac
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# If the template does not know about datarootdir, expand it.
+# FIXME: This hack should be removed a few years after 2.60.
+ac_datarootdir_hack=; ac_datarootdir_seen=
+ac_sed_dataroot='
+/datarootdir/ {
+ p
+ q
+}
+/@datadir@/p
+/@docdir@/p
+/@infodir@/p
+/@localedir@/p
+/@mandir@/p'
+case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
+*datarootdir*) ac_datarootdir_seen=yes;;
+*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
+printf "%s\n" "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ ac_datarootdir_hack='
+ s&@datadir@&$datadir&g
+ s&@docdir@&$docdir&g
+ s&@infodir@&$infodir&g
+ s&@localedir@&$localedir&g
+ s&@mandir@&$mandir&g
+ s&\\\${datarootdir}&$datarootdir&g' ;;
+esac
+_ACEOF
+
+# Neutralize VPATH when `$srcdir' = `.'.
+# Shell code in configure.ac might set extrasub.
+# FIXME: do we really want to maintain this feature?
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_sed_extra="$ac_vpsub
+$extrasub
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+:t
+/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+s|@configure_input@|$ac_sed_conf_input|;t t
+s&@top_builddir@&$ac_top_builddir_sub&;t t
+s&@top_build_prefix@&$ac_top_build_prefix&;t t
+s&@srcdir@&$ac_srcdir&;t t
+s&@abs_srcdir@&$ac_abs_srcdir&;t t
+s&@top_srcdir@&$ac_top_srcdir&;t t
+s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t
+s&@builddir@&$ac_builddir&;t t
+s&@abs_builddir@&$ac_abs_builddir&;t t
+s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
+s&@INSTALL@&$ac_INSTALL&;t t
+s&@MKDIR_P@&$ac_MKDIR_P&;t t
+$ac_datarootdir_hack
+"
+eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \
+ >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+
+test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
+ { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } &&
+ { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \
+ "$ac_tmp/out"`; test -z "$ac_out"; } &&
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined. Please make sure it is defined" >&5
+printf "%s\n" "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined. Please make sure it is defined" >&2;}
+
+ rm -f "$ac_tmp/stdin"
+ case $ac_file in
+ -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";;
+ *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";;
+ esac \
+ || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+ ;;
+ :H)
+ #
+ # CONFIG_HEADER
+ #
+ if test x"$ac_file" != x-; then
+ {
+ printf "%s\n" "/* $configure_input */" >&1 \
+ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs"
+ } >"$ac_tmp/config.h" \
+ || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+ if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5
+printf "%s\n" "$as_me: $ac_file is unchanged" >&6;}
+ else
+ rm -f "$ac_file"
+ mv "$ac_tmp/config.h" "$ac_file" \
+ || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+ fi
+ else
+ printf "%s\n" "/* $configure_input */" >&1 \
+ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \
+ || as_fn_error $? "could not create -" "$LINENO" 5
+ fi
+# Compute "$ac_file"'s index in $config_headers.
+_am_arg="$ac_file"
+_am_stamp_count=1
+for _am_header in $config_headers :; do
+ case $_am_header in
+ $_am_arg | $_am_arg:* )
+ break ;;
+ * )
+ _am_stamp_count=`expr $_am_stamp_count + 1` ;;
+ esac
+done
+echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" ||
+$as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$_am_arg" : 'X\(//\)[^/]' \| \
+ X"$_am_arg" : 'X\(//\)$' \| \
+ X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null ||
+printf "%s\n" X"$_am_arg" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`/stamp-h$_am_stamp_count
+ ;;
+
+ :C) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5
+printf "%s\n" "$as_me: executing $ac_file commands" >&6;}
+ ;;
+ esac
+
+
+ case $ac_file$ac_mode in
+ "depfiles":C) test x"$AMDEP_TRUE" != x"" || {
+ # Older Autoconf quotes --file arguments for eval, but not when files
+ # are listed without --file. Let's play safe and only enable the eval
+ # if we detect the quoting.
+ # TODO: see whether this extra hack can be removed once we start
+ # requiring Autoconf 2.70 or later.
+ case $CONFIG_FILES in #(
+ *\'*) :
+ eval set x "$CONFIG_FILES" ;; #(
+ *) :
+ set x $CONFIG_FILES ;; #(
+ *) :
+ ;;
+esac
+ shift
+ # Used to flag and report bootstrapping failures.
+ am_rc=0
+ for am_mf
+ do
+ # Strip MF so we end up with the name of the file.
+ am_mf=`printf "%s\n" "$am_mf" | sed -e 's/:.*$//'`
+ # Check whether this is an Automake generated Makefile which includes
+ # dependency-tracking related rules and includes.
+ # Grep'ing the whole file directly is not great: AIX grep has a line
+ # limit of 2048, but all sed's we know have understand at least 4000.
+ sed -n 's,^am--depfiles:.*,X,p' "$am_mf" | grep X >/dev/null 2>&1 \
+ || continue
+ am_dirpart=`$as_dirname -- "$am_mf" ||
+$as_expr X"$am_mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$am_mf" : 'X\(//\)[^/]' \| \
+ X"$am_mf" : 'X\(//\)$' \| \
+ X"$am_mf" : 'X\(/\)' \| . 2>/dev/null ||
+printf "%s\n" X"$am_mf" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ am_filepart=`$as_basename -- "$am_mf" ||
+$as_expr X/"$am_mf" : '.*/\([^/][^/]*\)/*$' \| \
+ X"$am_mf" : 'X\(//\)$' \| \
+ X"$am_mf" : 'X\(/\)' \| . 2>/dev/null ||
+printf "%s\n" X/"$am_mf" |
+ sed '/^.*\/\([^/][^/]*\)\/*$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ { echo "$as_me:$LINENO: cd "$am_dirpart" \
+ && sed -e '/# am--include-marker/d' "$am_filepart" \
+ | $MAKE -f - am--depfiles" >&5
+ (cd "$am_dirpart" \
+ && sed -e '/# am--include-marker/d' "$am_filepart" \
+ | $MAKE -f - am--depfiles) >&5 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } || am_rc=$?
+ done
+ if test $am_rc -ne 0; then
+ { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "Something went wrong bootstrapping makefile fragments
+ for automatic dependency tracking. If GNU make was not used, consider
+ re-running the configure script with MAKE=\"gmake\" (or whatever is
+ necessary). You can also try re-running configure with the
+ '--disable-dependency-tracking' option to at least be able to build
+ the package (albeit without support for automatic dependency tracking).
+See \`config.log' for more details" "$LINENO" 5; }
+ fi
+ { am_dirpart=; unset am_dirpart;}
+ { am_filepart=; unset am_filepart;}
+ { am_mf=; unset am_mf;}
+ { am_rc=; unset am_rc;}
+ rm -f conftest-deps.mk
+}
+ ;;
+ "libtool":C)
+
+ # See if we are running on zsh, and set the options that allow our
+ # commands through without removal of \ escapes.
+ if test -n "${ZSH_VERSION+set}"; then
+ setopt NO_GLOB_SUBST
+ fi
+
+ cfgfile=${ofile}T
+ trap "$RM \"$cfgfile\"; exit 1" 1 2 15
+ $RM "$cfgfile"
+
+ cat <<_LT_EOF >> "$cfgfile"
+#! $SHELL
+# Generated automatically by $as_me ($PACKAGE) $VERSION
+# NOTE: Changes made to this file will be lost: look at ltmain.sh.
+
+# Provide generalized library-building support services.
+# Written by Gordon Matzigkeit, 1996
+
+# Copyright (C) 2014 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions. There is NO
+# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+# GNU Libtool is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of of the License, or
+# (at your option) any later version.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program or library that is built
+# using GNU Libtool, you may include this file under the same
+# distribution terms that you use for the rest of that program.
+#
+# GNU Libtool is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+
+# The names of the tagged configurations supported by this script.
+available_tags=''
+
+# Configured defaults for sys_lib_dlsearch_path munging.
+: \${LT_SYS_LIBRARY_PATH="$configure_time_lt_sys_library_path"}
+
+# ### BEGIN LIBTOOL CONFIG
+
+# Which release of libtool.m4 was used?
+macro_version=$macro_version
+macro_revision=$macro_revision
+
+# Whether or not to build shared libraries.
+build_libtool_libs=$enable_shared
+
+# Whether or not to build static libraries.
+build_old_libs=$enable_static
+
+# What type of objects to build.
+pic_mode=$pic_mode
+
+# Whether or not to optimize for fast installation.
+fast_install=$enable_fast_install
+
+# Shared archive member basename,for filename based shared library versioning on AIX.
+shared_archive_member_spec=$shared_archive_member_spec
+
+# Shell to use when invoking shell scripts.
+SHELL=$lt_SHELL
+
+# An echo program that protects backslashes.
+ECHO=$lt_ECHO
+
+# The PATH separator for the build system.
+PATH_SEPARATOR=$lt_PATH_SEPARATOR
+
+# The host system.
+host_alias=$host_alias
+host=$host
+host_os=$host_os
+
+# The build system.
+build_alias=$build_alias
+build=$build
+build_os=$build_os
+
+# A sed program that does not truncate output.
+SED=$lt_SED
+
+# Sed that helps us avoid accidentally triggering echo(1) options like -n.
+Xsed="\$SED -e 1s/^X//"
+
+# A grep program that handles long lines.
+GREP=$lt_GREP
+
+# An ERE matcher.
+EGREP=$lt_EGREP
+
+# A literal string matcher.
+FGREP=$lt_FGREP
+
+# A BSD- or MS-compatible name lister.
+NM=$lt_NM
+
+# Whether we need soft or hard links.
+LN_S=$lt_LN_S
+
+# What is the maximum length of a command?
+max_cmd_len=$max_cmd_len
+
+# Object file suffix (normally "o").
+objext=$ac_objext
+
+# Executable file suffix (normally "").
+exeext=$exeext
+
+# whether the shell understands "unset".
+lt_unset=$lt_unset
+
+# turn spaces into newlines.
+SP2NL=$lt_lt_SP2NL
+
+# turn newlines into spaces.
+NL2SP=$lt_lt_NL2SP
+
+# convert \$build file names to \$host format.
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+
+# convert \$build files to toolchain format.
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
+
+# A file(cmd) program that detects file types.
+FILECMD=$lt_FILECMD
+
+# An object symbol dumper.
+OBJDUMP=$lt_OBJDUMP
+
+# Method to check whether dependent libraries are shared objects.
+deplibs_check_method=$lt_deplibs_check_method
+
+# Command to use when deplibs_check_method = "file_magic".
+file_magic_cmd=$lt_file_magic_cmd
+
+# How to find potential files when deplibs_check_method = "file_magic".
+file_magic_glob=$lt_file_magic_glob
+
+# Find potential files using nocaseglob when deplibs_check_method = "file_magic".
+want_nocaseglob=$lt_want_nocaseglob
+
+# DLL creation program.
+DLLTOOL=$lt_DLLTOOL
+
+# Command to associate shared and link libraries.
+sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd
+
+# The archiver.
+AR=$lt_AR
+
+# Flags to create an archive (by configure).
+lt_ar_flags=$lt_ar_flags
+
+# Flags to create an archive.
+AR_FLAGS=\${ARFLAGS-"\$lt_ar_flags"}
+
+# How to feed a file listing to the archiver.
+archiver_list_spec=$lt_archiver_list_spec
+
+# A symbol stripping program.
+STRIP=$lt_STRIP
+
+# Commands used to install an old-style archive.
+RANLIB=$lt_RANLIB
+old_postinstall_cmds=$lt_old_postinstall_cmds
+old_postuninstall_cmds=$lt_old_postuninstall_cmds
+
+# Whether to use a lock for old archive extraction.
+lock_old_archive_extraction=$lock_old_archive_extraction
+
+# A C compiler.
+LTCC=$lt_CC
+
+# LTCC compiler flags.
+LTCFLAGS=$lt_CFLAGS
+
+# Take the output of nm and produce a listing of raw symbols and C names.
+global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe
+
+# Transform the output of nm in a proper C declaration.
+global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl
+
+# Transform the output of nm into a list of symbols to manually relocate.
+global_symbol_to_import=$lt_lt_cv_sys_global_symbol_to_import
+
+# Transform the output of nm in a C name address pair.
+global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
+
+# Transform the output of nm in a C name address pair when lib prefix is needed.
+global_symbol_to_c_name_address_lib_prefix=$lt_lt_cv_sys_global_symbol_to_c_name_address_lib_prefix
+
+# The name lister interface.
+nm_interface=$lt_lt_cv_nm_interface
+
+# Specify filename containing input files for \$NM.
+nm_file_list_spec=$lt_nm_file_list_spec
+
+# The root where to search for dependent libraries,and where our libraries should be installed.
+lt_sysroot=$lt_sysroot
+
+# Command to truncate a binary pipe.
+lt_truncate_bin=$lt_lt_cv_truncate_bin
+
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
+
+# Used to examine libraries when file_magic_cmd begins with "file".
+MAGIC_CMD=$MAGIC_CMD
+
+# Must we lock files when doing compilation?
+need_locks=$lt_need_locks
+
+# Manifest tool.
+MANIFEST_TOOL=$lt_MANIFEST_TOOL
+
+# Tool to manipulate archived DWARF debug symbol files on Mac OS X.
+DSYMUTIL=$lt_DSYMUTIL
+
+# Tool to change global to local symbols on Mac OS X.
+NMEDIT=$lt_NMEDIT
+
+# Tool to manipulate fat objects and archives on Mac OS X.
+LIPO=$lt_LIPO
+
+# ldd/readelf like tool for Mach-O binaries on Mac OS X.
+OTOOL=$lt_OTOOL
+
+# ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4.
+OTOOL64=$lt_OTOOL64
+
+# Old archive suffix (normally "a").
+libext=$libext
+
+# Shared library suffix (normally ".so").
+shrext_cmds=$lt_shrext_cmds
+
+# The commands to extract the exported symbol list from a shared archive.
+extract_expsyms_cmds=$lt_extract_expsyms_cmds
+
+# Variables whose values should be saved in libtool wrapper scripts and
+# restored at link time.
+variables_saved_for_relink=$lt_variables_saved_for_relink
+
+# Do we need the "lib" prefix for modules?
+need_lib_prefix=$need_lib_prefix
+
+# Do we need a version for libraries?
+need_version=$need_version
+
+# Library versioning type.
+version_type=$version_type
+
+# Shared library runtime path variable.
+runpath_var=$runpath_var
+
+# Shared library path variable.
+shlibpath_var=$shlibpath_var
+
+# Is shlibpath searched before the hard-coded library search path?
+shlibpath_overrides_runpath=$shlibpath_overrides_runpath
+
+# Format of library name prefix.
+libname_spec=$lt_libname_spec
+
+# List of archive names. First name is the real one, the rest are links.
+# The last name is the one that the linker finds with -lNAME
+library_names_spec=$lt_library_names_spec
+
+# The coded name of the library, if different from the real name.
+soname_spec=$lt_soname_spec
+
+# Permission mode override for installation of shared libraries.
+install_override_mode=$lt_install_override_mode
+
+# Command to use after installation of a shared archive.
+postinstall_cmds=$lt_postinstall_cmds
+
+# Command to use after uninstallation of a shared archive.
+postuninstall_cmds=$lt_postuninstall_cmds
+
+# Commands used to finish a libtool library installation in a directory.
+finish_cmds=$lt_finish_cmds
+
+# As "finish_cmds", except a single script fragment to be evaled but
+# not shown.
+finish_eval=$lt_finish_eval
+
+# Whether we should hardcode library paths into libraries.
+hardcode_into_libs=$hardcode_into_libs
+
+# Compile-time system search path for libraries.
+sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
+
+# Detected run-time system search path for libraries.
+sys_lib_dlsearch_path_spec=$lt_configure_time_dlsearch_path
+
+# Explicit LT_SYS_LIBRARY_PATH set during ./configure time.
+configure_time_lt_sys_library_path=$lt_configure_time_lt_sys_library_path
+
+# Whether dlopen is supported.
+dlopen_support=$enable_dlopen
+
+# Whether dlopen of programs is supported.
+dlopen_self=$enable_dlopen_self
+
+# Whether dlopen of statically linked programs is supported.
+dlopen_self_static=$enable_dlopen_self_static
+
+# Commands to strip libraries.
+old_striplib=$lt_old_striplib
+striplib=$lt_striplib
+
+
+# The linker used to build libraries.
+LD=$lt_LD
+
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag
+reload_cmds=$lt_reload_cmds
+
+# Commands used to build an old-style archive.
+old_archive_cmds=$lt_old_archive_cmds
+
+# A language specific compiler.
+CC=$lt_compiler
+
+# Is the compiler the GNU compiler?
+with_gcc=$GCC
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag
+
+# Additional compiler flags for building library objects.
+pic_flag=$lt_lt_prog_compiler_pic
+
+# How to pass a linker flag through the compiler.
+wl=$lt_lt_prog_compiler_wl
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$lt_lt_prog_compiler_static
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$lt_lt_cv_prog_compiler_c_o
+
+# Whether or not to add -lc for building shared libraries.
+build_libtool_need_lc=$archive_cmds_need_lc
+
+# Whether or not to disallow shared libs when runtime libs are static.
+allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$lt_export_dynamic_flag_spec
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$lt_whole_archive_flag_spec
+
+# Whether the compiler copes with passing no objects directly.
+compiler_needs_object=$lt_compiler_needs_object
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$lt_old_archive_from_new_cmds
+
+# Create a temporary old-style archive to link instead of a shared archive.
+old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds
+
+# Commands used to build a shared archive.
+archive_cmds=$lt_archive_cmds
+archive_expsym_cmds=$lt_archive_expsym_cmds
+
+# Commands used to build a loadable module if different from building
+# a shared archive.
+module_cmds=$lt_module_cmds
+module_expsym_cmds=$lt_module_expsym_cmds
+
+# Whether we are building with GNU ld or not.
+with_gnu_ld=$lt_with_gnu_ld
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$lt_allow_undefined_flag
+
+# Flag that enforces no undefined symbols.
+no_undefined_flag=$lt_no_undefined_flag
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist
+hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec
+
+# Whether we need a single "-rpath" flag with a separated argument.
+hardcode_libdir_separator=$lt_hardcode_libdir_separator
+
+# Set to "yes" if using DIR/libNAME\$shared_ext during linking hardcodes
+# DIR into the resulting binary.
+hardcode_direct=$hardcode_direct
+
+# Set to "yes" if using DIR/libNAME\$shared_ext during linking hardcodes
+# DIR into the resulting binary and the resulting library dependency is
+# "absolute",i.e impossible to change by setting \$shlibpath_var if the
+# library is relocated.
+hardcode_direct_absolute=$hardcode_direct_absolute
+
+# Set to "yes" if using the -LDIR flag during linking hardcodes DIR
+# into the resulting binary.
+hardcode_minus_L=$hardcode_minus_L
+
+# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR
+# into the resulting binary.
+hardcode_shlibpath_var=$hardcode_shlibpath_var
+
+# Set to "yes" if building a shared library automatically hardcodes DIR
+# into the library and all subsequent libraries and executables linked
+# against it.
+hardcode_automatic=$hardcode_automatic
+
+# Set to yes if linker adds runtime paths of dependent libraries
+# to runtime path list.
+inherit_rpath=$inherit_rpath
+
+# Whether libtool must link a program against all its dependency libraries.
+link_all_deplibs=$link_all_deplibs
+
+# Set to "yes" if exported symbols are required.
+always_export_symbols=$always_export_symbols
+
+# The commands to list exported symbols.
+export_symbols_cmds=$lt_export_symbols_cmds
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$lt_exclude_expsyms
+
+# Symbols that must always be exported.
+include_expsyms=$lt_include_expsyms
+
+# Commands necessary for linking programs (against libraries) with templates.
+prelink_cmds=$lt_prelink_cmds
+
+# Commands necessary for finishing linking programs.
+postlink_cmds=$lt_postlink_cmds
+
+# Specify filename containing input files.
+file_list_spec=$lt_file_list_spec
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$hardcode_action
+
+# ### END LIBTOOL CONFIG
+
+_LT_EOF
+
+ cat <<'_LT_EOF' >> "$cfgfile"
+
+# ### BEGIN FUNCTIONS SHARED WITH CONFIGURE
+
+# func_munge_path_list VARIABLE PATH
+# -----------------------------------
+# VARIABLE is name of variable containing _space_ separated list of
+# directories to be munged by the contents of PATH, which is string
+# having a format:
+# "DIR[:DIR]:"
+# string "DIR[ DIR]" will be prepended to VARIABLE
+# ":DIR[:DIR]"
+# string "DIR[ DIR]" will be appended to VARIABLE
+# "DIRP[:DIRP]::[DIRA:]DIRA"
+# string "DIRP[ DIRP]" will be prepended to VARIABLE and string
+# "DIRA[ DIRA]" will be appended to VARIABLE
+# "DIR[:DIR]"
+# VARIABLE will be replaced by "DIR[ DIR]"
+func_munge_path_list ()
+{
+ case x$2 in
+ x)
+ ;;
+ *:)
+ eval $1=\"`$ECHO $2 | $SED 's/:/ /g'` \$$1\"
+ ;;
+ x:*)
+ eval $1=\"\$$1 `$ECHO $2 | $SED 's/:/ /g'`\"
+ ;;
+ *::*)
+ eval $1=\"\$$1\ `$ECHO $2 | $SED -e 's/.*:://' -e 's/:/ /g'`\"
+ eval $1=\"`$ECHO $2 | $SED -e 's/::.*//' -e 's/:/ /g'`\ \$$1\"
+ ;;
+ *)
+ eval $1=\"`$ECHO $2 | $SED 's/:/ /g'`\"
+ ;;
+ esac
+}
+
+
+# Calculate cc_basename. Skip known compiler wrappers and cross-prefix.
+func_cc_basename ()
+{
+ for cc_temp in $*""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+ done
+ func_cc_basename_result=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"`
+}
+
+
+# ### END FUNCTIONS SHARED WITH CONFIGURE
+
+_LT_EOF
+
+ case $host_os in
+ aix3*)
+ cat <<\_LT_EOF >> "$cfgfile"
+# AIX sometimes has problems with the GCC collect2 program. For some
+# reason, if we set the COLLECT_NAMES environment variable, the problems
+# vanish in a puff of smoke.
+if test set != "${COLLECT_NAMES+set}"; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+fi
+_LT_EOF
+ ;;
+ esac
+
+
+
+ltmain=$ac_aux_dir/ltmain.sh
+
+
+ # We use sed instead of cat because bash on DJGPP gets confused if
+ # if finds mixed CR/LF and LF-only lines. Since sed operates in
+ # text mode, it properly converts lines to CR/LF. This bash problem
+ # is reportedly fixed, but why not run on old versions too?
+ $SED '$q' "$ltmain" >> "$cfgfile" \
+ || (rm -f "$cfgfile"; exit 1)
+
+ mv -f "$cfgfile" "$ofile" ||
+ (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
+ chmod +x "$ofile"
+
+ ;;
+ "xmlsec1Conf.sh":F) chmod +x xmlsec1Conf.sh ;;
+ "xmlsec1-config":F) chmod +x xmlsec1-config ;;
+
+ esac
+done # for ac_tag
+
+
+as_fn_exit 0
+_ACEOF
+ac_clean_files=$ac_clean_files_save
+
+test $ac_write_fail = 0 ||
+ as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5
+
+
+# configure is writing to config.log, and then calls config.status.
+# config.status does its own redirection, appending to config.log.
+# Unfortunately, on DOS this fails, as config.log is still kept open
+# by configure, so config.status won't be able to write to it; its
+# output is simply discarded. So we exec the FD to /dev/null,
+# effectively closing config.log, so it can be properly (re)opened and
+# appended to by config.status. When coming back to configure, we
+# need to make the FD available again.
+if test "$no_create" != yes; then
+ ac_cs_success=:
+ ac_config_status_args=
+ test "$silent" = yes &&
+ ac_config_status_args="$ac_config_status_args --quiet"
+ exec 5>/dev/null
+ $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false
+ exec 5>>config.log
+ # Use ||, not &&, to avoid exiting from the if with $? = 1, which
+ # would make configure fail if this is the last instruction.
+ $ac_cs_success || as_fn_exit 1
+fi
+if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
+ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
+printf "%s\n" "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
+fi
+
+
+
dnl Process this file with autoconf to produce a configure script.
-AC_INIT([xmlsec1],[1.2.28],[http://www.aleksey.com/xmlsec])
+AC_INIT([xmlsec1],[1.2.39],[http://www.aleksey.com/xmlsec])
XMLSEC_PACKAGE=xmlsec1
XMLSEC_VERSION_MAJOR=1
XMLSEC_VERSION_MINOR=2
-XMLSEC_VERSION_SUBMINOR=28
+XMLSEC_VERSION_SUBMINOR=39
XMLSEC_VERSION="$XMLSEC_VERSION_MAJOR.$XMLSEC_VERSION_MINOR.$XMLSEC_VERSION_SUBMINOR"
XMLSEC_VERSION_INFO=`echo $XMLSEC_VERSION | awk -F. '{ printf "%d:%d:%d", $1+$2, $3, $2 }'`
XMLSEC_VERSION_SAFE=`echo $XMLSEC_VERSION | sed 's/\./_/g'`
-AC_PREREQ([2.52g])
+AC_PREREQ([2.69])
AC_LANG(C)
AC_CANONICAL_HOST
dnl
AC_PROG_CC
AC_PROG_INSTALL
-AC_HEADER_STDC
-AC_PROG_LIBTOOL
+LT_INIT
+AC_PROG_EGREP
LT_INIT
dnl Checks for header files.
AC_HEADER_DIRENT
-AC_HEADER_STDC
-AC_CHECK_HEADERS([stdio.h])
-AC_CHECK_HEADERS([stdlib.h])
-AC_CHECK_HEADERS([string.h])
-AC_CHECK_HEADERS([ctype.h])
-AC_CHECK_HEADERS([errno.h])
-AC_CHECK_HEADERS([ansidecl.h])
-AC_CHECK_HEADERS([time.h])
-AC_CHECK_FUNCS(strchr strrchr printf sprintf fprintf snprintf vfprintf vsprintf vsnprintf sscanf timegm)
-XMLSEC_DEFINES=""
dnl ==========================================================================
-dnl Detect windows
+dnl XMLSec configs
dnl ==========================================================================
-build_windows=no
-case "${host_os}" in
- cygwin*|mingw*)
- build_windows=yes
- ;;
+XMLSEC_DEFINES=
+XMLSEC_APP_DEFINES=
+XMLSEC_EXTRA_LDFLAGS=
+XMLSEC_CRYPTO_EXTRA_LDFLAGS=
+
+dnl ==========================================================================
+dnl Perform host specific configuration
+dnl ==========================================================================
+
+build_on_aix=no
+build_on_windows=no
+build_on_mac=no
+build_on_linux=no
+AC_MSG_CHECKING(for build OS)
+
+dnl should separate extra LDFLAGS for xmlsec and crypto libs ?
+dnl should --enable-runtime-pseudo-reloc for mingw and cygwin ?
+if test -n "$shrext"; then
+ XMLSEC_SHLIBSFX="$shrext"
+else
+ dnl changed in libtool (between 1.5.2 and 1.5.14)
+ XMLSEC_SHLIBSFX="$shrext_cmds"
+fi
+
+case "${host}" in
+ *aix* )
+ CFLAGS="${CFLAGS} -D_ALL_SOURCE"
+
+ build_on_aix=yes
+ AC_MSG_RESULT("AIX")
+ ;;
+ *-*-mingw*)
+ dnl use libtool flags "-avoid-version" to create shared
+ dnl libraries without version suffix, i.e. libxmlsec1.dll
+ dnl instead libxmlsec1-NN.dll, where NN is a number.
+ XMLSEC_EXTRA_LDFLAGS="$XMLSEC_EXTRA_LDFLAGS -no-undefined -avoid-version"
+ XMLSEC_CRYPTO_EXTRA_LDFLAGS="$XMLSEC_CRYPTO_EXTRA_LDFLAGS -no-undefined -avoid-version"
+ XMLSEC_SHLIBSFX=".dll.a"
+
+ build_on_windows=yes
+ AC_MSG_RESULT("Windows (MinGW)")
+ ;;
+ *-*-cygwin*)
+ XMLSEC_EXTRA_LDFLAGS="$XMLSEC_EXTRA_LDFLAGS -no-undefined"
+ XMLSEC_CRYPTO_EXTRA_LDFLAGS="$XMLSEC_CRYPTO_EXTRA_LDFLAGS -no-undefined"
+
+ build_on_windows=yes
+ AC_MSG_RESULT("Windows (Cygwin)")
+ ;;
+ *-*-darwin*)
+ XMLSEC_SHLIBSFX=".dylib"
+
+ build_on_mac=yes
+ AC_MSG_RESULT("MacOSX")
+ ;;
+ *-*-linux*)
+ build_on_linux=yes
+ AC_MSG_RESULT("Linux")
+ ;;
+ *)
+ AC_MSG_RESULT("Other")
+ ;;
esac
dnl ==========================================================================
dnl - without dynamic xmlsec-crypto loading
dnl ==========================================================================
AC_MSG_CHECKING(for development environment)
-AC_ARG_ENABLE([development], [AC_HELP_STRING([--enable-development], [enable development environment (no)])])
+AC_ARG_ENABLE([development], [AS_HELP_STRING([--enable-development],[enable development environment (no)])])
if test "z$enable_development" = "zyes" ; then
enable_debugging="yes"
enable_pedantic="yes"
dnl Do we want to build manpages?
dnl ==========================================================================
AC_MSG_CHECKING(for man pages build)
-AC_ARG_ENABLE([manpages_build], [AC_HELP_STRING([--enable-manpages-build], [man pages build (no)])])
+AC_ARG_ENABLE([manpages_build], [AS_HELP_STRING([--enable-manpages-build],[man pages build (no)])])
if test "z$enable_manpages_build" = "zyes" ; then
AM_CONDITIONAL(BUILD_MANPAGES, [test x"$HELP2MAN" != x])
AC_MSG_RESULT([yes])
dnl Do we want to build docs?
dnl ==========================================================================
AC_MSG_CHECKING(for docs build)
-AC_ARG_ENABLE([docs_build], [AC_HELP_STRING([--enable-docs-build], [docs build (no)])])
+AC_ARG_ENABLE([docs_build], [AS_HELP_STRING([--enable-docs-build],[docs build (no)])])
if test "z$enable_docs_build" = "zyes" ; then
AM_CONDITIONAL(BUILD_MAN_DOCS, [test x"$PERL" != x && test x"$XSLTPROC" != x && test x"$MAN2HTML" != x])
AM_CONDITIONAL(BUILD_API_DOCS, [test x"$PERL" != x && test x"$XSLTPROC" != x && test x"$GTKDOC_MKHTML" != x && test x"$GTKDOC_MKDB" != x && test x"$GTKDOC_SCAN" != x])
fi
dnl ==========================================================================
-dnl Perform host specific configuration
-dnl ==========================================================================
-XMLSEC_EXTRA_LDFLAGS=
-XMLSEC_CRYPTO_EXTRA_LDFLAGS=
-dnl should separate extra LDFLAGS for xmlsec and crypto libs ?
-dnl should --enable-runtime-pseudo-reloc for mingw and cygwin ?
-if test -n "$shrext"; then
- XMLSEC_SHLIBSFX="$shrext"
-else
- dnl changed in libtool (between 1.5.2 and 1.5.14)
- XMLSEC_SHLIBSFX="$shrext_cmds"
-fi
-case "${host}" in
- *aix* )
- CFLAGS="${CFLAGS} -D_ALL_SOURCE"
- ;;
- *-*-mingw*)
- dnl use libtool flags "-avoid-version" to create shared
- dnl libraries without version suffix, i.e. libxmlsec1.dll
- dnl instead libxmlsec1-NN.dll, where NN is a number.
- XMLSEC_EXTRA_LDFLAGS="-no-undefined -avoid-version"
- XMLSEC_CRYPTO_EXTRA_LDFLAGS="-no-undefined -avoid-version"
- XMLSEC_SHLIBSFX=".dll.a"
- ;;
- *-*-cygwin*)
- XMLSEC_EXTRA_LDFLAGS="-no-undefined"
- XMLSEC_CRYPTO_EXTRA_LDFLAGS="-no-undefined"
- ;;
- *-*-darwin*)
- XMLSEC_SHLIBSFX=".dylib"
- ;;
-esac
-
-dnl ==========================================================================
dnl Hack for autoconf version mismatch
dnl ==========================================================================
if test "z$shrext" = "z" ; then
fi
dnl ==========================================================================
-dnl check do we have size_t and its size,
-dnl TODO: will need to replace this and the xmlSecSize define with
-dnl typedef on next ABI refresh
-dnl ==========================================================================
-AC_CHECK_SIZEOF(size_t)
-if test "$ac_cv_sizeof_size_t" -ne "4" ; then
- XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SIZE_T"
-fi
-
-dnl ==========================================================================
dnl Check if pkg-config is enabled and installed
dnl ==========================================================================
PKGCONFIG_FOUND="no"
-AC_ARG_ENABLE([pkgconfig], [AC_HELP_STRING([--enable-pkgconfig], [enable pkgconfig for configuration (yes)])])
+AC_ARG_ENABLE([pkgconfig], [AS_HELP_STRING([--enable-pkgconfig],[enable pkgconfig for configuration (yes)])])
if test "z$enable_pkgconfig" != "zno" ; then
PKG_PROG_PKG_CONFIG
PKGCONFIG_FOUND="yes"
dnl Check if packages custom config scripts are enabled
dnl ==========================================================================
ENABLE_CUSTOM_CONFIGS="no"
-AC_ARG_ENABLE([custom-configs], [AC_HELP_STRING([--enable-custom-configs], [enable package-specific custom scripts for configuration (yes)])])
+AC_ARG_ENABLE([custom-configs], [AS_HELP_STRING([--enable-custom-configs],[enable package-specific custom scripts for configuration (yes)])])
if test "z$enable_custom_configs" != "zno" ; then
ENABLE_CUSTOM_CONFIGS="yes"
else
dnl Check searching for typical packages folders is enabled
dnl ==========================================================================
ENABLE_FOLDERS_SEARCH="no"
-AC_ARG_ENABLE([folders-search], [AC_HELP_STRING([--enable-folders-search], [enable searching for package installation in typical folders (yes)])])
+AC_ARG_ENABLE([folders-search], [AS_HELP_STRING([--enable-folders-search],[enable searching for package installation in typical folders (yes)])])
if test "z$enable_folders_search" != "zno" ; then
ENABLE_FOLDERS_SEARCH="yes"
else
])
dnl ==========================================================================
+dnl check do we have size_t and its size,
+dnl TODO: will need to replace this and the xmlSecSize define with
+dnl typedef on next ABI refresh
+dnl ==========================================================================
+AC_CHECK_SIZEOF(size_t)
+
+XMLSEC_USE_SIZE_T="no"
+AC_ARG_ENABLE([size-t], [AS_HELP_STRING([--enable-size-t],[enable xmsSecSize typedef to size_t (no)])])
+AC_MSG_CHECKING(for using size_t)
+if test "z$enable_size_t" = "zyes" ; then
+ XMLSEC_USE_SIZE_T="yes"
+ AC_MSG_RESULT([yes])
+else
+ XMLSEC_USE_SIZE_T="no"
+ AC_MSG_RESULT([no])
+fi
+
+if test "z$XMLSEC_USE_SIZE_T" != "zyes" -a "$ac_cv_sizeof_size_t" -ne "4" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SIZE_T"
+fi
+
+dnl ==========================================================================
dnl find libxml
dnl ==========================================================================
LIBXML_MIN_VERSION="2.8.0"
LIBXML_LIB_PATH=
LIBXML_CONFIG_PATH=
LIBXML_FOUND="no"
-AC_ARG_WITH([libxml], [AC_HELP_STRING([--with-libxml@<:@=PFX@:>@], [libxml2 location])])
-AC_ARG_WITH([libxml-src], [AC_HELP_STRING([--with-libxml-src@<:@=PFX@:>@], [libxml2 source tree location])])
+AC_ARG_WITH([libxml], [AS_HELP_STRING([--with-libxml@<:@=PFX@:>@],[libxml2 location])])
+AC_ARG_WITH([libxml-src], [AS_HELP_STRING([--with-libxml-src@<:@=PFX@:>@],[libxml2 source tree location])])
dnl Priority 0: LibXML2 is disabled: hard error.
if test "z$with_libxml" = "zno" -o "z$with_libxml_src" = "zno"; then
AC_MSG_RESULT([yes])
elif test [ -f "$with_libxml/include/libxml2/$LIBXML_INCLUDE_MARKER" ] -a [ -f "$with_libxml/lib/$LIBXML_SHARED_LIB_MARKER" -o -f "$with_libxml/lib/$LIBXML_STATIC_LIB_MARKER" ] ; then
LIBXML_INCLUDE_PATH="$with_libxml/include/libxml2"
- LIBXSLT_LIB_PATH="$with_libxml/lib"
+ LIBXML_LIB_PATH="$with_libxml/lib"
LIBXML_FOUND="yes"
AC_MSG_RESULT([yes])
else
LIBXSLT_LIB_PATH=
LIBXSLT_CONFIG_PATH=
LIBXSLT_FOUND="no"
-AC_ARG_WITH([libxslt], [AC_HELP_STRING([--with-libxslt@<:@=PFX@:>@], [libxslt location])])
-AC_ARG_WITH([libxslt-src], [AC_HELP_STRING([--with-libxslt-src@<:@=PFX@:>@],[libxslt source tree location])])
+AC_ARG_WITH([libxslt], [AS_HELP_STRING([--with-libxslt@<:@=PFX@:>@],[libxslt location])])
+AC_ARG_WITH([libxslt-src], [AS_HELP_STRING([--with-libxslt-src@<:@=PFX@:>@],[libxslt source tree location])])
dnl Priority 0: Check if library is not needed
if test "z$with_libxslt" = "zno" -o "z$with_libxslt_src" = "zno" ; then
dnl ==========================================================================
OPENSSL_MIN_VERSION="1.0.0"
OPENSSL_INCLUDE_DIR="$COMMON_INCLUDE_DIR /usr/local/ssl/include"
-OPENSSL_LIB_DIR="$COMMON_LIB_DIR /usr/local/ssl/lib"
+OPENSSL_LIB_DIR="$COMMON_LIB_DIR /usr/local/ssl/lib /usr/local/ssl/lib64"
OPENSSL_CRYPTO_LIB="$XMLSEC_PACKAGE-openssl"
OPENSSL_INCLUDE_MARKER="openssl/opensslv.h"
OPENSSL_LIB_SHARED_MARKER="libcrypto$shrext"
OPENSSL_VERSION=""
OPENSSL_INCLUDE_PATH=
OPENSSL_LIB_PATH=
+OPENSSL_TEST_CONFIG=
OPENSSL_FOUND=no
-AC_ARG_WITH([openssl], [AC_HELP_STRING([--with-openssl@<:@=PFX@:>@], [openssl location])])
+AC_ARG_WITH([openssl], [AS_HELP_STRING([--with-openssl@<:@=PFX@:>@],[openssl location])])
dnl Priority 0: Check if library is disabled
if test "z$with_openssl" = "zno" ; then
OPENSSL_LIB_PATH="$with_openssl/lib"
OPENSSL_FOUND="yes"
AC_MSG_RESULT([yes])
+ elif test -f "$with_openssl/include/$OPENSSL_INCLUDE_MARKER" -a -f "$with_openssl/lib64/$OPENSSL_LIB_SHARED_MARKER" ; then
+ OPENSSL_INCLUDE_PATH="$with_openssl/include"
+ OPENSSL_LIB_PATH="$with_openssl/lib64"
+ OPENSSL_FOUND="yes"
+ AC_MSG_RESULT([yes])
elif test -f "$with_openssl/include/$OPENSSL_INCLUDE_MARKER" -a -f "$with_openssl/lib/$OPENSSL_LIB_STATIC_MARKER" ; then
OPENSSL_INCLUDE_PATH="$with_openssl/include"
OPENSSL_LIB_PATH="$with_openssl/lib"
OPENSSL_FOUND="yes"
AC_MSG_RESULT([yes])
+ elif test -f "$with_openssl/include/$OPENSSL_INCLUDE_MARKER" -a -f "$with_openssl/libi64/$OPENSSL_LIB_STATIC_MARKER" ; then
+ OPENSSL_INCLUDE_PATH="$with_openssl/include"
+ OPENSSL_LIB_PATH="$with_openssl/lib64"
+ OPENSSL_FOUND="yes"
+ AC_MSG_RESULT([yes])
else
- AC_MSG_ERROR([not found: "$with_openssl/include/$OPENSSL_INCLUDE_MARKER" or "$with_openssl/lib/$OPENSSL_LIB_SHARED_MARKER" or "$with_openssl/lib/$OPENSSL_LIB_STATIC_MARKER" files don't exist), typo?])
+ AC_MSG_ERROR([not found: "$with_openssl/include/$OPENSSL_INCLUDE_MARKER" or "$with_openssl/lib(64)/$OPENSSL_LIB_SHARED_MARKER" or "$with_openssl/lib(64)/$OPENSSL_LIB_STATIC_MARKER" files don't exist), typo?])
fi
fi
LIBS="$LIBS $OPENSSL_LIBS $OPENSSL_LIBS_LIST"
AC_LINK_IFELSE([
AC_LANG_PROGRAM([[
- #include <openssl/opensslv.h>
+ #include <openssl/ssl.h>
]],[[
int main () {
#if OPENSSL_VERSION_NUMBER < 0x10100000L
if test "z$OPENSSL_VERSION" = "z" ; then
AC_EGREP_CPP(greater-than-minvers, [
#include <openssl/opensslv.h>
+ #if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ greater-than-minvers
+ #endif
+ ],[
+ OPENSSL_VERSION="3.0.0"
+ OPENSSL_TEST_CONFIG="openssl3.cnf"
+ ],[
+ OPENSSL_VERSION=""
+ ])
+ fi
+
+ if test "z$OPENSSL_VERSION" = "z" ; then
+ AC_EGREP_CPP(greater-than-minvers, [
+ #include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
greater-than-minvers
#endif
AC_SUBST(OPENSSL_CFLAGS)
AC_SUBST(OPENSSL_LIBS)
AC_SUBST(OPENSSL_CRYPTO_LIB)
+AC_SUBST(OPENSSL_TEST_CONFIG)
AC_SUBST(OPENSSL_MIN_VERSION)
+dnl See if we should build OpenSSL 3+ with engines support
+AC_ARG_ENABLE([openssl3_engines],[AS_HELP_STRING([--enable-openssl3-engines],[enable engines support for OpenSSL 3+ (no)])])
+if test "z$OPENSSL_VERSION" = "z3.0.0" ; then
+ AC_MSG_CHECKING(for OpenSSL 3+ engines support)
+ if test "z$enable_openssl3_engines" = "zyes" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_OPENSSL3_ENGINES=1"
+ AC_MSG_RESULT([enabled])
+ else
+ AC_MSG_RESULT([disabled])
+ fi
+fi
+
dnl ==========================================================================
dnl See if we can find NSS and NSPR
dnl Allow the use of:
dnl 2 overrides 1
dnl
dnl ==========================================================================
-NSS_MIN_VERSION="3.11.1"
-NSPR_MIN_VERSION="4.4.1"
+NSS_MIN_VERSION="3.49"
+NSPR_MIN_VERSION="4.25.0"
SEAMONKEY_MIN_VERSION="1.0"
MOZILLA_MIN_VERSION="1.4"
NSS_CRYPTO_LIB="$XMLSEC_PACKAGE-nss"
NSS_LIB_PATH=
NSS_FOUND="no"
NSPR_FOUND="no"
-AC_ARG_WITH([nss], [AC_HELP_STRING([--with-nss@<:@=PFX@:>@], [nss location])])
-AC_ARG_WITH([nspr], [AC_HELP_STRING([--with-nspr@<:@=PFX@:>@], [nspr location (needed for NSS)])])
-AC_ARG_WITH([seamonkey_ver], [AC_HELP_STRING([--with-seamonkey-ver@<:@=VER@:>@], [mozilla version (alt to --with-nss, --with-nspr)])])
-AC_ARG_WITH([mozilla_ver], [AC_HELP_STRING([--with-mozilla-ver@<:@=VER@:>@], [mozilla version (alt to --with-nss, --with-nspr)])])
+AC_ARG_WITH([nss], [AS_HELP_STRING([--with-nss@<:@=PFX@:>@],[nss location])])
+AC_ARG_WITH([nspr], [AS_HELP_STRING([--with-nspr@<:@=PFX@:>@],[nspr location (needed for NSS)])])
+AC_ARG_WITH([seamonkey_ver], [AS_HELP_STRING([--with-seamonkey-ver@<:@=VER@:>@],[mozilla version (alt to --with-nss, --with-nspr)])])
+AC_ARG_WITH([mozilla_ver], [AS_HELP_STRING([--with-mozilla-ver@<:@=VER@:>@],[mozilla version (alt to --with-nss, --with-nspr)])])
dnl Priority 0: Check if library is disabled
if test "z$with_nss" = "zno" -o "z$with_nspr" = "zno" ; then
GCRYPT_INCLUDE_PATH=
GCRYPT_LIB_PATH=
GCRYPT_FOUND="no"
-AC_ARG_WITH([gcrypt], [AC_HELP_STRING([--with-gcrypt@<:@=PFX@:>@], [gcrypt location])])
+AC_ARG_WITH([gcrypt], [AS_HELP_STRING([--with-gcrypt@<:@=PFX@:>@],[gcrypt location])])
dnl Priority 0: Check if library is not needed
if test "z$with_gcrypt" = "zno" ; then
GNUTLS_INCLUDE_PATH=
GNUTLS_LIB_PATH=
GNUTLS_FOUND="no"
-AC_ARG_WITH([gnutls], [AC_HELP_STRING([--with-gnutls@<:@=PFX@:>@], [gnutls location])])
+AC_ARG_WITH([gnutls], [AS_HELP_STRING([--with-gnutls@<:@=PFX@:>@],[gnutls location])])
dnl Priority 0: Check if library is not needed
if test "z$with_gnutls" = "zno" ; then
XMLSEC_NO_MSCRYPTO="1"
MSCRYPTO_FOUND="no"
-AC_ARG_ENABLE([mscrypto], [AC_HELP_STRING([--enable-mscrypto], [enable mscrypto (no)])])
+AC_ARG_ENABLE([mscrypto], [AS_HELP_STRING([--enable-mscrypto],[enable mscrypto (no)])])
+AC_MSG_CHECKING(for mscrypto)
dnl Priority 0: Check if library is not needed
-if test "z$enable_mscrypto" = "zno" ; then
+if test "z$enable_mscrypto" != "zyes" ; then
MSCRYPTO_FOUND="disabled"
+ AC_MSG_RESULT([disabled])
fi
dnl Priority 1: User sets both CFLAGS and LIBS flags
if test "z$MSCRYPTO_FOUND" = "zno" -a "z$MSCRYPTO_CFLAGS" != "z" -a "z$MSCRYPTO_LIBS" != "z" ; then
MSCRYPTO_FOUND=yes
+ AC_MSG_RESULT([yes])
fi
dnl Priority 2: Just try to compile/link and hope for the best
if test "z$MSCRYPTO_FOUND" = "zno" ; then
- AC_MSG_CHECKING(for mscrypto)
OLD_CPPFLAGS=$CPPFLAGS
CPPFLAGS="$CPPFLAGS $MSCRYPTO_CFLAGS"
OLD_LIBS=$LIBS
#include <windows.h>
#include <wincrypt.h>
]],[[
- int main () { CertOpenStore(0,0,0,0,0);; return(0); }
+ CertOpenStore(0,0,0,0,0);
]])
],[
MSCRYPTO_FOUND=yes
XMLSEC_NO_MSCNG="1"
MSCNG_FOUND="no"
-AC_ARG_ENABLE([mscng], [AC_HELP_STRING([--enable-mscng], [enable mscng (no)])])
+AC_ARG_ENABLE([mscng], [AS_HELP_STRING([--enable-mscng],[enable mscng (no)])])
+AC_MSG_CHECKING(for mscng)
dnl Priority 0: Check if library is not needed
-if test "z$enable_mscng" = "zno" ; then
+if test "z$enable_mscng" != "zyes" ; then
MSCNG_FOUND="disabled"
+ AC_MSG_RESULT([disabled])
fi
dnl Priority 1: User sets both CFLAGS and LIBS flags
if test "z$MSCNG_FOUND" = "zno" -a "z$MSCNG_CFLAGS" != "z" -a "z$MSCNG_LIBS" != "z" ; then
MSCNG_FOUND=yes
+ AC_MSG_RESULT([yes])
fi
dnl Priority 2: Just try to compile/link and hope for the best
if test "z$MSCNG_FOUND" = "zno" ; then
- AC_MSG_CHECKING(for mscng)
OLD_CPPFLAGS=$CPPFLAGS
CPPFLAGS="$CPPFLAGS $MSCNG_CFLAGS"
OLD_LIBS=$LIBS
#include <windows.h>
#include <wincrypt.h>
]],[[
- int main () {
- BCRYPT_ALG_HANDLE hAlg;
- BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_SHA256_ALGORITHM, NULL, 0);
- return(0);
- }
+ BCRYPT_ALG_HANDLE hAlg;
+ BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_SHA256_ALGORITHM, NULL, 0);
]])
],[
MSCNG_FOUND=yes
XMLSEC_CRYPTO_CFLAGS=""
XMLSEC_CRYPTO_LIBS=""
AC_MSG_CHECKING(for default crypto library)
-AC_ARG_WITH([default_crypto], [AC_HELP_STRING([--with-default-crypto=name], [default crypto name])])
+AC_ARG_WITH([default_crypto], [AS_HELP_STRING([--with-default-crypto=name],[default crypto name])])
# check the argument
case "z$with_default_crypto" in
XMLSEC_CRYPTO_LIBS="$GCRYPT_LIBS"
;;
*)
- AC_MSG_ERROR(The value \"$XMLSEC_DEFAULT_CRYPTO\" is not a recongnized crypto library name)
+ AC_MSG_ERROR(The value '$XMLSEC_DEFAULT_CRYPTO' is not a recongnized crypto library name)
;;
esac
AC_MSG_RESULT([yes ("$XMLSEC_DEFAULT_CRYPTO")])
dnl ==========================================================================
dnl Do we need to use Unicode (Windows build only)
dnl ==========================================================================
-if test "z$build_windows" = "zyes" ; then
+if test "z$build_on_windows" = "zyes" ; then
AC_MSG_CHECKING(for Unicode support)
- AC_ARG_ENABLE([unicode], [AC_HELP_STRING([--enable-unicode], [enable Unicode support on Windows (yes)])])
- if test "z$enable_unicode" = "zyes" ; then
- XMLSEC_DEFINES="$XMLSEC_DEFINES -DUNICODE=1"
+ AC_ARG_ENABLE([unicode], [AS_HELP_STRING([--enable-unicode],[enable Unicode support on Windows (yes)])])
+ if test "z$enable_unicode" = "zyes" -o "z$enable_unicode" = "ztrue" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DUNICODE=1 -D_UNICODE=1"
+ case "${host}" in
+ *-*-mingw*)
+ XMLSEC_EXTRA_LDFLAGS="$XMLSEC_EXTRA_LDFLAGS -municode"
+ XMLSEC_CRYPTO_EXTRA_LDFLAGS="$XMLSEC_CRYPTO_EXTRA_LDFLAGS -municode"
+ ;;
+ *)
+ ;;
+ esac
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([no])
fi
dnl ==========================================================================
+dnl See do we need files support
+dnl ==========================================================================
+AC_MSG_CHECKING(for files support)
+AC_ARG_ENABLE([files], [AS_HELP_STRING([--enable-files],[enable files support (yes)])])
+if test "z$enable_files" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_FILES=1"
+ XMLSEC_NO_FILES="1"
+ AC_MSG_RESULT([no (tests will be broken!)])
+else
+ XMLSEC_NO_FILES="0"
+ AC_MSG_RESULT([yes])
+fi
+AM_CONDITIONAL(XMLSEC_NO_FILES, test "z$XMLSEC_NO_FILES" = "z1")
+AC_SUBST(XMLSEC_NO_FILES)
+
+dnl ==========================================================================
+dnl See do we need FTP support
+dnl ==========================================================================
+AC_MSG_CHECKING(for FTP support)
+AC_ARG_ENABLE([ftp], [AS_HELP_STRING([--enable-ftp],[enable FTP support (no, deprecated)])])
+if test "z$enable_ftp" = "zyes" ; then
+ XMLSEC_NO_FTP="0"
+ AC_MSG_RESULT([yes (deprecated)])
+else
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_FTP=1"
+ XMLSEC_NO_FTP="1"
+ AC_MSG_RESULT([disabled])
+fi
+AM_CONDITIONAL(XMLSEC_NO_FTP, test "z$XMLSEC_NO_FTP" = "z1")
+AC_SUBST(XMLSEC_NO_FTP)
+
+dnl ==========================================================================
+dnl See do we need HTTP support
+dnl ==========================================================================
+AC_MSG_CHECKING(for HTTP support)
+AC_ARG_ENABLE([http], [AS_HELP_STRING([--enable-http],[enable HTTP support (yes)])])
+if test "z$enable_http" = "zno" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_HTTP=1"
+ XMLSEC_NO_HTTP="1"
+ AC_MSG_RESULT([no])
+else
+ XMLSEC_NO_HTTP="0"
+ AC_MSG_RESULT([yes])
+fi
+AM_CONDITIONAL(XMLSEC_NO_HTTP, test "z$XMLSEC_NO_HTTP" = "z1")
+AC_SUBST(XMLSEC_NO_HTTP)
+
+dnl ==========================================================================
dnl See do we need MD5 support
dnl ==========================================================================
AC_MSG_CHECKING(for MD5 support)
-AC_ARG_ENABLE([md5], [AC_HELP_STRING([--enable-md5], [enable MD5 support (yes)])])
+AC_ARG_ENABLE([md5], [AS_HELP_STRING([--enable-md5],[enable MD5 support (yes)])])
if test "z$enable_md5" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_MD5=1"
XMLSEC_NO_MD5="1"
dnl See do we need RIPEMD-160 support
dnl ==========================================================================
AC_MSG_CHECKING(for RIPEMD-160 support)
-AC_ARG_ENABLE([ripemd160], [AC_HELP_STRING([--enable-ripemd160], [enable RIPEMD-160 support (yes)])])
+AC_ARG_ENABLE([ripemd160], [AS_HELP_STRING([--enable-ripemd160],[enable RIPEMD-160 support (yes)])])
if test "z$enable_ripemd160" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_RIPEMD160=1"
XMLSEC_NO_RIPEMD160="1"
dnl See do we need SHA1 support
dnl ==========================================================================
AC_MSG_CHECKING(for SHA1 support)
-AC_ARG_ENABLE([sha1], [AC_HELP_STRING([--enable-sha1], [enable SHA1 support (yes)])])
+AC_ARG_ENABLE([sha1], [AS_HELP_STRING([--enable-sha1],[enable SHA1 support (yes)])])
if test "z$enable_sha1" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SHA1=1"
XMLSEC_NO_SHA1="1"
dnl See do we need SHA224 support
dnl ==========================================================================
AC_MSG_CHECKING(for SHA224 support)
-AC_ARG_ENABLE([sha224], [AC_HELP_STRING([--enable-sha224], [enable SHA224 support (yes)])])
+AC_ARG_ENABLE([sha224], [AS_HELP_STRING([--enable-sha224],[enable SHA224 support (yes)])])
if test "z$enable_sha224" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SHA224=1"
XMLSEC_NO_SHA224="1"
dnl See do we need SHA256 support
dnl ==========================================================================
AC_MSG_CHECKING(for SHA256 support)
-AC_ARG_ENABLE([sha256], [AC_HELP_STRING([--enable-sha256], [enable SHA256 support (yes)])])
+AC_ARG_ENABLE([sha256], [AS_HELP_STRING([--enable-sha256],[enable SHA256 support (yes)])])
if test "z$enable_sha256" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SHA256=1"
XMLSEC_NO_SHA256="1"
dnl See do we need SHA384 support
dnl ==========================================================================
AC_MSG_CHECKING(for SHA384 support)
-AC_ARG_ENABLE([sha384], [AC_HELP_STRING([--enable-sha384], [enable SHA384 support (yes)])])
+AC_ARG_ENABLE([sha384], [AS_HELP_STRING([--enable-sha384],[enable SHA384 support (yes)])])
if test "z$enable_sha384" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SHA384=1"
XMLSEC_NO_SHA384="1"
dnl See do we need SHA512 support
dnl ==========================================================================
AC_MSG_CHECKING(for SHA512 support)
-AC_ARG_ENABLE([sha512], [AC_HELP_STRING([--enable-sha512], [enable SHA512 support (yes)])])
+AC_ARG_ENABLE([sha512], [AS_HELP_STRING([--enable-sha512],[enable SHA512 support (yes)])])
if test "z$enable_sha512" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SHA512=1"
XMLSEC_NO_SHA512="1"
AM_CONDITIONAL(XMLSEC_NO_SHA512, test "z$XMLSEC_NO_SHA512" = "z1")
AC_SUBST(XMLSEC_NO_SHA512)
-
dnl ==========================================================================
dnl See do we need HMAC support
dnl ==========================================================================
AC_MSG_CHECKING(for HMAC support)
-AC_ARG_ENABLE([hmac], [AC_HELP_STRING([--enable-hmac], [enable HMAC support (yes)])])
+AC_ARG_ENABLE([hmac], [AS_HELP_STRING([--enable-hmac],[enable HMAC support (yes)])])
if test "z$enable_hmac" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_HMAC=1"
XMLSEC_NO_HMAC="1"
dnl See do we need DSA support
dnl ==========================================================================
AC_MSG_CHECKING(for DSA support)
-AC_ARG_ENABLE([dsa], [AC_HELP_STRING([--enable-dsa], [enable DSA support (yes)])])
+AC_ARG_ENABLE([dsa], [AS_HELP_STRING([--enable-dsa],[enable DSA support (yes)])])
if test "z$enable_dsa" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_DSA=1"
XMLSEC_NO_DSA="1"
AC_SUBST(XMLSEC_NO_DSA)
dnl ==========================================================================
+dnl See do we need MD5 support
+dnl ==========================================================================
+AC_MSG_CHECKING(for MD5 support)
+AC_ARG_ENABLE([md5], [AS_HELP_STRING([--enable-md5],[enable MD5 support (no, deprecated)])])
+if test "z$enable_md5" = "zyes" ; then
+ XMLSEC_NO_MD5="0"
+ AC_MSG_RESULT([yes (deprecated)])
+else
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_MD5=1"
+ XMLSEC_NO_MD5="1"
+ AC_MSG_RESULT([disabled])
+fi
+AM_CONDITIONAL(XMLSEC_NO_MD5, test "z$XMLSEC_NO_MD5" = "z1")
+AC_SUBST(XMLSEC_NO_MD5)
+
+dnl ==========================================================================
dnl See do we need RSA support
dnl ==========================================================================
AC_MSG_CHECKING(for RSA support)
-AC_ARG_ENABLE([rsa], [AC_HELP_STRING([--enable-rsa], [enable RSA support (yes)])])
+AC_ARG_ENABLE([rsa], [AS_HELP_STRING([--enable-rsa],[enable RSA support (yes)])])
if test "z$enable_rsa" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_RSA=1"
XMLSEC_NO_RSA="1"
dnl See do we need x509 support
dnl ==========================================================================
AC_MSG_CHECKING(for x509 support)
-AC_ARG_ENABLE([x509], [AC_HELP_STRING([--enable-x509], [enable x509 support (yes)])])
+AC_ARG_ENABLE([x509], [AS_HELP_STRING([--enable-x509],[enable x509 support (yes)])])
if test "z$enable_x509" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_X509=1"
XMLSEC_NO_X509="1"
dnl See do we need DES support
dnl ==========================================================================
AC_MSG_CHECKING(for DES support)
-AC_ARG_ENABLE([des], [AC_HELP_STRING([--enable-des], [enable DES support (yes)])])
+AC_ARG_ENABLE([des], [AS_HELP_STRING([--enable-des],[enable DES support (yes)])])
if test "z$enable_des" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_DES=1"
XMLSEC_NO_DES="1"
dnl See do we need AES support
dnl ==========================================================================
AC_MSG_CHECKING(for AES support)
-AC_ARG_ENABLE([aes], [AC_HELP_STRING([--enable-aes], [enable AES support])])
+AC_ARG_ENABLE([aes], [AS_HELP_STRING([--enable-aes],[enable AES support])])
if test "z$enable_aes" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_AES=1"
XMLSEC_NO_AES="1"
dnl See do we need GOST support
dnl ==========================================================================
AC_MSG_CHECKING(for GOST support)
-AC_ARG_ENABLE([gost], [AC_HELP_STRING([--enable-gost], [enable GOST support (no)])])
+AC_ARG_ENABLE([gost], [AS_HELP_STRING([--enable-gost],[enable GOST support (no)])])
if test "z$enable_gost" != "zyes" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_GOST=1"
XMLSEC_NO_GOST="1"
dnl See do we need GOST2012 support
dnl ==========================================================================
AC_MSG_CHECKING(for EXPERMIENTAL GOST2012 support)
-AC_ARG_ENABLE([gost2012], [AC_HELP_STRING([--enable-gost2012], [enable EXPERMIENTAL GOST2012 support (no)])])
+AC_ARG_ENABLE([gost2012], [AS_HELP_STRING([--enable-gost2012],[enable EXPERMIENTAL GOST2012 support (no)])])
if test "z$enable_gost2012" != "zyes" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_GOST2012=1"
XMLSEC_NO_GOST2012="1"
dnl See do we need XMLDSig support
dnl ==========================================================================
AC_MSG_CHECKING(for XMLDSig support)
-AC_ARG_ENABLE([xmldsig], [AC_HELP_STRING([--enable-xmldsig], [enable XMLDSig support (yes)])])
+AC_ARG_ENABLE([xmldsig], [AS_HELP_STRING([--enable-xmldsig],[enable XMLDSig support (yes)])])
if test "z$enable_xmldsig" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_XMLDSIG=1"
XMLSEC_NO_XMLDSIG="1"
dnl See do we need XMLEnc support
dnl ==========================================================================
AC_MSG_CHECKING(for XMLEnc support)
-AC_ARG_ENABLE([xmlenc], [AC_HELP_STRING([--enable-xmlenc], [enable XMLEnc support (yes)])])
+AC_ARG_ENABLE([xmlenc], [AS_HELP_STRING([--enable-xmlenc],[enable XMLEnc support (yes)])])
if test "z$enable_xmlenc" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_XMLENC=1"
XMLSEC_NO_XMLENC="1"
dnl See do we need soap support (deprecated)
dnl ==========================================================================
AC_MSG_CHECKING(for soap support)
-AC_ARG_ENABLE([soap], [AC_HELP_STRING([--enable-soap], [enable soap support (no)])])
+AC_ARG_ENABLE([soap], [AS_HELP_STRING([--enable-soap],[enable soap support (no)])])
if test "z$enable_soap" = "zyes" ; then
XMLSEC_ENABLE_SOAP="1"
AC_MSG_RESULT([yes])
dnl See do we need mans
dnl ==========================================================================
AC_MSG_CHECKING(for mans)
-AC_ARG_ENABLE([mans], [AC_HELP_STRING([--enable-mans], [enable manual pages (yes)])])
+AC_ARG_ENABLE([mans], [AS_HELP_STRING([--enable-mans],[enable manual pages (yes)])])
if test "z$enable_mans" = "zno" ; then
XMLSEC_MANS="0"
AC_MSG_RESULT([disabled])
dnl See do we need docs
dnl ==========================================================================
AC_MSG_CHECKING(for docs)
-AC_ARG_ENABLE([docs], [AC_HELP_STRING([--enable-docs], [enable documentation (yes)])])
+AC_ARG_ENABLE([docs], [AS_HELP_STRING([--enable-docs],[enable documentation (yes)])])
if test "z$enable_docs" = "zno" ; then
XMLSEC_DOCS="0"
AC_MSG_RESULT([disabled])
dnl See if we need apps
dnl ==========================================================================
AC_MSG_CHECKING(for apps)
-AC_ARG_ENABLE([apps], [AC_HELP_STRING([--enable-apps], [enable applications (yes)])])
+AC_ARG_ENABLE([apps], [AS_HELP_STRING([--enable-apps],[enable applications (yes)])])
if test "z$enable_apps" = "zno" ; then
XMLSEC_APPS="0"
AC_MSG_RESULT([disabled])
dnl ==========================================================================
XMLSEC_STATIC_BINARIES=""
AC_MSG_CHECKING(for static linking)
-AC_ARG_ENABLE([static_linking], [AC_HELP_STRING([--enable-static-linking], [enable static linking (no)])])
-if test "z$enable_static_linking" = "zyes" ; then
+AC_ARG_ENABLE([static_linking], [AS_HELP_STRING([--enable-static-linking],[enable static linking (no)])])
+if test "z$enable_static_linking" = "zyes" -o "z$enable_static_linking" = "ztrue" ; then
XMLSEC_STATIC_BINARIES="-static"
+ if test "z$build_on_windows" = "zyes" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_STATIC=1"
+ fi
XMLSEC_APP_DEFINES="$XMLSEC_APP_DEFINES -DXMLSEC_STATIC=1"
enable_crypto_dl="no"
AC_MSG_RESULT([yes])
dnl ==========================================================================
XMLSEC_DL_INCLUDES=""
XMLSEC_DL_LIBS=""
-AC_ARG_ENABLE([crypto_dl], [AC_HELP_STRING([--enable-crypto-dl], [enable dynamic loading support for xmlsec-crypto libraries (yes)])])
+AC_ARG_ENABLE([crypto_dl], [AS_HELP_STRING([--enable-crypto-dl],[enable dynamic loading support for xmlsec-crypto libraries (yes)])])
if test "z$enable_crypto_dl" = "zno" ; then
AC_MSG_CHECKING(for xmlsec-crypto dynamic loading support)
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_CRYPTO_DYNAMIC_LOADING=1"
dnl check if we need dynamic loading in the xmlsec apps
dnl ==========================================================================
AC_MSG_CHECKING(for xmlsec-crypto dynamic loading support in command line tool)
-AC_ARG_ENABLE([apps_crypto_dl], [AC_HELP_STRING([--enable-apps-crypto-dl], [ enable dynamic loading support for xmlsec-crypto libraries in xmlsec command line tool (yes)])])
+AC_ARG_ENABLE([apps_crypto_dl], [AS_HELP_STRING([--enable-apps-crypto-dl],[ enable dynamic loading support for xmlsec-crypto libraries in xmlsec command line tool (yes)])])
if test "z$enable_apps_crypto_dl" = "z" ; then
enable_apps_crypto_dl="$enable_crypto_dl"
fi
dnl Where do we want to install docs
dnl ==========================================================================
AC_MSG_CHECKING(for docs folder)
-AC_ARG_WITH([html-dir], [AC_HELP_STRING([--with-html-dir=PATH], [path to installed docs])])
+AC_ARG_WITH([html-dir], [AS_HELP_STRING([--with-html-dir=PATH],[path to installed docs])])
if test "z$with_html_dir" != "z" ; then
XMLSEC_DOCDIR="$with_html_dir"
elif test "z$htmldir" != "z" ; then
dnl See do we need Simple Keys Manager
dnl ==========================================================================
AC_MSG_CHECKING(for Simple Keys Manager testing)
-AC_ARG_ENABLE([skm], [AC_HELP_STRING([--enable-skm], [enable Simple Keys Manager testing (yes)])])
+AC_ARG_ENABLE([skm], [AS_HELP_STRING([--enable-skm],[enable Simple Keys Manager testing (yes)])])
if test "z$enable_skm" = "zno" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SKM_TEST=1"
AC_MSG_RESULT([disabled])
dnl See do we need templates tests
dnl ==========================================================================
AC_MSG_CHECKING(for templates testing)
-AC_ARG_ENABLE([tmpl_tests], [AC_HELP_STRING([--enable-tmpl-tests], [enable templates testing in xmlsec utility (yes)])])
+AC_ARG_ENABLE([tmpl_tests], [AS_HELP_STRING([--enable-tmpl-tests],[enable templates testing in xmlsec utility (yes)])])
if test "z$enable_tmpl_tests" = "zyes" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_TMPL_TEST=1"
AC_MSG_RESULT([disabled])
dnl Debug
dnl ==========================================================================
AC_MSG_CHECKING(for debugging)
-AC_ARG_ENABLE([debugging], [AC_HELP_STRING([--enable-debugging], [enable debugging compilation flags (no)])])
+AC_ARG_ENABLE([debugging], [AS_HELP_STRING([--enable-debugging],[enable debugging compilation flags (no)])])
if test "z$enable_debugging" = "zyes" ; then
CFLAGS="$CFLAGS -g"
AC_MSG_RESULT([yes])
dnl Warnings as errors
dnl ==========================================================================
AC_MSG_CHECKING(for warnings as errors)
-AC_ARG_ENABLE([werror], [AC_HELP_STRING([--enable-werror], [handle warnings as errors (no)])])
+AC_ARG_ENABLE([werror], [AS_HELP_STRING([--enable-werror],[handle warnings as errors (no)])])
if test "z$enable_werror" = "zyes" ; then
CFLAGS="$CFLAGS -Werror"
AC_MSG_RESULT([yes])
dnl Profiling
dnl ==========================================================================
AC_MSG_CHECKING(for profiling)
-AC_ARG_ENABLE([profiling], [AC_HELP_STRING([--enable-profiling], [enable profiling compilation flags (no)])])
+AC_ARG_ENABLE([profiling], [AS_HELP_STRING([--enable-profiling],[enable profiling compilation flags (no)])])
if test "z$enable_profiling" = "zyes" ; then
CFLAGS="$CFLAGS -pg"
AC_MSG_RESULT([yes])
dnl Pedantic compilation
dnl ==========================================================================
AC_MSG_CHECKING(for pedantic)
-AC_ARG_ENABLE([pedantic], [AC_HELP_STRING([--enable-pedantic], [enable pedantic compilation flags (no)])])
+AC_ARG_ENABLE([pedantic], [AS_HELP_STRING([--enable-pedantic],[enable pedantic compilation flags (no)])])
if test "z$enable_pedantic" = "zyes" ; then
- dnl CFLAGS="$CFLAGS -pedantic -Wall -std=c99 -W -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wformat -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Wredundant-decls"
- CFLAGS="$CFLAGS -O -pedantic -Wall -std=c99 -fno-inline -W -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wformat -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wmissing-prototypes -Wnested-externs -Wredundant-decls"
+ CFLAGS="$CFLAGS -O -std=c99 -pedantic -pedantic-errors -W -Wall -Wextra"
+ CFLAGS="$CFLAGS -fno-inline -Wnull-dereference -Wdouble-promotion"
+ CFLAGS="$CFLAGS -Wformat=2 -Wformat-security -Wformat-nonliteral"
+ CFLAGS="$CFLAGS -Wconversion -Wunused -Wshadow -Wpointer-arith -Wcast-align"
+ CFLAGS="$CFLAGS -Wwrite-strings -Waggregate-return -Wmissing-prototypes"
+ CFLAGS="$CFLAGS -Wnested-externs -Wredundant-decls"
+
+ if test "z$build_on_mac" = "zno" ; then
+ CFLAGS="$CFLAGS -Wformat-overflow=2 -Wformat-signedness"
+ fi
+ AC_MSG_RESULT([yes])
+else
+ AC_MSG_RESULT([disabled])
+fi
+
+dnl ==========================================================================
+dnl Secure memset
+dnl ==========================================================================
+AC_MSG_CHECKING(for secure memset)
+AC_ARG_ENABLE([secure-memset], [AS_HELP_STRING([--enable-secure-memset],[enable secure memset compilation flags (yes)])])
+if test "z$enable_secure_memset" != "zno" ; then
+ CFLAGS="$CFLAGS -fno-builtin-memset"
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([disabled])
fi
+
dnl ==========================================================================
dnl Final steps: xmlsec config
dnl ==========================================================================
AC_SUBST(XMLSEC_CFLAGS)
AC_SUBST(XMLSEC_LIBS)
-AC_SUBST(XMLSEC_DEFINES)
-AC_SUBST(XMLSEC_APP_DEFINES)
AC_SUBST(CFLAGS)
AC_SUBST(CPPFLAGS)
AC_SUBST(LDFLAGS)
+AC_SUBST(XMLSEC_DEFINES)
+AC_SUBST(XMLSEC_APP_DEFINES)
AC_SUBST(XMLSEC_EXTRA_LDFLAGS)
AC_SUBST(XMLSEC_CRYPTO_EXTRA_LDFLAGS)
Makefile
include/Makefile
include/xmlsec/Makefile
-include/xmlsec/private/Makefile
src/Makefile
apps/Makefile
docs/Makefile
docs/api/Makefile
man/Makefile
-
xmlsec1-openssl.pc:xmlsec-openssl.pc.in
xmlsec1-gnutls.pc:xmlsec-gnutls.pc.in
xmlsec1-gcrypt.pc:xmlsec-gcrypt.pc.in
--- /dev/null
+#! /bin/sh
+# depcomp - compile a program generating dependencies as side-effects
+
+scriptversion=2018-03-07.03; # UTC
+
+# Copyright (C) 1999-2021 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Originally written by Alexandre Oliva <oliva@dcc.unicamp.br>.
+
+case $1 in
+ '')
+ echo "$0: No command. Try '$0 --help' for more information." 1>&2
+ exit 1;
+ ;;
+ -h | --h*)
+ cat <<\EOF
+Usage: depcomp [--help] [--version] PROGRAM [ARGS]
+
+Run PROGRAMS ARGS to compile a file, generating dependencies
+as side-effects.
+
+Environment variables:
+ depmode Dependency tracking mode.
+ source Source file read by 'PROGRAMS ARGS'.
+ object Object file output by 'PROGRAMS ARGS'.
+ DEPDIR directory where to store dependencies.
+ depfile Dependency file to output.
+ tmpdepfile Temporary file to use when outputting dependencies.
+ libtool Whether libtool is used (yes/no).
+
+Report bugs to <bug-automake@gnu.org>.
+EOF
+ exit $?
+ ;;
+ -v | --v*)
+ echo "depcomp $scriptversion"
+ exit $?
+ ;;
+esac
+
+# Get the directory component of the given path, and save it in the
+# global variables '$dir'. Note that this directory component will
+# be either empty or ending with a '/' character. This is deliberate.
+set_dir_from ()
+{
+ case $1 in
+ */*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;;
+ *) dir=;;
+ esac
+}
+
+# Get the suffix-stripped basename of the given path, and save it the
+# global variable '$base'.
+set_base_from ()
+{
+ base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'`
+}
+
+# If no dependency file was actually created by the compiler invocation,
+# we still have to create a dummy depfile, to avoid errors with the
+# Makefile "include basename.Plo" scheme.
+make_dummy_depfile ()
+{
+ echo "#dummy" > "$depfile"
+}
+
+# Factor out some common post-processing of the generated depfile.
+# Requires the auxiliary global variable '$tmpdepfile' to be set.
+aix_post_process_depfile ()
+{
+ # If the compiler actually managed to produce a dependency file,
+ # post-process it.
+ if test -f "$tmpdepfile"; then
+ # Each line is of the form 'foo.o: dependency.h'.
+ # Do two passes, one to just change these to
+ # $object: dependency.h
+ # and one to simply output
+ # dependency.h:
+ # which is needed to avoid the deleted-header problem.
+ { sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile"
+ sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile"
+ } > "$depfile"
+ rm -f "$tmpdepfile"
+ else
+ make_dummy_depfile
+ fi
+}
+
+# A tabulation character.
+tab=' '
+# A newline character.
+nl='
+'
+# Character ranges might be problematic outside the C locale.
+# These definitions help.
+upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ
+lower=abcdefghijklmnopqrstuvwxyz
+digits=0123456789
+alpha=${upper}${lower}
+
+if test -z "$depmode" || test -z "$source" || test -z "$object"; then
+ echo "depcomp: Variables source, object and depmode must be set" 1>&2
+ exit 1
+fi
+
+# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po.
+depfile=${depfile-`echo "$object" |
+ sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`}
+tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`}
+
+rm -f "$tmpdepfile"
+
+# Avoid interferences from the environment.
+gccflag= dashmflag=
+
+# Some modes work just like other modes, but use different flags. We
+# parameterize here, but still list the modes in the big case below,
+# to make depend.m4 easier to write. Note that we *cannot* use a case
+# here, because this file can only contain one case statement.
+if test "$depmode" = hp; then
+ # HP compiler uses -M and no extra arg.
+ gccflag=-M
+ depmode=gcc
+fi
+
+if test "$depmode" = dashXmstdout; then
+ # This is just like dashmstdout with a different argument.
+ dashmflag=-xM
+ depmode=dashmstdout
+fi
+
+cygpath_u="cygpath -u -f -"
+if test "$depmode" = msvcmsys; then
+ # This is just like msvisualcpp but w/o cygpath translation.
+ # Just convert the backslash-escaped backslashes to single forward
+ # slashes to satisfy depend.m4
+ cygpath_u='sed s,\\\\,/,g'
+ depmode=msvisualcpp
+fi
+
+if test "$depmode" = msvc7msys; then
+ # This is just like msvc7 but w/o cygpath translation.
+ # Just convert the backslash-escaped backslashes to single forward
+ # slashes to satisfy depend.m4
+ cygpath_u='sed s,\\\\,/,g'
+ depmode=msvc7
+fi
+
+if test "$depmode" = xlc; then
+ # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information.
+ gccflag=-qmakedep=gcc,-MF
+ depmode=gcc
+fi
+
+case "$depmode" in
+gcc3)
+## gcc 3 implements dependency tracking that does exactly what
+## we want. Yay! Note: for some reason libtool 1.4 doesn't like
+## it if -MD -MP comes after the -MF stuff. Hmm.
+## Unfortunately, FreeBSD c89 acceptance of flags depends upon
+## the command line argument order; so add the flags where they
+## appear in depend2.am. Note that the slowdown incurred here
+## affects only configure: in makefiles, %FASTDEP% shortcuts this.
+ for arg
+ do
+ case $arg in
+ -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;;
+ *) set fnord "$@" "$arg" ;;
+ esac
+ shift # fnord
+ shift # $arg
+ done
+ "$@"
+ stat=$?
+ if test $stat -ne 0; then
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+ mv "$tmpdepfile" "$depfile"
+ ;;
+
+gcc)
+## Note that this doesn't just cater to obsosete pre-3.x GCC compilers.
+## but also to in-use compilers like IMB xlc/xlC and the HP C compiler.
+## (see the conditional assignment to $gccflag above).
+## There are various ways to get dependency output from gcc. Here's
+## why we pick this rather obscure method:
+## - Don't want to use -MD because we'd like the dependencies to end
+## up in a subdir. Having to rename by hand is ugly.
+## (We might end up doing this anyway to support other compilers.)
+## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like
+## -MM, not -M (despite what the docs say). Also, it might not be
+## supported by the other compilers which use the 'gcc' depmode.
+## - Using -M directly means running the compiler twice (even worse
+## than renaming).
+ if test -z "$gccflag"; then
+ gccflag=-MD,
+ fi
+ "$@" -Wp,"$gccflag$tmpdepfile"
+ stat=$?
+ if test $stat -ne 0; then
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+ rm -f "$depfile"
+ echo "$object : \\" > "$depfile"
+ # The second -e expression handles DOS-style file names with drive
+ # letters.
+ sed -e 's/^[^:]*: / /' \
+ -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile"
+## This next piece of magic avoids the "deleted header file" problem.
+## The problem is that when a header file which appears in a .P file
+## is deleted, the dependency causes make to die (because there is
+## typically no way to rebuild the header). We avoid this by adding
+## dummy dependencies for each header file. Too bad gcc doesn't do
+## this for us directly.
+## Some versions of gcc put a space before the ':'. On the theory
+## that the space means something, we add a space to the output as
+## well. hp depmode also adds that space, but also prefixes the VPATH
+## to the object. Take care to not repeat it in the output.
+## Some versions of the HPUX 10.20 sed can't process this invocation
+## correctly. Breaking it into two sed invocations is a workaround.
+ tr ' ' "$nl" < "$tmpdepfile" \
+ | sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \
+ | sed -e 's/$/ :/' >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+hp)
+ # This case exists only to let depend.m4 do its work. It works by
+ # looking at the text of this script. This case will never be run,
+ # since it is checked for above.
+ exit 1
+ ;;
+
+sgi)
+ if test "$libtool" = yes; then
+ "$@" "-Wp,-MDupdate,$tmpdepfile"
+ else
+ "$@" -MDupdate "$tmpdepfile"
+ fi
+ stat=$?
+ if test $stat -ne 0; then
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+ rm -f "$depfile"
+
+ if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files
+ echo "$object : \\" > "$depfile"
+ # Clip off the initial element (the dependent). Don't try to be
+ # clever and replace this with sed code, as IRIX sed won't handle
+ # lines with more than a fixed number of characters (4096 in
+ # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines;
+ # the IRIX cc adds comments like '#:fec' to the end of the
+ # dependency line.
+ tr ' ' "$nl" < "$tmpdepfile" \
+ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \
+ | tr "$nl" ' ' >> "$depfile"
+ echo >> "$depfile"
+ # The second pass generates a dummy entry for each header file.
+ tr ' ' "$nl" < "$tmpdepfile" \
+ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \
+ >> "$depfile"
+ else
+ make_dummy_depfile
+ fi
+ rm -f "$tmpdepfile"
+ ;;
+
+xlc)
+ # This case exists only to let depend.m4 do its work. It works by
+ # looking at the text of this script. This case will never be run,
+ # since it is checked for above.
+ exit 1
+ ;;
+
+aix)
+ # The C for AIX Compiler uses -M and outputs the dependencies
+ # in a .u file. In older versions, this file always lives in the
+ # current directory. Also, the AIX compiler puts '$object:' at the
+ # start of each line; $object doesn't have directory information.
+ # Version 6 uses the directory in both cases.
+ set_dir_from "$object"
+ set_base_from "$object"
+ if test "$libtool" = yes; then
+ tmpdepfile1=$dir$base.u
+ tmpdepfile2=$base.u
+ tmpdepfile3=$dir.libs/$base.u
+ "$@" -Wc,-M
+ else
+ tmpdepfile1=$dir$base.u
+ tmpdepfile2=$dir$base.u
+ tmpdepfile3=$dir$base.u
+ "$@" -M
+ fi
+ stat=$?
+ if test $stat -ne 0; then
+ rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
+ exit $stat
+ fi
+
+ for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
+ do
+ test -f "$tmpdepfile" && break
+ done
+ aix_post_process_depfile
+ ;;
+
+tcc)
+ # tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26
+ # FIXME: That version still under development at the moment of writing.
+ # Make that this statement remains true also for stable, released
+ # versions.
+ # It will wrap lines (doesn't matter whether long or short) with a
+ # trailing '\', as in:
+ #
+ # foo.o : \
+ # foo.c \
+ # foo.h \
+ #
+ # It will put a trailing '\' even on the last line, and will use leading
+ # spaces rather than leading tabs (at least since its commit 0394caf7
+ # "Emit spaces for -MD").
+ "$@" -MD -MF "$tmpdepfile"
+ stat=$?
+ if test $stat -ne 0; then
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+ rm -f "$depfile"
+ # Each non-empty line is of the form 'foo.o : \' or ' dep.h \'.
+ # We have to change lines of the first kind to '$object: \'.
+ sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile"
+ # And for each line of the second kind, we have to emit a 'dep.h:'
+ # dummy dependency, to avoid the deleted-header problem.
+ sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+## The order of this option in the case statement is important, since the
+## shell code in configure will try each of these formats in the order
+## listed in this file. A plain '-MD' option would be understood by many
+## compilers, so we must ensure this comes after the gcc and icc options.
+pgcc)
+ # Portland's C compiler understands '-MD'.
+ # Will always output deps to 'file.d' where file is the root name of the
+ # source file under compilation, even if file resides in a subdirectory.
+ # The object file name does not affect the name of the '.d' file.
+ # pgcc 10.2 will output
+ # foo.o: sub/foo.c sub/foo.h
+ # and will wrap long lines using '\' :
+ # foo.o: sub/foo.c ... \
+ # sub/foo.h ... \
+ # ...
+ set_dir_from "$object"
+ # Use the source, not the object, to determine the base name, since
+ # that's sadly what pgcc will do too.
+ set_base_from "$source"
+ tmpdepfile=$base.d
+
+ # For projects that build the same source file twice into different object
+ # files, the pgcc approach of using the *source* file root name can cause
+ # problems in parallel builds. Use a locking strategy to avoid stomping on
+ # the same $tmpdepfile.
+ lockdir=$base.d-lock
+ trap "
+ echo '$0: caught signal, cleaning up...' >&2
+ rmdir '$lockdir'
+ exit 1
+ " 1 2 13 15
+ numtries=100
+ i=$numtries
+ while test $i -gt 0; do
+ # mkdir is a portable test-and-set.
+ if mkdir "$lockdir" 2>/dev/null; then
+ # This process acquired the lock.
+ "$@" -MD
+ stat=$?
+ # Release the lock.
+ rmdir "$lockdir"
+ break
+ else
+ # If the lock is being held by a different process, wait
+ # until the winning process is done or we timeout.
+ while test -d "$lockdir" && test $i -gt 0; do
+ sleep 1
+ i=`expr $i - 1`
+ done
+ fi
+ i=`expr $i - 1`
+ done
+ trap - 1 2 13 15
+ if test $i -le 0; then
+ echo "$0: failed to acquire lock after $numtries attempts" >&2
+ echo "$0: check lockdir '$lockdir'" >&2
+ exit 1
+ fi
+
+ if test $stat -ne 0; then
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+ rm -f "$depfile"
+ # Each line is of the form `foo.o: dependent.h',
+ # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'.
+ # Do two passes, one to just change these to
+ # `$object: dependent.h' and one to simply `dependent.h:'.
+ sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile"
+ # Some versions of the HPUX 10.20 sed can't process this invocation
+ # correctly. Breaking it into two sed invocations is a workaround.
+ sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \
+ | sed -e 's/$/ :/' >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+hp2)
+ # The "hp" stanza above does not work with aCC (C++) and HP's ia64
+ # compilers, which have integrated preprocessors. The correct option
+ # to use with these is +Maked; it writes dependencies to a file named
+ # 'foo.d', which lands next to the object file, wherever that
+ # happens to be.
+ # Much of this is similar to the tru64 case; see comments there.
+ set_dir_from "$object"
+ set_base_from "$object"
+ if test "$libtool" = yes; then
+ tmpdepfile1=$dir$base.d
+ tmpdepfile2=$dir.libs/$base.d
+ "$@" -Wc,+Maked
+ else
+ tmpdepfile1=$dir$base.d
+ tmpdepfile2=$dir$base.d
+ "$@" +Maked
+ fi
+ stat=$?
+ if test $stat -ne 0; then
+ rm -f "$tmpdepfile1" "$tmpdepfile2"
+ exit $stat
+ fi
+
+ for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2"
+ do
+ test -f "$tmpdepfile" && break
+ done
+ if test -f "$tmpdepfile"; then
+ sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile"
+ # Add 'dependent.h:' lines.
+ sed -ne '2,${
+ s/^ *//
+ s/ \\*$//
+ s/$/:/
+ p
+ }' "$tmpdepfile" >> "$depfile"
+ else
+ make_dummy_depfile
+ fi
+ rm -f "$tmpdepfile" "$tmpdepfile2"
+ ;;
+
+tru64)
+ # The Tru64 compiler uses -MD to generate dependencies as a side
+ # effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'.
+ # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put
+ # dependencies in 'foo.d' instead, so we check for that too.
+ # Subdirectories are respected.
+ set_dir_from "$object"
+ set_base_from "$object"
+
+ if test "$libtool" = yes; then
+ # Libtool generates 2 separate objects for the 2 libraries. These
+ # two compilations output dependencies in $dir.libs/$base.o.d and
+ # in $dir$base.o.d. We have to check for both files, because
+ # one of the two compilations can be disabled. We should prefer
+ # $dir$base.o.d over $dir.libs/$base.o.d because the latter is
+ # automatically cleaned when .libs/ is deleted, while ignoring
+ # the former would cause a distcleancheck panic.
+ tmpdepfile1=$dir$base.o.d # libtool 1.5
+ tmpdepfile2=$dir.libs/$base.o.d # Likewise.
+ tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504
+ "$@" -Wc,-MD
+ else
+ tmpdepfile1=$dir$base.d
+ tmpdepfile2=$dir$base.d
+ tmpdepfile3=$dir$base.d
+ "$@" -MD
+ fi
+
+ stat=$?
+ if test $stat -ne 0; then
+ rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
+ exit $stat
+ fi
+
+ for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
+ do
+ test -f "$tmpdepfile" && break
+ done
+ # Same post-processing that is required for AIX mode.
+ aix_post_process_depfile
+ ;;
+
+msvc7)
+ if test "$libtool" = yes; then
+ showIncludes=-Wc,-showIncludes
+ else
+ showIncludes=-showIncludes
+ fi
+ "$@" $showIncludes > "$tmpdepfile"
+ stat=$?
+ grep -v '^Note: including file: ' "$tmpdepfile"
+ if test $stat -ne 0; then
+ rm -f "$tmpdepfile"
+ exit $stat
+ fi
+ rm -f "$depfile"
+ echo "$object : \\" > "$depfile"
+ # The first sed program below extracts the file names and escapes
+ # backslashes for cygpath. The second sed program outputs the file
+ # name when reading, but also accumulates all include files in the
+ # hold buffer in order to output them again at the end. This only
+ # works with sed implementations that can handle large buffers.
+ sed < "$tmpdepfile" -n '
+/^Note: including file: *\(.*\)/ {
+ s//\1/
+ s/\\/\\\\/g
+ p
+}' | $cygpath_u | sort -u | sed -n '
+s/ /\\ /g
+s/\(.*\)/'"$tab"'\1 \\/p
+s/.\(.*\) \\/\1:/
+H
+$ {
+ s/.*/'"$tab"'/
+ G
+ p
+}' >> "$depfile"
+ echo >> "$depfile" # make sure the fragment doesn't end with a backslash
+ rm -f "$tmpdepfile"
+ ;;
+
+msvc7msys)
+ # This case exists only to let depend.m4 do its work. It works by
+ # looking at the text of this script. This case will never be run,
+ # since it is checked for above.
+ exit 1
+ ;;
+
+#nosideeffect)
+ # This comment above is used by automake to tell side-effect
+ # dependency tracking mechanisms from slower ones.
+
+dashmstdout)
+ # Important note: in order to support this mode, a compiler *must*
+ # always write the preprocessed file to stdout, regardless of -o.
+ "$@" || exit $?
+
+ # Remove the call to Libtool.
+ if test "$libtool" = yes; then
+ while test "X$1" != 'X--mode=compile'; do
+ shift
+ done
+ shift
+ fi
+
+ # Remove '-o $object'.
+ IFS=" "
+ for arg
+ do
+ case $arg in
+ -o)
+ shift
+ ;;
+ $object)
+ shift
+ ;;
+ *)
+ set fnord "$@" "$arg"
+ shift # fnord
+ shift # $arg
+ ;;
+ esac
+ done
+
+ test -z "$dashmflag" && dashmflag=-M
+ # Require at least two characters before searching for ':'
+ # in the target name. This is to cope with DOS-style filenames:
+ # a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise.
+ "$@" $dashmflag |
+ sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile"
+ rm -f "$depfile"
+ cat < "$tmpdepfile" > "$depfile"
+ # Some versions of the HPUX 10.20 sed can't process this sed invocation
+ # correctly. Breaking it into two sed invocations is a workaround.
+ tr ' ' "$nl" < "$tmpdepfile" \
+ | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \
+ | sed -e 's/$/ :/' >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+dashXmstdout)
+ # This case only exists to satisfy depend.m4. It is never actually
+ # run, as this mode is specially recognized in the preamble.
+ exit 1
+ ;;
+
+makedepend)
+ "$@" || exit $?
+ # Remove any Libtool call
+ if test "$libtool" = yes; then
+ while test "X$1" != 'X--mode=compile'; do
+ shift
+ done
+ shift
+ fi
+ # X makedepend
+ shift
+ cleared=no eat=no
+ for arg
+ do
+ case $cleared in
+ no)
+ set ""; shift
+ cleared=yes ;;
+ esac
+ if test $eat = yes; then
+ eat=no
+ continue
+ fi
+ case "$arg" in
+ -D*|-I*)
+ set fnord "$@" "$arg"; shift ;;
+ # Strip any option that makedepend may not understand. Remove
+ # the object too, otherwise makedepend will parse it as a source file.
+ -arch)
+ eat=yes ;;
+ -*|$object)
+ ;;
+ *)
+ set fnord "$@" "$arg"; shift ;;
+ esac
+ done
+ obj_suffix=`echo "$object" | sed 's/^.*\././'`
+ touch "$tmpdepfile"
+ ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
+ rm -f "$depfile"
+ # makedepend may prepend the VPATH from the source file name to the object.
+ # No need to regex-escape $object, excess matching of '.' is harmless.
+ sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile"
+ # Some versions of the HPUX 10.20 sed can't process the last invocation
+ # correctly. Breaking it into two sed invocations is a workaround.
+ sed '1,2d' "$tmpdepfile" \
+ | tr ' ' "$nl" \
+ | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \
+ | sed -e 's/$/ :/' >> "$depfile"
+ rm -f "$tmpdepfile" "$tmpdepfile".bak
+ ;;
+
+cpp)
+ # Important note: in order to support this mode, a compiler *must*
+ # always write the preprocessed file to stdout.
+ "$@" || exit $?
+
+ # Remove the call to Libtool.
+ if test "$libtool" = yes; then
+ while test "X$1" != 'X--mode=compile'; do
+ shift
+ done
+ shift
+ fi
+
+ # Remove '-o $object'.
+ IFS=" "
+ for arg
+ do
+ case $arg in
+ -o)
+ shift
+ ;;
+ $object)
+ shift
+ ;;
+ *)
+ set fnord "$@" "$arg"
+ shift # fnord
+ shift # $arg
+ ;;
+ esac
+ done
+
+ "$@" -E \
+ | sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
+ -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
+ | sed '$ s: \\$::' > "$tmpdepfile"
+ rm -f "$depfile"
+ echo "$object : \\" > "$depfile"
+ cat < "$tmpdepfile" >> "$depfile"
+ sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+msvisualcpp)
+ # Important note: in order to support this mode, a compiler *must*
+ # always write the preprocessed file to stdout.
+ "$@" || exit $?
+
+ # Remove the call to Libtool.
+ if test "$libtool" = yes; then
+ while test "X$1" != 'X--mode=compile'; do
+ shift
+ done
+ shift
+ fi
+
+ IFS=" "
+ for arg
+ do
+ case "$arg" in
+ -o)
+ shift
+ ;;
+ $object)
+ shift
+ ;;
+ "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI")
+ set fnord "$@"
+ shift
+ shift
+ ;;
+ *)
+ set fnord "$@" "$arg"
+ shift
+ shift
+ ;;
+ esac
+ done
+ "$@" -E 2>/dev/null |
+ sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile"
+ rm -f "$depfile"
+ echo "$object : \\" > "$depfile"
+ sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile"
+ echo "$tab" >> "$depfile"
+ sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile"
+ rm -f "$tmpdepfile"
+ ;;
+
+msvcmsys)
+ # This case exists only to let depend.m4 do its work. It works by
+ # looking at the text of this script. This case will never be run,
+ # since it is checked for above.
+ exit 1
+ ;;
+
+none)
+ exec "$@"
+ ;;
+
+*)
+ echo "Unknown depmode $depmode" 1>&2
+ exit 1
+ ;;
+esac
+
+exit 0
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'before-save-hook 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC0"
+# time-stamp-end: "; # UTC"
+# End:
if [ z"$(srcdir)" != z"$(builddir)" -a z"`uname`" != z"Darwin" ]; \
then \
$(CP) -ru $(srcdir)/*.html $(srcdir)/*.ico $(srcdir)/images $(builddir)/ ; \
- chmod u+w $(builddir)/*.html ; \
- chmod u+w $(builddir)/*.ico ; \
- chmod -R u+w $(builddir)/images ; \
+ (chmod u+w $(builddir)/*.html || true) ; \
+ (chmod u+w $(builddir)/*.ico || true) ; \
+ (chmod -R u+w $(builddir)/images || true) ; \
fi \
)
clean-local:
-rm -f *.stamp
( if [ z"$(srcdir)" != z"$(builddir)" ] ; then \
- chmod -R u+w $(builddir)/images && rm -rf $(builddir)/images ; \
- chmod -R u+w $(builddir)/src && rm -rf $(builddir)/src ; \
+ (chmod -R u+w $(builddir)/images || true) && rm -rf $(builddir)/images ; \
+ (chmod -R u+w $(builddir)/src || true) && rm -rf $(builddir)/src ; \
(for i in `find $(builddir) -name "*.html" -print` ; do \
echo "Removing files '$$i' ... " ; \
chmod -R u+w $$i && rm -f $$i ; \
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = docs
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+ ctags-recursive dvi-recursive html-recursive info-recursive \
+ install-data-recursive install-dvi-recursive \
+ install-exec-recursive install-html-recursive \
+ install-info-recursive install-pdf-recursive \
+ install-ps-recursive install-recursive installcheck-recursive \
+ installdirs-recursive pdf-recursive ps-recursive \
+ tags-recursive uninstall-recursive
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+am__recursive_targets = \
+ $(RECURSIVE_TARGETS) \
+ $(RECURSIVE_CLEAN_TARGETS) \
+ $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
+ distdir distdir-am
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+am__relativize = \
+ dir0=`pwd`; \
+ sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+ sed_rest='s,^[^/]*/*,,'; \
+ sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+ sed_butlast='s,/*[^/]*$$,,'; \
+ while test -n "$$dir1"; do \
+ first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+ if test "$$first" != "."; then \
+ if test "$$first" = ".."; then \
+ dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+ dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+ else \
+ first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+ if test "$$first2" = "$$first"; then \
+ dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+ else \
+ dir2="../$$dir2"; \
+ fi; \
+ dir0="$$dir0"/"$$first"; \
+ fi; \
+ fi; \
+ dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+ done; \
+ reldir="$$dir2"
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+SUBDIRS = api
+TARGET_DIR = @XMLSEC_DOCDIR@
+EXTRA_DIST = \
+ $(builddir)/images \
+ $(builddir)/*.html \
+ $(builddir)/*.ico \
+ $(builddir)/xmlsec.xsl \
+ $(builddir)/xmlsec-ga.xsl \
+ $(NULL)
+
+XMLSEC1_MAN = $(top_builddir)/man/xmlsec1.1
+XMLSEC_HTML = $(builddir)/xmlsec-man.html
+all: all-recursive
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign docs/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign docs/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+# (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+ @fail=; \
+ if $(am__make_keepgoing); then \
+ failcom='fail=yes'; \
+ else \
+ failcom='exit 1'; \
+ fi; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-recursive
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-recursive
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-recursive
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+ @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ $(am__make_dryrun) \
+ || test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+ $(am__relativize); \
+ new_distdir=$$reldir; \
+ dir1=$$subdir; dir2="$(top_distdir)"; \
+ $(am__relativize); \
+ new_top_distdir=$$reldir; \
+ echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
+ echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
+ ($(am__cd) $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$new_top_distdir" \
+ distdir="$$new_distdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ am__skip_mode_fix=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-recursive
+all-am: Makefile
+installdirs: installdirs-recursive
+installdirs-am:
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool clean-local mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-local \
+ distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+html-am:
+
+info: info-recursive
+
+info-am:
+
+install-data-am: install-data-local
+
+install-dvi: install-dvi-recursive
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-recursive
+
+install-html-am:
+
+install-info: install-info-recursive
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-pdf-am:
+
+install-ps: install-ps-recursive
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am: uninstall-local
+
+.MAKE: $(am__recursive_targets) install-am install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \
+ check-am clean clean-generic clean-libtool clean-local \
+ cscopelist-am ctags ctags-am distclean distclean-generic \
+ distclean-libtool distclean-local distclean-tags distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-data-local install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ installdirs-am maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+ ps ps-am tags tags-am uninstall uninstall-am uninstall-local
+
+.PRECIOUS: Makefile
+
+
+all:
+ @echo "======= Run 'make docs' in the xmlsec/docs folder to rebuild docs"
+
+# docs is legacy
+docs: docs-copy man-docs docs-format
+
+docs-copy:
+ @( \
+ echo "Copying docs..."; \
+ if [ z"$(srcdir)" != z"$(builddir)" -a z"`uname`" != z"Darwin" ]; \
+ then \
+ $(CP) -ru $(srcdir)/*.html $(srcdir)/*.ico $(srcdir)/images $(builddir)/ ; \
+ (chmod u+w $(builddir)/*.html || true) ; \
+ (chmod u+w $(builddir)/*.ico || true) ; \
+ (chmod -R u+w $(builddir)/images || true) ; \
+ fi \
+ )
+
+# if we build docs then we also have xsltproc
+@BUILD_MAN_DOCS_TRUE@man-docs: $(XMLSEC_HTML) docs-copy
+
+@BUILD_MAN_DOCS_TRUE@$(XMLSEC_HTML): docs-copy $(XMLSEC1_MAN)
+@BUILD_MAN_DOCS_TRUE@ $(MAN2HTML) $(XMLSEC1_MAN) | \
+@BUILD_MAN_DOCS_TRUE@ grep -v '^Content-type: text/html' | \
+@BUILD_MAN_DOCS_TRUE@ tr "[:cntrl:]" " " > \
+@BUILD_MAN_DOCS_TRUE@ $(XMLSEC_HTML)
+# do nothing, we aready copied this file
+@BUILD_MAN_DOCS_FALSE@man-docs:
+
+@HAS_XSLTPROC_TRUE@docs-format:
+@HAS_XSLTPROC_TRUE@ @(echo "Formatting html documents"; \
+@HAS_XSLTPROC_TRUE@ for i in `find $(builddir) -name "*.html" -print`; \
+@HAS_XSLTPROC_TRUE@ do \
+@HAS_XSLTPROC_TRUE@ top_folder=`echo $$i | sed 's#/[^/]*$$#/#' | sed 's#\./##' | \
+@HAS_XSLTPROC_TRUE@ sed 's#[^/]*/#../#g'`; \
+@HAS_XSLTPROC_TRUE@ echo "Processing $$i (topfolder='$$top_folder')"; \
+@HAS_XSLTPROC_TRUE@ $(XSLTPROC) --html --stringparam topfolder "$$top_folder" \
+@HAS_XSLTPROC_TRUE@ --output $$i.tmp $(srcdir)/xmlsec.xsl $$i; \
+@HAS_XSLTPROC_TRUE@ if [ $$? != 0 ]; \
+@HAS_XSLTPROC_TRUE@ then \
+@HAS_XSLTPROC_TRUE@ echo "ERROR: processing file $$i"; \
+@HAS_XSLTPROC_TRUE@ exit 1; \
+@HAS_XSLTPROC_TRUE@ fi; \
+@HAS_XSLTPROC_TRUE@ mv $$i.tmp $$i; \
+@HAS_XSLTPROC_TRUE@ done)
+@HAS_XSLTPROC_TRUE@ @(echo "Cleaning html documents"; \
+@HAS_XSLTPROC_TRUE@ for i in `find $(builddir) -name "*.html" -print`; \
+@HAS_XSLTPROC_TRUE@ do \
+@HAS_XSLTPROC_TRUE@ echo Cleaning $$i ; \
+@HAS_XSLTPROC_TRUE@ sed 's/\xA0/ /g' $$i > $$i.tmp ; \
+@HAS_XSLTPROC_TRUE@ mv $$i.tmp $$i ; \
+@HAS_XSLTPROC_TRUE@ done)
+@HAS_XSLTPROC_TRUE@docs-format-ga:
+@HAS_XSLTPROC_TRUE@ @(echo "Formatting html documents to add Google Analytics"; \
+@HAS_XSLTPROC_TRUE@ for i in `find $(builddir) -name "*.html" -print`; \
+@HAS_XSLTPROC_TRUE@ do \
+@HAS_XSLTPROC_TRUE@ echo "Processing $$i"; \
+@HAS_XSLTPROC_TRUE@ $(XSLTPROC) --html --output $$i.tmp $(srcdir)/xmlsec-ga.xsl $$i; \
+@HAS_XSLTPROC_TRUE@ if [ $$? != 0 ]; \
+@HAS_XSLTPROC_TRUE@ then \
+@HAS_XSLTPROC_TRUE@ echo "ERROR: processing file $$i"; \
+@HAS_XSLTPROC_TRUE@ exit 1; \
+@HAS_XSLTPROC_TRUE@ fi; \
+@HAS_XSLTPROC_TRUE@ mv $$i.tmp $$i; \
+@HAS_XSLTPROC_TRUE@ done)
+# do nothing
+@HAS_XSLTPROC_FALSE@docs-format:
+
+clean-local:
+ -rm -f *.stamp
+ ( if [ z"$(srcdir)" != z"$(builddir)" ] ; then \
+ (chmod -R u+w $(builddir)/images || true) && rm -rf $(builddir)/images ; \
+ (chmod -R u+w $(builddir)/src || true) && rm -rf $(builddir)/src ; \
+ (for i in `find $(builddir) -name "*.html" -print` ; do \
+ echo "Removing files '$$i' ... " ; \
+ chmod -R u+w $$i && rm -f $$i ; \
+ done ) ; \
+ (for i in `find $(builddir) -name "*.ico" -print` ; do \
+ echo "Removing files '$$i' ... " ; \
+ chmod -R u+w $$i && rm -f $$i ; \
+ done ) ; \
+ fi ; )
+
+distclean-local: clean-local
+
+install-data-local:
+ $(mkinstalldirs) $(DESTDIR)$(TARGET_DIR)
+ $(mkinstalldirs) $(DESTDIR)$(TARGET_DIR)/images
+ $(mkinstalldirs) $(DESTDIR)$(TARGET_DIR)/api
+ $(mkinstalldirs) $(DESTDIR)$(TARGET_DIR)/api/images
+ -@INSTALL@ -m 0644 $(builddir)/*.html $(DESTDIR)$(TARGET_DIR)
+ -@INSTALL@ -m 0644 $(builddir)/*.ico $(DESTDIR)$(TARGET_DIR)
+ -@INSTALL@ -m 0644 $(builddir)/images/*.gif $(builddir)/images/*.png $(DESTDIR)$(TARGET_DIR)/images
+ -@INSTALL@ -m 0644 $(builddir)/api/*.html $(builddir)/api/*.png $(builddir)/api/*.sgml $(DESTDIR)$(TARGET_DIR)/api
+ -@INSTALL@ -m 0644 $(builddir)/api/images/*.png $(DESTDIR)$(TARGET_DIR)/api/images
+
+uninstall-local:
+ @rm -rf $(DESTDIR)$(TARGET_DIR)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
-rm -rf $(SOURCE_CODE_DIR) $(EXAMPLES_DIR) $(SCAN_DIR)/*.txt $(SGML_DIR) $(GTKDOC_MKDB_OUTPUT_DIR)
-rm -f *.stamp *.types index.sgml
@( if [ z"$(builddir)" != z"$(srcdir)" ] ; then \
- chmod -R u+w $(builddir)/src && rm -rf $(builddir)/src ; \
- chmod -R u+w $(builddir)/images && rm -rf $(builddir)/images ; \
- chmod -R u+w $(builddir)/*.png && rm -rf $(builddir)/*.png ; \
+ (chmod -R u+w $(builddir)/src || true) && rm -rf $(builddir)/src ; \
+ (chmod -R u+w $(builddir)/images || true) && rm -rf $(builddir)/images ; \
+ (chmod -R u+w $(builddir)/*.png || true) && rm -rf $(builddir)/*.png ; \
fi ; )
distclean-local: clean-local
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = docs/api
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+
+#
+#
+#
+NULL =
+MODULE = xmlsec
+SOURCE_DIR = $(top_srcdir)/src
+SOURCE_DIR2 = $(top_builddir)/src
+INCLUDE_DIR = $(top_srcdir)/include
+INCLUDE_DIR2 = $(top_builddir)/include
+SCAN_DIR = $(builddir)
+SGML_DIR = $(builddir)/sgml.tmp
+EXAMPLES_DIR = $(SGML_DIR)/examples
+SOURCE_CODE_DIR = $(builddir)/code
+GTKDOC_MKDB_OUTPUT_DIR = $(builddir)/xml
+
+# We need to copy some files to make gkdoc happy that
+# everything is in one folder
+MAIN_SGML_FILE = $(SGML_DIR)/xmlsec.sgml
+MAIN_SGML_SRC_FILE = $(srcdir)/src/xmlsec.sgml
+SGML_CHAPTERS_DIR = $(SGML_DIR)/chapters
+SGML_CHAPTERS_SRC_DIR = $(srcdir)/src/chapters
+EXTRA_DIST = \
+ $(srcdir)/src \
+ $(srcdir)/images \
+ $(srcdir)/style.css \
+ $(NULL)
+
+SOURCE_FILES_TO_COPY = \
+ $(srcdir)/src \
+ $(srcdir)/images \
+ $(srcdir)/style.css \
+ $(srcdir)/*.html \
+ $(srcdir)/*.png \
+ $(NULL)
+
+CRYPTO_LIBS_LIST = \
+ openssl \
+ nss \
+ gnutls \
+ gcrypt \
+ mscrypto \
+ mscng \
+ $(NULL)
+
+
+#
+# We need to pre-process original source files
+# because gtkdoc does not understand some C features
+#
+SOURCE_CODE_FILES = \
+ $(shell find $(SOURCE_DIR) -name '*.c' -print ) \
+ $(shell find $(SOURCE_DIR2) -name '*.c' -print ) \
+ $(shell find $(INCLUDE_DIR) -name '*.h' -a ! -name "symbols.h" -print ) \
+ $(shell find $(INCLUDE_DIR2) -name '*.h' -a ! -name "symbols.h" -print )
+
+EXAMPLES_SOURCE_DIR = $(top_srcdir)/examples
+EXAMPLES_SOURCE_FILES = \
+ $(shell find $(EXAMPLES_SOURCE_DIR) -name '*.c' -print) \
+ $(shell find $(EXAMPLES_SOURCE_DIR) -name '*.xml' -print)
+
+
+#
+# This script removes gtkdoc crap from final html
+#
+REMOVE_GTKDOCLINK = $(top_srcdir)/scripts/remove-gtkdoclink.pl
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign docs/api/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign docs/api/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+tags TAGS:
+
+ctags CTAGS:
+
+cscope cscopelist:
+
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$(top_distdir)" distdir="$(distdir)" \
+ dist-hook
+check-am: all-am
+check: check-am
+all-am: Makefile
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-local mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-local
+
+dvi: dvi-am
+
+dvi-am:
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic \
+ maintainer-clean-local
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am check check-am clean clean-generic clean-libtool \
+ clean-local cscopelist-am ctags-am dist-hook distclean \
+ distclean-generic distclean-libtool distclean-local distdir \
+ dvi dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-html install-html-am \
+ install-info install-info-am install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic maintainer-clean-local mostlyclean \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# docs is legacy
+all: docs
+
+# if build API docs, then we also have xsltproc
+@BUILD_API_DOCS_TRUE@docs: html-cleanup
+
+@BUILD_API_DOCS_FALSE@docs:
+@BUILD_API_DOCS_FALSE@ @( \
+@BUILD_API_DOCS_FALSE@ echo "Copying api-docs..."; \
+@BUILD_API_DOCS_FALSE@ if [ z"$(srcdir)" != z"$(builddir)" -a z"`uname`" != z"Darwin" ]; \
+@BUILD_API_DOCS_FALSE@ then \
+@BUILD_API_DOCS_FALSE@ $(CP) -ru $(SOURCE_FILES_TO_COPY) $(builddir)/ ; \
+@BUILD_API_DOCS_FALSE@ fi \
+@BUILD_API_DOCS_FALSE@ )
+
+html-cleanup: html
+ @( echo "Cleaning up result files"; \
+ $(PERL) $(REMOVE_GTKDOCLINK) `find . -name "*.html" -print` \
+ )
+
+# need to cleanup "bad" chars
+html: sgml $(MAIN_SGML_FILE) $(SGML_CHAPTERS_DIR) xmlsec-index
+ $(GTKDOC_MKHTML) xmlsec $(MAIN_SGML_FILE)
+
+$(SGML_CHAPTERS_DIR): $(SGML_CHAPTERS_SRC_DIR) $(SGML_CHAPTERS_DIR)/.sentinel
+ $(CP) -ru $(SGML_CHAPTERS_SRC_DIR)/* $(SGML_CHAPTERS_DIR)
+
+$(MAIN_SGML_FILE): $(MAIN_SGML_SRC_FILE)
+ $(CP) -u $(MAIN_SGML_SRC_FILE) $(MAIN_SGML_FILE)
+#
+# Prepeare sgml files from sources for each library. We are also
+# doing some "magic" here by automatically adding links to XML DSig and
+# XML Enc specification, we also remove "Ptr" from the end of the link
+# targets to make more references.
+#
+# We also fix a bunch of stupid errors from gtkdoc
+#
+sgml: sgml-base
+ (for i in `find $(SGML_DIR) -name "*.sgml" -or -name "*.xml" -print` ; do \
+ echo "Fixing up '$$i'" ; \
+ cat $$i | \
+ sed 's!\(<dsig:\)\([^/]*\)\(\/>\)!\<dsig:\2\/\>!g' | \
+ sed 's!\(<enc:\)\([^/]*\)\(\/>\)!\<enc:\2\/\>!g' | \
+ sed 's!\(<dsig:\)\(\w*\)\(>\)!\<dsig:\2\/\>!g' | \
+ sed 's!\(<enc:\)\(\w*\)\(>\)!\<enc:\2\/\>!g' | \
+ sed 's!\(<dsig:\)\([^/]*\)\(\/>\)!<ulink URL=\"http://www.w3.org/TR/xmldsig-core/#sec-\2\">\1\2\3</ulink>!g' | \
+ sed 's!\(<enc:\)\([^/]*\)\(\/>\)!<ulink URL=\"http://www.w3.org/TR/xmlenc-core/#sec-\2\">\1\2\3</ulink>!g' | \
+ sed 's!<para \/>!<para></para>!g' | \
+ sed 's!linkend=\"\(.*\)Ptr\"!linkend=\"\1\"!g' | \
+ sed 's!<colspec [^/]*\/>!!g' | \
+ sed 's!<programlisting language="C"!<programlisting!g' | \
+ sed 's!\%gtkdocentities;!!g' | \
+ $(PERL) -pe 's!title>\n!title>!g' | \
+ $(PERL) -pe 's!title>\n!title>!g' | \
+ $(PERL) -pe 's!<\/title><\/refsect1>\n!<\/title><para><\/para><\/refsect1>!g' | \
+ $(PERL) -pe 's!para>\n!para>!g' > \
+ $$i.tmp; \
+ mv -f $$i.tmp $$i; \
+ done);
+
+# gtkdoc-mkdb doesn't support --output-dir thus we have to "hack" it a litle bit
+sgml-base: scan $(SGML_DIR)/.sentinel
+ @( \
+ echo "Create DocBook files for xmlsec-core" ; \
+ rm -rf $(GTKDOC_MKDB_OUTPUT_DIR) $(SGML_DIR)/base ; \
+ $(GTKDOC_MKDB) --module=xmlsec \
+ --xml-mode \
+ --main-sgml-file=$(SGML_DIR)/xmlsec-base.sgml \
+ --source-dir=$(SOURCE_CODE_DIR)/src/base \
+ --source-dir=$(SOURCE_CODE_DIR)/include/xmlsec/base ; \
+ mv $(GTKDOC_MKDB_OUTPUT_DIR) $(SGML_DIR)/base ; \
+ );
+ @(for i in $(CRYPTO_LIBS_LIST) ; do \
+ echo "Create DocBook files for xmlsec-$$i" ; \
+ rm -rf $(GTKDOC_MKDB_OUTPUT_DIR) $(SGML_DIR)/$$i ; \
+ $(GTKDOC_MKDB) --module=xmlsec-$$i \
+ --xml-mode \
+ --main-sgml-file=$(SGML_DIR)/xmlsec-$$i.sgml \
+ --source-dir=$(SOURCE_CODE_DIR)/src/$$i \
+ --source-dir=$(SOURCE_CODE_DIR)/include/xmlsec/$$i ; \
+ mv $(GTKDOC_MKDB_OUTPUT_DIR) $(SGML_DIR)/$$i ; \
+ done);
+
+scan: SOURCE_CODEs example_sources
+ @( \
+ echo "Scanning source code for xmlsec-core" ; \
+ $(GTKDOC_SCAN) --module=xmlsec \
+ --rebuild-sections \
+ --output-dir=$(SCAN_DIR) \
+ --source-dir=$(SOURCE_CODE_DIR)/src/base \
+ --source-dir=$(SOURCE_CODE_DIR)/include/xmlsec/base ; \
+ );
+ @(for i in $(CRYPTO_LIBS_LIST) ; do \
+ echo "Scanning source code for xmlsec-$$i" ; \
+ $(GTKDOC_SCAN) --module=xmlsec-$$i \
+ --rebuild-sections \
+ --output-dir=$(SCAN_DIR) \
+ --source-dir=$(SOURCE_CODE_DIR)/src/$$i \
+ --source-dir=$(SOURCE_CODE_DIR)/include/xmlsec/$$i ; \
+ done);
+
+#
+# Prepare source files by coping them to "code" folder and
+# removing XMLSEC_EXPORT_* stuff that makes gtkdoc crazy
+#
+SOURCE_CODEs: $(SOURCE_CODE_FILES) $(SOURCE_CODE_DIR)/.sentinel SOURCE_CODEs_cleanup
+ @echo "Preprocessing source files into '$(SOURCE_CODE_DIR)' ..."
+ @mkdir -p $(SOURCE_CODE_DIR)/src/base $(SOURCE_CODE_DIR)/include/xmlsec/base
+ @( \
+ for i in $(SOURCE_CODE_FILES) ; do \
+ folder_name=`echo "$$i" | \
+ sed 's#$(top_srcdir)/##' | \
+ sed 's#$(top_builddir)/##' | \
+ sed 's#/[^/]*$$##'`; \
+ file_name=`echo "$$i" | \
+ sed 's#.*/##'`; \
+ mkdir -p "$(SOURCE_CODE_DIR)/$$folder_name"; \
+ cat "$$i" | \
+ sed 's/#if.*//' | \
+ sed 's/#el.*//' | \
+ sed 's/#end.*//' | \
+ sed 's/XMLSEC_CRYPTO_EXPORT//' | \
+ sed 's/XMLSEC_EXPORT_VAR//' | \
+ sed 's/XMLSEC_EXPORT//' | \
+ sed 's/XMLSEC_ERRORS_PRINTF_ATTRIBUTE//' > \
+ $(SOURCE_CODE_DIR)/$$folder_name/$$file_name; \
+ done);
+ -@mv -f $(SOURCE_CODE_DIR)/src/*.c $(SOURCE_CODE_DIR)/src/base
+ -@mv -f $(SOURCE_CODE_DIR)/include/xmlsec/*.h $(SOURCE_CODE_DIR)/include/xmlsec/base
+ -@rm -f $(SOURCE_CODE_DIR)/include/xmlsec/*/symbols.h
+
+SOURCE_CODEs_cleanup: $(SOURCE_CODE_DIR)/.sentinel
+ @rm -rf $(SOURCE_CODE_DIR)/*
+
+#
+# Create index for all functions. For macros and defines need to add -CAPS suffix
+#
+xmlsec-index: scan $(SGML_DIR)/.sentinel
+ @grep -h '<NAME>.*</NAME>' $(SCAN_DIR)/xmlsec-*decl.txt | \
+ grep -v '<NAME>extern</NAME>' | \
+ sort -u | \
+ sed 's#_#-#g' | \
+ sed 's#<NAME>\([^-]*\)-\([^<]*\)</NAME>#<listitem><para><link linkend=\"\1-\2-CAPS\">\1-\2</link></para></listitem>#g' | \
+ sed 's#<NAME>\([^<]*\)</NAME>#<listitem><para><link linkend=\"\1\">\1</link></para></listitem>#g' > \
+ $(SGML_DIR)/xmlsec-index.sgml
+
+#
+# The following code converts C example file to sgml RefEntry files.
+# We get file title from a string "XML Security Library example: ..."
+# which is usually placed at the top of the file. Also all "unsafe" xml
+# characters (<, >, &) are escaped.
+#
+example_sources: $(EXAMPLES_DIR)/.sentinel
+ @echo "Preprocessing example source files into '$(EXAMPLES_DIR)' ..."
+ @rm -rf $(EXAMPLES_DIR)/*
+ @(for i in $(EXAMPLES_SOURCE_FILES) ; do \
+ file_name=`echo $$i | sed 's#.*/##' | sed 's#\..*$$##'`; \
+ file_ext=`echo $$i | sed 's#.*/##' | sed 's#.*\.##'`; \
+ echo Converting $$file_name.$$file_ext to $$file_name.sgml ...; \
+ file_title=`cat $$i | grep 'XML Security Library example: ' | sed 's#^.*: *##'`; \
+ echo "<sect2 id=\"xmlsec-example-$$file_name\" >" > \
+ $(EXAMPLES_DIR)/$$file_name.sgml; \
+ echo "<title>$$file_name.$$file_ext</title><para><informalexample><programlisting>" >> \
+ $(EXAMPLES_DIR)/$$file_name.sgml; \
+ cat $$i | \
+ sed "s#&#\&#g" | \
+ sed "s#<#\<#g" | \
+ sed "s#>#\>#g" >> \
+ $(EXAMPLES_DIR)/$$file_name.sgml; \
+ echo "</programlisting></informalexample></para></sect2>" >> \
+ $(EXAMPLES_DIR)/$$file_name.sgml; \
+ done);
+
+# A single pattern rule will create all appropriate folders as required
+# otherwise make (annoyingly) deletes it
+.PRECIOUS: %/.sentinel
+%/.sentinel:
+ @echo "Creating folder '${@D}' ..."
+ mkdir -p ${@D}
+ touch $@
+
+dist-hook:
+ @cp -p $(srcdir)/*.html $(srcdir)/*.png $(distdir)/
+ (for i in `find $(distdir) -name ".sentinel" -print` ; do \
+ echo "Removing some files '$$i' before dist ... " ; \
+ rm $$i ; \
+ done )
+ (for i in `find $(distdir) -name "*.sgml.bak" -print` ; do \
+ echo "Removing some files '$$i' before dist ... " ; \
+ rm "$$i" ; \
+ done ; )
+
+clean-local:
+ -rm -rf $(SOURCE_CODE_DIR) $(EXAMPLES_DIR) $(SCAN_DIR)/*.txt $(SGML_DIR) $(GTKDOC_MKDB_OUTPUT_DIR)
+ -rm -f *.stamp *.types index.sgml
+ @( if [ z"$(builddir)" != z"$(srcdir)" ] ; then \
+ (chmod -R u+w $(builddir)/src || true) && rm -rf $(builddir)/src ; \
+ (chmod -R u+w $(builddir)/images || true) && rm -rf $(builddir)/images ; \
+ (chmod -R u+w $(builddir)/*.png || true) && rm -rf $(builddir)/*.png ; \
+ fi ; )
+
+distclean-local: clean-local
+
+maintainer-clean-local: clean-local
+ -rm -f *.html
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library Reference Manual: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<meta name="description" content="This manual documents the interfaces of the xmlsec library and has some short notes to help get you up to speed with using the library.">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="next" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
    <code class="email"><<a class="email" href="mailto:aleksey@aleksey.com">aleksey@aleksey.com</a>></code><br>
  </p></div></div>
</div></div></div>
-<div><p class="copyright">Copyright © 2002-2017 Aleksey Sanin</p></div>
+<div><p class="copyright">Copyright © 2002-2022 Aleksey Sanin</p></div>
<div><div class="legalnotice">
<a name="id-1.1.4"></a><p>Permission is granted to make and distribute verbatim
copies of this manual provided the copyright notice and this
of this manual into another language, under the above conditions
for modified versions.</p>
</div></div>
-<div><div class="abstract">
-<p class="title"><b>Abstract</b></p>
-<p>This manual documents the interfaces of the xmlsec
+<div><div class="abstract"><p>This manual documents the interfaces of the xmlsec
library and has some short notes to help get you up to speed
- with using the library.</p>
-</div></div>
+ with using the library.</p></div></div>
</div>
<hr>
</div>
<span class="refentrytitle"><a href="xmlsec-openssl-app.html">app</a></span><span class="refpurpose"> — Application support functions for OpenSSL.</span>
</dt>
<dt>
-<span class="refentrytitle"><a href="xmlsec-openssl-bn.html">bn</a></span><span class="refpurpose"> — Big numbers (BIGNUM) support functions implementation for OpenSSL.</span>
-</dt>
-<dt>
<span class="refentrytitle"><a href="xmlsec-openssl-crypto.html">crypto</a></span><span class="refpurpose"> — Crypto transforms implementation for OpenSSL.</span>
</dt>
<dt>
<span class="refentrytitle"><a href="xmlsec-nss-app.html">app</a></span><span class="refpurpose"> — Application support functions for NSS.</span>
</dt>
<dt>
-<span class="refentrytitle"><a href="xmlsec-nss-bignum.html">bignum</a></span><span class="refpurpose"> — Big numbers support functions implementation for NSS.</span>
-</dt>
-<dt>
<span class="refentrytitle"><a href="xmlsec-nss-crypto.html">crypto</a></span><span class="refpurpose"> — Crypto transforms implementation for NSS.</span>
</dt>
<dt>
</dl></div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<!ENTITY xmlsec-xmltree "base/xmltree.xml">
<!ENTITY xmlsec-openssl-app "openssl/app.xml">
-<!ENTITY xmlsec-openssl-bn "openssl/bn.xml">
<!ENTITY xmlsec-openssl-crypto "openssl/crypto.xml">
<!ENTITY xmlsec-openssl-evp "openssl/evp.xml">
<!ENTITY xmlsec-openssl-x509 "openssl/x509.xml">
<!ENTITY xmlsec-gcrypt-crypto "gcrypt/crypto.xml">
<!ENTITY xmlsec-nss-app "nss/app.xml">
-<!ENTITY xmlsec-nss-bignum "nss/bignum.xml">
<!ENTITY xmlsec-nss-crypto "nss/crypto.xml">
<!ENTITY xmlsec-nss-keysstore "nss/keysstore.xml">
<!ENTITY xmlsec-nss-pkikeys "nss/pkikeys.xml">
-<!ENTITY xmlsec-nss-x509 "nss/x509.xml">
+<!ENTITY xmlsec-nss-x509 "nss/x509.xml">
<!ENTITY xmlsec-mscrypto-app "mscrypto/app.xml">
<!ENTITY xmlsec-mscrypto-certkeys "mscrypto/certkeys.xml">
</author>
</authorgroup>
<copyright>
- <year>2002-2017</year>
+ <year>2002-2022</year>
<holder>Aleksey Sanin</holder>
</copyright>
<legalnotice>
build by extracting comments from the code sources. </para>
<xi:include href="&xmlsec-openssl-app;"/>
- <xi:include href="&xmlsec-openssl-bn;"/>
<xi:include href="&xmlsec-openssl-crypto;"/>
<xi:include href="&xmlsec-openssl-evp;"/>
<xi:include href="&xmlsec-openssl-x509;"/>
build by extracting comments from the code sources. </para>
<xi:include href="&xmlsec-nss-app;"/>
- <xi:include href="&xmlsec-nss-bignum;"/>
<xi:include href="&xmlsec-nss-crypto;"/>
<xi:include href="&xmlsec-nss-keysstore;"/>
<xi:include href="&xmlsec-nss-pkikeys;"/>
vertical-align: top;
}
+span.nowrap {
+ white-space: nowrap;
+}
+
div.gallery-float
{
float: left;
color: #729fcf;
}
-div.informaltable table
-{
- border-collapse: separate;
- border-spacing: 1em 0.3em;
- border: none;
-}
-
-div.informaltable table td, div.informaltable table th
-{
- vertical-align: top;
-}
-
.function_type,
.variable_type,
.property_type,
margin: 0.25em;
}
+div.informaltable table[border="1"],
div.table table
{
border-collapse: collapse;
border: solid 1px #babdb6;
}
+div.informaltable table[border="1"] td,
+div.informaltable table th,
div.table table td, div.table table th
{
/* tango:aluminium 3 */
vertical-align: top;
}
+div.informaltable table[border="1"] th,
div.table table th
{
/* tango:aluminium 2 */
font-weight: normal;
}
-acronym,abbr
+acronym,abbr
{
border-bottom: 1px dotted gray;
}
-/* code listings */
-
-.listing_code .programlisting .normal,
-.listing_code .programlisting .normal a,
-.listing_code .programlisting .number,
-.listing_code .programlisting .cbracket,
-.listing_code .programlisting .symbol { color: #555753; }
-.listing_code .programlisting .comment,
-.listing_code .programlisting .linenum { color: #babdb6; } /* tango: aluminium 3 */
-.listing_code .programlisting .function,
-.listing_code .programlisting .function a,
-.listing_code .programlisting .preproc { color: #204a87; } /* tango: sky blue 3 */
-.listing_code .programlisting .string { color: #ad7fa8; } /* tango: plum */
-.listing_code .programlisting .keyword,
-.listing_code .programlisting .usertype,
-.listing_code .programlisting .type,
-.listing_code .programlisting .type a { color: #4e9a06; } /* tango: chameleon 3 */
-
.listing_frame {
/* tango:sky blue 1 */
border: solid 1px #729fcf;
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>app: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="next" href="xmlsec-base64.html" title="base64">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>base64: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-app.html" title="app">
<link rel="next" href="xmlsec-bn.html" title="bn">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-base64.html#xmlSecBase64CtxUpdate" title="xmlSecBase64CtxUpdate ()">xmlSecBase64CtxUpdate</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-base64.html#xmlSecBase64CtxUpdate-ex" title="xmlSecBase64CtxUpdate_ex ()">xmlSecBase64CtxUpdate_ex</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-base64.html#xmlSecBase64CtxFinal" title="xmlSecBase64CtxFinal ()">xmlSecBase64CtxFinal</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-base64.html#xmlSecBase64CtxFinal-ex" title="xmlSecBase64CtxFinal_ex ()">xmlSecBase64CtxFinal_ex</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-base64.html#xmlSecBase64Decode" title="xmlSecBase64Decode ()">xmlSecBase64Decode</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-base64.html#xmlSecBase64Decode-ex" title="xmlSecBase64Decode_ex ()">xmlSecBase64Decode_ex</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">int</span></font>
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-base64.html#xmlSecBase64DecodeInPlace" title="xmlSecBase64DecodeInPlace ()">xmlSecBase64DecodeInPlace</a> <span class="c_punctuation">()</span>
</td>
</tr>
</tbody>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecBase64CtxUpdate"></a><h3>xmlSecBase64CtxUpdate ()</h3>
+<a name="xmlSecBase64CtxUpdate-ex"></a><h3>xmlSecBase64CtxUpdate_ex ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecBase64CtxUpdate (<em class="parameter"><code><font><span class="type">xmlSecBase64CtxPtr</span></font> ctx</code></em>,
- <em class="parameter"><code>const <a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *in</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> inSize</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *out</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> outSize</code></em>);</pre>
+xmlSecBase64CtxUpdate_ex (<em class="parameter"><code><font><span class="type">xmlSecBase64CtxPtr</span></font> ctx</code></em>,
+ <em class="parameter"><code>const <a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *in</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> inSize</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *out</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> outSize</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> *outWritten</code></em>);</pre>
<p>Encodes or decodes the next piece of data from input buffer.</p>
<div class="refsect3">
-<a name="xmlSecBase64CtxUpdate.parameters"></a><h4>Parameters</h4>
+<a name="xmlSecBase64CtxUpdate-ex.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col>
<td class="parameter_description"><p>the output buffer size</p></td>
<td class="parameter_annotations">Â </td>
</tr>
+<tr>
+<td class="parameter_name"><p>outWritten</p></td>
+<td class="parameter_description"><p>the pointer to store the number of bytes written into the output</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
</tbody>
</table></div>
</div>
<div class="refsect3">
-<a name="xmlSecBase64CtxUpdate.returns"></a><h4>Returns</h4>
-<p> the number of bytes written to output buffer or
--1 if an error occurs.</p>
+<a name="xmlSecBase64CtxUpdate-ex.returns"></a><h4>Returns</h4>
+<p> 0 on success and a negative value otherwise.</p>
</div>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecBase64CtxFinal"></a><h3>xmlSecBase64CtxFinal ()</h3>
+<a name="xmlSecBase64CtxFinal-ex"></a><h3>xmlSecBase64CtxFinal_ex ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecBase64CtxFinal (<em class="parameter"><code><font><span class="type">xmlSecBase64CtxPtr</span></font> ctx</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *out</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> outSize</code></em>);</pre>
+xmlSecBase64CtxFinal_ex (<em class="parameter"><code><font><span class="type">xmlSecBase64CtxPtr</span></font> ctx</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *out</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> outSize</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> *outWritten</code></em>);</pre>
<p>Encodes or decodes the last piece of data stored in the context
and finalizes the result.</p>
<div class="refsect3">
-<a name="xmlSecBase64CtxFinal.parameters"></a><h4>Parameters</h4>
+<a name="xmlSecBase64CtxFinal-ex.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col>
<td class="parameter_description"><p>the output buffer size</p></td>
<td class="parameter_annotations">Â </td>
</tr>
+<tr>
+<td class="parameter_name"><p>outWritten</p></td>
+<td class="parameter_description"><p>the pointer to store the number of bytes written into the output</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
</tbody>
</table></div>
</div>
<div class="refsect3">
-<a name="xmlSecBase64CtxFinal.returns"></a><h4>Returns</h4>
-<p> the number of bytes written to output buffer or
--1 if an error occurs.</p>
+<a name="xmlSecBase64CtxFinal-ex.returns"></a><h4>Returns</h4>
+<p> 0 on success and a negative value otherwise.</p>
</div>
</div>
<hr>
<div class="refsect2">
<a name="xmlSecBase64Encode"></a><h3>xmlSecBase64Encode ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlChar</span></font>Â *
-xmlSecBase64Encode (<em class="parameter"><code>const <a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *buf</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> len</code></em>,
+xmlSecBase64Encode (<em class="parameter"><code>const <a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *in</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> inSize</code></em>,
<em class="parameter"><code><font><span class="type">int</span></font> columns</code></em>);</pre>
<p>Encodes the data from input buffer and allocates the string for the result.
The caller is responsible for freeing returned buffer using
</colgroup>
<tbody>
<tr>
-<td class="parameter_name"><p>buf</p></td>
+<td class="parameter_name"><p>in</p></td>
<td class="parameter_description"><p>the input buffer.</p></td>
<td class="parameter_annotations">Â </td>
</tr>
<tr>
-<td class="parameter_name"><p>len</p></td>
+<td class="parameter_name"><p>inSize</p></td>
<td class="parameter_description"><p>the input buffer size.</p></td>
<td class="parameter_annotations">Â </td>
</tr>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecBase64Decode"></a><h3>xmlSecBase64Decode ()</h3>
+<a name="xmlSecBase64Decode-ex"></a><h3>xmlSecBase64Decode_ex ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecBase64Decode (<em class="parameter"><code>const <font><span class="type">xmlChar</span></font> *str</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *buf</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> len</code></em>);</pre>
+xmlSecBase64Decode_ex (<em class="parameter"><code>const <font><span class="type">xmlChar</span></font> *str</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *out</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> outSize</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> *outWritten</code></em>);</pre>
<p>Decodes input base64 encoded string and puts result into
the output buffer.</p>
<div class="refsect3">
-<a name="xmlSecBase64Decode.parameters"></a><h4>Parameters</h4>
+<a name="xmlSecBase64Decode-ex.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col>
<td class="parameter_annotations">Â </td>
</tr>
<tr>
-<td class="parameter_name"><p>buf</p></td>
+<td class="parameter_name"><p>out</p></td>
<td class="parameter_description"><p>the output buffer</p></td>
<td class="parameter_annotations">Â </td>
</tr>
<tr>
-<td class="parameter_name"><p>len</p></td>
+<td class="parameter_name"><p>outSize</p></td>
<td class="parameter_description"><p>the output buffer size</p></td>
<td class="parameter_annotations">Â </td>
</tr>
+<tr>
+<td class="parameter_name"><p>outWritten</p></td>
+<td class="parameter_description"><p>the pointer to store the number of bytes written into the output.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+</tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecBase64Decode-ex.returns"></a><h4>Returns</h4>
+<p> 0 on success and a negative value otherwise.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecBase64DecodeInPlace"></a><h3>xmlSecBase64DecodeInPlace ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">int</span></font>
+xmlSecBase64DecodeInPlace (<em class="parameter"><code><font><span class="type">xmlChar</span></font> *str</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> *outWritten</code></em>);</pre>
+<p>Decodes input base64 encoded string from <em class="parameter"><code>str</code></em>
+ "in-place" (i.e. puts results into <em class="parameter"><code>str</code></em>
+ buffer).</p>
+<div class="refsect3">
+<a name="xmlSecBase64DecodeInPlace.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody>
+<tr>
+<td class="parameter_name"><p>str</p></td>
+<td class="parameter_description"><p>the input/output buffer</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>outWritten</p></td>
+<td class="parameter_description"><p>the pointer to store the number of bytes written into the output.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
</tbody>
</table></div>
</div>
<div class="refsect3">
-<a name="xmlSecBase64Decode.returns"></a><h4>Returns</h4>
-<p> the number of bytes written to the output buffer or
-a negative value if an error occurs</p>
+<a name="xmlSecBase64DecodeInPlace.returns"></a><h4>Returns</h4>
+<p> 0 on success and a negative value otherwise.</p>
</div>
</div>
</div>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>bn: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-base64.html" title="base64">
<link rel="next" href="xmlsec-buffer.html" title="buffer">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>buffer: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-bn.html" title="bn">
<link rel="next" href="xmlsec-dl.html" title="dl">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
+<a class="link" href="xmlsec-buffer.html#xmlSecBufferReverse" title="xmlSecBufferReverse ()">xmlSecBufferReverse</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">int</span></font>
+</td>
+<td class="function_name">
<a class="link" href="xmlsec-buffer.html#xmlSecBufferReadFile" title="xmlSecBufferReadFile ()">xmlSecBufferReadFile</a> <span class="c_punctuation">()</span>
</td>
</tr>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecBufferReverse"></a><h3>xmlSecBufferReverse ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">int</span></font>
+xmlSecBufferReverse (<em class="parameter"><code><a class="link" href="xmlsec-buffer.html#xmlSecBuffer" title="struct xmlSecBuffer"><span class="type">xmlSecBufferPtr</span></a> buf</code></em>);</pre>
+<p>Reverses order of bytes in the buffer <em class="parameter"><code>buf</code></em>
+.</p>
+<div class="refsect3">
+<a name="xmlSecBufferReverse.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody><tr>
+<td class="parameter_name"><p>buf</p></td>
+<td class="parameter_description"><p>the pointer to buffer object.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr></tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecBufferReverse.returns"></a><h4>Returns</h4>
+<p> 0 on success or a negative value if an error occurs.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecBufferReadFile"></a><h3>xmlSecBufferReadFile ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
xmlSecBufferReadFile (<em class="parameter"><code><a class="link" href="xmlsec-buffer.html#xmlSecBuffer" title="struct xmlSecBuffer"><span class="type">xmlSecBufferPtr</span></a> buf</code></em>,
<tr>
<td class="enum_member_name"><p><a name="xmlSecAllocModeExact"></a>xmlSecAllocModeExact</p></td>
<td class="enum_member_description"><p>the memory allocation mode that minimizes total
- allocated memory size.</p></td>
+allocated memory size.</p></td>
<td class="enum_member_annotations">Â </td>
</tr>
<tr>
<td class="enum_member_name"><p><a name="xmlSecAllocModeDouble"></a>xmlSecAllocModeDouble</p></td>
<td class="enum_member_description"><p>the memory allocation mode that tries to minimize
- the number of malloc calls.</p></td>
+the number of malloc calls.</p></td>
<td class="enum_member_annotations">Â </td>
</tr>
</tbody>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Writing a custom keys manager.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-decrypt-with-keys-mngr.html" title="Decrypting data with keys manager.">
<link rel="next" href="xmlsec-signature-klasses.html" title="APPENDIX A. XML Security Library Signature Klasses.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-decrypt3"></a>decrypt3.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Decrypting an encrypted file using a custom keys manager.
- *
+ *
* Decrypts encrypted XML file using a custom files based keys manager.
- * We assume that key's name in <dsig:KeyName/> element is just
+ * We assume that key's name in <dsig:KeyName/> element is just
* key's file name in the current folder.
- *
- * Usage:
- * ./decrypt3 <xml-enc>
+ *
+ * Usage:
+ * ./decrypt3 <xml-enc>
*
* Example:
* ./decrypt3 encrypt1-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr create_files_keys_mngr(void);
int decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file);
-int
+int
main(int argc, char **argv) {
xmlSecKeysMngrPtr mngr;
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
-#endif /* XMLSEC_NO_XSLT */
+#endif /* XMLSEC_NO_XSLT */
assert(argv);
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
/* Init xmlsec library */
if(xmlSecInit() < 0) {
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
}
if(decrypt_file(mngr, argv[1]) < 0) {
- xmlSecKeysMngrDestroy(mngr);
+ xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
+ }
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* @mngr: the pointer to keys manager.
* @enc_file: the encrypted XML file name.
*
- * Decrypts the XML file #enc_file using DES key from #key_file and
+ * Decrypts the XML file #enc_file using DES key from #key_file and
* prints results to stdout.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(enc_file);
doc = xmlParseFile(enc_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
/* create encryption context */
fprintf(stderr,"Error: decryption failed\n");
goto done;
}
-
+
/* print decrypted data to stdout */
if(encCtx->resultReplaced != 0) {
fprintf(stdout, "Decrypted XML data:\n");
xmlDocDump(stdout, doc);
} else {
- fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
+ fprintf(stdout, "Decrypted binary data (" XMLSEC_SIZE_FMT " bytes):\n",
+ xmlSecBufferGetSize(encCtx->result));
if(xmlSecBufferGetData(encCtx->result) != NULL) {
- fwrite(xmlSecBufferGetData(encCtx->result),
- 1,
+ fwrite(xmlSecBufferGetData(encCtx->result),
+ 1,
xmlSecBufferGetSize(encCtx->result),
stdout);
}
}
fprintf(stdout, "\n");
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
xmlSecEncCtxDestroy(encCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
/**
* create_files_keys_mngr:
- *
- * Creates a files based keys manager: we assume that key name is
+ *
+ * Creates a files based keys manager: we assume that key name is
* the key file name,
*
* Returns pointer to newly created keys manager or NULL if an error occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
create_files_keys_mngr(void) {
xmlSecKeyStorePtr keysStore;
xmlSecKeysMngrPtr mngr;
fprintf(stderr, "Error: failed to create keys store.\n");
return(NULL);
}
-
+
/* create keys manager */
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
xmlSecKeysMngrDestroy(mngr);
return(NULL);
}
-
+
/* initialize crypto library specific data in keys manager */
if(xmlSecCryptoKeysMngrInit(mngr) < 0) {
fprintf(stderr, "Error: failed to initialize crypto data in keys manager.\n");
/****************************************************************************
*
- * Files Keys Store: we assume that key's name (content of the
- * <dsig:KeyName/> element is a name of the file with a key (in the
+ * Files Keys Store: we assume that key's name (content of the
+ * <dsig:KeyName/> element is a name of the file with a key (in the
* current folder).
* Attention: this probably not a good solution for high traffic systems.
- *
+ *
***************************************************************************/
static xmlSecKeyPtr files_keys_store_find_key (xmlSecKeyStorePtr store,
const xmlChar* name,
static xmlSecKeyStoreKlass files_keys_store_klass = {
sizeof(xmlSecKeyStoreKlass),
sizeof(xmlSecKeyStore),
- BAD_CAST "files-based-keys-store", /* const xmlChar* name; */
+ BAD_CAST "files-based-keys-store", /* const xmlChar* name; */
NULL, /* xmlSecKeyStoreInitializeMethod initialize; */
NULL, /* xmlSecKeyStoreFinalizeMethod finalize; */
files_keys_store_find_key, /* xmlSecKeyStoreFindKeyMethod findKey; */
/**
* files_keys_store_get_klass:
- *
+ *
* The files based keys store klass: we assume that key name is the
* key file name,
*
* Returns files based keys store klass.
*/
-xmlSecKeyStoreId
+xmlSecKeyStoreId
files_keys_store_get_klass(void) {
return(&files_keys_store_klass);
}
* @store: the pointer to simple keys store.
* @name: the desired key name.
* @keyInfoCtx: the pointer to <dsig:KeyInfo/> node processing context.
- *
+ *
* Lookups key in the @store. The caller is responsible for destroying
* returned key with #xmlSecKeyDestroy function.
*
files_keys_store_find_key(xmlSecKeyStorePtr store, const xmlChar* name, xmlSecKeyInfoCtxPtr keyInfoCtx) {
xmlSecKeyPtr key;
const xmlChar* p;
-
+
assert(store);
assert(keyInfoCtx);
- /* it's possible to do not have the key name or desired key type
+ /* it's possible to do not have the key name or desired key type
* but we could do nothing in this case */
if((name == NULL) || (keyInfoCtx->keyReq.keyId == xmlSecKeyDataIdUnknown)){
return(NULL);
}
-
+
/* we don't want to open files in a folder other than "current";
* to prevent it limit the characters in the key name to alpha/digit,
* '.', '-' or '_'.
return(NULL);
}
}
-
+
if((keyInfoCtx->keyReq.keyId == xmlSecKeyDataDsaId) || (keyInfoCtx->keyReq.keyId == xmlSecKeyDataRsaId)) {
/* load key from a pem file, if key is not found then it's an error (is it?) */
- key = xmlSecCryptoAppKeyLoad(name, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+ key = xmlSecCryptoAppKeyLoad((const char*)name, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
if(key == NULL) {
fprintf(stderr,"Error: failed to load public pem key from \"%s\"\n", name);
return(NULL);
}
} else {
/* otherwise it's a binary key, if key is not found then it's an error (is it?) */
- key = xmlSecKeyReadBinaryFile(keyInfoCtx->keyReq.keyId, name);
+ key = xmlSecKeyReadBinaryFile(keyInfoCtx->keyReq.keyId, (const char*)name);
if(key == NULL) {
fprintf(stderr,"Error: failed to load key from binary file \"%s\"\n", name);
return(NULL);
/* set key name */
if(xmlSecKeySetName(key, name) < 0) {
- fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", name);
+ fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", (const char*)name);
xmlSecKeyDestroy(key);
- return(NULL);
+ return(NULL);
}
return(key);
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Decrypting data with keys manager.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-decrypt-with-signle-key.html" title="Decrypting data with a single key.">
<link rel="next" href="xmlsec-custom-keys-manager.html" title="Writing a custom keys manager.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-decrypt2"></a>decrypt2.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Decrypting an encrypted file using keys manager.
- *
- * Decrypts encrypted XML file using keys manager and a list of
+ *
+ * Decrypts encrypted XML file using keys manager and a list of
* DES key from a binary file
- *
- * Usage:
- * ./decrypt2 <xml-enc> <des-key-file1> [<des-key-file2> [...]]
+ *
+ * Usage:
+ * ./decrypt2 <xml-enc> <des-key-file1> [<des-key-file2> [...]]
*
* Example:
* ./decrypt2 encrypt1-res.xml deskey.bin
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr load_des_keys(char** files, int files_size);
int decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file);
-int
+int
main(int argc, char **argv) {
xmlSecKeysMngrPtr mngr;
#ifndef XMLSEC_NO_XSLT
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
+
-
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
}
if(decrypt_file(mngr, argv[1]) < 0) {
- xmlSecKeysMngrDestroy(mngr);
+ xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
+ }
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* Returns the pointer to newly created keys manager or NULL if an error
* occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
load_des_keys(char** files, int files_size) {
xmlSecKeysMngrPtr mngr;
xmlSecKeyPtr key;
int i;
-
+
assert(files);
assert(files_size > 0);
-
+
/* create and initialize keys manager, we use a simple list based
* keys manager, implement your own xmlSecKeysStore klass if you need
- * something more sophisticated
+ * something more sophisticated
*/
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
- }
-
+ }
+
for(i = 0; i < files_size; ++i) {
assert(files[i]);
xmlSecKeysMngrDestroy(mngr);
return(NULL);
}
-
- /* add key to keys manager, from now on keys manager is responsible
- * for destroying key
+
+ /* add key to keys manager, from now on keys manager is responsible
+ * for destroying key
*/
if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) {
fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
* @mngr: the pointer to keys manager.
* @enc_file: the encrypted XML file name.
*
- * Decrypts the XML file #enc_file using DES key from #key_file and
+ * Decrypts the XML file #enc_file using DES key from #key_file and
* prints results to stdout.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(enc_file);
doc = xmlParseFile(enc_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
/* create encryption context */
fprintf(stderr,"Error: decryption failed\n");
goto done;
}
-
+
/* print decrypted data to stdout */
if(encCtx->resultReplaced != 0) {
fprintf(stdout, "Decrypted XML data:\n");
xmlDocDump(stdout, doc);
} else {
- fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
+ fprintf(stdout, "Decrypted binary data (" XMLSEC_SIZE_FMT " bytes):\n",
+ xmlSecBufferGetSize(encCtx->result));
if(xmlSecBufferGetData(encCtx->result) != NULL) {
- fwrite(xmlSecBufferGetData(encCtx->result),
- 1,
+ fwrite(xmlSecBufferGetData(encCtx->result),
+ 1,
xmlSecBufferGetSize(encCtx->result),
stdout);
}
}
fprintf(stdout, "\n");
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
xmlSecEncCtxDestroy(encCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Decrypting data with a single key.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-encrypt-with-session-key.html" title="Encrypting data with a session key.">
<link rel="next" href="xmlsec-decrypt-with-keys-mngr.html" title="Decrypting data with keys manager.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-decrypt1"></a>decrypt1.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Decrypting an encrypted file using a single key.
- *
+ *
* Decrypts encrypted XML file using a single DES key from a binary file
- *
- * Usage:
- * ./decrypt1 <xml-enc> <des-key-file>
+ *
+ * Usage:
+ * ./decrypt1 <xml-enc> <des-key-file>
*
* Example:
* ./decrypt1 encrypt1-res.xml deskey.bin
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int decrypt_file(const char* enc_file, const char* key_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
+
-
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(decrypt_file(argv[1], argv[2]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* @enc_file: the encrypted XML file name.
* @key_file: the Triple DES key file.
*
- * Decrypts the XML file #enc_file using DES key from #key_file and
+ * Decrypts the XML file #enc_file using DES key from #key_file and
* prints results to stdout.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
decrypt_file(const char* enc_file, const char* key_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(enc_file);
assert(key_file);
doc = xmlParseFile(enc_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
/* create encryption context, we don't need keys manager in this example */
fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", key_file);
goto done;
}
-
+
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(encCtx->encKey, key_file) < 0) {
+ if(xmlSecKeySetName(encCtx->encKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: decryption failed\n");
goto done;
}
-
+
/* print decrypted data to stdout */
if(encCtx->resultReplaced != 0) {
fprintf(stdout, "Decrypted XML data:\n");
xmlDocDump(stdout, doc);
} else {
- fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
+ fprintf(stdout, "Decrypted binary data (" XMLSEC_SIZE_FMT " bytes):\n",
+ xmlSecBufferGetSize(encCtx->result));
if(xmlSecBufferGetData(encCtx->result) != NULL) {
- fwrite(xmlSecBufferGetData(encCtx->result),
- 1,
+ fwrite(xmlSecBufferGetData(encCtx->result),
+ 1,
xmlSecBufferGetSize(encCtx->result),
stdout);
}
}
fprintf(stdout, "\n");
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
xmlSecEncCtxDestroy(encCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>dl: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-buffer.html" title="buffer">
<link rel="next" href="xmlsec-errors.html" title="errors">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-dl.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Encrypting data with a dynamicaly created template.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-encrypt-template-file.html" title="Encrypting data with a template file.">
<link rel="next" href="xmlsec-encrypt-with-session-key.html" title="Encrypting data with a session key.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-encrypt2"></a>encrypt2.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Encrypting XML file with a dynamicaly created template.
- *
- * Encrypts XML file using a dynamicaly created template file and a DES key
+ *
+ * Encrypts XML file using a dynamicaly created template file and a DES key
* from a binary file
- *
- * Usage:
- * ./encrypt2 <xml-doc> <des-key-file>
+ *
+ * Usage:
+ * ./encrypt2 <xml-doc> <des-key-file>
*
* Example:
* ./encrypt2 encrypt2-doc.xml deskey.bin > encrypt2-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int encrypt_file(const char* xml_file, const char* key_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(encrypt_file(argv[1], argv[2]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
encrypt_file(const char* xml_file, const char* key_file) {
xmlDocPtr doc = NULL;
xmlNodePtr encDataNode = NULL;
xmlNodePtr keyInfoNode = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(xml_file);
assert(key_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
- /* create encryption template to encrypt XML file and replace
+
+ /* create encryption template to encrypt XML file and replace
* its content with encryption result */
encDataNode = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId,
NULL, xmlSecTypeEncElement, NULL, NULL);
if(encDataNode == NULL) {
fprintf(stderr, "Error: failed to create encryption template\n");
- goto done;
+ goto done;
}
/* we want to put encrypted data in the <enc:CipherValue/> node */
if(xmlSecTmplEncDataEnsureCipherValue(encDataNode) == NULL) {
fprintf(stderr, "Error: failed to add CipherValue node\n");
- goto done;
+ goto done;
}
/* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to put key name in the signed document */
keyInfoNode = xmlSecTmplEncDataEnsureKeyInfo(encDataNode, NULL);
if(keyInfoNode == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) {
fprintf(stderr, "Error: failed to add key name\n");
- goto done;
+ goto done;
}
/* create encryption context, we don't need keys manager in this example */
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(encCtx->encKey, key_file) < 0) {
+ if(xmlSecKeySetName(encCtx->encKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: encryption failed\n");
goto done;
}
-
+
/* we template is inserted in the doc */
encDataNode = NULL;
-
+
/* print encrypted data with document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
if(encDataNode != NULL) {
xmlFreeNode(encDataNode);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Encrypting data with a template file.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-verify-with-restrictions.html" title="Verifying a signature with additional restrictions.">
<link rel="next" href="xmlsec-encrypt-dynamic-template.html" title="Encrypting data with a dynamicaly created template.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-encrypt1"></a>encrypt1.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Encrypting data using a template file.
- *
+ *
* Encrypts binary data using a template file and a DES key from a binary file
- *
- * Usage:
- * ./encrypt1 <xml-tmpl> <des-key-file>
+ *
+ * Usage:
+ * ./encrypt1 <xml-tmpl> <des-key-file>
*
* Example:
* ./encrypt1 encrypt1-tmpl.xml deskey.bin > encrypt1-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
#include <xmlsec/xmlenc.h>
#include <xmlsec/crypto.h>
-int encrypt_file(const char* tmpl_file, const char* key_file,
+int encrypt_file(const char* tmpl_file, const char* key_file,
const unsigned char* data, size_t dataSize);
-int
+int
main(int argc, char **argv) {
static const char secret_data[] = "Big secret";
#ifndef XMLSEC_NO_XSLT
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
return(-1);
}
- if(encrypt_file(argv[1], argv[2], secret_data, strlen(secret_data)) < 0) {
+ if(encrypt_file(argv[1], argv[2], BAD_CAST secret_data, strlen(secret_data)) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
-encrypt_file(const char* tmpl_file, const char* key_file,
+int
+encrypt_file(const char* tmpl_file, const char* key_file,
const unsigned char* data, size_t dataSize) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(tmpl_file);
assert(key_file);
assert(data);
doc = xmlParseFile(tmpl_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
- goto done;
+ goto done;
}
/* create encryption context, we don't need keys manager in this example */
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(encCtx->encKey, key_file) < 0) {
+ if(xmlSecKeySetName(encCtx->encKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: encryption failed\n");
goto done;
}
-
+
/* print encrypted data with document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
xmlSecEncCtxDestroy(encCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Encrypting data with a session key.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-encrypt-dynamic-template.html" title="Encrypting data with a dynamicaly created template.">
<link rel="next" href="xmlsec-decrypt-with-signle-key.html" title="Decrypting data with a single key.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-encrypt3"></a>encrypt3.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Encrypting XML file with a session key and dynamicaly created template.
- *
- * Encrypts XML file using a dynamicaly created template file and a session
+ *
+ * Encrypts XML file using a dynamicaly created template file and a session
* DES key (encrypted with an RSA key).
- *
- * Usage:
- * ./encrypt3 <xml-doc> <rsa-pem-key-file>
+ *
+ * Usage:
+ * ./encrypt3 <xml-doc> <rsa-pem-key-file>
*
* Example:
* ./encrypt3 encrypt3-doc.xml rsakey.pem > encrypt3-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr load_rsa_keys(char* key_file);
int encrypt_file(xmlSecKeysMngrPtr mngr, const char* xml_file, const char* key_name);
-int
+int
main(int argc, char **argv) {
xmlSecKeysMngrPtr mngr;
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
#endif /* XMLSEC_NO_XSLT */
-
+
assert(argv);
if(argc != 3) {
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
/* Init xmlsec library */
if(xmlSecInit() < 0) {
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(encrypt_file(mngr, argv[1], argv[2]) < 0) {
xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
+ }
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* Returns the pointer to newly created keys manager or NULL if an error
* occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
load_rsa_keys(char* key_file) {
xmlSecKeysMngrPtr mngr;
xmlSecKeyPtr key;
-
+
assert(key_file);
-
+
/* create and initialize keys manager, we use a simple list based
* keys manager, implement your own xmlSecKeysStore klass if you need
- * something more sophisticated
+ * something more sophisticated
*/
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
- }
-
+ }
+
/* load private RSA key */
key = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
if(key == NULL) {
/* set key name to the file name, this is just an example! */
if(xmlSecKeySetName(key, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
- xmlSecKeyDestroy(key);
+ xmlSecKeyDestroy(key);
xmlSecKeysMngrDestroy(mngr);
return(NULL);
}
-
- /* add key to keys manager, from now on keys manager is responsible
- * for destroying key
+
+ /* add key to keys manager, from now on keys manager is responsible
+ * for destroying key
*/
if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) {
fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", key_file);
* @xml_file: the encryption template file name.
* @key_name: the RSA key name.
*
- * Encrypts #xml_file using a dynamicaly created template, a session DES key
+ * Encrypts #xml_file using a dynamicaly created template, a session DES key
* and an RSA key from keys manager.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
encrypt_file(xmlSecKeysMngrPtr mngr, const char* xml_file, const char* key_name) {
xmlDocPtr doc = NULL;
xmlNodePtr encDataNode = NULL;
xmlNodePtr keyInfoNode2 = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(xml_file);
assert(key_name);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
- /* create encryption template to encrypt XML file and replace
+
+ /* create encryption template to encrypt XML file and replace
* its content with encryption result */
encDataNode = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId,
NULL, xmlSecTypeEncElement, NULL, NULL);
if(encDataNode == NULL) {
fprintf(stderr, "Error: failed to create encryption template\n");
- goto done;
+ goto done;
}
/* we want to put encrypted data in the <enc:CipherValue/> node */
if(xmlSecTmplEncDataEnsureCipherValue(encDataNode) == NULL) {
fprintf(stderr, "Error: failed to add CipherValue node\n");
- goto done;
+ goto done;
}
/* add <dsig:KeyInfo/> */
keyInfoNode = xmlSecTmplEncDataEnsureKeyInfo(encDataNode, NULL);
if(keyInfoNode == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
/* add <enc:EncryptedKey/> to store the encrypted session key */
- encKeyNode = xmlSecTmplKeyInfoAddEncryptedKey(keyInfoNode,
- xmlSecTransformRsaPkcs1Id,
+ encKeyNode = xmlSecTmplKeyInfoAddEncryptedKey(keyInfoNode,
+ xmlSecTransformRsaPkcs1Id,
NULL, NULL, NULL);
if(encKeyNode == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
/* we want to put encrypted key in the <enc:CipherValue/> node */
if(xmlSecTmplEncDataEnsureCipherValue(encKeyNode) == NULL) {
fprintf(stderr, "Error: failed to add CipherValue node\n");
- goto done;
+ goto done;
}
/* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to <enc:EncryptedKey/> */
keyInfoNode2 = xmlSecTmplEncDataEnsureKeyInfo(encKeyNode, NULL);
if(keyInfoNode2 == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
-
+
/* set key name so we can lookup key when needed */
- if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode2, key_name) == NULL) {
+ if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode2, BAD_CAST key_name) == NULL) {
fprintf(stderr, "Error: failed to add key name\n");
- goto done;
+ goto done;
}
/* create encryption context */
fprintf(stderr,"Error: encryption failed\n");
goto done;
}
-
+
/* we template is inserted in the doc */
encDataNode = NULL;
-
+
/* print encrypted data with document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
if(encDataNode != NULL) {
xmlFreeNode(encDataNode);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>APPENDIX B. XML Security Library Encryption Klasses.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-signature-klasses.html" title="APPENDIX A. XML Security Library Signature Klasses.">
<link rel="next" href="xmlsec-reference.html" title="Part II. XML Security Library API Reference.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<br class="figure-break">
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>errors: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-dl.html" title="dl">
<link rel="next" href="xmlsec-io.html" title="io">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</tr>
<tr>
<td class="define_keyword">#define</td>
+<td class="function_name"><a class="link" href="xmlsec-errors.html#XMLSEC-ERROR-R-CAST-IMPOSSIBLE:CAPS" title="XMLSEC_ERROR_R_CAST_IMPOSSIBLE">XMLSEC_ERROR_R_CAST_IMPOSSIBLE</a></td>
+</tr>
+<tr>
+<td class="define_keyword">#define</td>
<td class="function_name"><a class="link" href="xmlsec-errors.html#XMLSEC-ERRORS-MAX-NUMBER:CAPS" title="XMLSEC_ERRORS_MAX_NUMBER">XMLSEC_ERRORS_MAX_NUMBER</a></td>
</tr>
<tr>
</div>
<hr>
<div class="refsect2">
+<a name="XMLSEC-ERROR-R-CAST-IMPOSSIBLE:CAPS"></a><h3>XMLSEC_ERROR_R_CAST_IMPOSSIBLE</h3>
+<pre class="programlisting">#define XMLSEC_ERROR_R_CAST_IMPOSSIBLE 101
+</pre>
+</div>
+<hr>
+<div class="refsect2">
<a name="XMLSEC-ERRORS-MAX-NUMBER:CAPS"></a><h3>XMLSEC_ERRORS_MAX_NUMBER</h3>
<pre class="programlisting">#define XMLSEC_ERRORS_MAX_NUMBER 256
</pre>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Signing a dynamicaly created template.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-examples-sign-template-file.html" title="Signing a template file.">
<link rel="next" href="xmlsec-examples-sign-x509.html" title="Signing with X509 certificate.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-sign2"></a>sign2.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Signing a file with a dynamicaly created template.
- *
+ *
* Signs a file using a dynamicaly created template and key from PEM file.
* The signature has one reference with one enveloped transform to sign
* the whole document except the <dsig:Signature/> node itself.
- *
- * Usage:
- * sign2 <xml-doc> <pem-key>
+ *
+ * Usage:
+ * sign2 <xml-doc> <pem-key>
*
* Example:
* ./sign2 sign2-doc.xml rsakey.pem > sign2-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int sign_file(const char* xml_file, const char* key_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(sign_file(argv[1], argv[2]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
-/**
+/**
* sign_file:
* @xml_file: the XML file name.
* @key_file: the PEM private key file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
sign_file(const char* xml_file, const char* key_file) {
xmlDocPtr doc = NULL;
xmlNodePtr signNode = NULL;
xmlNodePtr keyInfoNode = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(xml_file);
assert(key_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* create signature template for RSA-SHA1 enveloped signature */
signNode = xmlSecTmplSignatureCreate(doc, xmlSecTransformExclC14NId,
xmlSecTransformRsaSha1Id, NULL);
if(signNode == NULL) {
fprintf(stderr, "Error: failed to create signature template\n");
- goto done;
+ goto done;
}
/* add <dsig:Signature/> node to the doc */
xmlAddChild(xmlDocGetRootElement(doc), signNode);
-
+
/* add reference */
refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id,
NULL, NULL, NULL);
if(refNode == NULL) {
fprintf(stderr, "Error: failed to add reference to signature template\n");
- goto done;
+ goto done;
}
/* add enveloped transform */
if(xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId) == NULL) {
fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
- goto done;
+ goto done;
}
-
+
/* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to put key name in the signed document */
keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL);
if(keyInfoNode == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) {
fprintf(stderr, "Error: failed to add key name\n");
- goto done;
+ goto done;
}
/* create signature context, we don't need keys manager in this example */
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
+ if(xmlSecKeySetName(dsigCtx->signKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: signature failed\n");
goto done;
}
-
+
/* print signed document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Signing a template file.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-examples.html" title="Examples.">
<link rel="next" href="xmlsec-examples-sign-dynamimc-template.html" title="Signing a dynamicaly created template.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-sign1"></a>sign1.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Signing a template file.
- *
+ *
* Signs a template file using a key from PEM file
- *
- * Usage:
- * ./sign1 <xml-tmpl> <pem-key>
+ *
+ * Usage:
+ * ./sign1 <xml-tmpl> <pem-key>
*
* Example:
* ./sign1 sign1-tmpl.xml rsakey.pem > sign1-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int sign_file(const char* tmpl_file, const char* key_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
/* Init xmlsec library */
if(xmlSecInit() < 0) {
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(sign_file(argv[1], argv[2]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
-/**
+/**
* sign_file:
* @tmpl_file: the signature template file name.
* @key_file: the PEM private key file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
sign_file(const char* tmpl_file, const char* key_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(tmpl_file);
assert(key_file);
doc = xmlParseFile(tmpl_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
- goto done;
+ goto done;
}
/* create signature context, we don't need keys manager in this example */
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
+ if(xmlSecKeySetName(dsigCtx->signKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: signature failed\n");
goto done;
}
-
+
/* print signed document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Signing with X509 certificate.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-examples-sign-dynamimc-template.html" title="Signing a dynamicaly created template.">
<link rel="next" href="xmlsec-verify-with-key.html" title="Verifying a signature with a single key.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-sign3"></a>sign3.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Signing a file with a dynamicaly created template and an X509 certificate.
- *
+ *
* Signs a file using a dynamicaly created template, key from PEM file and
- * an X509 certificate. The signature has one reference with one enveloped
- * transform to sign the whole document except the <dsig:Signature/> node
+ * an X509 certificate. The signature has one reference with one enveloped
+ * transform to sign the whole document except the <dsig:Signature/> node
* itself. The key certificate is written in the <dsig:X509Data/> node.
- *
- * This example was developed and tested with OpenSSL crypto library. The
+ *
+ * This example was developed and tested with OpenSSL crypto library. The
* certificates management policies for another crypto library may break it.
- *
- * Usage:
- * sign3 <xml-doc> <pem-key>
+ *
+ * Usage:
+ * sign3 <xml-doc> <pem-key>
*
* Example:
* ./sign3 sign3-doc.xml rsakey.pem rsacert.pem > sign3-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int sign_file(const char* xml_file, const char* key_file, const char* cert_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(sign_file(argv[1], argv[2], argv[3]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
-/**
+/**
* sign_file:
* @xml_file: the XML file name.
* @key_file: the PEM private key file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
sign_file(const char* xml_file, const char* key_file, const char* cert_file) {
xmlDocPtr doc = NULL;
xmlNodePtr signNode = NULL;
xmlNodePtr x509DataNode = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(xml_file);
assert(key_file);
assert(cert_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* create signature template for RSA-SHA1 enveloped signature */
signNode = xmlSecTmplSignatureCreate(doc, xmlSecTransformExclC14NId,
xmlSecTransformRsaSha1Id, NULL);
if(signNode == NULL) {
fprintf(stderr, "Error: failed to create signature template\n");
- goto done;
+ goto done;
}
/* add <dsig:Signature/> node to the doc */
xmlAddChild(xmlDocGetRootElement(doc), signNode);
-
+
/* add reference */
refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id,
NULL, NULL, NULL);
if(refNode == NULL) {
fprintf(stderr, "Error: failed to add reference to signature template\n");
- goto done;
+ goto done;
}
/* add enveloped transform */
if(xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId) == NULL) {
fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
- goto done;
+ goto done;
}
-
+
/* add <dsig:KeyInfo/> and <dsig:X509Data/> */
keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL);
if(keyInfoNode == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
-
+
x509DataNode = xmlSecTmplKeyInfoAddX509Data(keyInfoNode);
if(x509DataNode == NULL) {
fprintf(stderr, "Error: failed to add X509Data node\n");
- goto done;
+ goto done;
}
if(xmlSecTmplX509DataAddSubjectName(x509DataNode) == NULL) {
fprintf(stderr,"Error: failed to load private pem key from \"%s\"\n", key_file);
goto done;
}
-
+
/* load certificate and add to the key */
if(xmlSecCryptoAppKeyCertLoad(dsigCtx->signKey, cert_file, xmlSecKeyDataFormatPem) < 0) {
fprintf(stderr,"Error: failed to load pem certificate \"%s\"\n", cert_file);
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
+ if(xmlSecKeySetName(dsigCtx->signKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: signature failed\n");
goto done;
}
-
+
/* print signed document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Examples.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-new-crypto-sharing-results.html" title="Sharing the results.">
<link rel="next" href="xmlsec-examples-sign-template-file.html" title="Signing a template file.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>app: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-gcrypt-ref.html" title="XML Security Library for GCrypt API Reference.">
<link rel="prev" href="xmlsec-gcrypt-ref.html" title="XML Security Library for GCrypt API Reference.">
<link rel="next" href="xmlsec-gcrypt-crypto.html" title="crypto">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-gcrypt-app.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>crypto: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-gcrypt-ref.html" title="XML Security Library for GCrypt API Reference.">
<link rel="prev" href="xmlsec-gcrypt-app.html" title="app">
<link rel="next" href="xmlsec-nss-ref.html" title="XML Security Library for NSS API Reference.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">int</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-gcrypt-crypto.html#xmlSecGCryptHmacGetMinOutputLength" title="xmlSecGCryptHmacGetMinOutputLength ()">xmlSecGCryptHmacGetMinOutputLength</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">void</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-gcrypt-crypto.html#xmlSecGCryptHmacSetMinOutputLength" title="xmlSecGCryptHmacSetMinOutputLength ()">xmlSecGCryptHmacSetMinOutputLength</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
<font><span class="returnvalue">xmlSecKeyDataId</span></font>
</td>
<td class="function_name">
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecGCryptHmacGetMinOutputLength"></a><h3>xmlSecGCryptHmacGetMinOutputLength ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecGCryptHmacGetMinOutputLength (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
-<p>Gets the value of min HMAC length.</p>
-<div class="refsect3">
-<a name="xmlSecGCryptHmacGetMinOutputLength.returns"></a><h4>Returns</h4>
-<p> the min HMAC output length</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecGCryptHmacSetMinOutputLength"></a><h3>xmlSecGCryptHmacSetMinOutputLength ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">void</span></font>
-xmlSecGCryptHmacSetMinOutputLength (<em class="parameter"><code><font><span class="type">int</span></font> min_length</code></em>);</pre>
-<p>Sets the min HMAC output length</p>
-<div class="refsect3">
-<a name="xmlSecGCryptHmacSetMinOutputLength.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>min_length</p></td>
-<td class="parameter_description"><p>the new min length</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-</div>
-<hr>
-<div class="refsect2">
<a name="xmlSecGCryptKeyDataHmacGetKlass"></a><h3>xmlSecGCryptKeyDataHmacGetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecKeyDataId</span></font>
xmlSecGCryptKeyDataHmacGetKlass (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
<div class="refsect2">
<a name="xmlSecGCryptKeyDataHmacId"></a><h3>xmlSecGCryptKeyDataHmacId</h3>
<pre class="programlisting">#define xmlSecGCryptKeyDataHmacId</pre>
+<div class="warning"><p><code class="literal">xmlSecGCryptKeyDataHmacId</code> is deprecated and should not be used in newly-written code.</p></div>
<p>The HMAC key klass.</p>
</div>
<hr>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library for GCrypt API Reference.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-reference.html" title="Part II. XML Security Library API Reference.">
<link rel="prev" href="xmlsec-gnutls-x509.html" title="x509">
<link rel="next" href="xmlsec-gcrypt-app.html" title="app">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
build by extracting comments from the code sources. </p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>app: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-gnutls-ref.html" title="XML Security Library for GnuTLS API Reference.">
<link rel="prev" href="xmlsec-gnutls-ref.html" title="XML Security Library for GnuTLS API Reference.">
<link rel="next" href="xmlsec-gnutls-crypto.html" title="crypto">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-gnutls-app.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>crypto: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-gnutls-ref.html" title="XML Security Library for GnuTLS API Reference.">
<link rel="prev" href="xmlsec-gnutls-app.html" title="app">
<link rel="next" href="xmlsec-gnutls-x509.html" title="x509">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">int</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-gnutls-crypto.html#xmlSecGnuTLSHmacGetMinOutputLength" title="xmlSecGnuTLSHmacGetMinOutputLength ()">xmlSecGnuTLSHmacGetMinOutputLength</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">void</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-gnutls-crypto.html#xmlSecGnuTLSHmacSetMinOutputLength" title="xmlSecGnuTLSHmacSetMinOutputLength ()">xmlSecGnuTLSHmacSetMinOutputLength</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
<font><span class="returnvalue">xmlSecKeyDataId</span></font>
</td>
<td class="function_name">
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecGnuTLSHmacGetMinOutputLength"></a><h3>xmlSecGnuTLSHmacGetMinOutputLength ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecGnuTLSHmacGetMinOutputLength (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
-<p>Gets the value of min HMAC length.</p>
-<div class="refsect3">
-<a name="xmlSecGnuTLSHmacGetMinOutputLength.returns"></a><h4>Returns</h4>
-<p> the min HMAC output length</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecGnuTLSHmacSetMinOutputLength"></a><h3>xmlSecGnuTLSHmacSetMinOutputLength ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">void</span></font>
-xmlSecGnuTLSHmacSetMinOutputLength (<em class="parameter"><code><font><span class="type">int</span></font> min_length</code></em>);</pre>
-<p>Sets the min HMAC output length</p>
-<div class="refsect3">
-<a name="xmlSecGnuTLSHmacSetMinOutputLength.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>min_length</p></td>
-<td class="parameter_description"><p>the new min length</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-</div>
-<hr>
-<div class="refsect2">
<a name="xmlSecGnuTLSKeyDataHmacGetKlass"></a><h3>xmlSecGnuTLSKeyDataHmacGetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecKeyDataId</span></font>
xmlSecGnuTLSKeyDataHmacGetKlass (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
<div class="refsect2">
<a name="xmlSecGnuTLSKeyDataHmacId"></a><h3>xmlSecGnuTLSKeyDataHmacId</h3>
<pre class="programlisting">#define xmlSecGnuTLSKeyDataHmacId</pre>
+<div class="warning"><p><code class="literal">xmlSecGnuTLSKeyDataHmacId</code> is deprecated and should not be used in newly-written code.</p></div>
<p>The HMAC key klass.</p>
</div>
<hr>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library for GnuTLS API Reference.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-reference.html" title="Part II. XML Security Library API Reference.">
<link rel="prev" href="xmlsec-openssl-x509.html" title="x509">
<link rel="next" href="xmlsec-gnutls-app.html" title="app">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
build by extracting comments from the code sources. </p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>x509: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-gnutls-ref.html" title="XML Security Library for GnuTLS API Reference.">
<link rel="prev" href="xmlsec-gnutls-crypto.html" title="crypto">
<link rel="next" href="xmlsec-gcrypt-ref.html" title="XML Security Library for GCrypt API Reference.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<font><span class="returnvalue">gnutls_x509_crt_t</span></font>
</td>
<td class="function_name">
+<a class="link" href="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreFindCert-ex" title="xmlSecGnuTLSX509StoreFindCert_ex ()">xmlSecGnuTLSX509StoreFindCert_ex</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">gnutls_x509_crt_t</span></font>
+</td>
+<td class="function_name">
<a class="link" href="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreVerify" title="xmlSecGnuTLSX509StoreVerify ()">xmlSecGnuTLSX509StoreVerify</a> <span class="c_punctuation">()</span>
</td>
</tr>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecGnuTLSX509StoreFindCert-ex"></a><h3>xmlSecGnuTLSX509StoreFindCert_ex ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">gnutls_x509_crt_t</span></font>
+xmlSecGnuTLSX509StoreFindCert_ex (<em class="parameter"><code>const <a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="type">xmlSecKeyDataStorePtr</span></a> store</code></em>,
+ <em class="parameter"><code>const <font><span class="type">xmlChar</span></font> *subjectName</code></em>,
+ <em class="parameter"><code>const <font><span class="type">xmlChar</span></font> *issuerName</code></em>,
+ <em class="parameter"><code>const <font><span class="type">xmlChar</span></font> *issuerSerial</code></em>,
+ <em class="parameter"><code>const <a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *ski</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> skiSize</code></em>,
+ <em class="parameter"><code>const <a class="link" href="xmlsec-keyinfo.html#xmlSecKeyInfoCtx" title="struct xmlSecKeyInfoCtx"><span class="type">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code></em>);</pre>
+<p>Searches <em class="parameter"><code>store</code></em>
+ for a certificate that matches given criteria.</p>
+<div class="refsect3">
+<a name="xmlSecGnuTLSX509StoreFindCert-ex.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody>
+<tr>
+<td class="parameter_name"><p>store</p></td>
+<td class="parameter_description"><p>the pointer to X509 key data store klass.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>subjectName</p></td>
+<td class="parameter_description"><p>the desired certificate name.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>issuerName</p></td>
+<td class="parameter_description"><p>the desired certificate issuer name.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>issuerSerial</p></td>
+<td class="parameter_description"><p>the desired certificate issuer serial number.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>ski</p></td>
+<td class="parameter_description"><p>the desired certificate SKI.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>skiSize</p></td>
+<td class="parameter_description"><p>the desired certificate SKI size.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>keyInfoCtx</p></td>
+<td class="parameter_description"><p>the pointer to <a class="ulink" href="" target="_top"><dsig:KeyInfo/></a> element processing context.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+</tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecGnuTLSX509StoreFindCert-ex.returns"></a><h4>Returns</h4>
+<p> pointer to found certificate or NULL if certificate is not found
+or an error occurs.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecGnuTLSX509StoreVerify"></a><h3>xmlSecGnuTLSX509StoreVerify ()</h3>
<pre class="programlisting"><font><span class="returnvalue">gnutls_x509_crt_t</span></font>
xmlSecGnuTLSX509StoreVerify (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="type">xmlSecKeyDataStorePtr</span></a> store</code></em>,
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library Reference Index: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-reference.html" title="Part II. XML Security Library API Reference.">
<link rel="prev" href="xmlsec-mscng-x509.html" title="x509">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<li class="listitem"><p><a class="link" href="xmlsec-errors.html#xmlSecAssert" title="xmlSecAssert()">xmlSecAssert</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-base64.html#xmlSecBase64CtxCreate" title="xmlSecBase64CtxCreate ()">xmlSecBase64CtxCreate</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-base64.html#xmlSecBase64CtxDestroy" title="xmlSecBase64CtxDestroy ()">xmlSecBase64CtxDestroy</a></p></li>
+<li class="listitem"><p><font>xmlSecBase64CtxFinal-ex</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-base64.html#xmlSecBase64CtxFinalize" title="xmlSecBase64CtxFinalize ()">xmlSecBase64CtxFinalize</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-base64.html#xmlSecBase64CtxFinal" title="xmlSecBase64CtxFinal ()">xmlSecBase64CtxFinal</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-base64.html#xmlSecBase64CtxInitialize" title="xmlSecBase64CtxInitialize ()">xmlSecBase64CtxInitialize</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-base64.html#xmlSecBase64CtxUpdate" title="xmlSecBase64CtxUpdate ()">xmlSecBase64CtxUpdate</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-base64.html#xmlSecBase64Decode" title="xmlSecBase64Decode ()">xmlSecBase64Decode</a></p></li>
+<li class="listitem"><p><font>xmlSecBase64CtxUpdate-ex</font></p></li>
+<li class="listitem"><p><font>xmlSecBase64Decode-ex</font></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-base64.html#xmlSecBase64DecodeInPlace" title="xmlSecBase64DecodeInPlace ()">xmlSecBase64DecodeInPlace</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-base64.html#xmlSecBase64Encode" title="xmlSecBase64Encode ()">xmlSecBase64Encode</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-base64.html#xmlSecBase64GetDefaultLineSize" title="xmlSecBase64GetDefaultLineSize ()">xmlSecBase64GetDefaultLineSize</a></p></li>
<li class="listitem"><p><font>XMLSEC-BASE64-LINESIZE</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-buffer.html#xmlSecBufferReadFile" title="xmlSecBufferReadFile ()">xmlSecBufferReadFile</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-buffer.html#xmlSecBufferRemoveHead" title="xmlSecBufferRemoveHead ()">xmlSecBufferRemoveHead</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-buffer.html#xmlSecBufferRemoveTail" title="xmlSecBufferRemoveTail ()">xmlSecBufferRemoveTail</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-buffer.html#xmlSecBufferReverse" title="xmlSecBufferReverse ()">xmlSecBufferReverse</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-buffer.html#xmlSecBufferSetData" title="xmlSecBufferSetData ()">xmlSecBufferSetData</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-buffer.html#xmlSecBufferSetDefaultAllocMode" title="xmlSecBufferSetDefaultAllocMode ()">xmlSecBufferSetDefaultAllocMode</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-buffer.html#xmlSecBufferSetMaxSize" title="xmlSecBufferSetMaxSize ()">xmlSecBufferSetMaxSize</a></p></li>
<li class="listitem"><p><font>XMLSEC-ENC-RETURN-REPLACED-NODE</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecEnsureEmptyChild" title="xmlSecEnsureEmptyChild ()">xmlSecEnsureEmptyChild</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-errors.html#xmlSecError" title="xmlSecError ()">xmlSecError</a></p></li>
+<li class="listitem"><p><font>XMLSEC-ERROR-R-CAST-IMPOSSIBLE</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-errors.html#xmlSecErrorsCallback" title="xmlSecErrorsCallback ()">xmlSecErrorsCallback</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-errors.html#xmlSecErrorsDefaultCallbackEnableOutput" title="xmlSecErrorsDefaultCallbackEnableOutput ()">xmlSecErrorsDefaultCallbackEnableOutput</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-errors.html#xmlSecErrorsDefaultCallback" title="xmlSecErrorsDefaultCallback ()">xmlSecErrorsDefaultCallback</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gcrypt-app.html#xmlSecGCryptAppPkcs12Load" title="xmlSecGCryptAppPkcs12Load ()">xmlSecGCryptAppPkcs12Load</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gcrypt-app.html#xmlSecGCryptAppShutdown" title="xmlSecGCryptAppShutdown ()">xmlSecGCryptAppShutdown</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gcrypt-crypto.html#xmlSecGCryptGenerateRandom" title="xmlSecGCryptGenerateRandom ()">xmlSecGCryptGenerateRandom</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-gcrypt-crypto.html#xmlSecGCryptHmacGetMinOutputLength" title="xmlSecGCryptHmacGetMinOutputLength ()">xmlSecGCryptHmacGetMinOutputLength</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-gcrypt-crypto.html#xmlSecGCryptHmacSetMinOutputLength" title="xmlSecGCryptHmacSetMinOutputLength ()">xmlSecGCryptHmacSetMinOutputLength</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gcrypt-crypto.html#xmlSecGCryptInit" title="xmlSecGCryptInit ()">xmlSecGCryptInit</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataAesGetKlass" title="xmlSecGCryptKeyDataAesGetKlass ()">xmlSecGCryptKeyDataAesGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataAesId" title="xmlSecGCryptKeyDataAesId">xmlSecGCryptKeyDataAesId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecGetHex" title="xmlSecGetHex()">xmlSecGetHex</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysmngr.html#xmlSecGetKeyCallback" title="xmlSecGetKeyCallback ()">xmlSecGetKeyCallback</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecGetNextElementNode" title="xmlSecGetNextElementNode ()">xmlSecGetNextElementNode</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecGetNodeContentAsSize" title="xmlSecGetNodeContentAsSize ()">xmlSecGetNodeContentAsSize</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecGetNodeNsHref" title="xmlSecGetNodeNsHref ()">xmlSecGetNodeNsHref</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecGetQName" title="xmlSecGetQName ()">xmlSecGetQName</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-app.html#xmlSecGnuTLSAppDefaultKeysMngrAdoptKey" title="xmlSecGnuTLSAppDefaultKeysMngrAdoptKey ()">xmlSecGnuTLSAppDefaultKeysMngrAdoptKey</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-app.html#xmlSecGnuTLSAppPkcs12Load" title="xmlSecGnuTLSAppPkcs12Load ()">xmlSecGnuTLSAppPkcs12Load</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-app.html#xmlSecGnuTLSAppShutdown" title="xmlSecGnuTLSAppShutdown ()">xmlSecGnuTLSAppShutdown</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-crypto.html#xmlSecGnuTLSGenerateRandom" title="xmlSecGnuTLSGenerateRandom ()">xmlSecGnuTLSGenerateRandom</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-gnutls-crypto.html#xmlSecGnuTLSHmacGetMinOutputLength" title="xmlSecGnuTLSHmacGetMinOutputLength ()">xmlSecGnuTLSHmacGetMinOutputLength</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-gnutls-crypto.html#xmlSecGnuTLSHmacSetMinOutputLength" title="xmlSecGnuTLSHmacSetMinOutputLength ()">xmlSecGnuTLSHmacSetMinOutputLength</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-crypto.html#xmlSecGnuTLSInit" title="xmlSecGnuTLSInit ()">xmlSecGnuTLSInit</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataAesGetKlass" title="xmlSecGnuTLSKeyDataAesGetKlass ()">xmlSecGnuTLSKeyDataAesGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataAesId" title="xmlSecGnuTLSKeyDataAesId">xmlSecGnuTLSKeyDataAesId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformSha512Id" title="xmlSecGnuTLSTransformSha512Id">xmlSecGnuTLSTransformSha512Id</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509CertGetKey" title="xmlSecGnuTLSX509CertGetKey ()">xmlSecGnuTLSX509CertGetKey</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreAdoptCert" title="xmlSecGnuTLSX509StoreAdoptCert ()">xmlSecGnuTLSX509StoreAdoptCert</a></p></li>
+<li class="listitem"><p><font>xmlSecGnuTLSX509StoreFindCert-ex</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreFindCert" title="xmlSecGnuTLSX509StoreFindCert ()">xmlSecGnuTLSX509StoreFindCert</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreGetKlass" title="xmlSecGnuTLSX509StoreGetKlass ()">xmlSecGnuTLSX509StoreGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreId" title="xmlSecGnuTLSX509StoreId">xmlSecGnuTLSX509StoreId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keys.html#xmlSecKeyCreate" title="xmlSecKeyCreate ()">xmlSecKeyCreate</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-app.html#xmlSecKeyDataAesGetKlass" title="xmlSecKeyDataAesGetKlass ()">xmlSecKeyDataAesGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-app.html#xmlSecKeyDataAesId" title="xmlSecKeyDataAesId">xmlSecKeyDataAesId</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinarySize" title="xmlSecKeyDataBinarySize">xmlSecKeyDataBinarySize</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueBinRead" title="xmlSecKeyDataBinaryValueBinRead ()">xmlSecKeyDataBinaryValueBinRead</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueBinWrite" title="xmlSecKeyDataBinaryValueBinWrite ()">xmlSecKeyDataBinaryValueBinWrite</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueDebugDump" title="xmlSecKeyDataBinaryValueDebugDump ()">xmlSecKeyDataBinaryValueDebugDump</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueDebugXmlDump" title="xmlSecKeyDataBinaryValueDebugXmlDump ()">xmlSecKeyDataBinaryValueDebugXmlDump</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueDuplicate" title="xmlSecKeyDataBinaryValueDuplicate ()">xmlSecKeyDataBinaryValueDuplicate</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueFinalize" title="xmlSecKeyDataBinaryValueFinalize ()">xmlSecKeyDataBinaryValueFinalize</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueGetBuffer" title="xmlSecKeyDataBinaryValueGetBuffer ()">xmlSecKeyDataBinaryValueGetBuffer</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueGetSize" title="xmlSecKeyDataBinaryValueGetSize ()">xmlSecKeyDataBinaryValueGetSize</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueInitialize" title="xmlSecKeyDataBinaryValueInitialize ()">xmlSecKeyDataBinaryValueInitialize</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueSetBuffer" title="xmlSecKeyDataBinaryValueSetBuffer ()">xmlSecKeyDataBinaryValueSetBuffer</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueXmlRead" title="xmlSecKeyDataBinaryValueXmlRead ()">xmlSecKeyDataBinaryValueXmlRead</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueXmlWrite" title="xmlSecKeyDataBinaryValueXmlWrite ()">xmlSecKeyDataBinaryValueXmlWrite</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinReadMethod" title="xmlSecKeyDataBinReadMethod ()">xmlSecKeyDataBinReadMethod</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinRead" title="xmlSecKeyDataBinRead ()">xmlSecKeyDataBinRead</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinWriteMethod" title="xmlSecKeyDataBinWriteMethod ()">xmlSecKeyDataBinWriteMethod</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataRsaGetKlass" title="xmlSecMSCngKeyDataRsaGetKlass ()">xmlSecMSCngKeyDataRsaGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataRsaId" title="xmlSecMSCngKeyDataRsaId">xmlSecMSCngKeyDataRsaId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataX509AdoptCert" title="xmlSecMSCngKeyDataX509AdoptCert ()">xmlSecMSCngKeyDataX509AdoptCert</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataX509AdoptCrl" title="xmlSecMSCngKeyDataX509AdoptCrl ()">xmlSecMSCngKeyDataX509AdoptCrl</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataX509AdoptKeyCert" title="xmlSecMSCngKeyDataX509AdoptKeyCert ()">xmlSecMSCngKeyDataX509AdoptKeyCert</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataX509GetKlass" title="xmlSecMSCngKeyDataX509GetKlass ()">xmlSecMSCngKeyDataX509GetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataX509Id" title="xmlSecMSCngKeyDataX509Id">xmlSecMSCngKeyDataX509Id</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreAdoptKeyStore" title="xmlSecMSCngX509StoreAdoptKeyStore ()">xmlSecMSCngX509StoreAdoptKeyStore</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreAdoptTrustedStore" title="xmlSecMSCngX509StoreAdoptTrustedStore ()">xmlSecMSCngX509StoreAdoptTrustedStore</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreAdoptUntrustedStore" title="xmlSecMSCngX509StoreAdoptUntrustedStore ()">xmlSecMSCngX509StoreAdoptUntrustedStore</a></p></li>
+<li class="listitem"><p><font>xmlSecMSCngX509StoreFindCert-ex</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreFindCert" title="xmlSecMSCngX509StoreFindCert ()">xmlSecMSCngX509StoreFindCert</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreGetKlass" title="xmlSecMSCngX509StoreGetKlass ()">xmlSecMSCngX509StoreGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreId" title="xmlSecMSCngX509StoreId">xmlSecMSCngX509StoreId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-certkeys.html#xmlSecMSCryptoCertDup" title="xmlSecMSCryptoCertDup ()">xmlSecMSCryptoCertDup</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoErrorsDefaultCallback" title="xmlSecMSCryptoErrorsDefaultCallback ()">xmlSecMSCryptoErrorsDefaultCallback</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoGenerateRandom" title="xmlSecMSCryptoGenerateRandom ()">xmlSecMSCryptoGenerateRandom</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoHmacGetMinOutputLength" title="xmlSecMSCryptoHmacGetMinOutputLength ()">xmlSecMSCryptoHmacGetMinOutputLength</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoHmacSetMinOutputLength" title="xmlSecMSCryptoHmacSetMinOutputLength ()">xmlSecMSCryptoHmacSetMinOutputLength</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoInit" title="xmlSecMSCryptoInit ()">xmlSecMSCryptoInit</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataAesGetKlass" title="xmlSecMSCryptoKeyDataAesGetKlass ()">xmlSecMSCryptoKeyDataAesGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataAesId" title="xmlSecMSCryptoKeyDataAesId">xmlSecMSCryptoKeyDataAesId</a></p></li>
<li class="listitem"><p><font>xmlSecMSCryptoTransformGostR3411-94Id</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacMd5GetKlass" title="xmlSecMSCryptoTransformHmacMd5GetKlass ()">xmlSecMSCryptoTransformHmacMd5GetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacMd5Id" title="xmlSecMSCryptoTransformHmacMd5Id">xmlSecMSCryptoTransformHmacMd5Id</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacRipemd160GetKlass" title="xmlSecMSCryptoTransformHmacRipemd160GetKlass ()">xmlSecMSCryptoTransformHmacRipemd160GetKlass</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacRipemd160Id" title="xmlSecMSCryptoTransformHmacRipemd160Id">xmlSecMSCryptoTransformHmacRipemd160Id</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha1GetKlass" title="xmlSecMSCryptoTransformHmacSha1GetKlass ()">xmlSecMSCryptoTransformHmacSha1GetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha1Id" title="xmlSecMSCryptoTransformHmacSha1Id">xmlSecMSCryptoTransformHmacSha1Id</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha224GetKlass" title="xmlSecMSCryptoTransformHmacSha224GetKlass ()">xmlSecMSCryptoTransformHmacSha224GetKlass</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha224Id" title="xmlSecMSCryptoTransformHmacSha224Id">xmlSecMSCryptoTransformHmacSha224Id</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha256GetKlass" title="xmlSecMSCryptoTransformHmacSha256GetKlass ()">xmlSecMSCryptoTransformHmacSha256GetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha256Id" title="xmlSecMSCryptoTransformHmacSha256Id">xmlSecMSCryptoTransformHmacSha256Id</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha384GetKlass" title="xmlSecMSCryptoTransformHmacSha384GetKlass ()">xmlSecMSCryptoTransformHmacSha384GetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-crypto.html#xmlSecNssErrorsDefaultCallback" title="xmlSecNssErrorsDefaultCallback ()">xmlSecNssErrorsDefaultCallback</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-crypto.html#xmlSecNssGenerateRandom" title="xmlSecNssGenerateRandom ()">xmlSecNssGenerateRandom</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-crypto.html#xmlSecNssGetInternalKeySlot" title="xmlSecNssGetInternalKeySlot ()">xmlSecNssGetInternalKeySlot</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-nss-crypto.html#xmlSecNssHmacGetMinOutputLength" title="xmlSecNssHmacGetMinOutputLength ()">xmlSecNssHmacGetMinOutputLength</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-nss-crypto.html#xmlSecNssHmacSetMinOutputLength" title="xmlSecNssHmacSetMinOutputLength ()">xmlSecNssHmacSetMinOutputLength</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-crypto.html#xmlSecNssInit" title="xmlSecNssInit ()">xmlSecNssInit</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-crypto.html#xmlSecNssKeyDataAesGetKlass" title="xmlSecNssKeyDataAesGetKlass ()">xmlSecNssKeyDataAesGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-crypto.html#xmlSecNssKeyDataAesId" title="xmlSecNssKeyDataAesId">xmlSecNssKeyDataAesId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-keysstore.html#xmlSecNssKeysStoreId" title="xmlSecNssKeysStoreId">xmlSecNssKeysStoreId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-keysstore.html#xmlSecNssKeysStoreLoad" title="xmlSecNssKeysStoreLoad ()">xmlSecNssKeysStoreLoad</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-keysstore.html#xmlSecNssKeysStoreSave" title="xmlSecNssKeysStoreSave ()">xmlSecNssKeysStoreSave</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-nss-bignum.html#xmlSecNssNodeGetBigNumValue" title="xmlSecNssNodeGetBigNumValue ()">xmlSecNssNodeGetBigNumValue</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-nss-bignum.html#xmlSecNssNodeSetBigNumValue" title="xmlSecNssNodeSetBigNumValue ()">xmlSecNssNodeSetBigNumValue</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-pkikeys.html#xmlSecNssPKIAdoptKey" title="xmlSecNssPKIAdoptKey ()">xmlSecNssPKIAdoptKey</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-pkikeys.html#xmlSecNssPKIKeyDataDuplicate" title="xmlSecNssPKIKeyDataDuplicate ()">xmlSecNssPKIKeyDataDuplicate</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-pkikeys.html#xmlSecNssPKIKeyDataGetKeyType" title="xmlSecNssPKIKeyDataGetKeyType ()">xmlSecNssPKIKeyDataGetKeyType</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-crypto.html#xmlSecNssTransformSha512Id" title="xmlSecNssTransformSha512Id">xmlSecNssTransformSha512Id</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-x509.html#xmlSecNssX509CertGetKey" title="xmlSecNssX509CertGetKey ()">xmlSecNssX509CertGetKey</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-x509.html#xmlSecNssX509StoreAdoptCert" title="xmlSecNssX509StoreAdoptCert ()">xmlSecNssX509StoreAdoptCert</a></p></li>
+<li class="listitem"><p><font>xmlSecNssX509StoreFindCert-ex</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-x509.html#xmlSecNssX509StoreFindCert" title="xmlSecNssX509StoreFindCert ()">xmlSecNssX509StoreFindCert</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-x509.html#xmlSecNssX509StoreGetKlass" title="xmlSecNssX509StoreGetKlass ()">xmlSecNssX509StoreGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-x509.html#xmlSecNssX509StoreId" title="xmlSecNssX509StoreId">xmlSecNssX509StoreId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-nss-x509.html#xmlSecNssX509StoreVerify" title="xmlSecNssX509StoreVerify ()">xmlSecNssX509StoreVerify</a></p></li>
<li class="listitem"><p><font>XMLSEC-OPENSSL-API-100</font></p></li>
<li class="listitem"><p><font>XMLSEC-OPENSSL-API-110</font></p></li>
+<li class="listitem"><p><font>XMLSEC-OPENSSL-API-111</font></p></li>
+<li class="listitem"><p><font>XMLSEC-OPENSSL-API-300</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-app.html#xmlSecOpenSSLAppDefaultKeysMngrAdoptKey" title="xmlSecOpenSSLAppDefaultKeysMngrAdoptKey ()">xmlSecOpenSSLAppDefaultKeysMngrAdoptKey</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-app.html#xmlSecOpenSSLAppDefaultKeysMngrInit" title="xmlSecOpenSSLAppDefaultKeysMngrInit ()">xmlSecOpenSSLAppDefaultKeysMngrInit</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-app.html#xmlSecOpenSSLAppDefaultKeysMngrLoad" title="xmlSecOpenSSLAppDefaultKeysMngrLoad ()">xmlSecOpenSSLAppDefaultKeysMngrLoad</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-app.html#xmlSecOpenSSLAppPkcs12LoadMemory" title="xmlSecOpenSSLAppPkcs12LoadMemory ()">xmlSecOpenSSLAppPkcs12LoadMemory</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-app.html#xmlSecOpenSSLAppPkcs12Load" title="xmlSecOpenSSLAppPkcs12Load ()">xmlSecOpenSSLAppPkcs12Load</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-app.html#xmlSecOpenSSLAppShutdown" title="xmlSecOpenSSLAppShutdown ()">xmlSecOpenSSLAppShutdown</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLCreateMemBio" title="xmlSecOpenSSLCreateMemBio ()">xmlSecOpenSSLCreateMemBio</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLCreateMemBufBio" title="xmlSecOpenSSLCreateMemBufBio ()">xmlSecOpenSSLCreateMemBufBio</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLCreateReadFileBio" title="xmlSecOpenSSLCreateReadFileBio ()">xmlSecOpenSSLCreateReadFileBio</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLErrorsDefaultCallback" title="xmlSecOpenSSLErrorsDefaultCallback ()">xmlSecOpenSSLErrorsDefaultCallback</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-evp.html#xmlSecOpenSSLEvpKeyAdopt" title="xmlSecOpenSSLEvpKeyAdopt ()">xmlSecOpenSSLEvpKeyAdopt</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-evp.html#xmlSecOpenSSLEvpKeyDataAdoptEvp" title="xmlSecOpenSSLEvpKeyDataAdoptEvp ()">xmlSecOpenSSLEvpKeyDataAdoptEvp</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-evp.html#xmlSecOpenSSLEvpKeyDup" title="xmlSecOpenSSLEvpKeyDup ()">xmlSecOpenSSLEvpKeyDup</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLGenerateRandom" title="xmlSecOpenSSLGenerateRandom ()">xmlSecOpenSSLGenerateRandom</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLGetDefaultTrustedCertsFolder" title="xmlSecOpenSSLGetDefaultTrustedCertsFolder ()">xmlSecOpenSSLGetDefaultTrustedCertsFolder</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLHmacGetMinOutputLength" title="xmlSecOpenSSLHmacGetMinOutputLength ()">xmlSecOpenSSLHmacGetMinOutputLength</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLHmacSetMinOutputLength" title="xmlSecOpenSSLHmacSetMinOutputLength ()">xmlSecOpenSSLHmacSetMinOutputLength</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLGetLibCtx" title="xmlSecOpenSSLGetLibCtx ()">xmlSecOpenSSLGetLibCtx</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLInit" title="xmlSecOpenSSLInit ()">xmlSecOpenSSLInit</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataAesGetKlass" title="xmlSecOpenSSLKeyDataAesGetKlass ()">xmlSecOpenSSLKeyDataAesGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataAesId" title="xmlSecOpenSSLKeyDataAesId">xmlSecOpenSSLKeyDataAesId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDesGetKlass" title="xmlSecOpenSSLKeyDataDesGetKlass ()">xmlSecOpenSSLKeyDataDesGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDesId" title="xmlSecOpenSSLKeyDataDesId">xmlSecOpenSSLKeyDataDesId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDesSet" title="xmlSecOpenSSLKeyDataDesSet ()">xmlSecOpenSSLKeyDataDesSet</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaAdoptDsa" title="xmlSecOpenSSLKeyDataDsaAdoptDsa ()">xmlSecOpenSSLKeyDataDsaAdoptDsa</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaAdoptEvp" title="xmlSecOpenSSLKeyDataDsaAdoptEvp ()">xmlSecOpenSSLKeyDataDsaAdoptEvp</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaGetDsa" title="xmlSecOpenSSLKeyDataDsaGetDsa ()">xmlSecOpenSSLKeyDataDsaGetDsa</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaGetEvp" title="xmlSecOpenSSLKeyDataDsaGetEvp ()">xmlSecOpenSSLKeyDataDsaGetEvp</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaGetKlass" title="xmlSecOpenSSLKeyDataDsaGetKlass ()">xmlSecOpenSSLKeyDataDsaGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaId" title="xmlSecOpenSSLKeyDataDsaId">xmlSecOpenSSLKeyDataDsaId</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa" title="xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa ()">xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaAdoptEvp" title="xmlSecOpenSSLKeyDataEcdsaAdoptEvp ()">xmlSecOpenSSLKeyDataEcdsaAdoptEvp</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaGetEcdsa" title="xmlSecOpenSSLKeyDataEcdsaGetEcdsa ()">xmlSecOpenSSLKeyDataEcdsaGetEcdsa</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaGetEvp" title="xmlSecOpenSSLKeyDataEcdsaGetEvp ()">xmlSecOpenSSLKeyDataEcdsaGetEvp</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaGetKlass" title="xmlSecOpenSSLKeyDataEcdsaGetKlass ()">xmlSecOpenSSLKeyDataEcdsaGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaId" title="xmlSecOpenSSLKeyDataEcdsaId">xmlSecOpenSSLKeyDataEcdsaId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataRawX509CertGetKlass" title="xmlSecOpenSSLKeyDataRawX509CertGetKlass ()">xmlSecOpenSSLKeyDataRawX509CertGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataRawX509CertId" title="xmlSecOpenSSLKeyDataRawX509CertId">xmlSecOpenSSLKeyDataRawX509CertId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaAdoptEvp" title="xmlSecOpenSSLKeyDataRsaAdoptEvp ()">xmlSecOpenSSLKeyDataRsaAdoptEvp</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaAdoptRsa" title="xmlSecOpenSSLKeyDataRsaAdoptRsa ()">xmlSecOpenSSLKeyDataRsaAdoptRsa</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaGetEvp" title="xmlSecOpenSSLKeyDataRsaGetEvp ()">xmlSecOpenSSLKeyDataRsaGetEvp</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaGetKlass" title="xmlSecOpenSSLKeyDataRsaGetKlass ()">xmlSecOpenSSLKeyDataRsaGetKlass</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaGetRsa" title="xmlSecOpenSSLKeyDataRsaGetRsa ()">xmlSecOpenSSLKeyDataRsaGetRsa</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaId" title="xmlSecOpenSSLKeyDataRsaId">xmlSecOpenSSLKeyDataRsaId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509AdoptCert" title="xmlSecOpenSSLKeyDataX509AdoptCert ()">xmlSecOpenSSLKeyDataX509AdoptCert</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509AdoptCrl" title="xmlSecOpenSSLKeyDataX509AdoptCrl ()">xmlSecOpenSSLKeyDataX509AdoptCrl</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509GetKlass" title="xmlSecOpenSSLKeyDataX509GetKlass ()">xmlSecOpenSSLKeyDataX509GetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509Id" title="xmlSecOpenSSLKeyDataX509Id">xmlSecOpenSSLKeyDataX509Id</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeysMngrInit" title="xmlSecOpenSSLKeysMngrInit ()">xmlSecOpenSSLKeysMngrInit</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-openssl-bn.html#xmlSecOpenSSLNodeGetBNValue" title="xmlSecOpenSSLNodeGetBNValue ()">xmlSecOpenSSLNodeGetBNValue</a></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-openssl-bn.html#xmlSecOpenSSLNodeSetBNValue" title="xmlSecOpenSSLNodeSetBNValue ()">xmlSecOpenSSLNodeSetBNValue</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLSetDefaultTrustedCertsFolder" title="xmlSecOpenSSLSetDefaultTrustedCertsFolder ()">xmlSecOpenSSLSetDefaultTrustedCertsFolder</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLSetLibCtx" title="xmlSecOpenSSLSetLibCtx ()">xmlSecOpenSSLSetLibCtx</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLShutdown" title="xmlSecOpenSSLShutdown ()">xmlSecOpenSSLShutdown</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes128CbcGetKlass" title="xmlSecOpenSSLTransformAes128CbcGetKlass ()">xmlSecOpenSSLTransformAes128CbcGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes128CbcId" title="xmlSecOpenSSLTransformAes128CbcId">xmlSecOpenSSLTransformAes128CbcId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreAddCertsPath" title="xmlSecOpenSSLX509StoreAddCertsPath ()">xmlSecOpenSSLX509StoreAddCertsPath</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreAdoptCert" title="xmlSecOpenSSLX509StoreAdoptCert ()">xmlSecOpenSSLX509StoreAdoptCert</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreAdoptCrl" title="xmlSecOpenSSLX509StoreAdoptCrl ()">xmlSecOpenSSLX509StoreAdoptCrl</a></p></li>
+<li class="listitem"><p><font>xmlSecOpenSSLX509StoreFindCert-ex</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreFindCert" title="xmlSecOpenSSLX509StoreFindCert ()">xmlSecOpenSSLX509StoreFindCert</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreGetKlass" title="xmlSecOpenSSLX509StoreGetKlass ()">xmlSecOpenSSLX509StoreGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreId" title="xmlSecOpenSSLX509StoreId">xmlSecOpenSSLX509StoreId</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-parser.html#xmlSecParseFile" title="xmlSecParseFile ()">xmlSecParseFile</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-parser.html#xmlSecParseMemoryExt" title="xmlSecParseMemoryExt ()">xmlSecParseMemoryExt</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-parser.html#xmlSecParseMemory" title="xmlSecParseMemory ()">xmlSecParseMemory</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-parser.html#xmlSecParsePrepareCtxt" title="xmlSecParsePrepareCtxt ()">xmlSecParsePrepareCtxt</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-parser.html#xmlSecParserGetDefaultOptions" title="xmlSecParserGetDefaultOptions ()">xmlSecParserGetDefaultOptions</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-parser.html#xmlSecParserSetDefaultOptions" title="xmlSecParserSetDefaultOptions ()">xmlSecParserSetDefaultOptions</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecPrintXmlString" title="xmlSecPrintXmlString ()">xmlSecPrintXmlString</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-list.html#xmlSecPtrDebugDumpItemMethod" title="xmlSecPtrDebugDumpItemMethod ()">xmlSecPtrDebugDumpItemMethod</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-list.html#xmlSecPtrDestroyItemMethod" title="xmlSecPtrDestroyItemMethod ()">xmlSecPtrDestroyItemMethod</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecSetDefaultLineFeed" title="xmlSecSetDefaultLineFeed ()">xmlSecSetDefaultLineFeed</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmlsec.html#xmlSecSetExternalEntityLoader" title="xmlSecSetExternalEntityLoader ()">xmlSecSetExternalEntityLoader</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmlsec.html#xmlSecShutdown" title="xmlSecShutdown ()">xmlSecShutdown</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreAdoptKeyFunc" title="xmlSecSimpleKeysStoreAdoptKeyFunc ()">xmlSecSimpleKeysStoreAdoptKeyFunc</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreAdoptKey" title="xmlSecSimpleKeysStoreAdoptKey ()">xmlSecSimpleKeysStoreAdoptKey</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreGetKeys" title="xmlSecSimpleKeysStoreGetKeys ()">xmlSecSimpleKeysStoreGetKeys</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreGetKlass" title="xmlSecSimpleKeysStoreGetKlass ()">xmlSecSimpleKeysStoreGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreId" title="xmlSecSimpleKeysStoreId">xmlSecSimpleKeysStoreId</a></p></li>
+<li class="listitem"><p><font>xmlSecSimpleKeysStoreLoad-ex</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreLoad" title="xmlSecSimpleKeysStoreLoad ()">xmlSecSimpleKeysStoreLoad</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreSave" title="xmlSecSimpleKeysStoreSave ()">xmlSecSimpleKeysStoreSave</a></p></li>
<li class="listitem"><p><font>XMLSEC-SIZE-BAD-CAST</font></p></li>
+<li class="listitem"><p><font>XMLSEC-SIZE-FMT</font></p></li>
+<li class="listitem"><p><font>XMLSEC-SIZE-MAX</font></p></li>
+<li class="listitem"><p><font>XMLSEC-SIZE-MIN</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize">xmlSecSize</a></p></li>
+<li class="listitem"><p><font>XMLSEC-SIZE-T-FMT</font></p></li>
<li class="listitem"><p><font>xmlSecSoap12FaultCode</font></p></li>
<li class="listitem"><p><font>XMLSEC-STACK-OF-X509-CRL</font></p></li>
<li class="listitem"><p><font>XMLSEC-STACK-OF-X509</font></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-list.html#xmlSecStringListGetKlass" title="xmlSecStringListGetKlass ()">xmlSecStringListGetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-list.html#xmlSecStringListId" title="xmlSecStringListId">xmlSecStringListId</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-xmlsec.html#xmlSecStrlen" title="xmlSecStrlen ()">xmlSecStrlen</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-templates.html#xmlSecTmplCipherReferenceAddTransform" title="xmlSecTmplCipherReferenceAddTransform ()">xmlSecTmplCipherReferenceAddTransform</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-templates.html#xmlSecTmplEncDataAddEncProperty" title="xmlSecTmplEncDataAddEncProperty ()">xmlSecTmplEncDataAddEncProperty</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-templates.html#xmlSecTmplEncDataCreate" title="xmlSecTmplEncDataCreate ()">xmlSecTmplEncDataCreate</a></p></li>
<li class="listitem"><p><font>xmlSecTransformGostR3411-2012-512Id</font></p></li>
<li class="listitem"><p><font>xmlSecTransformGostR3411-94GetKlass</font></p></li>
<li class="listitem"><p><font>xmlSecTransformGostR3411-94Id</font></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-transforms.html#xmlSecTransformHmacGetMinOutputBitsSize" title="xmlSecTransformHmacGetMinOutputBitsSize ()">xmlSecTransformHmacGetMinOutputBitsSize</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-app.html#xmlSecTransformHmacMd5GetKlass" title="xmlSecTransformHmacMd5GetKlass ()">xmlSecTransformHmacMd5GetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-app.html#xmlSecTransformHmacMd5Id" title="xmlSecTransformHmacMd5Id">xmlSecTransformHmacMd5Id</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-app.html#xmlSecTransformHmacRipemd160GetKlass" title="xmlSecTransformHmacRipemd160GetKlass ()">xmlSecTransformHmacRipemd160GetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-app.html#xmlSecTransformHmacRipemd160Id" title="xmlSecTransformHmacRipemd160Id">xmlSecTransformHmacRipemd160Id</a></p></li>
+<li class="listitem"><p><a class="link" href="xmlsec-transforms.html#xmlSecTransformHmacSetMinOutputBitsSize" title="xmlSecTransformHmacSetMinOutputBitsSize ()">xmlSecTransformHmacSetMinOutputBitsSize</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-app.html#xmlSecTransformHmacSha1GetKlass" title="xmlSecTransformHmacSha1GetKlass ()">xmlSecTransformHmacSha1GetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-app.html#xmlSecTransformHmacSha1Id" title="xmlSecTransformHmacSha1Id">xmlSecTransformHmacSha1Id</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-app.html#xmlSecTransformHmacSha224GetKlass" title="xmlSecTransformHmacSha224GetKlass ()">xmlSecTransformHmacSha224GetKlass</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecWin32ConvertUtf8ToLocale" title="xmlSecWin32ConvertUtf8ToLocale ()">xmlSecWin32ConvertUtf8ToLocale</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecWin32ConvertUtf8ToTstr" title="xmlSecWin32ConvertUtf8ToTstr ()">xmlSecWin32ConvertUtf8ToTstr</a></p></li>
<li class="listitem"><p><a class="link" href="xmlsec-xmltree.html#xmlSecWin32ConvertUtf8ToUnicode" title="xmlSecWin32ConvertUtf8ToUnicode ()">xmlSecWin32ConvertUtf8ToUnicode</a></p></li>
+<li class="listitem"><p><font>XMLSEC-WINDOWS</font></p></li>
<li class="listitem"><p><font>XMLSEC-X509DATA-CERTIFICATE-NODE</font></p></li>
<li class="listitem"><p><font>XMLSEC-X509DATA-CRL-NODE</font></p></li>
<li class="listitem"><p><font>XMLSEC-X509DATA-DEFAULT</font></p></li>
-<li class="listitem"><p><a class="link" href="xmlsec-x509.html#xmlSecX509DataGetNodeContent" title="xmlSecX509DataGetNodeContent ()">xmlSecX509DataGetNodeContent</a></p></li>
<li class="listitem"><p><font>XMLSEC-X509DATA-ISSUERSERIAL-NODE</font></p></li>
<li class="listitem"><p><font>XMLSEC-X509DATA-SKI-NODE</font></p></li>
<li class="listitem"><p><font>XMLSEC-X509DATA-SUBJECTNAME-NODE</font></p></li>
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>io: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-errors.html" title="errors">
<link rel="next" href="xmlsec-keyinfo.html" title="keyinfo">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>keyinfo: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-io.html" title="io">
<link rel="next" href="xmlsec-keysdata.html" title="keysdata">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
<div class="refsect1">
<a name="xmlsec-keyinfo.description"></a><h2>Description</h2>
-<p><a class="ulink" href="https://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">KeyInfo</a> is an
+<p><a class="ulink" href="https://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">KeyInfo</a> is an
optional element that enables the recipient(s) to obtain
the key needed to validate the signature. KeyInfo may contain keys,
names, certificates and other public key management information, such as
xmlSecTransformCtx retrievalMethodCtx;
int maxRetrievalMethodLevel;
-
/* EncryptedKey */
xmlSecEncCtxPtr encCtx;
int maxEncryptedKeyLevel;
-
-
/* x509 certificates */
time_t certsVerificationTime;
int certsVerificationDepth;
-
/* PGP */
void* pgpReserved; /* TODO */
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>keys: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-keysdata.html" title="keysdata">
<link rel="next" href="xmlsec-keysmngr.html" title="keysmngr">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>keysdata: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-keyinfo.html" title="keyinfo">
<link rel="next" href="xmlsec-keys.html" title="keys">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">xmlSecPtrListId</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataListGetKlass" title="xmlSecKeyDataListGetKlass ()">xmlSecKeyDataListGetKlass</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">xmlSecPtrListId</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListGetKlass" title="xmlSecKeyDataIdListGetKlass ()">xmlSecKeyDataIdListGetKlass</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">int</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListFind" title="xmlSecKeyDataIdListFind ()">xmlSecKeyDataIdListFind</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">xmlSecKeyDataId</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListFindByNode" title="xmlSecKeyDataIdListFindByNode ()">xmlSecKeyDataIdListFindByNode</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">xmlSecKeyDataId</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListFindByHref" title="xmlSecKeyDataIdListFindByHref ()">xmlSecKeyDataIdListFindByHref</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">xmlSecKeyDataId</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListFindByName" title="xmlSecKeyDataIdListFindByName ()">xmlSecKeyDataIdListFindByName</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">void</span></font>
+<a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="returnvalue">xmlSecSize</span></a>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListDebugDump" title="xmlSecKeyDataIdListDebugDump ()">xmlSecKeyDataIdListDebugDump</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueGetSize" title="xmlSecKeyDataBinaryValueGetSize ()">xmlSecKeyDataBinaryValueGetSize</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">void</span></font>
+<a class="link" href="xmlsec-buffer.html#xmlSecBuffer" title="struct xmlSecBuffer"><span class="returnvalue">xmlSecBufferPtr</span></a>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListDebugXmlDump" title="xmlSecKeyDataIdListDebugXmlDump ()">xmlSecKeyDataIdListDebugXmlDump</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueGetBuffer" title="xmlSecKeyDataBinaryValueGetBuffer ()">xmlSecKeyDataBinaryValueGetBuffer</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueInitialize" title="xmlSecKeyDataBinaryValueInitialize ()">xmlSecKeyDataBinaryValueInitialize</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueSetBuffer" title="xmlSecKeyDataBinaryValueSetBuffer ()">xmlSecKeyDataBinaryValueSetBuffer</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">int</span></font>
+<font><span class="returnvalue">xmlSecPtrListId</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueDuplicate" title="xmlSecKeyDataBinaryValueDuplicate ()">xmlSecKeyDataBinaryValueDuplicate</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataListGetKlass" title="xmlSecKeyDataListGetKlass ()">xmlSecKeyDataListGetKlass</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">void</span></font>
+<font><span class="returnvalue">xmlSecPtrListId</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueFinalize" title="xmlSecKeyDataBinaryValueFinalize ()">xmlSecKeyDataBinaryValueFinalize</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListGetKlass" title="xmlSecKeyDataIdListGetKlass ()">xmlSecKeyDataIdListGetKlass</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueXmlRead" title="xmlSecKeyDataBinaryValueXmlRead ()">xmlSecKeyDataBinaryValueXmlRead</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListFind" title="xmlSecKeyDataIdListFind ()">xmlSecKeyDataIdListFind</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">int</span></font>
+<font><span class="returnvalue">xmlSecKeyDataId</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueXmlWrite" title="xmlSecKeyDataBinaryValueXmlWrite ()">xmlSecKeyDataBinaryValueXmlWrite</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListFindByNode" title="xmlSecKeyDataIdListFindByNode ()">xmlSecKeyDataIdListFindByNode</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">int</span></font>
+<font><span class="returnvalue">xmlSecKeyDataId</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueBinRead" title="xmlSecKeyDataBinaryValueBinRead ()">xmlSecKeyDataBinaryValueBinRead</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListFindByHref" title="xmlSecKeyDataIdListFindByHref ()">xmlSecKeyDataIdListFindByHref</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">int</span></font>
+<font><span class="returnvalue">xmlSecKeyDataId</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueBinWrite" title="xmlSecKeyDataBinaryValueBinWrite ()">xmlSecKeyDataBinaryValueBinWrite</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListFindByName" title="xmlSecKeyDataIdListFindByName ()">xmlSecKeyDataIdListFindByName</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<font><span class="returnvalue">void</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueDebugDump" title="xmlSecKeyDataBinaryValueDebugDump ()">xmlSecKeyDataBinaryValueDebugDump</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListDebugDump" title="xmlSecKeyDataIdListDebugDump ()">xmlSecKeyDataIdListDebugDump</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<font><span class="returnvalue">void</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueDebugXmlDump" title="xmlSecKeyDataBinaryValueDebugXmlDump ()">xmlSecKeyDataBinaryValueDebugXmlDump</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="returnvalue">xmlSecSize</span></a>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueGetSize" title="xmlSecKeyDataBinaryValueGetSize ()">xmlSecKeyDataBinaryValueGetSize</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<a class="link" href="xmlsec-buffer.html#xmlSecBuffer" title="struct xmlSecBuffer"><span class="returnvalue">xmlSecBufferPtr</span></a>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueGetBuffer" title="xmlSecKeyDataBinaryValueGetBuffer ()">xmlSecKeyDataBinaryValueGetBuffer</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">int</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueSetBuffer" title="xmlSecKeyDataBinaryValueSetBuffer ()">xmlSecKeyDataBinaryValueSetBuffer</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListDebugXmlDump" title="xmlSecKeyDataIdListDebugXmlDump ()">xmlSecKeyDataIdListDebugXmlDump</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_name"><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataIdListId" title="xmlSecKeyDataIdListId">xmlSecKeyDataIdListId</a></td>
</tr>
<tr>
-<td class="define_keyword">#define</td>
-<td class="function_name"><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataBinarySize" title="xmlSecKeyDataBinarySize">xmlSecKeyDataBinarySize</a></td>
-</tr>
-<tr>
<td class="datatype_keyword">struct</td>
<td class="function_name"><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore">xmlSecKeyDataStore</a></td>
</tr>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecKeyDataBinaryValueGetSize"></a><h3>xmlSecKeyDataBinaryValueGetSize ()</h3>
+<pre class="programlisting"><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="returnvalue">xmlSecSize</span></a>
+xmlSecKeyDataBinaryValueGetSize (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>);</pre>
+<p>Gets the binary key data size.</p>
+<div class="refsect3">
+<a name="xmlSecKeyDataBinaryValueGetSize.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody><tr>
+<td class="parameter_name"><p>data</p></td>
+<td class="parameter_description"><p>the pointer to binary key data.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr></tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecKeyDataBinaryValueGetSize.returns"></a><h4>Returns</h4>
+<p> binary key data size in bits.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecKeyDataBinaryValueGetBuffer"></a><h3>xmlSecKeyDataBinaryValueGetBuffer ()</h3>
+<pre class="programlisting"><a class="link" href="xmlsec-buffer.html#xmlSecBuffer" title="struct xmlSecBuffer"><span class="returnvalue">xmlSecBufferPtr</span></a>
+xmlSecKeyDataBinaryValueGetBuffer (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>);</pre>
+<p>Gets the binary key data buffer.</p>
+<div class="refsect3">
+<a name="xmlSecKeyDataBinaryValueGetBuffer.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody><tr>
+<td class="parameter_name"><p>data</p></td>
+<td class="parameter_description"><p>the pointer to binary key data.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr></tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecKeyDataBinaryValueGetBuffer.returns"></a><h4>Returns</h4>
+<p> pointer to binary key data buffer.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecKeyDataBinaryValueSetBuffer"></a><h3>xmlSecKeyDataBinaryValueSetBuffer ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">int</span></font>
+xmlSecKeyDataBinaryValueSetBuffer (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
+ <em class="parameter"><code>const <a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *buf</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> bufSize</code></em>);</pre>
+<p>Sets the value of <em class="parameter"><code>data</code></em>
+ to <em class="parameter"><code>buf</code></em>
+.</p>
+<div class="refsect3">
+<a name="xmlSecKeyDataBinaryValueSetBuffer.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody>
+<tr>
+<td class="parameter_name"><p>data</p></td>
+<td class="parameter_description"><p>the pointer to binary key data.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>buf</p></td>
+<td class="parameter_description"><p>the pointer to binary buffer.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>bufSize</p></td>
+<td class="parameter_description"><p>the binary buffer size.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+</tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecKeyDataBinaryValueSetBuffer.returns"></a><h4>Returns</h4>
+<p> 0 on success or a negative value otherwise.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecKeyDataListGetKlass"></a><h3>xmlSecKeyDataListGetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecPtrListId</span></font>
xmlSecKeyDataListGetKlass (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueInitialize"></a><h3>xmlSecKeyDataBinaryValueInitialize ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecKeyDataBinaryValueInitialize (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>);</pre>
-<p>Initializes key data.</p>
+<a name="xmlSecKeyDataStoreCreate"></a><h3>xmlSecKeyDataStoreCreate ()</h3>
+<pre class="programlisting"><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="returnvalue">xmlSecKeyDataStorePtr</span></a>
+xmlSecKeyDataStoreCreate (<em class="parameter"><code><font><span class="type">xmlSecKeyDataStoreId</span></font> id</code></em>);</pre>
+<p>Creates new key data store of the specified klass <em class="parameter"><code>id</code></em>
+. Caller is responsible
+for freeing returned object with <a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStoreDestroy" title="xmlSecKeyDataStoreDestroy ()"><span class="type">xmlSecKeyDataStoreDestroy</span></a> function.</p>
<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueInitialize.parameters"></a><h4>Parameters</h4>
+<a name="xmlSecKeyDataStoreCreate.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col>
<col>
</colgroup>
<tbody><tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to binary key data.</p></td>
+<td class="parameter_name"><p>id</p></td>
+<td class="parameter_description"><p>the store id.</p></td>
<td class="parameter_annotations">Â </td>
</tr></tbody>
</table></div>
</div>
<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueInitialize.returns"></a><h4>Returns</h4>
-<p> 0 on success or a negative value otherwise.</p>
+<a name="xmlSecKeyDataStoreCreate.returns"></a><h4>Returns</h4>
+<p> the pointer to newly allocated key data store structure
+or NULL if an error occurs.</p>
</div>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueDuplicate"></a><h3>xmlSecKeyDataBinaryValueDuplicate ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecKeyDataBinaryValueDuplicate (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> dst</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> src</code></em>);</pre>
-<p>Copies binary key data from <em class="parameter"><code>src</code></em>
- to <em class="parameter"><code>dst</code></em>
-.</p>
+<a name="xmlSecKeyDataStoreDestroy"></a><h3>xmlSecKeyDataStoreDestroy ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">void</span></font>
+xmlSecKeyDataStoreDestroy (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="type">xmlSecKeyDataStorePtr</span></a> store</code></em>);</pre>
+<p>Destroys the key data store created with <a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStoreCreate" title="xmlSecKeyDataStoreCreate ()"><span class="type">xmlSecKeyDataStoreCreate</span></a>
+function.</p>
<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueDuplicate.parameters"></a><h4>Parameters</h4>
+<a name="xmlSecKeyDataStoreDestroy.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col>
<col>
<col>
</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>dst</p></td>
-<td class="parameter_description"><p>the pointer to destination binary key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>src</p></td>
-<td class="parameter_description"><p>the pointer to source binary key data.</p></td>
+<tbody><tr>
+<td class="parameter_name"><p>store</p></td>
+<td class="parameter_description"><p>the pointer to the key data store..</p></td>
<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
+</tr></tbody>
</table></div>
</div>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueDuplicate.returns"></a><h4>Returns</h4>
-<p> 0 on success or a negative value otherwise.</p>
-</div>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueFinalize"></a><h3>xmlSecKeyDataBinaryValueFinalize ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">void</span></font>
-xmlSecKeyDataBinaryValueFinalize (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>);</pre>
-<p>Cleans up binary key data.</p>
+<a name="xmlSecKeyDataStoreGetName"></a><h3>xmlSecKeyDataStoreGetName()</h3>
+<pre class="programlisting">#define xmlSecKeyDataStoreGetName(store)</pre>
+<p>Macro. Returns key data store name.</p>
<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueFinalize.parameters"></a><h4>Parameters</h4>
+<a name="xmlSecKeyDataStoreGetName.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col>
<col>
</colgroup>
<tbody><tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to binary key data.</p></td>
+<td class="parameter_name"><p>store</p></td>
+<td class="parameter_description"><p>the pointer to store.</p></td>
<td class="parameter_annotations">Â </td>
</tr></tbody>
</table></div>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueXmlRead"></a><h3>xmlSecKeyDataBinaryValueXmlRead ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecKeyDataBinaryValueXmlRead (<em class="parameter"><code><font><span class="type">xmlSecKeyDataId</span></font> id</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-keys.html#xmlSecKey" title="struct xmlSecKey"><span class="type">xmlSecKeyPtr</span></a> key</code></em>,
- <em class="parameter"><code><font><span class="type">xmlNodePtr</span></font> node</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-keyinfo.html#xmlSecKeyInfoCtx" title="struct xmlSecKeyInfoCtx"><span class="type">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code></em>);</pre>
-<p>Reads binary key data from <em class="parameter"><code>node</code></em>
- to the key by base64 decoding the <em class="parameter"><code>node</code></em>
- content.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueXmlRead.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>id</p></td>
-<td class="parameter_description"><p>the data klass.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>key</p></td>
-<td class="parameter_description"><p>the pointer to destination key.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>node</p></td>
-<td class="parameter_description"><p>the pointer to an XML node.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>keyInfoCtx</p></td>
-<td class="parameter_description"><p>the pointer to <a class="ulink" href="" target="_top"><dsig:KeyInfo/></a> element processing context.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueXmlRead.returns"></a><h4>Returns</h4>
-<p> 0 on success or a negative value otherwise.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueXmlWrite"></a><h3>xmlSecKeyDataBinaryValueXmlWrite ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecKeyDataBinaryValueXmlWrite (<em class="parameter"><code><font><span class="type">xmlSecKeyDataId</span></font> id</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-keys.html#xmlSecKey" title="struct xmlSecKey"><span class="type">xmlSecKeyPtr</span></a> key</code></em>,
- <em class="parameter"><code><font><span class="type">xmlNodePtr</span></font> node</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-keyinfo.html#xmlSecKeyInfoCtx" title="struct xmlSecKeyInfoCtx"><span class="type">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code></em>);</pre>
-<p>Base64 encodes binary key data of klass <em class="parameter"><code>id</code></em>
- from the <em class="parameter"><code>key</code></em>
- and
-sets to the <em class="parameter"><code>node</code></em>
- content.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueXmlWrite.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>id</p></td>
-<td class="parameter_description"><p>the data klass.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>key</p></td>
-<td class="parameter_description"><p>the pointer to source key.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>node</p></td>
-<td class="parameter_description"><p>the pointer to an XML node.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>keyInfoCtx</p></td>
-<td class="parameter_description"><p>the pointer to <a class="ulink" href="" target="_top"><dsig:KeyInfo/></a> element processing context.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueXmlWrite.returns"></a><h4>Returns</h4>
-<p> 0 on success or a negative value otherwise.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueBinRead"></a><h3>xmlSecKeyDataBinaryValueBinRead ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecKeyDataBinaryValueBinRead (<em class="parameter"><code><font><span class="type">xmlSecKeyDataId</span></font> id</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-keys.html#xmlSecKey" title="struct xmlSecKey"><span class="type">xmlSecKeyPtr</span></a> key</code></em>,
- <em class="parameter"><code>const <a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *buf</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> bufSize</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-keyinfo.html#xmlSecKeyInfoCtx" title="struct xmlSecKeyInfoCtx"><span class="type">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code></em>);</pre>
-<p>Reads binary key data of the klass <em class="parameter"><code>id</code></em>
- from <em class="parameter"><code>buf</code></em>
- to the <em class="parameter"><code>key</code></em>
-.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueBinRead.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>id</p></td>
-<td class="parameter_description"><p>the data klass.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>key</p></td>
-<td class="parameter_description"><p>the pointer to destination key.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>buf</p></td>
-<td class="parameter_description"><p>the source binary buffer.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>bufSize</p></td>
-<td class="parameter_description"><p>the source binary buffer size.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>keyInfoCtx</p></td>
-<td class="parameter_description"><p>the pointer to <a class="ulink" href="" target="_top"><dsig:KeyInfo/></a> element processing context.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueBinRead.returns"></a><h4>Returns</h4>
-<p> 0 on success or a negative value otherwise.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueBinWrite"></a><h3>xmlSecKeyDataBinaryValueBinWrite ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecKeyDataBinaryValueBinWrite (<em class="parameter"><code><font><span class="type">xmlSecKeyDataId</span></font> id</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-keys.html#xmlSecKey" title="struct xmlSecKey"><span class="type">xmlSecKeyPtr</span></a> key</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> **buf</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> *bufSize</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-keyinfo.html#xmlSecKeyInfoCtx" title="struct xmlSecKeyInfoCtx"><span class="type">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code></em>);</pre>
-<p>Writes binary key data of klass <em class="parameter"><code>id</code></em>
- from the <em class="parameter"><code>key</code></em>
- to <em class="parameter"><code>buf</code></em>
-.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueBinWrite.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>id</p></td>
-<td class="parameter_description"><p>the data klass.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>key</p></td>
-<td class="parameter_description"><p>the pointer to source key.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>buf</p></td>
-<td class="parameter_description"><p>the destination binary buffer.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>bufSize</p></td>
-<td class="parameter_description"><p>the destination binary buffer size.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>keyInfoCtx</p></td>
-<td class="parameter_description"><p>the pointer to <a class="ulink" href="" target="_top"><dsig:KeyInfo/></a> element processing context.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueBinWrite.returns"></a><h4>Returns</h4>
-<p> 0 on success or a negative value otherwise.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueDebugDump"></a><h3>xmlSecKeyDataBinaryValueDebugDump ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">void</span></font>
-xmlSecKeyDataBinaryValueDebugDump (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
- <em class="parameter"><code><font><span class="type">FILE</span></font> *output</code></em>);</pre>
-<p>Prints binary key data debug information to <em class="parameter"><code>output</code></em>
-.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueDebugDump.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to binary key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>output</p></td>
-<td class="parameter_description"><p>the pointer to output FILE.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueDebugXmlDump"></a><h3>xmlSecKeyDataBinaryValueDebugXmlDump ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">void</span></font>
-xmlSecKeyDataBinaryValueDebugXmlDump (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
- <em class="parameter"><code><font><span class="type">FILE</span></font> *output</code></em>);</pre>
-<p>Prints binary key data debug information to <em class="parameter"><code>output</code></em>
- in XML format.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueDebugXmlDump.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to binary key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>output</p></td>
-<td class="parameter_description"><p>the pointer to output FILE.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueGetSize"></a><h3>xmlSecKeyDataBinaryValueGetSize ()</h3>
-<pre class="programlisting"><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="returnvalue">xmlSecSize</span></a>
-xmlSecKeyDataBinaryValueGetSize (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>);</pre>
-<p>Gets the binary key data size.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueGetSize.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to binary key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueGetSize.returns"></a><h4>Returns</h4>
-<p> binary key data size in bits.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueGetBuffer"></a><h3>xmlSecKeyDataBinaryValueGetBuffer ()</h3>
-<pre class="programlisting"><a class="link" href="xmlsec-buffer.html#xmlSecBuffer" title="struct xmlSecBuffer"><span class="returnvalue">xmlSecBufferPtr</span></a>
-xmlSecKeyDataBinaryValueGetBuffer (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>);</pre>
-<p>Gets the binary key data buffer.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueGetBuffer.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to binary key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueGetBuffer.returns"></a><h4>Returns</h4>
-<p> pointer to binary key data buffer.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataBinaryValueSetBuffer"></a><h3>xmlSecKeyDataBinaryValueSetBuffer ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecKeyDataBinaryValueSetBuffer (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
- <em class="parameter"><code>const <a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *buf</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> bufSize</code></em>);</pre>
-<p>Sets the value of <em class="parameter"><code>data</code></em>
- to <em class="parameter"><code>buf</code></em>
-.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueSetBuffer.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to binary key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>buf</p></td>
-<td class="parameter_description"><p>the pointer to binary buffer.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>bufSize</p></td>
-<td class="parameter_description"><p>the binary buffer size.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecKeyDataBinaryValueSetBuffer.returns"></a><h4>Returns</h4>
-<p> 0 on success or a negative value otherwise.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataStoreCreate"></a><h3>xmlSecKeyDataStoreCreate ()</h3>
-<pre class="programlisting"><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="returnvalue">xmlSecKeyDataStorePtr</span></a>
-xmlSecKeyDataStoreCreate (<em class="parameter"><code><font><span class="type">xmlSecKeyDataStoreId</span></font> id</code></em>);</pre>
-<p>Creates new key data store of the specified klass <em class="parameter"><code>id</code></em>
-. Caller is responsible
-for freeing returned object with <a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStoreDestroy" title="xmlSecKeyDataStoreDestroy ()"><span class="type">xmlSecKeyDataStoreDestroy</span></a> function.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataStoreCreate.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>id</p></td>
-<td class="parameter_description"><p>the store id.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecKeyDataStoreCreate.returns"></a><h4>Returns</h4>
-<p> the pointer to newly allocated key data store structure
-or NULL if an error occurs.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataStoreDestroy"></a><h3>xmlSecKeyDataStoreDestroy ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">void</span></font>
-xmlSecKeyDataStoreDestroy (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="type">xmlSecKeyDataStorePtr</span></a> store</code></em>);</pre>
-<p>Destroys the key data store created with <a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStoreCreate" title="xmlSecKeyDataStoreCreate ()"><span class="type">xmlSecKeyDataStoreCreate</span></a>
-function.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataStoreDestroy.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>store</p></td>
-<td class="parameter_description"><p>the pointer to the key data store..</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataStoreGetName"></a><h3>xmlSecKeyDataStoreGetName()</h3>
-<pre class="programlisting">#define xmlSecKeyDataStoreGetName(store)</pre>
-<p>Macro. Returns key data store name.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataStoreGetName.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>store</p></td>
-<td class="parameter_description"><p>the pointer to store.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecKeyDataStoreIsValid"></a><h3>xmlSecKeyDataStoreIsValid()</h3>
-<pre class="programlisting">#define xmlSecKeyDataStoreIsValid(store)</pre>
-<p>Macro. Returns 1 if <em class="parameter"><code>store</code></em>
- is not NULL and <em class="parameter"><code>store->id</code></em>
- is not NULL
-or 0 otherwise.</p>
-<div class="refsect3">
-<a name="xmlSecKeyDataStoreIsValid.parameters"></a><h4>Parameters</h4>
+<a name="xmlSecKeyDataStoreIsValid"></a><h3>xmlSecKeyDataStoreIsValid()</h3>
+<pre class="programlisting">#define xmlSecKeyDataStoreIsValid(store)</pre>
+<p>Macro. Returns 1 if <em class="parameter"><code>store</code></em>
+ is not NULL and <em class="parameter"><code>store->id</code></em>
+ is not NULL
+or 0 otherwise.</p>
+<div class="refsect3">
+<a name="xmlSecKeyDataStoreIsValid.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col>
<a name="xmlSecImportSetPersistKey"></a><h3>xmlSecImportSetPersistKey ()</h3>
<pre class="programlisting"><font><span class="returnvalue">void</span></font>
xmlSecImportSetPersistKey (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
+<p>Sets global flag to import keys to persistent storage (MSCrypto and MSCNG).
+Also see PKCS12_NO_PERSIST_KEY.</p>
</div>
<hr>
<div class="refsect2">
<a name="xmlSecImportGetPersistKey"></a><h3>xmlSecImportGetPersistKey ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
xmlSecImportGetPersistKey (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
+<p>Gets global flag to import keys to persistent storage (MSCrypto and MSCNG).
+Also see PKCS12_NO_PERSIST_KEY.</p>
+<div class="refsect3">
+<a name="xmlSecImportGetPersistKey.returns"></a><h4>Returns</h4>
+<p> 1 if keys should be imported into persistent storage and 0 otherwise.</p>
+</div>
</div>
</div>
<div class="refsect1">
<td class="enum_member_description"><p>the DER cert.</p></td>
<td class="enum_member_annotations">Â </td>
</tr>
+<tr>
+<td class="enum_member_name"><p><a name="xmlSecKeyDataFormatEngine"></a>xmlSecKeyDataFormatEngine</p></td>
+<td class="enum_member_description"><p>the crypto engine (e.g. OpenSSL ENGINE).</p></td>
+<td class="enum_member_annotations">Â </td>
+</tr>
</tbody>
</table></div>
</div>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecKeyDataBinarySize"></a><h3>xmlSecKeyDataBinarySize</h3>
-<pre class="programlisting">#define xmlSecKeyDataBinarySize</pre>
-<p>The binary key data object size.</p>
-</div>
-<hr>
-<div class="refsect2">
<a name="xmlSecKeyDataStore"></a><h3>struct xmlSecKeyDataStore</h3>
<pre class="programlisting">struct xmlSecKeyDataStore {
xmlSecKeyDataStoreId id;
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>keysmngr: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-keys.html" title="keys">
<link rel="next" href="xmlsec-list.html" title="list">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</tr>
<tr>
<td class="function_type">
+<font><span class="returnvalue">int</span></font>
+</td>
+<td class="function_name">
+<span class="c_punctuation">(</span><a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreAdoptKeyFunc" title="xmlSecSimpleKeysStoreAdoptKeyFunc ()">*xmlSecSimpleKeysStoreAdoptKeyFunc</a><span class="c_punctuation">)</span> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
<font><span class="returnvalue">xmlSecKeyStoreId</span></font>
</td>
<td class="function_name">
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
+<a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreLoad-ex" title="xmlSecSimpleKeysStoreLoad_ex ()">xmlSecSimpleKeysStoreLoad_ex</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">int</span></font>
+</td>
+<td class="function_name">
<a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreSave" title="xmlSecSimpleKeysStoreSave ()">xmlSecSimpleKeysStoreSave</a> <span class="c_punctuation">()</span>
</td>
</tr>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecSimpleKeysStoreAdoptKeyFunc"></a><h3>xmlSecSimpleKeysStoreAdoptKeyFunc ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">int</span></font>
+<span class="c_punctuation">(</span>*xmlSecSimpleKeysStoreAdoptKeyFunc<span class="c_punctuation">)</span> (<em class="parameter"><code><a class="link" href="xmlsec-keysmngr.html#xmlSecKeyStore" title="struct xmlSecKeyStore"><span class="type">xmlSecKeyStorePtr</span></a> store</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-keys.html#xmlSecKey" title="struct xmlSecKey"><span class="type">xmlSecKeyPtr</span></a> key</code></em>);</pre>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecSimpleKeysStoreGetKlass"></a><h3>xmlSecSimpleKeysStoreGetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecKeyStoreId</span></font>
xmlSecSimpleKeysStoreGetKlass (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecSimpleKeysStoreLoad-ex"></a><h3>xmlSecSimpleKeysStoreLoad_ex ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">int</span></font>
+xmlSecSimpleKeysStoreLoad_ex (<em class="parameter"><code><a class="link" href="xmlsec-keysmngr.html#xmlSecKeyStore" title="struct xmlSecKeyStore"><span class="type">xmlSecKeyStorePtr</span></a> store</code></em>,
+ <em class="parameter"><code>const <font><span class="type">char</span></font> *uri</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-keysmngr.html#xmlSecKeysMngr" title="struct xmlSecKeysMngr"><span class="type">xmlSecKeysMngrPtr</span></a> keysMngr</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreAdoptKeyFunc" title="xmlSecSimpleKeysStoreAdoptKeyFunc ()"><span class="type">xmlSecSimpleKeysStoreAdoptKeyFunc</span></a> adoptKeyFunc</code></em>);</pre>
+<p>Reads keys from an XML file.</p>
+<div class="refsect3">
+<a name="xmlSecSimpleKeysStoreLoad-ex.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody>
+<tr>
+<td class="parameter_name"><p>store</p></td>
+<td class="parameter_description"><p>the pointer to simple keys store.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>uri</p></td>
+<td class="parameter_description"><p>the filename.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>keysMngr</p></td>
+<td class="parameter_description"><p>the pointer to associated keys manager.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>adoptKeyFunc</p></td>
+<td class="parameter_description"><p>the callback to add the key to keys manager.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+</tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecSimpleKeysStoreLoad-ex.returns"></a><h4>Returns</h4>
+<p> 0 on success or a negative value if an error occurs.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecSimpleKeysStoreSave"></a><h3>xmlSecSimpleKeysStoreSave ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
xmlSecSimpleKeysStoreSave (<em class="parameter"><code><a class="link" href="xmlsec-keysmngr.html#xmlSecKeyStore" title="struct xmlSecKeyStore"><span class="type">xmlSecKeyStorePtr</span></a> store</code></em>,
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>list: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-keysmngr.html" title="keysmngr">
<link rel="next" href="xmlsec-membuf.html" title="membuf">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>membuf: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-list.html" title="list">
<link rel="next" href="xmlsec-nodeset.html" title="nodeset">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library for Microsoft Cryptography API: Next Generation (CNG) Reference.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-reference.html" title="Part II. XML Security Library API Reference.">
<link rel="prev" href="xmlsec-mscrypto-x509.html" title="x509">
<link rel="next" href="xmlsec-mscng-app.html" title="app">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
the code sources. </p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>app: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-msccng-ref.html" title="XML Security Library for Microsoft Cryptography API: Next Generation (CNG) Reference.">
<link rel="prev" href="xmlsec-msccng-ref.html" title="XML Security Library for Microsoft Cryptography API: Next Generation (CNG) Reference.">
<link rel="next" href="xmlsec-mscng-certkeys.html" title="certkeys">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-mscng-app.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>certkeys: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-msccng-ref.html" title="XML Security Library for Microsoft Cryptography API: Next Generation (CNG) Reference.">
<link rel="prev" href="xmlsec-mscng-app.html" title="app">
<link rel="next" href="xmlsec-mscng-crypto.html" title="crypto">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-mscng-certkeys.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>crypto: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-msccng-ref.html" title="XML Security Library for Microsoft Cryptography API: Next Generation (CNG) Reference.">
<link rel="prev" href="xmlsec-mscng-certkeys.html" title="certkeys">
<link rel="next" href="xmlsec-mscng-keysstore.html" title="keysstore">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>keysstore: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-msccng-ref.html" title="XML Security Library for Microsoft Cryptography API: Next Generation (CNG) Reference.">
<link rel="prev" href="xmlsec-mscng-crypto.html" title="crypto">
<link rel="next" href="xmlsec-mscng-x509.html" title="x509">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>x509: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-msccng-ref.html" title="XML Security Library for Microsoft Cryptography API: Next Generation (CNG) Reference.">
<link rel="prev" href="xmlsec-mscng-keysstore.html" title="keysstore">
<link rel="next" href="xmlsec-index.html" title="XML Security Library Reference Index">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
+<a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataX509AdoptCrl" title="xmlSecMSCngKeyDataX509AdoptCrl ()">xmlSecMSCngKeyDataX509AdoptCrl</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">int</span></font>
+</td>
+<td class="function_name">
<a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreAdoptCert" title="xmlSecMSCngX509StoreAdoptCert ()">xmlSecMSCngX509StoreAdoptCert</a> <span class="c_punctuation">()</span>
</td>
</tr>
<font><span class="returnvalue">PCCERT_CONTEXT</span></font>
</td>
<td class="function_name">
+<a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreFindCert-ex" title="xmlSecMSCngX509StoreFindCert_ex ()">xmlSecMSCngX509StoreFindCert_ex</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">PCCERT_CONTEXT</span></font>
+</td>
+<td class="function_name">
<a class="link" href="xmlsec-mscng-x509.html#xmlSecMSCngX509FindCertBySubject" title="xmlSecMSCngX509FindCertBySubject ()">xmlSecMSCngX509FindCertBySubject</a> <span class="c_punctuation">()</span>
</td>
</tr>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecMSCngKeyDataX509AdoptCrl"></a><h3>xmlSecMSCngKeyDataX509AdoptCrl ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">int</span></font>
+xmlSecMSCngKeyDataX509AdoptCrl (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
+ <em class="parameter"><code><font><span class="type">PCCRL_CONTEXT</span></font> crl</code></em>);</pre>
+<p>Adds CRL to the X509 key data.</p>
+<div class="refsect3">
+<a name="xmlSecMSCngKeyDataX509AdoptCrl.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody>
+<tr>
+<td class="parameter_name"><p>data</p></td>
+<td class="parameter_description"><p>the pointer to X509 key data.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>crl</p></td>
+<td class="parameter_description"><p>the pointer to MSCng X509 CRL.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+</tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecMSCngKeyDataX509AdoptCrl.returns"></a><h4>Returns</h4>
+<p> 0 on success or a negative value if an error occurs.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecMSCngX509StoreAdoptCert"></a><h3>xmlSecMSCngX509StoreAdoptCert ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
xmlSecMSCngX509StoreAdoptCert (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="type">xmlSecKeyDataStorePtr</span></a> store</code></em>,
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecMSCngX509StoreFindCert-ex"></a><h3>xmlSecMSCngX509StoreFindCert_ex ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">PCCERT_CONTEXT</span></font>
+xmlSecMSCngX509StoreFindCert_ex (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="type">xmlSecKeyDataStorePtr</span></a> store</code></em>,
+ <em class="parameter"><code><font><span class="type">xmlChar</span></font> *subjectName</code></em>,
+ <em class="parameter"><code><font><span class="type">xmlChar</span></font> *issuerName</code></em>,
+ <em class="parameter"><code><font><span class="type">xmlChar</span></font> *issuerSerial</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *ski</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> skiSize</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-keyinfo.html#xmlSecKeyInfoCtx" title="struct xmlSecKeyInfoCtx"><span class="type">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code></em>);</pre>
+<p>Searches <em class="parameter"><code>store</code></em>
+ for a certificate that matches given criteria.</p>
+<div class="refsect3">
+<a name="xmlSecMSCngX509StoreFindCert-ex.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody>
+<tr>
+<td class="parameter_name"><p>store</p></td>
+<td class="parameter_description"><p>the pointer to X509 key data store klass.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>subjectName</p></td>
+<td class="parameter_description"><p>the desired certificate name.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>issuerName</p></td>
+<td class="parameter_description"><p>the desired certificate issuer name.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>issuerSerial</p></td>
+<td class="parameter_description"><p>the desired certificate issuer serial number.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>ski</p></td>
+<td class="parameter_description"><p>the desired certificate SKI.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>skiSize</p></td>
+<td class="parameter_description"><p>the desired certificate SKI size.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>keyInfoCtx</p></td>
+<td class="parameter_description"><p>the pointer to <a class="ulink" href="" target="_top"><dsig:KeyInfo/></a> element processing context.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+</tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecMSCngX509StoreFindCert-ex.returns"></a><h4>Returns</h4>
+<p> pointer to found certificate or NULL if certificate is not found
+or an error occurs.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecMSCngX509FindCertBySubject"></a><h3>xmlSecMSCngX509FindCertBySubject ()</h3>
<pre class="programlisting"><font><span class="returnvalue">PCCERT_CONTEXT</span></font>
xmlSecMSCngX509FindCertBySubject (<em class="parameter"><code><font><span class="type">HCERTSTORE</span></font> store</code></em>,
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>app: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-mscrypto-ref.html" title="XML Security Library for Microsoft Crypto API Reference.">
<link rel="prev" href="xmlsec-mscrypto-ref.html" title="XML Security Library for Microsoft Crypto API Reference.">
<link rel="next" href="xmlsec-mscrypto-certkeys.html" title="certkeys">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-mscrypto-app.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>certkeys: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-mscrypto-ref.html" title="XML Security Library for Microsoft Crypto API Reference.">
<link rel="prev" href="xmlsec-mscrypto-app.html" title="app">
<link rel="next" href="xmlsec-mscrypto-crypto.html" title="crypto">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-mscrypto-certkeys.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>crypto: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-mscrypto-ref.html" title="XML Security Library for Microsoft Crypto API Reference.">
<link rel="prev" href="xmlsec-mscrypto-certkeys.html" title="certkeys">
<link rel="next" href="xmlsec-mscrypto-keysstore.html" title="keysstore">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">int</span></font>
+<font><span class="returnvalue">xmlSecKeyDataId</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoHmacGetMinOutputLength" title="xmlSecMSCryptoHmacGetMinOutputLength ()">xmlSecMSCryptoHmacGetMinOutputLength</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataHmacGetKlass" title="xmlSecMSCryptoKeyDataHmacGetKlass ()">xmlSecMSCryptoKeyDataHmacGetKlass</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">void</span></font>
+<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoHmacSetMinOutputLength" title="xmlSecMSCryptoHmacSetMinOutputLength ()">xmlSecMSCryptoHmacSetMinOutputLength</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataHmacSet" title="xmlSecMSCryptoKeyDataHmacSet ()">xmlSecMSCryptoKeyDataHmacSet</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">xmlSecKeyDataId</span></font>
+<font><span class="returnvalue">xmlSecTransformId</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataHmacGetKlass" title="xmlSecMSCryptoKeyDataHmacGetKlass ()">xmlSecMSCryptoKeyDataHmacGetKlass</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacMd5GetKlass" title="xmlSecMSCryptoTransformHmacMd5GetKlass ()">xmlSecMSCryptoTransformHmacMd5GetKlass</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">int</span></font>
+<font><span class="returnvalue">xmlSecTransformId</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataHmacSet" title="xmlSecMSCryptoKeyDataHmacSet ()">xmlSecMSCryptoKeyDataHmacSet</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacRipemd160GetKlass" title="xmlSecMSCryptoTransformHmacRipemd160GetKlass ()">xmlSecMSCryptoTransformHmacRipemd160GetKlass</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<font><span class="returnvalue">xmlSecTransformId</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacMd5GetKlass" title="xmlSecMSCryptoTransformHmacMd5GetKlass ()">xmlSecMSCryptoTransformHmacMd5GetKlass</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha1GetKlass" title="xmlSecMSCryptoTransformHmacSha1GetKlass ()">xmlSecMSCryptoTransformHmacSha1GetKlass</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<font><span class="returnvalue">xmlSecTransformId</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha1GetKlass" title="xmlSecMSCryptoTransformHmacSha1GetKlass ()">xmlSecMSCryptoTransformHmacSha1GetKlass</a> <span class="c_punctuation">()</span>
+<a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha224GetKlass" title="xmlSecMSCryptoTransformHmacSha224GetKlass ()">xmlSecMSCryptoTransformHmacSha224GetKlass</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
</tr>
<tr>
<td class="define_keyword">#define</td>
+<td class="function_name"><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacRipemd160Id" title="xmlSecMSCryptoTransformHmacRipemd160Id">xmlSecMSCryptoTransformHmacRipemd160Id</a></td>
+</tr>
+<tr>
+<td class="define_keyword">#define</td>
<td class="function_name"><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha1Id" title="xmlSecMSCryptoTransformHmacSha1Id">xmlSecMSCryptoTransformHmacSha1Id</a></td>
</tr>
<tr>
<td class="define_keyword">#define</td>
+<td class="function_name"><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha224Id" title="xmlSecMSCryptoTransformHmacSha224Id">xmlSecMSCryptoTransformHmacSha224Id</a></td>
+</tr>
+<tr>
+<td class="define_keyword">#define</td>
<td class="function_name"><a class="link" href="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha256Id" title="xmlSecMSCryptoTransformHmacSha256Id">xmlSecMSCryptoTransformHmacSha256Id</a></td>
</tr>
<tr>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecMSCryptoHmacGetMinOutputLength"></a><h3>xmlSecMSCryptoHmacGetMinOutputLength ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecMSCryptoHmacGetMinOutputLength (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
-<p>Gets the value of min HMAC length.</p>
-<div class="refsect3">
-<a name="xmlSecMSCryptoHmacGetMinOutputLength.returns"></a><h4>Returns</h4>
-<p> the min HMAC output length</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecMSCryptoHmacSetMinOutputLength"></a><h3>xmlSecMSCryptoHmacSetMinOutputLength ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">void</span></font>
-xmlSecMSCryptoHmacSetMinOutputLength (<em class="parameter"><code><font><span class="type">int</span></font> min_length</code></em>);</pre>
-<p>Sets the min HMAC output length</p>
-<div class="refsect3">
-<a name="xmlSecMSCryptoHmacSetMinOutputLength.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>min_length</p></td>
-<td class="parameter_description"><p>the new min length</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-</div>
-<hr>
-<div class="refsect2">
<a name="xmlSecMSCryptoKeyDataHmacGetKlass"></a><h3>xmlSecMSCryptoKeyDataHmacGetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecKeyDataId</span></font>
xmlSecMSCryptoKeyDataHmacGetKlass (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecMSCryptoTransformHmacRipemd160GetKlass"></a><h3>xmlSecMSCryptoTransformHmacRipemd160GetKlass ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">xmlSecTransformId</span></font>
+xmlSecMSCryptoTransformHmacRipemd160GetKlass
+ (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
+<p>The HMAC-RIPEMD160 transform klass.</p>
+<div class="refsect3">
+<a name="xmlSecMSCryptoTransformHmacRipemd160GetKlass.returns"></a><h4>Returns</h4>
+<p> the HMAC-RIPEMD160 transform klass.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecMSCryptoTransformHmacSha1GetKlass"></a><h3>xmlSecMSCryptoTransformHmacSha1GetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecTransformId</span></font>
xmlSecMSCryptoTransformHmacSha1GetKlass
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecMSCryptoTransformHmacSha224GetKlass"></a><h3>xmlSecMSCryptoTransformHmacSha224GetKlass ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">xmlSecTransformId</span></font>
+xmlSecMSCryptoTransformHmacSha224GetKlass
+ (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
+<p>The HMAC-SHA224 transform klass.</p>
+<div class="refsect3">
+<a name="xmlSecMSCryptoTransformHmacSha224GetKlass.returns"></a><h4>Returns</h4>
+<p> the HMAC-SHA224 transform klass.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecMSCryptoTransformHmacSha256GetKlass"></a><h3>xmlSecMSCryptoTransformHmacSha256GetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecTransformId</span></font>
xmlSecMSCryptoTransformHmacSha256GetKlass
<div class="refsect2">
<a name="xmlSecMSCryptoKeyDataHmacId"></a><h3>xmlSecMSCryptoKeyDataHmacId</h3>
<pre class="programlisting">#define xmlSecMSCryptoKeyDataHmacId</pre>
+<div class="warning"><p><code class="literal">xmlSecMSCryptoKeyDataHmacId</code> is deprecated and should not be used in newly-written code.</p></div>
<p>The DHMAC key klass.</p>
</div>
<hr>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecMSCryptoTransformHmacRipemd160Id"></a><h3>xmlSecMSCryptoTransformHmacRipemd160Id</h3>
+<pre class="programlisting">#define xmlSecMSCryptoTransformHmacRipemd160Id</pre>
+<p>The HMAC with RipeMD160 signature transform klass.</p>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecMSCryptoTransformHmacSha1Id"></a><h3>xmlSecMSCryptoTransformHmacSha1Id</h3>
<pre class="programlisting">#define xmlSecMSCryptoTransformHmacSha1Id</pre>
<p>The HMAC with SHA1 signature transform klass.</p>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecMSCryptoTransformHmacSha224Id"></a><h3>xmlSecMSCryptoTransformHmacSha224Id</h3>
+<pre class="programlisting">#define xmlSecMSCryptoTransformHmacSha224Id</pre>
+<p>The HMAC with SHA224 signature transform klass.</p>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecMSCryptoTransformHmacSha256Id"></a><h3>xmlSecMSCryptoTransformHmacSha256Id</h3>
<pre class="programlisting">#define xmlSecMSCryptoTransformHmacSha256Id</pre>
<p>The HMAC with SHA256 signature transform klass.</p>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>keysstore: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-mscrypto-ref.html" title="XML Security Library for Microsoft Crypto API Reference.">
<link rel="prev" href="xmlsec-mscrypto-crypto.html" title="crypto">
<link rel="next" href="xmlsec-mscrypto-x509.html" title="x509">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library for Microsoft Crypto API Reference.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-reference.html" title="Part II. XML Security Library API Reference.">
<link rel="prev" href="xmlsec-nss-x509.html" title="x509">
<link rel="next" href="xmlsec-mscrypto-app.html" title="app">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>x509: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-mscrypto-ref.html" title="XML Security Library for Microsoft Crypto API Reference.">
<link rel="prev" href="xmlsec-mscrypto-keysstore.html" title="keysstore">
<link rel="next" href="xmlsec-msccng-ref.html" title="XML Security Library for Microsoft Cryptography API: Next Generation (CNG) Reference.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>nodeset: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-membuf.html" title="membuf">
<link rel="next" href="xmlsec-parser.html" title="parser">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<tr>
<td class="enum_member_name"><p><a name="xmlSecNodeSetTreeWithoutComments"></a>xmlSecNodeSetTreeWithoutComments</p></td>
<td class="enum_member_description"><p>nodes set = nodes in the list and
- all their subtress but no comment nodes.</p></td>
+all their subtress but no comment nodes.</p></td>
<td class="enum_member_annotations">Â </td>
</tr>
<tr>
<td class="enum_member_name"><p><a name="xmlSecNodeSetTreeInvert"></a>xmlSecNodeSetTreeInvert</p></td>
<td class="enum_member_description"><p>nodes set = all document nodes minus nodes in the
- list and all their subtress.</p></td>
+list and all their subtress.</p></td>
<td class="enum_member_annotations">Â </td>
</tr>
<tr>
<td class="enum_member_name"><p><a name="xmlSecNodeSetTreeWithoutCommentsInvert"></a>xmlSecNodeSetTreeWithoutCommentsInvert</p></td>
<td class="enum_member_description"><p>nodes set = all document nodes
- minus (nodes in the list and all their subtress
- plus all comment nodes).</p></td>
+minus (nodes in the list and all their subtress
+plus all comment nodes).</p></td>
<td class="enum_member_annotations">Â </td>
</tr>
<tr>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Compiling and linking on other systems.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-compiling.html" title="Building the application with XML Security Library.">
<link rel="prev" href="xmlsec-notes-compiling-windows.html" title="Compiling and linking on Windows.">
<link rel="next" href="xmlsec-notes-init-shutdown.html" title="Initialization and shutdown.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Compiling and linking on Unix.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-compiling.html" title="Building the application with XML Security Library.">
<link rel="prev" href="xmlsec-notes-include-files.html" title="Include files.">
<link rel="next" href="xmlsec-notes-compiling-windows.html" title="Compiling and linking on Windows.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Compiling and linking on Windows.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-compiling.html" title="Building the application with XML Security Library.">
<link rel="prev" href="xmlsec-notes-compiling-unix.html" title="Compiling and linking on Unix.">
<link rel="next" href="xmlsec-notes-compiling-others.html" title="Compiling and linking on other systems.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Building the application with XML Security Library.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-structure.html" title="XML Security Library Structure.">
<link rel="next" href="xmlsec-notes-include-files.html" title="Include files.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Using context objects.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-transforms.html" title="Transforms and transforms chain.">
<link rel="next" href="xmlsec-notes-new-crypto.html" title="Adding support for new cryptographic library.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Implementing a custom keys store.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-keysmngr.html" title="Keys manager.">
<link rel="prev" href="xmlsec-notes-keys-mngr-verify-decrypt.html" title="Using keys manager for verification/decryption.">
<link rel="next" href="xmlsec-notes-x509.html" title="Using X509 Certificates.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Decrypting an encrypted document: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-verify-decrypt.html" title="Verifing and decrypting documents.">
<link rel="prev" href="xmlsec-notes-verify.html" title="Verifying a signed document">
<link rel="next" href="xmlsec-notes-keys.html" title="Keys.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Creating dynamic encryption templates.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-templates.html" title="Creating dynamic templates.">
<link rel="prev" href="xmlsec-notes-dynamic-signature-templates.html" title="Creating dynamic signature templates.">
<link rel="next" href="xmlsec-notes-verify-decrypt.html" title="Verifing and decrypting documents.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Creating dynamic signature templates.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-templates.html" title="Creating dynamic templates.">
<link rel="prev" href="xmlsec-notes-templates.html" title="Creating dynamic templates.">
<link rel="next" href="xmlsec-notes-dynamic-encryption-templates.html" title="Creating dynamic encryption templates.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Encrypting data.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-sign-encrypt.html" title="Signing and encrypting documents.">
<link rel="prev" href="xmlsec-notes-sign.html" title="Signing a document.">
<link rel="next" href="xmlsec-notes-templates.html" title="Creating dynamic templates.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Include files.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-compiling.html" title="Building the application with XML Security Library.">
<link rel="prev" href="xmlsec-notes-compiling.html" title="Building the application with XML Security Library.">
<link rel="next" href="xmlsec-notes-compiling-unix.html" title="Compiling and linking on Unix.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Initialization and shutdown.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-compiling-others.html" title="Compiling and linking on other systems.">
<link rel="next" href="xmlsec-notes-sign-encrypt.html" title="Signing and encrypting documents.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Using keys manager for signatures/encryption.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-keysmngr.html" title="Keys manager.">
<link rel="prev" href="xmlsec-notes-simple-keys-store.html" title="Simple keys store.">
<link rel="next" href="xmlsec-notes-keys-mngr-verify-decrypt.html" title="Using keys manager for verification/decryption.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Using keys manager for verification/decryption.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-keysmngr.html" title="Keys manager.">
<link rel="prev" href="xmlsec-notes-keys-manager-sign-enc.html" title="Using keys manager for signatures/encryption.">
<link rel="next" href="xmlsec-notes-custom-keys-store.html" title="Implementing a custom keys store.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Keys.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-decrypt.html" title="Decrypting an encrypted document">
<link rel="next" href="xmlsec-notes-keysmngr.html" title="Keys manager.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Keys manager.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-keys.html" title="Keys.">
<link rel="next" href="xmlsec-notes-simple-keys-store.html" title="Simple keys store.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>xmlSecCryptoApp* functions.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-new-crypto.html" title="Adding support for new cryptographic library.">
<link rel="prev" href="xmlsec-notes-new-crypto-skeleton.html" title="Creating a framework from the skeleton.">
<link rel="next" href="xmlsec-notes-new-crypto-klasses.html" title="Klasses and objects.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Key stores.</title>
<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.76b+
">
<link rel="UP" title="Adding support for new cryptographic library." href="xmlsec-notes-new-crypto.html">
<link rel="PREVIOUS" title="Keys." href="xmlsec-notes-new-crypto-keys.html">
<link rel="NEXT" title="Simple keys manager." href="xmlsec-notes-new-crypto-simple-keys-mngr.html">
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="../api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="../xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="../xmlenc.html">XML Encryption</a></li>
<li><a href="../c14n.html">XML Canonicalization</a></li>
<li><a href="../bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="../related.html">Related</a></li>
<li><a href="../authors.html">Authors</a></li>
</ul>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Keys data and keys data stores.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-new-crypto.html" title="Adding support for new cryptographic library.">
<link rel="prev" href="xmlsec-notes-new-crypto-transforms.html" title="Cryptographic transforms.">
<link rel="next" href="xmlsec-notes-new-crypto-simple-keys-mngr.html" title="Default keys manager.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<p>TODO</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Klasses and objects.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-new-crypto.html" title="Adding support for new cryptographic library.">
<link rel="prev" href="xmlsec-notes-new-crypto-functions.html" title="xmlSecCryptoApp* functions.">
<link rel="next" href="xmlsec-notes-new-crypto-transforms.html" title="Cryptographic transforms.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Sharing the results.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-new-crypto.html" title="Adding support for new cryptographic library.">
<link rel="prev" href="xmlsec-notes-new-crypto-simple-keys-mngr.html" title="Default keys manager.">
<link rel="next" href="xmlsec-examples.html" title="Examples.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Default keys manager.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-new-crypto.html" title="Adding support for new cryptographic library.">
<link rel="prev" href="xmlsec-notes-new-crypto-keys.html" title="Keys data and keys data stores.">
<link rel="next" href="xmlsec-notes-new-crypto-sharing-results.html" title="Sharing the results.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Creating a framework from the skeleton.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-new-crypto.html" title="Adding support for new cryptographic library.">
<link rel="prev" href="xmlsec-notes-new-crypto.html" title="Adding support for new cryptographic library.">
<link rel="next" href="xmlsec-notes-new-crypto-functions.html" title="xmlSecCryptoApp* functions.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Cryptographic transforms.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-new-crypto.html" title="Adding support for new cryptographic library.">
<link rel="prev" href="xmlsec-notes-new-crypto-klasses.html" title="Klasses and objects.">
<link rel="next" href="xmlsec-notes-new-crypto-keys.html" title="Keys data and keys data stores.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Adding support for new cryptographic library.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-contexts.html" title="Using context objects.">
<link rel="next" href="xmlsec-notes-new-crypto-skeleton.html" title="Creating a framework from the skeleton.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Overview.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="next" href="xmlsec-notes-structure.html" title="XML Security Library Structure.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Signing and encrypting documents.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-init-shutdown.html" title="Initialization and shutdown.">
<link rel="next" href="xmlsec-notes-sign.html" title="Signing a document.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Signing data with X509 certificate.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-x509.html" title="Using X509 Certificates.">
<link rel="prev" href="xmlsec-notes-x509.html" title="Using X509 Certificates.">
<link rel="next" href="xmlsec-notes-verify-x509.html" title="Verifing document signed with X509 certificates.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Signing a document.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-sign-encrypt.html" title="Signing and encrypting documents.">
<link rel="prev" href="xmlsec-notes-sign-encrypt.html" title="Signing and encrypting documents.">
<link rel="next" href="xmlsec-notes-encrypt.html" title="Encrypting data.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Simple keys store.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-keysmngr.html" title="Keys manager.">
<link rel="prev" href="xmlsec-notes-keysmngr.html" title="Keys manager.">
<link rel="next" href="xmlsec-notes-keys-manager-sign-enc.html" title="Using keys manager for signatures/encryption.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library Structure.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-overview.html" title="Overview.">
<link rel="next" href="xmlsec-notes-compiling.html" title="Building the application with XML Security Library.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
a matter of changing several #include directives.</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Creating dynamic templates.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-encrypt.html" title="Encrypting data.">
<link rel="next" href="xmlsec-notes-dynamic-signature-templates.html" title="Creating dynamic signature templates.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Transforms and transforms chain.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-verify-x509.html" title="Verifing document signed with X509 certificates.">
<link rel="next" href="xmlsec-notes-contexts.html" title="Using context objects.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Verifing and decrypting documents.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-dynamic-encryption-templates.html" title="Creating dynamic encryption templates.">
<link rel="next" href="xmlsec-notes-verify.html" title="Verifying a signed document">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Verifing document signed with X509 certificates.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-x509.html" title="Using X509 Certificates.">
<link rel="prev" href="xmlsec-notes-sign-x509.html" title="Signing data with X509 certificate.">
<link rel="next" href="xmlsec-notes-transforms.html" title="Transforms and transforms chain.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Verifying a signed document: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-verify-decrypt.html" title="Verifing and decrypting documents.">
<link rel="prev" href="xmlsec-notes-verify-decrypt.html" title="Verifing and decrypting documents.">
<link rel="next" href="xmlsec-notes-decrypt.html" title="Decrypting an encrypted document">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Using X509 Certificates.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-custom-keys-store.html" title="Implementing a custom keys store.">
<link rel="next" href="xmlsec-notes-sign-x509.html" title="Signing data with X509 certificate.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Part I. XML Security Library Tutorial: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="index.html" title="XML Security Library Reference Manual">
<link rel="prev" href="index.html" title="XML Security Library Reference Manual">
<link rel="next" href="xmlsec-notes-overview.html" title="Overview.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>app: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-nss-ref.html" title="XML Security Library for NSS API Reference.">
<link rel="prev" href="xmlsec-nss-ref.html" title="XML Security Library for NSS API Reference.">
-<link rel="next" href="xmlsec-nss-bignum.html" title="bignum">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<link rel="next" href="xmlsec-nss-crypto.html" title="crypto">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td>
<td><a accesskey="u" href="xmlsec-nss-ref.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td>
<td><a accesskey="p" href="xmlsec-nss-ref.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td>
-<td><a accesskey="n" href="xmlsec-nss-
bignum.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td>
+<td><a accesskey="n" href="xmlsec-nss-
crypto.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td>
</tr></table>
<div class="refentry">
<a name="xmlsec-nss-app"></a><div class="titlepage"></div>
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-nss-app.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>crypto: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-nss-ref.html" title="XML Security Library for NSS API Reference.">
-<link rel="prev" href="xmlsec-nss-bignum.html" title="bignum">
+<link rel="prev" href="xmlsec-nss-app.html" title="app">
<link rel="next" href="xmlsec-nss-keysstore.html" title="keysstore">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</td>
<td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td>
<td><a accesskey="u" href="xmlsec-nss-ref.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td>
-<td><a accesskey="p" href="xmlsec-nss-
bignum.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td>
+<td><a accesskey="p" href="xmlsec-nss-
app.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td>
<td><a accesskey="n" href="xmlsec-nss-keysstore.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td>
</tr></table>
<div class="refentry">
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">int</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-nss-crypto.html#xmlSecNssHmacGetMinOutputLength" title="xmlSecNssHmacGetMinOutputLength ()">xmlSecNssHmacGetMinOutputLength</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">void</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-nss-crypto.html#xmlSecNssHmacSetMinOutputLength" title="xmlSecNssHmacSetMinOutputLength ()">xmlSecNssHmacSetMinOutputLength</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
<font><span class="returnvalue">xmlSecKeyDataId</span></font>
</td>
<td class="function_name">
<tbody>
<tr>
<td class="define_keyword">#define</td>
+<td class="function_name"><a class="link" href="xmlsec-openssl-crypto.html#XMLSEC-NO-MD5:CAPS" title="XMLSEC_NO_MD5">XMLSEC_NO_MD5</a></td>
+</tr>
+<tr>
+<td class="define_keyword">#define</td>
<td class="function_name"><a class="link" href="xmlsec-nss-crypto.html#xmlSecNssKeyDataAesId" title="xmlSecNssKeyDataAesId">xmlSecNssKeyDataAesId</a></td>
</tr>
<tr>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecNssHmacGetMinOutputLength"></a><h3>xmlSecNssHmacGetMinOutputLength ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecNssHmacGetMinOutputLength (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
-<p>Gets the value of min HMAC length.</p>
-<div class="refsect3">
-<a name="xmlSecNssHmacGetMinOutputLength.returns"></a><h4>Returns</h4>
-<p> the min HMAC output length</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecNssHmacSetMinOutputLength"></a><h3>xmlSecNssHmacSetMinOutputLength ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">void</span></font>
-xmlSecNssHmacSetMinOutputLength (<em class="parameter"><code><font><span class="type">int</span></font> min_length</code></em>);</pre>
-<p>Sets the min HMAC output length</p>
-<div class="refsect3">
-<a name="xmlSecNssHmacSetMinOutputLength.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>min_length</p></td>
-<td class="parameter_description"><p>the new min length</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-</div>
-<hr>
-<div class="refsect2">
<a name="xmlSecNssKeyDataHmacGetKlass"></a><h3>xmlSecNssKeyDataHmacGetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecKeyDataId</span></font>
xmlSecNssKeyDataHmacGetKlass (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
<div class="refsect1">
<a name="xmlsec-nss-crypto.other_details"></a><h2>Types and Values</h2>
<div class="refsect2">
+<a name="XMLSEC-NO-MD5:CAPS"></a><h3>XMLSEC_NO_MD5</h3>
+<pre class="programlisting">#define XMLSEC_NO_MD5 1
+</pre>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecNssKeyDataAesId"></a><h3>xmlSecNssKeyDataAesId</h3>
<pre class="programlisting">#define xmlSecNssKeyDataAesId</pre>
<p>The AES key data klass.</p>
<div class="refsect2">
<a name="xmlSecNssKeyDataHmacId"></a><h3>xmlSecNssKeyDataHmacId</h3>
<pre class="programlisting">#define xmlSecNssKeyDataHmacId</pre>
+<div class="warning"><p><code class="literal">xmlSecNssKeyDataHmacId</code> is deprecated and should not be used in newly-written code.</p></div>
<p>The DHMAC key data klass.</p>
</div>
<hr>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>keysstore: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-nss-ref.html" title="XML Security Library for NSS API Reference.">
<link rel="prev" href="xmlsec-nss-crypto.html" title="crypto">
<link rel="next" href="xmlsec-nss-pkikeys.html" title="pkikeys">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>pkikeys: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-nss-ref.html" title="XML Security Library for NSS API Reference.">
<link rel="prev" href="xmlsec-nss-keysstore.html" title="keysstore">
<link rel="next" href="xmlsec-nss-x509.html" title="x509">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-nss-pkikeys.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library for NSS API Reference.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-reference.html" title="Part II. XML Security Library API Reference.">
<link rel="prev" href="xmlsec-gcrypt-crypto.html" title="crypto">
<link rel="next" href="xmlsec-nss-app.html" title="app">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<span class="refentrytitle"><a href="xmlsec-nss-app.html">app</a></span><span class="refpurpose"> — Application support functions for NSS.</span>
</dt>
<dt>
-<span class="refentrytitle"><a href="xmlsec-nss-bignum.html">bignum</a></span><span class="refpurpose"> — Big numbers support functions implementation for NSS.</span>
-</dt>
-<dt>
<span class="refentrytitle"><a href="xmlsec-nss-crypto.html">crypto</a></span><span class="refpurpose"> — Crypto transforms implementation for NSS.</span>
</dt>
<dt>
build by extracting comments from the code sources. </p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>x509: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-nss-ref.html" title="XML Security Library for NSS API Reference.">
<link rel="prev" href="xmlsec-nss-pkikeys.html" title="pkikeys">
<link rel="next" href="xmlsec-mscrypto-ref.html" title="XML Security Library for Microsoft Crypto API Reference.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<font><span class="returnvalue">CERTCertificate</span></font>Â *
</td>
<td class="function_name">
+<a class="link" href="xmlsec-nss-x509.html#xmlSecNssX509StoreFindCert-ex" title="xmlSecNssX509StoreFindCert_ex ()">xmlSecNssX509StoreFindCert_ex</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">CERTCertificate</span></font>Â *
+</td>
+<td class="function_name">
<a class="link" href="xmlsec-nss-x509.html#xmlSecNssX509StoreVerify" title="xmlSecNssX509StoreVerify ()">xmlSecNssX509StoreVerify</a> <span class="c_punctuation">()</span>
</td>
</tr>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecNssX509StoreFindCert-ex"></a><h3>xmlSecNssX509StoreFindCert_ex ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">CERTCertificate</span></font>Â *
+xmlSecNssX509StoreFindCert_ex (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="type">xmlSecKeyDataStorePtr</span></a> store</code></em>,
+ <em class="parameter"><code><font><span class="type">xmlChar</span></font> *subjectName</code></em>,
+ <em class="parameter"><code><font><span class="type">xmlChar</span></font> *issuerName</code></em>,
+ <em class="parameter"><code><font><span class="type">xmlChar</span></font> *issuerSerial</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *ski</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> skiSize</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-keyinfo.html#xmlSecKeyInfoCtx" title="struct xmlSecKeyInfoCtx"><span class="type">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code></em>);</pre>
+<p>Searches <em class="parameter"><code>store</code></em>
+ for a certificate that matches given criteria.</p>
+<div class="refsect3">
+<a name="xmlSecNssX509StoreFindCert-ex.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody>
+<tr>
+<td class="parameter_name"><p>store</p></td>
+<td class="parameter_description"><p>the pointer to X509 key data store klass.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>subjectName</p></td>
+<td class="parameter_description"><p>the desired certificate name.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>issuerName</p></td>
+<td class="parameter_description"><p>the desired certificate issuer name.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>issuerSerial</p></td>
+<td class="parameter_description"><p>the desired certificate issuer serial number.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>ski</p></td>
+<td class="parameter_description"><p>the desired certificate SKI.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>skiSize</p></td>
+<td class="parameter_description"><p>the desired certificate SKI size.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>keyInfoCtx</p></td>
+<td class="parameter_description"><p>the pointer to <a class="ulink" href="" target="_top"><dsig:KeyInfo/></a> element processing context.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+</tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecNssX509StoreFindCert-ex.returns"></a><h4>Returns</h4>
+<p> pointer to found certificate or NULL if certificate is not found
+or an error occurs.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecNssX509StoreVerify"></a><h3>xmlSecNssX509StoreVerify ()</h3>
<pre class="programlisting"><font><span class="returnvalue">CERTCertificate</span></font>Â *
xmlSecNssX509StoreVerify (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="type">xmlSecKeyDataStorePtr</span></a> store</code></em>,
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>app: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-openssl-ref.html" title="XML Security Library for OpenSLL API Reference.">
<link rel="prev" href="xmlsec-openssl-ref.html" title="XML Security Library for OpenSLL API Reference.">
-<link rel="next" href="xmlsec-openssl-bn.html" title="bn">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<link rel="next" href="xmlsec-openssl-crypto.html" title="crypto">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td>
<td><a accesskey="u" href="xmlsec-openssl-ref.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td>
<td><a accesskey="p" href="xmlsec-openssl-ref.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td>
-<td><a accesskey="n" href="xmlsec-openssl-
bn.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td>
+<td><a accesskey="n" href="xmlsec-openssl-
crypto.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td>
</tr></table>
<div class="refentry">
<a name="xmlsec-openssl-app"></a><div class="titlepage"></div>
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-openssl-app.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>crypto: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-openssl-ref.html" title="XML Security Library for OpenSLL API Reference.">
-<link rel="prev" href="xmlsec-openssl-bn.html" title="bn">
+<link rel="prev" href="xmlsec-openssl-app.html" title="app">
<link rel="next" href="xmlsec-openssl-evp.html" title="evp">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</td>
<td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td>
<td><a accesskey="u" href="xmlsec-openssl-ref.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td>
-<td><a accesskey="p" href="xmlsec-openssl-
bn.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td>
+<td><a accesskey="p" href="xmlsec-openssl-
app.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td>
<td><a accesskey="n" href="xmlsec-openssl-evp.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td>
</tr></table>
<div class="refentry">
</tr>
<tr>
<td class="function_type">
+<font><span class="returnvalue">int</span></font>
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLSetLibCtx" title="xmlSecOpenSSLSetLibCtx ()">xmlSecOpenSSLSetLibCtx</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">OSSL_LIB_CTX</span></font>Â *
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLGetLibCtx" title="xmlSecOpenSSLGetLibCtx ()">xmlSecOpenSSLGetLibCtx</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">BIO</span></font>Â *
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLCreateMemBio" title="xmlSecOpenSSLCreateMemBio ()">xmlSecOpenSSLCreateMemBio</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">BIO</span></font>Â *
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLCreateMemBufBio" title="xmlSecOpenSSLCreateMemBufBio ()">xmlSecOpenSSLCreateMemBufBio</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">BIO</span></font>Â *
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLCreateReadFileBio" title="xmlSecOpenSSLCreateReadFileBio ()">xmlSecOpenSSLCreateReadFileBio</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
<font><span class="returnvalue">xmlSecKeyDataId</span></font>
</td>
<td class="function_name">
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaAdoptDsa" title="xmlSecOpenSSLKeyDataDsaAdoptDsa ()">xmlSecOpenSSLKeyDataDsaAdoptDsa</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">DSA</span></font>Â *
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaGetDsa" title="xmlSecOpenSSLKeyDataDsaGetDsa ()">xmlSecOpenSSLKeyDataDsaGetDsa</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">int</span></font>
-</td>
-<td class="function_name">
<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaAdoptEvp" title="xmlSecOpenSSLKeyDataDsaAdoptEvp ()">xmlSecOpenSSLKeyDataDsaAdoptEvp</a> <span class="c_punctuation">()</span>
</td>
</tr>
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa" title="xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa ()">xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">EC_KEY</span></font>Â *
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaGetEcdsa" title="xmlSecOpenSSLKeyDataEcdsaGetEcdsa ()">xmlSecOpenSSLKeyDataEcdsaGetEcdsa</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">int</span></font>
-</td>
-<td class="function_name">
<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaAdoptEvp" title="xmlSecOpenSSLKeyDataEcdsaAdoptEvp ()">xmlSecOpenSSLKeyDataEcdsaAdoptEvp</a> <span class="c_punctuation">()</span>
</td>
</tr>
</tr>
<tr>
<td class="function_type">
-<font><span class="returnvalue">int</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLHmacGetMinOutputLength" title="xmlSecOpenSSLHmacGetMinOutputLength ()">xmlSecOpenSSLHmacGetMinOutputLength</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">void</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLHmacSetMinOutputLength" title="xmlSecOpenSSLHmacSetMinOutputLength ()">xmlSecOpenSSLHmacSetMinOutputLength</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
<font><span class="returnvalue">xmlSecKeyDataId</span></font>
</td>
<td class="function_name">
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
-<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaAdoptRsa" title="xmlSecOpenSSLKeyDataRsaAdoptRsa ()">xmlSecOpenSSLKeyDataRsaAdoptRsa</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">RSA</span></font>Â *
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaGetRsa" title="xmlSecOpenSSLKeyDataRsaGetRsa ()">xmlSecOpenSSLKeyDataRsaGetRsa</a> <span class="c_punctuation">()</span>
-</td>
-</tr>
-<tr>
-<td class="function_type">
-<font><span class="returnvalue">int</span></font>
-</td>
-<td class="function_name">
<a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaAdoptEvp" title="xmlSecOpenSSLKeyDataRsaAdoptEvp ()">xmlSecOpenSSLKeyDataRsaAdoptEvp</a> <span class="c_punctuation">()</span>
</td>
</tr>
</tr>
<tr>
<td class="define_keyword">#define</td>
+<td class="function_name"><a class="link" href="xmlsec-openssl-crypto.html#XMLSEC-OPENSSL-API-300:CAPS" title="XMLSEC_OPENSSL_API_300">XMLSEC_OPENSSL_API_300</a></td>
+</tr>
+<tr>
+<td class="define_keyword">#define</td>
+<td class="function_name"><a class="link" href="xmlsec-openssl-crypto.html#XMLSEC-OPENSSL-API-111:CAPS" title="XMLSEC_OPENSSL_API_111">XMLSEC_OPENSSL_API_111</a></td>
+</tr>
+<tr>
+<td class="define_keyword">#define</td>
<td class="function_name"><a class="link" href="xmlsec-openssl-crypto.html#XMLSEC-NO-AES:CAPS" title="XMLSEC_NO_AES">XMLSEC_NO_AES</a></td>
</tr>
<tr>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecOpenSSLSetLibCtx"></a><h3>xmlSecOpenSSLSetLibCtx ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">int</span></font>
+xmlSecOpenSSLSetLibCtx (<em class="parameter"><code><font><span class="type">OSSL_LIB_CTX</span></font> *libctx</code></em>);</pre>
+<p>Sets the OSSL_LIB_CTX object to be used by xmlsec-openssl. The caller is
+responsible for lifetime of this object.</p>
+<div class="refsect3">
+<a name="xmlSecOpenSSLSetLibCtx.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody><tr>
+<td class="parameter_name"><p>libctx</p></td>
+<td class="parameter_description"><p>the OSSL_LIB_CTX object to be used by xmlsec-openssl
+or NULL to use default.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr></tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecOpenSSLSetLibCtx.returns"></a><h4>Returns</h4>
+<p> 0 on success or a negative value if an error occurs.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecOpenSSLGetLibCtx"></a><h3>xmlSecOpenSSLGetLibCtx ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">OSSL_LIB_CTX</span></font>Â *
+xmlSecOpenSSLGetLibCtx (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
+<p>Gets the current OSSL_LIB_CTX object to be used by xmlsec-openssl or
+NULL if the default one is used.</p>
+<div class="refsect3">
+<a name="xmlSecOpenSSLGetLibCtx.returns"></a><h4>Returns</h4>
+<p> the current OSSL_LIB_CTX object or NULL if default is used.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecOpenSSLCreateMemBio"></a><h3>xmlSecOpenSSLCreateMemBio ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">BIO</span></font>Â *
+xmlSecOpenSSLCreateMemBio (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
+<p>Creates a memory BIO using <a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLGetLibCtx" title="xmlSecOpenSSLGetLibCtx ()"><code class="function">xmlSecOpenSSLGetLibCtx()</code></a> for OpenSSL 3.0.</p>
+<div class="refsect3">
+<a name="xmlSecOpenSSLCreateMemBio.returns"></a><h4>Returns</h4>
+<p> the pointer to BIO object or NULL if an error occurs/</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecOpenSSLCreateMemBufBio"></a><h3>xmlSecOpenSSLCreateMemBufBio ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">BIO</span></font>Â *
+xmlSecOpenSSLCreateMemBufBio (<em class="parameter"><code>const <a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *buf</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> bufSize</code></em>);</pre>
+<p>Creates a read-only memory BIO using <a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLGetLibCtx" title="xmlSecOpenSSLGetLibCtx ()"><code class="function">xmlSecOpenSSLGetLibCtx()</code></a> for
+OpenSSL 3.0 containing <em class="parameter"><code>len</code></em>
+ bytes of data from <em class="parameter"><code>buf</code></em>
+.</p>
+<div class="refsect3">
+<a name="xmlSecOpenSSLCreateMemBufBio.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody>
+<tr>
+<td class="parameter_name"><p>buf</p></td>
+<td class="parameter_description"><p>the data</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>bufSize</p></td>
+<td class="parameter_description"><p>the data size</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+</tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecOpenSSLCreateMemBufBio.returns"></a><h4>Returns</h4>
+<p> the pointer to BIO object or NULL if an error occurs/</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecOpenSSLCreateReadFileBio"></a><h3>xmlSecOpenSSLCreateReadFileBio ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">BIO</span></font>Â *
+xmlSecOpenSSLCreateReadFileBio (<em class="parameter"><code>const <font><span class="type">char</span></font> *path</code></em>);</pre>
+<p>Creates a read-only file BIO using <a class="link" href="xmlsec-openssl-crypto.html#xmlSecOpenSSLGetLibCtx" title="xmlSecOpenSSLGetLibCtx ()"><code class="function">xmlSecOpenSSLGetLibCtx()</code></a> for
+OpenSSL 3.0.</p>
+<div class="refsect3">
+<a name="xmlSecOpenSSLCreateReadFileBio.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody><tr>
+<td class="parameter_name"><p>path</p></td>
+<td class="parameter_description"><p>the file path</p></td>
+<td class="parameter_annotations">Â </td>
+</tr></tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecOpenSSLCreateReadFileBio.returns"></a><h4>Returns</h4>
+<p> the pointer to BIO object or NULL if an error occurs/</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecOpenSSLKeyDataAesGetKlass"></a><h3>xmlSecOpenSSLKeyDataAesGetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecKeyDataId</span></font>
xmlSecOpenSSLKeyDataAesGetKlass (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecOpenSSLKeyDataDsaAdoptDsa"></a><h3>xmlSecOpenSSLKeyDataDsaAdoptDsa ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecOpenSSLKeyDataDsaAdoptDsa (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
- <em class="parameter"><code><font><span class="type">DSA</span></font> *dsa</code></em>);</pre>
-<p>Sets the value of DSA key data.</p>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataDsaAdoptDsa.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to DSA key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>dsa</p></td>
-<td class="parameter_description"><p>the pointer to OpenSSL DSA key.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataDsaAdoptDsa.returns"></a><h4>Returns</h4>
-<p> 0 on success or a negative value otherwise.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecOpenSSLKeyDataDsaGetDsa"></a><h3>xmlSecOpenSSLKeyDataDsaGetDsa ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">DSA</span></font>Â *
-xmlSecOpenSSLKeyDataDsaGetDsa (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>);</pre>
-<p>Gets the OpenSSL DSA key from DSA key data.</p>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataDsaGetDsa.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to DSA key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataDsaGetDsa.returns"></a><h4>Returns</h4>
-<p> pointer to OpenSSL DSA key or NULL if an error occurs.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
<a name="xmlSecOpenSSLKeyDataDsaAdoptEvp"></a><h3>xmlSecOpenSSLKeyDataDsaAdoptEvp ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
xmlSecOpenSSLKeyDataDsaAdoptEvp (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa"></a><h3>xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
- <em class="parameter"><code><font><span class="type">EC_KEY</span></font> *ecdsa</code></em>);</pre>
-<p>Sets the value of ECDSA key data.</p>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to ECDSA key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>ecdsa</p></td>
-<td class="parameter_description"><p>the pointer to OpenSSL ECDSA key.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa.returns"></a><h4>Returns</h4>
-<p> 0 on success or a negative value otherwise.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecOpenSSLKeyDataEcdsaGetEcdsa"></a><h3>xmlSecOpenSSLKeyDataEcdsaGetEcdsa ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">EC_KEY</span></font>Â *
-xmlSecOpenSSLKeyDataEcdsaGetEcdsa (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>);</pre>
-<p>Gets the OpenSSL ECDSA key from ECDSA key data.</p>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataEcdsaGetEcdsa.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to ECDSA key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataEcdsaGetEcdsa.returns"></a><h4>Returns</h4>
-<p> pointer to OpenSSL ECDSA key or NULL if an error occurs.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
<a name="xmlSecOpenSSLKeyDataEcdsaAdoptEvp"></a><h3>xmlSecOpenSSLKeyDataEcdsaAdoptEvp ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
xmlSecOpenSSLKeyDataEcdsaAdoptEvp (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecOpenSSLHmacGetMinOutputLength"></a><h3>xmlSecOpenSSLHmacGetMinOutputLength ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecOpenSSLHmacGetMinOutputLength (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
-<p>Gets the value of min HMAC length.</p>
-<div class="refsect3">
-<a name="xmlSecOpenSSLHmacGetMinOutputLength.returns"></a><h4>Returns</h4>
-<p> the min HMAC output length</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecOpenSSLHmacSetMinOutputLength"></a><h3>xmlSecOpenSSLHmacSetMinOutputLength ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">void</span></font>
-xmlSecOpenSSLHmacSetMinOutputLength (<em class="parameter"><code><font><span class="type">int</span></font> min_length</code></em>);</pre>
-<p>Sets the min HMAC output length</p>
-<div class="refsect3">
-<a name="xmlSecOpenSSLHmacSetMinOutputLength.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>min_length</p></td>
-<td class="parameter_description"><p>the new min length</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-</div>
-<hr>
-<div class="refsect2">
<a name="xmlSecOpenSSLKeyDataHmacGetKlass"></a><h3>xmlSecOpenSSLKeyDataHmacGetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecKeyDataId</span></font>
xmlSecOpenSSLKeyDataHmacGetKlass (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
</div>
<hr>
<div class="refsect2">
-<a name="xmlSecOpenSSLKeyDataRsaAdoptRsa"></a><h3>xmlSecOpenSSLKeyDataRsaAdoptRsa ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecOpenSSLKeyDataRsaAdoptRsa (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
- <em class="parameter"><code><font><span class="type">RSA</span></font> *rsa</code></em>);</pre>
-<p>Sets the value of RSA key data.</p>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataRsaAdoptRsa.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to RSA key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>rsa</p></td>
-<td class="parameter_description"><p>the pointer to OpenSSL RSA key.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataRsaAdoptRsa.returns"></a><h4>Returns</h4>
-<p> 0 on success or a negative value otherwise.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
-<a name="xmlSecOpenSSLKeyDataRsaGetRsa"></a><h3>xmlSecOpenSSLKeyDataRsaGetRsa ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">RSA</span></font>Â *
-xmlSecOpenSSLKeyDataRsaGetRsa (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>);</pre>
-<p>Gets the OpenSSL RSA key from RSA key data.</p>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataRsaGetRsa.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="parameter_name"><p>data</p></td>
-<td class="parameter_description"><p>the pointer to RSA key data.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr></tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecOpenSSLKeyDataRsaGetRsa.returns"></a><h4>Returns</h4>
-<p> pointer to OpenSSL RSA key or NULL if an error occurs.</p>
-</div>
-</div>
-<hr>
-<div class="refsect2">
<a name="xmlSecOpenSSLKeyDataRsaAdoptEvp"></a><h3>xmlSecOpenSSLKeyDataRsaAdoptEvp ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
xmlSecOpenSSLKeyDataRsaAdoptEvp (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyData" title="struct xmlSecKeyData"><span class="type">xmlSecKeyDataPtr</span></a> data</code></em>,
</div>
<hr>
<div class="refsect2">
+<a name="XMLSEC-OPENSSL-API-300:CAPS"></a><h3>XMLSEC_OPENSSL_API_300</h3>
+<pre class="programlisting">#define XMLSEC_OPENSSL_API_300 1
+</pre>
+</div>
+<hr>
+<div class="refsect2">
+<a name="XMLSEC-OPENSSL-API-111:CAPS"></a><h3>XMLSEC_OPENSSL_API_111</h3>
+<pre class="programlisting">#define XMLSEC_OPENSSL_API_111 1
+</pre>
+</div>
+<hr>
+<div class="refsect2">
<a name="XMLSEC-NO-AES:CAPS"></a><h3>XMLSEC_NO_AES</h3>
<pre class="programlisting">#define XMLSEC_NO_AES 1
</pre>
<div class="refsect2">
<a name="xmlSecOpenSSLTransformDsaSha1Id"></a><h3>xmlSecOpenSSLTransformDsaSha1Id</h3>
<pre class="programlisting">#define xmlSecOpenSSLTransformDsaSha1Id</pre>
+<div class="warning"><p><code class="literal">xmlSecOpenSSLTransformDsaSha1Id</code> is deprecated and should not be used in newly-written code.</p></div>
<p>The DSA SHA1 signature transform klass.</p>
</div>
<hr>
<div class="refsect2">
<a name="xmlSecOpenSSLTransformEcdsaSha1Id"></a><h3>xmlSecOpenSSLTransformEcdsaSha1Id</h3>
<pre class="programlisting">#define xmlSecOpenSSLTransformEcdsaSha1Id</pre>
+<div class="warning"><p><code class="literal">xmlSecOpenSSLTransformEcdsaSha1Id</code> is deprecated and should not be used in newly-written code.</p></div>
<p>The ECDSA-SHA1 signature transform klass.</p>
</div>
<hr>
<div class="refsect2">
<a name="xmlSecOpenSSLKeyDataHmacId"></a><h3>xmlSecOpenSSLKeyDataHmacId</h3>
<pre class="programlisting">#define xmlSecOpenSSLKeyDataHmacId</pre>
+<div class="warning"><p><code class="literal">xmlSecOpenSSLKeyDataHmacId</code> is deprecated and should not be used in newly-written code.</p></div>
<p>The DHMAC key klass.</p>
</div>
<hr>
<div class="refsect2">
<a name="xmlSecOpenSSLTransformRsaMd5Id"></a><h3>xmlSecOpenSSLTransformRsaMd5Id</h3>
<pre class="programlisting">#define xmlSecOpenSSLTransformRsaMd5Id</pre>
+<div class="warning"><p><code class="literal">xmlSecOpenSSLTransformRsaMd5Id</code> is deprecated and should not be used in newly-written code.</p></div>
<p>The RSA-MD5 signature transform klass.</p>
</div>
<hr>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>evp: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-openssl-ref.html" title="XML Security Library for OpenSLL API Reference.">
<link rel="prev" href="xmlsec-openssl-crypto.html" title="crypto">
<link rel="next" href="xmlsec-openssl-x509.html" title="x509">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-openssl-evp.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library for OpenSLL API Reference.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-reference.html" title="Part II. XML Security Library API Reference.">
<link rel="prev" href="xmlsec-x509.html" title="x509">
<link rel="next" href="xmlsec-openssl-app.html" title="app">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<span class="refentrytitle"><a href="xmlsec-openssl-app.html">app</a></span><span class="refpurpose"> — Application support functions for OpenSSL.</span>
</dt>
<dt>
-<span class="refentrytitle"><a href="xmlsec-openssl-bn.html">bn</a></span><span class="refpurpose"> — Big numbers (BIGNUM) support functions implementation for OpenSSL.</span>
-</dt>
-<dt>
<span class="refentrytitle"><a href="xmlsec-openssl-crypto.html">crypto</a></span><span class="refpurpose"> — Crypto transforms implementation for OpenSSL.</span>
</dt>
<dt>
build by extracting comments from the code sources. </p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>x509: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-openssl-ref.html" title="XML Security Library for OpenSLL API Reference.">
<link rel="prev" href="xmlsec-openssl-evp.html" title="evp">
<link rel="next" href="xmlsec-gnutls-ref.html" title="XML Security Library for GnuTLS API Reference.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<font><span class="returnvalue">X509</span></font>Â *
</td>
<td class="function_name">
+<a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreFindCert-ex" title="xmlSecOpenSSLX509StoreFindCert_ex ()">xmlSecOpenSSLX509StoreFindCert_ex</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">X509</span></font>Â *
+</td>
+<td class="function_name">
<a class="link" href="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreVerify" title="xmlSecOpenSSLX509StoreVerify ()">xmlSecOpenSSLX509StoreVerify</a> <span class="c_punctuation">()</span>
</td>
</tr>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecOpenSSLX509StoreFindCert-ex"></a><h3>xmlSecOpenSSLX509StoreFindCert_ex ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">X509</span></font>Â *
+xmlSecOpenSSLX509StoreFindCert_ex (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="type">xmlSecKeyDataStorePtr</span></a> store</code></em>,
+ <em class="parameter"><code><font><span class="type">xmlChar</span></font> *subjectName</code></em>,
+ <em class="parameter"><code><font><span class="type">xmlChar</span></font> *issuerName</code></em>,
+ <em class="parameter"><code><font><span class="type">xmlChar</span></font> *issuerSerial</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte"><span class="type">xmlSecByte</span></a> *ski</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> skiSize</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-keyinfo.html#xmlSecKeyInfoCtx" title="struct xmlSecKeyInfoCtx"><span class="type">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code></em>);</pre>
+<p>Searches <em class="parameter"><code>store</code></em>
+ for a certificate that matches given criteria.</p>
+<div class="refsect3">
+<a name="xmlSecOpenSSLX509StoreFindCert-ex.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody>
+<tr>
+<td class="parameter_name"><p>store</p></td>
+<td class="parameter_description"><p>the pointer to X509 key data store klass.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>subjectName</p></td>
+<td class="parameter_description"><p>the desired certificate name.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>issuerName</p></td>
+<td class="parameter_description"><p>the desired certificate issuer name.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>issuerSerial</p></td>
+<td class="parameter_description"><p>the desired certificate issuer serial number.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>ski</p></td>
+<td class="parameter_description"><p>the desired certificate SKI.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>skiSize</p></td>
+<td class="parameter_description"><p>the desired certificate SKI size.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>keyInfoCtx</p></td>
+<td class="parameter_description"><p>the pointer to <a class="ulink" href="" target="_top"><dsig:KeyInfo/></a> element processing context.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+</tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecOpenSSLX509StoreFindCert-ex.returns"></a><h4>Returns</h4>
+<p> pointer to found certificate or NULL if certificate is not found
+or an error occurs.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecOpenSSLX509StoreVerify"></a><h3>xmlSecOpenSSLX509StoreVerify ()</h3>
<pre class="programlisting"><font><span class="returnvalue">X509</span></font>Â *
xmlSecOpenSSLX509StoreVerify (<em class="parameter"><code><a class="link" href="xmlsec-keysdata.html#xmlSecKeyDataStore" title="struct xmlSecKeyDataStore"><span class="type">xmlSecKeyDataStorePtr</span></a> store</code></em>,
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>parser: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-nodeset.html" title="nodeset">
<link rel="next" href="xmlsec-templates.html" title="templates">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</tr>
<tr>
<td class="function_type">
+<font><span class="returnvalue">void</span></font>
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-parser.html#xmlSecParsePrepareCtxt" title="xmlSecParsePrepareCtxt ()">xmlSecParsePrepareCtxt</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">int</span></font>
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-parser.html#xmlSecParserGetDefaultOptions" title="xmlSecParserGetDefaultOptions ()">xmlSecParserGetDefaultOptions</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">void</span></font>
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-parser.html#xmlSecParserSetDefaultOptions" title="xmlSecParserSetDefaultOptions ()">xmlSecParserSetDefaultOptions</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
<font><span class="returnvalue">xmlSecTransformId</span></font>
</td>
<td class="function_name">
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecParsePrepareCtxt"></a><h3>xmlSecParsePrepareCtxt ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">void</span></font>
+xmlSecParsePrepareCtxt (<em class="parameter"><code><font><span class="type">xmlParserCtxtPtr</span></font> ctxt</code></em>);</pre>
+<p>Prepares parser context for parsing XML for XMLSec.</p>
+<div class="refsect3">
+<a name="xmlSecParsePrepareCtxt.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody><tr>
+<td class="parameter_name"><p>ctxt</p></td>
+<td class="parameter_description"><p>the parser context</p></td>
+<td class="parameter_annotations">Â </td>
+</tr></tbody>
+</table></div>
+</div>
+</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecParserGetDefaultOptions"></a><h3>xmlSecParserGetDefaultOptions ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">int</span></font>
+xmlSecParserGetDefaultOptions (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
+<p>Gets default LibXML2 parser options.</p>
+<div class="refsect3">
+<a name="xmlSecParserGetDefaultOptions.returns"></a><h4>Returns</h4>
+<p> the current default LibXML2 parser options.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecParserSetDefaultOptions"></a><h3>xmlSecParserSetDefaultOptions ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">void</span></font>
+xmlSecParserSetDefaultOptions (<em class="parameter"><code><font><span class="type">int</span></font> options</code></em>);</pre>
+<p>Sets default LibXML2 parser options.</p>
+<div class="refsect3">
+<a name="xmlSecParserSetDefaultOptions.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody><tr>
+<td class="parameter_name"><p>options</p></td>
+<td class="parameter_description"><p>the new parser options.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr></tbody>
+</table></div>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecTransformXmlParserGetKlass"></a><h3>xmlSecTransformXmlParserGetKlass ()</h3>
<pre class="programlisting"><font><span class="returnvalue">xmlSecTransformId</span></font>
xmlSecTransformXmlParserGetKlass (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Core Library API Reference.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-reference.html" title="Part II. XML Security Library API Reference.">
<link rel="prev" href="xmlsec-reference.html" title="Part II. XML Security Library API Reference.">
<link rel="next" href="xmlsec-app.html" title="app">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
build by extracting comments from the code sources. </p>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Part II. XML Security Library API Reference.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="index.html" title="XML Security Library Reference Manual">
<link rel="prev" href="xmlsec-encryption-klasses.html" title="APPENDIX B. XML Security Library Encryption Klasses.">
<link rel="next" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<span class="refentrytitle"><a href="xmlsec-openssl-app.html">app</a></span><span class="refpurpose"> — Application support functions for OpenSSL.</span>
</dt>
<dt>
-<span class="refentrytitle"><a href="xmlsec-openssl-bn.html">bn</a></span><span class="refpurpose"> — Big numbers (BIGNUM) support functions implementation for OpenSSL.</span>
-</dt>
-<dt>
<span class="refentrytitle"><a href="xmlsec-openssl-crypto.html">crypto</a></span><span class="refpurpose"> — Crypto transforms implementation for OpenSSL.</span>
</dt>
<dt>
<span class="refentrytitle"><a href="xmlsec-nss-app.html">app</a></span><span class="refpurpose"> — Application support functions for NSS.</span>
</dt>
<dt>
-<span class="refentrytitle"><a href="xmlsec-nss-bignum.html">bignum</a></span><span class="refpurpose"> — Big numbers support functions implementation for NSS.</span>
-</dt>
-<dt>
<span class="refentrytitle"><a href="xmlsec-nss-crypto.html">crypto</a></span><span class="refpurpose"> — Crypto transforms implementation for NSS.</span>
</dt>
<dt>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>APPENDIX A. XML Security Library Signature Klasses.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-custom-keys-manager.html" title="Writing a custom keys manager.">
<link rel="next" href="xmlsec-encryption-klasses.html" title="APPENDIX B. XML Security Library Encryption Klasses.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<br class="figure-break">
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>templates: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-parser.html" title="parser">
<link rel="next" href="xmlsec-transforms.html" title="transforms">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
</div>
-<div class="refsect1">
-<a name="xmlsec-templates.other_details"></a><h2>Types and Values</h2>
-<p></p>
-</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>transforms: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-templates.html" title="templates">
<link rel="next" href="xmlsec-version.html" title="version">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<a class="link" href="xmlsec-transforms.html#xmlSecTransformVisa3DHackSetID" title="xmlSecTransformVisa3DHackSetIDÂ ()">xmlSecTransformVisa3DHackSetID</a>Â <span class="c_punctuation">()</span>
</td>
</tr>
+<tr>
+<td class="function_type">
+<a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="returnvalue">xmlSecSize</span></a>
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-transforms.html#xmlSecTransformHmacGetMinOutputBitsSize" title="xmlSecTransformHmacGetMinOutputBitsSize ()">xmlSecTransformHmacGetMinOutputBitsSize</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">void</span></font>
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-transforms.html#xmlSecTransformHmacSetMinOutputBitsSize" title="xmlSecTransformHmacSetMinOutputBitsSize ()">xmlSecTransformHmacSetMinOutputBitsSize</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
</tbody>
</table></div>
</div>
<pre class="programlisting"><font><span class="returnvalue">void</span></font>
xmlSecTransformXsltSetDefaultSecurityPrefs
(<em class="parameter"><code><font><span class="type">xsltSecurityPrefsPtr</span></font> sec</code></em>);</pre>
-<p>Sets the new default security preferences. The xmlsec default security policy is
+<p>Sets the new default security preferences. The xmlsec default security policy is
to disable everything.</p>
<div class="refsect3">
<a name="xmlSecTransformXsltSetDefaultSecurityPrefs.parameters"></a><h4>Parameters</h4>
<p> 0 on success or a negative value if an error occurs.</p>
</div>
</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecTransformHmacGetMinOutputBitsSize"></a><h3>xmlSecTransformHmacGetMinOutputBitsSize ()</h3>
+<pre class="programlisting"><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="returnvalue">xmlSecSize</span></a>
+xmlSecTransformHmacGetMinOutputBitsSize
+ (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
+<p>Gets the minimum size in bits for HMAC output.</p>
+<div class="refsect3">
+<a name="xmlSecTransformHmacGetMinOutputBitsSize.returns"></a><h4>Returns</h4>
+<p> the min HMAC output size in bits.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
+<a name="xmlSecTransformHmacSetMinOutputBitsSize"></a><h3>xmlSecTransformHmacSetMinOutputBitsSize ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">void</span></font>
+xmlSecTransformHmacSetMinOutputBitsSize
+ (<em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> val</code></em>);</pre>
+<p>Sets the min HMAC output size in bits. Low value for min output size
+might create a security vulnerability and is not recommended.</p>
+<div class="refsect3">
+<a name="xmlSecTransformHmacSetMinOutputBitsSize.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody><tr>
+<td class="parameter_name"><p>val</p></td>
+<td class="parameter_description"><p>the new min hmac output size in bits.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr></tbody>
+</table></div>
+</div>
+</div>
</div>
<div class="refsect1">
<a name="xmlsec-transforms.other_details"></a><h2>Types and Values</h2>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Verifying a signature with a single key.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-examples-sign-x509.html" title="Signing with X509 certificate.">
<link rel="next" href="xmlsec-verify-with-keys-mngr.html" title="Verifying a signature with keys manager.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-verify1"></a>verify1.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Verifying a file using a single key.
*
* Verifies a file using a key from PEM file.
- *
- * Usage:
- * verify1 <signed-file> <pem-key>
+ *
+ * Usage:
+ * verify1 <signed-file> <pem-key>
*
* Example:
* ./verify1 sign1-res.xml rsapub.pem
* ./verify1 sign2-res.xml rsapub.pem
- *
+ *
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int verify_file(const char* xml_file, const char* key_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(verify_file(argv[1], argv[2]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
-/**
+/**
* verify_file:
* @xml_file: the signed XML file name.
* @key_file: the PEM public key file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
verify_file(const char* xml_file, const char* key_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(xml_file);
assert(key_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
/* create signature context, we don't need keys manager in this example */
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
+ if(xmlSecKeySetName(dsigCtx->signKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: signature verify\n");
goto done;
}
-
+
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
fprintf(stdout, "Signature is OK\n");
} else {
fprintf(stdout, "Signature is INVALID\n");
- }
+ }
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Verifying a signature with keys manager.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-verify-with-key.html" title="Verifying a signature with a single key.">
<link rel="next" href="xmlsec-verify-with-x509.html" title="Verifying a signature with X509 certificates.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-verify2"></a>verify2.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Verifying a file using keys manager.
*
* Verifies a file using keys manager
- *
- * Usage:
+ *
+ * Usage:
* verify2 <signed-file> <public-pem-key1> [<public-pem-key2> [...]]
*
* Example:
* ./verify2 sign1-res.xml rsapub.pem
* ./verify2 sign2-res.xml rsapub.pem
- *
+ *
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr load_keys(char** files, int files_size);
int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
#endif /* XMLSEC_NO_XSLT */
xmlSecKeysMngrPtr mngr;
-
+
assert(argv);
if(argc < 3) {
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(mngr == NULL) {
return(-1);
}
-
+
/* verify file */
if(verify_file(mngr, argv[1]) < 0) {
- xmlSecKeysMngrDestroy(mngr);
+ xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
-
+ }
+
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* Returns the pointer to newly created keys manager or NULL if an error
* occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
load_keys(char** files, int files_size) {
xmlSecKeysMngrPtr mngr;
xmlSecKeyPtr key;
int i;
-
+
assert(files);
assert(files_size > 0);
-
+
/* create and initialize keys manager, we use a simple list based
* keys manager, implement your own xmlSecKeysStore klass if you need
- * something more sophisticated
+ * something more sophisticated
*/
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
- }
-
+ }
+
for(i = 0; i < files_size; ++i) {
assert(files[i]);
xmlSecKeysMngrDestroy(mngr);
return(NULL);
}
-
- /* add key to keys manager, from now on keys manager is responsible
- * for destroying key
+
+ /* add key to keys manager, from now on keys manager is responsible
+ * for destroying key
*/
if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) {
fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
return(mngr);
}
-/**
+/**
* verify_file:
* @mngr: the pointer to keys manager.
* @xml_file: the signed XML file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(xml_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
/* create signature context */
fprintf(stderr,"Error: signature verify\n");
goto done;
}
-
+
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
fprintf(stdout, "Signature is OK\n");
} else {
fprintf(stdout, "Signature is INVALID\n");
- }
+ }
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Verifying a signature with additional restrictions.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-verify-with-x509.html" title="Verifying a signature with X509 certificates.">
<link rel="next" href="xmlsec-encrypt-template-file.html" title="Encrypting data with a template file.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="titlepage"><div><div><h3 class="title">
<a name="xmlsec-example-verify4"></a>verify4.c</h3></div></div></div>
<div class="informalexample"><pre class="programlisting">
-/**
+/**
* XML Security Library example: Verifying a simple SAML response with X509 certificate
*
* Verifies a simple SAML response. In addition to regular verification
* we ensure that the signature has only one <dsig:Reference/> element
* with an empty or NULL URI attribute and one enveloped signature transform
* as it is required by SAML specification.
- *
- * This example was developed and tested with OpenSSL crypto library. The
+ *
+ * This example was developed and tested with OpenSSL crypto library. The
* certificates management policies for another crypto library may break it.
*
- * Usage:
+ * Usage:
* verify4 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]]
*
* Example (success):
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr load_trusted_certs(char** files, int files_size);
int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
#endif /* XMLSEC_NO_XSLT */
xmlSecKeysMngrPtr mngr;
-
+
assert(argv);
if(argc < 3) {
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(mngr == NULL) {
return(-1);
}
-
+
/* verify file */
if(verify_file(mngr, argv[1]) < 0) {
- xmlSecKeysMngrDestroy(mngr);
+ xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
-
+ }
+
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* Returns the pointer to newly created keys manager or NULL if an error
* occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
load_trusted_certs(char** files, int files_size) {
xmlSecKeysMngrPtr mngr;
int i;
-
+
assert(files);
assert(files_size > 0);
-
+
/* create and initialize keys manager, we use a simple list based
* keys manager, implement your own xmlSecKeysStore klass if you need
- * something more sophisticated
+ * something more sophisticated
*/
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
- }
-
+ }
+
for(i = 0; i < files_size; ++i) {
assert(files[i]);
return(mngr);
}
-/**
+/**
* verify_file:
* @mngr: the pointer to keys manager.
* @xml_file: the signed XML file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(xml_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
/* create signature context */
/* limit the Reference URI attributes to empty or NULL */
dsigCtx->enabledReferenceUris = xmlSecTransformUriTypeEmpty;
-
+
/* limit allowed transforms for signature and reference processing */
if((xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformInclC14NId) < 0) ||
(xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformExclC14NId) < 0) ||
fprintf(stderr,"Error: failed to limit allowed key data\n");
goto done;
}
-
+
/* Verify signature */
if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
fprintf(stderr,"Error: signature verify\n");
}
/* check that we have only one Reference */
- if((dsigCtx->status == xmlSecDSigStatusSucceeded) &&
+ if((dsigCtx->status == xmlSecDSigStatusSucceeded) &&
(xmlSecPtrListGetSize(&(dsigCtx->signedInfoReferences)) != 1)) {
-
+
fprintf(stderr,"Error: only one reference is allowed\n");
goto done;
}
-
+
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
fprintf(stdout, "Signature is OK\n");
} else {
fprintf(stdout, "Signature is INVALID\n");
- }
+ }
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Verifying a signature with X509 certificates.: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-examples.html" title="Examples.">
<link rel="prev" href="xmlsec-verify-with-keys-mngr.html" title="Verifying a signature with keys manager.">
<link rel="next" href="xmlsec-verify-with-restrictions.html" title="Verifying a signature with additional restrictions.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
/**
* XML Security Library example: Verifying a file signed with X509 certificate
*
- * Verifies a file signed with X509 certificate.
- *
- * This example was developed and tested with OpenSSL crypto library. The
+ * Verifies a file signed with X509 certificate.
+ *
+ * This example was developed and tested with OpenSSL crypto library. The
* certificates management policies for another crypto library may break it.
*
- * Usage:
+ * Usage:
* verify3 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]]
*
* Example:
* ./verify3 sign3-res.xml ca2cert.pem cacert.pem
- *
+ *
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr load_trusted_certs(char** files, int files_size);
int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
#endif /* XMLSEC_NO_XSLT */
xmlSecKeysMngrPtr mngr;
-
+
assert(argv);
if(argc < 3) {
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(mngr == NULL) {
return(-1);
}
-
+
/* verify file */
if(verify_file(mngr, argv[1]) < 0) {
- xmlSecKeysMngrDestroy(mngr);
+ xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
-
+ }
+
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* Returns the pointer to newly created keys manager or NULL if an error
* occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
load_trusted_certs(char** files, int files_size) {
xmlSecKeysMngrPtr mngr;
int i;
-
+
assert(files);
assert(files_size > 0);
-
+
/* create and initialize keys manager, we use a simple list based
* keys manager, implement your own xmlSecKeysStore klass if you need
- * something more sophisticated
+ * something more sophisticated
*/
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
- }
-
+ }
+
for(i = 0; i < files_size; ++i) {
assert(files[i]);
return(mngr);
}
-/**
+/**
* verify_file:
* @mngr: the pointer to keys manager.
* @xml_file: the signed XML file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(xml_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
/* create signature context */
fprintf(stderr,"Error: signature verify\n");
goto done;
}
-
+
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
fprintf(stdout, "Signature is OK\n");
} else {
fprintf(stdout, "Signature is INVALID\n");
- }
+ }
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>version: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-transforms.html" title="transforms">
<link rel="next" href="xmlsec-xmldsig.html" title="xmldsig">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<a name="xmlsec-version.other_details"></a><h2>Types and Values</h2>
<div class="refsect2">
<a name="XMLSEC-VERSION:CAPS"></a><h3>XMLSEC_VERSION</h3>
-<pre class="programlisting">#define XMLSEC_VERSION "1.2.28"
+<pre class="programlisting">#define XMLSEC_VERSION "1.2.39"
</pre>
<p>The library version string in the format
"$major_number.$minor_number.$sub_minor_number".</p>
<hr>
<div class="refsect2">
<a name="XMLSEC-VERSION-MAJOR:CAPS"></a><h3>XMLSEC_VERSION_MAJOR</h3>
-<pre class="programlisting">#define XMLSEC_VERSION_MAJOR 1
+<pre class="programlisting">#define XMLSEC_VERSION_MAJOR 1
</pre>
<p>The library major version number.</p>
</div>
<hr>
<div class="refsect2">
<a name="XMLSEC-VERSION-MINOR:CAPS"></a><h3>XMLSEC_VERSION_MINOR</h3>
-<pre class="programlisting">#define XMLSEC_VERSION_MINOR 2
+<pre class="programlisting">#define XMLSEC_VERSION_MINOR 2
</pre>
<p>The library minor version number.</p>
</div>
<hr>
<div class="refsect2">
<a name="XMLSEC-VERSION-SUBMINOR:CAPS"></a><h3>XMLSEC_VERSION_SUBMINOR</h3>
-<pre class="programlisting">#define XMLSEC_VERSION_SUBMINOR 28
+<pre class="programlisting">#define XMLSEC_VERSION_SUBMINOR 39
</pre>
<p>The library sub-minor version number.</p>
</div>
<hr>
<div class="refsect2">
<a name="XMLSEC-VERSION-INFO:CAPS"></a><h3>XMLSEC_VERSION_INFO</h3>
-<pre class="programlisting">#define XMLSEC_VERSION_INFO "3:28:2"
+<pre class="programlisting">#define XMLSEC_VERSION_INFO "3:39:2"
</pre>
<p>The library version info string in the format
"$major_number+$minor_number:$sub_minor_number:$minor_number".</p>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>x509: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-xmltree.html" title="xmltree">
<link rel="next" href="xmlsec-openssl-ref.html" title="XML Security Library for OpenSLL API Reference.">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<a href="http://foldoc.org/Stable"><span class="acronym">Stable</span></a>, unless otherwise indicated
</div>
<div class="refsect1">
-<a name="xmlsec-x509.functions"></a><h2>Functions</h2>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-</colgroup>
-<tbody><tr>
-<td class="function_type">
-<font><span class="returnvalue">int</span></font>
-</td>
-<td class="function_name">
-<a class="link" href="xmlsec-x509.html#xmlSecX509DataGetNodeContent" title="xmlSecX509DataGetNodeContent ()">xmlSecX509DataGetNodeContent</a> <span class="c_punctuation">()</span>
-</td>
-</tr></tbody>
-</table></div>
-</div>
-<div class="refsect1">
<a name="xmlsec-x509.other"></a><h2>Types and Values</h2>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
</div>
<div class="refsect1">
<a name="xmlsec-x509.functions_details"></a><h2>Functions</h2>
-<div class="refsect2">
-<a name="xmlSecX509DataGetNodeContent"></a><h3>xmlSecX509DataGetNodeContent ()</h3>
-<pre class="programlisting"><font><span class="returnvalue">int</span></font>
-xmlSecX509DataGetNodeContent (<em class="parameter"><code><font><span class="type">xmlNodePtr</span></font> node</code></em>,
- <em class="parameter"><code><a class="link" href="xmlsec-keyinfo.html#xmlSecKeyInfoCtx" title="struct xmlSecKeyInfoCtx"><span class="type">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code></em>);</pre>
-<p>Reads the contents of <a class="ulink" href="" target="_top"><dsig:X509Data/></a> node and returns it as
-a bits mask.</p>
-<div class="refsect3">
-<a name="xmlSecX509DataGetNodeContent.parameters"></a><h4>Parameters</h4>
-<div class="informaltable"><table class="informaltable" width="100%" border="0">
-<colgroup>
-<col>
-<col>
-<col>
-</colgroup>
-<tbody>
-<tr>
-<td class="parameter_name"><p>node</p></td>
-<td class="parameter_description"><p>the pointer to <a class="ulink" href="" target="_top"><dsig:X509Data/></a> node.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-<tr>
-<td class="parameter_name"><p>keyInfoCtx</p></td>
-<td class="parameter_description"><p>the pointer to <a class="ulink" href="" target="_top"><dsig:KeyInfo/></a> node processing context.</p></td>
-<td class="parameter_annotations">Â </td>
-</tr>
-</tbody>
-</table></div>
-</div>
-<div class="refsect3">
-<a name="xmlSecX509DataGetNodeContent.returns"></a><h4>Returns</h4>
-<p> the bit mask representing the <a class="ulink" href="" target="_top"><dsig:X509Data/></a> node content
-or a negative value if an error occurs.</p>
-</div>
-</div>
+<p></p>
</div>
<div class="refsect1">
<a name="xmlsec-x509.other_details"></a><h2>Types and Values</h2>
<a name="XMLSEC-X509DATA-CERTIFICATE-NODE:CAPS"></a><h3>XMLSEC_X509DATA_CERTIFICATE_NODE</h3>
<pre class="programlisting">#define XMLSEC_X509DATA_CERTIFICATE_NODE 0x00000001
</pre>
-<a class="ulink" href="" target="_top"><dsig:X509Certificate/></a> node found or would be written back.
+<p>DEPRECATED. <a class="ulink" href="" target="_top"><dsig:X509Certificate/></a> node found or would be written back.</p>
</div>
<hr>
<div class="refsect2">
<a name="XMLSEC-X509DATA-SUBJECTNAME-NODE:CAPS"></a><h3>XMLSEC_X509DATA_SUBJECTNAME_NODE</h3>
<pre class="programlisting">#define XMLSEC_X509DATA_SUBJECTNAME_NODE 0x00000002
</pre>
-<a class="ulink" href="" target="_top"><dsig:X509SubjectName/></a> node found or would be written back.
+<p>DEPRECATED. <a class="ulink" href="" target="_top"><dsig:X509SubjectName/></a> node found or would be written back.</p>
</div>
<hr>
<div class="refsect2">
<a name="XMLSEC-X509DATA-ISSUERSERIAL-NODE:CAPS"></a><h3>XMLSEC_X509DATA_ISSUERSERIAL_NODE</h3>
<pre class="programlisting">#define XMLSEC_X509DATA_ISSUERSERIAL_NODE 0x00000004
</pre>
-<a class="ulink" href="" target="_top"><dsig:X509IssuerSerial/></a> node found or would be written back.
+<p>DEPRECATED. <a class="ulink" href="" target="_top"><dsig:X509IssuerSerial/></a> node found or would be written back.</p>
</div>
<hr>
<div class="refsect2">
<a name="XMLSEC-X509DATA-SKI-NODE:CAPS"></a><h3>XMLSEC_X509DATA_SKI_NODE</h3>
<pre class="programlisting">#define XMLSEC_X509DATA_SKI_NODE 0x00000008
</pre>
-<a class="ulink" href="" target="_top"><dsig:X509SKI/></a> node found or would be written back.
+<p>DEPRECATED. <a class="ulink" href="" target="_top"><dsig:X509SKI/></a> node found or would be written back.</p>
</div>
<hr>
<div class="refsect2">
<a name="XMLSEC-X509DATA-CRL-NODE:CAPS"></a><h3>XMLSEC_X509DATA_CRL_NODE</h3>
<pre class="programlisting">#define XMLSEC_X509DATA_CRL_NODE 0x00000010
</pre>
-<a class="ulink" href="" target="_top"><dsig:X509CRL/></a> node found or would be written back.
+<p>DEPRECATED. <a class="ulink" href="" target="_top"><dsig:X509CRL/></a> node found or would be written back.</p>
</div>
<hr>
<div class="refsect2">
<a name="XMLSEC-X509DATA-DEFAULT:CAPS"></a><h3>XMLSEC_X509DATA_DEFAULT</h3>
<pre class="programlisting">#define XMLSEC_X509DATA_DEFAULT</pre>
-<p>Default set of nodes to write in case of empty</p>
+<p>DEPRECATED. Default set of nodes to write in case of empty</p>
<a class="ulink" href="" target="_top"><dsig:X509Data/></a> node template.
</div>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>xmldsig: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-version.html" title="version">
<link rel="next" href="xmlsec-xmlenc.html" title="xmlenc">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>xmlenc: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-xmldsig.html" title="xmldsig">
<link rel="next" href="xmlsec-xmlsec.html" title="xmlsec">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>xmlsec: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-xmlenc.html" title="xmlenc">
<link rel="next" href="xmlsec-xmltree.html" title="xmltree">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
</td>
</tr>
<tr>
+<td class="function_type">
+<a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="returnvalue">xmlSecSize</span></a>
+</td>
+<td class="function_name">
+<a class="link" href="xmlsec-xmlsec.html#xmlSecStrlen" title="xmlSecStrlen ()">xmlSecStrlen</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
<td class="define_keyword">#define</td>
<td class="function_name"><a class="link" href="xmlsec-xmlsec.html#xmlSecCheckVersionExact" title="xmlSecCheckVersionExact">xmlSecCheckVersionExact</a></td>
</tr>
</tr>
<tr>
<td class="define_keyword">#define</td>
+<td class="function_name"><a class="link" href="xmlsec-xmlsec.html#XMLSEC-SIZE-T-FMT:CAPS" title="XMLSEC_SIZE_T_FMT">XMLSEC_SIZE_T_FMT</a></td>
+</tr>
+<tr>
+<td class="define_keyword">#define</td>
<td class="function_name"><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize">xmlSecSize</a></td>
</tr>
<tr>
<td class="define_keyword">#define</td>
+<td class="function_name"><a class="link" href="xmlsec-xmlsec.html#XMLSEC-SIZE-MAX:CAPS" title="XMLSEC_SIZE_MAX">XMLSEC_SIZE_MAX</a></td>
+</tr>
+<tr>
+<td class="define_keyword">#define</td>
+<td class="function_name"><a class="link" href="xmlsec-xmlsec.html#XMLSEC-SIZE-FMT:CAPS" title="XMLSEC_SIZE_FMT">XMLSEC_SIZE_FMT</a></td>
+</tr>
+<tr>
+<td class="define_keyword">#define</td>
+<td class="function_name"><a class="link" href="xmlsec-xmlsec.html#XMLSEC-SIZE-MIN:CAPS" title="XMLSEC_SIZE_MIN">XMLSEC_SIZE_MIN</a></td>
+</tr>
+<tr>
+<td class="define_keyword">#define</td>
<td class="function_name"><a class="link" href="xmlsec-xmlsec.html#xmlSecByte" title="xmlSecByte">xmlSecByte</a></td>
</tr>
<tr>
<a name="XMLSEC-SIZE-BAD-CAST:CAPS"></a><h3>XMLSEC_SIZE_BAD_CAST()</h3>
<pre class="programlisting">#define XMLSEC_SIZE_BAD_CAST(val) ((xmlSecSize)(val))
</pre>
-<p>Bad cast to xmlSecSize</p>
+<p>Bad cast to xmlSecSize. This macro is deprecated and will be removed in the future
+versions of LibXMLSec.</p>
<div class="refsect3">
<a name="XMLSEC-SIZE-BAD-CAST.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecStrlen"></a><h3>xmlSecStrlen ()</h3>
+<pre class="programlisting"><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="returnvalue">xmlSecSize</span></a>
+xmlSecStrlen (<em class="parameter"><code>const <font><span class="type">xmlChar</span></font> *str</code></em>);</pre>
+<p>Calcaulates the lenght of the string.</p>
+<div class="refsect3">
+<a name="xmlSecStrlen.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody><tr>
+<td class="parameter_name"><p>str</p></td>
+<td class="parameter_description"><p>the string.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr></tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecStrlen.returns"></a><h4>Returns</h4>
+<p> the length of the string.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecCheckVersionExact"></a><h3>xmlSecCheckVersionExact</h3>
<pre class="programlisting">#define xmlSecCheckVersionExact()</pre>
<p>Macro. Returns 1 if the loaded xmlsec library version exactly matches
</div>
<hr>
<div class="refsect2">
+<a name="XMLSEC-SIZE-T-FMT:CAPS"></a><h3>XMLSEC_SIZE_T_FMT</h3>
+<pre class="programlisting">#define XMLSEC_SIZE_T_FMT "%llu"
+</pre>
+<p>The only reason we need this is that MinGW doesn't recognize "<font><code class="literal">zu</code></font>"
+despite the fact that MSVC runtime supports it for 10+ years.</p>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecSize"></a><h3>xmlSecSize</h3>
<pre class="programlisting">#define xmlSecSize unsigned int
</pre>
</div>
<hr>
<div class="refsect2">
+<a name="XMLSEC-SIZE-MAX:CAPS"></a><h3>XMLSEC_SIZE_MAX</h3>
+<pre class="programlisting">#define XMLSEC_SIZE_MAX UINT_MAX
+</pre>
+</div>
+<hr>
+<div class="refsect2">
+<a name="XMLSEC-SIZE-FMT:CAPS"></a><h3>XMLSEC_SIZE_FMT</h3>
+<pre class="programlisting">#define XMLSEC_SIZE_FMT "%u"
+</pre>
+</div>
+<hr>
+<div class="refsect2">
+<a name="XMLSEC-SIZE-MIN:CAPS"></a><h3>XMLSEC_SIZE_MIN</h3>
+<pre class="programlisting">#define XMLSEC_SIZE_MIN ((xmlSecSize)0)
+</pre>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecByte"></a><h3>xmlSecByte</h3>
<pre class="programlisting">#define xmlSecByte unsigned char
</pre>
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>xmltree: XML Security Library Reference Manual</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
+<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-ref.html" title="XML Security Core Library API Reference.">
<link rel="prev" href="xmlsec-xmlsec.html" title="xmlsec">
<link rel="next" href="xmlsec-x509.html" title="x509">
-<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
+<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<font><span class="returnvalue">int</span></font>
</td>
<td class="function_name">
+<a class="link" href="xmlsec-xmltree.html#xmlSecGetNodeContentAsSize" title="xmlSecGetNodeContentAsSize ()">xmlSecGetNodeContentAsSize</a> <span class="c_punctuation">()</span>
+</td>
+</tr>
+<tr>
+<td class="function_type">
+<font><span class="returnvalue">int</span></font>
+</td>
+<td class="function_name">
<a class="link" href="xmlsec-xmltree.html#xmlSecCheckNodeName" title="xmlSecCheckNodeName ()">xmlSecCheckNodeName</a> <span class="c_punctuation">()</span>
</td>
</tr>
</div>
<hr>
<div class="refsect2">
+<a name="xmlSecGetNodeContentAsSize"></a><h3>xmlSecGetNodeContentAsSize ()</h3>
+<pre class="programlisting"><font><span class="returnvalue">int</span></font>
+xmlSecGetNodeContentAsSize (<em class="parameter"><code>const <font><span class="type">xmlNodePtr</span></font> cur</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> defValue</code></em>,
+ <em class="parameter"><code><a class="link" href="xmlsec-xmlsec.html#xmlSecSize" title="xmlSecSize"><span class="type">xmlSecSize</span></a> *res</code></em>);</pre>
+<p>Reads <em class="parameter"><code>cur</code></em>
+ node content and converts it to xmlSecSize value.</p>
+<div class="refsect3">
+<a name="xmlSecGetNodeContentAsSize.parameters"></a><h4>Parameters</h4>
+<div class="informaltable"><table class="informaltable" width="100%" border="0">
+<colgroup>
+<col>
+<col>
+<col>
+</colgroup>
+<tbody>
+<tr>
+<td class="parameter_name"><p>cur</p></td>
+<td class="parameter_description"><p>the pointer to XML node.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>defValue</p></td>
+<td class="parameter_description"><p>the default value that will be returned in <em class="parameter"><code>res</code></em>
+if there is no node content.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+<tr>
+<td class="parameter_name"><p>res</p></td>
+<td class="parameter_description"><p>the pointer to the result value.</p></td>
+<td class="parameter_annotations">Â </td>
+</tr>
+</tbody>
+</table></div>
+</div>
+<div class="refsect3">
+<a name="xmlSecGetNodeContentAsSize.returns"></a><h4>Returns</h4>
+<p> 0 on success or -1 on error.</p>
+</div>
+</div>
+<hr>
+<div class="refsect2">
<a name="xmlSecCheckNodeName"></a><h3>xmlSecCheckNodeName ()</h3>
<pre class="programlisting"><font><span class="returnvalue">int</span></font>
xmlSecCheckNodeName (<em class="parameter"><code>const <font><span class="type">xmlNodePtr</span></font> cur</code></em>,
</div>
</div>
<div class="footer">
-<hr>Generated by GTK-Doc V1.27</div>
+<hr>Generated by GTK-Doc V1.33.1</div>
</body>
</html>
+++ /dev/null
-<?xml version="1.0" encoding="utf-8" standalone="no"?>
-<book xmlns="http://www.devhelp.net/book" title="XML Security Library Reference Manual" link="index.html" author="Aleksey Sanin" name="xmlsec" version="2" language="c">
- <chapters>
- <sub name="XML Security Library Tutorial" link="xmlsec-notes.html">
- <sub name="Overview." link="xmlsec-notes-overview.html"/>
- <sub name="XML Security Library Structure." link="xmlsec-notes-structure.html"/>
- <sub name="Building the application with XML Security Library." link="xmlsec-notes-compiling.html">
- <sub name="Overview." link="xmlsec-notes-compiling.html#xmlsec-notes-compiling-overview"/>
- <sub name="Include files." link="xmlsec-notes-include-files.html"/>
- <sub name="Compiling and linking on Unix." link="xmlsec-notes-compiling-unix.html"/>
- <sub name="Compiling and linking on Windows." link="xmlsec-notes-compiling-windows.html"/>
- <sub name="Compiling and linking on other systems." link="xmlsec-notes-compiling-others.html"/>
- </sub>
- <sub name="Initialization and shutdown." link="xmlsec-notes-init-shutdown.html"/>
- <sub name="Signing and encrypting documents." link="xmlsec-notes-sign-encrypt.html">
- <sub name="Overview." link="xmlsec-notes-sign-encrypt.html#xmlsec-notes-sign-encrypt-overview"/>
- <sub name="Signing a document." link="xmlsec-notes-sign.html"/>
- <sub name="Encrypting data." link="xmlsec-notes-encrypt.html"/>
- </sub>
- <sub name="Creating dynamic templates." link="xmlsec-notes-templates.html">
- <sub name="Overview." link="xmlsec-notes-templates.html#xmlsec-notes-templates-overview"/>
- <sub name="Creating dynamic signature templates." link="xmlsec-notes-dynamic-signature-templates.html"/>
- <sub name="Creating dynamic encryption templates." link="xmlsec-notes-dynamic-encryption-templates.html"/>
- </sub>
- <sub name="Verifing and decrypting documents." link="xmlsec-notes-verify-decrypt.html">
- <sub name="Overview." link="xmlsec-notes-verify-decrypt.html#xmlsec-notes-verify-decrypt-overview"/>
- <sub name="Verifying a signed document" link="xmlsec-notes-verify.html"/>
- <sub name="Decrypting an encrypted document" link="xmlsec-notes-decrypt.html"/>
- </sub>
- <sub name="Keys." link="xmlsec-notes-keys.html"/>
- <sub name="Keys manager." link="xmlsec-notes-keysmngr.html">
- <sub name="Overview." link="xmlsec-notes-keysmngr.html#xmlsec-notes-keysmngr-overview"/>
- <sub name="Simple keys store." link="xmlsec-notes-simple-keys-store.html"/>
- <sub name="Using keys manager for signatures/encryption." link="xmlsec-notes-keys-manager-sign-enc.html"/>
- <sub name="Using keys manager for verification/decryption." link="xmlsec-notes-keys-mngr-verify-decrypt.html"/>
- <sub name="Implementing a custom keys store." link="xmlsec-notes-custom-keys-store.html"/>
- </sub>
- <sub name="Using X509 Certificates." link="xmlsec-notes-x509.html">
- <sub name="Overview." link="xmlsec-notes-x509.html#xmlsec-notes-x509-overview"/>
- <sub name="Signing data with X509 certificate." link="xmlsec-notes-sign-x509.html"/>
- <sub name="Verifing document signed with X509 certificates." link="xmlsec-notes-verify-x509.html"/>
- </sub>
- <sub name="Transforms and transforms chain." link="xmlsec-notes-transforms.html"/>
- <sub name="Using context objects." link="xmlsec-notes-contexts.html"/>
- <sub name="Adding support for new cryptographic library." link="xmlsec-notes-new-crypto.html">
- <sub name="Overview." link="xmlsec-notes-new-crypto.html#xmlsec-notes-new-crypto-overview"/>
- <sub name="Creating a framework from the skeleton." link="xmlsec-notes-new-crypto-skeleton.html"/>
- <sub name="xmlSecCryptoApp* functions." link="xmlsec-notes-new-crypto-functions.html"/>
- <sub name="Klasses and objects." link="xmlsec-notes-new-crypto-klasses.html"/>
- <sub name="Cryptographic transforms." link="xmlsec-notes-new-crypto-transforms.html"/>
- <sub name="Keys data and keys data stores." link="xmlsec-notes-new-crypto-keys.html"/>
- <sub name="Default keys manager." link="xmlsec-notes-new-crypto-simple-keys-mngr.html"/>
- <sub name="Sharing the results." link="xmlsec-notes-new-crypto-sharing-results.html"/>
- </sub>
- <sub name="Examples." link="xmlsec-examples.html">
- <sub name="XML Security Library Examples." link="xmlsec-examples.html#xmlsec-examples-overview"/>
- <sub name="Signing a template file." link="xmlsec-examples-sign-template-file.html"/>
- <sub name="Signing a dynamicaly created template." link="xmlsec-examples-sign-dynamimc-template.html"/>
- <sub name="Signing with X509 certificate." link="xmlsec-examples-sign-x509.html"/>
- <sub name="Verifying a signature with a single key." link="xmlsec-verify-with-key.html"/>
- <sub name="Verifying a signature with keys manager." link="xmlsec-verify-with-keys-mngr.html"/>
- <sub name="Verifying a signature with X509 certificates." link="xmlsec-verify-with-x509.html"/>
- <sub name="Verifying a signature with additional restrictions." link="xmlsec-verify-with-restrictions.html"/>
- <sub name="Encrypting data with a template file." link="xmlsec-encrypt-template-file.html"/>
- <sub name="Encrypting data with a dynamicaly created template." link="xmlsec-encrypt-dynamic-template.html"/>
- <sub name="Encrypting data with a session key." link="xmlsec-encrypt-with-session-key.html"/>
- <sub name="Decrypting data with a single key." link="xmlsec-decrypt-with-signle-key.html"/>
- <sub name="Decrypting data with keys manager." link="xmlsec-decrypt-with-keys-mngr.html"/>
- <sub name="Writing a custom keys manager." link="xmlsec-custom-keys-manager.html"/>
- </sub>
- <sub name="APPENDIX A. XML Security Library Signature Klasses." link="xmlsec-signature-klasses.html"/>
- <sub name="APPENDIX B. XML Security Library Encryption Klasses." link="xmlsec-encryption-klasses.html"/>
- </sub>
- <sub name="XML Security Library API Reference." link="xmlsec-reference.html">
- <sub name="XML Security Core Library API Reference." link="xmlsec-ref.html">
- <sub name="app" link="xmlsec-app.html"/>
- <sub name="base64" link="xmlsec-base64.html"/>
- <sub name="bn" link="xmlsec-bn.html"/>
- <sub name="buffer" link="xmlsec-buffer.html"/>
- <sub name="dl" link="xmlsec-dl.html"/>
- <sub name="errors" link="xmlsec-errors.html"/>
- <sub name="io" link="xmlsec-io.html"/>
- <sub name="keyinfo" link="xmlsec-keyinfo.html"/>
- <sub name="keysdata" link="xmlsec-keysdata.html"/>
- <sub name="keys" link="xmlsec-keys.html"/>
- <sub name="keysmngr" link="xmlsec-keysmngr.html"/>
- <sub name="list" link="xmlsec-list.html"/>
- <sub name="membuf" link="xmlsec-membuf.html"/>
- <sub name="nodeset" link="xmlsec-nodeset.html"/>
- <sub name="parser" link="xmlsec-parser.html"/>
- <sub name="templates" link="xmlsec-templates.html"/>
- <sub name="transforms" link="xmlsec-transforms.html"/>
- <sub name="version" link="xmlsec-version.html"/>
- <sub name="xmldsig" link="xmlsec-xmldsig.html"/>
- <sub name="xmlenc" link="xmlsec-xmlenc.html"/>
- <sub name="xmlsec" link="xmlsec-xmlsec.html"/>
- <sub name="xmltree" link="xmlsec-xmltree.html"/>
- <sub name="x509" link="xmlsec-x509.html"/>
- </sub>
- <sub name="XML Security Library for OpenSLL API Reference." link="xmlsec-openssl-ref.html">
- <sub name="app" link="xmlsec-openssl-app.html"/>
- <sub name="bn" link="xmlsec-openssl-bn.html"/>
- <sub name="crypto" link="xmlsec-openssl-crypto.html"/>
- <sub name="evp" link="xmlsec-openssl-evp.html"/>
- <sub name="x509" link="xmlsec-openssl-x509.html"/>
- </sub>
- <sub name="XML Security Library for GnuTLS API Reference." link="xmlsec-gnutls-ref.html">
- <sub name="app" link="xmlsec-gnutls-app.html"/>
- <sub name="crypto" link="xmlsec-gnutls-crypto.html"/>
- <sub name="x509" link="xmlsec-gnutls-x509.html"/>
- </sub>
- <sub name="XML Security Library for GCrypt API Reference." link="xmlsec-gcrypt-ref.html">
- <sub name="app" link="xmlsec-gcrypt-app.html"/>
- <sub name="crypto" link="xmlsec-gcrypt-crypto.html"/>
- </sub>
- <sub name="XML Security Library for NSS API Reference." link="xmlsec-nss-ref.html">
- <sub name="app" link="xmlsec-nss-app.html"/>
- <sub name="bignum" link="xmlsec-nss-bignum.html"/>
- <sub name="crypto" link="xmlsec-nss-crypto.html"/>
- <sub name="keysstore" link="xmlsec-nss-keysstore.html"/>
- <sub name="pkikeys" link="xmlsec-nss-pkikeys.html"/>
- <sub name="x509" link="xmlsec-nss-x509.html"/>
- </sub>
- <sub name="XML Security Library for Microsoft Crypto API Reference." link="xmlsec-mscrypto-ref.html">
- <sub name="app" link="xmlsec-mscrypto-app.html"/>
- <sub name="certkeys" link="xmlsec-mscrypto-certkeys.html"/>
- <sub name="crypto" link="xmlsec-mscrypto-crypto.html"/>
- <sub name="keysstore" link="xmlsec-mscrypto-keysstore.html"/>
- <sub name="x509" link="xmlsec-mscrypto-x509.html"/>
- </sub>
- <sub name="XML Security Library for Microsoft Cryptography API: Next Generation (CNG) Reference." link="xmlsec-msccng-ref.html">
- <sub name="app" link="xmlsec-mscng-app.html"/>
- <sub name="certkeys" link="xmlsec-mscng-certkeys.html"/>
- <sub name="crypto" link="xmlsec-mscng-crypto.html"/>
- <sub name="keysstore" link="xmlsec-mscng-keysstore.html"/>
- <sub name="x509" link="xmlsec-mscng-x509.html"/>
- </sub>
- <sub name="XML Security Library Reference Index" link="xmlsec-index.html"/>
- </sub>
- </chapters>
- <functions>
- <keyword type="function" name="xmlSecCryptoInit ()" link="xmlsec-app.html#xmlSecCryptoInit"/>
- <keyword type="function" name="xmlSecCryptoShutdown ()" link="xmlsec-app.html#xmlSecCryptoShutdown"/>
- <keyword type="function" name="xmlSecCryptoKeysMngrInit ()" link="xmlsec-app.html#xmlSecCryptoKeysMngrInit"/>
- <keyword type="function" name="xmlSecKeyDataAesGetKlass ()" link="xmlsec-app.html#xmlSecKeyDataAesGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataDesGetKlass ()" link="xmlsec-app.html#xmlSecKeyDataDesGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataDsaGetKlass ()" link="xmlsec-app.html#xmlSecKeyDataDsaGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataEcdsaGetKlass ()" link="xmlsec-app.html#xmlSecKeyDataEcdsaGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataGost2001GetKlass ()" link="xmlsec-app.html#xmlSecKeyDataGost2001GetKlass"/>
- <keyword type="function" name="xmlSecKeyDataGostR3410_2012_256GetKlass ()" link="xmlsec-app.html#xmlSecKeyDataGostR3410-2012-256GetKlass"/>
- <keyword type="function" name="xmlSecKeyDataGostR3410_2012_512GetKlass ()" link="xmlsec-app.html#xmlSecKeyDataGostR3410-2012-512GetKlass"/>
- <keyword type="function" name="xmlSecKeyDataHmacGetKlass ()" link="xmlsec-app.html#xmlSecKeyDataHmacGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataRsaGetKlass ()" link="xmlsec-app.html#xmlSecKeyDataRsaGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataX509GetKlass ()" link="xmlsec-app.html#xmlSecKeyDataX509GetKlass"/>
- <keyword type="function" name="xmlSecKeyDataRawX509CertGetKlass ()" link="xmlsec-app.html#xmlSecKeyDataRawX509CertGetKlass"/>
- <keyword type="function" name="xmlSecX509StoreGetKlass ()" link="xmlsec-app.html#xmlSecX509StoreGetKlass"/>
- <keyword type="function" name="xmlSecTransformAes128CbcGetKlass ()" link="xmlsec-app.html#xmlSecTransformAes128CbcGetKlass"/>
- <keyword type="function" name="xmlSecTransformAes192CbcGetKlass ()" link="xmlsec-app.html#xmlSecTransformAes192CbcGetKlass"/>
- <keyword type="function" name="xmlSecTransformAes256CbcGetKlass ()" link="xmlsec-app.html#xmlSecTransformAes256CbcGetKlass"/>
- <keyword type="function" name="xmlSecTransformAes128GcmGetKlass ()" link="xmlsec-app.html#xmlSecTransformAes128GcmGetKlass"/>
- <keyword type="function" name="xmlSecTransformAes192GcmGetKlass ()" link="xmlsec-app.html#xmlSecTransformAes192GcmGetKlass"/>
- <keyword type="function" name="xmlSecTransformAes256GcmGetKlass ()" link="xmlsec-app.html#xmlSecTransformAes256GcmGetKlass"/>
- <keyword type="function" name="xmlSecTransformKWAes128GetKlass ()" link="xmlsec-app.html#xmlSecTransformKWAes128GetKlass"/>
- <keyword type="function" name="xmlSecTransformKWAes192GetKlass ()" link="xmlsec-app.html#xmlSecTransformKWAes192GetKlass"/>
- <keyword type="function" name="xmlSecTransformKWAes256GetKlass ()" link="xmlsec-app.html#xmlSecTransformKWAes256GetKlass"/>
- <keyword type="function" name="xmlSecTransformDes3CbcGetKlass ()" link="xmlsec-app.html#xmlSecTransformDes3CbcGetKlass"/>
- <keyword type="function" name="xmlSecTransformKWDes3GetKlass ()" link="xmlsec-app.html#xmlSecTransformKWDes3GetKlass"/>
- <keyword type="function" name="xmlSecTransformDsaSha1GetKlass ()" link="xmlsec-app.html#xmlSecTransformDsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecTransformDsaSha256GetKlass ()" link="xmlsec-app.html#xmlSecTransformDsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecTransformEcdsaSha1GetKlass ()" link="xmlsec-app.html#xmlSecTransformEcdsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecTransformEcdsaSha224GetKlass ()" link="xmlsec-app.html#xmlSecTransformEcdsaSha224GetKlass"/>
- <keyword type="function" name="xmlSecTransformEcdsaSha256GetKlass ()" link="xmlsec-app.html#xmlSecTransformEcdsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecTransformEcdsaSha384GetKlass ()" link="xmlsec-app.html#xmlSecTransformEcdsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecTransformEcdsaSha512GetKlass ()" link="xmlsec-app.html#xmlSecTransformEcdsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecTransformGost2001GostR3411_94GetKlass ()" link="xmlsec-app.html#xmlSecTransformGost2001GostR3411-94GetKlass"/>
- <keyword type="function" name="xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass ()" link="xmlsec-app.html#xmlSecTransformGostR3410-2012GostR3411-2012-256GetKlass"/>
- <keyword type="function" name="xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass ()" link="xmlsec-app.html#xmlSecTransformGostR3410-2012GostR3411-2012-512GetKlass"/>
- <keyword type="function" name="xmlSecTransformHmacMd5GetKlass ()" link="xmlsec-app.html#xmlSecTransformHmacMd5GetKlass"/>
- <keyword type="function" name="xmlSecTransformHmacRipemd160GetKlass ()" link="xmlsec-app.html#xmlSecTransformHmacRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecTransformHmacSha1GetKlass ()" link="xmlsec-app.html#xmlSecTransformHmacSha1GetKlass"/>
- <keyword type="function" name="xmlSecTransformHmacSha224GetKlass ()" link="xmlsec-app.html#xmlSecTransformHmacSha224GetKlass"/>
- <keyword type="function" name="xmlSecTransformHmacSha256GetKlass ()" link="xmlsec-app.html#xmlSecTransformHmacSha256GetKlass"/>
- <keyword type="function" name="xmlSecTransformHmacSha384GetKlass ()" link="xmlsec-app.html#xmlSecTransformHmacSha384GetKlass"/>
- <keyword type="function" name="xmlSecTransformHmacSha512GetKlass ()" link="xmlsec-app.html#xmlSecTransformHmacSha512GetKlass"/>
- <keyword type="function" name="xmlSecTransformMd5GetKlass ()" link="xmlsec-app.html#xmlSecTransformMd5GetKlass"/>
- <keyword type="function" name="xmlSecTransformRipemd160GetKlass ()" link="xmlsec-app.html#xmlSecTransformRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecTransformRsaMd5GetKlass ()" link="xmlsec-app.html#xmlSecTransformRsaMd5GetKlass"/>
- <keyword type="function" name="xmlSecTransformRsaRipemd160GetKlass ()" link="xmlsec-app.html#xmlSecTransformRsaRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecTransformRsaSha1GetKlass ()" link="xmlsec-app.html#xmlSecTransformRsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecTransformRsaSha224GetKlass ()" link="xmlsec-app.html#xmlSecTransformRsaSha224GetKlass"/>
- <keyword type="function" name="xmlSecTransformRsaSha256GetKlass ()" link="xmlsec-app.html#xmlSecTransformRsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecTransformRsaSha384GetKlass ()" link="xmlsec-app.html#xmlSecTransformRsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecTransformRsaSha512GetKlass ()" link="xmlsec-app.html#xmlSecTransformRsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecTransformRsaPkcs1GetKlass ()" link="xmlsec-app.html#xmlSecTransformRsaPkcs1GetKlass"/>
- <keyword type="function" name="xmlSecTransformRsaOaepGetKlass ()" link="xmlsec-app.html#xmlSecTransformRsaOaepGetKlass"/>
- <keyword type="function" name="xmlSecTransformGostR3411_94GetKlass ()" link="xmlsec-app.html#xmlSecTransformGostR3411-94GetKlass"/>
- <keyword type="function" name="xmlSecTransformGostR3411_2012_256GetKlass ()" link="xmlsec-app.html#xmlSecTransformGostR3411-2012-256GetKlass"/>
- <keyword type="function" name="xmlSecTransformGostR3411_2012_512GetKlass ()" link="xmlsec-app.html#xmlSecTransformGostR3411-2012-512GetKlass"/>
- <keyword type="function" name="xmlSecTransformSha1GetKlass ()" link="xmlsec-app.html#xmlSecTransformSha1GetKlass"/>
- <keyword type="function" name="xmlSecTransformSha224GetKlass ()" link="xmlsec-app.html#xmlSecTransformSha224GetKlass"/>
- <keyword type="function" name="xmlSecTransformSha256GetKlass ()" link="xmlsec-app.html#xmlSecTransformSha256GetKlass"/>
- <keyword type="function" name="xmlSecTransformSha384GetKlass ()" link="xmlsec-app.html#xmlSecTransformSha384GetKlass"/>
- <keyword type="function" name="xmlSecTransformSha512GetKlass ()" link="xmlsec-app.html#xmlSecTransformSha512GetKlass"/>
- <keyword type="function" name="xmlSecCryptoAppInit ()" link="xmlsec-app.html#xmlSecCryptoAppInit"/>
- <keyword type="function" name="xmlSecCryptoAppShutdown ()" link="xmlsec-app.html#xmlSecCryptoAppShutdown"/>
- <keyword type="function" name="xmlSecCryptoAppDefaultKeysMngrInit ()" link="xmlsec-app.html#xmlSecCryptoAppDefaultKeysMngrInit"/>
- <keyword type="function" name="xmlSecCryptoAppDefaultKeysMngrAdoptKey ()" link="xmlsec-app.html#xmlSecCryptoAppDefaultKeysMngrAdoptKey"/>
- <keyword type="function" name="xmlSecCryptoAppDefaultKeysMngrLoad ()" link="xmlsec-app.html#xmlSecCryptoAppDefaultKeysMngrLoad"/>
- <keyword type="function" name="xmlSecCryptoAppDefaultKeysMngrSave ()" link="xmlsec-app.html#xmlSecCryptoAppDefaultKeysMngrSave"/>
- <keyword type="function" name="xmlSecCryptoAppKeysMngrCertLoad ()" link="xmlsec-app.html#xmlSecCryptoAppKeysMngrCertLoad"/>
- <keyword type="function" name="xmlSecCryptoAppKeysMngrCertLoadMemory ()" link="xmlsec-app.html#xmlSecCryptoAppKeysMngrCertLoadMemory"/>
- <keyword type="function" name="xmlSecCryptoAppKeyLoad ()" link="xmlsec-app.html#xmlSecCryptoAppKeyLoad"/>
- <keyword type="function" name="xmlSecCryptoAppKeyLoadMemory ()" link="xmlsec-app.html#xmlSecCryptoAppKeyLoadMemory"/>
- <keyword type="function" name="xmlSecCryptoAppPkcs12Load ()" link="xmlsec-app.html#xmlSecCryptoAppPkcs12Load"/>
- <keyword type="function" name="xmlSecCryptoAppPkcs12LoadMemory ()" link="xmlsec-app.html#xmlSecCryptoAppPkcs12LoadMemory"/>
- <keyword type="function" name="xmlSecCryptoAppKeyCertLoad ()" link="xmlsec-app.html#xmlSecCryptoAppKeyCertLoad"/>
- <keyword type="function" name="xmlSecCryptoAppKeyCertLoadMemory ()" link="xmlsec-app.html#xmlSecCryptoAppKeyCertLoadMemory"/>
- <keyword type="function" name="xmlSecCryptoAppGetDefaultPwdCallback ()" link="xmlsec-app.html#xmlSecCryptoAppGetDefaultPwdCallback"/>
- <keyword type="macro" name="xmlSecKeyDataAesId" link="xmlsec-app.html#xmlSecKeyDataAesId"/>
- <keyword type="macro" name="xmlSecKeyDataDesId" link="xmlsec-app.html#xmlSecKeyDataDesId"/>
- <keyword type="macro" name="xmlSecKeyDataDsaId" link="xmlsec-app.html#xmlSecKeyDataDsaId"/>
- <keyword type="macro" name="xmlSecKeyDataEcdsaId" link="xmlsec-app.html#xmlSecKeyDataEcdsaId"/>
- <keyword type="macro" name="xmlSecKeyDataGost2001Id" link="xmlsec-app.html#xmlSecKeyDataGost2001Id"/>
- <keyword type="macro" name="xmlSecKeyDataGostR3410_2012_256Id" link="xmlsec-app.html#xmlSecKeyDataGostR3410-2012-256Id"/>
- <keyword type="macro" name="xmlSecKeyDataGostR3410_2012_512Id" link="xmlsec-app.html#xmlSecKeyDataGostR3410-2012-512Id"/>
- <keyword type="macro" name="xmlSecKeyDataHmacId" link="xmlsec-app.html#xmlSecKeyDataHmacId"/>
- <keyword type="macro" name="xmlSecKeyDataRsaId" link="xmlsec-app.html#xmlSecKeyDataRsaId"/>
- <keyword type="macro" name="xmlSecKeyDataX509Id" link="xmlsec-app.html#xmlSecKeyDataX509Id"/>
- <keyword type="macro" name="xmlSecKeyDataRawX509CertId" link="xmlsec-app.html#xmlSecKeyDataRawX509CertId"/>
- <keyword type="macro" name="xmlSecX509StoreId" link="xmlsec-app.html#xmlSecX509StoreId"/>
- <keyword type="macro" name="xmlSecTransformAes128CbcId" link="xmlsec-app.html#xmlSecTransformAes128CbcId"/>
- <keyword type="macro" name="xmlSecTransformAes192CbcId" link="xmlsec-app.html#xmlSecTransformAes192CbcId"/>
- <keyword type="macro" name="xmlSecTransformAes256CbcId" link="xmlsec-app.html#xmlSecTransformAes256CbcId"/>
- <keyword type="macro" name="xmlSecTransformAes128GcmId" link="xmlsec-app.html#xmlSecTransformAes128GcmId"/>
- <keyword type="macro" name="xmlSecTransformAes192GcmId" link="xmlsec-app.html#xmlSecTransformAes192GcmId"/>
- <keyword type="macro" name="xmlSecTransformAes256GcmId" link="xmlsec-app.html#xmlSecTransformAes256GcmId"/>
- <keyword type="macro" name="xmlSecTransformKWAes128Id" link="xmlsec-app.html#xmlSecTransformKWAes128Id"/>
- <keyword type="macro" name="xmlSecTransformKWAes192Id" link="xmlsec-app.html#xmlSecTransformKWAes192Id"/>
- <keyword type="macro" name="xmlSecTransformKWAes256Id" link="xmlsec-app.html#xmlSecTransformKWAes256Id"/>
- <keyword type="macro" name="xmlSecTransformDes3CbcId" link="xmlsec-app.html#xmlSecTransformDes3CbcId"/>
- <keyword type="macro" name="xmlSecTransformKWDes3Id" link="xmlsec-app.html#xmlSecTransformKWDes3Id"/>
- <keyword type="macro" name="xmlSecTransformDsaSha1Id" link="xmlsec-app.html#xmlSecTransformDsaSha1Id"/>
- <keyword type="macro" name="xmlSecTransformDsaSha256Id" link="xmlsec-app.html#xmlSecTransformDsaSha256Id"/>
- <keyword type="macro" name="xmlSecTransformEcdsaSha1Id" link="xmlsec-app.html#xmlSecTransformEcdsaSha1Id"/>
- <keyword type="macro" name="xmlSecTransformEcdsaSha224Id" link="xmlsec-app.html#xmlSecTransformEcdsaSha224Id"/>
- <keyword type="macro" name="xmlSecTransformEcdsaSha256Id" link="xmlsec-app.html#xmlSecTransformEcdsaSha256Id"/>
- <keyword type="macro" name="xmlSecTransformEcdsaSha384Id" link="xmlsec-app.html#xmlSecTransformEcdsaSha384Id"/>
- <keyword type="macro" name="xmlSecTransformEcdsaSha512Id" link="xmlsec-app.html#xmlSecTransformEcdsaSha512Id"/>
- <keyword type="macro" name="xmlSecTransformGost2001GostR3411_94Id" link="xmlsec-app.html#xmlSecTransformGost2001GostR3411-94Id"/>
- <keyword type="macro" name="xmlSecTransformGostR3410_2012GostR3411_2012_256Id" link="xmlsec-app.html#xmlSecTransformGostR3410-2012GostR3411-2012-256Id"/>
- <keyword type="macro" name="xmlSecTransformGostR3410_2012GostR3411_2012_512Id" link="xmlsec-app.html#xmlSecTransformGostR3410-2012GostR3411-2012-512Id"/>
- <keyword type="macro" name="xmlSecTransformHmacMd5Id" link="xmlsec-app.html#xmlSecTransformHmacMd5Id"/>
- <keyword type="macro" name="xmlSecTransformHmacRipemd160Id" link="xmlsec-app.html#xmlSecTransformHmacRipemd160Id"/>
- <keyword type="macro" name="xmlSecTransformHmacSha1Id" link="xmlsec-app.html#xmlSecTransformHmacSha1Id"/>
- <keyword type="macro" name="xmlSecTransformHmacSha224Id" link="xmlsec-app.html#xmlSecTransformHmacSha224Id"/>
- <keyword type="macro" name="xmlSecTransformHmacSha256Id" link="xmlsec-app.html#xmlSecTransformHmacSha256Id"/>
- <keyword type="macro" name="xmlSecTransformHmacSha384Id" link="xmlsec-app.html#xmlSecTransformHmacSha384Id"/>
- <keyword type="macro" name="xmlSecTransformHmacSha512Id" link="xmlsec-app.html#xmlSecTransformHmacSha512Id"/>
- <keyword type="macro" name="xmlSecTransformMd5Id" link="xmlsec-app.html#xmlSecTransformMd5Id"/>
- <keyword type="macro" name="xmlSecTransformRipemd160Id" link="xmlsec-app.html#xmlSecTransformRipemd160Id"/>
- <keyword type="macro" name="xmlSecTransformRsaMd5Id" link="xmlsec-app.html#xmlSecTransformRsaMd5Id"/>
- <keyword type="macro" name="xmlSecTransformRsaRipemd160Id" link="xmlsec-app.html#xmlSecTransformRsaRipemd160Id"/>
- <keyword type="macro" name="xmlSecTransformRsaSha1Id" link="xmlsec-app.html#xmlSecTransformRsaSha1Id"/>
- <keyword type="macro" name="xmlSecTransformRsaSha224Id" link="xmlsec-app.html#xmlSecTransformRsaSha224Id"/>
- <keyword type="macro" name="xmlSecTransformRsaSha256Id" link="xmlsec-app.html#xmlSecTransformRsaSha256Id"/>
- <keyword type="macro" name="xmlSecTransformRsaSha384Id" link="xmlsec-app.html#xmlSecTransformRsaSha384Id"/>
- <keyword type="macro" name="xmlSecTransformRsaSha512Id" link="xmlsec-app.html#xmlSecTransformRsaSha512Id"/>
- <keyword type="macro" name="xmlSecTransformRsaPkcs1Id" link="xmlsec-app.html#xmlSecTransformRsaPkcs1Id"/>
- <keyword type="macro" name="xmlSecTransformRsaOaepId" link="xmlsec-app.html#xmlSecTransformRsaOaepId"/>
- <keyword type="macro" name="xmlSecTransformGostR3411_94Id" link="xmlsec-app.html#xmlSecTransformGostR3411-94Id"/>
- <keyword type="macro" name="xmlSecTransformGostR3411_2012_256Id" link="xmlsec-app.html#xmlSecTransformGostR3411-2012-256Id"/>
- <keyword type="macro" name="xmlSecTransformGostR3411_2012_512Id" link="xmlsec-app.html#xmlSecTransformGostR3411-2012-512Id"/>
- <keyword type="macro" name="xmlSecTransformSha1Id" link="xmlsec-app.html#xmlSecTransformSha1Id"/>
- <keyword type="macro" name="xmlSecTransformSha224Id" link="xmlsec-app.html#xmlSecTransformSha224Id"/>
- <keyword type="macro" name="xmlSecTransformSha256Id" link="xmlsec-app.html#xmlSecTransformSha256Id"/>
- <keyword type="macro" name="xmlSecTransformSha384Id" link="xmlsec-app.html#xmlSecTransformSha384Id"/>
- <keyword type="macro" name="xmlSecTransformSha512Id" link="xmlsec-app.html#xmlSecTransformSha512Id"/>
- <keyword type="function" name="xmlSecBase64GetDefaultLineSize ()" link="xmlsec-base64.html#xmlSecBase64GetDefaultLineSize"/>
- <keyword type="function" name="xmlSecBase64SetDefaultLineSize ()" link="xmlsec-base64.html#xmlSecBase64SetDefaultLineSize"/>
- <keyword type="function" name="xmlSecBase64CtxCreate ()" link="xmlsec-base64.html#xmlSecBase64CtxCreate"/>
- <keyword type="function" name="xmlSecBase64CtxDestroy ()" link="xmlsec-base64.html#xmlSecBase64CtxDestroy"/>
- <keyword type="function" name="xmlSecBase64CtxInitialize ()" link="xmlsec-base64.html#xmlSecBase64CtxInitialize"/>
- <keyword type="function" name="xmlSecBase64CtxFinalize ()" link="xmlsec-base64.html#xmlSecBase64CtxFinalize"/>
- <keyword type="function" name="xmlSecBase64CtxUpdate ()" link="xmlsec-base64.html#xmlSecBase64CtxUpdate"/>
- <keyword type="function" name="xmlSecBase64CtxFinal ()" link="xmlsec-base64.html#xmlSecBase64CtxFinal"/>
- <keyword type="function" name="xmlSecBase64Encode ()" link="xmlsec-base64.html#xmlSecBase64Encode"/>
- <keyword type="function" name="xmlSecBase64Decode ()" link="xmlsec-base64.html#xmlSecBase64Decode"/>
- <keyword type="macro" name="XMLSEC_BASE64_LINESIZE" link="xmlsec-base64.html#XMLSEC-BASE64-LINESIZE:CAPS"/>
- <keyword type="function" name="xmlSecBnCreate ()" link="xmlsec-bn.html#xmlSecBnCreate"/>
- <keyword type="function" name="xmlSecBnDestroy ()" link="xmlsec-bn.html#xmlSecBnDestroy"/>
- <keyword type="function" name="xmlSecBnInitialize ()" link="xmlsec-bn.html#xmlSecBnInitialize"/>
- <keyword type="function" name="xmlSecBnFinalize ()" link="xmlsec-bn.html#xmlSecBnFinalize"/>
- <keyword type="function" name="xmlSecBnGetData ()" link="xmlsec-bn.html#xmlSecBnGetData"/>
- <keyword type="function" name="xmlSecBnSetData ()" link="xmlsec-bn.html#xmlSecBnSetData"/>
- <keyword type="function" name="xmlSecBnGetSize ()" link="xmlsec-bn.html#xmlSecBnGetSize"/>
- <keyword type="function" name="xmlSecBnZero ()" link="xmlsec-bn.html#xmlSecBnZero"/>
- <keyword type="function" name="xmlSecBnFromString ()" link="xmlsec-bn.html#xmlSecBnFromString"/>
- <keyword type="function" name="xmlSecBnToString ()" link="xmlsec-bn.html#xmlSecBnToString"/>
- <keyword type="function" name="xmlSecBnFromHexString ()" link="xmlsec-bn.html#xmlSecBnFromHexString"/>
- <keyword type="function" name="xmlSecBnToHexString ()" link="xmlsec-bn.html#xmlSecBnToHexString"/>
- <keyword type="function" name="xmlSecBnFromDecString ()" link="xmlsec-bn.html#xmlSecBnFromDecString"/>
- <keyword type="function" name="xmlSecBnToDecString ()" link="xmlsec-bn.html#xmlSecBnToDecString"/>
- <keyword type="function" name="xmlSecBnMul ()" link="xmlsec-bn.html#xmlSecBnMul"/>
- <keyword type="function" name="xmlSecBnDiv ()" link="xmlsec-bn.html#xmlSecBnDiv"/>
- <keyword type="function" name="xmlSecBnAdd ()" link="xmlsec-bn.html#xmlSecBnAdd"/>
- <keyword type="function" name="xmlSecBnReverse ()" link="xmlsec-bn.html#xmlSecBnReverse"/>
- <keyword type="function" name="xmlSecBnCompare ()" link="xmlsec-bn.html#xmlSecBnCompare"/>
- <keyword type="function" name="xmlSecBnCompareReverse ()" link="xmlsec-bn.html#xmlSecBnCompareReverse"/>
- <keyword type="function" name="xmlSecBnGetNodeValue ()" link="xmlsec-bn.html#xmlSecBnGetNodeValue"/>
- <keyword type="function" name="xmlSecBnSetNodeValue ()" link="xmlsec-bn.html#xmlSecBnSetNodeValue"/>
- <keyword type="function" name="xmlSecBnBlobSetNodeValue ()" link="xmlsec-bn.html#xmlSecBnBlobSetNodeValue"/>
- <keyword type="enum" name="enum xmlSecBnFormat" link="xmlsec-bn.html#xmlSecBnFormat"/>
- <keyword type="function" name="xmlSecBufferSetDefaultAllocMode ()" link="xmlsec-buffer.html#xmlSecBufferSetDefaultAllocMode"/>
- <keyword type="function" name="xmlSecBufferCreate ()" link="xmlsec-buffer.html#xmlSecBufferCreate"/>
- <keyword type="function" name="xmlSecBufferDestroy ()" link="xmlsec-buffer.html#xmlSecBufferDestroy"/>
- <keyword type="function" name="xmlSecBufferInitialize ()" link="xmlsec-buffer.html#xmlSecBufferInitialize"/>
- <keyword type="function" name="xmlSecBufferFinalize ()" link="xmlsec-buffer.html#xmlSecBufferFinalize"/>
- <keyword type="function" name="xmlSecBufferGetData ()" link="xmlsec-buffer.html#xmlSecBufferGetData"/>
- <keyword type="function" name="xmlSecBufferSetData ()" link="xmlsec-buffer.html#xmlSecBufferSetData"/>
- <keyword type="function" name="xmlSecBufferGetSize ()" link="xmlsec-buffer.html#xmlSecBufferGetSize"/>
- <keyword type="function" name="xmlSecBufferSetSize ()" link="xmlsec-buffer.html#xmlSecBufferSetSize"/>
- <keyword type="function" name="xmlSecBufferGetMaxSize ()" link="xmlsec-buffer.html#xmlSecBufferGetMaxSize"/>
- <keyword type="function" name="xmlSecBufferSetMaxSize ()" link="xmlsec-buffer.html#xmlSecBufferSetMaxSize"/>
- <keyword type="function" name="xmlSecBufferEmpty ()" link="xmlsec-buffer.html#xmlSecBufferEmpty"/>
- <keyword type="function" name="xmlSecBufferAppend ()" link="xmlsec-buffer.html#xmlSecBufferAppend"/>
- <keyword type="function" name="xmlSecBufferPrepend ()" link="xmlsec-buffer.html#xmlSecBufferPrepend"/>
- <keyword type="function" name="xmlSecBufferRemoveHead ()" link="xmlsec-buffer.html#xmlSecBufferRemoveHead"/>
- <keyword type="function" name="xmlSecBufferRemoveTail ()" link="xmlsec-buffer.html#xmlSecBufferRemoveTail"/>
- <keyword type="function" name="xmlSecBufferReadFile ()" link="xmlsec-buffer.html#xmlSecBufferReadFile"/>
- <keyword type="function" name="xmlSecBufferBase64NodeContentRead ()" link="xmlsec-buffer.html#xmlSecBufferBase64NodeContentRead"/>
- <keyword type="function" name="xmlSecBufferBase64NodeContentWrite ()" link="xmlsec-buffer.html#xmlSecBufferBase64NodeContentWrite"/>
- <keyword type="function" name="xmlSecBufferCreateOutputBuffer ()" link="xmlsec-buffer.html#xmlSecBufferCreateOutputBuffer"/>
- <keyword type="enum" name="enum xmlSecAllocMode" link="xmlsec-buffer.html#xmlSecAllocMode"/>
- <keyword type="struct" name="struct xmlSecBuffer" link="xmlsec-buffer.html#xmlSecBuffer"/>
- <keyword type="function" name="xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms ()" link="xmlsec-dl.html#xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms"/>
- <keyword type="function" name="xmlSecCryptoDLInit ()" link="xmlsec-dl.html#xmlSecCryptoDLInit"/>
- <keyword type="function" name="xmlSecCryptoDLShutdown ()" link="xmlsec-dl.html#xmlSecCryptoDLShutdown"/>
- <keyword type="function" name="xmlSecCryptoDLLoadLibrary ()" link="xmlsec-dl.html#xmlSecCryptoDLLoadLibrary"/>
- <keyword type="function" name="xmlSecCryptoDLGetLibraryFunctions ()" link="xmlsec-dl.html#xmlSecCryptoDLGetLibraryFunctions"/>
- <keyword type="function" name="xmlSecCryptoDLUnloadLibrary ()" link="xmlsec-dl.html#xmlSecCryptoDLUnloadLibrary"/>
- <keyword type="function" name="xmlSecCryptoDLSetFunctions ()" link="xmlsec-dl.html#xmlSecCryptoDLSetFunctions"/>
- <keyword type="function" name="xmlSecCryptoDLGetFunctions ()" link="xmlsec-dl.html#xmlSecCryptoDLGetFunctions"/>
- <keyword type="function" name="xmlSecErrorsCallback ()" link="xmlsec-errors.html#xmlSecErrorsCallback"/>
- <keyword type="function" name="xmlSecErrorsInit ()" link="xmlsec-errors.html#xmlSecErrorsInit"/>
- <keyword type="function" name="xmlSecErrorsShutdown ()" link="xmlsec-errors.html#xmlSecErrorsShutdown"/>
- <keyword type="function" name="xmlSecErrorsSetCallback ()" link="xmlsec-errors.html#xmlSecErrorsSetCallback"/>
- <keyword type="function" name="xmlSecErrorsDefaultCallback ()" link="xmlsec-errors.html#xmlSecErrorsDefaultCallback"/>
- <keyword type="function" name="xmlSecErrorsDefaultCallbackEnableOutput ()" link="xmlsec-errors.html#xmlSecErrorsDefaultCallbackEnableOutput"/>
- <keyword type="function" name="xmlSecErrorsGetCode ()" link="xmlsec-errors.html#xmlSecErrorsGetCode"/>
- <keyword type="function" name="xmlSecErrorsGetMsg ()" link="xmlsec-errors.html#xmlSecErrorsGetMsg"/>
- <keyword type="macro" name="xmlSecErrorsSafeString()" link="xmlsec-errors.html#xmlSecErrorsSafeString"/>
- <keyword type="function" name="xmlSecError ()" link="xmlsec-errors.html#xmlSecError"/>
- <keyword type="macro" name="xmlSecAssert()" link="xmlsec-errors.html#xmlSecAssert"/>
- <keyword type="macro" name="xmlSecAssert2()" link="xmlsec-errors.html#xmlSecAssert2"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_XMLSEC_FAILED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-XMLSEC-FAILED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_MALLOC_FAILED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-MALLOC-FAILED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_STRDUP_FAILED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-STRDUP-FAILED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_CRYPTO_FAILED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-CRYPTO-FAILED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_XML_FAILED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-XML-FAILED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_XSLT_FAILED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-XSLT-FAILED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_IO_FAILED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-IO-FAILED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_DISABLED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-DISABLED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_NOT_IMPLEMENTED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-NOT-IMPLEMENTED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_CONFIG" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-CONFIG:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_SIZE" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-SIZE:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_DATA" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-DATA:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_RESULT" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-RESULT:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_TYPE" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-TYPE:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_OPERATION" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-OPERATION:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_STATUS" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-STATUS:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_FORMAT" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-FORMAT:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_DATA_NOT_MATCH" link="xmlsec-errors.html#XMLSEC-ERRORS-R-DATA-NOT-MATCH:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_VERSION" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-VERSION:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_NODE" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-NODE:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_NODE_CONTENT" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-NODE-CONTENT:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-NODE-ATTRIBUTE:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE" link="xmlsec-errors.html#XMLSEC-ERRORS-R-MISSING-NODE-ATTRIBUTE:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT" link="xmlsec-errors.html#XMLSEC-ERRORS-R-NODE-ALREADY-PRESENT:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_UNEXPECTED_NODE" link="xmlsec-errors.html#XMLSEC-ERRORS-R-UNEXPECTED-NODE:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_NODE_NOT_FOUND" link="xmlsec-errors.html#XMLSEC-ERRORS-R-NODE-NOT-FOUND:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_TRANSFORM" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-TRANSFORM:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-TRANSFORM-KEY:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_URI_TYPE" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-URI-TYPE:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-TRANSFORM-SAME-DOCUMENT-REQUIRED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_TRANSFORM_DISABLED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-TRANSFORM-DISABLED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_KEY_DATA" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-KEY-DATA:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND" link="xmlsec-errors.html#XMLSEC-ERRORS-R-KEY-DATA-NOT-FOUND:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST" link="xmlsec-errors.html#XMLSEC-ERRORS-R-KEY-DATA-ALREADY-EXIST:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE" link="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-KEY-DATA-SIZE:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_KEY_NOT_FOUND" link="xmlsec-errors.html#XMLSEC-ERRORS-R-KEY-NOT-FOUND:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_KEYDATA_DISABLED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-KEYDATA-DISABLED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL" link="xmlsec-errors.html#XMLSEC-ERRORS-R-MAX-RETRIEVALS-LEVEL:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH" link="xmlsec-errors.html#XMLSEC-ERRORS-R-MAX-RETRIEVAL-TYPE-MISMATCH:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL" link="xmlsec-errors.html#XMLSEC-ERRORS-R-MAX-ENCKEY-LEVEL:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_CERT_VERIFY_FAILED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-VERIFY-FAILED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_CERT_NOT_FOUND" link="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-NOT-FOUND:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_CERT_REVOKED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-REVOKED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_CERT_ISSUER_FAILED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-ISSUER-FAILED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_CERT_NOT_YET_VALID" link="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-NOT-YET-VALID:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_CERT_HAS_EXPIRED" link="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-HAS-EXPIRED:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_DSIG_NO_REFERENCES" link="xmlsec-errors.html#XMLSEC-ERRORS-R-DSIG-NO-REFERENCES:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE" link="xmlsec-errors.html#XMLSEC-ERRORS-R-DSIG-INVALID-REFERENCE:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_R_ASSERTION" link="xmlsec-errors.html#XMLSEC-ERRORS-R-ASSERTION:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_MAX_NUMBER" link="xmlsec-errors.html#XMLSEC-ERRORS-MAX-NUMBER:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_HERE" link="xmlsec-errors.html#XMLSEC-ERRORS-HERE:CAPS"/>
- <keyword type="macro" name="XMLSEC_ERRORS_NO_MESSAGE" link="xmlsec-errors.html#XMLSEC-ERRORS-NO-MESSAGE:CAPS"/>
- <keyword type="function" name="xmlSecIOInit ()" link="xmlsec-io.html#xmlSecIOInit"/>
- <keyword type="function" name="xmlSecIOShutdown ()" link="xmlsec-io.html#xmlSecIOShutdown"/>
- <keyword type="function" name="xmlSecIOCleanupCallbacks ()" link="xmlsec-io.html#xmlSecIOCleanupCallbacks"/>
- <keyword type="function" name="xmlSecIORegisterDefaultCallbacks ()" link="xmlsec-io.html#xmlSecIORegisterDefaultCallbacks"/>
- <keyword type="function" name="xmlSecIORegisterCallbacks ()" link="xmlsec-io.html#xmlSecIORegisterCallbacks"/>
- <keyword type="function" name="xmlSecTransformInputURIGetKlass ()" link="xmlsec-io.html#xmlSecTransformInputURIGetKlass"/>
- <keyword type="function" name="xmlSecTransformInputURIOpen ()" link="xmlsec-io.html#xmlSecTransformInputURIOpen"/>
- <keyword type="function" name="xmlSecTransformInputURIClose ()" link="xmlsec-io.html#xmlSecTransformInputURIClose"/>
- <keyword type="macro" name="xmlSecTransformInputURIId" link="xmlsec-io.html#xmlSecTransformInputURIId"/>
- <keyword type="function" name="xmlSecKeyInfoNodeRead ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoNodeRead"/>
- <keyword type="function" name="xmlSecKeyInfoNodeWrite ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoNodeWrite"/>
- <keyword type="function" name="xmlSecKeyInfoCtxCreate ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtxCreate"/>
- <keyword type="function" name="xmlSecKeyInfoCtxDestroy ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtxDestroy"/>
- <keyword type="function" name="xmlSecKeyInfoCtxInitialize ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtxInitialize"/>
- <keyword type="function" name="xmlSecKeyInfoCtxFinalize ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtxFinalize"/>
- <keyword type="function" name="xmlSecKeyInfoCtxReset ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtxReset"/>
- <keyword type="function" name="xmlSecKeyInfoCtxCopyUserPref ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtxCopyUserPref"/>
- <keyword type="function" name="xmlSecKeyInfoCtxCreateEncCtx ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtxCreateEncCtx"/>
- <keyword type="function" name="xmlSecKeyInfoCtxDebugDump ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtxDebugDump"/>
- <keyword type="function" name="xmlSecKeyInfoCtxDebugXmlDump ()" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtxDebugXmlDump"/>
- <keyword type="function" name="xmlSecKeyDataNameGetKlass ()" link="xmlsec-keyinfo.html#xmlSecKeyDataNameGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataValueGetKlass ()" link="xmlsec-keyinfo.html#xmlSecKeyDataValueGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataRetrievalMethodGetKlass ()" link="xmlsec-keyinfo.html#xmlSecKeyDataRetrievalMethodGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataEncryptedKeyGetKlass ()" link="xmlsec-keyinfo.html#xmlSecKeyDataEncryptedKeyGetKlass"/>
- <keyword type="enum" name="enum xmlSecKeyInfoMode" link="xmlsec-keyinfo.html#xmlSecKeyInfoMode"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-DONT-STOP-ON-KEY-FOUND:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-STOP-ON-UNKNOWN-CHILD:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-KEYNAME-STOP-ON-UNKNOWN:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-KEYVALUE-STOP-ON-UNKNOWN-CHILD:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-RETRMETHOD-STOP-ON-UNKNOWN-HREF:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-RETRMETHOD-STOP-ON-MISMATCH-HREF:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-UNKNOWN-CHILD:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-DONT-VERIFY-CERTS:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-UNKNOWN-CERT:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-INVALID-CERT:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-ENCKEY-DONT-STOP-ON-FAILED-DECRYPTION:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-STOP-ON-EMPTY-NODE:CAPS"/>
- <keyword type="macro" name="XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS" link="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-SKIP-STRICT-CHECKS:CAPS"/>
- <keyword type="struct" name="struct xmlSecKeyInfoCtx" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx"/>
- <keyword type="macro" name="xmlSecKeyDataNameId" link="xmlsec-keyinfo.html#xmlSecKeyDataNameId"/>
- <keyword type="macro" name="xmlSecKeyDataValueId" link="xmlsec-keyinfo.html#xmlSecKeyDataValueId"/>
- <keyword type="macro" name="xmlSecKeyDataRetrievalMethodId" link="xmlsec-keyinfo.html#xmlSecKeyDataRetrievalMethodId"/>
- <keyword type="macro" name="xmlSecKeyDataEncryptedKeyId" link="xmlsec-keyinfo.html#xmlSecKeyDataEncryptedKeyId"/>
- <keyword type="function" name="xmlSecKeyDataIdsGet ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdsGet"/>
- <keyword type="function" name="xmlSecKeyDataIdsInit ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdsInit"/>
- <keyword type="function" name="xmlSecKeyDataIdsShutdown ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdsShutdown"/>
- <keyword type="function" name="xmlSecKeyDataIdsRegisterDefault ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdsRegisterDefault"/>
- <keyword type="function" name="xmlSecKeyDataIdsRegister ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdsRegister"/>
- <keyword type="function" name="xmlSecKeyDataCreate ()" link="xmlsec-keysdata.html#xmlSecKeyDataCreate"/>
- <keyword type="function" name="xmlSecKeyDataDuplicate ()" link="xmlsec-keysdata.html#xmlSecKeyDataDuplicate"/>
- <keyword type="function" name="xmlSecKeyDataDestroy ()" link="xmlsec-keysdata.html#xmlSecKeyDataDestroy"/>
- <keyword type="function" name="xmlSecKeyDataGenerate ()" link="xmlsec-keysdata.html#xmlSecKeyDataGenerate"/>
- <keyword type="function" name="xmlSecKeyDataGetType ()" link="xmlsec-keysdata.html#xmlSecKeyDataGetType"/>
- <keyword type="function" name="xmlSecKeyDataGetSize ()" link="xmlsec-keysdata.html#xmlSecKeyDataGetSize"/>
- <keyword type="function" name="xmlSecKeyDataGetIdentifier ()" link="xmlsec-keysdata.html#xmlSecKeyDataGetIdentifier"/>
- <keyword type="function" name="xmlSecKeyDataDebugDump ()" link="xmlsec-keysdata.html#xmlSecKeyDataDebugDump"/>
- <keyword type="function" name="xmlSecKeyDataDebugXmlDump ()" link="xmlsec-keysdata.html#xmlSecKeyDataDebugXmlDump"/>
- <keyword type="function" name="xmlSecKeyDataXmlRead ()" link="xmlsec-keysdata.html#xmlSecKeyDataXmlRead"/>
- <keyword type="function" name="xmlSecKeyDataXmlWrite ()" link="xmlsec-keysdata.html#xmlSecKeyDataXmlWrite"/>
- <keyword type="function" name="xmlSecKeyDataBinRead ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinRead"/>
- <keyword type="function" name="xmlSecKeyDataBinWrite ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinWrite"/>
- <keyword type="macro" name="xmlSecKeyDataGetName()" link="xmlsec-keysdata.html#xmlSecKeyDataGetName"/>
- <keyword type="macro" name="xmlSecKeyDataIsValid()" link="xmlsec-keysdata.html#xmlSecKeyDataIsValid"/>
- <keyword type="macro" name="xmlSecKeyDataCheckId()" link="xmlsec-keysdata.html#xmlSecKeyDataCheckId"/>
- <keyword type="macro" name="xmlSecKeyDataCheckUsage()" link="xmlsec-keysdata.html#xmlSecKeyDataCheckUsage"/>
- <keyword type="macro" name="xmlSecKeyDataCheckSize()" link="xmlsec-keysdata.html#xmlSecKeyDataCheckSize"/>
- <keyword type="function" name="xmlSecKeyDataInitMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataInitMethod"/>
- <keyword type="function" name="xmlSecKeyDataDuplicateMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataDuplicateMethod"/>
- <keyword type="function" name="xmlSecKeyDataFinalizeMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataFinalizeMethod"/>
- <keyword type="function" name="xmlSecKeyDataXmlReadMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataXmlReadMethod"/>
- <keyword type="function" name="xmlSecKeyDataXmlWriteMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataXmlWriteMethod"/>
- <keyword type="function" name="xmlSecKeyDataBinReadMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinReadMethod"/>
- <keyword type="function" name="xmlSecKeyDataBinWriteMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinWriteMethod"/>
- <keyword type="function" name="xmlSecKeyDataGenerateMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataGenerateMethod"/>
- <keyword type="function" name="xmlSecKeyDataGetTypeMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataGetTypeMethod"/>
- <keyword type="function" name="xmlSecKeyDataGetSizeMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataGetSizeMethod"/>
- <keyword type="function" name="xmlSecKeyDataGetIdentifierMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataGetIdentifierMethod"/>
- <keyword type="function" name="xmlSecKeyDataDebugDumpMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataDebugDumpMethod"/>
- <keyword type="macro" name="xmlSecKeyDataKlassGetName()" link="xmlsec-keysdata.html#xmlSecKeyDataKlassGetName"/>
- <keyword type="function" name="xmlSecKeyDataListGetKlass ()" link="xmlsec-keysdata.html#xmlSecKeyDataListGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataIdListGetKlass ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdListGetKlass"/>
- <keyword type="function" name="xmlSecKeyDataIdListFind ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdListFind"/>
- <keyword type="function" name="xmlSecKeyDataIdListFindByNode ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdListFindByNode"/>
- <keyword type="function" name="xmlSecKeyDataIdListFindByHref ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdListFindByHref"/>
- <keyword type="function" name="xmlSecKeyDataIdListFindByName ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdListFindByName"/>
- <keyword type="function" name="xmlSecKeyDataIdListDebugDump ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdListDebugDump"/>
- <keyword type="function" name="xmlSecKeyDataIdListDebugXmlDump ()" link="xmlsec-keysdata.html#xmlSecKeyDataIdListDebugXmlDump"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueInitialize ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueInitialize"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueDuplicate ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueDuplicate"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueFinalize ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueFinalize"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueXmlRead ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueXmlRead"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueXmlWrite ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueXmlWrite"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueBinRead ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueBinRead"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueBinWrite ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueBinWrite"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueDebugDump ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueDebugDump"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueDebugXmlDump ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueDebugXmlDump"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueGetSize ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueGetSize"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueGetBuffer ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueGetBuffer"/>
- <keyword type="function" name="xmlSecKeyDataBinaryValueSetBuffer ()" link="xmlsec-keysdata.html#xmlSecKeyDataBinaryValueSetBuffer"/>
- <keyword type="function" name="xmlSecKeyDataStoreCreate ()" link="xmlsec-keysdata.html#xmlSecKeyDataStoreCreate"/>
- <keyword type="function" name="xmlSecKeyDataStoreDestroy ()" link="xmlsec-keysdata.html#xmlSecKeyDataStoreDestroy"/>
- <keyword type="macro" name="xmlSecKeyDataStoreGetName()" link="xmlsec-keysdata.html#xmlSecKeyDataStoreGetName"/>
- <keyword type="macro" name="xmlSecKeyDataStoreIsValid()" link="xmlsec-keysdata.html#xmlSecKeyDataStoreIsValid"/>
- <keyword type="macro" name="xmlSecKeyDataStoreCheckId()" link="xmlsec-keysdata.html#xmlSecKeyDataStoreCheckId"/>
- <keyword type="macro" name="xmlSecKeyDataStoreCheckSize()" link="xmlsec-keysdata.html#xmlSecKeyDataStoreCheckSize"/>
- <keyword type="function" name="xmlSecKeyDataStoreInitializeMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataStoreInitializeMethod"/>
- <keyword type="function" name="xmlSecKeyDataStoreFinalizeMethod ()" link="xmlsec-keysdata.html#xmlSecKeyDataStoreFinalizeMethod"/>
- <keyword type="macro" name="xmlSecKeyDataStoreKlassGetName()" link="xmlsec-keysdata.html#xmlSecKeyDataStoreKlassGetName"/>
- <keyword type="function" name="xmlSecKeyDataStorePtrListGetKlass ()" link="xmlsec-keysdata.html#xmlSecKeyDataStorePtrListGetKlass"/>
- <keyword type="function" name="xmlSecImportSetPersistKey ()" link="xmlsec-keysdata.html#xmlSecImportSetPersistKey"/>
- <keyword type="function" name="xmlSecImportGetPersistKey ()" link="xmlsec-keysdata.html#xmlSecImportGetPersistKey"/>
- <keyword type="typedef" name="xmlSecKeyDataUsage" link="xmlsec-keysdata.html#xmlSecKeyDataUsage"/>
- <keyword type="macro" name="xmlSecKeyDataUsageUnknown" link="xmlsec-keysdata.html#xmlSecKeyDataUsageUnknown"/>
- <keyword type="macro" name="xmlSecKeyDataUsageKeyInfoNodeRead" link="xmlsec-keysdata.html#xmlSecKeyDataUsageKeyInfoNodeRead"/>
- <keyword type="macro" name="xmlSecKeyDataUsageKeyInfoNodeWrite" link="xmlsec-keysdata.html#xmlSecKeyDataUsageKeyInfoNodeWrite"/>
- <keyword type="macro" name="xmlSecKeyDataUsageKeyValueNodeRead" link="xmlsec-keysdata.html#xmlSecKeyDataUsageKeyValueNodeRead"/>
- <keyword type="macro" name="xmlSecKeyDataUsageKeyValueNodeWrite" link="xmlsec-keysdata.html#xmlSecKeyDataUsageKeyValueNodeWrite"/>
- <keyword type="macro" name="xmlSecKeyDataUsageRetrievalMethodNodeXml" link="xmlsec-keysdata.html#xmlSecKeyDataUsageRetrievalMethodNodeXml"/>
- <keyword type="macro" name="xmlSecKeyDataUsageRetrievalMethodNodeBin" link="xmlsec-keysdata.html#xmlSecKeyDataUsageRetrievalMethodNodeBin"/>
- <keyword type="macro" name="xmlSecKeyDataUsageAny" link="xmlsec-keysdata.html#xmlSecKeyDataUsageAny"/>
- <keyword type="macro" name="xmlSecKeyDataUsageKeyInfoNode" link="xmlsec-keysdata.html#xmlSecKeyDataUsageKeyInfoNode"/>
- <keyword type="macro" name="xmlSecKeyDataUsageKeyValueNode" link="xmlsec-keysdata.html#xmlSecKeyDataUsageKeyValueNode"/>
- <keyword type="macro" name="xmlSecKeyDataUsageRetrievalMethodNode" link="xmlsec-keysdata.html#xmlSecKeyDataUsageRetrievalMethodNode"/>
- <keyword type="typedef" name="xmlSecKeyDataType" link="xmlsec-keysdata.html#xmlSecKeyDataType"/>
- <keyword type="macro" name="xmlSecKeyDataTypeUnknown" link="xmlsec-keysdata.html#xmlSecKeyDataTypeUnknown"/>
- <keyword type="macro" name="xmlSecKeyDataTypeNone" link="xmlsec-keysdata.html#xmlSecKeyDataTypeNone"/>
- <keyword type="macro" name="xmlSecKeyDataTypePublic" link="xmlsec-keysdata.html#xmlSecKeyDataTypePublic"/>
- <keyword type="macro" name="xmlSecKeyDataTypePrivate" link="xmlsec-keysdata.html#xmlSecKeyDataTypePrivate"/>
- <keyword type="macro" name="xmlSecKeyDataTypeSymmetric" link="xmlsec-keysdata.html#xmlSecKeyDataTypeSymmetric"/>
- <keyword type="macro" name="xmlSecKeyDataTypeSession" link="xmlsec-keysdata.html#xmlSecKeyDataTypeSession"/>
- <keyword type="macro" name="xmlSecKeyDataTypePermanent" link="xmlsec-keysdata.html#xmlSecKeyDataTypePermanent"/>
- <keyword type="macro" name="xmlSecKeyDataTypeTrusted" link="xmlsec-keysdata.html#xmlSecKeyDataTypeTrusted"/>
- <keyword type="macro" name="xmlSecKeyDataTypeAny" link="xmlsec-keysdata.html#xmlSecKeyDataTypeAny"/>
- <keyword type="enum" name="enum xmlSecKeyDataFormat" link="xmlsec-keysdata.html#xmlSecKeyDataFormat"/>
- <keyword type="struct" name="struct xmlSecKeyData" link="xmlsec-keysdata.html#xmlSecKeyData"/>
- <keyword type="macro" name="xmlSecKeyDataIdUnknown" link="xmlsec-keysdata.html#xmlSecKeyDataIdUnknown"/>
- <keyword type="struct" name="struct xmlSecKeyDataKlass" link="xmlsec-keysdata.html#xmlSecKeyDataKlass"/>
- <keyword type="macro" name="xmlSecKeyDataListId" link="xmlsec-keysdata.html#xmlSecKeyDataListId"/>
- <keyword type="macro" name="xmlSecKeyDataIdListId" link="xmlsec-keysdata.html#xmlSecKeyDataIdListId"/>
- <keyword type="macro" name="xmlSecKeyDataBinarySize" link="xmlsec-keysdata.html#xmlSecKeyDataBinarySize"/>
- <keyword type="struct" name="struct xmlSecKeyDataStore" link="xmlsec-keysdata.html#xmlSecKeyDataStore"/>
- <keyword type="macro" name="xmlSecKeyDataStoreIdUnknown" link="xmlsec-keysdata.html#xmlSecKeyDataStoreIdUnknown"/>
- <keyword type="struct" name="struct xmlSecKeyDataStoreKlass" link="xmlsec-keysdata.html#xmlSecKeyDataStoreKlass"/>
- <keyword type="macro" name="xmlSecKeyDataStorePtrListId" link="xmlsec-keysdata.html#xmlSecKeyDataStorePtrListId"/>
- <keyword type="function" name="xmlSecKeyUseWithInitialize ()" link="xmlsec-keys.html#xmlSecKeyUseWithInitialize"/>
- <keyword type="function" name="xmlSecKeyUseWithFinalize ()" link="xmlsec-keys.html#xmlSecKeyUseWithFinalize"/>
- <keyword type="function" name="xmlSecKeyUseWithReset ()" link="xmlsec-keys.html#xmlSecKeyUseWithReset"/>
- <keyword type="function" name="xmlSecKeyUseWithCopy ()" link="xmlsec-keys.html#xmlSecKeyUseWithCopy"/>
- <keyword type="function" name="xmlSecKeyUseWithCreate ()" link="xmlsec-keys.html#xmlSecKeyUseWithCreate"/>
- <keyword type="function" name="xmlSecKeyUseWithDuplicate ()" link="xmlsec-keys.html#xmlSecKeyUseWithDuplicate"/>
- <keyword type="function" name="xmlSecKeyUseWithDestroy ()" link="xmlsec-keys.html#xmlSecKeyUseWithDestroy"/>
- <keyword type="function" name="xmlSecKeyUseWithSet ()" link="xmlsec-keys.html#xmlSecKeyUseWithSet"/>
- <keyword type="function" name="xmlSecKeyUseWithDebugDump ()" link="xmlsec-keys.html#xmlSecKeyUseWithDebugDump"/>
- <keyword type="function" name="xmlSecKeyUseWithDebugXmlDump ()" link="xmlsec-keys.html#xmlSecKeyUseWithDebugXmlDump"/>
- <keyword type="function" name="xmlSecKeyUseWithPtrListGetKlass ()" link="xmlsec-keys.html#xmlSecKeyUseWithPtrListGetKlass"/>
- <keyword type="function" name="xmlSecKeyReqInitialize ()" link="xmlsec-keys.html#xmlSecKeyReqInitialize"/>
- <keyword type="function" name="xmlSecKeyReqFinalize ()" link="xmlsec-keys.html#xmlSecKeyReqFinalize"/>
- <keyword type="function" name="xmlSecKeyReqReset ()" link="xmlsec-keys.html#xmlSecKeyReqReset"/>
- <keyword type="function" name="xmlSecKeyReqCopy ()" link="xmlsec-keys.html#xmlSecKeyReqCopy"/>
- <keyword type="function" name="xmlSecKeyReqMatchKey ()" link="xmlsec-keys.html#xmlSecKeyReqMatchKey"/>
- <keyword type="function" name="xmlSecKeyReqMatchKeyValue ()" link="xmlsec-keys.html#xmlSecKeyReqMatchKeyValue"/>
- <keyword type="function" name="xmlSecKeyReqDebugDump ()" link="xmlsec-keys.html#xmlSecKeyReqDebugDump"/>
- <keyword type="function" name="xmlSecKeyReqDebugXmlDump ()" link="xmlsec-keys.html#xmlSecKeyReqDebugXmlDump"/>
- <keyword type="function" name="xmlSecKeyCreate ()" link="xmlsec-keys.html#xmlSecKeyCreate"/>
- <keyword type="function" name="xmlSecKeyDestroy ()" link="xmlsec-keys.html#xmlSecKeyDestroy"/>
- <keyword type="function" name="xmlSecKeyEmpty ()" link="xmlsec-keys.html#xmlSecKeyEmpty"/>
- <keyword type="function" name="xmlSecKeyDuplicate ()" link="xmlsec-keys.html#xmlSecKeyDuplicate"/>
- <keyword type="function" name="xmlSecKeyCopy ()" link="xmlsec-keys.html#xmlSecKeyCopy"/>
- <keyword type="function" name="xmlSecKeyGetName ()" link="xmlsec-keys.html#xmlSecKeyGetName"/>
- <keyword type="function" name="xmlSecKeySetName ()" link="xmlsec-keys.html#xmlSecKeySetName"/>
- <keyword type="function" name="xmlSecKeyGetType ()" link="xmlsec-keys.html#xmlSecKeyGetType"/>
- <keyword type="function" name="xmlSecKeyGetValue ()" link="xmlsec-keys.html#xmlSecKeyGetValue"/>
- <keyword type="function" name="xmlSecKeySetValue ()" link="xmlsec-keys.html#xmlSecKeySetValue"/>
- <keyword type="function" name="xmlSecKeyGetData ()" link="xmlsec-keys.html#xmlSecKeyGetData"/>
- <keyword type="function" name="xmlSecKeyEnsureData ()" link="xmlsec-keys.html#xmlSecKeyEnsureData"/>
- <keyword type="function" name="xmlSecKeyAdoptData ()" link="xmlsec-keys.html#xmlSecKeyAdoptData"/>
- <keyword type="function" name="xmlSecKeyDebugDump ()" link="xmlsec-keys.html#xmlSecKeyDebugDump"/>
- <keyword type="function" name="xmlSecKeyDebugXmlDump ()" link="xmlsec-keys.html#xmlSecKeyDebugXmlDump"/>
- <keyword type="function" name="xmlSecKeyGenerate ()" link="xmlsec-keys.html#xmlSecKeyGenerate"/>
- <keyword type="function" name="xmlSecKeyGenerateByName ()" link="xmlsec-keys.html#xmlSecKeyGenerateByName"/>
- <keyword type="function" name="xmlSecKeyMatch ()" link="xmlsec-keys.html#xmlSecKeyMatch"/>
- <keyword type="function" name="xmlSecKeyReadBuffer ()" link="xmlsec-keys.html#xmlSecKeyReadBuffer"/>
- <keyword type="function" name="xmlSecKeyReadBinaryFile ()" link="xmlsec-keys.html#xmlSecKeyReadBinaryFile"/>
- <keyword type="function" name="xmlSecKeyReadMemory ()" link="xmlsec-keys.html#xmlSecKeyReadMemory"/>
- <keyword type="macro" name="xmlSecKeyIsValid()" link="xmlsec-keys.html#xmlSecKeyIsValid"/>
- <keyword type="macro" name="xmlSecKeyCheckId()" link="xmlsec-keys.html#xmlSecKeyCheckId"/>
- <keyword type="function" name="xmlSecKeyPtrListGetKlass ()" link="xmlsec-keys.html#xmlSecKeyPtrListGetKlass"/>
- <keyword type="typedef" name="xmlSecKeyUsage" link="xmlsec-keys.html#xmlSecKeyUsage"/>
- <keyword type="macro" name="xmlSecKeyUsageSign" link="xmlsec-keys.html#xmlSecKeyUsageSign"/>
- <keyword type="macro" name="xmlSecKeyUsageVerify" link="xmlsec-keys.html#xmlSecKeyUsageVerify"/>
- <keyword type="macro" name="xmlSecKeyUsageEncrypt" link="xmlsec-keys.html#xmlSecKeyUsageEncrypt"/>
- <keyword type="macro" name="xmlSecKeyUsageDecrypt" link="xmlsec-keys.html#xmlSecKeyUsageDecrypt"/>
- <keyword type="macro" name="xmlSecKeyUsageKeyExchange" link="xmlsec-keys.html#xmlSecKeyUsageKeyExchange"/>
- <keyword type="macro" name="xmlSecKeyUsageAny" link="xmlsec-keys.html#xmlSecKeyUsageAny"/>
- <keyword type="struct" name="struct xmlSecKeyUseWith" link="xmlsec-keys.html#xmlSecKeyUseWith"/>
- <keyword type="macro" name="xmlSecKeyUseWithPtrListId" link="xmlsec-keys.html#xmlSecKeyUseWithPtrListId"/>
- <keyword type="struct" name="struct xmlSecKeyReq" link="xmlsec-keys.html#xmlSecKeyReq"/>
- <keyword type="struct" name="struct xmlSecKey" link="xmlsec-keys.html#xmlSecKey"/>
- <keyword type="macro" name="xmlSecKeyPtrListId" link="xmlsec-keys.html#xmlSecKeyPtrListId"/>
- <keyword type="function" name="xmlSecKeysMngrCreate ()" link="xmlsec-keysmngr.html#xmlSecKeysMngrCreate"/>
- <keyword type="function" name="xmlSecKeysMngrDestroy ()" link="xmlsec-keysmngr.html#xmlSecKeysMngrDestroy"/>
- <keyword type="function" name="xmlSecKeysMngrFindKey ()" link="xmlsec-keysmngr.html#xmlSecKeysMngrFindKey"/>
- <keyword type="function" name="xmlSecKeysMngrAdoptKeysStore ()" link="xmlsec-keysmngr.html#xmlSecKeysMngrAdoptKeysStore"/>
- <keyword type="function" name="xmlSecKeysMngrGetKeysStore ()" link="xmlsec-keysmngr.html#xmlSecKeysMngrGetKeysStore"/>
- <keyword type="function" name="xmlSecKeysMngrAdoptDataStore ()" link="xmlsec-keysmngr.html#xmlSecKeysMngrAdoptDataStore"/>
- <keyword type="function" name="xmlSecKeysMngrGetDataStore ()" link="xmlsec-keysmngr.html#xmlSecKeysMngrGetDataStore"/>
- <keyword type="function" name="xmlSecGetKeyCallback ()" link="xmlsec-keysmngr.html#xmlSecGetKeyCallback"/>
- <keyword type="function" name="xmlSecKeysMngrGetKey ()" link="xmlsec-keysmngr.html#xmlSecKeysMngrGetKey"/>
- <keyword type="function" name="xmlSecKeyStoreCreate ()" link="xmlsec-keysmngr.html#xmlSecKeyStoreCreate"/>
- <keyword type="function" name="xmlSecKeyStoreDestroy ()" link="xmlsec-keysmngr.html#xmlSecKeyStoreDestroy"/>
- <keyword type="function" name="xmlSecKeyStoreFindKey ()" link="xmlsec-keysmngr.html#xmlSecKeyStoreFindKey"/>
- <keyword type="macro" name="xmlSecKeyStoreGetName()" link="xmlsec-keysmngr.html#xmlSecKeyStoreGetName"/>
- <keyword type="macro" name="xmlSecKeyStoreIsValid()" link="xmlsec-keysmngr.html#xmlSecKeyStoreIsValid"/>
- <keyword type="macro" name="xmlSecKeyStoreCheckId()" link="xmlsec-keysmngr.html#xmlSecKeyStoreCheckId"/>
- <keyword type="macro" name="xmlSecKeyStoreCheckSize()" link="xmlsec-keysmngr.html#xmlSecKeyStoreCheckSize"/>
- <keyword type="function" name="xmlSecKeyStoreInitializeMethod ()" link="xmlsec-keysmngr.html#xmlSecKeyStoreInitializeMethod"/>
- <keyword type="function" name="xmlSecKeyStoreFinalizeMethod ()" link="xmlsec-keysmngr.html#xmlSecKeyStoreFinalizeMethod"/>
- <keyword type="function" name="xmlSecKeyStoreFindKeyMethod ()" link="xmlsec-keysmngr.html#xmlSecKeyStoreFindKeyMethod"/>
- <keyword type="macro" name="xmlSecKeyStoreKlassGetName()" link="xmlsec-keysmngr.html#xmlSecKeyStoreKlassGetName"/>
- <keyword type="function" name="xmlSecSimpleKeysStoreGetKlass ()" link="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreGetKlass"/>
- <keyword type="function" name="xmlSecSimpleKeysStoreAdoptKey ()" link="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreAdoptKey"/>
- <keyword type="function" name="xmlSecSimpleKeysStoreLoad ()" link="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreLoad"/>
- <keyword type="function" name="xmlSecSimpleKeysStoreSave ()" link="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreSave"/>
- <keyword type="function" name="xmlSecSimpleKeysStoreGetKeys ()" link="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreGetKeys"/>
- <keyword type="struct" name="struct xmlSecKeysMngr" link="xmlsec-keysmngr.html#xmlSecKeysMngr"/>
- <keyword type="struct" name="struct xmlSecKeyStore" link="xmlsec-keysmngr.html#xmlSecKeyStore"/>
- <keyword type="macro" name="xmlSecKeyStoreIdUnknown" link="xmlsec-keysmngr.html#xmlSecKeyStoreIdUnknown"/>
- <keyword type="struct" name="struct xmlSecKeyStoreKlass" link="xmlsec-keysmngr.html#xmlSecKeyStoreKlass"/>
- <keyword type="macro" name="xmlSecSimpleKeysStoreId" link="xmlsec-keysmngr.html#xmlSecSimpleKeysStoreId"/>
- <keyword type="function" name="xmlSecPtrListSetDefaultAllocMode ()" link="xmlsec-list.html#xmlSecPtrListSetDefaultAllocMode"/>
- <keyword type="function" name="xmlSecPtrListInitialize ()" link="xmlsec-list.html#xmlSecPtrListInitialize"/>
- <keyword type="function" name="xmlSecPtrListFinalize ()" link="xmlsec-list.html#xmlSecPtrListFinalize"/>
- <keyword type="function" name="xmlSecPtrListCreate ()" link="xmlsec-list.html#xmlSecPtrListCreate"/>
- <keyword type="function" name="xmlSecPtrListDestroy ()" link="xmlsec-list.html#xmlSecPtrListDestroy"/>
- <keyword type="function" name="xmlSecPtrListEmpty ()" link="xmlsec-list.html#xmlSecPtrListEmpty"/>
- <keyword type="function" name="xmlSecPtrListCopy ()" link="xmlsec-list.html#xmlSecPtrListCopy"/>
- <keyword type="function" name="xmlSecPtrListDuplicate ()" link="xmlsec-list.html#xmlSecPtrListDuplicate"/>
- <keyword type="function" name="xmlSecPtrListGetSize ()" link="xmlsec-list.html#xmlSecPtrListGetSize"/>
- <keyword type="function" name="xmlSecPtrListGetItem ()" link="xmlsec-list.html#xmlSecPtrListGetItem"/>
- <keyword type="function" name="xmlSecPtrListAdd ()" link="xmlsec-list.html#xmlSecPtrListAdd"/>
- <keyword type="function" name="xmlSecPtrListSet ()" link="xmlsec-list.html#xmlSecPtrListSet"/>
- <keyword type="function" name="xmlSecPtrListRemove ()" link="xmlsec-list.html#xmlSecPtrListRemove"/>
- <keyword type="function" name="xmlSecPtrListRemoveAndReturn ()" link="xmlsec-list.html#xmlSecPtrListRemoveAndReturn"/>
- <keyword type="function" name="xmlSecPtrListDebugDump ()" link="xmlsec-list.html#xmlSecPtrListDebugDump"/>
- <keyword type="function" name="xmlSecPtrListDebugXmlDump ()" link="xmlsec-list.html#xmlSecPtrListDebugXmlDump"/>
- <keyword type="macro" name="xmlSecPtrListGetName()" link="xmlsec-list.html#xmlSecPtrListGetName"/>
- <keyword type="macro" name="xmlSecPtrListIsValid()" link="xmlsec-list.html#xmlSecPtrListIsValid"/>
- <keyword type="macro" name="xmlSecPtrListCheckId()" link="xmlsec-list.html#xmlSecPtrListCheckId"/>
- <keyword type="function" name="xmlSecPtrDuplicateItemMethod ()" link="xmlsec-list.html#xmlSecPtrDuplicateItemMethod"/>
- <keyword type="function" name="xmlSecPtrDestroyItemMethod ()" link="xmlsec-list.html#xmlSecPtrDestroyItemMethod"/>
- <keyword type="function" name="xmlSecPtrDebugDumpItemMethod ()" link="xmlsec-list.html#xmlSecPtrDebugDumpItemMethod"/>
- <keyword type="macro" name="xmlSecPtrListKlassGetName()" link="xmlsec-list.html#xmlSecPtrListKlassGetName"/>
- <keyword type="function" name="xmlSecStringListGetKlass ()" link="xmlsec-list.html#xmlSecStringListGetKlass"/>
- <keyword type="struct" name="struct xmlSecPtrList" link="xmlsec-list.html#xmlSecPtrList"/>
- <keyword type="macro" name="xmlSecPtrListIdUnknown" link="xmlsec-list.html#xmlSecPtrListIdUnknown"/>
- <keyword type="struct" name="struct xmlSecPtrListKlass" link="xmlsec-list.html#xmlSecPtrListKlass"/>
- <keyword type="macro" name="xmlSecStringListId" link="xmlsec-list.html#xmlSecStringListId"/>
- <keyword type="function" name="xmlSecTransformMemBufGetKlass ()" link="xmlsec-membuf.html#xmlSecTransformMemBufGetKlass"/>
- <keyword type="function" name="xmlSecTransformMemBufGetBuffer ()" link="xmlsec-membuf.html#xmlSecTransformMemBufGetBuffer"/>
- <keyword type="macro" name="xmlSecTransformMemBufId" link="xmlsec-membuf.html#xmlSecTransformMemBufId"/>
- <keyword type="function" name="xmlSecNodeSetWalkCallback ()" link="xmlsec-nodeset.html#xmlSecNodeSetWalkCallback"/>
- <keyword type="function" name="xmlSecNodeSetCreate ()" link="xmlsec-nodeset.html#xmlSecNodeSetCreate"/>
- <keyword type="function" name="xmlSecNodeSetDestroy ()" link="xmlsec-nodeset.html#xmlSecNodeSetDestroy"/>
- <keyword type="function" name="xmlSecNodeSetDocDestroy ()" link="xmlsec-nodeset.html#xmlSecNodeSetDocDestroy"/>
- <keyword type="function" name="xmlSecNodeSetContains ()" link="xmlsec-nodeset.html#xmlSecNodeSetContains"/>
- <keyword type="function" name="xmlSecNodeSetAdd ()" link="xmlsec-nodeset.html#xmlSecNodeSetAdd"/>
- <keyword type="function" name="xmlSecNodeSetAddList ()" link="xmlsec-nodeset.html#xmlSecNodeSetAddList"/>
- <keyword type="function" name="xmlSecNodeSetGetChildren ()" link="xmlsec-nodeset.html#xmlSecNodeSetGetChildren"/>
- <keyword type="function" name="xmlSecNodeSetWalk ()" link="xmlsec-nodeset.html#xmlSecNodeSetWalk"/>
- <keyword type="function" name="xmlSecNodeSetDumpTextNodes ()" link="xmlsec-nodeset.html#xmlSecNodeSetDumpTextNodes"/>
- <keyword type="function" name="xmlSecNodeSetDebugDump ()" link="xmlsec-nodeset.html#xmlSecNodeSetDebugDump"/>
- <keyword type="enum" name="enum xmlSecNodeSetType" link="xmlsec-nodeset.html#xmlSecNodeSetType"/>
- <keyword type="enum" name="enum xmlSecNodeSetOp" link="xmlsec-nodeset.html#xmlSecNodeSetOp"/>
- <keyword type="struct" name="struct xmlSecNodeSet" link="xmlsec-nodeset.html#xmlSecNodeSet"/>
- <keyword type="function" name="xmlSecParseFile ()" link="xmlsec-parser.html#xmlSecParseFile"/>
- <keyword type="function" name="xmlSecParseMemory ()" link="xmlsec-parser.html#xmlSecParseMemory"/>
- <keyword type="function" name="xmlSecParseMemoryExt ()" link="xmlsec-parser.html#xmlSecParseMemoryExt"/>
- <keyword type="function" name="xmlSecTransformXmlParserGetKlass ()" link="xmlsec-parser.html#xmlSecTransformXmlParserGetKlass"/>
- <keyword type="macro" name="xmlSecTransformXmlParserId" link="xmlsec-parser.html#xmlSecTransformXmlParserId"/>
- <keyword type="function" name="xmlSecTmplSignatureCreate ()" link="xmlsec-templates.html#xmlSecTmplSignatureCreate"/>
- <keyword type="function" name="xmlSecTmplSignatureCreateNsPref ()" link="xmlsec-templates.html#xmlSecTmplSignatureCreateNsPref"/>
- <keyword type="function" name="xmlSecTmplSignatureEnsureKeyInfo ()" link="xmlsec-templates.html#xmlSecTmplSignatureEnsureKeyInfo"/>
- <keyword type="function" name="xmlSecTmplSignatureAddReference ()" link="xmlsec-templates.html#xmlSecTmplSignatureAddReference"/>
- <keyword type="function" name="xmlSecTmplSignatureAddObject ()" link="xmlsec-templates.html#xmlSecTmplSignatureAddObject"/>
- <keyword type="function" name="xmlSecTmplSignatureGetSignMethodNode ()" link="xmlsec-templates.html#xmlSecTmplSignatureGetSignMethodNode"/>
- <keyword type="function" name="xmlSecTmplSignatureGetC14NMethodNode ()" link="xmlsec-templates.html#xmlSecTmplSignatureGetC14NMethodNode"/>
- <keyword type="function" name="xmlSecTmplReferenceAddTransform ()" link="xmlsec-templates.html#xmlSecTmplReferenceAddTransform"/>
- <keyword type="function" name="xmlSecTmplObjectAddSignProperties ()" link="xmlsec-templates.html#xmlSecTmplObjectAddSignProperties"/>
- <keyword type="function" name="xmlSecTmplObjectAddManifest ()" link="xmlsec-templates.html#xmlSecTmplObjectAddManifest"/>
- <keyword type="function" name="xmlSecTmplManifestAddReference ()" link="xmlsec-templates.html#xmlSecTmplManifestAddReference"/>
- <keyword type="function" name="xmlSecTmplEncDataCreate ()" link="xmlsec-templates.html#xmlSecTmplEncDataCreate"/>
- <keyword type="function" name="xmlSecTmplEncDataEnsureKeyInfo ()" link="xmlsec-templates.html#xmlSecTmplEncDataEnsureKeyInfo"/>
- <keyword type="function" name="xmlSecTmplEncDataEnsureEncProperties ()" link="xmlsec-templates.html#xmlSecTmplEncDataEnsureEncProperties"/>
- <keyword type="function" name="xmlSecTmplEncDataAddEncProperty ()" link="xmlsec-templates.html#xmlSecTmplEncDataAddEncProperty"/>
- <keyword type="function" name="xmlSecTmplEncDataEnsureCipherValue ()" link="xmlsec-templates.html#xmlSecTmplEncDataEnsureCipherValue"/>
- <keyword type="function" name="xmlSecTmplEncDataEnsureCipherReference ()" link="xmlsec-templates.html#xmlSecTmplEncDataEnsureCipherReference"/>
- <keyword type="function" name="xmlSecTmplEncDataGetEncMethodNode ()" link="xmlsec-templates.html#xmlSecTmplEncDataGetEncMethodNode"/>
- <keyword type="function" name="xmlSecTmplCipherReferenceAddTransform ()" link="xmlsec-templates.html#xmlSecTmplCipherReferenceAddTransform"/>
- <keyword type="function" name="xmlSecTmplReferenceListAddDataReference ()" link="xmlsec-templates.html#xmlSecTmplReferenceListAddDataReference"/>
- <keyword type="function" name="xmlSecTmplReferenceListAddKeyReference ()" link="xmlsec-templates.html#xmlSecTmplReferenceListAddKeyReference"/>
- <keyword type="function" name="xmlSecTmplKeyInfoAddKeyName ()" link="xmlsec-templates.html#xmlSecTmplKeyInfoAddKeyName"/>
- <keyword type="function" name="xmlSecTmplKeyInfoAddKeyValue ()" link="xmlsec-templates.html#xmlSecTmplKeyInfoAddKeyValue"/>
- <keyword type="function" name="xmlSecTmplKeyInfoAddX509Data ()" link="xmlsec-templates.html#xmlSecTmplKeyInfoAddX509Data"/>
- <keyword type="function" name="xmlSecTmplKeyInfoAddRetrievalMethod ()" link="xmlsec-templates.html#xmlSecTmplKeyInfoAddRetrievalMethod"/>
- <keyword type="function" name="xmlSecTmplRetrievalMethodAddTransform ()" link="xmlsec-templates.html#xmlSecTmplRetrievalMethodAddTransform"/>
- <keyword type="function" name="xmlSecTmplKeyInfoAddEncryptedKey ()" link="xmlsec-templates.html#xmlSecTmplKeyInfoAddEncryptedKey"/>
- <keyword type="function" name="xmlSecTmplX509DataAddIssuerSerial ()" link="xmlsec-templates.html#xmlSecTmplX509DataAddIssuerSerial"/>
- <keyword type="function" name="xmlSecTmplX509IssuerSerialAddIssuerName ()" link="xmlsec-templates.html#xmlSecTmplX509IssuerSerialAddIssuerName"/>
- <keyword type="function" name="xmlSecTmplX509IssuerSerialAddSerialNumber ()" link="xmlsec-templates.html#xmlSecTmplX509IssuerSerialAddSerialNumber"/>
- <keyword type="function" name="xmlSecTmplX509DataAddSubjectName ()" link="xmlsec-templates.html#xmlSecTmplX509DataAddSubjectName"/>
- <keyword type="function" name="xmlSecTmplX509DataAddSKIÂ ()" link="xmlsec-templates.html#xmlSecTmplX509DataAddSKI"/>
- <keyword type="function" name="xmlSecTmplX509DataAddCertificate ()" link="xmlsec-templates.html#xmlSecTmplX509DataAddCertificate"/>
- <keyword type="function" name="xmlSecTmplX509DataAddCRLÂ ()" link="xmlsec-templates.html#xmlSecTmplX509DataAddCRL"/>
- <keyword type="function" name="xmlSecTmplTransformAddHmacOutputLength ()" link="xmlsec-templates.html#xmlSecTmplTransformAddHmacOutputLength"/>
- <keyword type="function" name="xmlSecTmplTransformAddRsaOaepParam ()" link="xmlsec-templates.html#xmlSecTmplTransformAddRsaOaepParam"/>
- <keyword type="function" name="xmlSecTmplTransformAddXsltStylesheet ()" link="xmlsec-templates.html#xmlSecTmplTransformAddXsltStylesheet"/>
- <keyword type="function" name="xmlSecTmplTransformAddC14NInclNamespaces ()" link="xmlsec-templates.html#xmlSecTmplTransformAddC14NInclNamespaces"/>
- <keyword type="function" name="xmlSecTmplTransformAddXPath ()" link="xmlsec-templates.html#xmlSecTmplTransformAddXPath"/>
- <keyword type="function" name="xmlSecTmplTransformAddXPath2Â ()" link="xmlsec-templates.html#xmlSecTmplTransformAddXPath2"/>
- <keyword type="function" name="xmlSecTmplTransformAddXPointer ()" link="xmlsec-templates.html#xmlSecTmplTransformAddXPointer"/>
- <keyword type="function" name="xmlSecTransformIdsGet ()" link="xmlsec-transforms.html#xmlSecTransformIdsGet"/>
- <keyword type="function" name="xmlSecTransformIdsInit ()" link="xmlsec-transforms.html#xmlSecTransformIdsInit"/>
- <keyword type="function" name="xmlSecTransformIdsShutdown ()" link="xmlsec-transforms.html#xmlSecTransformIdsShutdown"/>
- <keyword type="function" name="xmlSecTransformIdsRegisterDefault ()" link="xmlsec-transforms.html#xmlSecTransformIdsRegisterDefault"/>
- <keyword type="function" name="xmlSecTransformIdsRegister ()" link="xmlsec-transforms.html#xmlSecTransformIdsRegister"/>
- <keyword type="function" name="xmlSecTransformUriTypeCheck ()" link="xmlsec-transforms.html#xmlSecTransformUriTypeCheck"/>
- <keyword type="function" name="xmlSecTransformCtxPreExecuteCallback ()" link="xmlsec-transforms.html#xmlSecTransformCtxPreExecuteCallback"/>
- <keyword type="function" name="xmlSecTransformCtxCreate ()" link="xmlsec-transforms.html#xmlSecTransformCtxCreate"/>
- <keyword type="function" name="xmlSecTransformCtxDestroy ()" link="xmlsec-transforms.html#xmlSecTransformCtxDestroy"/>
- <keyword type="function" name="xmlSecTransformCtxInitialize ()" link="xmlsec-transforms.html#xmlSecTransformCtxInitialize"/>
- <keyword type="function" name="xmlSecTransformCtxFinalize ()" link="xmlsec-transforms.html#xmlSecTransformCtxFinalize"/>
- <keyword type="function" name="xmlSecTransformCtxReset ()" link="xmlsec-transforms.html#xmlSecTransformCtxReset"/>
- <keyword type="function" name="xmlSecTransformCtxCopyUserPref ()" link="xmlsec-transforms.html#xmlSecTransformCtxCopyUserPref"/>
- <keyword type="function" name="xmlSecTransformCtxSetUri ()" link="xmlsec-transforms.html#xmlSecTransformCtxSetUri"/>
- <keyword type="function" name="xmlSecTransformCtxAppend ()" link="xmlsec-transforms.html#xmlSecTransformCtxAppend"/>
- <keyword type="function" name="xmlSecTransformCtxPrepend ()" link="xmlsec-transforms.html#xmlSecTransformCtxPrepend"/>
- <keyword type="function" name="xmlSecTransformCtxCreateAndAppend ()" link="xmlsec-transforms.html#xmlSecTransformCtxCreateAndAppend"/>
- <keyword type="function" name="xmlSecTransformCtxCreateAndPrepend ()" link="xmlsec-transforms.html#xmlSecTransformCtxCreateAndPrepend"/>
- <keyword type="function" name="xmlSecTransformCtxNodeRead ()" link="xmlsec-transforms.html#xmlSecTransformCtxNodeRead"/>
- <keyword type="function" name="xmlSecTransformCtxNodesListRead ()" link="xmlsec-transforms.html#xmlSecTransformCtxNodesListRead"/>
- <keyword type="function" name="xmlSecTransformCtxPrepare ()" link="xmlsec-transforms.html#xmlSecTransformCtxPrepare"/>
- <keyword type="function" name="xmlSecTransformCtxBinaryExecute ()" link="xmlsec-transforms.html#xmlSecTransformCtxBinaryExecute"/>
- <keyword type="function" name="xmlSecTransformCtxUriExecute ()" link="xmlsec-transforms.html#xmlSecTransformCtxUriExecute"/>
- <keyword type="function" name="xmlSecTransformCtxXmlExecute ()" link="xmlsec-transforms.html#xmlSecTransformCtxXmlExecute"/>
- <keyword type="function" name="xmlSecTransformCtxExecute ()" link="xmlsec-transforms.html#xmlSecTransformCtxExecute"/>
- <keyword type="function" name="xmlSecTransformCtxDebugDump ()" link="xmlsec-transforms.html#xmlSecTransformCtxDebugDump"/>
- <keyword type="function" name="xmlSecTransformCtxDebugXmlDump ()" link="xmlsec-transforms.html#xmlSecTransformCtxDebugXmlDump"/>
- <keyword type="function" name="xmlSecTransformCreate ()" link="xmlsec-transforms.html#xmlSecTransformCreate"/>
- <keyword type="function" name="xmlSecTransformDestroy ()" link="xmlsec-transforms.html#xmlSecTransformDestroy"/>
- <keyword type="function" name="xmlSecTransformNodeRead ()" link="xmlsec-transforms.html#xmlSecTransformNodeRead"/>
- <keyword type="function" name="xmlSecTransformPump ()" link="xmlsec-transforms.html#xmlSecTransformPump"/>
- <keyword type="function" name="xmlSecTransformSetKey ()" link="xmlsec-transforms.html#xmlSecTransformSetKey"/>
- <keyword type="function" name="xmlSecTransformSetKeyReq ()" link="xmlsec-transforms.html#xmlSecTransformSetKeyReq"/>
- <keyword type="function" name="xmlSecTransformVerify ()" link="xmlsec-transforms.html#xmlSecTransformVerify"/>
- <keyword type="function" name="xmlSecTransformVerifyNodeContent ()" link="xmlsec-transforms.html#xmlSecTransformVerifyNodeContent"/>
- <keyword type="function" name="xmlSecTransformGetDataType ()" link="xmlsec-transforms.html#xmlSecTransformGetDataType"/>
- <keyword type="function" name="xmlSecTransformPushBin ()" link="xmlsec-transforms.html#xmlSecTransformPushBin"/>
- <keyword type="function" name="xmlSecTransformPopBin ()" link="xmlsec-transforms.html#xmlSecTransformPopBin"/>
- <keyword type="function" name="xmlSecTransformPushXml ()" link="xmlsec-transforms.html#xmlSecTransformPushXml"/>
- <keyword type="function" name="xmlSecTransformPopXml ()" link="xmlsec-transforms.html#xmlSecTransformPopXml"/>
- <keyword type="function" name="xmlSecTransformExecute ()" link="xmlsec-transforms.html#xmlSecTransformExecute"/>
- <keyword type="function" name="xmlSecTransformDebugDump ()" link="xmlsec-transforms.html#xmlSecTransformDebugDump"/>
- <keyword type="function" name="xmlSecTransformDebugXmlDump ()" link="xmlsec-transforms.html#xmlSecTransformDebugXmlDump"/>
- <keyword type="macro" name="xmlSecTransformGetName()" link="xmlsec-transforms.html#xmlSecTransformGetName"/>
- <keyword type="macro" name="xmlSecTransformIsValid()" link="xmlsec-transforms.html#xmlSecTransformIsValid"/>
- <keyword type="macro" name="xmlSecTransformCheckId()" link="xmlsec-transforms.html#xmlSecTransformCheckId"/>
- <keyword type="macro" name="xmlSecTransformCheckSize()" link="xmlsec-transforms.html#xmlSecTransformCheckSize"/>
- <keyword type="function" name="xmlSecTransformConnect ()" link="xmlsec-transforms.html#xmlSecTransformConnect"/>
- <keyword type="function" name="xmlSecTransformRemove ()" link="xmlsec-transforms.html#xmlSecTransformRemove"/>
- <keyword type="function" name="xmlSecTransformDefaultGetDataType ()" link="xmlsec-transforms.html#xmlSecTransformDefaultGetDataType"/>
- <keyword type="function" name="xmlSecTransformDefaultPushBin ()" link="xmlsec-transforms.html#xmlSecTransformDefaultPushBin"/>
- <keyword type="function" name="xmlSecTransformDefaultPopBin ()" link="xmlsec-transforms.html#xmlSecTransformDefaultPopBin"/>
- <keyword type="function" name="xmlSecTransformDefaultPushXml ()" link="xmlsec-transforms.html#xmlSecTransformDefaultPushXml"/>
- <keyword type="function" name="xmlSecTransformDefaultPopXml ()" link="xmlsec-transforms.html#xmlSecTransformDefaultPopXml"/>
- <keyword type="function" name="xmlSecTransformCreateOutputBuffer ()" link="xmlsec-transforms.html#xmlSecTransformCreateOutputBuffer"/>
- <keyword type="function" name="xmlSecTransformCreateInputBuffer ()" link="xmlsec-transforms.html#xmlSecTransformCreateInputBuffer"/>
- <keyword type="function" name="xmlSecTransformInitializeMethod ()" link="xmlsec-transforms.html#xmlSecTransformInitializeMethod"/>
- <keyword type="function" name="xmlSecTransformFinalizeMethod ()" link="xmlsec-transforms.html#xmlSecTransformFinalizeMethod"/>
- <keyword type="function" name="xmlSecTransformGetDataTypeMethod ()" link="xmlsec-transforms.html#xmlSecTransformGetDataTypeMethod"/>
- <keyword type="function" name="xmlSecTransformNodeReadMethod ()" link="xmlsec-transforms.html#xmlSecTransformNodeReadMethod"/>
- <keyword type="function" name="xmlSecTransformNodeWriteMethod ()" link="xmlsec-transforms.html#xmlSecTransformNodeWriteMethod"/>
- <keyword type="function" name="xmlSecTransformSetKeyRequirementsMethod ()" link="xmlsec-transforms.html#xmlSecTransformSetKeyRequirementsMethod"/>
- <keyword type="function" name="xmlSecTransformSetKeyMethod ()" link="xmlsec-transforms.html#xmlSecTransformSetKeyMethod"/>
- <keyword type="function" name="xmlSecTransformVerifyMethod ()" link="xmlsec-transforms.html#xmlSecTransformVerifyMethod"/>
- <keyword type="function" name="xmlSecTransformPushBinMethod ()" link="xmlsec-transforms.html#xmlSecTransformPushBinMethod"/>
- <keyword type="function" name="xmlSecTransformPopBinMethod ()" link="xmlsec-transforms.html#xmlSecTransformPopBinMethod"/>
- <keyword type="function" name="xmlSecTransformPushXmlMethod ()" link="xmlsec-transforms.html#xmlSecTransformPushXmlMethod"/>
- <keyword type="function" name="xmlSecTransformPopXmlMethod ()" link="xmlsec-transforms.html#xmlSecTransformPopXmlMethod"/>
- <keyword type="function" name="xmlSecTransformExecuteMethod ()" link="xmlsec-transforms.html#xmlSecTransformExecuteMethod"/>
- <keyword type="macro" name="xmlSecTransformKlassGetName()" link="xmlsec-transforms.html#xmlSecTransformKlassGetName"/>
- <keyword type="function" name="xmlSecTransformIdListGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformIdListGetKlass"/>
- <keyword type="function" name="xmlSecTransformIdListFind ()" link="xmlsec-transforms.html#xmlSecTransformIdListFind"/>
- <keyword type="function" name="xmlSecTransformIdListFindByHref ()" link="xmlsec-transforms.html#xmlSecTransformIdListFindByHref"/>
- <keyword type="function" name="xmlSecTransformIdListFindByName ()" link="xmlsec-transforms.html#xmlSecTransformIdListFindByName"/>
- <keyword type="function" name="xmlSecTransformIdListDebugDump ()" link="xmlsec-transforms.html#xmlSecTransformIdListDebugDump"/>
- <keyword type="function" name="xmlSecTransformIdListDebugXmlDump ()" link="xmlsec-transforms.html#xmlSecTransformIdListDebugXmlDump"/>
- <keyword type="function" name="xmlSecTransformBase64GetKlass ()" link="xmlsec-transforms.html#xmlSecTransformBase64GetKlass"/>
- <keyword type="function" name="xmlSecTransformBase64SetLineSize ()" link="xmlsec-transforms.html#xmlSecTransformBase64SetLineSize"/>
- <keyword type="function" name="xmlSecTransformInclC14NGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformInclC14NGetKlass"/>
- <keyword type="function" name="xmlSecTransformInclC14NWithCommentsGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformInclC14NWithCommentsGetKlass"/>
- <keyword type="function" name="xmlSecTransformInclC14N11GetKlass ()" link="xmlsec-transforms.html#xmlSecTransformInclC14N11GetKlass"/>
- <keyword type="function" name="xmlSecTransformInclC14N11WithCommentsGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformInclC14N11WithCommentsGetKlass"/>
- <keyword type="function" name="xmlSecTransformExclC14NGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformExclC14NGetKlass"/>
- <keyword type="function" name="xmlSecTransformExclC14NWithCommentsGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformExclC14NWithCommentsGetKlass"/>
- <keyword type="function" name="xmlSecTransformEnvelopedGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformEnvelopedGetKlass"/>
- <keyword type="function" name="xmlSecTransformXPathGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformXPathGetKlass"/>
- <keyword type="function" name="xmlSecTransformXPath2GetKlass ()" link="xmlsec-transforms.html#xmlSecTransformXPath2GetKlass"/>
- <keyword type="function" name="xmlSecTransformXPointerGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformXPointerGetKlass"/>
- <keyword type="function" name="xmlSecTransformXPointerSetExpr ()" link="xmlsec-transforms.html#xmlSecTransformXPointerSetExpr"/>
- <keyword type="function" name="xmlSecTransformRelationshipGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformRelationshipGetKlass"/>
- <keyword type="function" name="xmlSecTransformXsltGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformXsltGetKlass"/>
- <keyword type="function" name="xmlSecTransformXsltSetDefaultSecurityPrefs ()" link="xmlsec-transforms.html#xmlSecTransformXsltSetDefaultSecurityPrefs"/>
- <keyword type="function" name="xmlSecTransformRemoveXmlTagsC14NGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformRemoveXmlTagsC14NGetKlass"/>
- <keyword type="function" name="xmlSecTransformVisa3DHackGetKlass ()" link="xmlsec-transforms.html#xmlSecTransformVisa3DHackGetKlass"/>
- <keyword type="function" name="xmlSecTransformVisa3DHackSetIDÂ ()" link="xmlsec-transforms.html#xmlSecTransformVisa3DHackSetID"/>
- <keyword type="macro" name="XMLSEC_TRANSFORM_BINARY_CHUNK" link="xmlsec-transforms.html#XMLSEC-TRANSFORM-BINARY-CHUNK:CAPS"/>
- <keyword type="enum" name="enum xmlSecTransformStatus" link="xmlsec-transforms.html#xmlSecTransformStatus"/>
- <keyword type="enum" name="enum xmlSecTransformMode" link="xmlsec-transforms.html#xmlSecTransformMode"/>
- <keyword type="enum" name="enum xmlSecTransformOperation" link="xmlsec-transforms.html#xmlSecTransformOperation"/>
- <keyword type="typedef" name="xmlSecTransformUriType" link="xmlsec-transforms.html#xmlSecTransformUriType"/>
- <keyword type="macro" name="xmlSecTransformUriTypeNone" link="xmlsec-transforms.html#xmlSecTransformUriTypeNone"/>
- <keyword type="macro" name="xmlSecTransformUriTypeEmpty" link="xmlsec-transforms.html#xmlSecTransformUriTypeEmpty"/>
- <keyword type="macro" name="xmlSecTransformUriTypeSameDocument" link="xmlsec-transforms.html#xmlSecTransformUriTypeSameDocument"/>
- <keyword type="macro" name="xmlSecTransformUriTypeLocal" link="xmlsec-transforms.html#xmlSecTransformUriTypeLocal"/>
- <keyword type="macro" name="xmlSecTransformUriTypeRemote" link="xmlsec-transforms.html#xmlSecTransformUriTypeRemote"/>
- <keyword type="macro" name="xmlSecTransformUriTypeAny" link="xmlsec-transforms.html#xmlSecTransformUriTypeAny"/>
- <keyword type="typedef" name="xmlSecTransformDataType" link="xmlsec-transforms.html#xmlSecTransformDataType"/>
- <keyword type="macro" name="xmlSecTransformDataTypeUnknown" link="xmlsec-transforms.html#xmlSecTransformDataTypeUnknown"/>
- <keyword type="macro" name="xmlSecTransformDataTypeBin" link="xmlsec-transforms.html#xmlSecTransformDataTypeBin"/>
- <keyword type="macro" name="xmlSecTransformDataTypeXml" link="xmlsec-transforms.html#xmlSecTransformDataTypeXml"/>
- <keyword type="typedef" name="xmlSecTransformUsage" link="xmlsec-transforms.html#xmlSecTransformUsage"/>
- <keyword type="macro" name="xmlSecTransformUsageUnknown" link="xmlsec-transforms.html#xmlSecTransformUsageUnknown"/>
- <keyword type="macro" name="xmlSecTransformUsageDSigTransform" link="xmlsec-transforms.html#xmlSecTransformUsageDSigTransform"/>
- <keyword type="macro" name="xmlSecTransformUsageC14NMethod" link="xmlsec-transforms.html#xmlSecTransformUsageC14NMethod"/>
- <keyword type="macro" name="xmlSecTransformUsageDigestMethod" link="xmlsec-transforms.html#xmlSecTransformUsageDigestMethod"/>
- <keyword type="macro" name="xmlSecTransformUsageSignatureMethod" link="xmlsec-transforms.html#xmlSecTransformUsageSignatureMethod"/>
- <keyword type="macro" name="xmlSecTransformUsageEncryptionMethod" link="xmlsec-transforms.html#xmlSecTransformUsageEncryptionMethod"/>
- <keyword type="macro" name="xmlSecTransformUsageAny" link="xmlsec-transforms.html#xmlSecTransformUsageAny"/>
- <keyword type="macro" name="XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK" link="xmlsec-transforms.html#XMLSEC-TRANSFORMCTX-FLAGS-USE-VISA3D-HACK:CAPS"/>
- <keyword type="struct" name="struct xmlSecTransformCtx" link="xmlsec-transforms.html#xmlSecTransformCtx"/>
- <keyword type="struct" name="struct xmlSecTransform" link="xmlsec-transforms.html#xmlSecTransform"/>
- <keyword type="struct" name="struct xmlSecTransformKlass" link="xmlsec-transforms.html#xmlSecTransformKlass"/>
- <keyword type="macro" name="xmlSecTransformIdListId" link="xmlsec-transforms.html#xmlSecTransformIdListId"/>
- <keyword type="macro" name="xmlSecTransformIdUnknown" link="xmlsec-transforms.html#xmlSecTransformIdUnknown"/>
- <keyword type="macro" name="xmlSecTransformBase64Id" link="xmlsec-transforms.html#xmlSecTransformBase64Id"/>
- <keyword type="macro" name="xmlSecTransformInclC14NId" link="xmlsec-transforms.html#xmlSecTransformInclC14NId"/>
- <keyword type="macro" name="xmlSecTransformInclC14NWithCommentsId" link="xmlsec-transforms.html#xmlSecTransformInclC14NWithCommentsId"/>
- <keyword type="macro" name="xmlSecTransformInclC14N11Id" link="xmlsec-transforms.html#xmlSecTransformInclC14N11Id"/>
- <keyword type="macro" name="xmlSecTransformInclC14N11WithCommentsId" link="xmlsec-transforms.html#xmlSecTransformInclC14N11WithCommentsId"/>
- <keyword type="macro" name="xmlSecTransformExclC14NId" link="xmlsec-transforms.html#xmlSecTransformExclC14NId"/>
- <keyword type="macro" name="xmlSecTransformExclC14NWithCommentsId" link="xmlsec-transforms.html#xmlSecTransformExclC14NWithCommentsId"/>
- <keyword type="macro" name="xmlSecTransformEnvelopedId" link="xmlsec-transforms.html#xmlSecTransformEnvelopedId"/>
- <keyword type="macro" name="xmlSecTransformXPathId" link="xmlsec-transforms.html#xmlSecTransformXPathId"/>
- <keyword type="macro" name="xmlSecTransformXPath2Id" link="xmlsec-transforms.html#xmlSecTransformXPath2Id"/>
- <keyword type="macro" name="xmlSecTransformXPointerId" link="xmlsec-transforms.html#xmlSecTransformXPointerId"/>
- <keyword type="macro" name="xmlSecTransformRelationshipId" link="xmlsec-transforms.html#xmlSecTransformRelationshipId"/>
- <keyword type="macro" name="xmlSecTransformXsltId" link="xmlsec-transforms.html#xmlSecTransformXsltId"/>
- <keyword type="macro" name="xmlSecTransformRemoveXmlTagsC14NId" link="xmlsec-transforms.html#xmlSecTransformRemoveXmlTagsC14NId"/>
- <keyword type="macro" name="xmlSecTransformVisa3DHackId" link="xmlsec-transforms.html#xmlSecTransformVisa3DHackId"/>
- <keyword type="macro" name="XMLSEC_VERSION" link="xmlsec-version.html#XMLSEC-VERSION:CAPS"/>
- <keyword type="macro" name="XMLSEC_VERSION_MAJOR" link="xmlsec-version.html#XMLSEC-VERSION-MAJOR:CAPS"/>
- <keyword type="macro" name="XMLSEC_VERSION_MINOR" link="xmlsec-version.html#XMLSEC-VERSION-MINOR:CAPS"/>
- <keyword type="macro" name="XMLSEC_VERSION_SUBMINOR" link="xmlsec-version.html#XMLSEC-VERSION-SUBMINOR:CAPS"/>
- <keyword type="macro" name="XMLSEC_VERSION_INFO" link="xmlsec-version.html#XMLSEC-VERSION-INFO:CAPS"/>
- <keyword type="function" name="xmlSecDSigCtxCreate ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxCreate"/>
- <keyword type="function" name="xmlSecDSigCtxDestroy ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxDestroy"/>
- <keyword type="function" name="xmlSecDSigCtxInitialize ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxInitialize"/>
- <keyword type="function" name="xmlSecDSigCtxFinalize ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxFinalize"/>
- <keyword type="function" name="xmlSecDSigCtxSign ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxSign"/>
- <keyword type="function" name="xmlSecDSigCtxVerify ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxVerify"/>
- <keyword type="function" name="xmlSecDSigCtxEnableReferenceTransform ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxEnableReferenceTransform"/>
- <keyword type="function" name="xmlSecDSigCtxEnableSignatureTransform ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxEnableSignatureTransform"/>
- <keyword type="function" name="xmlSecDSigCtxGetPreSignBuffer ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxGetPreSignBuffer"/>
- <keyword type="function" name="xmlSecDSigCtxDebugDump ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxDebugDump"/>
- <keyword type="function" name="xmlSecDSigCtxDebugXmlDump ()" link="xmlsec-xmldsig.html#xmlSecDSigCtxDebugXmlDump"/>
- <keyword type="function" name="xmlSecDSigReferenceCtxCreate ()" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtxCreate"/>
- <keyword type="function" name="xmlSecDSigReferenceCtxDestroy ()" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtxDestroy"/>
- <keyword type="function" name="xmlSecDSigReferenceCtxInitialize ()" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtxInitialize"/>
- <keyword type="function" name="xmlSecDSigReferenceCtxFinalize ()" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtxFinalize"/>
- <keyword type="function" name="xmlSecDSigReferenceCtxProcessNode ()" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtxProcessNode"/>
- <keyword type="function" name="xmlSecDSigReferenceCtxGetPreDigestBuffer ()" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtxGetPreDigestBuffer"/>
- <keyword type="function" name="xmlSecDSigReferenceCtxDebugDump ()" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtxDebugDump"/>
- <keyword type="function" name="xmlSecDSigReferenceCtxDebugXmlDump ()" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtxDebugXmlDump"/>
- <keyword type="function" name="xmlSecDSigReferenceCtxListGetKlass ()" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtxListGetKlass"/>
- <keyword type="enum" name="enum xmlSecDSigStatus" link="xmlsec-xmldsig.html#xmlSecDSigStatus"/>
- <keyword type="macro" name="XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS" link="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-IGNORE-MANIFESTS:CAPS"/>
- <keyword type="macro" name="XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES" link="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNEDINFO-REFERENCES:CAPS"/>
- <keyword type="macro" name="XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES" link="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-MANIFEST-REFERENCES:CAPS"/>
- <keyword type="macro" name="XMLSEC_DSIG_FLAGS_STORE_SIGNATURE" link="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNATURE:CAPS"/>
- <keyword type="macro" name="XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK" link="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-USE-VISA3D-HACK:CAPS"/>
- <keyword type="struct" name="struct xmlSecDSigCtx" link="xmlsec-xmldsig.html#xmlSecDSigCtx"/>
- <keyword type="enum" name="enum xmlSecDSigReferenceOrigin" link="xmlsec-xmldsig.html#xmlSecDSigReferenceOrigin"/>
- <keyword type="struct" name="struct xmlSecDSigReferenceCtx" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx"/>
- <keyword type="macro" name="xmlSecDSigReferenceCtxListId" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtxListId"/>
- <keyword type="function" name="xmlSecEncCtxCreate ()" link="xmlsec-xmlenc.html#xmlSecEncCtxCreate"/>
- <keyword type="function" name="xmlSecEncCtxDestroy ()" link="xmlsec-xmlenc.html#xmlSecEncCtxDestroy"/>
- <keyword type="function" name="xmlSecEncCtxInitialize ()" link="xmlsec-xmlenc.html#xmlSecEncCtxInitialize"/>
- <keyword type="function" name="xmlSecEncCtxFinalize ()" link="xmlsec-xmlenc.html#xmlSecEncCtxFinalize"/>
- <keyword type="function" name="xmlSecEncCtxCopyUserPref ()" link="xmlsec-xmlenc.html#xmlSecEncCtxCopyUserPref"/>
- <keyword type="function" name="xmlSecEncCtxReset ()" link="xmlsec-xmlenc.html#xmlSecEncCtxReset"/>
- <keyword type="function" name="xmlSecEncCtxBinaryEncrypt ()" link="xmlsec-xmlenc.html#xmlSecEncCtxBinaryEncrypt"/>
- <keyword type="function" name="xmlSecEncCtxXmlEncrypt ()" link="xmlsec-xmlenc.html#xmlSecEncCtxXmlEncrypt"/>
- <keyword type="function" name="xmlSecEncCtxUriEncrypt ()" link="xmlsec-xmlenc.html#xmlSecEncCtxUriEncrypt"/>
- <keyword type="function" name="xmlSecEncCtxDecrypt ()" link="xmlsec-xmlenc.html#xmlSecEncCtxDecrypt"/>
- <keyword type="function" name="xmlSecEncCtxDecryptToBuffer ()" link="xmlsec-xmlenc.html#xmlSecEncCtxDecryptToBuffer"/>
- <keyword type="function" name="xmlSecEncCtxDebugDump ()" link="xmlsec-xmlenc.html#xmlSecEncCtxDebugDump"/>
- <keyword type="function" name="xmlSecEncCtxDebugXmlDump ()" link="xmlsec-xmlenc.html#xmlSecEncCtxDebugXmlDump"/>
- <keyword type="enum" name="enum xmlEncCtxMode" link="xmlsec-xmlenc.html#xmlEncCtxMode"/>
- <keyword type="macro" name="XMLSEC_ENC_RETURN_REPLACED_NODE" link="xmlsec-xmlenc.html#XMLSEC-ENC-RETURN-REPLACED-NODE:CAPS"/>
- <keyword type="struct" name="struct xmlSecEncCtx" link="xmlsec-xmlenc.html#xmlSecEncCtx"/>
- <keyword type="macro" name="XMLSEC_SIZE_BAD_CAST()" link="xmlsec-xmlsec.html#XMLSEC-SIZE-BAD-CAST:CAPS"/>
- <keyword type="function" name="xmlSecInit ()" link="xmlsec-xmlsec.html#xmlSecInit"/>
- <keyword type="function" name="xmlSecShutdown ()" link="xmlsec-xmlsec.html#xmlSecShutdown"/>
- <keyword type="function" name="xmlSecGetDefaultCrypto ()" link="xmlsec-xmlsec.html#xmlSecGetDefaultCrypto"/>
- <keyword type="function" name="xmlSecSetExternalEntityLoader ()" link="xmlsec-xmlsec.html#xmlSecSetExternalEntityLoader"/>
- <keyword type="macro" name="xmlSecCheckVersionExact" link="xmlsec-xmlsec.html#xmlSecCheckVersionExact"/>
- <keyword type="macro" name="xmlSecCheckVersion" link="xmlsec-xmlsec.html#xmlSecCheckVersion"/>
- <keyword type="function" name="xmlSecCheckVersionExt ()" link="xmlsec-xmlsec.html#xmlSecCheckVersionExt"/>
- <keyword type="typedef" name="xmlSecPtr" link="xmlsec-xmlsec.html#xmlSecPtr"/>
- <keyword type="macro" name="xmlSecSize" link="xmlsec-xmlsec.html#xmlSecSize"/>
- <keyword type="macro" name="xmlSecByte" link="xmlsec-xmlsec.html#xmlSecByte"/>
- <keyword type="macro" name="XMLSEC_CRYPTO" link="xmlsec-xmlsec.html#XMLSEC-CRYPTO:CAPS"/>
- <keyword type="macro" name="XMLSEC_DEPRECATED" link="xmlsec-xmlsec.html#XMLSEC-DEPRECATED:CAPS"/>
- <keyword type="enum" name="enum xmlSecCheckVersionMode" link="xmlsec-xmlsec.html#xmlSecCheckVersionMode"/>
- <keyword type="macro" name="xmlSecNodeGetName()" link="xmlsec-xmltree.html#xmlSecNodeGetName"/>
- <keyword type="function" name="xmlSecGetDefaultLineFeed ()" link="xmlsec-xmltree.html#xmlSecGetDefaultLineFeed"/>
- <keyword type="function" name="xmlSecSetDefaultLineFeed ()" link="xmlsec-xmltree.html#xmlSecSetDefaultLineFeed"/>
- <keyword type="function" name="xmlSecGetNodeNsHref ()" link="xmlsec-xmltree.html#xmlSecGetNodeNsHref"/>
- <keyword type="function" name="xmlSecCheckNodeName ()" link="xmlsec-xmltree.html#xmlSecCheckNodeName"/>
- <keyword type="function" name="xmlSecGetNextElementNode ()" link="xmlsec-xmltree.html#xmlSecGetNextElementNode"/>
- <keyword type="function" name="xmlSecFindSibling ()" link="xmlsec-xmltree.html#xmlSecFindSibling"/>
- <keyword type="function" name="xmlSecFindChild ()" link="xmlsec-xmltree.html#xmlSecFindChild"/>
- <keyword type="function" name="xmlSecFindParent ()" link="xmlsec-xmltree.html#xmlSecFindParent"/>
- <keyword type="function" name="xmlSecFindNode ()" link="xmlsec-xmltree.html#xmlSecFindNode"/>
- <keyword type="function" name="xmlSecAddChild ()" link="xmlsec-xmltree.html#xmlSecAddChild"/>
- <keyword type="function" name="xmlSecEnsureEmptyChild ()" link="xmlsec-xmltree.html#xmlSecEnsureEmptyChild"/>
- <keyword type="function" name="xmlSecAddChildNode ()" link="xmlsec-xmltree.html#xmlSecAddChildNode"/>
- <keyword type="function" name="xmlSecAddNextSibling ()" link="xmlsec-xmltree.html#xmlSecAddNextSibling"/>
- <keyword type="function" name="xmlSecAddPrevSibling ()" link="xmlsec-xmltree.html#xmlSecAddPrevSibling"/>
- <keyword type="function" name="xmlSecReplaceNode ()" link="xmlsec-xmltree.html#xmlSecReplaceNode"/>
- <keyword type="function" name="xmlSecReplaceNodeAndReturn ()" link="xmlsec-xmltree.html#xmlSecReplaceNodeAndReturn"/>
- <keyword type="function" name="xmlSecReplaceContent ()" link="xmlsec-xmltree.html#xmlSecReplaceContent"/>
- <keyword type="function" name="xmlSecReplaceContentAndReturn ()" link="xmlsec-xmltree.html#xmlSecReplaceContentAndReturn"/>
- <keyword type="function" name="xmlSecReplaceNodeBuffer ()" link="xmlsec-xmltree.html#xmlSecReplaceNodeBuffer"/>
- <keyword type="function" name="xmlSecReplaceNodeBufferAndReturn ()" link="xmlsec-xmltree.html#xmlSecReplaceNodeBufferAndReturn"/>
- <keyword type="function" name="xmlSecNodeEncodeAndSetContent ()" link="xmlsec-xmltree.html#xmlSecNodeEncodeAndSetContent"/>
- <keyword type="function" name="xmlSecAddIDs ()" link="xmlsec-xmltree.html#xmlSecAddIDs"/>
- <keyword type="function" name="xmlSecCreateTree ()" link="xmlsec-xmltree.html#xmlSecCreateTree"/>
- <keyword type="function" name="xmlSecIsEmptyNode ()" link="xmlsec-xmltree.html#xmlSecIsEmptyNode"/>
- <keyword type="function" name="xmlSecIsEmptyString ()" link="xmlsec-xmltree.html#xmlSecIsEmptyString"/>
- <keyword type="function" name="xmlSecGetQName ()" link="xmlsec-xmltree.html#xmlSecGetQName"/>
- <keyword type="function" name="xmlSecPrintXmlString ()" link="xmlsec-xmltree.html#xmlSecPrintXmlString"/>
- <keyword type="macro" name="xmlSecIsHex()" link="xmlsec-xmltree.html#xmlSecIsHex"/>
- <keyword type="macro" name="xmlSecGetHex()" link="xmlsec-xmltree.html#xmlSecGetHex"/>
- <keyword type="function" name="xmlSecQName2IntegerGetInfo ()" link="xmlsec-xmltree.html#xmlSecQName2IntegerGetInfo"/>
- <keyword type="function" name="xmlSecQName2IntegerGetInteger ()" link="xmlsec-xmltree.html#xmlSecQName2IntegerGetInteger"/>
- <keyword type="function" name="xmlSecQName2IntegerGetIntegerFromString ()" link="xmlsec-xmltree.html#xmlSecQName2IntegerGetIntegerFromString"/>
- <keyword type="function" name="xmlSecQName2IntegerGetStringFromInteger ()" link="xmlsec-xmltree.html#xmlSecQName2IntegerGetStringFromInteger"/>
- <keyword type="function" name="xmlSecQName2IntegerNodeRead ()" link="xmlsec-xmltree.html#xmlSecQName2IntegerNodeRead"/>
- <keyword type="function" name="xmlSecQName2IntegerNodeWrite ()" link="xmlsec-xmltree.html#xmlSecQName2IntegerNodeWrite"/>
- <keyword type="function" name="xmlSecQName2IntegerAttributeRead ()" link="xmlsec-xmltree.html#xmlSecQName2IntegerAttributeRead"/>
- <keyword type="function" name="xmlSecQName2IntegerAttributeWrite ()" link="xmlsec-xmltree.html#xmlSecQName2IntegerAttributeWrite"/>
- <keyword type="function" name="xmlSecQName2IntegerDebugDump ()" link="xmlsec-xmltree.html#xmlSecQName2IntegerDebugDump"/>
- <keyword type="function" name="xmlSecQName2IntegerDebugXmlDump ()" link="xmlsec-xmltree.html#xmlSecQName2IntegerDebugXmlDump"/>
- <keyword type="function" name="xmlSecQName2BitMaskGetInfo ()" link="xmlsec-xmltree.html#xmlSecQName2BitMaskGetInfo"/>
- <keyword type="function" name="xmlSecQName2BitMaskGetBitMask ()" link="xmlsec-xmltree.html#xmlSecQName2BitMaskGetBitMask"/>
- <keyword type="function" name="xmlSecQName2BitMaskNodesRead ()" link="xmlsec-xmltree.html#xmlSecQName2BitMaskNodesRead"/>
- <keyword type="function" name="xmlSecQName2BitMaskGetBitMaskFromString ()" link="xmlsec-xmltree.html#xmlSecQName2BitMaskGetBitMaskFromString"/>
- <keyword type="function" name="xmlSecQName2BitMaskGetStringFromBitMask ()" link="xmlsec-xmltree.html#xmlSecQName2BitMaskGetStringFromBitMask"/>
- <keyword type="function" name="xmlSecQName2BitMaskNodesWrite ()" link="xmlsec-xmltree.html#xmlSecQName2BitMaskNodesWrite"/>
- <keyword type="function" name="xmlSecQName2BitMaskDebugDump ()" link="xmlsec-xmltree.html#xmlSecQName2BitMaskDebugDump"/>
- <keyword type="function" name="xmlSecQName2BitMaskDebugXmlDump ()" link="xmlsec-xmltree.html#xmlSecQName2BitMaskDebugXmlDump"/>
- <keyword type="function" name="xmlSecWin32ConvertLocaleToUnicode ()" link="xmlsec-xmltree.html#xmlSecWin32ConvertLocaleToUnicode"/>
- <keyword type="function" name="xmlSecWin32ConvertUtf8ToUnicode ()" link="xmlsec-xmltree.html#xmlSecWin32ConvertUtf8ToUnicode"/>
- <keyword type="function" name="xmlSecWin32ConvertUnicodeToUtf8Â ()" link="xmlsec-xmltree.html#xmlSecWin32ConvertUnicodeToUtf8"/>
- <keyword type="function" name="xmlSecWin32ConvertLocaleToUtf8Â ()" link="xmlsec-xmltree.html#xmlSecWin32ConvertLocaleToUtf8"/>
- <keyword type="function" name="xmlSecWin32ConvertUtf8ToLocale ()" link="xmlsec-xmltree.html#xmlSecWin32ConvertUtf8ToLocale"/>
- <keyword type="function" name="xmlSecWin32ConvertTstrToUtf8Â ()" link="xmlsec-xmltree.html#xmlSecWin32ConvertTstrToUtf8"/>
- <keyword type="function" name="xmlSecWin32ConvertUtf8ToTstr ()" link="xmlsec-xmltree.html#xmlSecWin32ConvertUtf8ToTstr"/>
- <keyword type="struct" name="struct xmlSecQName2IntegerInfo" link="xmlsec-xmltree.html#xmlSecQName2IntegerInfo"/>
- <keyword type="typedef" name="xmlSecQName2IntegerInfoConstPtr" link="xmlsec-xmltree.html#xmlSecQName2IntegerInfoConstPtr"/>
- <keyword type="typedef" name="xmlSecBitMask" link="xmlsec-xmltree.html#xmlSecBitMask"/>
- <keyword type="struct" name="struct xmlSecQName2BitMaskInfo" link="xmlsec-xmltree.html#xmlSecQName2BitMaskInfo"/>
- <keyword type="typedef" name="xmlSecQName2BitMaskInfoConstPtr" link="xmlsec-xmltree.html#xmlSecQName2BitMaskInfoConstPtr"/>
- <keyword type="function" name="xmlSecX509DataGetNodeContent ()" link="xmlsec-x509.html#xmlSecX509DataGetNodeContent"/>
- <keyword type="macro" name="XMLSEC_X509DATA_CERTIFICATE_NODE" link="xmlsec-x509.html#XMLSEC-X509DATA-CERTIFICATE-NODE:CAPS"/>
- <keyword type="macro" name="XMLSEC_X509DATA_SUBJECTNAME_NODE" link="xmlsec-x509.html#XMLSEC-X509DATA-SUBJECTNAME-NODE:CAPS"/>
- <keyword type="macro" name="XMLSEC_X509DATA_ISSUERSERIAL_NODE" link="xmlsec-x509.html#XMLSEC-X509DATA-ISSUERSERIAL-NODE:CAPS"/>
- <keyword type="macro" name="XMLSEC_X509DATA_SKI_NODE" link="xmlsec-x509.html#XMLSEC-X509DATA-SKI-NODE:CAPS"/>
- <keyword type="macro" name="XMLSEC_X509DATA_CRL_NODE" link="xmlsec-x509.html#XMLSEC-X509DATA-CRL-NODE:CAPS"/>
- <keyword type="macro" name="XMLSEC_X509DATA_DEFAULT" link="xmlsec-x509.html#XMLSEC-X509DATA-DEFAULT:CAPS"/>
- <keyword type="function" name="xmlSecOpenSSLAppInit ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppInit"/>
- <keyword type="function" name="xmlSecOpenSSLAppShutdown ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppShutdown"/>
- <keyword type="function" name="xmlSecOpenSSLAppDefaultKeysMngrInit ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppDefaultKeysMngrInit"/>
- <keyword type="function" name="xmlSecOpenSSLAppDefaultKeysMngrAdoptKey ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppDefaultKeysMngrAdoptKey"/>
- <keyword type="function" name="xmlSecOpenSSLAppDefaultKeysMngrLoad ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppDefaultKeysMngrLoad"/>
- <keyword type="function" name="xmlSecOpenSSLAppDefaultKeysMngrSave ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppDefaultKeysMngrSave"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeysMngrCertLoad ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeysMngrCertLoad"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeysMngrCertLoadMemory ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeysMngrCertLoadMemory"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeysMngrCertLoadBIOÂ ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeysMngrCertLoadBIO"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeysMngrAddCertsPath ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeysMngrAddCertsPath"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeysMngrAddCertsFile ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeysMngrAddCertsFile"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeyLoad ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeyLoad"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeyLoadMemory ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeyLoadMemory"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeyLoadBIOÂ ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeyLoadBIO"/>
- <keyword type="function" name="xmlSecOpenSSLAppPkcs12Load ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppPkcs12Load"/>
- <keyword type="function" name="xmlSecOpenSSLAppPkcs12LoadMemory ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppPkcs12LoadMemory"/>
- <keyword type="function" name="xmlSecOpenSSLAppPkcs12LoadBIOÂ ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppPkcs12LoadBIO"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeyCertLoad ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeyCertLoad"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeyCertLoadMemory ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeyCertLoadMemory"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeyCertLoadBIOÂ ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeyCertLoadBIO"/>
- <keyword type="function" name="xmlSecOpenSSLAppKeyFromCertLoadBIOÂ ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppKeyFromCertLoadBIO"/>
- <keyword type="function" name="xmlSecOpenSSLAppGetDefaultPwdCallback ()" link="xmlsec-openssl-app.html#xmlSecOpenSSLAppGetDefaultPwdCallback"/>
- <keyword type="function" name="xmlSecOpenSSLNodeGetBNValue ()" link="xmlsec-openssl-bn.html#xmlSecOpenSSLNodeGetBNValue"/>
- <keyword type="function" name="xmlSecOpenSSLNodeSetBNValue ()" link="xmlsec-openssl-bn.html#xmlSecOpenSSLNodeSetBNValue"/>
- <keyword type="function" name="xmlSecCryptoGetFunctions_openssl ()" link="xmlsec-openssl-crypto.html#xmlSecCryptoGetFunctions-openssl"/>
- <keyword type="function" name="xmlSecOpenSSLInit ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLInit"/>
- <keyword type="function" name="xmlSecOpenSSLShutdown ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLShutdown"/>
- <keyword type="function" name="xmlSecOpenSSLKeysMngrInit ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeysMngrInit"/>
- <keyword type="function" name="xmlSecOpenSSLGenerateRandom ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLGenerateRandom"/>
- <keyword type="function" name="xmlSecOpenSSLSetDefaultTrustedCertsFolder ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLSetDefaultTrustedCertsFolder"/>
- <keyword type="function" name="xmlSecOpenSSLGetDefaultTrustedCertsFolder ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLGetDefaultTrustedCertsFolder"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataAesGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataAesGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataAesSet ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataAesSet"/>
- <keyword type="function" name="xmlSecOpenSSLTransformAes128CbcGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes128CbcGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformAes192CbcGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes192CbcGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformAes256CbcGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes256CbcGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformAes128GcmGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes128GcmGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformAes192GcmGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes192GcmGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformAes256GcmGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes256GcmGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformKWAes128GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformKWAes128GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformKWAes192GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformKWAes192GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformKWAes256GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformKWAes256GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataDesGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDesGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataDesSet ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDesSet"/>
- <keyword type="function" name="xmlSecOpenSSLTransformDes3CbcGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformDes3CbcGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformKWDes3GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformKWDes3GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataDsaGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataDsaAdoptDsa ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaAdoptDsa"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataDsaGetDsa ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaGetDsa"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataDsaAdoptEvp ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaAdoptEvp"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataDsaGetEvp ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaGetEvp"/>
- <keyword type="function" name="xmlSecOpenSSLTransformDsaSha1GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformDsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformDsaSha256GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformDsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataEcdsaGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataEcdsaGetEcdsa ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaGetEcdsa"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataEcdsaAdoptEvp ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaAdoptEvp"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataEcdsaGetEvp ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaGetEvp"/>
- <keyword type="function" name="xmlSecOpenSSLTransformEcdsaSha1GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformEcdsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformEcdsaSha224GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformEcdsaSha224GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformEcdsaSha256GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformEcdsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformEcdsaSha384GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformEcdsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformEcdsaSha512GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformEcdsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataGost2001GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataGost2001GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGost2001GostR3411-94GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformGostR3411_94GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGostR3411-94GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataGostR3410-2012-256GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataGostR3410-2012-512GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGostR3410-2012GostR3411-2012-256GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGostR3410-2012GostR3411-2012-512GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformGostR3411_2012_256GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGostR3411-2012-256GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformGostR3411_2012_512GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGostR3411-2012-512GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLHmacGetMinOutputLength ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLHmacGetMinOutputLength"/>
- <keyword type="function" name="xmlSecOpenSSLHmacSetMinOutputLength ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLHmacSetMinOutputLength"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataHmacGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataHmacGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataHmacSet ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataHmacSet"/>
- <keyword type="function" name="xmlSecOpenSSLTransformHmacMd5GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacMd5GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformHmacRipemd160GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformHmacSha1GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacSha1GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformHmacSha224GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacSha224GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformHmacSha256GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacSha256GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformHmacSha384GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacSha384GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformHmacSha512GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacSha512GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformMd5GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformMd5GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformRipemd160GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataRsaGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataRsaAdoptRsa ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaAdoptRsa"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataRsaGetRsa ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaGetRsa"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataRsaAdoptEvp ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaAdoptEvp"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataRsaGetEvp ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaGetEvp"/>
- <keyword type="function" name="xmlSecOpenSSLTransformRsaMd5GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaMd5GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformRsaRipemd160GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformRsaSha1GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformRsaSha224GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaSha224GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformRsaSha256GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformRsaSha384GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformRsaSha512GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformRsaPkcs1GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaPkcs1GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformRsaOaepGetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaOaepGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformSha1GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformSha1GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformSha224GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformSha224GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformSha256GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformSha256GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformSha384GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformSha384GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLTransformSha512GetKlass ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformSha512GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLErrorsDefaultCallback ()" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLErrorsDefaultCallback"/>
- <keyword type="macro" name="XMLSEC_OPENSSL_API_100" link="xmlsec-openssl-crypto.html#XMLSEC-OPENSSL-API-100:CAPS"/>
- <keyword type="macro" name="XMLSEC_OPENSSL_API_110" link="xmlsec-openssl-crypto.html#XMLSEC-OPENSSL-API-110:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_AES" link="xmlsec-openssl-crypto.html#XMLSEC-NO-AES:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_DES" link="xmlsec-openssl-crypto.html#XMLSEC-NO-DES:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_DSA" link="xmlsec-openssl-crypto.html#XMLSEC-NO-DSA:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_ECDSA" link="xmlsec-openssl-crypto.html#XMLSEC-NO-ECDSA:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_GOST" link="xmlsec-openssl-crypto.html#XMLSEC-NO-GOST:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_GOST2012" link="xmlsec-openssl-crypto.html#XMLSEC-NO-GOST2012:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_HMAC" link="xmlsec-openssl-crypto.html#XMLSEC-NO-HMAC:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_MD5" link="xmlsec-openssl-crypto.html#XMLSEC-NO-MD5:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_RIPEMD160" link="xmlsec-openssl-crypto.html#XMLSEC-NO-RIPEMD160:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_RSA" link="xmlsec-openssl-crypto.html#XMLSEC-NO-RSA:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_SHA1" link="xmlsec-openssl-crypto.html#XMLSEC-NO-SHA1:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_SHA256" link="xmlsec-openssl-crypto.html#XMLSEC-NO-SHA256:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_SHA224" link="xmlsec-openssl-crypto.html#XMLSEC-NO-SHA224:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_SHA384" link="xmlsec-openssl-crypto.html#XMLSEC-NO-SHA384:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_SHA512" link="xmlsec-openssl-crypto.html#XMLSEC-NO-SHA512:CAPS"/>
- <keyword type="macro" name="XMLSEC_NO_X509" link="xmlsec-openssl-crypto.html#XMLSEC-NO-X509:CAPS"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataAesId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataAesId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformAes128CbcId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes128CbcId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformAes192CbcId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes192CbcId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformAes256CbcId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes256CbcId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformAes128GcmId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes128GcmId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformAes192GcmId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes192GcmId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformAes256GcmId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformAes256GcmId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformKWAes128Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformKWAes128Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformKWAes192Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformKWAes192Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformKWAes256Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformKWAes256Id"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataDesId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDesId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformDes3CbcId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformDes3CbcId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformKWDes3Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformKWDes3Id"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataDsaId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataDsaId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformDsaSha1Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformDsaSha1Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformDsaSha256Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformDsaSha256Id"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataEcdsaId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataEcdsaId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformEcdsaSha1Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformEcdsaSha1Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformEcdsaSha224Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformEcdsaSha224Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformEcdsaSha256Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformEcdsaSha256Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformEcdsaSha384Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformEcdsaSha384Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformEcdsaSha512Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformEcdsaSha512Id"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataGost2001Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataGost2001Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformGost2001GostR3411_94Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGost2001GostR3411-94Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformGostR3411_94Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGostR3411-94Id"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataGostR3410_2012_256Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataGostR3410-2012-256Id"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataGostR3410_2012_512Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataGostR3410-2012-512Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGostR3410-2012GostR3411-2012-256Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGostR3410-2012GostR3411-2012-512Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformGostR3411_2012_256Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGostR3411-2012-256Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformGostR3411_2012_512Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformGostR3411-2012-512Id"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataHmacId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataHmacId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformHmacMd5Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacMd5Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformHmacRipemd160Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacRipemd160Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformHmacSha1Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacSha1Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformHmacSha224Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacSha224Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformHmacSha256Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacSha256Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformHmacSha384Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacSha384Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformHmacSha512Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformHmacSha512Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformMd5Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformMd5Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformRipemd160Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRipemd160Id"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataRsaId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLKeyDataRsaId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformRsaMd5Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaMd5Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformRsaRipemd160Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaRipemd160Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformRsaSha1Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaSha1Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformRsaSha224Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaSha224Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformRsaSha256Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaSha256Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformRsaSha384Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaSha384Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformRsaSha512Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaSha512Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformRsaPkcs1Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaPkcs1Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformRsaOaepId" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformRsaOaepId"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformSha1Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformSha1Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformSha224Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformSha224Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformSha256Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformSha256Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformSha384Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformSha384Id"/>
- <keyword type="macro" name="xmlSecOpenSSLTransformSha512Id" link="xmlsec-openssl-crypto.html#xmlSecOpenSSLTransformSha512Id"/>
- <keyword type="function" name="xmlSecOpenSSLEvpKeyDataAdoptEvp ()" link="xmlsec-openssl-evp.html#xmlSecOpenSSLEvpKeyDataAdoptEvp"/>
- <keyword type="function" name="xmlSecOpenSSLEvpKeyDataGetEvp ()" link="xmlsec-openssl-evp.html#xmlSecOpenSSLEvpKeyDataGetEvp"/>
- <keyword type="function" name="xmlSecOpenSSLEvpKeyDup ()" link="xmlsec-openssl-evp.html#xmlSecOpenSSLEvpKeyDup"/>
- <keyword type="function" name="xmlSecOpenSSLEvpKeyAdopt ()" link="xmlsec-openssl-evp.html#xmlSecOpenSSLEvpKeyAdopt"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataX509GetKlass ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509GetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataX509GetKeyCert ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509GetKeyCert"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataX509AdoptKeyCert ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509AdoptKeyCert"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataX509AdoptCert ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509AdoptCert"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataX509GetCert ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509GetCert"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataX509GetCertsSize ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509GetCertsSize"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataX509AdoptCrl ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509AdoptCrl"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataX509GetCrl ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509GetCrl"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataX509GetCrlsSize ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509GetCrlsSize"/>
- <keyword type="function" name="xmlSecOpenSSLX509CertGetKey ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLX509CertGetKey"/>
- <keyword type="function" name="xmlSecOpenSSLKeyDataRawX509CertGetKlass ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataRawX509CertGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLX509StoreGetKlass ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreGetKlass"/>
- <keyword type="function" name="xmlSecOpenSSLX509StoreFindCert ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreFindCert"/>
- <keyword type="function" name="xmlSecOpenSSLX509StoreVerify ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreVerify"/>
- <keyword type="function" name="xmlSecOpenSSLX509StoreAdoptCert ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreAdoptCert"/>
- <keyword type="function" name="xmlSecOpenSSLX509StoreAdoptCrl ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreAdoptCrl"/>
- <keyword type="function" name="xmlSecOpenSSLX509StoreAddCertsPath ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreAddCertsPath"/>
- <keyword type="function" name="xmlSecOpenSSLX509StoreAddCertsFile ()" link="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreAddCertsFile"/>
- <keyword type="macro" name="XMLSEC_STACK_OF_X509" link="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509:CAPS"/>
- <keyword type="macro" name="XMLSEC_STACK_OF_X509_CRL" link="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509-CRL:CAPS"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataX509Id" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataX509Id"/>
- <keyword type="macro" name="xmlSecOpenSSLKeyDataRawX509CertId" link="xmlsec-openssl-x509.html#xmlSecOpenSSLKeyDataRawX509CertId"/>
- <keyword type="macro" name="xmlSecOpenSSLX509StoreId" link="xmlsec-openssl-x509.html#xmlSecOpenSSLX509StoreId"/>
- <keyword type="function" name="xmlSecGnuTLSAppInit ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppInit"/>
- <keyword type="function" name="xmlSecGnuTLSAppShutdown ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppShutdown"/>
- <keyword type="function" name="xmlSecGnuTLSAppDefaultKeysMngrInit ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppDefaultKeysMngrInit"/>
- <keyword type="function" name="xmlSecGnuTLSAppDefaultKeysMngrAdoptKey ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppDefaultKeysMngrAdoptKey"/>
- <keyword type="function" name="xmlSecGnuTLSAppDefaultKeysMngrLoad ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppDefaultKeysMngrLoad"/>
- <keyword type="function" name="xmlSecGnuTLSAppDefaultKeysMngrSave ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppDefaultKeysMngrSave"/>
- <keyword type="function" name="xmlSecGnuTLSAppKeysMngrCertLoad ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppKeysMngrCertLoad"/>
- <keyword type="function" name="xmlSecGnuTLSAppKeysMngrCertLoadMemory ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppKeysMngrCertLoadMemory"/>
- <keyword type="function" name="xmlSecGnuTLSAppKeyLoad ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppKeyLoad"/>
- <keyword type="function" name="xmlSecGnuTLSAppKeyLoadMemory ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppKeyLoadMemory"/>
- <keyword type="function" name="xmlSecGnuTLSAppPkcs12Load ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppPkcs12Load"/>
- <keyword type="function" name="xmlSecGnuTLSAppPkcs12LoadMemory ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppPkcs12LoadMemory"/>
- <keyword type="function" name="xmlSecGnuTLSAppKeyCertLoad ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppKeyCertLoad"/>
- <keyword type="function" name="xmlSecGnuTLSAppKeyCertLoadMemory ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppKeyCertLoadMemory"/>
- <keyword type="function" name="xmlSecGnuTLSAppGetDefaultPwdCallback ()" link="xmlsec-gnutls-app.html#xmlSecGnuTLSAppGetDefaultPwdCallback"/>
- <keyword type="function" name="xmlSecCryptoGetFunctions_gnutls ()" link="xmlsec-gnutls-crypto.html#xmlSecCryptoGetFunctions-gnutls"/>
- <keyword type="function" name="xmlSecGnuTLSInit ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSInit"/>
- <keyword type="function" name="xmlSecGnuTLSShutdown ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSShutdown"/>
- <keyword type="function" name="xmlSecGnuTLSKeysMngrInit ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeysMngrInit"/>
- <keyword type="function" name="xmlSecGnuTLSGenerateRandom ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSGenerateRandom"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataAesGetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataAesGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataAesSet ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataAesSet"/>
- <keyword type="function" name="xmlSecGnuTLSTransformAes128CbcGetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformAes128CbcGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformAes192CbcGetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformAes192CbcGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformAes256CbcGetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformAes256CbcGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformKWAes128GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformKWAes128GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformKWAes192GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformKWAes192GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformKWAes256GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformKWAes256GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataDesGetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataDesGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataDesSet ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataDesSet"/>
- <keyword type="function" name="xmlSecGnuTLSTransformDes3CbcGetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformDes3CbcGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformKWDes3GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformKWDes3GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataDsaGetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataDsaGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataDsaAdoptPrivateKey ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataDsaAdoptPrivateKey"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataDsaAdoptPublicKey ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataDsaAdoptPublicKey"/>
- <keyword type="function" name="xmlSecGnuTLSTransformDsaSha1GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformDsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSHmacGetMinOutputLength ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSHmacGetMinOutputLength"/>
- <keyword type="function" name="xmlSecGnuTLSHmacSetMinOutputLength ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSHmacSetMinOutputLength"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataHmacGetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataHmacGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataHmacSet ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataHmacSet"/>
- <keyword type="function" name="xmlSecGnuTLSTransformHmacMd5GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacMd5GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformHmacRipemd160GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformHmacSha1GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacSha1GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformHmacSha256GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacSha256GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformHmacSha384GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacSha384GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformHmacSha512GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacSha512GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataRsaGetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataRsaGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataRsaAdoptPrivateKey ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataRsaAdoptPrivateKey"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataRsaAdoptPublicKey ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataRsaAdoptPublicKey"/>
- <keyword type="function" name="xmlSecGnuTLSTransformRsaMd5GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaMd5GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformRsaRipemd160GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformRsaSha1GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformRsaSha256GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformRsaSha384GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformRsaSha512GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformSha1GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformSha1GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformSha256GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformSha256GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformSha384GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformSha384GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformSha512GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformSha512GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformMd5GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformMd5GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSTransformRipemd160GetKlass ()" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRipemd160GetKlass"/>
- <keyword type="macro" name="xmlSecGnuTLSKeyDataAesId" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataAesId"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformAes128CbcId" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformAes128CbcId"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformAes192CbcId" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformAes192CbcId"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformAes256CbcId" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformAes256CbcId"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformKWAes128Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformKWAes128Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformKWAes192Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformKWAes192Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformKWAes256Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformKWAes256Id"/>
- <keyword type="macro" name="xmlSecGnuTLSKeyDataDesId" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataDesId"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformDes3CbcId" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformDes3CbcId"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformKWDes3Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformKWDes3Id"/>
- <keyword type="macro" name="xmlSecGnuTLSKeyDataDsaId" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataDsaId"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformDsaSha1Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformDsaSha1Id"/>
- <keyword type="macro" name="xmlSecGnuTLSKeyDataHmacId" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataHmacId"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformHmacMd5Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacMd5Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformHmacRipemd160Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacRipemd160Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformHmacSha1Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacSha1Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformHmacSha256Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacSha256Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformHmacSha384Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacSha384Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformHmacSha512Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformHmacSha512Id"/>
- <keyword type="macro" name="xmlSecGnuTLSKeyDataRsaId" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSKeyDataRsaId"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformRsaMd5Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaMd5Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformRsaRipemd160Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaRipemd160Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformRsaSha1Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaSha1Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformRsaSha256Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaSha256Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformRsaSha384Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaSha384Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformRsaSha512Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRsaSha512Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformSha1Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformSha1Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformSha256Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformSha256Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformSha384Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformSha384Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformSha512Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformSha512Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformMd5Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformMd5Id"/>
- <keyword type="macro" name="xmlSecGnuTLSTransformRipemd160Id" link="xmlsec-gnutls-crypto.html#xmlSecGnuTLSTransformRipemd160Id"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataX509GetKlass ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataX509GetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataX509GetKeyCert ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataX509GetKeyCert"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataX509AdoptKeyCert ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataX509AdoptKeyCert"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataX509AdoptCert ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataX509AdoptCert"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataX509GetCert ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataX509GetCert"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataX509GetCertsSize ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataX509GetCertsSize"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataX509AdoptCrl ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataX509AdoptCrl"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataX509GetCrl ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataX509GetCrl"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataX509GetCrlsSize ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataX509GetCrlsSize"/>
- <keyword type="function" name="xmlSecGnuTLSX509CertGetKey ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509CertGetKey"/>
- <keyword type="function" name="xmlSecGnuTLSKeyDataRawX509CertGetKlass ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataRawX509CertGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSX509StoreGetKlass ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreGetKlass"/>
- <keyword type="function" name="xmlSecGnuTLSX509StoreFindCert ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreFindCert"/>
- <keyword type="function" name="xmlSecGnuTLSX509StoreVerify ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreVerify"/>
- <keyword type="function" name="xmlSecGnuTLSX509StoreAdoptCert ()" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreAdoptCert"/>
- <keyword type="macro" name="xmlSecGnuTLSKeyDataX509Id" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataX509Id"/>
- <keyword type="macro" name="xmlSecGnuTLSKeyDataRawX509CertId" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSKeyDataRawX509CertId"/>
- <keyword type="macro" name="xmlSecGnuTLSX509StoreId" link="xmlsec-gnutls-x509.html#xmlSecGnuTLSX509StoreId"/>
- <keyword type="function" name="xmlSecGCryptAppInit ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppInit"/>
- <keyword type="function" name="xmlSecGCryptAppShutdown ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppShutdown"/>
- <keyword type="function" name="xmlSecGCryptAppDefaultKeysMngrInit ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppDefaultKeysMngrInit"/>
- <keyword type="function" name="xmlSecGCryptAppDefaultKeysMngrAdoptKey ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppDefaultKeysMngrAdoptKey"/>
- <keyword type="function" name="xmlSecGCryptAppDefaultKeysMngrLoad ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppDefaultKeysMngrLoad"/>
- <keyword type="function" name="xmlSecGCryptAppDefaultKeysMngrSave ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppDefaultKeysMngrSave"/>
- <keyword type="function" name="xmlSecGCryptAppKeysMngrCertLoad ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppKeysMngrCertLoad"/>
- <keyword type="function" name="xmlSecGCryptAppKeysMngrCertLoadMemory ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppKeysMngrCertLoadMemory"/>
- <keyword type="function" name="xmlSecGCryptAppKeyLoad ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppKeyLoad"/>
- <keyword type="function" name="xmlSecGCryptAppKeyLoadMemory ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppKeyLoadMemory"/>
- <keyword type="function" name="xmlSecGCryptAppPkcs12Load ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppPkcs12Load"/>
- <keyword type="function" name="xmlSecGCryptAppPkcs12LoadMemory ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppPkcs12LoadMemory"/>
- <keyword type="function" name="xmlSecGCryptAppKeyCertLoad ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppKeyCertLoad"/>
- <keyword type="function" name="xmlSecGCryptAppKeyCertLoadMemory ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppKeyCertLoadMemory"/>
- <keyword type="function" name="xmlSecGCryptAppGetDefaultPwdCallback ()" link="xmlsec-gcrypt-app.html#xmlSecGCryptAppGetDefaultPwdCallback"/>
- <keyword type="function" name="xmlSecCryptoGetFunctions_gcrypt ()" link="xmlsec-gcrypt-crypto.html#xmlSecCryptoGetFunctions-gcrypt"/>
- <keyword type="function" name="xmlSecGCryptInit ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptInit"/>
- <keyword type="function" name="xmlSecGCryptShutdown ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptShutdown"/>
- <keyword type="function" name="xmlSecGCryptKeysMngrInit ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeysMngrInit"/>
- <keyword type="function" name="xmlSecGCryptGenerateRandom ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptGenerateRandom"/>
- <keyword type="function" name="xmlSecGCryptKeyDataAesGetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataAesGetKlass"/>
- <keyword type="function" name="xmlSecGCryptKeyDataAesSet ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataAesSet"/>
- <keyword type="function" name="xmlSecGCryptTransformAes128CbcGetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformAes128CbcGetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformAes192CbcGetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformAes192CbcGetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformAes256CbcGetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformAes256CbcGetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformKWAes128GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformKWAes128GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformKWAes192GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformKWAes192GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformKWAes256GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformKWAes256GetKlass"/>
- <keyword type="function" name="xmlSecGCryptKeyDataDesGetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataDesGetKlass"/>
- <keyword type="function" name="xmlSecGCryptKeyDataDesSet ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataDesSet"/>
- <keyword type="function" name="xmlSecGCryptTransformDes3CbcGetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformDes3CbcGetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformKWDes3GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformKWDes3GetKlass"/>
- <keyword type="function" name="xmlSecGCryptKeyDataDsaGetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataDsaGetKlass"/>
- <keyword type="function" name="xmlSecGCryptKeyDataDsaAdoptKey ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataDsaAdoptKey"/>
- <keyword type="function" name="xmlSecGCryptKeyDataDsaAdoptKeyPair ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataDsaAdoptKeyPair"/>
- <keyword type="function" name="xmlSecGCryptKeyDataDsaGetPublicKey ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataDsaGetPublicKey"/>
- <keyword type="function" name="xmlSecGCryptKeyDataDsaGetPrivateKey ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataDsaGetPrivateKey"/>
- <keyword type="function" name="xmlSecGCryptTransformDsaSha1GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformDsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecGCryptHmacGetMinOutputLength ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptHmacGetMinOutputLength"/>
- <keyword type="function" name="xmlSecGCryptHmacSetMinOutputLength ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptHmacSetMinOutputLength"/>
- <keyword type="function" name="xmlSecGCryptKeyDataHmacGetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataHmacGetKlass"/>
- <keyword type="function" name="xmlSecGCryptKeyDataHmacSet ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataHmacSet"/>
- <keyword type="function" name="xmlSecGCryptTransformHmacMd5GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacMd5GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformHmacRipemd160GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformHmacSha1GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacSha1GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformHmacSha256GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacSha256GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformHmacSha384GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacSha384GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformHmacSha512GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacSha512GetKlass"/>
- <keyword type="function" name="xmlSecGCryptKeyDataRsaGetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataRsaGetKlass"/>
- <keyword type="function" name="xmlSecGCryptKeyDataRsaAdoptKey ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataRsaAdoptKey"/>
- <keyword type="function" name="xmlSecGCryptKeyDataRsaAdoptKeyPair ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataRsaAdoptKeyPair"/>
- <keyword type="function" name="xmlSecGCryptKeyDataRsaGetPublicKey ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataRsaGetPublicKey"/>
- <keyword type="function" name="xmlSecGCryptKeyDataRsaGetPrivateKey ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataRsaGetPrivateKey"/>
- <keyword type="function" name="xmlSecGCryptTransformRsaMd5GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaMd5GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformRsaRipemd160GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformRsaSha1GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformRsaSha256GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformRsaSha384GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformRsaSha512GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformSha1GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformSha1GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformSha256GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformSha256GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformSha384GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformSha384GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformSha512GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformSha512GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformMd5GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformMd5GetKlass"/>
- <keyword type="function" name="xmlSecGCryptTransformRipemd160GetKlass ()" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRipemd160GetKlass"/>
- <keyword type="macro" name="xmlSecGCryptKeyDataAesId" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataAesId"/>
- <keyword type="macro" name="xmlSecGCryptTransformAes128CbcId" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformAes128CbcId"/>
- <keyword type="macro" name="xmlSecGCryptTransformAes192CbcId" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformAes192CbcId"/>
- <keyword type="macro" name="xmlSecGCryptTransformAes256CbcId" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformAes256CbcId"/>
- <keyword type="macro" name="xmlSecGCryptTransformKWAes128Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformKWAes128Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformKWAes192Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformKWAes192Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformKWAes256Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformKWAes256Id"/>
- <keyword type="macro" name="xmlSecGCryptKeyDataDesId" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataDesId"/>
- <keyword type="macro" name="xmlSecGCryptTransformDes3CbcId" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformDes3CbcId"/>
- <keyword type="macro" name="xmlSecGCryptTransformKWDes3Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformKWDes3Id"/>
- <keyword type="macro" name="xmlSecGCryptKeyDataDsaId" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataDsaId"/>
- <keyword type="macro" name="xmlSecGCryptTransformDsaSha1Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformDsaSha1Id"/>
- <keyword type="macro" name="xmlSecGCryptKeyDataHmacId" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataHmacId"/>
- <keyword type="macro" name="xmlSecGCryptTransformHmacMd5Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacMd5Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformHmacRipemd160Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacRipemd160Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformHmacSha1Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacSha1Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformHmacSha256Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacSha256Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformHmacSha384Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacSha384Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformHmacSha512Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformHmacSha512Id"/>
- <keyword type="macro" name="xmlSecGCryptKeyDataRsaId" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptKeyDataRsaId"/>
- <keyword type="macro" name="xmlSecGCryptTransformRsaMd5Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaMd5Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformRsaRipemd160Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaRipemd160Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformRsaSha1Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaSha1Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformRsaSha256Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaSha256Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformRsaSha384Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaSha384Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformRsaSha512Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRsaSha512Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformSha1Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformSha1Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformSha256Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformSha256Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformSha384Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformSha384Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformSha512Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformSha512Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformMd5Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformMd5Id"/>
- <keyword type="macro" name="xmlSecGCryptTransformRipemd160Id" link="xmlsec-gcrypt-crypto.html#xmlSecGCryptTransformRipemd160Id"/>
- <keyword type="function" name="xmlSecNssAppInit ()" link="xmlsec-nss-app.html#xmlSecNssAppInit"/>
- <keyword type="function" name="xmlSecNssAppShutdown ()" link="xmlsec-nss-app.html#xmlSecNssAppShutdown"/>
- <keyword type="function" name="xmlSecNssAppDefaultKeysMngrInit ()" link="xmlsec-nss-app.html#xmlSecNssAppDefaultKeysMngrInit"/>
- <keyword type="function" name="xmlSecNssAppDefaultKeysMngrAdoptKey ()" link="xmlsec-nss-app.html#xmlSecNssAppDefaultKeysMngrAdoptKey"/>
- <keyword type="function" name="xmlSecNssAppDefaultKeysMngrLoad ()" link="xmlsec-nss-app.html#xmlSecNssAppDefaultKeysMngrLoad"/>
- <keyword type="function" name="xmlSecNssAppDefaultKeysMngrSave ()" link="xmlsec-nss-app.html#xmlSecNssAppDefaultKeysMngrSave"/>
- <keyword type="function" name="xmlSecNssAppKeysMngrCertLoad ()" link="xmlsec-nss-app.html#xmlSecNssAppKeysMngrCertLoad"/>
- <keyword type="function" name="xmlSecNssAppKeysMngrCertLoadMemory ()" link="xmlsec-nss-app.html#xmlSecNssAppKeysMngrCertLoadMemory"/>
- <keyword type="function" name="xmlSecNssAppKeysMngrCertLoadSECItem ()" link="xmlsec-nss-app.html#xmlSecNssAppKeysMngrCertLoadSECItem"/>
- <keyword type="function" name="xmlSecNssAppKeyLoad ()" link="xmlsec-nss-app.html#xmlSecNssAppKeyLoad"/>
- <keyword type="function" name="xmlSecNssAppKeyLoadMemory ()" link="xmlsec-nss-app.html#xmlSecNssAppKeyLoadMemory"/>
- <keyword type="function" name="xmlSecNssAppKeyLoadSECItem ()" link="xmlsec-nss-app.html#xmlSecNssAppKeyLoadSECItem"/>
- <keyword type="function" name="xmlSecNssAppPkcs12Load ()" link="xmlsec-nss-app.html#xmlSecNssAppPkcs12Load"/>
- <keyword type="function" name="xmlSecNssAppPkcs12LoadMemory ()" link="xmlsec-nss-app.html#xmlSecNssAppPkcs12LoadMemory"/>
- <keyword type="function" name="xmlSecNssAppPkcs12LoadSECItem ()" link="xmlsec-nss-app.html#xmlSecNssAppPkcs12LoadSECItem"/>
- <keyword type="function" name="xmlSecNssAppKeyCertLoad ()" link="xmlsec-nss-app.html#xmlSecNssAppKeyCertLoad"/>
- <keyword type="function" name="xmlSecNssAppKeyCertLoadMemory ()" link="xmlsec-nss-app.html#xmlSecNssAppKeyCertLoadMemory"/>
- <keyword type="function" name="xmlSecNssAppKeyCertLoadSECItem ()" link="xmlsec-nss-app.html#xmlSecNssAppKeyCertLoadSECItem"/>
- <keyword type="function" name="xmlSecNssAppKeyFromCertLoadSECItem ()" link="xmlsec-nss-app.html#xmlSecNssAppKeyFromCertLoadSECItem"/>
- <keyword type="function" name="xmlSecNssAppGetDefaultPwdCallback ()" link="xmlsec-nss-app.html#xmlSecNssAppGetDefaultPwdCallback"/>
- <keyword type="function" name="xmlSecNssNodeGetBigNumValue ()" link="xmlsec-nss-bignum.html#xmlSecNssNodeGetBigNumValue"/>
- <keyword type="function" name="xmlSecNssNodeSetBigNumValue ()" link="xmlsec-nss-bignum.html#xmlSecNssNodeSetBigNumValue"/>
- <keyword type="function" name="xmlSecCryptoGetFunctions_nss ()" link="xmlsec-nss-crypto.html#xmlSecCryptoGetFunctions-nss"/>
- <keyword type="function" name="xmlSecNssInit ()" link="xmlsec-nss-crypto.html#xmlSecNssInit"/>
- <keyword type="function" name="xmlSecNssShutdown ()" link="xmlsec-nss-crypto.html#xmlSecNssShutdown"/>
- <keyword type="function" name="xmlSecNssKeysMngrInit ()" link="xmlsec-nss-crypto.html#xmlSecNssKeysMngrInit"/>
- <keyword type="function" name="xmlSecNssGenerateRandom ()" link="xmlsec-nss-crypto.html#xmlSecNssGenerateRandom"/>
- <keyword type="function" name="xmlSecNssErrorsDefaultCallback ()" link="xmlsec-nss-crypto.html#xmlSecNssErrorsDefaultCallback"/>
- <keyword type="function" name="xmlSecNssGetInternalKeySlot ()" link="xmlsec-nss-crypto.html#xmlSecNssGetInternalKeySlot"/>
- <keyword type="function" name="xmlSecNssKeyDataAesGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataAesGetKlass"/>
- <keyword type="function" name="xmlSecNssKeyDataAesSet ()" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataAesSet"/>
- <keyword type="function" name="xmlSecNssTransformAes128CbcGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformAes128CbcGetKlass"/>
- <keyword type="function" name="xmlSecNssTransformAes192CbcGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformAes192CbcGetKlass"/>
- <keyword type="function" name="xmlSecNssTransformAes256CbcGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformAes256CbcGetKlass"/>
- <keyword type="function" name="xmlSecNssTransformKWAes128GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformKWAes128GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformKWAes192GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformKWAes192GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformKWAes256GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformKWAes256GetKlass"/>
- <keyword type="function" name="xmlSecNssKeyDataDesGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataDesGetKlass"/>
- <keyword type="function" name="xmlSecNssKeyDataDesSet ()" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataDesSet"/>
- <keyword type="function" name="xmlSecNssTransformDes3CbcGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformDes3CbcGetKlass"/>
- <keyword type="function" name="xmlSecNssTransformKWDes3GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformKWDes3GetKlass"/>
- <keyword type="function" name="xmlSecNssKeyDataDsaGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataDsaGetKlass"/>
- <keyword type="function" name="xmlSecNssTransformDsaSha1GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformDsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformDsaSha256GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformDsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecNssKeyDataEcdsaGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataEcdsaGetKlass"/>
- <keyword type="function" name="xmlSecNssTransformEcdsaSha1GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformEcdsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformEcdsaSha224GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformEcdsaSha224GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformEcdsaSha256GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformEcdsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformEcdsaSha384GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformEcdsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformEcdsaSha512GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformEcdsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecNssHmacGetMinOutputLength ()" link="xmlsec-nss-crypto.html#xmlSecNssHmacGetMinOutputLength"/>
- <keyword type="function" name="xmlSecNssHmacSetMinOutputLength ()" link="xmlsec-nss-crypto.html#xmlSecNssHmacSetMinOutputLength"/>
- <keyword type="function" name="xmlSecNssKeyDataHmacGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataHmacGetKlass"/>
- <keyword type="function" name="xmlSecNssKeyDataHmacSet ()" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataHmacSet"/>
- <keyword type="function" name="xmlSecNssTransformHmacMd5GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacMd5GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformHmacRipemd160GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacRipemd160GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformHmacSha1GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacSha1GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformHmacSha224GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacSha224GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformHmacSha256GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacSha256GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformHmacSha384GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacSha384GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformHmacSha512GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacSha512GetKlass"/>
- <keyword type="function" name="xmlSecNssKeyDataRsaGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataRsaGetKlass"/>
- <keyword type="function" name="xmlSecNssTransformRsaMd5GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaMd5GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformRsaSha1GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformRsaSha224GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaSha224GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformRsaSha256GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformRsaSha384GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformRsaSha512GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformRsaPkcs1GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaPkcs1GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformRsaOaepGetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaOaepGetKlass"/>
- <keyword type="function" name="xmlSecNssTransformSha1GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformSha1GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformSha224GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformSha224GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformSha256GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformSha256GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformSha384GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformSha384GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformSha512GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformSha512GetKlass"/>
- <keyword type="function" name="xmlSecNssTransformMd5GetKlass ()" link="xmlsec-nss-crypto.html#xmlSecNssTransformMd5GetKlass"/>
- <keyword type="macro" name="xmlSecNssKeyDataAesId" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataAesId"/>
- <keyword type="macro" name="xmlSecNssTransformAes128CbcId" link="xmlsec-nss-crypto.html#xmlSecNssTransformAes128CbcId"/>
- <keyword type="macro" name="xmlSecNssTransformAes192CbcId" link="xmlsec-nss-crypto.html#xmlSecNssTransformAes192CbcId"/>
- <keyword type="macro" name="xmlSecNssTransformAes256CbcId" link="xmlsec-nss-crypto.html#xmlSecNssTransformAes256CbcId"/>
- <keyword type="macro" name="xmlSecNssTransformKWAes128Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformKWAes128Id"/>
- <keyword type="macro" name="xmlSecNssTransformKWAes192Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformKWAes192Id"/>
- <keyword type="macro" name="xmlSecNssTransformKWAes256Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformKWAes256Id"/>
- <keyword type="macro" name="xmlSecNssKeyDataDesId" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataDesId"/>
- <keyword type="macro" name="xmlSecNssTransformDes3CbcId" link="xmlsec-nss-crypto.html#xmlSecNssTransformDes3CbcId"/>
- <keyword type="macro" name="xmlSecNssTransformKWDes3Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformKWDes3Id"/>
- <keyword type="macro" name="xmlSecNssKeyDataDsaId" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataDsaId"/>
- <keyword type="macro" name="xmlSecNssTransformDsaSha1Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformDsaSha1Id"/>
- <keyword type="macro" name="xmlSecNssTransformDsaSha256Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformDsaSha256Id"/>
- <keyword type="macro" name="xmlSecNssKeyDataEcdsaId" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataEcdsaId"/>
- <keyword type="macro" name="xmlSecNssTransformEcdsaSha1Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformEcdsaSha1Id"/>
- <keyword type="macro" name="xmlSecNssTransformEcdsaSha224Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformEcdsaSha224Id"/>
- <keyword type="macro" name="xmlSecNssTransformEcdsaSha256Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformEcdsaSha256Id"/>
- <keyword type="macro" name="xmlSecNssTransformEcdsaSha384Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformEcdsaSha384Id"/>
- <keyword type="macro" name="xmlSecNssTransformEcdsaSha512Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformEcdsaSha512Id"/>
- <keyword type="macro" name="xmlSecNssKeyDataHmacId" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataHmacId"/>
- <keyword type="macro" name="xmlSecNssTransformHmacMd5Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacMd5Id"/>
- <keyword type="macro" name="xmlSecNssTransformHmacRipemd160Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacRipemd160Id"/>
- <keyword type="macro" name="xmlSecNssTransformHmacSha1Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacSha1Id"/>
- <keyword type="macro" name="xmlSecNssTransformHmacSha224Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacSha224Id"/>
- <keyword type="macro" name="xmlSecNssTransformHmacSha256Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacSha256Id"/>
- <keyword type="macro" name="xmlSecNssTransformHmacSha384Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacSha384Id"/>
- <keyword type="macro" name="xmlSecNssTransformHmacSha512Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformHmacSha512Id"/>
- <keyword type="macro" name="xmlSecNssKeyDataRsaId" link="xmlsec-nss-crypto.html#xmlSecNssKeyDataRsaId"/>
- <keyword type="macro" name="xmlSecNssTransformRsaMd5Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaMd5Id"/>
- <keyword type="macro" name="xmlSecNssTransformRsaSha1Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaSha1Id"/>
- <keyword type="macro" name="xmlSecNssTransformRsaSha224Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaSha224Id"/>
- <keyword type="macro" name="xmlSecNssTransformRsaSha256Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaSha256Id"/>
- <keyword type="macro" name="xmlSecNssTransformRsaSha384Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaSha384Id"/>
- <keyword type="macro" name="xmlSecNssTransformRsaSha512Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaSha512Id"/>
- <keyword type="macro" name="xmlSecNssTransformRsaPkcs1Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaPkcs1Id"/>
- <keyword type="macro" name="xmlSecNssTransformRsaOaepId" link="xmlsec-nss-crypto.html#xmlSecNssTransformRsaOaepId"/>
- <keyword type="macro" name="xmlSecNssTransformSha1Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformSha1Id"/>
- <keyword type="macro" name="xmlSecNssTransformSha224Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformSha224Id"/>
- <keyword type="macro" name="xmlSecNssTransformSha256Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformSha256Id"/>
- <keyword type="macro" name="xmlSecNssTransformSha384Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformSha384Id"/>
- <keyword type="macro" name="xmlSecNssTransformSha512Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformSha512Id"/>
- <keyword type="macro" name="xmlSecNssTransformMd5Id" link="xmlsec-nss-crypto.html#xmlSecNssTransformMd5Id"/>
- <keyword type="function" name="xmlSecNssKeysStoreGetKlass ()" link="xmlsec-nss-keysstore.html#xmlSecNssKeysStoreGetKlass"/>
- <keyword type="function" name="xmlSecNssKeysStoreAdoptKey ()" link="xmlsec-nss-keysstore.html#xmlSecNssKeysStoreAdoptKey"/>
- <keyword type="function" name="xmlSecNssKeysStoreLoad ()" link="xmlsec-nss-keysstore.html#xmlSecNssKeysStoreLoad"/>
- <keyword type="function" name="xmlSecNssKeysStoreSave ()" link="xmlsec-nss-keysstore.html#xmlSecNssKeysStoreSave"/>
- <keyword type="macro" name="xmlSecNssKeysStoreId" link="xmlsec-nss-keysstore.html#xmlSecNssKeysStoreId"/>
- <keyword type="function" name="xmlSecNssPKIAdoptKey ()" link="xmlsec-nss-pkikeys.html#xmlSecNssPKIAdoptKey"/>
- <keyword type="function" name="xmlSecNssPKIKeyDataGetPubKey ()" link="xmlsec-nss-pkikeys.html#xmlSecNssPKIKeyDataGetPubKey"/>
- <keyword type="function" name="xmlSecNssPKIKeyDataGetPrivKey ()" link="xmlsec-nss-pkikeys.html#xmlSecNssPKIKeyDataGetPrivKey"/>
- <keyword type="function" name="xmlSecNssPKIKeyDataGetKeyType ()" link="xmlsec-nss-pkikeys.html#xmlSecNssPKIKeyDataGetKeyType"/>
- <keyword type="function" name="xmlSecNssPKIKeyDataDuplicate ()" link="xmlsec-nss-pkikeys.html#xmlSecNssPKIKeyDataDuplicate"/>
- <keyword type="function" name="xmlSecNssKeyDataX509GetKlass ()" link="xmlsec-nss-x509.html#xmlSecNssKeyDataX509GetKlass"/>
- <keyword type="function" name="xmlSecNssKeyDataX509GetKeyCert ()" link="xmlsec-nss-x509.html#xmlSecNssKeyDataX509GetKeyCert"/>
- <keyword type="function" name="xmlSecNssKeyDataX509AdoptKeyCert ()" link="xmlsec-nss-x509.html#xmlSecNssKeyDataX509AdoptKeyCert"/>
- <keyword type="function" name="xmlSecNssKeyDataX509AdoptCert ()" link="xmlsec-nss-x509.html#xmlSecNssKeyDataX509AdoptCert"/>
- <keyword type="function" name="xmlSecNssKeyDataX509GetCert ()" link="xmlsec-nss-x509.html#xmlSecNssKeyDataX509GetCert"/>
- <keyword type="function" name="xmlSecNssKeyDataX509GetCertsSize ()" link="xmlsec-nss-x509.html#xmlSecNssKeyDataX509GetCertsSize"/>
- <keyword type="function" name="xmlSecNssKeyDataX509AdoptCrl ()" link="xmlsec-nss-x509.html#xmlSecNssKeyDataX509AdoptCrl"/>
- <keyword type="function" name="xmlSecNssKeyDataX509GetCrl ()" link="xmlsec-nss-x509.html#xmlSecNssKeyDataX509GetCrl"/>
- <keyword type="function" name="xmlSecNssKeyDataX509GetCrlsSize ()" link="xmlsec-nss-x509.html#xmlSecNssKeyDataX509GetCrlsSize"/>
- <keyword type="function" name="xmlSecNssX509CertGetKey ()" link="xmlsec-nss-x509.html#xmlSecNssX509CertGetKey"/>
- <keyword type="function" name="xmlSecNssKeyDataRawX509CertGetKlass ()" link="xmlsec-nss-x509.html#xmlSecNssKeyDataRawX509CertGetKlass"/>
- <keyword type="function" name="xmlSecNssX509StoreGetKlass ()" link="xmlsec-nss-x509.html#xmlSecNssX509StoreGetKlass"/>
- <keyword type="function" name="xmlSecNssX509StoreFindCert ()" link="xmlsec-nss-x509.html#xmlSecNssX509StoreFindCert"/>
- <keyword type="function" name="xmlSecNssX509StoreVerify ()" link="xmlsec-nss-x509.html#xmlSecNssX509StoreVerify"/>
- <keyword type="function" name="xmlSecNssX509StoreAdoptCert ()" link="xmlsec-nss-x509.html#xmlSecNssX509StoreAdoptCert"/>
- <keyword type="macro" name="xmlSecNssKeyDataX509Id" link="xmlsec-nss-x509.html#xmlSecNssKeyDataX509Id"/>
- <keyword type="macro" name="xmlSecNssKeyDataRawX509CertId" link="xmlsec-nss-x509.html#xmlSecNssKeyDataRawX509CertId"/>
- <keyword type="macro" name="xmlSecNssX509StoreId" link="xmlsec-nss-x509.html#xmlSecNssX509StoreId"/>
- <keyword type="function" name="xmlSecMSCryptoAppInit ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppInit"/>
- <keyword type="function" name="xmlSecMSCryptoAppShutdown ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppShutdown"/>
- <keyword type="function" name="xmlSecMSCryptoAppGetCertStoreName ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppGetCertStoreName"/>
- <keyword type="function" name="xmlSecMSCryptoAppDefaultKeysMngrInit ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppDefaultKeysMngrInit"/>
- <keyword type="function" name="xmlSecMSCryptoAppDefaultKeysMngrAdoptKey ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppDefaultKeysMngrAdoptKey"/>
- <keyword type="function" name="xmlSecMSCryptoAppDefaultKeysMngrLoad ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppDefaultKeysMngrLoad"/>
- <keyword type="function" name="xmlSecMSCryptoAppDefaultKeysMngrSave ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppDefaultKeysMngrSave"/>
- <keyword type="function" name="xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad"/>
- <keyword type="function" name="xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad"/>
- <keyword type="function" name="xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad"/>
- <keyword type="function" name="xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore"/>
- <keyword type="function" name="xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore"/>
- <keyword type="function" name="xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore"/>
- <keyword type="function" name="xmlSecMSCryptoAppKeysMngrCertLoad ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppKeysMngrCertLoad"/>
- <keyword type="function" name="xmlSecMSCryptoAppKeysMngrCertLoadMemory ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppKeysMngrCertLoadMemory"/>
- <keyword type="function" name="xmlSecMSCryptoAppKeyLoad ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppKeyLoad"/>
- <keyword type="function" name="xmlSecMSCryptoAppKeyLoadMemory ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppKeyLoadMemory"/>
- <keyword type="function" name="xmlSecMSCryptoAppPkcs12Load ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppPkcs12Load"/>
- <keyword type="function" name="xmlSecMSCryptoAppPkcs12LoadMemory ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppPkcs12LoadMemory"/>
- <keyword type="function" name="xmlSecMSCryptoAppKeyCertLoad ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppKeyCertLoad"/>
- <keyword type="function" name="xmlSecMSCryptoAppKeyCertLoadMemory ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppKeyCertLoadMemory"/>
- <keyword type="function" name="xmlSecMSCryptoAppGetDefaultPwdCallback ()" link="xmlsec-mscrypto-app.html#xmlSecMSCryptoAppGetDefaultPwdCallback"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataGetCert ()" link="xmlsec-mscrypto-certkeys.html#xmlSecMSCryptoKeyDataGetCert"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataGetKey ()" link="xmlsec-mscrypto-certkeys.html#xmlSecMSCryptoKeyDataGetKey"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataGetDecryptKey ()" link="xmlsec-mscrypto-certkeys.html#xmlSecMSCryptoKeyDataGetDecryptKey"/>
- <keyword type="function" name="xmlSecMSCryptoCertDup ()" link="xmlsec-mscrypto-certkeys.html#xmlSecMSCryptoCertDup"/>
- <keyword type="function" name="xmlSecMSCryptoCertAdopt ()" link="xmlsec-mscrypto-certkeys.html#xmlSecMSCryptoCertAdopt"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataGetMSCryptoProvider ()" link="xmlsec-mscrypto-certkeys.html#xmlSecMSCryptoKeyDataGetMSCryptoProvider"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataGetMSCryptoKeySpec ()" link="xmlsec-mscrypto-certkeys.html#xmlSecMSCryptoKeyDataGetMSCryptoKeySpec"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataGetMSCryptoProviderInfo ()" link="xmlsec-mscrypto-certkeys.html#xmlSecMSCryptoKeyDataGetMSCryptoProviderInfo"/>
- <keyword type="function" name="xmlSecCryptoGetFunctions_mscrypto ()" link="xmlsec-mscrypto-crypto.html#xmlSecCryptoGetFunctions-mscrypto"/>
- <keyword type="function" name="xmlSecMSCryptoInit ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoInit"/>
- <keyword type="function" name="xmlSecMSCryptoShutdown ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoShutdown"/>
- <keyword type="function" name="xmlSecMSCryptoKeysMngrInit ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeysMngrInit"/>
- <keyword type="function" name="xmlSecMSCryptoGenerateRandom ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoGenerateRandom"/>
- <keyword type="function" name="xmlSecMSCryptoErrorsDefaultCallback ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoErrorsDefaultCallback"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataDsaGetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataDsaGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformDsaSha1GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformDsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataGost2001GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataGost2001GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGost2001GostR3411-94GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataGost2012_256GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataGost2012-256GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataGost2012_512GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataGost2012-512GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformGost2012_256GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGost2012-256GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformGost2012_512GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGost2012-512GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataRsaGetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataRsaGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformRsaMd5GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaMd5GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformRsaSha1GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformRsaSha256GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformRsaSha384GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformRsaSha512GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformRsaPkcs1GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaPkcs1GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformRsaOaepGetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaOaepGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformMd5GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformMd5GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformSha1GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformSha1GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformSha256GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformSha256GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformSha384GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformSha384GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformSha512GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformSha512GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformGostR3411_94GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGostR3411-94GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformGostR3411_2012_256GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGostR3411-2012-256GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformGostR3411_2012_512GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGostR3411-2012-512GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataAesGetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataAesGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataAesSet ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataAesSet"/>
- <keyword type="function" name="xmlSecMSCryptoTransformAes128CbcGetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformAes128CbcGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformAes192CbcGetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformAes192CbcGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformAes256CbcGetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformAes256CbcGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformKWAes128GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformKWAes128GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformKWAes192GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformKWAes192GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformKWAes256GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformKWAes256GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataDesGetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataDesGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformDes3CbcGetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformDes3CbcGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformKWDes3GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformKWDes3GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoHmacGetMinOutputLength ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoHmacGetMinOutputLength"/>
- <keyword type="function" name="xmlSecMSCryptoHmacSetMinOutputLength ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoHmacSetMinOutputLength"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataHmacGetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataHmacGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataHmacSet ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataHmacSet"/>
- <keyword type="function" name="xmlSecMSCryptoTransformHmacMd5GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacMd5GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformHmacSha1GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha1GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformHmacSha256GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha256GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformHmacSha384GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha384GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoTransformHmacSha512GetKlass ()" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha512GetKlass"/>
- <keyword type="macro" name="xmlSecMSCryptoKeyDataDsaId" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataDsaId" deprecated=""/>
- <keyword type="macro" name="xmlSecMSCryptoTransformDsaSha1Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformDsaSha1Id"/>
- <keyword type="macro" name="xmlSecMSCryptoKeyDataGost2001Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataGost2001Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformGost2001GostR3411_94Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGost2001GostR3411-94Id"/>
- <keyword type="macro" name="xmlSecMSCryptoKeyDataGost2012_256Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataGost2012-256Id"/>
- <keyword type="macro" name="xmlSecMSCryptoKeyDataGost2012_512Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataGost2012-512Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformGost2012_256Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGost2012-256Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformGost2012_512Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGost2012-512Id"/>
- <keyword type="macro" name="xmlSecMSCryptoKeyDataRsaId" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataRsaId"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformRsaMd5Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaMd5Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformRsaSha1Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaSha1Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformRsaSha256Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaSha256Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformRsaSha384Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaSha384Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformRsaSha512Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaSha512Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformRsaPkcs1Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaPkcs1Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformRsaOaepId" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformRsaOaepId"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformMd5Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformMd5Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformSha1Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformSha1Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformSha256Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformSha256Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformSha384Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformSha384Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformSha512Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformSha512Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformGostR3411_94Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGostR3411-94Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformGostR3411_2012_256Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGostR3411-2012-256Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformGostR3411_2012_512Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformGostR3411-2012-512Id"/>
- <keyword type="macro" name="xmlSecMSCryptoKeyDataAesId" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataAesId"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformAes128CbcId" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformAes128CbcId"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformAes192CbcId" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformAes192CbcId"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformAes256CbcId" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformAes256CbcId"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformKWAes128Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformKWAes128Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformKWAes192Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformKWAes192Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformKWAes256Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformKWAes256Id"/>
- <keyword type="macro" name="xmlSecMSCryptoKeyDataDesId" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataDesId"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformDes3CbcId" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformDes3CbcId"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformKWDes3Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformKWDes3Id"/>
- <keyword type="macro" name="xmlSecMSCryptoKeyDataHmacId" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoKeyDataHmacId"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformHmacMd5Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacMd5Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformHmacSha1Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha1Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformHmacSha256Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha256Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformHmacSha384Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha384Id"/>
- <keyword type="macro" name="xmlSecMSCryptoTransformHmacSha512Id" link="xmlsec-mscrypto-crypto.html#xmlSecMSCryptoTransformHmacSha512Id"/>
- <keyword type="function" name="xmlSecMSCryptoKeysStoreGetKlass ()" link="xmlsec-mscrypto-keysstore.html#xmlSecMSCryptoKeysStoreGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoKeysStoreAdoptKey ()" link="xmlsec-mscrypto-keysstore.html#xmlSecMSCryptoKeysStoreAdoptKey"/>
- <keyword type="function" name="xmlSecMSCryptoKeysStoreLoad ()" link="xmlsec-mscrypto-keysstore.html#xmlSecMSCryptoKeysStoreLoad"/>
- <keyword type="function" name="xmlSecMSCryptoKeysStoreSave ()" link="xmlsec-mscrypto-keysstore.html#xmlSecMSCryptoKeysStoreSave"/>
- <keyword type="macro" name="xmlSecMSCryptoKeysStoreId" link="xmlsec-mscrypto-keysstore.html#xmlSecMSCryptoKeysStoreId"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataX509GetKlass ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataX509GetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataX509GetKeyCert ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataX509GetKeyCert"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataX509AdoptKeyCert ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataX509AdoptKeyCert"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataX509AdoptCert ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataX509AdoptCert"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataX509GetCert ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataX509GetCert"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataX509GetCertsSize ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataX509GetCertsSize"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataX509AdoptCrl ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataX509AdoptCrl"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataX509GetCrl ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataX509GetCrl"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataX509GetCrlsSize ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataX509GetCrlsSize"/>
- <keyword type="function" name="xmlSecMSCryptoKeyDataRawX509CertGetKlass ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataRawX509CertGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoX509StoreGetKlass ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoX509StoreGetKlass"/>
- <keyword type="function" name="xmlSecMSCryptoX509StoreAdoptCert ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoX509StoreAdoptCert"/>
- <keyword type="function" name="xmlSecMSCryptoX509StoreAdoptKeyStore ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoX509StoreAdoptKeyStore"/>
- <keyword type="function" name="xmlSecMSCryptoX509StoreAdoptTrustedStore ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoX509StoreAdoptTrustedStore"/>
- <keyword type="function" name="xmlSecMSCryptoX509StoreAdoptUntrustedStore ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoX509StoreAdoptUntrustedStore"/>
- <keyword type="function" name="xmlSecMSCryptoX509StoreEnableSystemTrustedCerts ()" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoX509StoreEnableSystemTrustedCerts"/>
- <keyword type="macro" name="xmlSecMSCryptoKeyDataX509Id" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataX509Id"/>
- <keyword type="macro" name="xmlSecMSCryptoKeyDataRawX509CertId" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoKeyDataRawX509CertId"/>
- <keyword type="macro" name="xmlSecMSCryptoX509StoreId" link="xmlsec-mscrypto-x509.html#xmlSecMSCryptoX509StoreId"/>
- <keyword type="function" name="xmlSecMSCngAppInit ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppInit"/>
- <keyword type="function" name="xmlSecMSCngAppShutdown ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppShutdown"/>
- <keyword type="function" name="xmlSecMSCngAppGetCertStoreName ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppGetCertStoreName"/>
- <keyword type="function" name="xmlSecMSCngAppDefaultKeysMngrInit ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppDefaultKeysMngrInit"/>
- <keyword type="function" name="xmlSecMSCngAppDefaultKeysMngrAdoptKey ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppDefaultKeysMngrAdoptKey"/>
- <keyword type="function" name="xmlSecMSCngAppDefaultKeysMngrLoad ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppDefaultKeysMngrLoad"/>
- <keyword type="function" name="xmlSecMSCngAppDefaultKeysMngrSave ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppDefaultKeysMngrSave"/>
- <keyword type="function" name="xmlSecMSCngAppKeysMngrCertLoad ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppKeysMngrCertLoad"/>
- <keyword type="function" name="xmlSecMSCngAppKeysMngrCertLoadMemory ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppKeysMngrCertLoadMemory"/>
- <keyword type="function" name="xmlSecMSCngAppKeyLoad ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppKeyLoad"/>
- <keyword type="function" name="xmlSecMSCngAppKeyLoadMemory ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppKeyLoadMemory"/>
- <keyword type="function" name="xmlSecMSCngAppPkcs12Load ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppPkcs12Load"/>
- <keyword type="function" name="xmlSecMSCngAppPkcs12LoadMemory ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppPkcs12LoadMemory"/>
- <keyword type="function" name="xmlSecMSCngAppKeyCertLoad ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppKeyCertLoad"/>
- <keyword type="function" name="xmlSecMSCngAppKeyCertLoadMemory ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppKeyCertLoadMemory"/>
- <keyword type="function" name="xmlSecMSCngAppGetDefaultPwdCallback ()" link="xmlsec-mscng-app.html#xmlSecMSCngAppGetDefaultPwdCallback"/>
- <keyword type="function" name="xmlSecMSCngCertAdopt ()" link="xmlsec-mscng-certkeys.html#xmlSecMSCngCertAdopt"/>
- <keyword type="function" name="xmlSecMSCngKeyDataGetPubKey ()" link="xmlsec-mscng-certkeys.html#xmlSecMSCngKeyDataGetPubKey"/>
- <keyword type="function" name="xmlSecMSCngKeyDataGetPrivKey ()" link="xmlsec-mscng-certkeys.html#xmlSecMSCngKeyDataGetPrivKey"/>
- <keyword type="function" name="xmlSecCryptoGetFunctions_mscng ()" link="xmlsec-mscng-crypto.html#xmlSecCryptoGetFunctions-mscng"/>
- <keyword type="function" name="xmlSecMSCngGenerateRandom ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngGenerateRandom" deprecated=""/>
- <keyword type="function" name="xmlSecMSCngInit ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngInit"/>
- <keyword type="function" name="xmlSecMSCngShutdown ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngShutdown"/>
- <keyword type="function" name="xmlSecMSCngKeysMngrInit ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeysMngrInit"/>
- <keyword type="function" name="xmlSecMSCngKeyDataDsaGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataDsaGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformDsaSha1GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformDsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecMSCngKeyDataRsaGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataRsaGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformRsaMd5GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaMd5GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformRsaSha1GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformRsaSha256GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformRsaSha384GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformRsaSha512GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformRsaPkcs1GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaPkcs1GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformRsaOaepGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaOaepGetKlass"/>
- <keyword type="function" name="xmlSecMSCngKeyDataEcdsaGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataEcdsaGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformEcdsaSha1GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformEcdsaSha1GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformEcdsaSha256GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformEcdsaSha256GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformEcdsaSha384GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformEcdsaSha384GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformEcdsaSha512GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformEcdsaSha512GetKlass"/>
- <keyword type="function" name="xmlSecMSCngKeyDataDesGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataDesGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformDes3CbcGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformDes3CbcGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformKWDes3GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformKWDes3GetKlass"/>
- <keyword type="function" name="xmlSecMSCngKeyDataHmacGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataHmacGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformHmacMd5GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformHmacMd5GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformHmacSha1GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformHmacSha1GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformHmacSha256GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformHmacSha256GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformHmacSha384GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformHmacSha384GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformHmacSha512GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformHmacSha512GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformMd5GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformMd5GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformSha1GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformSha1GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformSha256GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformSha256GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformSha384GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformSha384GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformSha512GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformSha512GetKlass"/>
- <keyword type="function" name="xmlSecMSCngKeyDataAesGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataAesGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformAes128CbcGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes128CbcGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformAes192CbcGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes192CbcGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformAes256CbcGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes256CbcGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformAes128GcmGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes128GcmGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformAes192GcmGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes192GcmGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformAes256GcmGetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes256GcmGetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformKWAes128GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformKWAes128GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformKWAes192GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformKWAes192GetKlass"/>
- <keyword type="function" name="xmlSecMSCngTransformKWAes256GetKlass ()" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformKWAes256GetKlass"/>
- <keyword type="macro" name="xmlSecMSCngKeyDataDsaId" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataDsaId"/>
- <keyword type="macro" name="xmlSecMSCngTransformDsaSha1Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformDsaSha1Id"/>
- <keyword type="macro" name="xmlSecMSCngKeyDataRsaId" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataRsaId"/>
- <keyword type="macro" name="xmlSecMSCngTransformRsaMd5Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaMd5Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformRsaSha1Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaSha1Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformRsaSha256Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaSha256Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformRsaSha384Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaSha384Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformRsaSha512Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaSha512Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformRsaPkcs1Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaPkcs1Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformRsaOaepId" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformRsaOaepId"/>
- <keyword type="macro" name="xmlSecMSCngKeyDataEcdsaId" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataEcdsaId"/>
- <keyword type="macro" name="xmlSecMSCngTransformEcdsaSha1Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformEcdsaSha1Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformEcdsaSha256Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformEcdsaSha256Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformEcdsaSha384Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformEcdsaSha384Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformEcdsaSha512Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformEcdsaSha512Id"/>
- <keyword type="macro" name="xmlSecMSCngKeyDataDesId" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataDesId"/>
- <keyword type="macro" name="xmlSecMSCngTransformDes3CbcId" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformDes3CbcId"/>
- <keyword type="macro" name="xmlSecMSCngTransformKWDes3Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformKWDes3Id"/>
- <keyword type="macro" name="xmlSecMSCngKeyDataHmacId" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataHmacId"/>
- <keyword type="macro" name="xmlSecMSCngTransformHmacMd5Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformHmacMd5Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformHmacSha1Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformHmacSha1Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformHmacSha256Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformHmacSha256Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformHmacSha384Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformHmacSha384Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformHmacSha512Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformHmacSha512Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformMd5Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformMd5Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformSha1Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformSha1Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformSha256Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformSha256Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformSha384Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformSha384Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformSha512Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformSha512Id"/>
- <keyword type="macro" name="xmlSecMSCngKeyDataAesId" link="xmlsec-mscng-crypto.html#xmlSecMSCngKeyDataAesId"/>
- <keyword type="macro" name="xmlSecMSCngTransformAes128CbcId" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes128CbcId"/>
- <keyword type="macro" name="xmlSecMSCngTransformAes192CbcId" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes192CbcId"/>
- <keyword type="macro" name="xmlSecMSCngTransformAes256CbcId" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes256CbcId"/>
- <keyword type="macro" name="xmlSecMSCngTransformAes128GcmId" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes128GcmId"/>
- <keyword type="macro" name="xmlSecMSCngTransformAes192GcmId" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes192GcmId"/>
- <keyword type="macro" name="xmlSecMSCngTransformAes256GcmId" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformAes256GcmId"/>
- <keyword type="macro" name="xmlSecMSCngTransformKWAes128Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformKWAes128Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformKWAes192Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformKWAes192Id"/>
- <keyword type="macro" name="xmlSecMSCngTransformKWAes256Id" link="xmlsec-mscng-crypto.html#xmlSecMSCngTransformKWAes256Id"/>
- <keyword type="function" name="xmlSecMSCngKeysStoreGetKlass ()" link="xmlsec-mscng-keysstore.html#xmlSecMSCngKeysStoreGetKlass"/>
- <keyword type="function" name="xmlSecMSCngKeysStoreAdoptKey ()" link="xmlsec-mscng-keysstore.html#xmlSecMSCngKeysStoreAdoptKey"/>
- <keyword type="function" name="xmlSecMSCngKeysStoreLoad ()" link="xmlsec-mscng-keysstore.html#xmlSecMSCngKeysStoreLoad"/>
- <keyword type="function" name="xmlSecMSCngKeysStoreSave ()" link="xmlsec-mscng-keysstore.html#xmlSecMSCngKeysStoreSave"/>
- <keyword type="macro" name="xmlSecMSCngKeysStoreId" link="xmlsec-mscng-keysstore.html#xmlSecMSCngKeysStoreId"/>
- <keyword type="function" name="xmlSecMSCngKeyDataX509GetKlass ()" link="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataX509GetKlass"/>
- <keyword type="function" name="xmlSecMSCngKeyDataRawX509CertGetKlass ()" link="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataRawX509CertGetKlass"/>
- <keyword type="function" name="xmlSecMSCngX509StoreGetKlass ()" link="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreGetKlass"/>
- <keyword type="function" name="xmlSecMSCngKeyDataX509AdoptKeyCert ()" link="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataX509AdoptKeyCert"/>
- <keyword type="function" name="xmlSecMSCngKeyDataX509AdoptCert ()" link="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataX509AdoptCert"/>
- <keyword type="function" name="xmlSecMSCngX509StoreAdoptCert ()" link="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreAdoptCert"/>
- <keyword type="function" name="xmlSecMSCngX509StoreAdoptKeyStore ()" link="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreAdoptKeyStore"/>
- <keyword type="function" name="xmlSecMSCngX509StoreAdoptTrustedStore ()" link="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreAdoptTrustedStore"/>
- <keyword type="function" name="xmlSecMSCngX509StoreAdoptUntrustedStore ()" link="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreAdoptUntrustedStore"/>
- <keyword type="function" name="xmlSecMSCngX509StoreVerify ()" link="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreVerify"/>
- <keyword type="function" name="xmlSecMSCngX509StoreFindCert ()" link="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreFindCert"/>
- <keyword type="function" name="xmlSecMSCngX509FindCertBySubject ()" link="xmlsec-mscng-x509.html#xmlSecMSCngX509FindCertBySubject"/>
- <keyword type="macro" name="xmlSecMSCngKeyDataX509Id" link="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataX509Id"/>
- <keyword type="macro" name="xmlSecMSCngKeyDataRawX509CertId" link="xmlsec-mscng-x509.html#xmlSecMSCngKeyDataRawX509CertId"/>
- <keyword type="macro" name="xmlSecMSCngX509StoreId" link="xmlsec-mscng-x509.html#xmlSecMSCngX509StoreId"/>
- <keyword type="constant" name="xmlSecBnBase64" link="xmlsec-bn.html#xmlSecBnBase64"/>
- <keyword type="constant" name="xmlSecBnHex" link="xmlsec-bn.html#xmlSecBnHex"/>
- <keyword type="constant" name="xmlSecBnDec" link="xmlsec-bn.html#xmlSecBnDec"/>
- <keyword type="constant" name="xmlSecAllocModeExact" link="xmlsec-buffer.html#xmlSecAllocModeExact"/>
- <keyword type="constant" name="xmlSecAllocModeDouble" link="xmlsec-buffer.html#xmlSecAllocModeDouble"/>
- <keyword type="constant" name="xmlSecKeyInfoModeRead" link="xmlsec-keyinfo.html#xmlSecKeyInfoModeRead"/>
- <keyword type="constant" name="xmlSecKeyInfoModeWrite" link="xmlsec-keyinfo.html#xmlSecKeyInfoModeWrite"/>
- <keyword type="constant" name="xmlSecKeyDataFormatUnknown" link="xmlsec-keysdata.html#xmlSecKeyDataFormatUnknown"/>
- <keyword type="constant" name="xmlSecKeyDataFormatBinary" link="xmlsec-keysdata.html#xmlSecKeyDataFormatBinary"/>
- <keyword type="constant" name="xmlSecKeyDataFormatPem" link="xmlsec-keysdata.html#xmlSecKeyDataFormatPem"/>
- <keyword type="constant" name="xmlSecKeyDataFormatDer" link="xmlsec-keysdata.html#xmlSecKeyDataFormatDer"/>
- <keyword type="constant" name="xmlSecKeyDataFormatPkcs8Pem" link="xmlsec-keysdata.html#xmlSecKeyDataFormatPkcs8Pem"/>
- <keyword type="constant" name="xmlSecKeyDataFormatPkcs8Der" link="xmlsec-keysdata.html#xmlSecKeyDataFormatPkcs8Der"/>
- <keyword type="constant" name="xmlSecKeyDataFormatPkcs12" link="xmlsec-keysdata.html#xmlSecKeyDataFormatPkcs12"/>
- <keyword type="constant" name="xmlSecKeyDataFormatCertPem" link="xmlsec-keysdata.html#xmlSecKeyDataFormatCertPem"/>
- <keyword type="constant" name="xmlSecKeyDataFormatCertDer" link="xmlsec-keysdata.html#xmlSecKeyDataFormatCertDer"/>
- <keyword type="constant" name="xmlSecNodeSetNormal" link="xmlsec-nodeset.html#xmlSecNodeSetNormal"/>
- <keyword type="constant" name="xmlSecNodeSetInvert" link="xmlsec-nodeset.html#xmlSecNodeSetInvert"/>
- <keyword type="constant" name="xmlSecNodeSetTree" link="xmlsec-nodeset.html#xmlSecNodeSetTree"/>
- <keyword type="constant" name="xmlSecNodeSetTreeWithoutComments" link="xmlsec-nodeset.html#xmlSecNodeSetTreeWithoutComments"/>
- <keyword type="constant" name="xmlSecNodeSetTreeInvert" link="xmlsec-nodeset.html#xmlSecNodeSetTreeInvert"/>
- <keyword type="constant" name="xmlSecNodeSetTreeWithoutCommentsInvert" link="xmlsec-nodeset.html#xmlSecNodeSetTreeWithoutCommentsInvert"/>
- <keyword type="constant" name="xmlSecNodeSetList" link="xmlsec-nodeset.html#xmlSecNodeSetList"/>
- <keyword type="constant" name="xmlSecNodeSetIntersection" link="xmlsec-nodeset.html#xmlSecNodeSetIntersection"/>
- <keyword type="constant" name="xmlSecNodeSetSubtraction" link="xmlsec-nodeset.html#xmlSecNodeSetSubtraction"/>
- <keyword type="constant" name="xmlSecNodeSetUnion" link="xmlsec-nodeset.html#xmlSecNodeSetUnion"/>
- <keyword type="constant" name="xmlSecTransformStatusNone" link="xmlsec-transforms.html#xmlSecTransformStatusNone"/>
- <keyword type="constant" name="xmlSecTransformStatusWorking" link="xmlsec-transforms.html#xmlSecTransformStatusWorking"/>
- <keyword type="constant" name="xmlSecTransformStatusFinished" link="xmlsec-transforms.html#xmlSecTransformStatusFinished"/>
- <keyword type="constant" name="xmlSecTransformStatusOk" link="xmlsec-transforms.html#xmlSecTransformStatusOk"/>
- <keyword type="constant" name="xmlSecTransformStatusFail" link="xmlsec-transforms.html#xmlSecTransformStatusFail"/>
- <keyword type="constant" name="xmlSecTransformModeNone" link="xmlsec-transforms.html#xmlSecTransformModeNone"/>
- <keyword type="constant" name="xmlSecTransformModePush" link="xmlsec-transforms.html#xmlSecTransformModePush"/>
- <keyword type="constant" name="xmlSecTransformModePop" link="xmlsec-transforms.html#xmlSecTransformModePop"/>
- <keyword type="constant" name="xmlSecTransformOperationNone" link="xmlsec-transforms.html#xmlSecTransformOperationNone"/>
- <keyword type="constant" name="xmlSecTransformOperationEncode" link="xmlsec-transforms.html#xmlSecTransformOperationEncode"/>
- <keyword type="constant" name="xmlSecTransformOperationDecode" link="xmlsec-transforms.html#xmlSecTransformOperationDecode"/>
- <keyword type="constant" name="xmlSecTransformOperationSign" link="xmlsec-transforms.html#xmlSecTransformOperationSign"/>
- <keyword type="constant" name="xmlSecTransformOperationVerify" link="xmlsec-transforms.html#xmlSecTransformOperationVerify"/>
- <keyword type="constant" name="xmlSecTransformOperationEncrypt" link="xmlsec-transforms.html#xmlSecTransformOperationEncrypt"/>
- <keyword type="constant" name="xmlSecTransformOperationDecrypt" link="xmlsec-transforms.html#xmlSecTransformOperationDecrypt"/>
- <keyword type="constant" name="xmlSecDSigStatusUnknown" link="xmlsec-xmldsig.html#xmlSecDSigStatusUnknown"/>
- <keyword type="constant" name="xmlSecDSigStatusSucceeded" link="xmlsec-xmldsig.html#xmlSecDSigStatusSucceeded"/>
- <keyword type="constant" name="xmlSecDSigStatusInvalid" link="xmlsec-xmldsig.html#xmlSecDSigStatusInvalid"/>
- <keyword type="constant" name="xmlSecDSigReferenceOriginSignedInfo" link="xmlsec-xmldsig.html#xmlSecDSigReferenceOriginSignedInfo"/>
- <keyword type="constant" name="xmlSecDSigReferenceOriginManifest" link="xmlsec-xmldsig.html#xmlSecDSigReferenceOriginManifest"/>
- <keyword type="constant" name="xmlEncCtxModeEncryptedData" link="xmlsec-xmlenc.html#xmlEncCtxModeEncryptedData"/>
- <keyword type="constant" name="xmlEncCtxModeEncryptedKey" link="xmlsec-xmlenc.html#xmlEncCtxModeEncryptedKey"/>
- <keyword type="constant" name="xmlSecCheckVersionExactMatch" link="xmlsec-xmlsec.html#xmlSecCheckVersionExactMatch"/>
- <keyword type="constant" name="xmlSecCheckVersionABICompatible" link="xmlsec-xmlsec.html#xmlSecCheckVersionABICompatible"/>
- <keyword type="member" name="xmlSecBuffer.data" link="xmlsec-buffer.html#xmlSecBuffer.data"/>
- <keyword type="member" name="xmlSecBuffer.size" link="xmlsec-buffer.html#xmlSecBuffer.size"/>
- <keyword type="member" name="xmlSecBuffer.maxSize" link="xmlsec-buffer.html#xmlSecBuffer.maxSize"/>
- <keyword type="member" name="xmlSecBuffer.allocMode" link="xmlsec-buffer.html#xmlSecBuffer.allocMode"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.userData" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.userData"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.flags" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.flags"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.flags2" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.flags2"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.keysMngr" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.keysMngr"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.mode" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.mode"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.enabledKeyData" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.enabledKeyData"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.base64LineSize" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.base64LineSize"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.retrievalMethodCtx" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.retrievalMethodCtx"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.maxRetrievalMethodLevel" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.maxRetrievalMethodLevel"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.encCtx" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.encCtx"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.maxEncryptedKeyLevel" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.maxEncryptedKeyLevel"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.certsVerificationTime" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.certsVerificationTime"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.certsVerificationDepth" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.certsVerificationDepth"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.pgpReserved" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.pgpReserved"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.curRetrievalMethodLevel" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.curRetrievalMethodLevel"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.curEncryptedKeyLevel" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.curEncryptedKeyLevel"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.keyReq" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.keyReq"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.reserved0" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.reserved0"/>
- <keyword type="member" name="xmlSecKeyInfoCtx.reserved1" link="xmlsec-keyinfo.html#xmlSecKeyInfoCtx.reserved1"/>
- <keyword type="member" name="xmlSecKeyData.id" link="xmlsec-keysdata.html#xmlSecKeyData.id"/>
- <keyword type="member" name="xmlSecKeyData.reserved0" link="xmlsec-keysdata.html#xmlSecKeyData.reserved0"/>
- <keyword type="member" name="xmlSecKeyData.reserved1" link="xmlsec-keysdata.html#xmlSecKeyData.reserved1"/>
- <keyword type="member" name="xmlSecKeyDataKlass.klassSize" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.klassSize"/>
- <keyword type="member" name="xmlSecKeyDataKlass.objSize" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.objSize"/>
- <keyword type="member" name="xmlSecKeyDataKlass.name" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.name"/>
- <keyword type="member" name="xmlSecKeyDataKlass.usage" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.usage"/>
- <keyword type="member" name="xmlSecKeyDataKlass.href" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.href"/>
- <keyword type="member" name="xmlSecKeyDataKlass.dataNodeName" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.dataNodeName"/>
- <keyword type="member" name="xmlSecKeyDataKlass.dataNodeNs" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.dataNodeNs"/>
- <keyword type="member" name="xmlSecKeyDataKlass.initialize" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.initialize"/>
- <keyword type="member" name="xmlSecKeyDataKlass.duplicate" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.duplicate"/>
- <keyword type="member" name="xmlSecKeyDataKlass.finalize" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.finalize"/>
- <keyword type="member" name="xmlSecKeyDataKlass.generate" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.generate"/>
- <keyword type="member" name="xmlSecKeyDataKlass.getType" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.getType"/>
- <keyword type="member" name="xmlSecKeyDataKlass.getSize" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.getSize"/>
- <keyword type="member" name="xmlSecKeyDataKlass.getIdentifier" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.getIdentifier"/>
- <keyword type="member" name="xmlSecKeyDataKlass.xmlRead" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.xmlRead"/>
- <keyword type="member" name="xmlSecKeyDataKlass.xmlWrite" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.xmlWrite"/>
- <keyword type="member" name="xmlSecKeyDataKlass.binRead" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.binRead"/>
- <keyword type="member" name="xmlSecKeyDataKlass.binWrite" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.binWrite"/>
- <keyword type="member" name="xmlSecKeyDataKlass.debugDump" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.debugDump"/>
- <keyword type="member" name="xmlSecKeyDataKlass.debugXmlDump" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.debugXmlDump"/>
- <keyword type="member" name="xmlSecKeyDataKlass.reserved0" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.reserved0"/>
- <keyword type="member" name="xmlSecKeyDataKlass.reserved1" link="xmlsec-keysdata.html#xmlSecKeyDataKlass.reserved1"/>
- <keyword type="member" name="xmlSecKeyDataStore.id" link="xmlsec-keysdata.html#xmlSecKeyDataStore.id"/>
- <keyword type="member" name="xmlSecKeyDataStore.reserved0" link="xmlsec-keysdata.html#xmlSecKeyDataStore.reserved0"/>
- <keyword type="member" name="xmlSecKeyDataStore.reserved1" link="xmlsec-keysdata.html#xmlSecKeyDataStore.reserved1"/>
- <keyword type="member" name="xmlSecKeyDataStoreKlass.klassSize" link="xmlsec-keysdata.html#xmlSecKeyDataStoreKlass.klassSize"/>
- <keyword type="member" name="xmlSecKeyDataStoreKlass.objSize" link="xmlsec-keysdata.html#xmlSecKeyDataStoreKlass.objSize"/>
- <keyword type="member" name="xmlSecKeyDataStoreKlass.name" link="xmlsec-keysdata.html#xmlSecKeyDataStoreKlass.name"/>
- <keyword type="member" name="xmlSecKeyDataStoreKlass.initialize" link="xmlsec-keysdata.html#xmlSecKeyDataStoreKlass.initialize"/>
- <keyword type="member" name="xmlSecKeyDataStoreKlass.finalize" link="xmlsec-keysdata.html#xmlSecKeyDataStoreKlass.finalize"/>
- <keyword type="member" name="xmlSecKeyDataStoreKlass.reserved0" link="xmlsec-keysdata.html#xmlSecKeyDataStoreKlass.reserved0"/>
- <keyword type="member" name="xmlSecKeyDataStoreKlass.reserved1" link="xmlsec-keysdata.html#xmlSecKeyDataStoreKlass.reserved1"/>
- <keyword type="member" name="xmlSecKeyUseWith.application" link="xmlsec-keys.html#xmlSecKeyUseWith.application"/>
- <keyword type="member" name="xmlSecKeyUseWith.identifier" link="xmlsec-keys.html#xmlSecKeyUseWith.identifier"/>
- <keyword type="member" name="xmlSecKeyUseWith.reserved1" link="xmlsec-keys.html#xmlSecKeyUseWith.reserved1"/>
- <keyword type="member" name="xmlSecKeyUseWith.reserved2" link="xmlsec-keys.html#xmlSecKeyUseWith.reserved2"/>
- <keyword type="member" name="xmlSecKeyReq.keyId" link="xmlsec-keys.html#xmlSecKeyReq.keyId"/>
- <keyword type="member" name="xmlSecKeyReq.keyType" link="xmlsec-keys.html#xmlSecKeyReq.keyType"/>
- <keyword type="member" name="xmlSecKeyReq.keyUsage" link="xmlsec-keys.html#xmlSecKeyReq.keyUsage"/>
- <keyword type="member" name="xmlSecKeyReq.keyBitsSize" link="xmlsec-keys.html#xmlSecKeyReq.keyBitsSize"/>
- <keyword type="member" name="xmlSecKeyReq.keyUseWithList" link="xmlsec-keys.html#xmlSecKeyReq.keyUseWithList"/>
- <keyword type="member" name="xmlSecKeyReq.reserved1" link="xmlsec-keys.html#xmlSecKeyReq.reserved1"/>
- <keyword type="member" name="xmlSecKeyReq.reserved2" link="xmlsec-keys.html#xmlSecKeyReq.reserved2"/>
- <keyword type="member" name="xmlSecKey.name" link="xmlsec-keys.html#xmlSecKey.name"/>
- <keyword type="member" name="xmlSecKey.value" link="xmlsec-keys.html#xmlSecKey.value"/>
- <keyword type="member" name="xmlSecKey.dataList" link="xmlsec-keys.html#xmlSecKey.dataList"/>
- <keyword type="member" name="xmlSecKey.usage" link="xmlsec-keys.html#xmlSecKey.usage"/>
- <keyword type="member" name="xmlSecKey.notValidBefore" link="xmlsec-keys.html#xmlSecKey.notValidBefore"/>
- <keyword type="member" name="xmlSecKey.notValidAfter" link="xmlsec-keys.html#xmlSecKey.notValidAfter"/>
- <keyword type="member" name="xmlSecKeysMngr.keysStore" link="xmlsec-keysmngr.html#xmlSecKeysMngr.keysStore"/>
- <keyword type="member" name="xmlSecKeysMngr.storesList" link="xmlsec-keysmngr.html#xmlSecKeysMngr.storesList"/>
- <keyword type="member" name="xmlSecKeysMngr.getKey" link="xmlsec-keysmngr.html#xmlSecKeysMngr.getKey"/>
- <keyword type="member" name="xmlSecKeyStore.id" link="xmlsec-keysmngr.html#xmlSecKeyStore.id"/>
- <keyword type="member" name="xmlSecKeyStore.reserved0" link="xmlsec-keysmngr.html#xmlSecKeyStore.reserved0"/>
- <keyword type="member" name="xmlSecKeyStore.reserved1" link="xmlsec-keysmngr.html#xmlSecKeyStore.reserved1"/>
- <keyword type="member" name="xmlSecKeyStoreKlass.klassSize" link="xmlsec-keysmngr.html#xmlSecKeyStoreKlass.klassSize"/>
- <keyword type="member" name="xmlSecKeyStoreKlass.objSize" link="xmlsec-keysmngr.html#xmlSecKeyStoreKlass.objSize"/>
- <keyword type="member" name="xmlSecKeyStoreKlass.name" link="xmlsec-keysmngr.html#xmlSecKeyStoreKlass.name"/>
- <keyword type="member" name="xmlSecKeyStoreKlass.initialize" link="xmlsec-keysmngr.html#xmlSecKeyStoreKlass.initialize"/>
- <keyword type="member" name="xmlSecKeyStoreKlass.finalize" link="xmlsec-keysmngr.html#xmlSecKeyStoreKlass.finalize"/>
- <keyword type="member" name="xmlSecKeyStoreKlass.findKey" link="xmlsec-keysmngr.html#xmlSecKeyStoreKlass.findKey"/>
- <keyword type="member" name="xmlSecKeyStoreKlass.reserved0" link="xmlsec-keysmngr.html#xmlSecKeyStoreKlass.reserved0"/>
- <keyword type="member" name="xmlSecKeyStoreKlass.reserved1" link="xmlsec-keysmngr.html#xmlSecKeyStoreKlass.reserved1"/>
- <keyword type="member" name="xmlSecPtrList.id" link="xmlsec-list.html#xmlSecPtrList.id"/>
- <keyword type="member" name="xmlSecPtrList.data" link="xmlsec-list.html#xmlSecPtrList.data"/>
- <keyword type="member" name="xmlSecPtrList.use" link="xmlsec-list.html#xmlSecPtrList.use"/>
- <keyword type="member" name="xmlSecPtrList.max" link="xmlsec-list.html#xmlSecPtrList.max"/>
- <keyword type="member" name="xmlSecPtrList.allocMode" link="xmlsec-list.html#xmlSecPtrList.allocMode"/>
- <keyword type="member" name="xmlSecPtrListKlass.name" link="xmlsec-list.html#xmlSecPtrListKlass.name"/>
- <keyword type="member" name="xmlSecPtrListKlass.duplicateItem" link="xmlsec-list.html#xmlSecPtrListKlass.duplicateItem"/>
- <keyword type="member" name="xmlSecPtrListKlass.destroyItem" link="xmlsec-list.html#xmlSecPtrListKlass.destroyItem"/>
- <keyword type="member" name="xmlSecPtrListKlass.debugDumpItem" link="xmlsec-list.html#xmlSecPtrListKlass.debugDumpItem"/>
- <keyword type="member" name="xmlSecPtrListKlass.debugXmlDumpItem" link="xmlsec-list.html#xmlSecPtrListKlass.debugXmlDumpItem"/>
- <keyword type="member" name="xmlSecNodeSet.nodes" link="xmlsec-nodeset.html#xmlSecNodeSet.nodes"/>
- <keyword type="member" name="xmlSecNodeSet.doc" link="xmlsec-nodeset.html#xmlSecNodeSet.doc"/>
- <keyword type="member" name="xmlSecNodeSet.destroyDoc" link="xmlsec-nodeset.html#xmlSecNodeSet.destroyDoc"/>
- <keyword type="member" name="xmlSecNodeSet.type" link="xmlsec-nodeset.html#xmlSecNodeSet.type"/>
- <keyword type="member" name="xmlSecNodeSet.op" link="xmlsec-nodeset.html#xmlSecNodeSet.op"/>
- <keyword type="member" name="xmlSecNodeSet.next" link="xmlsec-nodeset.html#xmlSecNodeSet.next"/>
- <keyword type="member" name="xmlSecNodeSet.prev" link="xmlsec-nodeset.html#xmlSecNodeSet.prev"/>
- <keyword type="member" name="xmlSecNodeSet.children" link="xmlsec-nodeset.html#xmlSecNodeSet.children"/>
- <keyword type="member" name="xmlSecTransformCtx.userData" link="xmlsec-transforms.html#xmlSecTransformCtx.userData"/>
- <keyword type="member" name="xmlSecTransformCtx.flags" link="xmlsec-transforms.html#xmlSecTransformCtx.flags"/>
- <keyword type="member" name="xmlSecTransformCtx.flags2" link="xmlsec-transforms.html#xmlSecTransformCtx.flags2"/>
- <keyword type="member" name="xmlSecTransformCtx.enabledUris" link="xmlsec-transforms.html#xmlSecTransformCtx.enabledUris"/>
- <keyword type="member" name="xmlSecTransformCtx.enabledTransforms" link="xmlsec-transforms.html#xmlSecTransformCtx.enabledTransforms"/>
- <keyword type="member" name="xmlSecTransformCtx.preExecCallback" link="xmlsec-transforms.html#xmlSecTransformCtx.preExecCallback"/>
- <keyword type="member" name="xmlSecTransformCtx.result" link="xmlsec-transforms.html#xmlSecTransformCtx.result"/>
- <keyword type="member" name="xmlSecTransformCtx.status" link="xmlsec-transforms.html#xmlSecTransformCtx.status"/>
- <keyword type="member" name="xmlSecTransformCtx.uri" link="xmlsec-transforms.html#xmlSecTransformCtx.uri"/>
- <keyword type="member" name="xmlSecTransformCtx.xptrExpr" link="xmlsec-transforms.html#xmlSecTransformCtx.xptrExpr"/>
- <keyword type="member" name="xmlSecTransformCtx.first" link="xmlsec-transforms.html#xmlSecTransformCtx.first"/>
- <keyword type="member" name="xmlSecTransformCtx.last" link="xmlsec-transforms.html#xmlSecTransformCtx.last"/>
- <keyword type="member" name="xmlSecTransformCtx.reserved0" link="xmlsec-transforms.html#xmlSecTransformCtx.reserved0"/>
- <keyword type="member" name="xmlSecTransformCtx.reserved1" link="xmlsec-transforms.html#xmlSecTransformCtx.reserved1"/>
- <keyword type="member" name="xmlSecTransform.id" link="xmlsec-transforms.html#xmlSecTransform.id"/>
- <keyword type="member" name="xmlSecTransform.operation" link="xmlsec-transforms.html#xmlSecTransform.operation"/>
- <keyword type="member" name="xmlSecTransform.status" link="xmlsec-transforms.html#xmlSecTransform.status"/>
- <keyword type="member" name="xmlSecTransform.hereNode" link="xmlsec-transforms.html#xmlSecTransform.hereNode"/>
- <keyword type="member" name="xmlSecTransform.next" link="xmlsec-transforms.html#xmlSecTransform.next"/>
- <keyword type="member" name="xmlSecTransform.prev" link="xmlsec-transforms.html#xmlSecTransform.prev"/>
- <keyword type="member" name="xmlSecTransform.inBuf" link="xmlsec-transforms.html#xmlSecTransform.inBuf"/>
- <keyword type="member" name="xmlSecTransform.outBuf" link="xmlsec-transforms.html#xmlSecTransform.outBuf"/>
- <keyword type="member" name="xmlSecTransform.inNodes" link="xmlsec-transforms.html#xmlSecTransform.inNodes"/>
- <keyword type="member" name="xmlSecTransform.outNodes" link="xmlsec-transforms.html#xmlSecTransform.outNodes"/>
- <keyword type="member" name="xmlSecTransform.reserved0" link="xmlsec-transforms.html#xmlSecTransform.reserved0"/>
- <keyword type="member" name="xmlSecTransform.reserved1" link="xmlsec-transforms.html#xmlSecTransform.reserved1"/>
- <keyword type="member" name="xmlSecTransformKlass.klassSize" link="xmlsec-transforms.html#xmlSecTransformKlass.klassSize"/>
- <keyword type="member" name="xmlSecTransformKlass.objSize" link="xmlsec-transforms.html#xmlSecTransformKlass.objSize"/>
- <keyword type="member" name="xmlSecTransformKlass.name" link="xmlsec-transforms.html#xmlSecTransformKlass.name"/>
- <keyword type="member" name="xmlSecTransformKlass.href" link="xmlsec-transforms.html#xmlSecTransformKlass.href"/>
- <keyword type="member" name="xmlSecTransformKlass.usage" link="xmlsec-transforms.html#xmlSecTransformKlass.usage"/>
- <keyword type="member" name="xmlSecTransformKlass.initialize" link="xmlsec-transforms.html#xmlSecTransformKlass.initialize"/>
- <keyword type="member" name="xmlSecTransformKlass.finalize" link="xmlsec-transforms.html#xmlSecTransformKlass.finalize"/>
- <keyword type="member" name="xmlSecTransformKlass.readNode" link="xmlsec-transforms.html#xmlSecTransformKlass.readNode"/>
- <keyword type="member" name="xmlSecTransformKlass.writeNode" link="xmlsec-transforms.html#xmlSecTransformKlass.writeNode"/>
- <keyword type="member" name="xmlSecTransformKlass.setKeyReq" link="xmlsec-transforms.html#xmlSecTransformKlass.setKeyReq"/>
- <keyword type="member" name="xmlSecTransformKlass.setKey" link="xmlsec-transforms.html#xmlSecTransformKlass.setKey"/>
- <keyword type="member" name="xmlSecTransformKlass.verify" link="xmlsec-transforms.html#xmlSecTransformKlass.verify"/>
- <keyword type="member" name="xmlSecTransformKlass.getDataType" link="xmlsec-transforms.html#xmlSecTransformKlass.getDataType"/>
- <keyword type="member" name="xmlSecTransformKlass.pushBin" link="xmlsec-transforms.html#xmlSecTransformKlass.pushBin"/>
- <keyword type="member" name="xmlSecTransformKlass.popBin" link="xmlsec-transforms.html#xmlSecTransformKlass.popBin"/>
- <keyword type="member" name="xmlSecTransformKlass.pushXml" link="xmlsec-transforms.html#xmlSecTransformKlass.pushXml"/>
- <keyword type="member" name="xmlSecTransformKlass.popXml" link="xmlsec-transforms.html#xmlSecTransformKlass.popXml"/>
- <keyword type="member" name="xmlSecTransformKlass.execute" link="xmlsec-transforms.html#xmlSecTransformKlass.execute"/>
- <keyword type="member" name="xmlSecTransformKlass.reserved0" link="xmlsec-transforms.html#xmlSecTransformKlass.reserved0"/>
- <keyword type="member" name="xmlSecTransformKlass.reserved1" link="xmlsec-transforms.html#xmlSecTransformKlass.reserved1"/>
- <keyword type="member" name="xmlSecDSigCtx.userData" link="xmlsec-xmldsig.html#xmlSecDSigCtx.userData"/>
- <keyword type="member" name="xmlSecDSigCtx.flags" link="xmlsec-xmldsig.html#xmlSecDSigCtx.flags"/>
- <keyword type="member" name="xmlSecDSigCtx.flags2" link="xmlsec-xmldsig.html#xmlSecDSigCtx.flags2"/>
- <keyword type="member" name="xmlSecDSigCtx.keyInfoReadCtx" link="xmlsec-xmldsig.html#xmlSecDSigCtx.keyInfoReadCtx"/>
- <keyword type="member" name="xmlSecDSigCtx.keyInfoWriteCtx" link="xmlsec-xmldsig.html#xmlSecDSigCtx.keyInfoWriteCtx"/>
- <keyword type="member" name="xmlSecDSigCtx.transformCtx" link="xmlsec-xmldsig.html#xmlSecDSigCtx.transformCtx"/>
- <keyword type="member" name="xmlSecDSigCtx.enabledReferenceUris" link="xmlsec-xmldsig.html#xmlSecDSigCtx.enabledReferenceUris"/>
- <keyword type="member" name="xmlSecDSigCtx.enabledReferenceTransforms" link="xmlsec-xmldsig.html#xmlSecDSigCtx.enabledReferenceTransforms"/>
- <keyword type="member" name="xmlSecDSigCtx.referencePreExecuteCallback" link="xmlsec-xmldsig.html#xmlSecDSigCtx.referencePreExecuteCallback"/>
- <keyword type="member" name="xmlSecDSigCtx.defSignMethodId" link="xmlsec-xmldsig.html#xmlSecDSigCtx.defSignMethodId"/>
- <keyword type="member" name="xmlSecDSigCtx.defC14NMethodId" link="xmlsec-xmldsig.html#xmlSecDSigCtx.defC14NMethodId"/>
- <keyword type="member" name="xmlSecDSigCtx.defDigestMethodId" link="xmlsec-xmldsig.html#xmlSecDSigCtx.defDigestMethodId"/>
- <keyword type="member" name="xmlSecDSigCtx.signKey" link="xmlsec-xmldsig.html#xmlSecDSigCtx.signKey"/>
- <keyword type="member" name="xmlSecDSigCtx.operation" link="xmlsec-xmldsig.html#xmlSecDSigCtx.operation"/>
- <keyword type="member" name="xmlSecDSigCtx.result" link="xmlsec-xmldsig.html#xmlSecDSigCtx.result"/>
- <keyword type="member" name="xmlSecDSigCtx.status" link="xmlsec-xmldsig.html#xmlSecDSigCtx.status"/>
- <keyword type="member" name="xmlSecDSigCtx.signMethod" link="xmlsec-xmldsig.html#xmlSecDSigCtx.signMethod"/>
- <keyword type="member" name="xmlSecDSigCtx.c14nMethod" link="xmlsec-xmldsig.html#xmlSecDSigCtx.c14nMethod"/>
- <keyword type="member" name="xmlSecDSigCtx.preSignMemBufMethod" link="xmlsec-xmldsig.html#xmlSecDSigCtx.preSignMemBufMethod"/>
- <keyword type="member" name="xmlSecDSigCtx.signValueNode" link="xmlsec-xmldsig.html#xmlSecDSigCtx.signValueNode"/>
- <keyword type="member" name="xmlSecDSigCtx.id" link="xmlsec-xmldsig.html#xmlSecDSigCtx.id"/>
- <keyword type="member" name="xmlSecDSigCtx.signedInfoReferences" link="xmlsec-xmldsig.html#xmlSecDSigCtx.signedInfoReferences"/>
- <keyword type="member" name="xmlSecDSigCtx.manifestReferences" link="xmlsec-xmldsig.html#xmlSecDSigCtx.manifestReferences"/>
- <keyword type="member" name="xmlSecDSigCtx.reserved0" link="xmlsec-xmldsig.html#xmlSecDSigCtx.reserved0"/>
- <keyword type="member" name="xmlSecDSigCtx.reserved1" link="xmlsec-xmldsig.html#xmlSecDSigCtx.reserved1"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.userData" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.userData"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.dsigCtx" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.dsigCtx"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.origin" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.origin"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.transformCtx" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.transformCtx"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.digestMethod" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.digestMethod"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.result" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.result"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.status" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.status"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.preDigestMemBufMethod" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.preDigestMemBufMethod"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.id" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.id"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.uri" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.uri"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.type" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.type"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.reserved0" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.reserved0"/>
- <keyword type="member" name="xmlSecDSigReferenceCtx.reserved1" link="xmlsec-xmldsig.html#xmlSecDSigReferenceCtx.reserved1"/>
- <keyword type="member" name="xmlSecEncCtx.userData" link="xmlsec-xmlenc.html#xmlSecEncCtx.userData"/>
- <keyword type="member" name="xmlSecEncCtx.flags" link="xmlsec-xmlenc.html#xmlSecEncCtx.flags"/>
- <keyword type="member" name="xmlSecEncCtx.flags2" link="xmlsec-xmlenc.html#xmlSecEncCtx.flags2"/>
- <keyword type="member" name="xmlSecEncCtx.mode" link="xmlsec-xmlenc.html#xmlSecEncCtx.mode"/>
- <keyword type="member" name="xmlSecEncCtx.keyInfoReadCtx" link="xmlsec-xmlenc.html#xmlSecEncCtx.keyInfoReadCtx"/>
- <keyword type="member" name="xmlSecEncCtx.keyInfoWriteCtx" link="xmlsec-xmlenc.html#xmlSecEncCtx.keyInfoWriteCtx"/>
- <keyword type="member" name="xmlSecEncCtx.transformCtx" link="xmlsec-xmlenc.html#xmlSecEncCtx.transformCtx"/>
- <keyword type="member" name="xmlSecEncCtx.defEncMethodId" link="xmlsec-xmlenc.html#xmlSecEncCtx.defEncMethodId"/>
- <keyword type="member" name="xmlSecEncCtx.encKey" link="xmlsec-xmlenc.html#xmlSecEncCtx.encKey"/>
- <keyword type="member" name="xmlSecEncCtx.operation" link="xmlsec-xmlenc.html#xmlSecEncCtx.operation"/>
- <keyword type="member" name="xmlSecEncCtx.result" link="xmlsec-xmlenc.html#xmlSecEncCtx.result"/>
- <keyword type="member" name="xmlSecEncCtx.resultBase64Encoded" link="xmlsec-xmlenc.html#xmlSecEncCtx.resultBase64Encoded"/>
- <keyword type="member" name="xmlSecEncCtx.resultReplaced" link="xmlsec-xmlenc.html#xmlSecEncCtx.resultReplaced"/>
- <keyword type="member" name="xmlSecEncCtx.encMethod" link="xmlsec-xmlenc.html#xmlSecEncCtx.encMethod"/>
- <keyword type="member" name="xmlSecEncCtx.id" link="xmlsec-xmlenc.html#xmlSecEncCtx.id"/>
- <keyword type="member" name="xmlSecEncCtx.type" link="xmlsec-xmlenc.html#xmlSecEncCtx.type"/>
- <keyword type="member" name="xmlSecEncCtx.mimeType" link="xmlsec-xmlenc.html#xmlSecEncCtx.mimeType"/>
- <keyword type="member" name="xmlSecEncCtx.encoding" link="xmlsec-xmlenc.html#xmlSecEncCtx.encoding"/>
- <keyword type="member" name="xmlSecEncCtx.recipient" link="xmlsec-xmlenc.html#xmlSecEncCtx.recipient"/>
- <keyword type="member" name="xmlSecEncCtx.carriedKeyName" link="xmlsec-xmlenc.html#xmlSecEncCtx.carriedKeyName"/>
- <keyword type="member" name="xmlSecEncCtx.encDataNode" link="xmlsec-xmlenc.html#xmlSecEncCtx.encDataNode"/>
- <keyword type="member" name="xmlSecEncCtx.encMethodNode" link="xmlsec-xmlenc.html#xmlSecEncCtx.encMethodNode"/>
- <keyword type="member" name="xmlSecEncCtx.keyInfoNode" link="xmlsec-xmlenc.html#xmlSecEncCtx.keyInfoNode"/>
- <keyword type="member" name="xmlSecEncCtx.cipherValueNode" link="xmlsec-xmlenc.html#xmlSecEncCtx.cipherValueNode"/>
- <keyword type="member" name="xmlSecEncCtx.replacedNodeList" link="xmlsec-xmlenc.html#xmlSecEncCtx.replacedNodeList"/>
- <keyword type="member" name="xmlSecEncCtx.reserved1" link="xmlsec-xmlenc.html#xmlSecEncCtx.reserved1"/>
- <keyword type="member" name="xmlSecQName2IntegerInfo.qnameHref" link="xmlsec-xmltree.html#xmlSecQName2IntegerInfo.qnameHref"/>
- <keyword type="member" name="xmlSecQName2IntegerInfo.qnameLocalPart" link="xmlsec-xmltree.html#xmlSecQName2IntegerInfo.qnameLocalPart"/>
- <keyword type="member" name="xmlSecQName2IntegerInfo.intValue" link="xmlsec-xmltree.html#xmlSecQName2IntegerInfo.intValue"/>
- <keyword type="member" name="xmlSecQName2BitMaskInfo.qnameHref" link="xmlsec-xmltree.html#xmlSecQName2BitMaskInfo.qnameHref"/>
- <keyword type="member" name="xmlSecQName2BitMaskInfo.qnameLocalPart" link="xmlsec-xmltree.html#xmlSecQName2BitMaskInfo.qnameLocalPart"/>
- <keyword type="member" name="xmlSecQName2BitMaskInfo.mask" link="xmlsec-xmltree.html#xmlSecQName2BitMaskInfo.mask"/>
- </functions>
-</book>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: Authors and contributors</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: Reporting Bugs</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
</td>
<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
<div align="center"><h2>Reporting Bugs and Getting Help</h2></div>
-<p>
-Well, any big enough program has a bug. You simply don't know where
+<p>Well, any big enough program has a bug. You simply don't know where
exactly :) The best way to report a bug is to use the
-<a href="https://github.com/lsh123/xmlsec/issues">GitHub Issues Tracker</a>.
-There is also a mailing list
-<a href="mailto:xmlsec@aleksey.com">xmlsec@aleksey.com</a> with
-<a href="http://www.aleksey.com/pipermail/xmlsec">online
-archive</a>. To subscribe to this list
-please visit <a href="http://www.aleksey.com/mailman/listinfo/xmlsec">list info</a>
-Web page and follow instructions.</p>
-<p>Before writing bug reports or questions do not
-hesitate to check <a href="faq.html">FAQ</a> and old postings in the
-<a href="http://www.aleksey.com/pipermail/xmlsec">mailing
-list</a>. By doing this you might get the answer much faster.
+<a href="https://github.com/lsh123/xmlsec/issues">GitHub Issues Tracker</a>.</p>
+
+<p>Before writing bug reports or questions do not hesitate to check <a href="faq.html">FAQ</a>.
If you are writing your own code based on the XMLSec library then you should
try to reproduce your problem with <a href="xmlsec-man.html">xmlsec command
line utiliy</a> first. And if it works just fine then you know whom to blame,
-don't you? :).
+don't you? :)
</p>
+
<p>If you did all the steps above and you still think that you found something
new then send as much information as possible, please.
A good question or bug report <b>MUST</b> include the following:
</ul>
<p>I'll do my best to fix reported bugs or answer questions as soon as I can.
And of course, any patches, bug fixes and improvements are always welcome!<br></p>
-<p>Please note, that bug tracking database and mailing list are open to anyone.
+
+<p>Please note, that bug tracking database is open to anyone.
Any private or confidential information posted there became public.
The author of XMLSec library assumes no responsibility for any damage caused
-by any information distribution using XMLSec
-<a href="http://www.aleksey.com/pipermail/xmlsec">mailing
-list</a>, <a href="https://github.com/lsh123/xmlsec">GitHub Source Code</a> or
-<a href="https://github.com/lsh123/xmlsec/issues">GitHub Issue Tracker</a>.
-</p>
-<p>
-</p>
+by any information distribution using XMLSec GitHub issues tracker, discussions,
+source code, or any other XMLSec related tools.</p>
+
<div align="center">
<a href="http://www.google.com"><img src="images/bart.gif" alt="Ask google" border="0"></a>
</div>
<small>Unfortunatelly, I don't know the author of this picture and I was not
able to ask permissions to publish it. If you are the author or know
-the author then I would appreciate if you
-<a href="mailto:aleksey@aleksey.com">send me</a> a message so I can ask
+the author then I would appreciate if you send me a message on GitHub so I can ask
permissions and put author's name here.</small>
</td></tr></table></td>
</tr></table></body>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: Canonicalization</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: Documentation</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
(automaticaly generated from sources using gtk-doc utility)</li>
<li><a href="api/xmlsec-examples.html">Examples</a></li>
<li><a href="xmlsec-man.html">xmlsec utility man page</a></li>
- <li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing
-list archive</a></li>
+ <li><a href="mailing-list.html">Mailing list</a></li>
</ul>
</td></tr></table></td>
</tr></table></body>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: Download</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
</table>
</td>
<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
-<div align="Center">
+<div align="Center">
<h1>Download</h1>
</div>
<h2>Stable releases.</h2>
-<p>The latest stable XML Security Library version is <b>1.2.28</b>:</p>
<ul>
<li>
-<a href="http://www.aleksey.com/xmlsec/download/xmlsec1-1.2.28.tar.gz">Sources for latest version</a>.</li>
+<a href="http://www.aleksey.com/xmlsec/download/xmlsec1-1.2.39.tar.gz">Sources for latest version</a>.</li>
<li>
-<a href="http://www.zlatkovic.com/projects/libxml/index.html">Windows binaries</a> for XMLSec Library
+<a href="http://www.zlatkovic.com/projects/libxml/index.html">Windows binaries</a> for XMLSec Library
(as well as LibXML2, LibXSLT and OpenSSL) from <a href="mailto:igor@zlatkovic.com">Igor Zlatkovic</a>.</li>
-<li>XMLSec Library is included as part of Debian GNU/Linux. For more information see the
+<li>XMLSec Library is included as part of Debian GNU/Linux. For more information see the
<a href="http://memebeam.org/toys/DebianXmlsec">coordination page</a>.</li>
<li>XMLSec Library <a href="http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/xmlsec/">FreeBSD
and </a><a href="http://www.openbsd.org/cgi-bin/cvsweb/ports/security/xmlsec/">OpenBSD</a> ports.</li>
<h2>GIT</h2>
<p>XML Security Library is available from the <a href="https://github.com/lsh123/xmlsec">GitHub</a>.
</p>
+<h2>Other languages</h2>
+<ul>
+ <li><a href="https://github.com/mehcode/python-xmlsec">Python xmlsec module</a></li>
+ <li><a href="https://github.com/estrelow/Perl-LibXML-Sec">Perl LibXML-Sec module</a></li>
+</ul>
</td></tr></table></td>
</tr></table></body>
</html>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: Documentation</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
see the Copyright file in the distribution for details.<br><br></p>
<p><b>News</b></p>
<ul>
-<li>April 16 2019<br>
- The <a href="download.html">XML Security Library 1.2.28</a> release includes the following changes:
+<li>December 12 2023<br>
+The <a href="download.html">XML Security Library 1.2.39</a> release includes the following changes:
<ul>
- <li>Added BoringSSL support (chenbd).</li>
- <li>Added gnutls-3.6.x support (alonbl).</li>
- <li>Added DSA and ECDSA key size getter for MSCNG (vmiklos).</li>
- <li>Added --enable-mans configuration option (alonbl).</li>
- <li>Added coninuous build integration for MacOSX (vmiklos).</li>
- <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ <li>Added options to enable/disable local files, HTTP, and FTP support. FTP is disabled by default.</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/xmlsec-1_2_x">more details</a>).</li>
</ul>
</li>
-<br><li>October 23 2018<br>
- The <a href="download.html">XML Security Library 1.2.27</a> release includes the following changes:
+<br>
+<li>July 5 2023<br>
+The <a href="download.html">XML Security Library 1.2.38</a> release includes the following changes:
<ul>
- <li>Added AES-GCM support for OpenSSL and MSCNG (snargit).</li>
- <li>Added DSA-SHA256 and ECDSA-SHA384 support for NSS (vmiklos).</li>
- <li>Added RSA-OAEP support for MSCNG (vmiklos).</li>
- <li>Continuous build integration in Travis and Appveyor.</li>
- <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ <li>Fixed static linking with MinGW.</li>
+ <li>(xmlsec-mscng) Fixed block ciphers key size.</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/xmlsec-1_2_x">more details</a>).</li>
</ul>
</li>
-<br><li>June 5 2018<br>
- The <a href="download.html">XML Security Library 1.2.26</a> release includes the following changes:
+<br>
+<li>November 30 2022<br>
+ The <a href="download.html">XML Security Library 1.2.37</a> release includes the following changes:
<ul>
- <li>Added xmlsec-mscng module based on <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa376210(v=vs.85).aspx">Microsoft Cryptography API: Next Generation</a> (vmiklos).</li>
- <li>Added support for GOST 2012 and fixed CryptoPro CSP provider for GOST R 34.10-2001 in xmlsec-mscrypto (ipechorin).</li>
- <li>Added LibreSSL 2.7 support (vishwin).</li>
- <li>Upgraded documentation build process to support the latest gtk-doc.</li>
- <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
- </ul>
-</li>
-<br><li>September 12 2017<br>
- The <a href="download.html">XML Security Library 1.2.25</a> release includes the following changes:
- <ul>
- <li>Removed OpenSSL 0.9.8 support and several previously deprecated functions.</li>
- <li>Added SHA224 support for xmlsec-nss (vmiklos).</li>
- <li>Added configurable default linefeed for xmltree module (pablogallardo).</li>
- <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ <li>Fixed two regressions from 1.2.36 release: <a href="https://github.com/lsh123/xmlsec/issues/437">issue #437</a>
+ and <a href="https://github.com/lsh123/xmlsec/issues/449">issue #449</a>.</li>
</ul>
</li>
+<br>
+<li>See <a href="news.html">News page</a> for older announcements.</li>
</ul>
</td></tr></table></td>
</tr></table></body>
--- /dev/null
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<title>XML Security Library: Related</title>
+<link rel="stylesheet" href="css/main.css">
+</head>
+<body><table width="100%" valign="top"><tr valign="top">
+<td valign="top" align="left" width="210">
+<img src="images/logo.gif" alt="XML Security Library" border="0"><p></p>
+<ul>
+<li><a href="index.html">Home</a></li>
+<li><a href="download.html">Download</a></li>
+<li><a href="news.html">News</a></li>
+<li><a href="documentation.html">Documentation</a></li>
+<ul>
+<li><a href="faq.html">FAQ</a></li>
+<li><a href="api/xmlsec-notes.html">Tutorial</a></li>
+<li><a href="api/xmlsec-reference.html">API reference</a></li>
+<li><a href="api/xmlsec-examples.html">Examples</a></li>
+</ul>
+<li><a href="xmldsig.html">XML Digital Signature</a></li>
+<li><a href="xmlenc.html">XML Encryption</a></li>
+<li><a href="c14n.html">XML Canonicalization</a></li>
+<li><a href="bugs.html">Reporting Bugs</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
+<li><a href="related.html">Related</a></li>
+<li><a href="authors.html">Authors</a></li>
+</ul>
+<table width="100%">
+<tr>
+<td width="15"></td>
+<td><a href="http://xmlsoft.org/"><img src="images/libxml2-logo.png" alt="LibXML2" border="0"></a></td>
+</tr>
+<tr>
+<td width="15"></td>
+<td><a href="http://xmlsoft.org/XSLT"><img src="images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td>
+</tr>
+<tr>
+<td width="15"></td>
+<td><a href="http://www.openssl.org/"><img src="images/openssl-logo.png" alt="OpenSSL" border="0"></a></td>
+</tr>
+<!--Links - start--><!--Links - end-->
+</table>
+</td>
+<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
+<div>
+<h1>XMLSec Mailing list is retired as of October, 2022</h1>
+<p>Please use <a href="https://github.com/lsh123/xmlsec/discussions">XMLSec GitHub Discussions</a>
+and/or <a href="https://github.com/lsh123/xmlsec/issues">XMLSec GitHub Issues</a>.</p>
+
+<p>The read-only <a href="http://www.aleksey.com/pipermail/xmlsec">XMLSec mailing list archive</a> will
+continue to be available.</p>
+</div>
+
+</html>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: News</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
<h1>XML Security Library News</h1>
</div>
<ul>
-<li>April 16 2019<br>
+ <li>December 12 2023<br>
+ The <a href="download.html">XML Security Library 1.2.39</a> release includes the following changes:
+ <ul>
+ <li>Added options to enable/disable local files, HTTP, and FTP support. FTP is disabled by default.</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/xmlsec-1_2_x">more details</a>).</li>
+ </ul>
+ </li>
+ <br>
+ <li>July 5 2023<br>
+ The <a href="download.html">XML Security Library 1.2.38</a> release includes the following changes:
+ <ul>
+ <li>Fixed static linking with MinGW.</li>
+ <li>(xmlsec-mscng) Fixed block ciphers key size.</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/xmlsec-1_2_x">more details</a>).</li>
+ </ul>
+ </li>
+ <br>
+ <li>November 30 2022<br>
+ The <a href="download.html">XML Security Library 1.2.37</a> release includes the following changes:
+ <ul>
+ <li>Fixed two regressions from 1.2.36 release: <a href="https://github.com/lsh123/xmlsec/issues/437">issue #437</a>
+ and <a href="https://github.com/lsh123/xmlsec/issues/449">issue #449</a>.</li>
+ </ul>
+ </li>
+ <br>
+ <li>October 31 2022<br>
+ The <a href="download.html">XML Security Library 1.2.36</a> release includes the following changes:
+ <ul>
+ <li>Retired the XMLSec mailing list "xmlsec@aleksey.com" and the <a href="xmldsig-verifier.html">XMLSec Online Signature Verifier</a>.</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ </ul>
+ </li>
+ <br>
+ <li>October 25 2022<br>
+ The <a href="download.html">XML Security Library 1.2.35</a> release includes the following changes:
+ <ul>
+ <li>Migration to OpenSSL 3.0 API (based on PR by @snargit). Note that OpenSSL engines
+ are disabled by default when XMLSec library is compiled against OpenSSL 3.0.
+ To re-enable OpenSSL engines, use "--enable-openssl3-engines" configure flag
+ (there will be a lot of deprecation warnings).
+ </li>
+ <li>The OpenSSL before 1.1.0 and LibreSSL before 2.7.0 are now deprecated and
+ will be removed in the future versions of XMLSec Library.
+ </li>
+ <li>Refactored all the integer casts to ensure cast-safety. Fixed all warnings
+ and enabled "-Werror" and "-pedantic" flags on CI builds.
+ </li>
+ <li>Added configure flag to use size_t for xmlSecSize (currently disabled by default
+ for backward compatibility).
+ </li>
+ <li>Moved all CI builds to GitHub actions.</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ </ul>
+</li>
+<br>
+<li>May 3 2022<br>
+ The <a href="download.html">XML Security Library 1.2.34</a> release includes the following changes:
+ <ul>
+ <li>Support for OpenSSL compiled with OPENSSL_NO_ERR.</li>
+ <li>Full support for LibreSSL 3.5.0 and above (@vishwin).</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ </ul>
+</li>
+<br>
+<li>October 25 2021<br>
+ The <a href="download.html">XML Security Library 1.2.33</a> release includes the following changes:
+ <ul>
+ <li>Added --privkey-openssl-engine option to enhance openssl engine support (Leonardo Secci).</li>
+ <li>Fixed decrypting session key for two recipients.</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ </ul>
+</li>
+<br>
+<li>April 21 2021<br>
+ The <a href="download.html">XML Security Library 1.2.32</a> release includes the following changes:
+ <ul>
+ <li>Several small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ </ul>
+</li>
+<br>
+<li>October 29 2020<br>
+ The <a href="download.html">XML Security Library 1.2.31</a> release includes the following changes:
+ <ul>
+ <li>Added configure option to ensure memset() securely erases memory (gcc).</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ </ul>
+</li>
+<br><li>April 21 2020<br>
+ The <a href="download.html">XML Security Library 1.2.30</a> release includes the following changes:
+ <ul>
+ <li>Enabled XML_PARSE_HUGE for all xml parsers.</li>
+ <li>Added s390x support for travis (nayana-ibm).</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ </ul>
+</li>
+<br><li>October 15 2019<br>
+ The <a href="download.html">XML Security Library 1.2.29</a> release includes the following changes:
+ <ul>
+ <li>Various build and tests fixes and improvements.</li>
+ <li>Move remaining private header files away from xmlsec/include/ folder.</li>
+ <li>Several other small fixes (<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
+ </ul>
+</li>
+<br><li>April 16 2019<br>
The <a href="download.html">XML Security Library 1.2.28</a> release includes the following changes:
<ul>
<li>Added BoringSSL support (chenbd).</li>
<li>Added OOXML Relationships Transform Algorithm (patch from <a href="https://github.com/vmiklos">Miklos Vajna</a>).</li>
<li>Added experimental GOST2012 support for xmlsec-openssl (patch from Nikolay Shaplov).</li>
<li>Migrated XMLSec to <a href="https://github.com/lsh123/xmlsec">GitHub</a>.</li>
- <li>Added OpenSSL 1.1.0 (pre 2) API support (major re-factoring for all OpenSSL based implementations of the
+ <li>Added OpenSSL 1.1.0 (pre 2) API support (major re-factoring for all OpenSSL based implementations of the
block ciphers and the DSA/ECDSA signatures).</li>
<li>Removed support for legacy OpenSSL 0.9.6 (last release: March, 2004) and 0.9.7 (last release: February, 2007).</li>
<li>Completely revamped manpages/documentation build to completely pass 'make distcheck' tests.</li>
- <li>Deprecated XMLSEC_CRYPTO define in favor of xmlSecGetDefaultCrypto() function.</li>
- <li>Implemented several other smaller features; fixed several other minor bugs, code cleanups:
+ <li>Deprecated XMLSEC_CRYPTO define in favor of xmlSecGetDefaultCrypto() function.</li>
+ <li>Implemented several other smaller features; fixed several other minor bugs, code cleanups:
(<a href="https://github.com/lsh123/xmlsec/commits/master">more details</a>).</li>
</ul>
</li>
accessing source code and reporting issues.
</li>
<br><li>May 27 2014<br>
- The <a href="download.html">XML Security Library 1.2.20</a> release fixes a number of miscellaneous bugs and
+ The <a href="download.html">XML Security Library 1.2.20</a> release fixes a number of miscellaneous bugs and
updates expired or soon-to-be-expired certificates in the test suite.
</li>
<br><li>March 24 2013<br>
<li>xmlsec-mscrypto: Added HMAC with MD5, SHA1, SHA256/384/512;
RSA with MD5, SHA256/384/512 support.</li>
<li>xmlsec-mscrypto: Converted to Unicode (the non-Unicode builds are still available as compile time option).</li>
- <li>xmlsec-nss: Added MD5 and SHA256/384/512 support for digest, HMAC
+ <li>xmlsec-nss: Added MD5 and SHA256/384/512 support for digest, HMAC
and RSA (the new minimum required version for NSS library is 3.9).</li>
<li>xmlsec-gnutls: Added SHA256/384/512 for digest and HMAC;
MD5 and RIPEMD160 digests support (the new minimum required version for
<br><li>December 5 2009<br>
Changes in <a href="download.html">XML Security Library 1.2.14</a> release:
<ul>
-<li>XMLSec library is switched from built-in LTDL library to the system
- LTDL library on Linux/Unix and native calls on Windows to fix
- <a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3736">security
+<li>XMLSec library is switched from built-in LTDL library to the system
+ LTDL library on Linux/Unix and native calls on Windows to fix
+ <a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3736">security
issue</a> in LTDL.</li>
- <li>Fixed minor bugs (see <a href="https://github.com/lsh123/xmlsec/commits/master">commits log</a>
+ <li>Fixed minor bugs (see <a href="https://github.com/lsh123/xmlsec/commits/master">commits log</a>
for complete list).</li>
</ul>
</li>
The new <a href="download.html">XML Security Library 1.2.12</a> release
includes the following changes (see ChangeLog for the complete list of changes):
<ul>
-<li>Fixed HMAC vulnerability with small values of HMAC length
+<li>Fixed HMAC vulnerability with small values of HMAC length
(<a href="http://www.kb.cert.org/vuls/id/466161">CERT VU #466161</a>).</li>
- <li>Added support for the GOST implemented by Russian Crypto Pro CSP
+ <li>Added support for the GOST implemented by Russian Crypto Pro CSP
(patch from Dennis Prochko)</li>
<li>Added an option to return the replaced node (based on the patch from Frank Gross)</li>
<li>Added new function xmlSecNodeEncodeAndSetContent for encoding
includes the following changes:
<ul>
<li>GOST algorithms support (Dmitry Belyavsky)</li>
- <li>Ability to disable system trusted certs in xmlsec-mscrypto
+ <li>Ability to disable system trusted certs in xmlsec-mscrypto
(Dmitry Belyavsky)</li>
- <li>New functions for adding X509IssuerName and X509SerialNumber
+ <li>New functions for adding X509IssuerName and X509SerialNumber
nodes to the template (Dmitry Belyavsky)</li>
<li>Better packaging support for Fedora and Debian (Daniel Veillard, John Belmonte)</li>
<li>Cleanups from Coverity tool reports</li>
</li>
<br><li>July 12 2005<br>
The new <a href="download.html">XML Security Library 1.2.9</a> release
- includes few bug fixes and adds support for the recently released
- <a href="http://www.openssl.org">OpenSSL 0.9.8</a> including several
+ includes few bug fixes and adds support for the recently released
+ <a href="http://www.openssl.org">OpenSSL 0.9.8</a> including several
new algorithms for <a href="xmldsig.html">xmlsec-openssl</a>:
<ul>
<li>SHA224/SHA256/SHA384/SHA512</li>
<li>(core) added functions to create <X509Data/> node children
in the signature template;</li>
<li>(core) fixed xmlSecGenerateID() function;</li>
- <li>(core) fixed dynamic linking initialization/shutdown when custom memory
+ <li>(core) fixed dynamic linking initialization/shutdown when custom memory
allocation functions are used;</li>
<li>(core) fixed encrypted text parsing and xmlParseInNodeContext() function;</li>
<li>(openssl) fixed parsing quoted values in the certificate subject;</li>
</ul>
</li>
<br><li>August 25 2004<br>
- The new <a href="download.html">XML Security Library 1.2.6</a>
+ The new <a href="download.html">XML Security Library 1.2.6</a>
fixes several minor bugs and adds support for loading keys and
certificates from memory.
</li>
for using XML Security Library.
</li>
<br><li>April 15 2004<br>
- The new <a href="download.html">XML Security Library 1.2.5</a>
+ The new <a href="download.html">XML Security Library 1.2.5</a>
includes a simple XKMS server implementation and fixes a nasty
bug with encrypting/decrypting nodes with an empty content.
</li>
<br><li>January 27 2004<br>
- The new <a href="download.html">XML Security Library 1.2.4</a>
- release fixes many configuration and installation problems
+ The new <a href="download.html">XML Security Library 1.2.4</a>
+ release fixes many configuration and installation problems
found by John.
</li>
<br><li>January 6 2004<br>
- The new <a href="download.html">XML Security Library 1.2.3</a>
+ The new <a href="download.html">XML Security Library 1.2.3</a>
release upgrades xmlsec-gnutls code to support latest gnutls
- library version (1.0.4) and fixes several configuration and
+ library version (1.0.4) and fixes several configuration and
installation problems.
</li>
<br><li>November 11 2003<br>
- The new <a href="download.html">XML Security Library 1.2.2</a>
+ The new <a href="download.html">XML Security Library 1.2.2</a>
release includes several improvements in ./configure script
(Daniel, Roumen) and a bug fix for certificates serial number
processing in xmlsec-mscrypto.
</li>
<br><li>October 14 2003<br>
- The new <a href="download.html">XML Security Library 1.2.1</a>
+ The new <a href="download.html">XML Security Library 1.2.1</a>
release includes a special "hack" for supporting ID attributes
- with invalid values in Visa 3D; fixed processing of root element
- node siblings (bug #124245); template functions for creating
+ with invalid values in Visa 3D; fixed processing of root element
+ node siblings (bug #124245); template functions for creating
<enc:KeyReference/> and <enc:DataReference/&gt
- nodes (Wouter); new "XMLSEC_DOCDIR" environment variable
+ nodes (Wouter); new "XMLSEC_DOCDIR" environment variable
for ./configure script; updated README files for xmlsec-crypto
libraries.
</li>
<br><li>September 30 2003<br>
- The major change in the new <a href="download.html">XML Security Library 1.2.0</a>
+ The major change in the new <a href="download.html">XML Security Library 1.2.0</a>
release is the MS Crypto API support implemented by Wouter. Other changes
- include loading public keys from certificates and improved namespaces
+ include loading public keys from certificates and improved namespaces
support for start node selection with "--node-xpath" command line option
for xmlsec command line utility; updated online XML DSig Verifier;
updated docs and man pages.
<br><li>September 17 2003<br>
The new <a href="download.html">XML Security Library 1.1.2</a> release
introduces dynamical crypto engines loading based on ltdl library (including
- tutorial, API reference and documentation updates); adds an ability to build
+ tutorial, API reference and documentation updates); adds an ability to build
multiple xmlsec-crypto libraries in one build on Windows; fixes minor problems
in test suite and multiple warnings when building on Sun Solaris.
</li>
<br><li>August 21 2003<br>
The new <a href="download.html">XML Security Library 1.1.1</a> release
adds <X509Data/> node templates support to xmlsec-nss (Tej);
- includes new functions for reading keys and certificates from memory
+ includes new functions for reading keys and certificates from memory
for xmlsec-core and xmlsec-openssl (Joachim); fixes several problems
- in xmlsec configuration files (Roumen) and a bug in URI attribute
+ in xmlsec configuration files (Roumen) and a bug in URI attribute
XInclude processing.
</li>
<br><li>August 5 2003<br>
A great patch from Tej that dramaticaly improves xmlsec-nss functionality
- deserves a minor version number update :). In addition to that, the new
- <a href="download.html">XML Security Library 1.1.0</a>
+ deserves a minor version number update :). In addition to that, the new
+ <a href="download.html">XML Security Library 1.1.0</a>
release includes <X509Data/> node templates support
for xmlsec-openssl (Roumen); separate pkg-config files for xmlsec-crypto
libraries and minor documentation updates (including coding style
- and some useful commands for xmlsec developers in a new "HACKING"
+ and some useful commands for xmlsec developers in a new "HACKING"
file).
</li>
<br><li>July 15 2003<br>
- There were several minor patches during last month and it's time to do
- a new <a href="download.html">XML Security Library 1.0.4</a>
+ There were several minor patches during last month and it's time to do
+ a new <a href="download.html">XML Security Library 1.0.4</a>
release to pick up them: x509 certificates names comparison function
- now supports multiple entries woth the same object name (Roumen);
+ now supports multiple entries woth the same object name (Roumen);
multiple build fixes; documentation mistypes fixes.<br>
- Also I gave an XML Security presentation at
- <a href="http://oreillynet.com/oscon2003/">OSCON 2003</a> last week.
+ Also I gave an XML Security presentation at
+ <a href="http://oreillynet.com/oscon2003/">OSCON 2003</a> last week.
You can download slides <a href="http://www.aleksey.com/xmlsec/extra/xmlsec_oscon_2003.ppt">here</a>.
</li>
<br><li>June 17 2003<br>
- The <a href="download.html">XML Security Library 1.0.3</a>
- release adds PKCS#8 support for xmlsec-openssl (Tej) and fixes several
+ The <a href="download.html">XML Security Library 1.0.3</a>
+ release adds PKCS#8 support for xmlsec-openssl (Tej) and fixes several
configuration and portability problems.
</li>
<br><li>June 03 2003<br>
- The <a href="download.html">XML Security Library 1.0.2</a>
+ The <a href="download.html">XML Security Library 1.0.2</a>
release includes several fixes in xmlsec-nss configuration and
linking options (Tej), PKCS21 files reading improvements,
minor documentation and help file fixes. Also this release
use or even compile it in.
</li>
<br><li>April 28 2003<br>
- The <a href="download.html">XML Security Library 1.0.1</a>
- release is a maintanance release. It fixes several compilation
- problems found in 1.0.0 release on the following platforms:
- OpenBSD/sparc64, Win32 Wacom C, Sun Workshop CC 6.0. Also from
- now on Win32 MSVC port enables the threading support
- by default (this is a part of the Igor's change to
+ The <a href="download.html">XML Security Library 1.0.1</a>
+ release is a maintanance release. It fixes several compilation
+ problems found in 1.0.0 release on the following platforms:
+ OpenBSD/sparc64, Win32 Wacom C, Sun Workshop CC 6.0. Also from
+ now on Win32 MSVC port enables the threading support
+ by default (this is a part of the Igor's change to
LibXML2/LibXSLT/XMLSec libraries).If you don't
use one of these platforms then you'll see no difference.
</li>
<br><li>April 17 2003<br>
- The <a href="download.html">XML Security Library 1.0.0</a>
+ The <a href="download.html">XML Security Library 1.0.0</a>
release is the major upgrade from 0.0.X version.
The new version includes multiple crypto engines support
(with "out of the box" support for OpenSSL, GnuTLS and NSS);
- simplified and cleaned internal structure and API;
+ simplified and cleaned internal structure and API;
several performance and memory usage improvements;
- new or updated documentation (tutorial, API reference manual and
+ new or updated documentation (tutorial, API reference manual and
examples).
</li>
<br><li>April 10 2003<br>
- The final release candidate <a href="download.html">XML Security
- Library 1.0.0rc1</a> is available for download. This release includes
- minor API polishing,
- complete <a href="api/xmlsec-ref.html">API Reference Manual</a>,
- new chapters in the <a href="api/xmlsec-notes.html">tutorial</a> and
+ The final release candidate <a href="download.html">XML Security
+ Library 1.0.0rc1</a> is available for download. This release includes
+ minor API polishing,
+ complete <a href="api/xmlsec-ref.html">API Reference Manual</a>,
+ new chapters in the <a href="api/xmlsec-notes.html">tutorial</a> and
several new <a href="api/xmlsec-examples.html">examples</a>.
Another big change is using major version number in library files
to prevent collisions between different library versions.<br>
happen in a week from now.
</li>
<br><li>April 8 2003<br>
- The new <a href="download.html">XML Security Library 0.0.15</a>
+ The new <a href="download.html">XML Security Library 0.0.15</a>
release is a preparation for the upcomming 1.0.0 release and
- provides an ability to have both versions installed together
- on the same box.
- Also this release includes updated expired certificates for
- the regression test suite and a fix for minor bug in reading binary
+ provides an ability to have both versions installed together
+ on the same box.
+ Also this release includes updated expired certificates for
+ the regression test suite and a fix for minor bug in reading binary
keys on Windows.
</li>
<li>March 26 2003<br><a href="download.html">XML Security Library 0.1.1</a>
- release is the first release candidate for the new stable
- version of XML Security Library. A lot of internal changes
+ release is the first release candidate for the new stable
+ version of XML Security Library. A lot of internal changes
including enchanced processing controls, performance improvements
for XML transforms, <a href="api/index.html">new documentation</a>,
updated <a href="api/xmlsec-examples.html">examples</a>
</li>
<br><li>March 19 2003<br><a href="download.html">XML Security Library 0.0.14</a> release
includes several minor bugfixes in references URI
- processing, binary transforms processing and xmlsec
+ processing, binary transforms processing and xmlsec
command line utility.
</li>
<br><li>March 5 2003<br>
The <a href="download.html">XML Security Library 0.1.0</a> release
creates a framework for integrating XML Security Library
with almost any crypto engine and even combining multiple crypto
- engines in one application. As an example, basic support for GnuTLS and NSS
+ engines in one application. As an example, basic support for GnuTLS and NSS
libraries is provided (digests, hmac and block ciphers).<br>
This is a pre-alpha release <b>not recommended</b> for production
- (please use the <a href="download.html">stable 0.0.X</a> releases
+ (please use the <a href="download.html">stable 0.0.X</a> releases
instead). The new 0.1.X API and ABI will defenetly change.
However, if you plan to use XML Security Library with a new crypto
- engine and plan to write some code then you can start now.
+ engine and plan to write some code then you can start now.
The "backend" API is pretty stable and I do not expect major
changes.
</li>
<br><li>February 21 2003<br><a href="download.html">XML Security Library 0.0.13</a> release
- fixes incorrect processing of signatures with more than 3 binary
+ fixes incorrect processing of signatures with more than 3 binary
transforms in a row, improved pkcs12 files support and minor
documentation update.
</li>
<br><li>January 26 2003<br>
- Two major fixes in <a href="http://www.aleksey.com/pipermail/xmlsec/2003/000507.html">HMAC</a> and
- <a href="http://www.aleksey.com/pipermail/xmlsec/2003/000516.html">DES/AES</a>
+ Two major fixes in <a href="http://www.aleksey.com/pipermail/xmlsec/2003/000507.html">HMAC</a> and
+ <a href="http://www.aleksey.com/pipermail/xmlsec/2003/000516.html">DES/AES</a>
algorithms are the reason for the new <a href="download.html">XML Security Library 0.0.12</a> release.
- Also there are few other minor features and bug fixes (see Changelog in the
+ Also there are few other minor features and bug fixes (see Changelog in the
distribution for more details).
</li>
<br><li>December 3 2002<br>
New <a href="download.html">XML Security Library 0.0.11</a> release
- fixes a <a href="http://www.aleksey.com/pipermail/xmlsec/2002/000368.html">major
+ fixes a <a href="http://www.aleksey.com/pipermail/xmlsec/2002/000368.html">major
problem</a> in Reference URI attribute processing. This release
- also includes several Win32 build process fixes from Igor.
+ also includes several Win32 build process fixes from Igor.
</li>
<br><li>October 20 2002<br>
- Almost two months from previous release and a lot of minor
+ Almost two months from previous release and a lot of minor
enchancements are good reasons for the new
<a href="download.html">XML Security Library 0.0.10</a> release:
<ul>
expiration against it;</li>
<li>Implemented XML results output format for the xmlsec command
line utility;</li>
- <li>Fixed XMLDSig examples and added a new one (thanks to Devin
+ <li>Fixed XMLDSig examples and added a new one (thanks to Devin
Heitmueller);</li>
- <li>Resolved static link issue and a bunch of other improvements
+ <li>Resolved static link issue and a bunch of other improvements
for Win32 platform builds (Igor Zlatkovic);</li>
<li>Added dynamic linking option for xmlsec command line utility
to help Debian port (John Belmonte);</li>
</ul>
</li>
<br><li>August 26 2002<br>
- I've completelly screwed up. The release 0.0.8 was totally broken
+ I've completelly screwed up. The release 0.0.8 was totally broken
(I've simply packaged files from wrong CVS :) )
and I am doing a new <a href="download.html">0.0.9 release</a>
to fix all the problems. Please upgrade to the new version
</ul>
</li>
<br><li>July 11 2002<br>
- XML Security Library <a href="documentation.html">documentation</a>
+ XML Security Library <a href="documentation.html">documentation</a>
created.
</li>
<br><li>July 10 2002<br>
includes all small bug fixes for last month and a new LibXML2 library
with improved canonicalization.
</li>
-<br><li>May 28 2002<br>
+<br><li>May 28 2002<br>
New LibXML 2.4.22 is <a href="http://xmlsoft.org/news.html">released</a>
- and new <a href="download.html">XML Security Library 0.0.6</a> is
+ and new <a href="download.html">XML Security Library 0.0.6</a> is
released:
<ul>
<li>Win32 port is added: the idea and most of the configuration scripts
algorithms and enveloped signatures).</li>
<li>
<a href="http://www.w3.org/TR/xmldsig-filter2/">XPath Filter 2</a>
- and <a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0001.html">Alternative
+ and <a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0001.html">Alternative
XPath Filter</a> (not compiled by default, use --enable-altxpath configuration
switch if you need this transform) support is added. </li>
<li>Custom network protocol handler support is added. It is similar
<br><li>May 14 2002<br>
I've checked in new code for plugging in custom input handlers
(similar to ones that exist in LibXML2). The downside is that
- you have to use <a href="ftp://xmlsoft.org/cvs-snapshot.tar.gz">daily
+ you have to use <a href="ftp://xmlsoft.org/cvs-snapshot.tar.gz">daily
LibXML2 snapshot</a> to compile daily XML Security Library snapshot.
</li>
<br><li>April 28 2002<br><a href="download.html">XMLSec 0.0.5</a> released:
Minor release <a href="download.html">XMLSec 0.0.4</a> with main
goal to fix broken RPM:
<ul>
-<li>The RPM is recompiled using OpenSSL 0.9.6. The previous
+<li>The RPM is recompiled using OpenSSL 0.9.6. The previous
version was compiled with OpenSSL 0.9.7 but I got few complains
that there are no RPMs for 0.9.7 yet. The downsides of using 0.9.6 are
some functionality limitations for XML Encryption (no AES support,
<br><li>April 16 2002<br>
A lot of changes and time for new release <a href="download.html">XMLSec 0.0.3</a>:
<ul>
-<li>The first release that includes <a href="xmlenc.html">XML Encryption support</a>!
- The bad news is that most of new features require <a href="download.html">OpenSSL 0.9.7</a> which is
+<li>The first release that includes <a href="xmlenc.html">XML Encryption support</a>!
+ The bad news is that most of new features require <a href="download.html">OpenSSL 0.9.7</a> which is
not officially released yet.</li>
<li>Options to enable/disable support for particular algorithms were
added to the <code>./configure</code> script.</li>
The <a href="download.html">RPM packages</a> are now available.
</li>
<br><li>April 5 2002<br>
- Test suite updates and new minor release <a href="download.html">XML
+ Test suite updates and new minor release <a href="download.html">XML
Security Library 0.0.2a.</a><br>
New <a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0017.html">
interoperability tests</a>
OpenSSL CRL problem.</a>
These new tests are included into the distribution and previous Merlin's
test suites are removed. Because of these changes I decided to generate
- a new package that also will include the <a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online
+ a new package that also will include the <a href="xmldsig-verifier.html">Online
XML Digital Signature Verifier</a> code.
</li>
<br><li>April 3 2002<br>
- The <a href="http://www%2Caleksey.com/xmlsec/xmldsig-verifier.html">Online XML
- Digital Signature Verifier</a> is available! You can use this tool to
+ The <a href="xmldsig-verifier.html">Online XML
+ Digital Signature Verifier</a> is available! You can use this tool to
verify your XML Digital Signatures from online Web form or using a simple
- Perl script. The idea was stolen from <a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0006.html">Manoj K.
+ Perl script. The idea was stolen from <a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0006.html">Manoj K.
Srivastava.</a>
</li>
<br><li>March 31 2002<br>
- Some major changes and a time for new release: <a href="download.html">XML Security
- Library 0.0.2</a>. Now XML Security Library supports <b>all</b> MUST/SHOULD/MAY
+ Some major changes and a time for new release: <a href="download.html">XML Security
+ Library 0.0.2</a>. Now XML Security Library supports <b>all</b> MUST/SHOULD/MAY
<a href="xmldsig-interop.html">features</a> from XMLDSig standard!
<ul>
<li>Added X509 certificates and certificate chains support</li>
- <li>The detailed signature generation/verification results are made available
+ <li>The detailed signature generation/verification results are made available
to the application</li>
<li>RetrievalMethod, Manifests and <a href="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">additional
algorithms</a> are added</li>
- <li>The Transforms and KeyInfo code was significantly re-writen with a goal
+ <li>The Transforms and KeyInfo code was significantly re-writen with a goal
to separate it from XMLDSig logic for better re-usability (in XML Encryption,
etc.)</li>
</ul>
</li>
<br><li>March 18 2002<br><ul>
-<li>Fixed wrong way shift of the DSA digest result bug found by Philipp
+<li>Fixed wrong way shift of the DSA digest result bug found by Philipp
Gühring. This bug is critical and I have to do a <a href="download/xmlsec-0.0.1a.tar.gz">new
build.</a>
</li>
</li>
<br><li>March 17 2002<br>
The <a href="download.html">XML Security Library 0.0.1</a> is released
- and available for download! Please try it out and send
+ and available for download! Please try it out and send
me your comments/suggestions.
</li>
<br>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: Related</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
<h3>
<a name="books"></a> Books</h3>
<ul>
-<li>
-<a href="http://www.aleksey.com/cgi-bin/books.cgi?ASIN=0201756056">Secure
-XML: The New Syntax for Signatures and Encryption</a> Donald E. Eastlake</li>
- <li>
-<a href="http://www.aleksey.com/cgi-bin/books.cgi?ASIN=0072193999">XML
-Security</a> Blake Dournaee</li>
- <li>
-<a href="http://www.aleksey.com/cgi-bin/books.cgi?ASIN=0672326515">Securing
+<li><a href="https://www.amazon.com/Secure-XML-Syntax-Signatures-Encryption/dp/0201756056">Secure XML: The New Syntax
+for Signatures and Encryption</a> Donald E. Eastlake</li>
+<li><a href="https://www.amazon.com/XML-Security-Blake-Dournaee/dp/0072193999">XML Security</a> Blake Dournaee</li>
+<li><a href="https://www.amazon.com/Securing-Web-Services-WS-Security-Demystifying/dp/0672326515">Securing
Web Services with WS-Security : Demystifying WS-Security, WS-Policy,
SAML, XML Signature, and XML Encryption</a> Jothy Rosenberg</li>
- <li>
-<a href="http://www.aleksey.com/cgi-bin/books.cgi?ASIN=0471117099">Applied
-Cryptography: Protocols, Algorithms, and Source Code in C, Second
-Edition</a> Bruce Schneier</li>
- <li>
-<a href="http://www.aleksey.com/cgi-bin/books.cgi?ASIN=0471223573">Practical
-Cryptography</a> Niels Ferguson, Bruce Schneier </li>
- <li>
-<a href="http://www.aleksey.com/cgi-bin/books.cgi?ASIN=0471453803">Secrets
-and Lies : Digital Security in a Networked World</a> Bruce Schneier</li>
- <li>
-<a href="http://www.aleksey.com/cgi-bin/books.cgi?ASIN=0072224711">Web
-Services Security</a> Mark O'Neill</li>
- <li>
-<a href="http://www.aleksey.com/cgi-bin/books.cgi?ASIN=0849308224">Public
-Key Infrastructure: Building Trusted Applications and Web Services</a>
-John R. Vacca</li>
- <li><a href="http://www.aleksey.com/cgi-bin/books.cgi">More books ...</a></li>
+<li><a href="https://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/0471117099">Applied Cryptography:
+Protocols, Algorithms, and Source Code in C, Second Edition</a> Bruce Schneier</li>
+<li><a href="https://www.amazon.com/Practical-Cryptography-Niels-Ferguson/dp/0471223573">Practical Cryptography</a>
+Niels Ferguson, Bruce Schneier </li>
+<li><a href="https://www.amazon.com/Secrets-Lies-Digital-Security-Networked/dp/0471453803">Secrets and Lies: Digital
+Security in a Networked World</a> Bruce Schneier</li>
+<li><a href="https://www.amazon.com/Web-Services-Security-Mark-ONeill/dp/0072224711">Web Services Security</a> Mark O'Neill</li>
+<li><a href="https://www.amazon.com/Public-Key-Infrastructure-Building-Applications/dp/0849308224">Public Key Infrastructure:
+Building Trusted Applications and Web Services</a> John R. Vacca</li>
</ul>
<h3><a name="#dependencies">Dependencies</a></h3>
<ul>
<li>XMLSec Library <a href="http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/xmlsec/">FreeBSD</a>
and <a href="http://www.openbsd.org/cgi-bin/cvsweb/ports/security/xmlsec/">OpenBSD</a>
ports. </li>
- <li>
-<a href="http://pyxmlsec.labs.libre-entreprise.org/">PyXMLSec
-Library</a> - Python bindings for XMLSec Library. </li>
+ <li><a href="http://pyxmlsec.labs.libre-entreprise.org/">PyXMLSec Library</a> - Python bindings for XMLSec Library. </li>
+ <li><a href="https://metacpan.org/pod/XML::LibXML::xmlsec">Perl CPAN module</a> - Perl bindings for XMLSec Library
+ (<a href="https://github.com/estrelow/Perl-LibXML-Sec">source code</a>).</li>
<li>
<a href="http://lasso.entrouvert.org/">Lasso
Library</a> - the <a href="http://www.projectliberty.org/">Liberty Alliance</a>
+++ /dev/null
-README
-http://groups.google.com/groups?hl=en&threadm=9jlbt7%243141%241%40FreeBSD.csie.NCTU.edu.tw&rnum=20&prev=/groups%3Fq%3Dopenssl%2Bx509%2Bcertificates%2Bchain%26start%3D10%26hl%3Den%26selm%3D9jlbt7%25243141%25241%2540FreeBSD.csie.NCTU.edu.tw%26rnum%3D20
-http://www.post1.com/home/ngps/m2/howto.ca.html
-
-
-Commands:
-
-(0) create new CA and modify the openssl.cnf file
-to point to it
-
-> CA.pl -newca
-
-(1) a self-signed des3 root ca cert, using
-
-> openssl genrsa -des3 -out ca.key
-> openssl req -new -key ca.key -out ca.csr
-> openssl x509 -req -signkey ca.key -out ca.crt -in ca.csr
-
-verify ca.crt
-
-> openssl x509 -text -in ca.crt
-
-(2) a second ca cert, signed by the first ca, using
-
-> openssl genrsa -des3 -out ca2.key
-> openssl req -new -key ca2.key -out ca2.csr
-> openssl ca -cert ca.crt -keyfile ca.key -out ca2.crt -infiles ca2.csr
-
-verify ca2.crt
-
-> openssl x509 -text -in ca2.crt
-> openssl verify -CAfile ca.crt ca2.crt
-
-
-(3) a user cert using
-
-> openssl genrsa -des3 -out user.key
-> openssl req -new -key user.key -out user.csr
-> openssl ca -cert ca2.crt -keyfile ca2.key -out user.crt -infiles user.csr
-
-
-verify user.crt
-
-> openssl x509 -text -in ca3.crt
-> openssl verify -CAfile ca.crt -untrusted ca2.crt user.crt
-
-
+++ /dev/null
-<!ATTLIST SOAP:Body id ID #IMPLIED>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext"><SOAP:Header><wsse:Security><Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
-<SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
- <HMACOutputLength>91</HMACOutputLength>
- </SignatureMethod>
- <Reference URI="#Body">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <DigestValue>KlK8TF9wnLYvXz008MJV4umoHhE=</DigestValue>
- </Reference>
-</SignedInfo>
- <SignatureValue>gmtoF50KWNUTGQCg</SignatureValue><KeyInfo><KeyName>name:KEY</KeyName></KeyInfo></Signature></wsse:Security></SOAP:Header><SOAP:Body id="Body">
-<echo xmlns="http://www.example.org">
-this
-is
-a
-test
-of
-echoing
-simple-91
-</echo>
-</SOAP:Body></SOAP:Envelope>
-
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>Niji66p2agomSLiShIYXIekL7bdFEnxzpa2ETcad9mHXHWd218vjUg==</SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
-MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
-Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
-ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
-ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
-b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
-kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
-DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
-Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
-HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
-EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
-IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
-CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
-MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
-BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
-08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
-T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
-6A==</X509Certificate>
-<X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
-MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
-Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k
-IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh
-MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn
-ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF
-MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
-YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm
-gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR
-BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5
-IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg
-Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG
-SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN
-AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO
-kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl
-lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate>
-<X509Certificate>MIIEdDCCBB6gAwIBAgIJANaOuOCRgiz5MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG
-A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
-Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
-b20wHhcNMDUwNzEwMDIzMTU5WhcNMTUwNzA4MDIzMTU5WjCBxzELMAkGA1UEBhMC
-VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM
-aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAnBgNVBAsT
-IFRlc3QgVGhpcmQgTGV2ZWwgRFNBIENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVr
-c2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wgfAw
-gagGByqGSM44BAEwgZwCQQDIMfw6P79Fcw0hrxYKq3ePh7wmevc95UjfF2JHQJBX
-Jb9XFBa5LRy71lzh/OYMH4oh4giiFVRVBCW9HpZqOTNJAhUAlEOrmqjJG3tfjU49
-XjJuM3AXNskCQAUzwzmbp53bZ+bzDcOU6UGh3Ig/TFdLGXYevs3tiZaFLa//EYF+
-l5Tdsr3NQpGRRf4arXvXPZyIJhYYHJVk7OMDQwACQDonSDDJk3VaIfdVHPnOitRq
-V5XPFfMDksNb0WelnZdl/qokl9eaU+8uiH7LtsU0QYX9lE8kTplcUdD0bxjDYJ2j
-ggFTMIIBTzAMBgNVHRMEBTADAQH/MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl
-bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUpVifKXAtGkJHRAParmenuvcp
-ZT4wgfEGA1UdIwSB6TCB5oAU/uTsUyTwlZXHELXhRLVdOWVa436hgcKkgb8wgbwx
-CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwg
-U2VjdXJpdHkgTGlicmFyeSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94bWxzZWMp
-MR4wHAYDVQQLExVUZXN0IFJvb3QgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtz
-ZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbYIJANaO
-uOCRgiz4MA0GCSqGSIb3DQEBBQUAA0EAJB9Kc4/Z0hTwiDYR5fXVPyzAjD+BeChR
-F14ztWl1Ol6REWFRbIGfEz3XDgCHCiocM8ExXi7zn26R072cdBz7+w==</X509Certificate>
-</X509Data>
- </KeyInfo>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>SPqE1/nehy9KOKeFSODZWZyvUZ/iS4jameUSXtvmfPgez5lN5QL4ox+QDlo37IeW
-NDjt380ZiA7kx9pnlx8jfQ==</SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
-MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
-Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k
-IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh
-MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn
-ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF
-MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
-YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm
-gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR
-BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5
-IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg
-Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG
-SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN
-AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO
-kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl
-lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate>
-<X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
-MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
-Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
-ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
-ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
-b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
-kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
-DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
-Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
-HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
-EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
-IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
-CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
-MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
-BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
-08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
-T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
-6A==</X509Certificate>
-<X509Certificate>MIID2zCCA4WgAwIBAgIJANaOuOCRgiz7MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG
-A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
-Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
-b20wHhcNMDUwNzEwMDM1MTU2WhcNMDUwNzExMDM1MTU2WjCBwzELMAkGA1UEBhMC
-VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM
-aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxJTAjBgNVBAsT
-HFRlc3QgRXhwaXJlZCBSU0EgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkg
-U2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTBcMA0GCSqG
-SIb3DQEBAQUAA0sAMEgCQQDJUmVgQEBmML80PvR8zIwGkyDiE5boEWR4pGmaGUOH
-bRnFQkt2mt+4/QeYtm7GRVRUe6YJigUovU1u3DQDiOjzAgMBAAGjggFTMIIBTzAM
-BgNVHRMEBTADAQH/MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD
-ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU+fqJEjRKO1kG3y4X8sCPsiYHeMkwgfEGA1Ud
-IwSB6TCB5oAU/uTsUyTwlZXHELXhRLVdOWVa436hgcKkgb8wgbwxCzAJBgNVBAYT
-AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwgU2VjdXJpdHkg
-TGlicmFyeSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94bWxzZWMpMR4wHAYDVQQL
-ExVUZXN0IFJvb3QgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4x
-ITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbYIJANaOuOCRgiz4MA0G
-CSqGSIb3DQEBBQUAA0EAmLTpL4oqi+VjrLISYYxY5FfAqACYAOpIbIdWM2QtjozB
-dQxFVSK2RHn2z1W2gWy7N8VQmfrggN73LIKOXuoV5A==</X509Certificate>
-</X509Data>
- </KeyInfo>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5">
- <HMACOutputLength>64</HMACOutputLength>
- </SignatureMethod>
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
- <DigestValue>/u+47lA0BK55De4qRAg16w==</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>j202k+irNYE=</SignatureValue>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"/>
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
- <DigestValue>/u+47lA0BK55De4qRAg16w==</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>7uFBgN6DOM9SJj+UBkM2fQ==</SignatureValue>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160">
- <HMACOutputLength>64</HMACOutputLength>
- </SignatureMethod>
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/>
- <DigestValue>Ofs8NqfoXX+r0Cas3GRY2GbzhPo=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>+TxC/QCigpQ=</SignatureValue>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160"/>
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/>
- <DigestValue>Ofs8NqfoXX+r0Cas3GRY2GbzhPo=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>tt3/nrk/uQ79pKHEZaCxXNncAtg=</SignatureValue>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>RCkGabfqV1XpXvx0rGDEIAzs4/U9TDKvZIWN9MBRi5BPAr1pXnX0iAve+2OEeBTm
-nstv7BjG6CDnb69ouJSeWg==</SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
-MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
-Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k
-IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh
-MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn
-ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF
-MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
-YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm
-gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR
-BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5
-IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg
-Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG
-SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN
-AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO
-kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl
-lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate>
-<X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
-MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
-Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
-ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
-ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
-b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
-kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
-DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
-Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
-HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
-EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
-IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
-CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
-MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
-BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
-08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
-T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
-6A==</X509Certificate>
-<X509Certificate>MIID3zCCA4mgAwIBAgIJANaOuOCRgiz6MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG
-A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
-Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
-b20wHhcNMDUwNzEwMDIzMzAyWhcNMTUwNzA4MDIzMzAyWjCBxzELMAkGA1UEBhMC
-VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM
-aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAnBgNVBAsT
-IFRlc3QgVGhpcmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVr
-c2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wXDAN
-BgkqhkiG9w0BAQEFAANLADBIAkEA09BtD3aeVt6DVDkk0dI7Vh7LjqdnsYmW0tbD
-VxxK+nume+Z9Sb4znbUKkWl+vgQATdRUEyhT2P+Gqrd0UBzYfQIDAQABo4IBUzCC
-AU8wDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
-ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNf0xkZ3zjcEI60pVPuwDqTMQygZMIHx
-BgNVHSMEgekwgeaAFP7k7FMk8JWVxxC14US1XTllWuN+oYHCpIG/MIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs
-+DANBgkqhkiG9w0BAQUFAANBAEfjvmWwi2gBpYt7bwF6oHiFLoIh5kiLAPrlOFAb
-PZlLDqr5+eDcr1cf0pksgW7fVE9NzTSmwjDFuEcPqJV62Ek=</X509Certificate>
-</X509Data>
- </KeyInfo>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Document>
- <ToBeSigned>
- Some very secret data
- </ToBeSigned>
- <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
- <Reference URI="">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2">
- <XPath xmlns="http://www.w3.org/2002/06/xmldsig-filter2" Filter="intersect"> //ToBeSigned </XPath>
- </Transform>
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <DigestValue>3om1gINPzaogcdLuDdjIQlls4NE=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>W/X7k6Q6T9RFW56VkRV9HGW5wkyUxvvlUcEyUkggVE04gsOK0Rx0rqq2woUxzkk1
-jvXfCtm2xknb2/cOmqfO/g==</SignatureValue>
- <KeyInfo>
- <X509Data>
-
-
-
-
-
- <X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
-MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
-Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k
-IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh
-MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn
-ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF
-MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
-YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm
-gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR
-BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5
-IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg
-Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG
-SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN
-AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO
-kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl
-lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate>
-<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Second Level RSA Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName>
-<X509IssuerSerial>
-<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Root Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName>
-<X509SerialNumber>15460497845462904056</X509SerialNumber>
-</X509IssuerSerial>
-<X509SKI>/uTsUyTwlZXHELXhRLVdOWVa434=</X509SKI>
-<X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
-MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
-Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
-ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
-ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
-b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
-kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
-DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
-Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
-HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
-EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
-IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
-CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
-MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
-BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
-08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
-T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
-6A==</X509Certificate>
-<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Root Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName>
-<X509IssuerSerial>
-<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Root Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName>
-<X509SerialNumber>15460497845462904055</X509SerialNumber>
-</X509IssuerSerial>
-<X509SKI>2kbpa+av0z2q5SFLUu3KZijg/oU=</X509SKI>
-<X509Certificate>MIID3zCCA4mgAwIBAgIJANaOuOCRgiz6MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG
-A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
-Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
-b20wHhcNMDUwNzEwMDIzMzAyWhcNMTUwNzA4MDIzMzAyWjCBxzELMAkGA1UEBhMC
-VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM
-aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAnBgNVBAsT
-IFRlc3QgVGhpcmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVr
-c2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wXDAN
-BgkqhkiG9w0BAQEFAANLADBIAkEA09BtD3aeVt6DVDkk0dI7Vh7LjqdnsYmW0tbD
-VxxK+nume+Z9Sb4znbUKkWl+vgQATdRUEyhT2P+Gqrd0UBzYfQIDAQABo4IBUzCC
-AU8wDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
-ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNf0xkZ3zjcEI60pVPuwDqTMQygZMIHx
-BgNVHSMEgekwgeaAFP7k7FMk8JWVxxC14US1XTllWuN+oYHCpIG/MIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs
-+DANBgkqhkiG9w0BAQUFAANBAEfjvmWwi2gBpYt7bwF6oHiFLoIh5kiLAPrlOFAb
-PZlLDqr5+eDcr1cf0pksgW7fVE9NzTSmwjDFuEcPqJV62Ek=</X509Certificate>
-<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Third Level RSA Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName>
-<X509IssuerSerial>
-<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Second Level RSA Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName>
-<X509SerialNumber>15460497845462904058</X509SerialNumber>
-</X509IssuerSerial>
-<X509SKI>1/TGRnfONwQjrSlU+7AOpMxDKBk=</X509SKI>
-</X509Data>
- </KeyInfo>
- </Signature>
-</Document>
+++ /dev/null
-<?xml version="1.0"?>
-<!DOCTYPE test [
-<!ATTLIST ToBeSigned Id ID #IMPLIED>
-]>
-<Document xmlns:xenc="http://www.example.org/xenc" xmlns:dsig="http://www.example.org/dsig">
- <ToBeSigned Id="foo">
- <Secrets>Test</Secrets>
- </ToBeSigned>
- <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
- <Reference URI="">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2001/04/xmldsig-more/xptr">
- <XPointer xmlns="http://www.w3.org/2001/04/xmldsig-more/xptr">
- xpointer(id("foo"))
- </XPointer>
- </Transform>
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <DigestValue>faszbFrqwUNeZH5QrXPPobn+zso=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>BTB6iZWZjOIG0JjGjpYbihO3Igg=</SignatureValue>
- <Object Id="object">some text</Object>
- </Signature>
-</Document>
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- d6:8e:b8:e0:91:82:2c:f7
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), OU=Test Root Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
- Validity
- Not Before: Jul 10 02:29:01 2005 GMT
- Not After : Jul 8 02:29:01 2015 GMT
- Subject: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), OU=Test Root Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:da:c9:a1:5a:8c:9c:4e:75:55:3e:f0:48:f0:3b:
- 7d:52:d9:7a:8d:99:8c:71:6c:77:e2:50:93:b7:c3:
- 68:79:ec:e3:d4:90:a0:1c:29:ee:46:be:df:61:25:
- b3:d3:6f:70:b8:6e:53:d2:70:e9:1e:d9:17:b1:2a:
- 75:d2:ee:90:17:5d:bc:45:96:05:25:67:44:0a:d0:
- ad:a9:76:5e:79:f4:e4:a6:ae:d1:f7:98:f3:fd:04:
- 9b:ef:0c:c9:71:91:c3:63:f7:f1:1e:0f:ec:86:77:
- c1:8d:ff:24:fa:3d:30:e1:f0:6f:f8:96:cc:ce:5c:
- bf:ad:c8:a2:24:0b:86:2c:ff
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:TRUE
- Netscape Comment:
- OpenSSL Generated Certificate
- X509v3 Subject Key Identifier:
- DA:46:E9:6B:E6:AF:D3:3D:AA:E5:21:4B:52:ED:CA:66:28:E0:FE:85
- X509v3 Authority Key Identifier:
- keyid:DA:46:E9:6B:E6:AF:D3:3D:AA:E5:21:4B:52:ED:CA:66:28:E0:FE:85
- DirName:/C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/OU=Test Root Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
- serial:D6:8E:B8:E0:91:82:2C:F7
-
- Signature Algorithm: sha1WithRSAEncryption
- 54:5d:b7:4e:4d:0c:00:ad:c3:6b:6f:16:af:cc:04:69:d8:91:
- 8e:9f:3a:3a:5b:34:e6:f8:e1:52:5c:2d:05:d3:c6:30:4f:c8:
- d6:6e:1b:7d:ed:ef:25:34:d5:4e:05:4e:18:ff:7f:11:79:9a:
- 98:0b:d3:aa:16:87:c6:d7:f3:bd:01:d4:39:f1:62:ff:15:68:
- 3c:0e:03:f9:30:93:d3:4f:d9:11:53:71:54:d3:58:d4:89:7d:
- be:91:b7:67:82:16:40:38:99:b4:ce:24:4d:c5:f3:4f:c0:82:
- 16:3c:a6:17:c9:71:0a:41:0c:eb:9f:1c:85:7b:2d:61:3f:b7:
- 20:e8
------BEGIN CERTIFICATE-----
-MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
-MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
-Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
-ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
-ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
-b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
-kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
-DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
-Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
-HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
-EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
-IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
-CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
-MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
-BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
-08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
-T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
-6A==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,77F426A47A174623
-
-FH1NdgJgrX1OGKM0WfzwRUWmLTmfawdaUPeFNJbz1+40J5DEt1DmC6o0QkXoxIPC
-Te/+FS80gNruYgYIWu4WXftCSdvSfGI8LP1JZ7hmMCl055J2mLVKT4o6HqAQnHrb
-hTATVG6CB/GdHTFPG3J65qIyTlG50jyzfwZtliMCCAwi+AaAlo5xzUe0DgedytB2
-sFkLq5EiD6066P/LXPH/Z5SJKiMCFOl0Gjwd3M9ohZufnEJPJT5ap2fm7OSJSfa6
-jPREY+UwhPyKkYOc2c8gojj6HrsSQlXPl176b1+31c19hhhRAtDfJBIU2OrOFVk/
-V88/Dm0I+ROyLme0rYfFg8uHz2aIymzEMds5ZKEFTFbBhaWbVYKIX7+82tftnd+P
-2kT15JAK9V27F0p4SRiQ5RsDkT3rBWsZjtk9Rptkrgec9aKoTaO2fT8bPaWFR/M1
-6X7kjMqhLw1sHmsSeDKx0YCWfS+gWh7RPjGQ2EfH2pxoZkUAR5R3cZCEn3Ia1BeV
-UTFWy+DwjEeSrNkO96E0pH1r8204cJAKK8cWS4HSAPMsQPf5cZjIrrAak/9Wupkq
-fnrB0Ae6GFO2gHYQfbSL+KdEq6w5+S6XZyTauVyaJAjjIFDmegfaKWHzNvqCWJ4T
-YPsiptUrKz6DYyhiUrNJQKcyGWHWrwMNIbldqSBNCa8OIVoaZiRibgO1SIafAGAS
-9MDXXVaY6rqx1yfZYDc9VgKGXTJhBXALCeGMYF43bvAmPq3M13QJA0rlO7lAUUF2
-5INqBUeJxZrYxn6tRr9EMty/UcYnPR3YHgt0RDZycvbcqPsU5tHk9Q==
------END RSA PRIVATE KEY-----
+++ /dev/null
-<?xml version="1.0"?>
-<Keys xmlns="http://www.aleksey.com/xmlsec/2002">
-<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-<KeyName>test-hmac-sha1</KeyName>
-<KeyValue>
-<HMACKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">c2VjcmV0</HMACKeyValue>
-</KeyValue>
-</KeyInfo>
-<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-<KeyName>test-dsa</KeyName>
-<KeyValue>
-<DSAKeyValue>
-<P>
-4jl6DkcmDDBt815kg/WbxW1gnLtqH+kdjqEeFDD9m6EqGqvVhFbbvNNQqAwuaiJU
-nWlR8gG47GtHKFN6w8CM1qteIo3foK504otZFNsl1p3cInQpdRCp2e/lQ+E24J/H
-/n4Ix9pBNV63JIiSIqa+GpDuBpW4o3rrBRxTjOwYpWk=
-</P>
-<Q>
-9WQwByMPy0u1C8e2SeNQTvkG6tM=
-</Q>
-<G>
-Rrg7e8pNLHMFK0pGW7xvzb7Kh6icJSsiBaX6aHqaQc9rSzzMJG3snBuQricNaUH5
-8ipucT+hdPRTo6g0ty5noyyBmqUvYHf9NuskQhPDmC3uTtqQTHeCEuX8XoH3YYlB
-uE4nXvQRGZoyy+43ISe9aDnEAgIUVQXEayTVppRF24I=
-</G>
-<X xmlns="http://www.aleksey.com/xmlsec/2002">
-S3Gt9BE+wZb996U6h4nSNtYxEmE=
-</X>
-<Y>
-WT0+1bR+bj65u5iDJ0MRc6/8iEAbvj7l5sAVn/H+SdZy94wW5mnSLCC5ufN33QPp
-WNvgVk2igM+W51WlhFDgA8Xz9lRPk19jW8BXQpqv11MKoIBpaSAWvnhs/0AKubiT
-XxJz7i78ZJy4hVTn99Rvt6Tc16/LICZfsqIJr+VK4Sg=
-</Y>
-</DSAKeyValue>
-</KeyValue>
-</KeyInfo>
-<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-<KeyName>test-rsa</KeyName>
-<KeyValue>
-<RSAKeyValue>
-<Modulus>
-0rGgazIyv0XjPXGGBwt1wvfCPO++VAlxW15LFinbxCeBkq/5jb/71gC7R2CJtUK4
-y/tIi7g89YBwQosJpgMMZt69fz51omEv/WobD0vUFcbRxek+Yi23ZHxhZMtO42Re
-zfpwgC4ep0fXL+V105BUmjGFYACnUJdtMkG8ahH8/Zs=
-</Modulus>
-<Exponent>
-Aw==
-</Exponent>
-<PrivateExponent xmlns="http://www.aleksey.com/xmlsec/2002">
-jHZq8iF3Ki6Xfkuur1z5LKUsKJ/UOAZLkj7cuXE9LW+rtx/7s9VSjqsnhOsGeNcl
-3VIwXSV9+QBK1wdbxAIIQ16+yWXNY+21K94h4C6ssx44lqgODL25OXDsE92EZFu0
-1gApBhqOUxV1gUXDqMnHqSWbk7/1kwX6RzsioRu0UKs=
-</PrivateExponent>
-</RSAKeyValue>
-</KeyValue>
-</KeyInfo>
-<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-<KeyName>test-des</KeyName>
-<KeyValue>
-<DESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">
-zBFljViy/Qhd8AG0vGxf+SekrJ1ttpIz
-</DESKeyValue>
-</KeyValue>
-</KeyInfo>
-<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-<KeyName>test-aes128</KeyName>
-<KeyValue>
-<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">0Xfy3ES+Fbv/OfWuQHKvPA==</AESKeyValue>
-</KeyValue>
-</KeyInfo>
-<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-<KeyName>test-aes192</KeyName>
-<KeyValue>
-<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">lk9DyA07xL/m45fUb7zbLoy3c0hLhw80</AESKeyValue>
-</KeyValue>
-</KeyInfo>
-<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-<KeyName>test-aes256</KeyName>
-<KeyValue>
-<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">fpCPQLCMZCw9WipH8kk1J75CqYgWBhbJDMFPiUS0hzE=</AESKeyValue>
-</KeyValue>
-</KeyInfo>
-</Keys>
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDSzCCAwugAwIBAgIGAOz46fwJMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
-MB4XDTAyMDQwMjIyNTkyNVoXDTEyMDQwMjIxNTkyNVowbjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
-MIIBtzCCASwGByqGSM44BAEwggEfAoGBAN3jngL6pxMhaVvrk0oK3Y+2C42k5Kch
-3nChSKC7vEGTZBk0CNXIiEwR9JanyJHQh0ovH4lAtw06tyfRbCXn+GFbQxeyaVLx
-0zkKrau2YMeigvFsZM+q0AsTq+xdAKTmIvPcy0aHuDJAxnursdPlrcjk0KFSBjUw
-w1BV61EDWy6xAhUAhDLcFK0GO/Hz1arxOOvsgM/VLyUCgYEAnnx7hbdWozGbtnFg
-nbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43zKt7dlEaQL7b5+JTZ
-t3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM8d2rhd2Ui0xHbk0D
-451nhLxVWulviOSPhzKKvXrbySADgYQAAoGAfag+HCABIJadDD9Aarhgc2QR3Lp7
-PpMOh0lAwLiIsvkO4UlbeOS0IJC8bcqLjM1fVw6FGSaxmq+4y1ag2m9k6IdE0Qh5
-NxB/xFkmdwqXFRIJVp44OeUygB47YK76NmUIYG3DdfiPPU3bqzjvtOtETiCHvo25
-4D6UjwPpYErXRUajNjA0MA4GA1UdDwEB/wQEAwICBDAPBgNVHRMECDAGAQH/AgEA
-MBEGA1UdDgQKBAiDhj5AdjLikzAJBgcqhkjOOAQDAy8AMCwCFELu0nuweqW7Wf0s
-gk/CAGGL0BGKAhRNdgQGr5iyZKoH4oqPm0VJ9TjXLg==
------END CERTIFICATE-----
-
+++ /dev/null
-untested exclusive c14n example signature + c14n output
-merlin@baltimore.ie
-mon jan 14 2002
+++ /dev/null
-<dsig:Object xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="to-be-signed">
- <bar:Baz xmlns:bar="urn:bar">
-
- </bar:Baz>
- </dsig:Object>
\ No newline at end of file
+++ /dev/null
-<dsig:Object xmlns="urn:foo" xmlns:bar="urn:bar" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="to-be-signed">
- <bar:Baz>
-
- </bar:Baz>
- </dsig:Object>
\ No newline at end of file
+++ /dev/null
-<dsig:Object xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="to-be-signed">
- <bar:Baz xmlns:bar="urn:bar">
- <!-- comment -->
- </bar:Baz>
- </dsig:Object>
\ No newline at end of file
+++ /dev/null
-<dsig:Object xmlns="urn:foo" xmlns:bar="urn:bar" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="to-be-signed">
- <bar:Baz>
- <!-- comment -->
- </bar:Baz>
- </dsig:Object>
\ No newline at end of file
+++ /dev/null
-<dsig:SignedInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></dsig:CanonicalizationMethod>
- <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"></dsig:SignatureMethod>
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod>
- <dsig:DigestValue>7yOTjUu+9oEhShgyIIXDLjQ08aY=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
- <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default"></InclusiveNamespaces>
- </dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod>
- <dsig:DigestValue>09xMy0RTQM1Q91demYe/0F6AGXo=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"></dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod>
- <dsig:DigestValue>ZQH+SkCN8c5y0feAr+aRTZDwyvY=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments">
- <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default"></InclusiveNamespaces>
- </dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod>
- <dsig:DigestValue>a1cTqBgbqpUt6bMJN4C6zFtnoyo=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:SignedInfo>
\ No newline at end of file
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Foo xmlns:bar="urn:bar" xmlns="urn:foo" xml:space="preserve">
- <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- <dsig:SignedInfo>
- <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
- <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <dsig:DigestValue></dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
- <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default" />
- </dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <dsig:DigestValue></dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <dsig:DigestValue></dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments">
- <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default" />
- </dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <dsig:DigestValue></dsig:DigestValue>
- </dsig:Reference>
- </dsig:SignedInfo>
- <dsig:SignatureValue>
- </dsig:SignatureValue>
- <dsig:KeyInfo>
- <dsig:KeyValue>
- </dsig:KeyValue>
- </dsig:KeyInfo>
- <dsig:Object Id="to-be-signed">
- <bar:Baz>
- <!-- comment -->
- </bar:Baz>
- </dsig:Object>
- </dsig:Signature>
-</Foo>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Foo xmlns:bar="urn:bar" xmlns="urn:foo" xml:space="preserve">
- <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- <dsig:SignedInfo>
- <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
- <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <dsig:DigestValue>7yOTjUu+9oEhShgyIIXDLjQ08aY=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
- <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default" />
- </dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <dsig:DigestValue>09xMy0RTQM1Q91demYe/0F6AGXo=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <dsig:DigestValue>ZQH+SkCN8c5y0feAr+aRTZDwyvY=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference URI="#xpointer(id('to-be-signed'))">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments">
- <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default" />
- </dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <dsig:DigestValue>a1cTqBgbqpUt6bMJN4C6zFtnoyo=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:SignedInfo>
- <dsig:SignatureValue>
- Kv1e7Kjhz4gFtOZKgvC5cLYtMQNIn99fyLBa6D//bBokTxTUEkMwaA==
- </dsig:SignatureValue>
- <dsig:KeyInfo>
- <dsig:KeyValue>
- <dsig:DSAKeyValue>
- <dsig:P>
- 8FkJgwdyizV5Vd0m6DA/DZsdweJdnkueYVUd7L8aA4JpZxrlCI/M7mDE/OGhEhgB
- nFzSTrBjSFpT7DG66uy7oJeE+RgkXO7EWWOEglMPwaZgGgi1oZarv95VOx3uO8W8
- L7+S/3AuHNUZQD4b5bpdYAmjXFwz6dl0mKiXAvVuP9E=
- </dsig:P>
- <dsig:Q>
- mFf8DiMVNFXy0vag9oNGNW/g4u0=
- </dsig:Q>
- <dsig:G>
- g8gRdNlq9EOTR2TjmVApqCAZAq3jEjOIxXbs8JBiZ+U7dV9geeXEy13GbYoP23Qr
- apZQo+35diw+cMYPHjN+iUCwUkiGWv7/piAK+Ootfw03etL8XiVWjtL5NBof2CNp
- wmAw7mrwmNG092y1e6HXSGMMZpaoth/P8xhsxCQsqI8=
- </dsig:G>
- <dsig:Y>
- j0V14dc/I+okDAeG4ZbWUzb3HTFkEOC6feOMo5Dk218GcPqEKroVHaDBF9CmRV1v
- B8MUOExB+6ZNHfcs5Vaw0HVn62YiEBzrmKikx6SxO4Dg9L8I5WbHn37vxUKvHs8r
- 7+rma3kpZQftTMiBpJ8XK8Z6jg8VhuJqo9yZZO+p3I0=
- </dsig:Y>
- </dsig:DSAKeyValue>
- </dsig:KeyValue>
- </dsig:KeyInfo>
- <dsig:Object Id="to-be-signed">
- <bar:Baz>
- <!-- comment -->
- </bar:Baz>
- </dsig:Object>
- </dsig:Signature>
-</Foo>
+++ /dev/null
-Sample XML Signatures[1][2]
-
-[1] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
-[2] http://www.w3.org/TR/2001/REC-xml-c14n-20010315
-
-1. A large and complex signature:
-
-This includes internal and external base 64, references of the forms
-"", "#xpointer(/)", "#foo" and "#xpointer(id('foo'))" (with and
-without comments), manifests, signature properties, simple xpath
-with here(), xslt, retrieval method and odd interreferential
-dependencies.
-
- signature.xml - A signature
- signature.tmpl - The template from which the signature was created
- signature-c14n-*.txt - All intermediate c14n output
-
-2. Some basic signatures:
-
-The key for the HMAC-SHA1 signatures is "secret".getBytes("ASCII")
-which is, in hex, (73 65 63 72 65 74). No key info is provided for
-these signatures.
-
- signature-enveloped-dsa.xml
- signature-enveloping-b64-dsa.xml
- signature-enveloping-dsa.xml
- signature-enveloping-hmac-sha1-40.xml
- signature-enveloping-hmac-sha1.xml
- signature-enveloping-rsa.xml
- signature-external-b64-dsa.xml
- signature-external-dsa.xml - The signatures
- signature-*-c14n-*.txt - The intermediate c14n output
-
-3. Varying key information:
-
-To resolve the key associated with the KeyName in `signature-keyname.xml'
-you must perform a cunning transformation from the name `Xxx' to the
-certificate that resides in the directory `certs/' that has a subject name
-containing the common name `Xxx', which happens to be in the file
-`certs/xxx.crt'.
-
-To resolve the key associated with the X509Data in `signature-x509-is.xml',
-`signature-x509-ski.xml' and `signature-x509-sn.xml' you need to resolve
-the identified certificate from those in the `certs' directory.
-
-In `signature-x509-crt-crl.xml' an X.509 CRL is present which has revoked
-the X.509 certificate used for signing. So verification should be
-qualified.
-
- signature-keyname.xml
- signature-retrievalmethod-rawx509crt.xml
- signature-x509-crt-crl.xml
- signature-x509-crt.xml
- signature-x509-is.xml
- signature-x509-ski.xml
- signature-x509-sn.xml - The signatures
- certs/*.crt - The certificates
-
-Merlin Hughes <merlin@baltimore.ie>
-Baltimore Technologies, Ltd.
-http://www.baltimore.com/
-
-Thursday, April 4, 2002
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDTjCCAw6gAwIBAgIGAOz5IWdKMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
-c2llbnQgQ0EwHhcNMDIwNDAyMjM1OTU3WhcNMTIwNDAyMjI1OTQ2WjBmMQswCQYD
-VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
-aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ0wCwYDVQQDEwRCYWRi
-MIIBtjCCASsGByqGSM44BAEwggEeAoGBAISKsEonjNGgHs/uh+9YKgnwZ8Bt3T7u
-yQBJW9dxpMF0cPUXz4dFbSFY4QyW8igCLswpOa+eHHEYsWvE0Nr1lcKHUPXq7u41
-JJwHNq1RAFeZiU6wa+1FL3v1/T1rAgzepV7xS4iafz4vxdHMlfwgKfoyKfq6JU1z
-oVM/ahI5xWDDAhUAmEv6eIJrB4KN0fPRABPx3NHYclkCgYAlhuYZ/AzPta7+bE5C
-QasmSVzc8uM/e+LN7ABlEXwQRk6QfZBcX8TbePNE8ZFng4Uft/QzAOUxALET7kKA
-ek4Jeytpzc0XYCYyuGJATm4F9ZY1pAJ5yQmUmwvDYdlaZJ4ldGzO/R57Evngn/G4
-tqjjoi0sx3jq7czvDwdGHnky0AOBhAACgYATQutuLkVzLAWmxY7yUNr12h3oXy54
-Bq1CfurLlhfiraKcFqe6QB6DvfEbh+4e/GeQIPI3y+dP/zkvrbdjN6l74mCueWTI
-dyn+wrhsvHbx6sb8YiElOKE7xnM1Nv8jOgcOR1NwJinjKqPv+stIdDENExfx6Ubz
-8hrtRueuFP3b36M6MDgwDgYDVR0PAQH/BAQDAgeAMBEGA1UdDgQKBAiAtARqytE1
-qDATBgNVHSMEDDAKgAiKHFYwWjISfTAJBgcqhkjOOAQDAy8AMCwCFFKTrj8PpVIm
-Yzp9a4bruXQS6ZvQAhQ1kT4Tac5xe7Gu8fu4RlzNTm911A==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDTzCCAw+gAwIBAgIGAOz5IaxHMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
-c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDE1WhcNMTIwNDAyMjI1OTQ2WjBnMQswCQYD
-VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
-aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ4wDAYDVQQDEwVCYWxv
-cjCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCEirBKJ4zRoB7P7ofvWCoJ8GfAbd0+
-7skASVvXcaTBdHD1F8+HRW0hWOEMlvIoAi7MKTmvnhxxGLFrxNDa9ZXCh1D16u7u
-NSScBzatUQBXmYlOsGvtRS979f09awIM3qVe8UuImn8+L8XRzJX8ICn6Min6uiVN
-c6FTP2oSOcVgwwIVAJhL+niCaweCjdHz0QAT8dzR2HJZAoGAJYbmGfwMz7Wu/mxO
-QkGrJklc3PLjP3vizewAZRF8EEZOkH2QXF/E23jzRPGRZ4OFH7f0MwDlMQCxE+5C
-gHpOCXsrac3NF2AmMrhiQE5uBfWWNaQCeckJlJsLw2HZWmSeJXRszv0eexL54J/x
-uLao46ItLMd46u3M7w8HRh55MtADgYQAAoGAbueMW9xlSwsHNyM3j1KFYeM2yUon
-KtIVOMFc4VmNFE14ldDEldIK/8072nA2fCJvWfhTTC5DOAjzvSmH8sw2cgCLuo72
-K39mC5aDx3/US5x+WwiDqYiVQbrir09mHdnjGnRRPWTjmA4AM3PBOCNi8VykODIB
-r9sgc3UAV+b8jl+jOjA4MA4GA1UdDwEB/wQEAwIHgDARBgNVHQ4ECgQIg+4EbbfC
-EBMwEwYDVR0jBAwwCoAIihxWMFoyEn0wCQYHKoZIzjgEAwMvADAsAhRDxoNOoKQC
-6qpfb4Eh4YrYxHnwnwIUZKOfYeB62qVk0Mpd4V/zHNWC360=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDTjCCAw6gAwIBAgIGAOz5Id5/MAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
-c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDI4WhcNMTIwNDAyMjI1OTQ2WjBmMQswCQYD
-VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
-aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ0wCwYDVQQDEwRCcmVz
-MIIBtjCCASsGByqGSM44BAEwggEeAoGBAISKsEonjNGgHs/uh+9YKgnwZ8Bt3T7u
-yQBJW9dxpMF0cPUXz4dFbSFY4QyW8igCLswpOa+eHHEYsWvE0Nr1lcKHUPXq7u41
-JJwHNq1RAFeZiU6wa+1FL3v1/T1rAgzepV7xS4iafz4vxdHMlfwgKfoyKfq6JU1z
-oVM/ahI5xWDDAhUAmEv6eIJrB4KN0fPRABPx3NHYclkCgYAlhuYZ/AzPta7+bE5C
-QasmSVzc8uM/e+LN7ABlEXwQRk6QfZBcX8TbePNE8ZFng4Uft/QzAOUxALET7kKA
-ek4Jeytpzc0XYCYyuGJATm4F9ZY1pAJ5yQmUmwvDYdlaZJ4ldGzO/R57Evngn/G4
-tqjjoi0sx3jq7czvDwdGHnky0AOBhAACgYBgvDFxw1U6Ou2G6P/+347Jfk2wPB1/
-atr4p3JUVLuT0ExZG6np+rKiXmcBbYKbAhMY37zVkroR9bwo+NgaJGubQ4ex5Y1X
-N2Q5gIHNhNfKr8G4LPVqWGxf/lFPDYxX3ezqBJPpJCJTREX7s6Hp/VTV2SpQlySv
-+GRcFKJFPlhD9aM6MDgwDgYDVR0PAQH/BAQDAgeAMBEGA1UdDgQKBAiC+5gx0MHL
-hTATBgNVHSMEDDAKgAiKHFYwWjISfTAJBgcqhkjOOAQDAy8AMCwCFDTcM5i61uqq
-/aveERhOJ6NG/LubAhREVDtAeNbTEywXr4O7KvEEvFLUjg==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDWjCCAxqgAwIBAgIGAOz5ITo8MAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
-c2llbnQgQ0EwHhcNMDIwNDAyMjM1OTQ2WhcNMTIwNDAyMjI1OTQ2WjB2MQswCQYD
-VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
-aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMR0wGwYDVQQDExRBbm90
-aGVyIFRyYW5zaWVudCBDQTCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCEirBKJ4zR
-oB7P7ofvWCoJ8GfAbd0+7skASVvXcaTBdHD1F8+HRW0hWOEMlvIoAi7MKTmvnhxx
-GLFrxNDa9ZXCh1D16u7uNSScBzatUQBXmYlOsGvtRS979f09awIM3qVe8UuImn8+
-L8XRzJX8ICn6Min6uiVNc6FTP2oSOcVgwwIVAJhL+niCaweCjdHz0QAT8dzR2HJZ
-AoGAJYbmGfwMz7Wu/mxOQkGrJklc3PLjP3vizewAZRF8EEZOkH2QXF/E23jzRPGR
-Z4OFH7f0MwDlMQCxE+5CgHpOCXsrac3NF2AmMrhiQE5uBfWWNaQCeckJlJsLw2HZ
-WmSeJXRszv0eexL54J/xuLao46ItLMd46u3M7w8HRh55MtADgYQAAoGADpGA7hzl
-zqaxtr6U+w86qQmoDJhIPMGAUG65aFhGDLm410IzA30J4DYEd9gpnG7lNF+AeHQq
-rpvUN+H0CB0eSxiElFRiV+x+oYUN/p1v/mbKXb4H1+mT7XTi5G/k9Kw5e8UbNgDC
-Ij/2uewSMd5y+jkWUUUXlwYbqt5pOZZhmtejNjA0MA4GA1UdDwEB/wQEAwICBDAP
-BgNVHRMECDAGAQH/AgEAMBEGA1UdDgQKBAiKHFYwWjISfTAJBgcqhkjOOAQDAy8A
-MCwCFDI9WLFVplIMf5ta+kB2s/BHBzm9AhQTczFDTX/7sawplNpLfzu5i/g+qA==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDTzCCAw6gAwIBAgIGAOz5IcSmMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
-c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDIxWhcNMTIwNDAyMjI1OTQ2WjBmMQswCQYD
-VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
-aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ0wCwYDVQQDEwRMdWdo
-MIIBtjCCASsGByqGSM44BAEwggEeAoGBAISKsEonjNGgHs/uh+9YKgnwZ8Bt3T7u
-yQBJW9dxpMF0cPUXz4dFbSFY4QyW8igCLswpOa+eHHEYsWvE0Nr1lcKHUPXq7u41
-JJwHNq1RAFeZiU6wa+1FL3v1/T1rAgzepV7xS4iafz4vxdHMlfwgKfoyKfq6JU1z
-oVM/ahI5xWDDAhUAmEv6eIJrB4KN0fPRABPx3NHYclkCgYAlhuYZ/AzPta7+bE5C
-QasmSVzc8uM/e+LN7ABlEXwQRk6QfZBcX8TbePNE8ZFng4Uft/QzAOUxALET7kKA
-ek4Jeytpzc0XYCYyuGJATm4F9ZY1pAJ5yQmUmwvDYdlaZJ4ldGzO/R57Evngn/G4
-tqjjoi0sx3jq7czvDwdGHnky0AOBhAACgYBIdlgw5JS5w1C4a5zQVul03YLFTkaX
-6RxbTYsDcnb0SyegrcKQ5y7MgaeDTUVIzCe6Q1WNjvT1fLwWmygpNVUUOZKEJT3p
-kSB+8/7IrGM+IWUTxkyIwasgsmrQnV/a+CSRFVDzZQKJFzcdCfZmK0yxh2NrPMiQ
-ogOgroVjgLrlE6M6MDgwDgYDVR0PAQH/BAQDAgeAMBEGA1UdDgQKBAiMWQ6+Iv7t
-UDATBgNVHSMEDDAKgAiKHFYwWjISfTAJBgcqhkjOOAQDAzAAMC0CFQCE72yE3Jte
-0ltPp3yWpePyMp0RJgIUdB+bQ5BzY7G332mPCCH7dNa1Y0Q=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN PUBLIC KEY-----
-MIIBtjCCASsGByqGSM44BAEwggEeAoGBAISKsEonjNGgHs/uh+9YKgnwZ8Bt3T7u
-yQBJW9dxpMF0cPUXz4dFbSFY4QyW8igCLswpOa+eHHEYsWvE0Nr1lcKHUPXq7u41
-JJwHNq1RAFeZiU6wa+1FL3v1/T1rAgzepV7xS4iafz4vxdHMlfwgKfoyKfq6JU1z
-oVM/ahI5xWDDAhUAmEv6eIJrB4KN0fPRABPx3NHYclkCgYAlhuYZ/AzPta7+bE5C
-QasmSVzc8uM/e+LN7ABlEXwQRk6QfZBcX8TbePNE8ZFng4Uft/QzAOUxALET7kKA
-ek4Jeytpzc0XYCYyuGJATm4F9ZY1pAJ5yQmUmwvDYdlaZJ4ldGzO/R57Evngn/G4
-tqjjoi0sx3jq7czvDwdGHnky0AOBhAACgYBIdlgw5JS5w1C4a5zQVul03YLFTkaX
-6RxbTYsDcnb0SyegrcKQ5y7MgaeDTUVIzCe6Q1WNjvT1fLwWmygpNVUUOZKEJT3p
-kSB+8/7IrGM+IWUTxkyIwasgsmrQnV/a+CSRFVDzZQKJFzcdCfZmK0yxh2NrPMiQ
-ogOgroVjgLrlEw==
------END PUBLIC KEY-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDUDCCAw+gAwIBAgIGAOz5IXv6MAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
-c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDAzWhcNMTIwNDAyMjI1OTQ2WjBnMQswCQYD
-VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
-aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ4wDAYDVQQDEwVNYWNo
-YTCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCEirBKJ4zRoB7P7ofvWCoJ8GfAbd0+
-7skASVvXcaTBdHD1F8+HRW0hWOEMlvIoAi7MKTmvnhxxGLFrxNDa9ZXCh1D16u7u
-NSScBzatUQBXmYlOsGvtRS979f09awIM3qVe8UuImn8+L8XRzJX8ICn6Min6uiVN
-c6FTP2oSOcVgwwIVAJhL+niCaweCjdHz0QAT8dzR2HJZAoGAJYbmGfwMz7Wu/mxO
-QkGrJklc3PLjP3vizewAZRF8EEZOkH2QXF/E23jzRPGRZ4OFH7f0MwDlMQCxE+5C
-gHpOCXsrac3NF2AmMrhiQE5uBfWWNaQCeckJlJsLw2HZWmSeJXRszv0eexL54J/x
-uLao46ItLMd46u3M7w8HRh55MtADgYQAAoGAXenEaP4SIoG3ukTjtqT8TOKddzyb
-dd8epOpGDnPemC6hmsjkbfNDrKEdbsb9AKhb0pp2HKWxNPzPACJ65LMgrtTPY/6f
-NLxB1/o+J1dJR7nehKF9WjwDjAJJ6f9Wc4OwJP7B7DlwWzhaMMNOzmASAUU/AoeL
-WTuMfjA3O+6hm6ijOjA4MA4GA1UdDwEB/wQEAwIHgDARBgNVHQ4ECgQIizPsQXmT
-yPowEwYDVR0jBAwwCoAIihxWMFoyEn0wCQYHKoZIzjgEAwMwADAtAhUAiT4zE8AB
-6veOzVcWxkyYFwHcnFsCFDorkHKzPCnWkmpuDY39GvfKEYBA
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDSzCCAwugAwIBAgIGAOz46fwJMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
-MB4XDTAyMDQwMjIyNTkyNVoXDTEyMDQwMjIxNTkyNVowbjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
-MIIBtzCCASwGByqGSM44BAEwggEfAoGBAN3jngL6pxMhaVvrk0oK3Y+2C42k5Kch
-3nChSKC7vEGTZBk0CNXIiEwR9JanyJHQh0ovH4lAtw06tyfRbCXn+GFbQxeyaVLx
-0zkKrau2YMeigvFsZM+q0AsTq+xdAKTmIvPcy0aHuDJAxnursdPlrcjk0KFSBjUw
-w1BV61EDWy6xAhUAhDLcFK0GO/Hz1arxOOvsgM/VLyUCgYEAnnx7hbdWozGbtnFg
-nbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43zKt7dlEaQL7b5+JTZ
-t3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM8d2rhd2Ui0xHbk0D
-451nhLxVWulviOSPhzKKvXrbySADgYQAAoGAfag+HCABIJadDD9Aarhgc2QR3Lp7
-PpMOh0lAwLiIsvkO4UlbeOS0IJC8bcqLjM1fVw6FGSaxmq+4y1ag2m9k6IdE0Qh5
-NxB/xFkmdwqXFRIJVp44OeUygB47YK76NmUIYG3DdfiPPU3bqzjvtOtETiCHvo25
-4D6UjwPpYErXRUajNjA0MA4GA1UdDwEB/wQEAwICBDAPBgNVHRMECDAGAQH/AgEA
-MBEGA1UdDgQKBAiDhj5AdjLikzAJBgcqhkjOOAQDAy8AMCwCFELu0nuweqW7Wf0s
-gk/CAGGL0BGKAhRNdgQGr5iyZKoH4oqPm0VJ9TjXLg==
------END CERTIFICATE-----
-
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDUDCCAxCgAwIBAgIGAOz5IVHTMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
-c2llbnQgQ0EwHhcNMDIwNDAyMjM1OTUyWhcNMTIwNDAyMjI1OTQ2WjBoMQswCQYD
-VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
-aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ8wDQYDVQQDEwZNb3Jp
-Z3UwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAhIqwSieM0aAez+6H71gqCfBnwG3d
-Pu7JAElb13GkwXRw9RfPh0VtIVjhDJbyKAIuzCk5r54ccRixa8TQ2vWVwodQ9eru
-7jUknAc2rVEAV5mJTrBr7UUve/X9PWsCDN6lXvFLiJp/Pi/F0cyV/CAp+jIp+rol
-TXOhUz9qEjnFYMMCFQCYS/p4gmsHgo3R89EAE/Hc0dhyWQKBgCWG5hn8DM+1rv5s
-TkJBqyZJXNzy4z974s3sAGURfBBGTpB9kFxfxNt480TxkWeDhR+39DMA5TEAsRPu
-QoB6Tgl7K2nNzRdgJjK4YkBObgX1ljWkAnnJCZSbC8Nh2VpkniV0bM79HnsS+eCf
-8bi2qOOiLSzHeOrtzO8PB0YeeTLQA4GEAAKBgH1NBJ9Az5TwY4tDE0dPYVHHABt+
-yLspnT3k9G6YWUMFhZ/+3RuqEPjnKrPfUoXTTJGIACgPU3/PkqwrPVD0JMdpOcnZ
-LHiJ/P7QRQeMwDRoBrs7genB1bDd4pSJrEUcjrkA5uRrIj2Z5fL+UuLiLGPO2rM7
-BNQRIq3QFPdX++NuozowODAOBgNVHQ8BAf8EBAMCB4AwEQYDVR0OBAoECIK7Ljjh
-+EsfMBMGA1UdIwQMMAqACIocVjBaMhJ9MAkGByqGSM44BAMDLwAwLAIUEJJCOHw8
-ppxoRyz3s+Vmb4NKIfMCFDgJoZn9zh/3WoYNBURODwLvyBOy
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDUDCCAxCgAwIBAgIGAOz5IZDHMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
-DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
-cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
-c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDA4WhcNMTIwNDAyMjI1OTQ2WjBoMQswCQYD
-VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
-aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ8wDQYDVQQDEwZOZW1h
-aW4wggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAhIqwSieM0aAez+6H71gqCfBnwG3d
-Pu7JAElb13GkwXRw9RfPh0VtIVjhDJbyKAIuzCk5r54ccRixa8TQ2vWVwodQ9eru
-7jUknAc2rVEAV5mJTrBr7UUve/X9PWsCDN6lXvFLiJp/Pi/F0cyV/CAp+jIp+rol
-TXOhUz9qEjnFYMMCFQCYS/p4gmsHgo3R89EAE/Hc0dhyWQKBgCWG5hn8DM+1rv5s
-TkJBqyZJXNzy4z974s3sAGURfBBGTpB9kFxfxNt480TxkWeDhR+39DMA5TEAsRPu
-QoB6Tgl7K2nNzRdgJjK4YkBObgX1ljWkAnnJCZSbC8Nh2VpkniV0bM79HnsS+eCf
-8bi2qOOiLSzHeOrtzO8PB0YeeTLQA4GEAAKBgHzbc/0aTzXwKKeT85kjCq2HD4WY
-nZC9DOck02gNhNbEgN+wGeUPDSQM/vhmxVeoK3ptVA/sU8arBW8V+AdrU/9hJr0v
-nEiqgt9WQLHUhnMJiXTMLcS7XHeIVcwh/iRjD61HUp1cby9UMHZRsW6Ys8rUi0Zn
-/1KrtpTwZJuNwsYIozowODAOBgNVHQ8BAf8EBAMCB4AwEQYDVR0OBAoECIX9dMSn
-0pyIMBMGA1UdIwQMMAqACIocVjBaMhJ9MAkGByqGSM44BAMDLwAwLAIUFRYkL6qD
-NZWtKU03+WYBiGEGSoECFEtRGI19WHg+sT9fBfGKfo8NnJX4
------END CERTIFICATE-----
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Envelope xmlns="http://example.org/envelope">
- <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>fdy6S2NLpnT4fMdokUHSHsmpcvo=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- Z4pBb+o+XOKWME7CpLyXuNqyIYdXOcGvthfUf+ZDLL5immPx+3tK8Q==
- </SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P>
- 3eOeAvqnEyFpW+uTSgrdj7YLjaTkpyHecKFIoLu8QZNkGTQI1ciITBH0lqfIkdCH
- Si8fiUC3DTq3J9FsJef4YVtDF7JpUvHTOQqtq7Zgx6KC8Wxkz6rQCxOr7F0ApOYi
- 89zLRoe4MkDGe6ux0+WtyOTQoVIGNTDDUFXrUQNbLrE=
- </P>
- <Q>
- hDLcFK0GO/Hz1arxOOvsgM/VLyU=
- </Q>
- <G>
- nnx7hbdWozGbtnFgnbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43z
- Kt7dlEaQL7b5+JTZt3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM
- 8d2rhd2Ui0xHbk0D451nhLxVWulviOSPhzKKvXrbySA=
- </G>
- <Y>
- cfYpihpAQeepbNFS4MAbQRhdXpDi5wLrwxE5hIvoYqo1L8BQVu8fY1TFAPtoae1i
- Bg/GIJyP3iLfyuBJaDvJJLP30wBH9i/s5J3656PevpOVdTfi777Fi9Gj6y/ib2Vv
- +OZfJkkp4L50+p5TUhPmQLJtREsgtl+tnIOyJT++G9U=
- </Y>
- </DSAKeyValue>
- </KeyValue>
- </KeyInfo>
- </Signature>
-</Envelope>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="#object">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>N6pjx3OY2VRHMmLhoAV8HmMu2nc=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- KgAeq8e0yUNfFz+mFlZ3QgyQNMciV+Z3BoDQDvQNker7pazEnJmOIA==
- </SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P>
- 3eOeAvqnEyFpW+uTSgrdj7YLjaTkpyHecKFIoLu8QZNkGTQI1ciITBH0lqfIkdCH
- Si8fiUC3DTq3J9FsJef4YVtDF7JpUvHTOQqtq7Zgx6KC8Wxkz6rQCxOr7F0ApOYi
- 89zLRoe4MkDGe6ux0+WtyOTQoVIGNTDDUFXrUQNbLrE=
- </P>
- <Q>
- hDLcFK0GO/Hz1arxOOvsgM/VLyU=
- </Q>
- <G>
- nnx7hbdWozGbtnFgnbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43z
- Kt7dlEaQL7b5+JTZt3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM
- 8d2rhd2Ui0xHbk0D451nhLxVWulviOSPhzKKvXrbySA=
- </G>
- <Y>
- cfYpihpAQeepbNFS4MAbQRhdXpDi5wLrwxE5hIvoYqo1L8BQVu8fY1TFAPtoae1i
- Bg/GIJyP3iLfyuBJaDvJJLP30wBH9i/s5J3656PevpOVdTfi777Fi9Gj6y/ib2Vv
- +OZfJkkp4L50+p5TUhPmQLJtREsgtl+tnIOyJT++G9U=
- </Y>
- </DSAKeyValue>
- </KeyValue>
- </KeyInfo>
- <Object Id="object">c29tZSB0ZXh0</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- PfD92lkxKgc2OKvF4p0ba6cJj6d1eqIDx5Q1hvVYTviotje23Snunw==
- </SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P>
- 3eOeAvqnEyFpW+uTSgrdj7YLjaTkpyHecKFIoLu8QZNkGTQI1ciITBH0lqfIkdCH
- Si8fiUC3DTq3J9FsJef4YVtDF7JpUvHTOQqtq7Zgx6KC8Wxkz6rQCxOr7F0ApOYi
- 89zLRoe4MkDGe6ux0+WtyOTQoVIGNTDDUFXrUQNbLrE=
- </P>
- <Q>
- hDLcFK0GO/Hz1arxOOvsgM/VLyU=
- </Q>
- <G>
- nnx7hbdWozGbtnFgnbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43z
- Kt7dlEaQL7b5+JTZt3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM
- 8d2rhd2Ui0xHbk0D451nhLxVWulviOSPhzKKvXrbySA=
- </G>
- <Y>
- cfYpihpAQeepbNFS4MAbQRhdXpDi5wLrwxE5hIvoYqo1L8BQVu8fY1TFAPtoae1i
- Bg/GIJyP3iLfyuBJaDvJJLP30wBH9i/s5J3656PevpOVdTfi777Fi9Gj6y/ib2Vv
- +OZfJkkp4L50+p5TUhPmQLJtREsgtl+tnIOyJT++G9U=
- </Y>
- </DSAKeyValue>
- </KeyValue>
- </KeyInfo>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
- <HMACOutputLength>40</HMACOutputLength>
- </SignatureMethod>
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- HHiqvCU=
- </SignatureValue>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- JElPttIT4Am7Q+MNoMyv+WDfAZw=
- </SignatureValue>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
- <Reference URI="#object">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- ov3HOoPN0w71N3DdGNhN+dSzQm6NJFUB5qGKRp9Q986nVzMb8wCIVxCQu+x3vMtq
- p4/R3KEcPtEJSaoR+thGq++GPIh2mZXyWJs3xHy9P4xmoTVwli7/l7s8ebDSmnbZ
- 7xZU4Iy1BSMZSxGKnRG+Z/0GJIfTz8jhH6wCe3l03L4=
- </SignatureValue>
- <KeyInfo>
- <KeyValue>
- <RSAKeyValue>
- <Modulus>
- q07hpxA5DGFfvJFZueFl/LI85XxQxrvqgVugL25V090A9MrlLBg5PmAsxFTe+G6a
- xvWJQwYOVHj/nuiCnNLa9a7uAtPFiTtW+v5H3wlLaY3ws4atRBNOQlYkIBp38sTf
- QBkk4i8PEU1GQ2M0CLIJq4/2Akfv1wxzSQ9+8oWkArc=
- </Modulus>
- <Exponent>
- AQAB
- </Exponent>
- </RSAKeyValue>
- </KeyValue>
- </KeyInfo>
- <Object Id="object">some text</Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="http://www.w3.org/Signature/2002/04/xml-stylesheet.b64">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- IhOlAjMFaZtkEju5R5bi528h1HpDa4A21sudZynhJRRLjZuQIHZ3eQ==
- </SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P>
- 3eOeAvqnEyFpW+uTSgrdj7YLjaTkpyHecKFIoLu8QZNkGTQI1ciITBH0lqfIkdCH
- Si8fiUC3DTq3J9FsJef4YVtDF7JpUvHTOQqtq7Zgx6KC8Wxkz6rQCxOr7F0ApOYi
- 89zLRoe4MkDGe6ux0+WtyOTQoVIGNTDDUFXrUQNbLrE=
- </P>
- <Q>
- hDLcFK0GO/Hz1arxOOvsgM/VLyU=
- </Q>
- <G>
- nnx7hbdWozGbtnFgnbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43z
- Kt7dlEaQL7b5+JTZt3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM
- 8d2rhd2Ui0xHbk0D451nhLxVWulviOSPhzKKvXrbySA=
- </G>
- <Y>
- cfYpihpAQeepbNFS4MAbQRhdXpDi5wLrwxE5hIvoYqo1L8BQVu8fY1TFAPtoae1i
- Bg/GIJyP3iLfyuBJaDvJJLP30wBH9i/s5J3656PevpOVdTfi777Fi9Gj6y/ib2Vv
- +OZfJkkp4L50+p5TUhPmQLJtREsgtl+tnIOyJT++G9U=
- </Y>
- </DSAKeyValue>
- </KeyValue>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- LaL1/t/XodYvDJDgSEbq47GX8ltnlx3FFURdi7o+UFVi+zLf0WyWaQ==
- </SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P>
- 3eOeAvqnEyFpW+uTSgrdj7YLjaTkpyHecKFIoLu8QZNkGTQI1ciITBH0lqfIkdCH
- Si8fiUC3DTq3J9FsJef4YVtDF7JpUvHTOQqtq7Zgx6KC8Wxkz6rQCxOr7F0ApOYi
- 89zLRoe4MkDGe6ux0+WtyOTQoVIGNTDDUFXrUQNbLrE=
- </P>
- <Q>
- hDLcFK0GO/Hz1arxOOvsgM/VLyU=
- </Q>
- <G>
- nnx7hbdWozGbtnFgnbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43z
- Kt7dlEaQL7b5+JTZt3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM
- 8d2rhd2Ui0xHbk0D451nhLxVWulviOSPhzKKvXrbySA=
- </G>
- <Y>
- cfYpihpAQeepbNFS4MAbQRhdXpDi5wLrwxE5hIvoYqo1L8BQVu8fY1TFAPtoae1i
- Bg/GIJyP3iLfyuBJaDvJJLP30wBH9i/s5J3656PevpOVdTfi777Fi9Gj6y/ib2Vv
- +OZfJkkp4L50+p5TUhPmQLJtREsgtl+tnIOyJT++G9U=
- </Y>
- </DSAKeyValue>
- </KeyValue>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- JkJ3GplEU0iDbqSv7ZOXhvv3zeM1KmP+CLphhoc+NPYqpGYQiW6O6w==
- </SignatureValue>
- <KeyInfo>
- <KeyName>Lugh</KeyName>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- SNB5FI193RFXoG2j8Z9bXWgW7BMPICqNob4Hjh08oou4tkhGxz4+pg==
- </SignatureValue>
- <KeyInfo>
- <RetrievalMethod Type="http://www.w3.org/2000/09/xmldsig#rawX509Certificate" URI="tests/merlin-xmldsig-twenty-three/certs/balor.der" />
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- WF6EaX66f8CdGE6NafmzdLpb/1OVYX4kBNsqgGIqHR5JZAu4HpbVQQ==
- </SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509Certificate>
- MIIDTjCCAw6gAwIBAgIGAOz5Id5/MAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
- c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDI4WhcNMTIwNDAyMjI1OTQ2WjBmMQswCQYD
- VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
- aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ0wCwYDVQQDEwRCcmVz
- MIIBtjCCASsGByqGSM44BAEwggEeAoGBAISKsEonjNGgHs/uh+9YKgnwZ8Bt3T7u
- yQBJW9dxpMF0cPUXz4dFbSFY4QyW8igCLswpOa+eHHEYsWvE0Nr1lcKHUPXq7u41
- JJwHNq1RAFeZiU6wa+1FL3v1/T1rAgzepV7xS4iafz4vxdHMlfwgKfoyKfq6JU1z
- oVM/ahI5xWDDAhUAmEv6eIJrB4KN0fPRABPx3NHYclkCgYAlhuYZ/AzPta7+bE5C
- QasmSVzc8uM/e+LN7ABlEXwQRk6QfZBcX8TbePNE8ZFng4Uft/QzAOUxALET7kKA
- ek4Jeytpzc0XYCYyuGJATm4F9ZY1pAJ5yQmUmwvDYdlaZJ4ldGzO/R57Evngn/G4
- tqjjoi0sx3jq7czvDwdGHnky0AOBhAACgYBgvDFxw1U6Ou2G6P/+347Jfk2wPB1/
- atr4p3JUVLuT0ExZG6np+rKiXmcBbYKbAhMY37zVkroR9bwo+NgaJGubQ4ex5Y1X
- N2Q5gIHNhNfKr8G4LPVqWGxf/lFPDYxX3ezqBJPpJCJTREX7s6Hp/VTV2SpQlySv
- +GRcFKJFPlhD9aM6MDgwDgYDVR0PAQH/BAQDAgeAMBEGA1UdDgQKBAiC+5gx0MHL
- hTATBgNVHSMEDDAKgAiKHFYwWjISfTAJBgcqhkjOOAQDAy8AMCwCFDTcM5i61uqq
- /aveERhOJ6NG/LubAhREVDtAeNbTEywXr4O7KvEEvFLUjg==
- </X509Certificate>
- <X509CRL>
- MIIBJDCB5AIBATAJBgcqhkjOOAQDMHYxCzAJBgNVBAYTAklFMQ8wDQYDVQQIEwZE
- dWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9sb2dpZXMgTHRkLjERMA8G
- A1UECxMIWC9TZWN1cmUxHTAbBgNVBAMTFEFub3RoZXIgVHJhbnNpZW50IENBFw0w
- MjA0MDQwMjE2NThaFw0xMTA0MDIwMjE2NThaMBkwFwIGAOz5Id5/Fw0wMjA0MDQw
- MjE2NThaoCMwITATBgNVHSMEDDAKgAiKHFYwWjISfTAKBgNVHRQEAwIBADAJBgcq
- hkjOOAQDAzAAMC0CFCEIm38fvGzSJHms284hUs9dNB8nAhUAjEtZr0TGgc6sVRVk
- krEgltdo7Jw=
- </X509CRL>
- </X509Data>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- GCQVmBq+1H7e9IjvKfe+egLM1Jlp3L1JCGkl9SlJ0eaDh2MKYUUnHA==
- </SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509Certificate>
- MIIDUDCCAxCgAwIBAgIGAOz5IVHTMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
- c2llbnQgQ0EwHhcNMDIwNDAyMjM1OTUyWhcNMTIwNDAyMjI1OTQ2WjBoMQswCQYD
- VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
- aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ8wDQYDVQQDEwZNb3Jp
- Z3UwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAhIqwSieM0aAez+6H71gqCfBnwG3d
- Pu7JAElb13GkwXRw9RfPh0VtIVjhDJbyKAIuzCk5r54ccRixa8TQ2vWVwodQ9eru
- 7jUknAc2rVEAV5mJTrBr7UUve/X9PWsCDN6lXvFLiJp/Pi/F0cyV/CAp+jIp+rol
- TXOhUz9qEjnFYMMCFQCYS/p4gmsHgo3R89EAE/Hc0dhyWQKBgCWG5hn8DM+1rv5s
- TkJBqyZJXNzy4z974s3sAGURfBBGTpB9kFxfxNt480TxkWeDhR+39DMA5TEAsRPu
- QoB6Tgl7K2nNzRdgJjK4YkBObgX1ljWkAnnJCZSbC8Nh2VpkniV0bM79HnsS+eCf
- 8bi2qOOiLSzHeOrtzO8PB0YeeTLQA4GEAAKBgH1NBJ9Az5TwY4tDE0dPYVHHABt+
- yLspnT3k9G6YWUMFhZ/+3RuqEPjnKrPfUoXTTJGIACgPU3/PkqwrPVD0JMdpOcnZ
- LHiJ/P7QRQeMwDRoBrs7genB1bDd4pSJrEUcjrkA5uRrIj2Z5fL+UuLiLGPO2rM7
- BNQRIq3QFPdX++NuozowODAOBgNVHQ8BAf8EBAMCB4AwEQYDVR0OBAoECIK7Ljjh
- +EsfMBMGA1UdIwQMMAqACIocVjBaMhJ9MAkGByqGSM44BAMDLwAwLAIUEJJCOHw8
- ppxoRyz3s+Vmb4NKIfMCFDgJoZn9zh/3WoYNBURODwLvyBOy
- </X509Certificate>
- </X509Data>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- bmKMy/w1DO9dHA6E7Dt0B8IFkYAj1/UD3TqcdqIcfkMT7evE8+NBgg==
- </SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509IssuerSerial>
- <X509IssuerName>
- CN=Another Transient CA,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE
- </X509IssuerName>
- <X509SerialNumber>1017792003066</X509SerialNumber>
- </X509IssuerSerial>
- </X509Data>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- F9nEU1Us48iKTml8n7E4wt7HtFJ5gaLIgox0J9WbujGndW0oQJbeGg==
- </SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509SKI>
- hf10xKfSnIg=
- </X509SKI>
- </X509Data>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- MUOjiqG0dbjvR6+qYYPL85nKSt2FeZGQBQkYudv48KyJhJLG1Bp+bA==
- </SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509SubjectName>
- CN=Badb,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE
- </X509SubjectName>
- </X509Data>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE Envelope [
- <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
- <!ENTITY c14n 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'>
- <!ENTITY xpath 'http://www.w3.org/TR/1999/REC-xpath-19991116'>
- <!ENTITY xslt 'http://www.w3.org/TR/1999/REC-xslt-19991116'>
- <!ATTLIST Notaries Id ID #IMPLIED>
-]>
-<!-- Preamble -->
-<Envelope xmlns:foo="http://example.org/foo" xmlns="http://example.org/usps">
- <DearSir>foo</DearSir>
- <Body>bar</Body>
- <YoursSincerely>
- <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="signature">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- <Reference URI="http://www.w3.org/Signature/2002/04/xml-stylesheet.b64">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-1">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <XPath>
- self::text()
- </XPath>
- </Transform>
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>zyjp8GJOX69990Kkqw8ioPXGExk=</DigestValue>
- </Reference>
- <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- ancestor-or-self::dsig:SignedInfo
- and
- count(ancestor-or-self::dsig:Reference |
- here()/ancestor::dsig:Reference[1]) >
- count(ancestor-or-self::dsig:Reference)
- or
- count(ancestor-or-self::node() |
- id('notaries')) =
- count(ancestor-or-self::node())
- </XPath>
- </Transform>
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>tQiE3GUKiBenPyp3J0Ei6rJMFv4=</DigestValue>
- </Reference>
- <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-2">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>zyjp8GJOX69990Kkqw8ioPXGExk=</DigestValue>
- </Reference>
- <Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest-1">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>qg4HFwsN+/WX32uH85WlJU9l45k=</DigestValue>
- </Reference>
- <Reference Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties" URI="#signature-properties-1">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>ETlEI3y7hvvAtMe9wQSz7LhbHEE=</DigestValue>
- </Reference>
- <Reference URI="">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>J/O0HhdaPXxx49fgGWMESL09GpA=</DigestValue>
- </Reference>
- <Reference URI="">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>J/O0HhdaPXxx49fgGWMESL09GpA=</DigestValue>
- </Reference>
- <Reference URI="#xpointer(/)">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>J/O0HhdaPXxx49fgGWMESL09GpA=</DigestValue>
- </Reference>
- <Reference URI="#xpointer(/)">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>MkL9CX8yeABBth1RChyPx58Ls8w=</DigestValue>
- </Reference>
- <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-3">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>yamSIokKmjA3hB/s3Fu07wDO3vM=</DigestValue>
- </Reference>
- <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-3">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>yamSIokKmjA3hB/s3Fu07wDO3vM=</DigestValue>
- </Reference>
- <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#xpointer(id('object-3'))">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>yamSIokKmjA3hB/s3Fu07wDO3vM=</DigestValue>
- </Reference>
- <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#xpointer(id('object-3'))">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>419CYgyTWOTGYGBhzieWklNf7Bk=</DigestValue>
- </Reference>
- <Reference URI="#reference-2">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>VzK45P9Ksjqq5oXlKQpkGgB2CNY=</DigestValue>
- </Reference>
- <Reference Id="reference-1" URI="#manifest-reference-1">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>7/9fR+NIDz9owc1Lfsxu1JBr8uo=</DigestValue>
- </Reference>
- <Reference Id="reference-2" URI="#reference-1">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>qURlo3LSq4TWQtygBZJ0iXQ9E14=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- WvZUJAJ/3QNqzQvwne2vvy7U5Pck8ZZ5UTa6pIwR7GE+PoGi6A1kyw==
- </SignatureValue>
- <KeyInfo>
- <RetrievalMethod Type="http://www.w3.org/2000/09/xmldsig#X509Data" URI="#object-4">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- ancestor-or-self::dsig:X509Data
- </XPath>
- </Transform>
- </Transforms>
- </RetrievalMethod>
- </KeyInfo>
- <Object Id="object-1" MimeType="text/plain">I am the text.</Object>
- <Object Encoding="http://www.w3.org/2000/09/xmldsig#base64" Id="object-2" MimeType="text/plain">SSBhbSB0aGUgdGV4dC4=</Object>
- <Object Id="object-3">
- <NonCommentandus xmlns=""><!-- Commentandum --></NonCommentandus>
- </Object>
- <Object>
- <Manifest Id="manifest-1">
- <Reference Id="manifest-reference-1" URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- <Reference URI="#reference-1">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>qURlo3LSq4TWQtygBZJ0iXQ9E14=</DigestValue>
- </Reference>
- <Reference URI="#notaries">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
- <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns="http://www.w3.org/TR/xhtml1/strict" exclude-result-prefixes="foo" version="1.0">
- <xsl:output encoding="UTF-8" indent="no" method="xml" />
- <xsl:template match="/">
- <html>
- <head>
- <title>Notaries</title>
- </head>
- <body>
- <table>
- <xsl:for-each select="Notaries/Notary">
- <tr>
- <th>
- <xsl:value-of select="@name" />
- </th>
- </tr>
- </xsl:for-each>
- </table>
- </body>
- </html>
- </xsl:template>
- </xsl:stylesheet>
- </Transform>
- <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>c7wq5XKos6RqNVJyFy7/fl6+sAs=</DigestValue>
- </Reference>
- </Manifest>
- </Object>
- <Object>
- <SignatureProperties Id="signature-properties-1">
- <SignatureProperty Target="#signature">
- <SignerAddress xmlns="urn:demo"><IP>192.168.21.138</IP></SignerAddress>
- </SignatureProperty>
- </SignatureProperties>
- </Object>
- <Object Id="object-4">
- <X509Data>
- <X509SubjectName>
- CN=Merlin Hughes,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE
- </X509SubjectName>
- <X509IssuerSerial>
- <X509IssuerName>
- CN=Transient CA,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE
- </X509IssuerName>
- <X509SerialNumber>1017788370348</X509SerialNumber>
- </X509IssuerSerial>
- <X509Certificate>
- MIIDUDCCAxCgAwIBAgIGAOz46g2sMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MB4XDTAyMDQwMjIyNTkzMFoXDTEyMDQwMjIxNTkyNVowbzELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
- czCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQDd454C+qcTIWlb65NKCt2PtguNpOSn
- Id5woUigu7xBk2QZNAjVyIhMEfSWp8iR0IdKLx+JQLcNOrcn0Wwl5/hhW0MXsmlS
- 8dM5Cq2rtmDHooLxbGTPqtALE6vsXQCk5iLz3MtGh7gyQMZ7q7HT5a3I5NChUgY1
- MMNQVetRA1susQIVAIQy3BStBjvx89Wq8Tjr7IDP1S8lAoGBAJ58e4W3VqMxm7Zx
- YJ2xZ6KX0Ze10WnKZDyURn+T9iFIFbKRFElKDeotXwwXwYON8yre3ZRGkC+2+fiU
- 2bdzIWTT6LMbIMVbk+07P4OZOxJ6XWL9GuYcOQcNvX42xh34DPHdq4XdlItMR25N
- A+OdZ4S8VVrpb4jkj4cyir1628kgA4GEAAKBgHH2KYoaQEHnqWzRUuDAG0EYXV6Q
- 4ucC68MROYSL6GKqNS/AUFbvH2NUxQD7aGntYgYPxiCcj94i38rgSWg7ySSz99MA
- R/Yv7OSd+uej3r6TlXU34u++xYvRo+sv4m9lb/jmXyZJKeC+dPqeU1IT5kCybURL
- ILZfrZyDsiU/vhvVozowODAOBgNVHQ8BAf8EBAMCB4AwEQYDVR0OBAoECIatY7SE
- lXEOMBMGA1UdIwQMMAqACIOGPkB2MuKTMAkGByqGSM44BAMDLwAwLAIUSvT02iQj
- Q5da4Wpe0Bvs7GuCcVsCFCEcQpbjUfnxXFXNWiFyQ49ZrWqn
- </X509Certificate>
- <X509Certificate>
- MIIDSzCCAwugAwIBAgIGAOz46fwJMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MB4XDTAyMDQwMjIyNTkyNVoXDTEyMDQwMjIxNTkyNVowbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MIIBtzCCASwGByqGSM44BAEwggEfAoGBAN3jngL6pxMhaVvrk0oK3Y+2C42k5Kch
- 3nChSKC7vEGTZBk0CNXIiEwR9JanyJHQh0ovH4lAtw06tyfRbCXn+GFbQxeyaVLx
- 0zkKrau2YMeigvFsZM+q0AsTq+xdAKTmIvPcy0aHuDJAxnursdPlrcjk0KFSBjUw
- w1BV61EDWy6xAhUAhDLcFK0GO/Hz1arxOOvsgM/VLyUCgYEAnnx7hbdWozGbtnFg
- nbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43zKt7dlEaQL7b5+JTZ
- t3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM8d2rhd2Ui0xHbk0D
- 451nhLxVWulviOSPhzKKvXrbySADgYQAAoGAfag+HCABIJadDD9Aarhgc2QR3Lp7
- PpMOh0lAwLiIsvkO4UlbeOS0IJC8bcqLjM1fVw6FGSaxmq+4y1ag2m9k6IdE0Qh5
- NxB/xFkmdwqXFRIJVp44OeUygB47YK76NmUIYG3DdfiPPU3bqzjvtOtETiCHvo25
- 4D6UjwPpYErXRUajNjA0MA4GA1UdDwEB/wQEAwICBDAPBgNVHRMECDAGAQH/AgEA
- MBEGA1UdDgQKBAiDhj5AdjLikzAJBgcqhkjOOAQDAy8AMCwCFELu0nuweqW7Wf0s
- gk/CAGGL0BGKAhRNdgQGr5iyZKoH4oqPm0VJ9TjXLg==
- </X509Certificate>
- </X509Data>
- </Object>
- </Signature>
- </YoursSincerely>
- <PostScript>bar</PostScript>
- <Notaries xmlns="" Id="notaries">
- <Notary name="Great, A. T." />
- <Notary name="Hun, A. T." />
- </Notaries>
- <!-- Commentary -->
-</Envelope>
-<!-- Postamble -->
+++ /dev/null
-Example Signatures[1] using Encryption[2] key information and
-Additional Security URIs[3], Encrypted Data[2] and Decryption
-Transform[4]
-
-[1] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
-[2] http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/
-[3] http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt
-[4] http://www.w3.org/TR/xmlenc-decrypt
-
-***
-Some of these signature are WITHOUT cryptographic merit;
-for example, key transport of an HMAC key is meaningless.
-These are provided solely for testing purposes.
-***
-
-Private keys necessary for performing the verification
-and decryption are provided in the PKCS#12 file ids.p12,
-encrypted under the pass phrase "Our Little Secret". I
-may have done some of the ASN.1 encoding in this P12
-incorrectly; I hope not. Private keys are also available
-in PKCS#8 encoding; rsa.p8, dh1.p8.
-
-RSA/OAEP is presently poorly defined; I assume MGF1/SHA-1.
-
-Secret keys are identified by key name as follows:
-
- Key Name | Algorithm | Key Value
-----------+-----------+-----------
- bob | 3des | "abcdefghijklmnopqrstuvwx".getBytes ("ASCII")
- job | aes-128 | "abcdefghijklmnop".getBytes ("ASCII")
- jeb | aes-192 | "abcdefghijklmnopqrstuvwx".getBytes ("ASCII")
- jed | aes-256 | "abcdefghijklmnopqrstuvwxyz012345".getBytes ("ASCII")
-
-. encrypt-content-aes128-cbc-kw-aes192.xml
-. encrypt-content-aes192-cbc-dh-sha512.xml
-. encrypt-content-tripledes-cbc.xml
-. encrypt-data-aes128-cbc.xml
-. encrypt-data-aes192-cbc-kw-aes256.xml
-. encrypt-data-aes256-cbc-kw-tripledes.xml
-. encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
-. encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml
-. encrypt-element-aes128-cbc-rsa-1_5.xml
-. encrypt-element-aes192-cbc-ref.xml
-. encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml
-. encrypt-element-tripledes-cbc-kw-aes128.xml
- Encrypted content, element and data. RSA private key has
- friendly name "RSA" in the P12, and is rsa.p8.
- DH private key has ID "DH1", and is dh1.p8.
-
-. encrypt-content-aes256-cbc-prop.xml
- Contains a useless EncryptionProperty.
-
-. encrypt-element-aes256-cbc-carried-kw-aes256.xml
- External EncryptedKey contains a CarriedKeyName which
- is referenced by a KeyName in the EncryptedData; the
- key for Recipient "someone else" is not for you; the
- key for Recipient "you" is.
-
-. encrypt-element-aes256-cbc-retrieved-kw-aes256.xml
- External EncryptedKey is identified by a RetrievalMethod
- in the EncryptedData.
-
-. decryption-transform.xml
- Decryption transform.
-
-. decryption-transform-except.xml
- Decryption transform with Except.
-
-All signatures are performed with nontruncated HMAC
-algorithms.
-
-For debugging purposes, where chosen, the MAC key is
-"abcdefghijklmnopqrstuvwxyz012345".getBytes ("ASCII"). Where
-agreed, it has length equal to the HMAC output length; e.g., 256
-bits for HMAC/SHA-256.
-
-. encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml
- RIPEMD-160 message digest; HMAC/RIPEMD-160 key is wrapped
- using triple DES. The decryption key is from the above table,
- identified by the key name "bob".
-
-. encsig-sha256-hmac-sha256-kw-aes128.xml
- SHA-256 message digest; HMAC/SHA-256 key is wrapped using
- AES-128. The decryption key is from the above table, identified
- by the key name "job".
-
-. encsig-sha384-hmac-sha384-kw-aes192.xml
- SHA-384 message digest; HMAC/SHA-384 key is wrapped using
- AES-192. The decryption key is from the above table, identified
- by the key name "jeb".
-
-. encsig-sha512-hmac-sha512-kw-aes256.xml
- SHA-512 message digest; HMAC/SHA-512 key is wrapped using
- AES-256. The decryption key is from the above table, identified
- by the key name "jed".
-
-. encsig-hmac-sha256-rsa-1_5.xml
- HMAC/SHA-256 keys is transported using RSA/OAEP. Your private
- key has friendly name "RSA" in the P12.
-
-. encsig-hmac-sha256-rsa-oaep-mgf1p.xml
- HMAC/SHA-256 keys is transported using RSA/PKCS#1. Your private
- key has friendly name "RSA" in the P12.
-
-. encsig-hmac-sha256-dh.xml
- HMAC/SHA-256 key is agreed using Diffie Hellman. Your private
- key has friendly name "DH1" in the P12.
-
-. encsig-hmac-sha256-kw-tripledes-dh.xml
- HMAC/SHA-256 key is wrapped using triple DES. The decryption
- key is agreed using Diffie Hellman. Your private key has
- friendly name "DH1" in the P12.
-
-Merlin Hughes <merlin@baltimore.ie>
-Baltimore Technologies, Ltd.
-
-Monday, March 4, 2002
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <PaymentInfo>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes192" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jeb</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- JbjZH7Mq564oMybpvCHWYM/5ER3eFsAV
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- YDYTxR+smxZDSVoXXEp3n6HzTgWqV7ZlG6I1lmEv7zLGZBF/o7eqe5QGT6L3DPNW
- geflA8vVJHxwliixWcvHCnNKQkx+Sw8YbIknCQyr4mqtXEmHhsie5XYTEyqgKLVP
- YdNXf56wLUTMEmBqq7cto9OrYcBWkrDcQQvHmDkHuG+Nom4m+623GsB0FNts6VyN
- sdGMwo4K0bEFReLL04l6It+cgLJ2q+LKdBoMQL59IAQmrwi0bkiqee2cLlDuGyQ1
- KD9IQ1qtlJpvQujN4xNVWT00UjtWxmpSMID/Kue/AnXn7Cf8zw1ZZQitgh8uWOX2
- uMy99F2YlxqIK1r+MeXHuZDNf75S8dFaKIKtHMf7ioA=
- </CipherValue>
- </CipherData>
- </EncryptedData>
- </PaymentInfo>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <PaymentInfo>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Id="encrypt-data-0" Type="http://www.w3.org/2001/04/xmlenc#Content">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jed</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- cX6lnfgmvWuxyiQgNhzAq1lYggW2M5GziFgNBQju3xcnDqlzf5LSjeyBnbL0Q7ws
- 8XhySFCrdwIi5mVxyfdFkVrTlzQQ0viaqTDgi9PQRgZMOImGGWij3wbmf9XseHHt
- 6q8V7LPjMFQAnsLDQgKf4gzzOnhtKf15GfTEpGvUnNn2dLDxw+hDcD1N54/bjSQs
- uTiL7PgGQ5g4u4eaXRRLWeAGsIf5QgdQG3GLiOZIX1LJ5bREKgXeKrtJJI97xUX3
- 3vaF+tKRcSFBFIMjFrw271bFj4vvvQZfSS6xX+BKXHOUu8C4NH9Le8pA9o4NgCB8
- tWA8W3iI5/BGEZve0Me9byvPHYjRXlbG+YqysVTmzfw=
- </CipherValue>
- </CipherData>
- </EncryptedData>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Id="encrypt-data-1">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
- <CipherData>
- <CipherValue>
- x3aR5pJ5pepFFH5ENv61pZG4pVwNKaM+H9oyY4qG6d8l/C0J1iGv6c8dyLp0YQ2k
- </CipherValue>
- </CipherData>
- </EncryptedData>
- </PaymentInfo>
- <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- <Transform Algorithm="http://www.w3.org/2001/04/decrypt#">
- <Except xmlns="http://www.w3.org/2001/04/decrypt#" URI="#encrypt-data-1" />
- </Transform>
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
- <DigestValue>5Oe9qba6preOZG1NZAYK2/6pu9RCon9vRJ9hVLDpeng=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- LuHrz9+WG7/c4Q81tFboNZg2cktWbZcRfp08XrmgKy1GDm9xSfTYCA==
- </SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P>
- imup6lmki4rAmUstKb/xdBRMWNtQ+pDN97ZnLA9X3lKbkEHtYFyjQ3uActgVSJ75
- iVRuKxz4Cb5RzVm25EaKmKq8rif1MtBIi6jjDJxmIdNaEKG9zVTf9giJx1N9I0t3
- oh1fAVZDSrzKzJGQ2WvDfIfFHdJMtB3C0VKGmLZR7Xk=
- </P>
- <Q>
- xDve3j7sEnh4rIzM5gK+5/gxxFU=
- </Q>
- <G>
- NLugAf6IZJxo3BCOi5yrGEVwtlEzXcnndXhd0Tz38CnQKc4SEupm4PyP5TmLvK64
- TDfOD7sno/W5oI1KZdimfW2c4r/6waNzZSvicMOWhLYY621Nn6njBc8VNwoxWpzC
- XhKm70b8+D4YZMn/eU5DN8dvhTv/bNK21FfJqjp033U=
- </G>
- <Y>
- W7dOmH/vWqocVCiqaxj6soxVXfR8XpMdY2Zv4Amjr3n81geyOLb6IZ+l7MUbdp85
- 29DQzuoVTthVpB9X4JKCprZIzifOTM1PFflTBzjx7egJwJWAIVdWyiIPjke6Va+w
- uV2n4Rl/cgCvrXK5cTov5C/Bpaf6o+qrrDGFBLLZTF4=
- </Y>
- </DSAKeyValue>
- </KeyValue>
- </KeyInfo>
- </Signature>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <PaymentInfo>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Id="encrypt-data-0" Type="http://www.w3.org/2001/04/xmlenc#Content">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jed</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- SE3HkQevYxzuN9LoMH3QIYHK0X7DBlobhiTbRucgKcTKt9DsUJIcd6JZV6lrw/4x
- YICyq6YM73IWpibspxgz/0chhvWem9sYZvWTuTtZgHzeY0Uri6bpXqBEn1YT0K6B
- chwfv1myfp91EmdPHU+shH6ZEyYkHJUMss58iIawIuVsIfpCO7xDKgfs/glnN3os
- epY0KvAMZSnwUAf42fQ3TlahLTR+B52AmdodwaCwQlwQwrC7RH0FtNiiLQA9SA2t
- //StKWcyHjswUCejfKLdjv6bK+WmBxmnNWtmI9DYkjJ6V5pYU1MVw+JG410O+gaa
- fnNWxlWa+BGwcTaz+KNrP8bIqli8IoJJgxXIUqfb734=
- </CipherValue>
- </CipherData>
- </EncryptedData>
- </PaymentInfo>
- <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- <Transform Algorithm="http://www.w3.org/2001/04/decrypt#" />
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
- <DigestValue>wSvPYqTcpLfX2mKXibtsmm7FDu8N+/BObM0+bGaeXhk=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- O0VYUdslJ8t2EURD0T/v2nNrFQMo42vzvfAhooZrDbkuLbCj6/Hxmw==
- </SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P>
- imup6lmki4rAmUstKb/xdBRMWNtQ+pDN97ZnLA9X3lKbkEHtYFyjQ3uActgVSJ75
- iVRuKxz4Cb5RzVm25EaKmKq8rif1MtBIi6jjDJxmIdNaEKG9zVTf9giJx1N9I0t3
- oh1fAVZDSrzKzJGQ2WvDfIfFHdJMtB3C0VKGmLZR7Xk=
- </P>
- <Q>
- xDve3j7sEnh4rIzM5gK+5/gxxFU=
- </Q>
- <G>
- NLugAf6IZJxo3BCOi5yrGEVwtlEzXcnndXhd0Tz38CnQKc4SEupm4PyP5TmLvK64
- TDfOD7sno/W5oI1KZdimfW2c4r/6waNzZSvicMOWhLYY621Nn6njBc8VNwoxWpzC
- XhKm70b8+D4YZMn/eU5DN8dvhTv/bNK21FfJqjp033U=
- </G>
- <Y>
- W7dOmH/vWqocVCiqaxj6soxVXfR8XpMdY2Zv4Amjr3n81geyOLb6IZ+l7MUbdp85
- 29DQzuoVTthVpB9X4JKCprZIzifOTM1PFflTBzjx7egJwJWAIVdWyiIPjke6Va+w
- uV2n4Rl/cgCvrXK5cTov5C/Bpaf6o+qrrDGFBLLZTF4=
- </Y>
- </DSAKeyValue>
- </KeyValue>
- </KeyInfo>
- </Signature>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <PaymentInfo>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes192" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jeb</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- IbjZH7Mq564oMybpvCHWYM/5ER3eFsAV
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- YDYTxR+smxZDSVoXXEp3n6HzTgWqV7ZlG6I1lmEv7zLGZBF/o7eqe5QGT6L3DPNW
- geflA8vVJHxwliixWcvHCnNKQkx+Sw8YbIknCQyr4mqtXEmHhsie5XYTEyqgKLVP
- YdNXf56wLUTMEmBqq7cto9OrYcBWkrDcQQvHmDkHuG+Nom4m+623GsB0FNts6VyN
- sdGMwo4K0bEFReLL04l6It+cgLJ2q+LKdBoMQL59IAQmrwi0bkiqee2cLlDuGyQ1
- KD9IQ1qtlJpvQujN4xNVWT00UjtWxmpSMID/Kue/AnXn7Cf8zw1ZZQitgh8uWOX2
- uMy99F2YlxqIK1r+MeXHuZDNf75S8dFaKIKtHMf7ioA=
- </CipherValue>
- </CipherData>
- </EncryptedData>
- </PaymentInfo>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <PaymentInfo>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <AgreementMethod xmlns="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#dh">
- <KA-Nonce>
- bm9uY2U=
- </KA-Nonce>
- <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" />
- <OriginatorKeyInfo>
- <KeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
- <DHKeyValue xmlns="http://www.w3.org/2001/04/xmlenc#">
- <P>
- plygl2uMNc+jYtAZeKCZxPsmqa2z8DrOUa7L455iszN4SdPnL+LsZD47VJayvQY8
- 6D1J5arkwrbUzmhMAjBZsENPBgffRwwEBTjoq+gjSyZNIbxqsqnJdEyUElzn4kGE
- whECkJGnOaScacpjZg11h+gd0iBfY091bGHrCZrvr/8=
- </P>
- <Q>
- 9jJXQijNovoq6QUBFcEUYwUvyTM=
- </Q>
- <Generator>
- PerUZgMEMDTegMdTBRG9DPY5EHmwDxwzladdRcfvfdfU/9wlPzz5BUotMm730J9d
- lF6avWr929fzYsnIOUDeUOJpltXmrTYnvz5Bi6yuUu6bVwSfv7u4S+I/EM9ZB+eY
- 3fdF5TAMHD4tK86lw5APDrN2QnO1UMCwIvjOFatSOI0=
- </Generator>
- <Public>
- Ulu6B1lCwajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82r
- NyOUqgfnm97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCt
- m2vKo/BpoLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhM=
- </Public>
- </DHKeyValue>
- </KeyValue>
- <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Certificate>
- MIIDvjCCA36gAwIBAgIGAOxN39MIMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MB4XDTAyMDIyODE3NTMxNloXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
- czCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
- Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
- DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
- T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
- JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
- n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
- 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
- qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
- Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAUlu6B1lC
- wajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82rNyOUqgfn
- m97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCtm2vKo/Bp
- oLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhOjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
- BgNVHQ4ECgQIgUAwB+9f1oIwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
- AwMvADAsAhQ41mCUsFhmxI58tytV8XEVZOCuUwIUVMe/HbUAH5PJ7aRoCNqa3fCI
- cU0=
- </X509Certificate>
- </X509Data>
- </OriginatorKeyInfo>
- <RecipientKeyInfo>
- <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Certificate>
- MIIDvjCCA36gAwIBAgIGAOxN3+EMMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MB4XDTAyMDIyODE3NTMxOVoXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTmlscmVtIFNlaGd1
- aDCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
- Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
- DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
- T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
- JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
- n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
- 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
- qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
- Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAGSYT19Pb
- VCxMt06cAP7zQZ6AC5eXp3zeAweIevV96ryA1mB03qhB9X2lVowAUOFc24aVRTz7
- wRoRjNQ20atzSy21C7yXDkvZ4uxfdrpIqpIVrI28e7XL+6CrhnAk621OvdeyEz5H
- orA21hPXoCNdnUPG5Ib20oopM87ptF5dwiWjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
- BgNVHQ4ECgQIiDCSQ3FB/oEwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
- AwMvADAsAhQMtZ98TyqVkVqUJ3RJqaU7l2xqKgIUX997qRqeMjAkK88NHeNd95/2
- Yos=
- </X509Certificate>
- </X509Data>
- </RecipientKeyInfo>
- </AgreementMethod>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- 5jIlxXZGhx8vUNbL0ZvdRry6mPapX8qLYlDgy3tE6nRbnBRWACviYQAXBqvDfn1R
- TKmBWZ5NoJobM8lXWOk2nNQIuSQojcFYRuvcWU7DffDVX7dUCAVRJp6PS/5V1IHR
- JJ2WBagWSW1lFW9mqjfe0ZflEZGYI3/5kUYQIpbMvEuXoF8129VGiKalZsCVTRxd
- /IsdT8x/7L57GlGq0OzCMI5zG3QrBV7wUOoqBu5SxS8QUvUPucH8hsD4Bq4BwVEa
- GlUVAj7H3HYYo7fviTO4i2lTMunGW9rcJVnKXjDM/Mds3oM4zbBo/Ao3m3rmpUUz
- AwSe6ofh6ML418+cyCaRUoVQOlG+VwkHEKUiYYGhsKY=
- </CipherValue>
- </CipherData>
- </EncryptedData>
- </PaymentInfo>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <PaymentInfo>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Id="encrypt-data-0" Type="http://www.w3.org/2001/04/xmlenc#Content">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jed</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- H8n1OuEJFyUgUguDFF6ml8nRbA0IaDYgmtGelWT4V7CSz9q/AvtfxyMzUH+tQZ+F
- jyXh3otR1+V1+8EsevzEq5nUmNKl+wyxQmWaUvbvXpSwAJnlJdyvnP56JiXUBS+p
- C2KzlO9kk8l6awtuRd9Z6eVjngwTf7kNprmu5Bv0o+x7dcq96G8wGLvMThbs4uxk
- iIDK5+qGBzzIlFw3GG82MKmnVBveQw3LD52y76yBtoayuAJFJMnrXa0OEAaBRSI2
- fjPNGJV3sCyKZDHqGlsQ4X+VvXzevLbBLkFy1xH9/zoUXo8cEaTvsIOBYu/Xn/CJ
- y/dpe/dvOqqji+9vFccAyrBHxHeYSonuFsxfpSDVC6Y=
- </CipherValue>
- </CipherData>
- <EncryptionProperties>
- <EncryptionProperty Target="#encrypt-data-0">
- <Certification xmlns="urn:example:prop">
- certifiable
- </Certification>
- </EncryptionProperty>
- </EncryptionProperties>
- </EncryptedData>
- </PaymentInfo>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <PaymentInfo>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>bob</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- uchJT2QyzQe7BoBaDYKPR5BDgEW8jsJ3UOGEYz9EVrBKVztYfcu0xhif5Y9kqtyx
- DDa7woNcTyhwQDZh9jGr5hzkcjrsKfMjJw+PnKNZzc+KMW0z861L8sdhdl8TA+bt
- yudfaCEJaH4RdHABp+VMzL5CrXr5skvubolWs1KzUtqbRekkxucknzJmnqRY8yPp
- 4iBvVuvus+Bk0pj271NWu13CmHvdJRMMDSX30JMfsecW6mfdF5xjoFciL8VnemzJ
- qt0SUVjMzoeY0PnCdk09Ej2OZdj8AtkLPCEKeiBBD+coCf5F8WaLrPTRPgjoAtiN
- Wda+McaZPJje1IfoAKGTcg==
- </CipherValue>
- </CipherData>
- </EncryptedData>
- </PaymentInfo>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>job</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- QMpxhXq1DtBeyC9KfSaMQWrEtefe+e935gF/x62spvmL6IW0XeS0W4Kk31OgWzN0
- </CipherValue>
- </CipherData>
-</EncryptedData>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jed</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- 4AAgyi3M7xNdBimbQZKdGJLn3/cS4Yv8QKuA01+gUnY=
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- 50lv94d/DFJirJXYOUXaBlrO+7gIXpx8cqH+G2xvE4mueoIxmGs8RH7FBXwjuMgf
- </CipherValue>
- </CipherData>
-</EncryptedData>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-tripledes" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>bob</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- ZyJbVsjRM4MEsswwwHz57aUz1eMqZHuEIoEPGS47CcmLvhuCtlzWZ9S/WcVJZIpz
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- Lp2ZWyJERT05icmHvWWbEtCCfmB2jvSlSclhS0oj3A3PU90aE6v+bFFQxrHw7VUd
- </CipherValue>
- </CipherData>
-</EncryptedData>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
- <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
- <OAEPparams>
- MTIzNDU2Nzg=
- </OAEPparams>
- </EncryptionMethod>
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>
- MIICkjCCAfugAwIBAgIGAOxN32E+MA0GCSqGSIb3DQEBBQUAMG4xCzAJBgNVBAYT
- AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
- b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFTATBgNVBAMTDFRyYW5zaWVu
- dCBDQTAeFw0wMjAyMjgxNzUyNDZaFw0wMzAyMjgxNzUyNDBaMG8xCzAJBgNVBAYT
- AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
- b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFjAUBgNVBAMTDU1lcmxpbiBI
- dWdoZXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAORdNSxbNFWlQeNsOlYJ
- 9gN9eZD+rguRqKhmhOm7i63VDd5ALm2APXhqAmGBPzLN5jlL9g2XALK5WSO4XKjJ
- McVfYg4+nPuOeHgqdD4HUgf19j/6SaTMcmDFJQMmx1Qw+Aakq3mGcSfvOJcBZctz
- a50VucfCGL1NdfBEcaL3BnhjAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIFoDARBgNV
- HQ4ECgQIjFG0ZGNyvNswEwYDVR0jBAwwCoAIhJXVlhr6O4wwDQYJKoZIhvcNAQEF
- BQADgYEAXzG7x5aCJYRusTbmuZqhidGM5iiA9+RmZ4JTPDEgbeiTiJROxpr+ZjnA
- TmsDKrCpqNUiHWjmsKEArYQp8R/KjdKl/pVe3jUvTxb0YZ+li/7k0GQ5LyRT/K4c
- 2SgyLlyBPhpMq+z3g4P2egVRaZbxsLuKQILf7MIV/X5iAEBzu1w=
- </X509Certificate>
- </X509Data>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- 1SVctZA/RB6vVjsu5NYTxowdvsViJJ1skDXX09RmNU3YlCuPpSqWWhCU5u5ILfr9
- 6AFcascXbdFyEZ9tjDhK8Nid2MEqkR/Mc9zFHf7mPMnO7C8bRggkjjdILSIF/Ft7
- FXzm/DFP50IF3zPe/n5jy2Nk8uRvTmKUDcnoV6qnUgY=
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- QOImekuU44UeCmVaMma9bCT5h5a6mWXDSndTB81jvHw=
- </CipherValue>
- </CipherData>
-</EncryptedData>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
- <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- </EncryptionMethod>
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>
- MIICkjCCAfugAwIBAgIGAOxN32E+MA0GCSqGSIb3DQEBBQUAMG4xCzAJBgNVBAYT
- AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
- b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFTATBgNVBAMTDFRyYW5zaWVu
- dCBDQTAeFw0wMjAyMjgxNzUyNDZaFw0wMzAyMjgxNzUyNDBaMG8xCzAJBgNVBAYT
- AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
- b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFjAUBgNVBAMTDU1lcmxpbiBI
- dWdoZXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAORdNSxbNFWlQeNsOlYJ
- 9gN9eZD+rguRqKhmhOm7i63VDd5ALm2APXhqAmGBPzLN5jlL9g2XALK5WSO4XKjJ
- McVfYg4+nPuOeHgqdD4HUgf19j/6SaTMcmDFJQMmx1Qw+Aakq3mGcSfvOJcBZctz
- a50VucfCGL1NdfBEcaL3BnhjAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIFoDARBgNV
- HQ4ECgQIjFG0ZGNyvNswEwYDVR0jBAwwCoAIhJXVlhr6O4wwDQYJKoZIhvcNAQEF
- BQADgYEAXzG7x5aCJYRusTbmuZqhidGM5iiA9+RmZ4JTPDEgbeiTiJROxpr+ZjnA
- TmsDKrCpqNUiHWjmsKEArYQp8R/KjdKl/pVe3jUvTxb0YZ+li/7k0GQ5LyRT/K4c
- 2SgyLlyBPhpMq+z3g4P2egVRaZbxsLuKQILf7MIV/X5iAEBzu1w=
- </X509Certificate>
- </X509Data>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- S5SqVG+QxxpCNWobuqQFAI6db1pTEpWNMQXQVJAPjlfmvnVmTtq5v6fgMA2l/r7M
- iX7gUPZthrKezkSavDfi057cK6YKpC5/KACXjNJvUoaVXj/aXpcoMOO+ZTPq36eo
- pyeW99DWYgCbY88Kf9R3r3QMx/ogwjScfRVJTRZL3Lo=
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- HG02AxNyn4iA9NH5x+PQ9lgPNzTkljThotXWKz0UYrE=
- </CipherValue>
- </CipherData>
-</EncryptedData>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>
- MIICkjCCAfugAwIBAgIGAOxN32E+MA0GCSqGSIb3DQEBBQUAMG4xCzAJBgNVBAYT
- AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
- b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFTATBgNVBAMTDFRyYW5zaWVu
- dCBDQTAeFw0wMjAyMjgxNzUyNDZaFw0wMzAyMjgxNzUyNDBaMG8xCzAJBgNVBAYT
- AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
- b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFjAUBgNVBAMTDU1lcmxpbiBI
- dWdoZXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAORdNSxbNFWlQeNsOlYJ
- 9gN9eZD+rguRqKhmhOm7i63VDd5ALm2APXhqAmGBPzLN5jlL9g2XALK5WSO4XKjJ
- McVfYg4+nPuOeHgqdD4HUgf19j/6SaTMcmDFJQMmx1Qw+Aakq3mGcSfvOJcBZctz
- a50VucfCGL1NdfBEcaL3BnhjAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIFoDARBgNV
- HQ4ECgQIjFG0ZGNyvNswEwYDVR0jBAwwCoAIhJXVlhr6O4wwDQYJKoZIhvcNAQEF
- BQADgYEAXzG7x5aCJYRusTbmuZqhidGM5iiA9+RmZ4JTPDEgbeiTiJROxpr+ZjnA
- TmsDKrCpqNUiHWjmsKEArYQp8R/KjdKl/pVe3jUvTxb0YZ+li/7k0GQ5LyRT/K4c
- 2SgyLlyBPhpMq+z3g4P2egVRaZbxsLuKQILf7MIV/X5iAEBzu1w=
- </X509Certificate>
- </X509Data>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- heZshNX5m7arS3OmR72+8WNCMMpznxE41dLWkgd6XJpzl+IN2xuijAf4YPEjjJmZ
- nt9PlO3/hiHl0Cvpg5vMR6AhvL49BvCz9JCeMG6x3MHBiKbRNhyEq2rX7o1GdJhC
- 5cm35Q/ZDKV9DHG8jWmPcOb8yKU9NYo2LJKDb3YHOJY=
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- 0wkECpTy60/FDwbVM4zgd9qJVjR4h0q4PLm5pyyIxAuhbEh0art03yEikmbWBt2H
- 7qOk2G9iufUdwwqNPuZV5Qw5Rg2FMvTx234lDERGn5p+hhjOTcss5JF9QDzgdiec
- KABX3vbCESi/f3uwQ8BYDT+6SnxTR+xtcNv5xhbUCIFk/TaenSWx6p6fntTwTl1e
- lpwnI0EtM1yf4a9tBiH9PNd36BUv2rvSi4cZvJqSB3ZKvGtuwwyRzOzlzl259d1u
- QuoYysTBEAHw/WIop8eAexU9PUv7UbTkQAQag1yStda+GepVdpXEpu4hcxXQcvfs
- 9AQgkAgh4JKrnY4Bhz2B/e4CHHfbEedDOi+FVYlZuLn0CzrKMnM+1nUmqxJVWHz7
- hytidpuqNRw3gcMkYvgH6g==
- </CipherValue>
- </CipherData>
- </EncryptedData>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jeb</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherReference URI="">
- <Transforms>
- <Transform xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <XPath xmlns:rep="http://www.example.org/repository">self::text()[parent::rep:CipherValue[@Id="example1"]]</XPath>
- </Transform>
- <Transform xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
- </Transforms>
- </CipherReference>
- </CipherData>
- </EncryptedData>
- <CipherValue xmlns="http://www.example.org/repository" Id="example1">
- zih1MFU6Px1m2U1lSEIV9LUIsnb3SIWBfRHlRrOWKFFFcVvXiE6z3nCbkNYMuy1T
- nPwXDd9/BkOGiPuFT2jixN7Zowe2ANK1dZXKVjZ1+ACx+Kg17U+EMPEuq481OW7e
- wm0vnbur0L2lCXb4DP7c6sotV89W53v2MlaYqWHhlBO/zasqwhl6q/c/L/GdPUHH
- ovKZ+24ZWYktxCLEXMslIAysQ0UFBLolrtC/7XDgYY9s4UvbedgeqbrdnxQ4LiRn
- L+aKN1bnKF3KlWKCJFvVrRESriGPBfpasWA/A1LOK333a8LaOlS7RFamflfICk+t
- VqCspVnIs6vBBtrGLI5SsJS+rh1r42jI/h/ivELUOmUq1sZCFQvEhx7AiHi4/9SY
- LWcR4w3ZH3aqFL/XtAzKYQ==
- </CipherValue>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>Foo Key</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- pdDtiyd7XQ/BFEEN0PMJuHnLUfCY+bJlsW+q04OiKSPnRd4/dS1tjaTfj5dPpGXe
- cY3fJvRsq9QP1CJiwyEC/EQ1zSLbzwOtZ+NtxtsFgYvPBJ9t86ZcXIjlErQ85z3L
- wnb8rSHpE9tu4tJ1rjgf2i6NCbdFnSMXLSDgLEs48+gkX0cJCmKxzRaSE4cV0OSl
- hBWND4EYzX1M679VlSYrI0de+lSPO3Vx+y/TuZ5Vo+uu9+YP+ce0LRkx2BicjjsP
- QO9sp+yjHPNDIV1Z7VHsDIWqqmBaNQo3GuzF5WzWgaXTKnPv/IgUQn+1t3EtgHyb
- JhnfR/1em16z/Zaf9Uy1Lfd//yfEJ9BCjqwe1UjwN6ytu1v2BHd+8bVjD2o+Dg8V
- 7ayOLlkWOTOLvtJMPOXPqw==
- </CipherValue>
- </CipherData>
- </EncryptedData>
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#" Recipient="someone else">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>ned</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- EWlIkFPGrkeW4cyjWSznLVoClVh/OEC7Klya9d9o7R6wll6JswZb2w==
- </CipherValue>
- </CipherData>
- <CarriedKeyName>Foo Key</CarriedKeyName>
- </EncryptedKey>
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#" Recipient="you">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jed</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- bsL63D0hPN6EOyzdgfEmKsAAvoJiGM+Wp9a9KZM92IKdl7s3YSntRg==
- </CipherValue>
- </CipherData>
- <CarriedKeyName>Foo Key</CarriedKeyName>
- </EncryptedKey>
- </KeyInfo>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <AgreementMethod xmlns="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#dh">
- <KA-Nonce>
- bm9uY2U=
- </KA-Nonce>
- <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" />
- <OriginatorKeyInfo>
- <KeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
- <DHKeyValue xmlns="http://www.w3.org/2001/04/xmlenc#">
- <P>
- plygl2uMNc+jYtAZeKCZxPsmqa2z8DrOUa7L455iszN4SdPnL+LsZD47VJayvQY8
- 6D1J5arkwrbUzmhMAjBZsENPBgffRwwEBTjoq+gjSyZNIbxqsqnJdEyUElzn4kGE
- whECkJGnOaScacpjZg11h+gd0iBfY091bGHrCZrvr/8=
- </P>
- <Q>
- 9jJXQijNovoq6QUBFcEUYwUvyTM=
- </Q>
- <Generator>
- PerUZgMEMDTegMdTBRG9DPY5EHmwDxwzladdRcfvfdfU/9wlPzz5BUotMm730J9d
- lF6avWr929fzYsnIOUDeUOJpltXmrTYnvz5Bi6yuUu6bVwSfv7u4S+I/EM9ZB+eY
- 3fdF5TAMHD4tK86lw5APDrN2QnO1UMCwIvjOFatSOI0=
- </Generator>
- <Public>
- Ulu6B1lCwajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82r
- NyOUqgfnm97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCt
- m2vKo/BpoLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhM=
- </Public>
- </DHKeyValue>
- </KeyValue>
- <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Certificate>
- MIIDvjCCA36gAwIBAgIGAOxN39MIMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MB4XDTAyMDIyODE3NTMxNloXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
- czCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
- Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
- DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
- T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
- JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
- n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
- 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
- qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
- Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAUlu6B1lC
- wajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82rNyOUqgfn
- m97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCtm2vKo/Bp
- oLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhOjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
- BgNVHQ4ECgQIgUAwB+9f1oIwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
- AwMvADAsAhQ41mCUsFhmxI58tytV8XEVZOCuUwIUVMe/HbUAH5PJ7aRoCNqa3fCI
- cU0=
- </X509Certificate>
- </X509Data>
- </OriginatorKeyInfo>
- <RecipientKeyInfo>
- <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Certificate>
- MIIDvjCCA36gAwIBAgIGAOxN3+EMMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MB4XDTAyMDIyODE3NTMxOVoXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTmlscmVtIFNlaGd1
- aDCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
- Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
- DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
- T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
- JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
- n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
- 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
- qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
- Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAGSYT19Pb
- VCxMt06cAP7zQZ6AC5eXp3zeAweIevV96ryA1mB03qhB9X2lVowAUOFc24aVRTz7
- wRoRjNQ20atzSy21C7yXDkvZ4uxfdrpIqpIVrI28e7XL+6CrhnAk621OvdeyEz5H
- orA21hPXoCNdnUPG5Ib20oopM87ptF5dwiWjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
- BgNVHQ4ECgQIiDCSQ3FB/oEwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
- AwMvADAsAhQMtZ98TyqVkVqUJ3RJqaU7l2xqKgIUX997qRqeMjAkK88NHeNd95/2
- Yos=
- </X509Certificate>
- </X509Data>
- </RecipientKeyInfo>
- </AgreementMethod>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- qKWnCxVIlNvPEqBMxhCaY6z9NK0ZFCmRef1U5wbIMPaR/g2Zdw7VZg==
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- betMfG/VMLdwNGdkspCrJSo092PltInklQisKd8ImQgeFMzjn73OpXhK0KJtB9IB
- 1xGjENZ8Yzu625ehhCZGGFK4mp8DkIE7Sfw7O+5UEqprE/cGrWL0bbcz0U7X2Evh
- 4/9va6h+DHAzmVYW7bqsa0WkiHkELRq44ORdSzyPUIwpGUCsOWyThsYfIn4uhIHQ
- NJVTKPRHTb5H5lsxNtobSeXACSYAHk/BmJM99h4IQ9Gh7bCkhkmZsIvo/lNOW+6r
- xtvLqHfYw9XhJe7hL0Q5EluMCBZQJ/Vx2r5lTXzBeonlurpzNdRa+ClKSVRUwKYH
- Vjemr/o+Y4e4r8gD3TVP3auVuUCmi3XLpj4WjOsPDcekzZUgXA/xuJ+7jHXjOEOK
- RViMiwIk0cqOa6s0Qg63EQ==
- </CipherValue>
- </CipherData>
- </EncryptedData>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey" URI="#encrypt-key-0" />
- </KeyInfo>
- <CipherData>
- <CipherValue>
- cudR6Hg0xqhrOjbvQz4C/WOdHbcB7Duc+xFxbObkfkW6jXweDOf8Tq87FPbj5bby
- oCLbWqq3ap/zx/gN8Xv3Fj6fYUz3dIb1wzXy7B0/3me7i4fBHyGropflLi7iEag2
- WU7aGJ0CA9/jQr6Td2qhH0CDU47QN9eK/PVMPPfLX1D1A90uK32wPn+SCysE58Q3
- rCi7Jwo+OsrxT0qqjP82T3FjVi0i/dsnPb5GQWLE3/y7OsIuknuMRO4mWma+bO/m
- aAN9JNeom5Kn3IKHCK2+kyx+LsGo2daKxF7RF9QqlaA/imsMS4trRjZjYhgfgm96
- kb1l4AI7VZcfRXwYdzLqKNHty6ZxbSQBMeEca0mEuIbor7IH34641a/BuFME/BLm
- MoVaLUCE0rg1e1U0S18UCg==
- </CipherValue>
- </CipherData>
- </EncryptedData>
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#" Id="encrypt-key-0">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jed</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- bsL63D0hPN6EOyzdgfEmKsAAvoJiGM+Wp9a9KZM92IKdl7s3YSntRg==
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes128" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>job</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- dV45TUpJbidb9iKa34xj1WVtTZ036cnqvym2TBJWR5c=
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- bmExbDyrUQtsGjNBU7TRpMhOC76O/wBDWVMQML43lWNP0xp7QwVPce1XdbB4AVUn
- xxAuJh18jOd9UzPTzrJHrKWvsWP8Xp1m/HL3A1XhOUe+MEcFyJB9fXazhDmyaSYU
- SvieaPXcpzKWiHhZE8RKUyAYw9nU9wf2SEUgCVRuRPfsrXg4Uyr83VTn84LPe9sL
- dd2hMj4jhgHL86b7PTYBWdtrYXq0Jwzptuw+TZ1C706BAZDYNAiSTdx3J17Ey3ex
- IeIFBBIq8D8Gp7XiH4UxiDB6rtA2czox6+FCvaIsrGFaaw9XdzvhiZ3HxYROjprz
- qiXcJlZzG6j8yRdpHSjsDkN3w7XjEgRODieGx110rBytZcwtqb0zc6JTZH5DzoJy
- </CipherValue>
- </CipherData>
- </EncryptedData>
-</PurchaseOrder>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- 255LFQdP+eAK2aeuuLnz10pmaw4WEYb6TZa3B6H4z8c=
- </SignatureValue>
- <KeyInfo>
- <AgreementMethod xmlns="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#dh">
- <KA-Nonce>
- bm9uY2U=
- </KA-Nonce>
- <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
- <OriginatorKeyInfo>
- <KeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
- <DHKeyValue xmlns="http://www.w3.org/2001/04/xmlenc#">
- <P>
- plygl2uMNc+jYtAZeKCZxPsmqa2z8DrOUa7L455iszN4SdPnL+LsZD47VJayvQY8
- 6D1J5arkwrbUzmhMAjBZsENPBgffRwwEBTjoq+gjSyZNIbxqsqnJdEyUElzn4kGE
- whECkJGnOaScacpjZg11h+gd0iBfY091bGHrCZrvr/8=
- </P>
- <Q>
- 9jJXQijNovoq6QUBFcEUYwUvyTM=
- </Q>
- <Generator>
- PerUZgMEMDTegMdTBRG9DPY5EHmwDxwzladdRcfvfdfU/9wlPzz5BUotMm730J9d
- lF6avWr929fzYsnIOUDeUOJpltXmrTYnvz5Bi6yuUu6bVwSfv7u4S+I/EM9ZB+eY
- 3fdF5TAMHD4tK86lw5APDrN2QnO1UMCwIvjOFatSOI0=
- </Generator>
- <Public>
- Ulu6B1lCwajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82r
- NyOUqgfnm97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCt
- m2vKo/BpoLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhM=
- </Public>
- </DHKeyValue>
- </KeyValue>
- <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Certificate>
- MIIDvjCCA36gAwIBAgIGAOxN39MIMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MB4XDTAyMDIyODE3NTMxNloXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
- czCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
- Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
- DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
- T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
- JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
- n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
- 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
- qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
- Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAUlu6B1lC
- wajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82rNyOUqgfn
- m97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCtm2vKo/Bp
- oLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhOjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
- BgNVHQ4ECgQIgUAwB+9f1oIwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
- AwMvADAsAhQ41mCUsFhmxI58tytV8XEVZOCuUwIUVMe/HbUAH5PJ7aRoCNqa3fCI
- cU0=
- </X509Certificate>
- </X509Data>
- </OriginatorKeyInfo>
- <RecipientKeyInfo>
- <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Certificate>
- MIIDvjCCA36gAwIBAgIGAOxN3+EMMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MB4XDTAyMDIyODE3NTMxOVoXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTmlscmVtIFNlaGd1
- aDCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
- Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
- DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
- T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
- JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
- n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
- 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
- qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
- Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAGSYT19Pb
- VCxMt06cAP7zQZ6AC5eXp3zeAweIevV96ryA1mB03qhB9X2lVowAUOFc24aVRTz7
- wRoRjNQ20atzSy21C7yXDkvZ4uxfdrpIqpIVrI28e7XL+6CrhnAk621OvdeyEz5H
- orA21hPXoCNdnUPG5Ib20oopM87ptF5dwiWjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
- BgNVHQ4ECgQIiDCSQ3FB/oEwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
- AwMvADAsAhQMtZ98TyqVkVqUJ3RJqaU7l2xqKgIUX997qRqeMjAkK88NHeNd95/2
- Yos=
- </X509Certificate>
- </X509Data>
- </RecipientKeyInfo>
- </AgreementMethod>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- 9XBpYbFplNqqF7U/QtCHYE20U7oIxcyCr0L19MlenNo=
- </SignatureValue>
- <KeyInfo>
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-tripledes" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <AgreementMethod xmlns="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#dh">
- <KA-Nonce>
- bm9uY2U=
- </KA-Nonce>
- <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
- <OriginatorKeyInfo>
- <KeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
- <DHKeyValue xmlns="http://www.w3.org/2001/04/xmlenc#">
- <P>
- plygl2uMNc+jYtAZeKCZxPsmqa2z8DrOUa7L455iszN4SdPnL+LsZD47VJayvQY8
- 6D1J5arkwrbUzmhMAjBZsENPBgffRwwEBTjoq+gjSyZNIbxqsqnJdEyUElzn4kGE
- whECkJGnOaScacpjZg11h+gd0iBfY091bGHrCZrvr/8=
- </P>
- <Q>
- 9jJXQijNovoq6QUBFcEUYwUvyTM=
- </Q>
- <Generator>
- PerUZgMEMDTegMdTBRG9DPY5EHmwDxwzladdRcfvfdfU/9wlPzz5BUotMm730J9d
- lF6avWr929fzYsnIOUDeUOJpltXmrTYnvz5Bi6yuUu6bVwSfv7u4S+I/EM9ZB+eY
- 3fdF5TAMHD4tK86lw5APDrN2QnO1UMCwIvjOFatSOI0=
- </Generator>
- <Public>
- Ulu6B1lCwajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82r
- NyOUqgfnm97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCt
- m2vKo/BpoLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhM=
- </Public>
- </DHKeyValue>
- </KeyValue>
- <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Certificate>
- MIIDvjCCA36gAwIBAgIGAOxN39MIMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MB4XDTAyMDIyODE3NTMxNloXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
- czCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
- Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
- DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
- T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
- JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
- n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
- 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
- qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
- Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAUlu6B1lC
- wajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82rNyOUqgfn
- m97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCtm2vKo/Bp
- oLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhOjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
- BgNVHQ4ECgQIgUAwB+9f1oIwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
- AwMvADAsAhQ41mCUsFhmxI58tytV8XEVZOCuUwIUVMe/HbUAH5PJ7aRoCNqa3fCI
- cU0=
- </X509Certificate>
- </X509Data>
- </OriginatorKeyInfo>
- <RecipientKeyInfo>
- <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Certificate>
- MIIDvjCCA36gAwIBAgIGAOxN3+EMMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
- MB4XDTAyMDIyODE3NTMxOVoXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
- DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
- cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTmlscmVtIFNlaGd1
- aDCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
- Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
- DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
- T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
- JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
- n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
- 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
- qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
- Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAGSYT19Pb
- VCxMt06cAP7zQZ6AC5eXp3zeAweIevV96ryA1mB03qhB9X2lVowAUOFc24aVRTz7
- wRoRjNQ20atzSy21C7yXDkvZ4uxfdrpIqpIVrI28e7XL+6CrhnAk621OvdeyEz5H
- orA21hPXoCNdnUPG5Ib20oopM87ptF5dwiWjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
- BgNVHQ4ECgQIiDCSQ3FB/oEwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
- AwMvADAsAhQMtZ98TyqVkVqUJ3RJqaU7l2xqKgIUX997qRqeMjAkK88NHeNd95/2
- Yos=
- </X509Certificate>
- </X509Data>
- </RecipientKeyInfo>
- </AgreementMethod>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- 2s+2ji8opL0SLKziiyNZ+mZ8Ibfu7cTwe4C0MmyarYDwGmsiRSqff8trHUwa+njZ
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- 9XBpYbFplNqqF7U/QtCHYE20U7oIxcyCr0L19MlenNo=
- </SignatureValue>
- <KeyInfo>
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>
- MIICkjCCAfugAwIBAgIGAOxN32E+MA0GCSqGSIb3DQEBBQUAMG4xCzAJBgNVBAYT
- AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
- b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFTATBgNVBAMTDFRyYW5zaWVu
- dCBDQTAeFw0wMjAyMjgxNzUyNDZaFw0wMzAyMjgxNzUyNDBaMG8xCzAJBgNVBAYT
- AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
- b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFjAUBgNVBAMTDU1lcmxpbiBI
- dWdoZXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAORdNSxbNFWlQeNsOlYJ
- 9gN9eZD+rguRqKhmhOm7i63VDd5ALm2APXhqAmGBPzLN5jlL9g2XALK5WSO4XKjJ
- McVfYg4+nPuOeHgqdD4HUgf19j/6SaTMcmDFJQMmx1Qw+Aakq3mGcSfvOJcBZctz
- a50VucfCGL1NdfBEcaL3BnhjAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIFoDARBgNV
- HQ4ECgQIjFG0ZGNyvNswEwYDVR0jBAwwCoAIhJXVlhr6O4wwDQYJKoZIhvcNAQEF
- BQADgYEAXzG7x5aCJYRusTbmuZqhidGM5iiA9+RmZ4JTPDEgbeiTiJROxpr+ZjnA
- TmsDKrCpqNUiHWjmsKEArYQp8R/KjdKl/pVe3jUvTxb0YZ+li/7k0GQ5LyRT/K4c
- 2SgyLlyBPhpMq+z3g4P2egVRaZbxsLuKQILf7MIV/X5iAEBzu1w=
- </X509Certificate>
- </X509Data>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- BRhPOKN/KLCih2Q2RoxQiaV0s1FfpOM+kisl9MwRSPow5CyX91rBVfoWpP/Qq1T3
- Rj/f0gVoJyE008uLic4X/S4spnudlOzTkVB6bUzoBt4j+z4hEq/cIfHqVdEJ+lN0
- iu1sJk3k6ESl22OWEqQB7Rl5sAdhFPOqXsnLUNWmqA8=
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- 9XBpYbFplNqqF7U/QtCHYE20U7oIxcyCr0L19MlenNo=
- </SignatureValue>
- <KeyInfo>
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
- <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <OAEPparams>
- MTIzNDU2Nzg=
- </OAEPparams>
- </EncryptionMethod>
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>
- MIICkjCCAfugAwIBAgIGAOxN32E+MA0GCSqGSIb3DQEBBQUAMG4xCzAJBgNVBAYT
- AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
- b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFTATBgNVBAMTDFRyYW5zaWVu
- dCBDQTAeFw0wMjAyMjgxNzUyNDZaFw0wMzAyMjgxNzUyNDBaMG8xCzAJBgNVBAYT
- AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
- b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFjAUBgNVBAMTDU1lcmxpbiBI
- dWdoZXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAORdNSxbNFWlQeNsOlYJ
- 9gN9eZD+rguRqKhmhOm7i63VDd5ALm2APXhqAmGBPzLN5jlL9g2XALK5WSO4XKjJ
- McVfYg4+nPuOeHgqdD4HUgf19j/6SaTMcmDFJQMmx1Qw+Aakq3mGcSfvOJcBZctz
- a50VucfCGL1NdfBEcaL3BnhjAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIFoDARBgNV
- HQ4ECgQIjFG0ZGNyvNswEwYDVR0jBAwwCoAIhJXVlhr6O4wwDQYJKoZIhvcNAQEF
- BQADgYEAXzG7x5aCJYRusTbmuZqhidGM5iiA9+RmZ4JTPDEgbeiTiJROxpr+ZjnA
- TmsDKrCpqNUiHWjmsKEArYQp8R/KjdKl/pVe3jUvTxb0YZ+li/7k0GQ5LyRT/K4c
- 2SgyLlyBPhpMq+z3g4P2egVRaZbxsLuKQILf7MIV/X5iAEBzu1w=
- </X509Certificate>
- </X509Data>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- NGIOL9UzhGwPYvVzbBxOGzxXfTIkzIsmtNSkWA03p64aS41vVA0sKWvcr/79Nf7T
- 6RdA61TmwOKa5GDUYRumEadC7Z0zKFDKcuN78iJzlj2WwVqr5vBx14X2BSVW+de1
- UTmXRZFRosFOk9etvD7Lm1V+kqIxqSrod68G8gJvGrY=
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" />
- <DigestValue>ixv9ZpIiqEzBC3Uztm5Rl6tXd9Q=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- kwV4uELL96oFm8/+VGzq+xAOgUg=
- </SignatureValue>
- <KeyInfo>
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-tripledes" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>bob</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- gHMpx5iF7+KXtNHLasZrkcLHn8Ti4rxUjCIRK+IcgbQir6FUsQ/uxQ3o8enEMWq1
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
- <DigestValue>eI1OLVStn6Z4q7Byq8XGUJ4bce1LMSlanI6o+SvYzt0=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- cOQGJE3d3fXi1BIfdvr1v6tz/4lt9xGznfyDPXEvc4Q=
- </SignatureValue>
- <KeyInfo>
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes128" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>job</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- rPnY/XoSGCbuwy7vpslf29rs9dbvSCmGFOjEs3LT6g/qyZjfDA+2fQ==
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" />
- <DigestValue>bWetGDV3M5oEiecfEHILQxVQRa1XgdY37VH8eWi9yVVx7Rr7UNhk+v6Jk7sMNPoA</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- iEjhOJoKiwsOBduxHj7bxILSsl6TLhNO3w/vlRcw9RZAe24HIxLRfhj4Xqsz1Orr
- </SignatureValue>
- <KeyInfo>
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes192" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jeb</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- 19D633XVohP6UJvaVRAhJek+ahtM3gOiVs6nZyAasDEb+WCUQOcWZw==
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512" />
- <Reference URI="http://www.w3.org/TR/xml-stylesheet">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" />
- <DigestValue>c8+KT9+qCSbNpdZm7/dp9Mv/lgF51ATycY0Ttz/0bw2p5nvnmeEgQpIPw5HhVJ9Ku6dDf0RKVVR/CsYvPGfnEg==</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- zB8ZUo9bQxzxnxW2aZ217eu//1e5xHB6RlfEOFOlx1l5PIhadKAlQo0z1D9B2HVU
- Kj4StSnlUsrvDo2BxgiAoA==
- </SignatureValue>
- <KeyInfo>
- <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <KeyName>jed</KeyName>
- </KeyInfo>
- <CipherData>
- <CipherValue>
- tPCC89jQShB+WDINCdRfKgf8wTlAx8xRXD73RmEHPBfix8zS1N82KQ==
- </CipherValue>
- </CipherData>
- </EncryptedKey>
- </KeyInfo>
-</Signature>
+++ /dev/null
-top secret message
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<PurchaseOrder xmlns="urn:example:po">
- <Items>
- <Item Code="001-001-001" Quantity="1">
- spade
- </Item>
- <Item Code="001-001-002" Quantity="1">
- shovel
- </Item>
- </Items>
- <ShippingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </ShippingAddress>
- <PaymentInfo>
- <BillingAddress>
- Dig PLC, 1 First Ave, Dublin 1, Ireland
- </BillingAddress>
- <CreditCard Type="Amex">
- <Name>Foo B Baz</Name>
- <Number>1234 567890 12345</Number>
- <Expires Month="1" Year="2005" />
- </CreditCard>
- </PaymentInfo>
-</PurchaseOrder>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: XML Digital Signature Online Verifier</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
<!--Links - start--><!--Links - end-->
</table>
</td>
-<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent"><div align="Center">
- <h2>Online XML Digital Signature Verifer</h2>
- <div align="Left">The online XML Digital Signature Verifier is a simple
-cgi script that demonstrates how to use XML Security Library in real applications.
-
-<h4>Copy/Paste the Signed XML Document in the input field below:</h4>
-Please note that <b>all</b> white spaces and carriage returns are <b>significant</b>.
-
- <form action="https://www.aleksey.com/cgi-bin/xmldsigverify" method="POST">
- <center>
- <table width="85%">
-<tr><td>
- <textarea name="_xmldoc" style="WIDTH: 85%; HEIGHT: 300px"></textarea>
-</td></tr>
-<tr><td>
- <input type="submit" value="Verify Signature">
-</td></tr>
+<td valign="top">
+ <table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
+ <div align="center">
+ <h1>Online XML Digital Signature Verifer is retired as of October, 2022</h1>
+ </div>
+ <p>If you are interested in verifying an XML Digital Signature, then you should consider using
+ <a href="xmlsec-man.html">the xmlsec command line tool</a>.
+ The source code for the Online XML Digital Signature Verifer is available on
+ <a href="https://github.com/lsh123/xmlsec/blob/master/examples/xmldsigverify.c">GitHub</a> and in the "examples/"
+ folder of the source tarfile.
+ </p>
+ </td></tr>
</table>
-</center>
- </form>
-
-<h4>Allowed root certificates and signature keys</h4>
-In order to successfully verify your message
-using XML Digital Signature Online Verifier you should sign it using any of
-following keys:
-<ul>
-<li>any x509 certificate (or certificates chain) based on
-root certificates from standard root CA authorities (Verisign, etc.),
-Merlin's root CA used to sign interoperability
-tests from <a href="tests/keys-certs/merlin.pem">merlin-xmldsig-twenty-three.tar.gz</a>
-or "fake" <a href="tests/keys-certs/cacert.pem">root certificate</a>
-(the corresponding <a href="tests/keys-certs/cakey.pem">private key</a>
-is encrypted using passphrase "secret");
-</li>
-<li>HMAC key "secret" (in hex, 73 65 63 72 65 74);
-</li>
-<li>any key public DSA/RSA key provided in the KeyInfo element of the signature.
-</li>
-</ul>
-<p></p>
-<h4>A small list of signed XML documents from XML DSig Interop
-tests suites</h4>
-ATTENTION: some of these signatures use external resource located on other
-Web servers and may fail if these resource are not available by some
-reasons.
-
-<ul>
-<li>
-<a href="tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml">aleksey-xmldsig-01/enveloping-dsa-x509chain.xml</a>
-</li>
-<li>
-<a href="tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml">aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml</a>
-</li>
-<li>
-<a href="tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml">aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml</a>
-</li>
-<li>
-<a href="tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml">aleksey-xmldsig-01/enveloping-rsa-x509chain.xml</a>
-</li>
-<li>
-<a href="tests/merlin-exc-c14n-one/exc-signature.xml">merlin-exc-c14n-one/exc-signature.xml</a>
-</li>
-<li>
-<a href="tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml">merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml</a>
-</li>
-<li>
-<a href="tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml">merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml</a>
-</li>
-<li>
-<a href="tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml">merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml</a>
-</li>
-<li>
-<a href="tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml">merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml</a>
-</li>
-<li>
-<a href="tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml">merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml</a>
-</li>
-<li>
-<a href="tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml">merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml</a>
-</li>
-<li>
-<a href="tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml">merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml</a>
-</li>
-<li>
-<a href="tests/merlin-xmldsig-twenty-three/signature-external-dsa.xml">merlin-xmldsig-twenty-three/signature-external-dsa.xml</a>
-</li>
-<li>
-<a href="tests/merlin-xmldsig-twenty-three/signature.xml">merlin-xmldsig-twenty-three/signature.xml</a>
-</li>
-</ul>
-</div>
- </div></td></tr></table></td>
-</tr></table></body>
+</td></tr>
+</table></body>
</html>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: XML Digital Signature</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
document templates,
add signature(s) to a document "on-the-fly" or verify the signature(s)
in the document. </p>
-<p> <a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">XML Digital
-Signature
-Online Verifier</a> is an example of a real application based on XML
-Security Library. Using this tool you can verify any XML Signature
+<p><a href="xmlsec-man.html">The xmlsec command line tool</a>is an example of a real application
+based on XML Security Library. Using this tool you can verify any XML Signature
and get detailed report on what and how was signed. </p>
<div align="center">
<h3>XML Security Library Interoperability Report</h3>
<td valign="top"><b>XMLSec with GCrypt</b></td>
<td valign="top"><b>XMLSec with NSS</b></td>
<td valign="top"><b>XMLSec with MSCrypto</b></td>
+ <td valign="top"><b>XMLSec with MSCNG</b></td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Detached Signature</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Enveloping Signature:
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Enveloped Signature:
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">SignatureValue
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Manifest DigestValue
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Laxly schema valid Signature
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">XPointers '#xpointer(/)'</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">XPointers '#xpointer(id("<em>ID</em>"))'</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">XPointers: full suppport</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">XPath</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">the dsig XPath 'here()'
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">XSLT transform</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">RetrievalMethod
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">SHA1</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Base64</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">HMAC-SHA1</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">DSA with SHA1 (DSS) <a href="#dsa-sha1"><sup>(1)</sup></a>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">RSA with SHA1</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" valign="top">X509 support</td>
<td valign="top">N</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" valign="top">X509 CRL support</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Minimal C14N (deprecated)</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Enveloped Signature</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
</tbody></table>
<div align="left"> <br><h4 style="text-align: center;">Additional XML Security
<td valign="top"><b>XMLSec with GCrypt</b></td>
<td valign="top"><b>XMLSec with NSS</b></td>
<td valign="top"><b>XMLSec with MSCrypto</b></td>
+ <td valign="top"><b>XMLSec with MSCNG</b></td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">MD5</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">SHA224</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">SHA256</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">SHA384</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">SHA512</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">HMAC-MD5</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">HMAC-SHA224</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">HMAC-SHA256</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">HMAC-SHA384</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">HMAC-SHA512</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="width: 40%;" valign="top">HMAC-RIPEMD160</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">RSA-MD5</td>
<td valign="top">Y</td>
<td valign="top">N</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">RSA-SHA224</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">RSA-SHA256</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">RSA-SHA384</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">RSA-SHA512</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">RSA-RIPEMD160</td>
<td valign="top">Y</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ECDSA-SHA1</td>
+ <td valign="top">Y</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
- <td valign="top">N</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ECDSA-SHA224</td>
+ <td valign="top">Y</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
- <td valign="top">N</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ECDSA-SHA256</td>
+ <td valign="top">Y</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
- <td valign="top">N</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ECDSA-SHA384</td>
+ <td valign="top">Y</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
- <td valign="top">N</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ECDSA-SHA512</td>
+ <td valign="top">Y</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
- <td valign="top">N</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ESIGN-SHA1</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ESIGN-SHA224</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ESIGN-SHA256</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ESIGN-SHA384</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ESIGN-SHA512</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">Minimal C14N (deprecated)</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">XPointer transform</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
<td valign="top">Y</td>
+ <td valign="top">Y</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">ARCFOUR Encryption</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">Camellia Block Encryption 128</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">Camellia Block Encryption 192</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">Camellia Block Encryption 256</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">Camellia Key Wrap 128</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
-<td style="vertical-align: top; width: 40%;">Camellia
-Key Wrap 192</td>
+<td style="vertical-align: top; width: 40%;">Camellia Key Wrap 192</td>
+ <td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">PSEC-KEM</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">N</td>
+ <td valign="top">N</td>
</tr>
</tbody></table>
<div align="left">
<td valign="top"><b>XMLSec with GnuTLS</b></td>
<td valign="top"><b>XMLSec with GCrypt</b></td>
<td valign="top"><b>XMLSec with NSS</b></td>
- <td valign="top">
-<b>XMLSec with MSCrypto</b> </td>
+ <td valign="top"><b>XMLSec with MSCrypto</b></td>
+ <td valign="top"><b>XMLSec with MSCNG</b></td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">GOST94 digests</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">Y<a href="#gost-mscrypto"><sup>(2)</sup></a>
-</td>
+ <td valign="top">N</td>
</tr>
<tr>
<td style="vertical-align: top; width: 40%;">GOST2001 signatures</td>
<td valign="top">N</td>
<td valign="top">N</td>
<td valign="top">Y<a href="#gost-mscrypto"><sup>(2)</sup></a>
-</td>
+ <td valign="top">N</td>
</tr>
</tbody></table>
<br><br><a name="dsa-sha1"></a><sup>(1)</sup> Defining <a href="http://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue"> DSA key</a>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XML Security Library: XML Encryption</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
+<!DOCTYPE html>
<html>
<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Man page of XMLSEC1</title>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
+<link rel="stylesheet" href="css/main.css">
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
-<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
-<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="mailing-list.html">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
</td>
<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
<h1>XMLSEC1</h1>
-<br><br><a href="#index">Index</a><a href="/cgi-bin/man/man2html">Return to Main Contents</a><hr>
+<br>
<a name="lbAB"> </a><h2>NAME</h2>
<a name="lbAC"> </a><h2>SYNOPSIS</h2>
<b>xmlsec</b><i>,<command> /</i><i>,<options>/</i><i>,<files>/</i><a name="lbAD"> </a><h2>DESCRIPTION</h2>
<dt><a href="#lbAH">COPYRIGHT</a></dt>
<dd> </dd>
</dl>
-<hr>
-<a href="/cgi-bin/man/man2html">man2html</a><br>
+
</td></tr></table></td>
</tr></table></body>
</html>
<html>
<head>
<xsl:copy-of select="//head/*" />
-<style type="text/css">
-table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
- width: 20em;
-}
-.synopsis, .classsynopsis {
- background: #eeeeee;
- border: solid 1px #aaaaaa;
-}
-.programlisting {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation {
- background: #eeeeee;
- border: solid 1px #000000;
-}
-.navigation a {
- color: initial;
-}
-.navigation a:visited {
- color: initial;
-}
-</style>
</head>
<body>
<table width="100%" valign="top">
<xsl:with-param name="href">xmldsig.html</xsl:with-param>
<xsl:with-param name="text">XML Digital Signature</xsl:with-param>
</xsl:call-template>
- </li>
- <ul>
- <li>
- <a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a>
</li>
- </ul>
<li>
<xsl:call-template name="linkto">
<xsl:with-param name="href">xmlenc.html</xsl:with-param>
<xsl:with-param name="text">Reporting Bugs</xsl:with-param>
</xsl:call-template>
</li>
- <li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+ <li><a href="mailing-list.html">Mailing list</a></li>
<li>
<xsl:call-template name="linkto">
<xsl:with-param name="href">related.html</xsl:with-param>
</body>
</html>
- </xsl:template>
+</xsl:template>
</xsl:stylesheet>
xmldsigverify
CC = gcc
-CFLAGS += -g $(shell xmlsec1-config --cflags) -DUNIX_SOCKETS
+CFLAGS += -g $(shell xmlsec1-config --cflags) -DUNIX_SOCKETS -Wall -Wextra
LDLIBS += -g $(shell xmlsec1-config --libs)
all: $(PROGRAMS)
clean:
- @rm -rf $(PROGRAMS)
+ rm -rf $(PROGRAMS)
check: $(PROGRAMS)
./sign1 sign1-tmpl.xml rsakey.pem
+++ /dev/null
-This folder contains XML Security Library examples.
-
-1. Files List
--------------------------
-
- README This file.
- Makefile *nix makefile.
- Makefile.w32 Win32 makefile.
- cacert.pem Root (trusted) certificate
- ca2cert.pem CA (trusted) certificate (signed with cacert.pem)
- rsakey.pem Private PEM key file
- rsapub.pem Public PEM key file
- rsacert.pem Certificate for rsakey.pem signed with ca2cert.pem
- deskey.bin A DES keys
- sign1.c Signing with a template file
- sign1-tmpl.xml An example template file for sign1 example
- sign1-res.xml The result of processing sign1_tmpl.xml by sign1.c
- sign2.c Signing a file with a dynamicaly created template
- sign2-doc.xml An example XML file for signing by sign2.c
- sign2-res.xml The result of signing sign2-doc.xml by sign2.c
- sign3.c Signing a file with a dynamicaly created template and an X509 certificate
- sign3-doc.xml An example XML file for signing by sign3.c
- sign3-res.xml The result of signing sign3-doc.xml by sign3.c
- verify1.c Verifying a signed document with a single key
- verify2.c Verifying a signed document using keys manager
- verify3.c Verifying a signed document using X509 certificate
- verify4.c Verifying a simple SAML response using X509 certificate
- verify4-tmpl.xml An example template file with a simple SAML response for verify4 example
- verify4-res.xml Signed simple SAML response for verification by verify4.c
- encrypt1.c Encrypting binary data with a template file
- encrypt1-res.xml An example template file for encrypt1.c
- encrypt1-tmpl.xml The result of processing encrypt1_tmpl.xml by encrypt1.c
- encrypt2.c Encrypting XML file using a dynamicaly created template
- encrypt2-doc.xml An example XML file for encryption by encrypt2.c
- encrypt2-res.xml The result of encryptin encrypt2-doc.xml by encrypt2.c
- encrypt2.c Encrypting XML file using a session DES key
- encrypt2-doc.xml An example XML file for encryption by encrypt3.c
- encrypt2-res.xml The result of encryptin encrypt3-doc.xml by encrypt3.c
- decrypt1.c Decrypting binary data using a single key
- decrypt2.c Decrypting binary data using keys manager
- decrypt3.c Decrypting binary file using custom keys manager
- xmldsigverify.c CGI script for signatures verifications
-
-2. Building Examples
--------------------------
-
-Unixes:
- Just run the usual 'make' command (assuming that xmlsec, libxml and
- all other required libraries are already installed).
-
-Windows:
- - Add paths to include and library files for xmlsec, libxml2, libexslt and
- openssl or nss to the environment variables INCLUDE and LIB.
- - Edit 'Makefile.w32' file and specify correct crypto engine (openssl or
- nss for now). You can also specify necessary include and library paths
- or change from static linking to using DLLs.
- - Run 'nmake -f Makefile.w32'
-
- If something does not work, check the README file in the top level
- "win32" folder and have fun :)
-
-Other platforms:
- If none of the above works for you and you've managed to compile xmlsec
- library by yourself then you probably know what to do.
-
-
-
-3. Runnning Examples.
--------------------------
-
-The following are just examples and you can use the programs from this
-folder with any other input files:
-
- ./sign1 sign1-tmpl.xml rsakey.pem
- ./sign2 sign2-doc.xml rsakey.pem
- ./sign3 sign3-doc.xml rsakey.pem rsacert.pem
-
- ./verify1 sign1-res.xml rsapub.pem
- ./verify1 sign2-res.xml rsapub.pem
- ./verify2 sign1-res.xml rsapub.pem
- ./verify2 sign2-res.xml rsapub.pem
- ./verify3 sign3-res.xml ca2cert.pem cacert.pem
- ./verify4 verify4-res.xml ca2cert.pem cacert.pem
-
- ./encrypt1 encrypt1-tmpl.xml deskey.bin
- ./encrypt2 encrypt2-doc.xml deskey.bin
- ./encrypt3 encrypt3-doc.xml rsakey.pem
-
- ./decrypt1 encrypt1-res.xml deskey.bin
- ./decrypt1 encrypt2-res.xml deskey.bin
- ./decrypt2 encrypt1-res.xml deskey.bin
- ./decrypt2 encrypt2-res.xml deskey.bin
- ./decrypt3 encrypt1-res.xml
- ./decrypt3 encrypt2-res.xml
- ./decrypt3 encrypt3-res.xml
-
-4. Using xmlsec command line tool.
--------------------------
-For Windows, use "xmlsec" instead of "xmlsec1":
-
- xmlsec1 sign --privkey rsakey.pem --output sign1.xml sign1-tmpl.xml
- xmlsec1 verify --pubkey rsapub.pem sign1.xml
- xmlsec1 verify --pubkey rsapub.pem sign1-res.xml
- xmlsec1 verify --pubkey rsapub.pem sign2-res.xml
- xmlsec1 verify --trusted ca2cert.pem --trusted cacert.pem sign3-res.xml
- xmlsec1 verify --trusted ca2cert.pem --trusted cacert.pem verify4-res.xml
-
- xmlsec1 encrypt --deskey deskey.bin --binary-data binary.dat --output encrypt1.xml encrypt1-tmpl.xml
- xmlsec1 decrypt --deskey deskey.bin encrypt1.xml
- xmlsec1 decrypt --deskey deskey.bin encrypt1-res.xml
- xmlsec1 decrypt --deskey deskey.bin encrypt2-res.xml
- xmlsec1 decrypt --privkey rsakey.pem encrypt3-res.xml
-
-
--- /dev/null
+# XMLSec Library: Examples
+
+This folder contains XML Security Library examples.
+
+## Building examples
+
+### Unixes
+Just run the usual `make` command (assuming that xmlsec, libxml2, libxslt and
+all other required libraries are already installed).
+
+### Windows
+- Add paths to include and library files for xmlsec, libxml2, libxslt and
+openssl or nss to the environment variables INCLUDE and LIB.
+- Edit `Makefile.w32` file and specify correct crypto engine (openssl or
+nss for now). You can also specify necessary include and library paths
+or change from static linking to using DLLs.
+- Run `nmake -f Makefile.w32`
+
+If something does not work, check the README file in the top level
+`win32` folder for additional instructions.
+
+## Examples
+
+### sign1: signing with a template file
+
+Files:
+```
+sign1.c The source code
+sign1-tmpl.xml The template file for sign1 example
+sign1-res.xml The result of processing sign1_tmpl.xml by sign1.c
+```
+
+To run this example:
+```
+./sign1 sign1-tmpl.xml rsakey.pem
+```
+
+To sign a template file with `xmlsec1` command line utility (use `xmlsec` on Windows):
+```
+xmlsec1 sign --privkey rsakey.pem --output sign1.xml sign1-tmpl.xml
+```
+
+### sign2: signing a file with a dynamicaly created template
+
+Files:
+```
+sign2.c The source code
+sign2-doc.xml An example XML file for signing by sign2.c
+sign2-res.xml The result of signing sign2-doc.xml by sign2.c
+```
+
+To run this example:
+```
+./sign2 sign2-doc.xml rsakey.pem
+```
+
+### sign3: signing a file with a dynamicaly created template and an X509 certificate
+
+Files:
+```
+sign3.c The source code
+sign3-doc.xml An example XML file for signing by sign3.c
+sign3-res.xml The result of signing sign3-doc.xml by sign3.c
+```
+
+To run this example:
+```
+./sign3 sign3-doc.xml rsakey.pem rsacert.pem
+```
+
+### verify1: verifying a signed document with a public key
+
+Files:
+```
+verify1.c The source code
+```
+
+To run this example:
+```
+./verify1 sign1-res.xml rsapub.pem
+./verify1 sign2-res.xml rsapub.pem
+```
+
+### verify2: verifying a signed document using keys manager
+
+Files:
+```
+verify2.c The source code
+```
+
+To run this example:
+```
+./verify2 sign1-res.xml rsapub.pem
+./verify2 sign2-res.xml rsapub.pem
+```
+
+To verify a signed document with `xmlsec1` command line utility (use `xmlsec` on Windows):
+```
+xmlsec1 verify --pubkey rsapub.pem sign1-res.xml
+xmlsec1 verify --pubkey rsapub.pem sign2-res.xml
+```
+
+### verify3: verifying a signed document using X509 certificate
+
+Files:
+```
+verify3.c The source code
+```
+
+To run this example:
+```
+./verify3 sign3-res.xml ca2cert.pem cacert.pem
+```
+
+To verify a signed document using X509 certificate with `xmlsec1` command line
+utility (use `xmlsec` on Windows):
+```
+xmlsec1 verify --trusted ca2cert.pem --trusted cacert.pem sign3-res.xml
+```
+
+### verify4: verifying a simple SAML response using X509 certificate
+
+Files:
+```
+verify4.c The source code
+verify4-tmpl.xml An example template file with a simple SAML response for verify4 example
+verify4-res.xml Signed simple SAML response for verification by verify4.c
+```
+
+To run this example:
+```
+./verify4 verify4-res.xml ca2cert.pem cacert.pem
+```
+
+To verify a signed SAML response using X509 certificate with `xmlsec1` command line
+utility (use `xmlsec` on Windows):
+```
+xmlsec1 verify --trusted ca2cert.pem --trusted cacert.pem verify4-res.xml
+```
+
+### encrypt1: encrypting binary data with a template file
+
+Files:
+```
+encrypt1.c The source code
+encrypt1-res.xml An example template file for encrypt1.c
+encrypt1-tmpl.xml The result of processing encrypt1_tmpl.xml by encrypt1.c
+```
+
+To run this example:
+```
+./encrypt1 encrypt1-tmpl.xml deskey.bin
+```
+
+To encrypt binary data with a template file with `xmlsec1` command line
+utility (use `xmlsec` on Windows):
+```
+xmlsec1 encrypt --deskey deskey.bin --binary-data binary.dat --output encrypt1.xml encrypt1-tmpl.xml
+```
+
+### encrypt2: encrypting XML file using a dynamicaly created template
+
+Files:
+```
+encrypt2.c The source code
+encrypt2-doc.xml An example XML file for encryption by encrypt2.c
+encrypt2-res.xml The result of encryptin encrypt2-doc.xml by encrypt2.c
+```
+
+To run this example:
+```
+./encrypt2 encrypt2-doc.xml deskey.bin
+```
+
+### encrypt3: encrypting XML file using a session DES key
+
+Files:
+```
+encrypt3.c The source code
+encrypt3-doc.xml An example XML file for encryption by encrypt3.c
+encrypt3-res.xml The result of encryptin encrypt3-doc.xml by encrypt3.c
+```
+
+To run this example:
+```
+./encrypt3 encrypt3-doc.xml rsakey.pem
+```
+
+### decrypt1: decrypting binary data using a single key
+
+Files:
+```
+decrypt1.c The source code
+```
+
+To run this example:
+```
+./decrypt1 encrypt1-res.xml deskey.bin
+./decrypt1 encrypt2-res.xml deskey.bin
+```
+
+### decrypt2: decrypting binary data using keys manager
+
+Files:
+```
+decrypt2.c The source code
+```
+
+To run this example:
+```
+./decrypt2 encrypt1-res.xml deskey.bin
+./decrypt2 encrypt2-res.xml deskey.bin
+```
+
+To decrypt binary data with `xmlsec1` command line utility (use `xmlsec` on Windows):
+```
+xmlsec1 decrypt --deskey deskey.bin encrypt1-res.xml
+xmlsec1 decrypt --deskey deskey.bin encrypt2-res.xml
+xmlsec1 decrypt --privkey rsakey.pem encrypt3-res.xml
+```
+
+### decrypt3: decrypting binary file using custom keys manager
+
+Files:
+```
+decrypt3.c The source code
+```
+
+To run this example:
+```
+./decrypt3 encrypt1-res.xml
+./decrypt3 encrypt2-res.xml
+./decrypt3 encrypt3-res.xml
+```
+
+### xmldsigverify: CGI script for signatures verifications
+
+Files:
+```
+xmldsigverify.c The source code
+```
+
+To run this example, install compiled xmldsigverify script into
+your web server cgi-bin directory.
+
+### Keys and certificates
+```
+cacert.pem Root (trusted) certificate
+ca2cert.pem CA (trusted) certificate (signed with cacert.pem)
+rsakey.pem Private PEM key file
+rsapub.pem Public PEM key file
+rsacert.pem Certificate for rsakey.pem signed with ca2cert.pem
+deskey.bin A DES keys
+```
-/**
+/**
* XML Security Library example: Decrypting an encrypted file using a single key.
- *
+ *
* Decrypts encrypted XML file using a single DES key from a binary file
- *
- * Usage:
- * ./decrypt1 <xml-enc> <des-key-file>
+ *
+ * Usage:
+ * ./decrypt1 <xml-enc> <des-key-file>
*
* Example:
* ./decrypt1 encrypt1-res.xml deskey.bin
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int decrypt_file(const char* enc_file, const char* key_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
+
-
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(decrypt_file(argv[1], argv[2]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* @enc_file: the encrypted XML file name.
* @key_file: the Triple DES key file.
*
- * Decrypts the XML file #enc_file using DES key from #key_file and
+ * Decrypts the XML file #enc_file using DES key from #key_file and
* prints results to stdout.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
decrypt_file(const char* enc_file, const char* key_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(enc_file);
assert(key_file);
doc = xmlParseFile(enc_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
/* create encryption context, we don't need keys manager in this example */
fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", key_file);
goto done;
}
-
+
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(encCtx->encKey, key_file) < 0) {
+ if(xmlSecKeySetName(encCtx->encKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: decryption failed\n");
goto done;
}
-
+
/* print decrypted data to stdout */
if(encCtx->resultReplaced != 0) {
fprintf(stdout, "Decrypted XML data:\n");
xmlDocDump(stdout, doc);
} else {
- fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
+ fprintf(stdout, "Decrypted binary data (" XMLSEC_SIZE_FMT " bytes):\n",
+ xmlSecBufferGetSize(encCtx->result));
if(xmlSecBufferGetData(encCtx->result) != NULL) {
- fwrite(xmlSecBufferGetData(encCtx->result),
- 1,
+ fwrite(xmlSecBufferGetData(encCtx->result),
+ 1,
xmlSecBufferGetSize(encCtx->result),
stdout);
}
}
fprintf(stdout, "\n");
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
xmlSecEncCtxDestroy(encCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
-/**
+/**
* XML Security Library example: Decrypting an encrypted file using keys manager.
- *
- * Decrypts encrypted XML file using keys manager and a list of
+ *
+ * Decrypts encrypted XML file using keys manager and a list of
* DES key from a binary file
- *
- * Usage:
- * ./decrypt2 <xml-enc> <des-key-file1> [<des-key-file2> [...]]
+ *
+ * Usage:
+ * ./decrypt2 <xml-enc> <des-key-file1> [<des-key-file2> [...]]
*
* Example:
* ./decrypt2 encrypt1-res.xml deskey.bin
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr load_des_keys(char** files, int files_size);
int decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file);
-int
+int
main(int argc, char **argv) {
xmlSecKeysMngrPtr mngr;
#ifndef XMLSEC_NO_XSLT
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
+
-
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
}
if(decrypt_file(mngr, argv[1]) < 0) {
- xmlSecKeysMngrDestroy(mngr);
+ xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
+ }
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* Returns the pointer to newly created keys manager or NULL if an error
* occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
load_des_keys(char** files, int files_size) {
xmlSecKeysMngrPtr mngr;
xmlSecKeyPtr key;
int i;
-
+
assert(files);
assert(files_size > 0);
-
+
/* create and initialize keys manager, we use a simple list based
* keys manager, implement your own xmlSecKeysStore klass if you need
- * something more sophisticated
+ * something more sophisticated
*/
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
- }
-
+ }
+
for(i = 0; i < files_size; ++i) {
assert(files[i]);
xmlSecKeysMngrDestroy(mngr);
return(NULL);
}
-
- /* add key to keys manager, from now on keys manager is responsible
- * for destroying key
+
+ /* add key to keys manager, from now on keys manager is responsible
+ * for destroying key
*/
if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) {
fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
* @mngr: the pointer to keys manager.
* @enc_file: the encrypted XML file name.
*
- * Decrypts the XML file #enc_file using DES key from #key_file and
+ * Decrypts the XML file #enc_file using DES key from #key_file and
* prints results to stdout.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(enc_file);
doc = xmlParseFile(enc_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
/* create encryption context */
fprintf(stderr,"Error: decryption failed\n");
goto done;
}
-
+
/* print decrypted data to stdout */
if(encCtx->resultReplaced != 0) {
fprintf(stdout, "Decrypted XML data:\n");
xmlDocDump(stdout, doc);
} else {
- fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
+ fprintf(stdout, "Decrypted binary data (" XMLSEC_SIZE_FMT " bytes):\n",
+ xmlSecBufferGetSize(encCtx->result));
if(xmlSecBufferGetData(encCtx->result) != NULL) {
- fwrite(xmlSecBufferGetData(encCtx->result),
- 1,
+ fwrite(xmlSecBufferGetData(encCtx->result),
+ 1,
xmlSecBufferGetSize(encCtx->result),
stdout);
}
}
fprintf(stdout, "\n");
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
xmlSecEncCtxDestroy(encCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
-/**
+/**
* XML Security Library example: Decrypting an encrypted file using a custom keys manager.
- *
+ *
* Decrypts encrypted XML file using a custom files based keys manager.
- * We assume that key's name in <dsig:KeyName/> element is just
+ * We assume that key's name in <dsig:KeyName/> element is just
* key's file name in the current folder.
- *
- * Usage:
- * ./decrypt3 <xml-enc>
+ *
+ * Usage:
+ * ./decrypt3 <xml-enc>
*
* Example:
* ./decrypt3 encrypt1-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr create_files_keys_mngr(void);
int decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file);
-int
+int
main(int argc, char **argv) {
xmlSecKeysMngrPtr mngr;
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
-#endif /* XMLSEC_NO_XSLT */
+#endif /* XMLSEC_NO_XSLT */
assert(argv);
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
/* Init xmlsec library */
if(xmlSecInit() < 0) {
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
}
if(decrypt_file(mngr, argv[1]) < 0) {
- xmlSecKeysMngrDestroy(mngr);
+ xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
+ }
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* @mngr: the pointer to keys manager.
* @enc_file: the encrypted XML file name.
*
- * Decrypts the XML file #enc_file using DES key from #key_file and
+ * Decrypts the XML file #enc_file using DES key from #key_file and
* prints results to stdout.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(enc_file);
doc = xmlParseFile(enc_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
- goto done;
+ goto done;
}
/* create encryption context */
fprintf(stderr,"Error: decryption failed\n");
goto done;
}
-
+
/* print decrypted data to stdout */
if(encCtx->resultReplaced != 0) {
fprintf(stdout, "Decrypted XML data:\n");
xmlDocDump(stdout, doc);
} else {
- fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
+ fprintf(stdout, "Decrypted binary data (" XMLSEC_SIZE_FMT " bytes):\n",
+ xmlSecBufferGetSize(encCtx->result));
if(xmlSecBufferGetData(encCtx->result) != NULL) {
- fwrite(xmlSecBufferGetData(encCtx->result),
- 1,
+ fwrite(xmlSecBufferGetData(encCtx->result),
+ 1,
xmlSecBufferGetSize(encCtx->result),
stdout);
}
}
fprintf(stdout, "\n");
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
xmlSecEncCtxDestroy(encCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
/**
* create_files_keys_mngr:
- *
- * Creates a files based keys manager: we assume that key name is
+ *
+ * Creates a files based keys manager: we assume that key name is
* the key file name,
*
* Returns pointer to newly created keys manager or NULL if an error occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
create_files_keys_mngr(void) {
xmlSecKeyStorePtr keysStore;
xmlSecKeysMngrPtr mngr;
fprintf(stderr, "Error: failed to create keys store.\n");
return(NULL);
}
-
+
/* create keys manager */
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
xmlSecKeysMngrDestroy(mngr);
return(NULL);
}
-
+
/* initialize crypto library specific data in keys manager */
if(xmlSecCryptoKeysMngrInit(mngr) < 0) {
fprintf(stderr, "Error: failed to initialize crypto data in keys manager.\n");
/****************************************************************************
*
- * Files Keys Store: we assume that key's name (content of the
- * <dsig:KeyName/> element is a name of the file with a key (in the
+ * Files Keys Store: we assume that key's name (content of the
+ * <dsig:KeyName/> element is a name of the file with a key (in the
* current folder).
* Attention: this probably not a good solution for high traffic systems.
- *
+ *
***************************************************************************/
static xmlSecKeyPtr files_keys_store_find_key (xmlSecKeyStorePtr store,
const xmlChar* name,
static xmlSecKeyStoreKlass files_keys_store_klass = {
sizeof(xmlSecKeyStoreKlass),
sizeof(xmlSecKeyStore),
- BAD_CAST "files-based-keys-store", /* const xmlChar* name; */
+ BAD_CAST "files-based-keys-store", /* const xmlChar* name; */
NULL, /* xmlSecKeyStoreInitializeMethod initialize; */
NULL, /* xmlSecKeyStoreFinalizeMethod finalize; */
files_keys_store_find_key, /* xmlSecKeyStoreFindKeyMethod findKey; */
/**
* files_keys_store_get_klass:
- *
+ *
* The files based keys store klass: we assume that key name is the
* key file name,
*
* Returns files based keys store klass.
*/
-xmlSecKeyStoreId
+xmlSecKeyStoreId
files_keys_store_get_klass(void) {
return(&files_keys_store_klass);
}
* @store: the pointer to simple keys store.
* @name: the desired key name.
* @keyInfoCtx: the pointer to <dsig:KeyInfo/> node processing context.
- *
+ *
* Lookups key in the @store. The caller is responsible for destroying
* returned key with #xmlSecKeyDestroy function.
*
files_keys_store_find_key(xmlSecKeyStorePtr store, const xmlChar* name, xmlSecKeyInfoCtxPtr keyInfoCtx) {
xmlSecKeyPtr key;
const xmlChar* p;
-
+
assert(store);
assert(keyInfoCtx);
- /* it's possible to do not have the key name or desired key type
+ /* it's possible to do not have the key name or desired key type
* but we could do nothing in this case */
if((name == NULL) || (keyInfoCtx->keyReq.keyId == xmlSecKeyDataIdUnknown)){
return(NULL);
}
-
+
/* we don't want to open files in a folder other than "current";
* to prevent it limit the characters in the key name to alpha/digit,
* '.', '-' or '_'.
return(NULL);
}
}
-
+
if((keyInfoCtx->keyReq.keyId == xmlSecKeyDataDsaId) || (keyInfoCtx->keyReq.keyId == xmlSecKeyDataRsaId)) {
/* load key from a pem file, if key is not found then it's an error (is it?) */
- key = xmlSecCryptoAppKeyLoad(name, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+ key = xmlSecCryptoAppKeyLoad((const char*)name, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
if(key == NULL) {
fprintf(stderr,"Error: failed to load public pem key from \"%s\"\n", name);
return(NULL);
}
} else {
/* otherwise it's a binary key, if key is not found then it's an error (is it?) */
- key = xmlSecKeyReadBinaryFile(keyInfoCtx->keyReq.keyId, name);
+ key = xmlSecKeyReadBinaryFile(keyInfoCtx->keyReq.keyId, (const char*)name);
if(key == NULL) {
fprintf(stderr,"Error: failed to load key from binary file \"%s\"\n", name);
return(NULL);
/* set key name */
if(xmlSecKeySetName(key, name) < 0) {
- fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", name);
+ fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", (const char*)name);
xmlSecKeyDestroy(key);
- return(NULL);
+ return(NULL);
}
return(key);
-/**
+/**
* XML Security Library example: Encrypting data using a template file.
- *
+ *
* Encrypts binary data using a template file and a DES key from a binary file
- *
- * Usage:
- * ./encrypt1 <xml-tmpl> <des-key-file>
+ *
+ * Usage:
+ * ./encrypt1 <xml-tmpl> <des-key-file>
*
* Example:
* ./encrypt1 encrypt1-tmpl.xml deskey.bin > encrypt1-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
#include <xmlsec/xmlenc.h>
#include <xmlsec/crypto.h>
-int encrypt_file(const char* tmpl_file, const char* key_file,
+int encrypt_file(const char* tmpl_file, const char* key_file,
const unsigned char* data, size_t dataSize);
-int
+int
main(int argc, char **argv) {
static const char secret_data[] = "Big secret";
#ifndef XMLSEC_NO_XSLT
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
return(-1);
}
- if(encrypt_file(argv[1], argv[2], secret_data, strlen(secret_data)) < 0) {
+ if(encrypt_file(argv[1], argv[2], BAD_CAST secret_data, strlen(secret_data)) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
-encrypt_file(const char* tmpl_file, const char* key_file,
+int
+encrypt_file(const char* tmpl_file, const char* key_file,
const unsigned char* data, size_t dataSize) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(tmpl_file);
assert(key_file);
assert(data);
doc = xmlParseFile(tmpl_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
- goto done;
+ goto done;
}
/* create encryption context, we don't need keys manager in this example */
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(encCtx->encKey, key_file) < 0) {
+ if(xmlSecKeySetName(encCtx->encKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: encryption failed\n");
goto done;
}
-
+
/* print encrypted data with document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
xmlSecEncCtxDestroy(encCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
-/**
+/**
* XML Security Library example: Encrypting XML file with a dynamicaly created template.
- *
- * Encrypts XML file using a dynamicaly created template file and a DES key
+ *
+ * Encrypts XML file using a dynamicaly created template file and a DES key
* from a binary file
- *
- * Usage:
- * ./encrypt2 <xml-doc> <des-key-file>
+ *
+ * Usage:
+ * ./encrypt2 <xml-doc> <des-key-file>
*
* Example:
* ./encrypt2 encrypt2-doc.xml deskey.bin > encrypt2-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int encrypt_file(const char* xml_file, const char* key_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(encrypt_file(argv[1], argv[2]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
encrypt_file(const char* xml_file, const char* key_file) {
xmlDocPtr doc = NULL;
xmlNodePtr encDataNode = NULL;
xmlNodePtr keyInfoNode = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(xml_file);
assert(key_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
- /* create encryption template to encrypt XML file and replace
+
+ /* create encryption template to encrypt XML file and replace
* its content with encryption result */
encDataNode = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId,
NULL, xmlSecTypeEncElement, NULL, NULL);
if(encDataNode == NULL) {
fprintf(stderr, "Error: failed to create encryption template\n");
- goto done;
+ goto done;
}
/* we want to put encrypted data in the <enc:CipherValue/> node */
if(xmlSecTmplEncDataEnsureCipherValue(encDataNode) == NULL) {
fprintf(stderr, "Error: failed to add CipherValue node\n");
- goto done;
+ goto done;
}
/* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to put key name in the signed document */
keyInfoNode = xmlSecTmplEncDataEnsureKeyInfo(encDataNode, NULL);
if(keyInfoNode == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) {
fprintf(stderr, "Error: failed to add key name\n");
- goto done;
+ goto done;
}
/* create encryption context, we don't need keys manager in this example */
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(encCtx->encKey, key_file) < 0) {
+ if(xmlSecKeySetName(encCtx->encKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: encryption failed\n");
goto done;
}
-
+
/* we template is inserted in the doc */
encDataNode = NULL;
-
+
/* print encrypted data with document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
if(encDataNode != NULL) {
xmlFreeNode(encDataNode);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
-/**
+/**
* XML Security Library example: Encrypting XML file with a session key and dynamicaly created template.
- *
- * Encrypts XML file using a dynamicaly created template file and a session
+ *
+ * Encrypts XML file using a dynamicaly created template file and a session
* DES key (encrypted with an RSA key).
- *
- * Usage:
- * ./encrypt3 <xml-doc> <rsa-pem-key-file>
+ *
+ * Usage:
+ * ./encrypt3 <xml-doc> <rsa-pem-key-file>
*
* Example:
* ./encrypt3 encrypt3-doc.xml rsakey.pem > encrypt3-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr load_rsa_keys(char* key_file);
int encrypt_file(xmlSecKeysMngrPtr mngr, const char* xml_file, const char* key_name);
-int
+int
main(int argc, char **argv) {
xmlSecKeysMngrPtr mngr;
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
#endif /* XMLSEC_NO_XSLT */
-
+
assert(argv);
if(argc != 3) {
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
/* Init xmlsec library */
if(xmlSecInit() < 0) {
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(encrypt_file(mngr, argv[1], argv[2]) < 0) {
xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
+ }
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* Returns the pointer to newly created keys manager or NULL if an error
* occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
load_rsa_keys(char* key_file) {
xmlSecKeysMngrPtr mngr;
xmlSecKeyPtr key;
-
+
assert(key_file);
-
+
/* create and initialize keys manager, we use a simple list based
* keys manager, implement your own xmlSecKeysStore klass if you need
- * something more sophisticated
+ * something more sophisticated
*/
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
- }
-
+ }
+
/* load private RSA key */
key = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
if(key == NULL) {
/* set key name to the file name, this is just an example! */
if(xmlSecKeySetName(key, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
- xmlSecKeyDestroy(key);
+ xmlSecKeyDestroy(key);
xmlSecKeysMngrDestroy(mngr);
return(NULL);
}
-
- /* add key to keys manager, from now on keys manager is responsible
- * for destroying key
+
+ /* add key to keys manager, from now on keys manager is responsible
+ * for destroying key
*/
if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) {
fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", key_file);
* @xml_file: the encryption template file name.
* @key_name: the RSA key name.
*
- * Encrypts #xml_file using a dynamicaly created template, a session DES key
+ * Encrypts #xml_file using a dynamicaly created template, a session DES key
* and an RSA key from keys manager.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
encrypt_file(xmlSecKeysMngrPtr mngr, const char* xml_file, const char* key_name) {
xmlDocPtr doc = NULL;
xmlNodePtr encDataNode = NULL;
xmlNodePtr keyInfoNode2 = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(xml_file);
assert(key_name);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
- /* create encryption template to encrypt XML file and replace
+
+ /* create encryption template to encrypt XML file and replace
* its content with encryption result */
encDataNode = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId,
NULL, xmlSecTypeEncElement, NULL, NULL);
if(encDataNode == NULL) {
fprintf(stderr, "Error: failed to create encryption template\n");
- goto done;
+ goto done;
}
/* we want to put encrypted data in the <enc:CipherValue/> node */
if(xmlSecTmplEncDataEnsureCipherValue(encDataNode) == NULL) {
fprintf(stderr, "Error: failed to add CipherValue node\n");
- goto done;
+ goto done;
}
/* add <dsig:KeyInfo/> */
keyInfoNode = xmlSecTmplEncDataEnsureKeyInfo(encDataNode, NULL);
if(keyInfoNode == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
/* add <enc:EncryptedKey/> to store the encrypted session key */
- encKeyNode = xmlSecTmplKeyInfoAddEncryptedKey(keyInfoNode,
- xmlSecTransformRsaPkcs1Id,
+ encKeyNode = xmlSecTmplKeyInfoAddEncryptedKey(keyInfoNode,
+ xmlSecTransformRsaPkcs1Id,
NULL, NULL, NULL);
if(encKeyNode == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
/* we want to put encrypted key in the <enc:CipherValue/> node */
if(xmlSecTmplEncDataEnsureCipherValue(encKeyNode) == NULL) {
fprintf(stderr, "Error: failed to add CipherValue node\n");
- goto done;
+ goto done;
}
/* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to <enc:EncryptedKey/> */
keyInfoNode2 = xmlSecTmplEncDataEnsureKeyInfo(encKeyNode, NULL);
if(keyInfoNode2 == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
-
+
/* set key name so we can lookup key when needed */
- if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode2, key_name) == NULL) {
+ if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode2, BAD_CAST key_name) == NULL) {
fprintf(stderr, "Error: failed to add key name\n");
- goto done;
+ goto done;
}
/* create encryption context */
fprintf(stderr,"Error: encryption failed\n");
goto done;
}
-
+
/* we template is inserted in the doc */
encDataNode = NULL;
-
+
/* print encrypted data with document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(encCtx != NULL) {
if(encDataNode != NULL) {
xmlFreeNode(encDataNode);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
@echo off
-REM
-REM This is my personal configuration file.
+REM
+REM This is my personal configuration file.
REM I am lazy to type all this crap again and again
REM You are welcome to customize this file for your
REM needs but do not check it into the GitHub, please.
REM
REM Aleksey Sanin <aleksey@aleksey.com>
-REM
+REM
SET XMLSEC_PREFIX=C:\cygwin\home\local
SET XMLSEC_INCLUDE=%XMLSEC_PREFIX%\include
-/**
+/**
* XML Security Library example: Signing a template file.
- *
+ *
* Signs a template file using a key from PEM file
- *
- * Usage:
- * ./sign1 <xml-tmpl> <pem-key>
+ *
+ * Usage:
+ * ./sign1 <xml-tmpl> <pem-key>
*
* Example:
* ./sign1 sign1-tmpl.xml rsakey.pem > sign1-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int sign_file(const char* tmpl_file, const char* key_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+#endif /* XMLSEC_NO_XSLT */
/* Init xmlsec library */
if(xmlSecInit() < 0) {
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(sign_file(argv[1], argv[2]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
-/**
+/**
* sign_file:
* @tmpl_file: the signature template file name.
* @key_file: the PEM private key file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
sign_file(const char* tmpl_file, const char* key_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(tmpl_file);
assert(key_file);
doc = xmlParseFile(tmpl_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
- goto done;
+ goto done;
}
/* create signature context, we don't need keys manager in this example */
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
+ if(xmlSecKeySetName(dsigCtx->signKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: signature failed\n");
goto done;
}
-
+
/* print signed document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
-/**
+/**
* XML Security Library example: Signing a file with a dynamicaly created template.
- *
+ *
* Signs a file using a dynamicaly created template and key from PEM file.
* The signature has one reference with one enveloped transform to sign
* the whole document except the <dsig:Signature/> node itself.
- *
- * Usage:
- * sign2 <xml-doc> <pem-key>
+ *
+ * Usage:
+ * sign2 <xml-doc> <pem-key>
*
* Example:
* ./sign2 sign2-doc.xml rsakey.pem > sign2-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int sign_file(const char* xml_file, const char* key_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(sign_file(argv[1], argv[2]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
-/**
+/**
* sign_file:
* @xml_file: the XML file name.
* @key_file: the PEM private key file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
sign_file(const char* xml_file, const char* key_file) {
xmlDocPtr doc = NULL;
xmlNodePtr signNode = NULL;
xmlNodePtr keyInfoNode = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(xml_file);
assert(key_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* create signature template for RSA-SHA1 enveloped signature */
signNode = xmlSecTmplSignatureCreate(doc, xmlSecTransformExclC14NId,
xmlSecTransformRsaSha1Id, NULL);
if(signNode == NULL) {
fprintf(stderr, "Error: failed to create signature template\n");
- goto done;
+ goto done;
}
/* add <dsig:Signature/> node to the doc */
xmlAddChild(xmlDocGetRootElement(doc), signNode);
-
+
/* add reference */
refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id,
NULL, NULL, NULL);
if(refNode == NULL) {
fprintf(stderr, "Error: failed to add reference to signature template\n");
- goto done;
+ goto done;
}
/* add enveloped transform */
if(xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId) == NULL) {
fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
- goto done;
+ goto done;
}
-
+
/* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to put key name in the signed document */
keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL);
if(keyInfoNode == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) {
fprintf(stderr, "Error: failed to add key name\n");
- goto done;
+ goto done;
}
/* create signature context, we don't need keys manager in this example */
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
+ if(xmlSecKeySetName(dsigCtx->signKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: signature failed\n");
goto done;
}
-
+
/* print signed document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
-/**
+/**
* XML Security Library example: Signing a file with a dynamicaly created template and an X509 certificate.
- *
+ *
* Signs a file using a dynamicaly created template, key from PEM file and
- * an X509 certificate. The signature has one reference with one enveloped
- * transform to sign the whole document except the <dsig:Signature/> node
+ * an X509 certificate. The signature has one reference with one enveloped
+ * transform to sign the whole document except the <dsig:Signature/> node
* itself. The key certificate is written in the <dsig:X509Data/> node.
- *
- * This example was developed and tested with OpenSSL crypto library. The
+ *
+ * This example was developed and tested with OpenSSL crypto library. The
* certificates management policies for another crypto library may break it.
- *
- * Usage:
- * sign3 <xml-doc> <pem-key>
+ *
+ * Usage:
+ * sign3 <xml-doc> <pem-key>
*
* Example:
* ./sign3 sign3-doc.xml rsakey.pem rsacert.pem > sign3-res.xml
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int sign_file(const char* xml_file, const char* key_file, const char* cert_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(sign_file(argv[1], argv[2], argv[3]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
-/**
+/**
* sign_file:
* @xml_file: the XML file name.
* @key_file: the PEM private key file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
sign_file(const char* xml_file, const char* key_file, const char* cert_file) {
xmlDocPtr doc = NULL;
xmlNodePtr signNode = NULL;
xmlNodePtr x509DataNode = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(xml_file);
assert(key_file);
assert(cert_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* create signature template for RSA-SHA1 enveloped signature */
signNode = xmlSecTmplSignatureCreate(doc, xmlSecTransformExclC14NId,
xmlSecTransformRsaSha1Id, NULL);
if(signNode == NULL) {
fprintf(stderr, "Error: failed to create signature template\n");
- goto done;
+ goto done;
}
/* add <dsig:Signature/> node to the doc */
xmlAddChild(xmlDocGetRootElement(doc), signNode);
-
+
/* add reference */
refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id,
NULL, NULL, NULL);
if(refNode == NULL) {
fprintf(stderr, "Error: failed to add reference to signature template\n");
- goto done;
+ goto done;
}
/* add enveloped transform */
if(xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId) == NULL) {
fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
- goto done;
+ goto done;
}
-
+
/* add <dsig:KeyInfo/> and <dsig:X509Data/> */
keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL);
if(keyInfoNode == NULL) {
fprintf(stderr, "Error: failed to add key info\n");
- goto done;
+ goto done;
}
-
+
x509DataNode = xmlSecTmplKeyInfoAddX509Data(keyInfoNode);
if(x509DataNode == NULL) {
fprintf(stderr, "Error: failed to add X509Data node\n");
- goto done;
+ goto done;
}
if(xmlSecTmplX509DataAddSubjectName(x509DataNode) == NULL) {
fprintf(stderr,"Error: failed to load private pem key from \"%s\"\n", key_file);
goto done;
}
-
+
/* load certificate and add to the key */
if(xmlSecCryptoAppKeyCertLoad(dsigCtx->signKey, cert_file, xmlSecKeyDataFormatPem) < 0) {
fprintf(stderr,"Error: failed to load pem certificate \"%s\"\n", cert_file);
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
+ if(xmlSecKeySetName(dsigCtx->signKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: signature failed\n");
goto done;
}
-
+
/* print signed document to stdout */
xmlDocDump(stdout, doc);
-
+
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
-/**
+/**
* XML Security Library example: Verifying a file using a single key.
*
* Verifies a file using a key from PEM file.
- *
- * Usage:
- * verify1 <signed-file> <pem-key>
+ *
+ * Usage:
+ * verify1 <signed-file> <pem-key>
*
* Example:
* ./verify1 sign1-res.xml rsapub.pem
* ./verify1 sign2-res.xml rsapub.pem
- *
+ *
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int verify_file(const char* xml_file, const char* key_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(verify_file(argv[1], argv[2]) < 0) {
return(-1);
- }
-
+ }
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
-/**
+/**
* verify_file:
* @xml_file: the signed XML file name.
* @key_file: the PEM public key file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
verify_file(const char* xml_file, const char* key_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(xml_file);
assert(key_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
/* create signature context, we don't need keys manager in this example */
}
/* set key name to the file name, this is just an example! */
- if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
+ if(xmlSecKeySetName(dsigCtx->signKey, BAD_CAST key_file) < 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
fprintf(stderr,"Error: signature verify\n");
goto done;
}
-
+
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
fprintf(stdout, "Signature is OK\n");
} else {
fprintf(stdout, "Signature is INVALID\n");
- }
+ }
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
-/**
+/**
* XML Security Library example: Verifying a file using keys manager.
*
* Verifies a file using keys manager
- *
- * Usage:
+ *
+ * Usage:
* verify2 <signed-file> <public-pem-key1> [<public-pem-key2> [...]]
*
* Example:
* ./verify2 sign1-res.xml rsapub.pem
* ./verify2 sign2-res.xml rsapub.pem
- *
+ *
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr load_keys(char** files, int files_size);
int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
#endif /* XMLSEC_NO_XSLT */
xmlSecKeysMngrPtr mngr;
-
+
assert(argv);
if(argc < 3) {
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(mngr == NULL) {
return(-1);
}
-
+
/* verify file */
if(verify_file(mngr, argv[1]) < 0) {
- xmlSecKeysMngrDestroy(mngr);
+ xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
-
+ }
+
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* Returns the pointer to newly created keys manager or NULL if an error
* occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
load_keys(char** files, int files_size) {
xmlSecKeysMngrPtr mngr;
xmlSecKeyPtr key;
int i;
-
+
assert(files);
assert(files_size > 0);
-
+
/* create and initialize keys manager, we use a simple list based
* keys manager, implement your own xmlSecKeysStore klass if you need
- * something more sophisticated
+ * something more sophisticated
*/
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
- }
-
+ }
+
for(i = 0; i < files_size; ++i) {
assert(files[i]);
xmlSecKeysMngrDestroy(mngr);
return(NULL);
}
-
- /* add key to keys manager, from now on keys manager is responsible
- * for destroying key
+
+ /* add key to keys manager, from now on keys manager is responsible
+ * for destroying key
*/
if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) {
fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
return(mngr);
}
-/**
+/**
* verify_file:
* @mngr: the pointer to keys manager.
* @xml_file: the signed XML file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(xml_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
/* create signature context */
fprintf(stderr,"Error: signature verify\n");
goto done;
}
-
+
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
fprintf(stdout, "Signature is OK\n");
} else {
fprintf(stdout, "Signature is INVALID\n");
- }
+ }
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
/**
* XML Security Library example: Verifying a file signed with X509 certificate
*
- * Verifies a file signed with X509 certificate.
- *
- * This example was developed and tested with OpenSSL crypto library. The
+ * Verifies a file signed with X509 certificate.
+ *
+ * This example was developed and tested with OpenSSL crypto library. The
* certificates management policies for another crypto library may break it.
*
- * Usage:
+ * Usage:
* verify3 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]]
*
* Example:
* ./verify3 sign3-res.xml ca2cert.pem cacert.pem
- *
+ *
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr load_trusted_certs(char** files, int files_size);
int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
#endif /* XMLSEC_NO_XSLT */
xmlSecKeysMngrPtr mngr;
-
+
assert(argv);
if(argc < 3) {
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(mngr == NULL) {
return(-1);
}
-
+
/* verify file */
if(verify_file(mngr, argv[1]) < 0) {
- xmlSecKeysMngrDestroy(mngr);
+ xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
-
+ }
+
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* Returns the pointer to newly created keys manager or NULL if an error
* occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
load_trusted_certs(char** files, int files_size) {
xmlSecKeysMngrPtr mngr;
int i;
-
+
assert(files);
assert(files_size > 0);
-
+
/* create and initialize keys manager, we use a simple list based
* keys manager, implement your own xmlSecKeysStore klass if you need
- * something more sophisticated
+ * something more sophisticated
*/
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
- }
-
+ }
+
for(i = 0; i < files_size; ++i) {
assert(files[i]);
return(mngr);
}
-/**
+/**
* verify_file:
* @mngr: the pointer to keys manager.
* @xml_file: the signed XML file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(xml_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
/* create signature context */
fprintf(stderr,"Error: signature verify\n");
goto done;
}
-
+
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
fprintf(stdout, "Signature is OK\n");
} else {
fprintf(stdout, "Signature is INVALID\n");
- }
+ }
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
-/**
+/**
* XML Security Library example: Verifying a simple SAML response with X509 certificate
*
* Verifies a simple SAML response. In addition to regular verification
* we ensure that the signature has only one <dsig:Reference/> element
* with an empty or NULL URI attribute and one enveloped signature transform
* as it is required by SAML specification.
- *
- * This example was developed and tested with OpenSSL crypto library. The
+ *
+ * This example was developed and tested with OpenSSL crypto library. The
* certificates management policies for another crypto library may break it.
*
- * Usage:
+ * Usage:
* verify4 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]]
*
* Example (success):
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
xmlSecKeysMngrPtr load_trusted_certs(char** files, int files_size);
int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
-int
+int
main(int argc, char **argv) {
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
#endif /* XMLSEC_NO_XSLT */
xmlSecKeysMngrPtr mngr;
-
+
assert(argv);
if(argc < 3) {
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stderr, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(mngr == NULL) {
return(-1);
}
-
+
/* verify file */
if(verify_file(mngr, argv[1]) < 0) {
- xmlSecKeysMngrDestroy(mngr);
+ xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
-
+ }
+
/* destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* Returns the pointer to newly created keys manager or NULL if an error
* occurs.
*/
-xmlSecKeysMngrPtr
+xmlSecKeysMngrPtr
load_trusted_certs(char** files, int files_size) {
xmlSecKeysMngrPtr mngr;
int i;
-
+
assert(files);
assert(files_size > 0);
-
+
/* create and initialize keys manager, we use a simple list based
* keys manager, implement your own xmlSecKeysStore klass if you need
- * something more sophisticated
+ * something more sophisticated
*/
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to initialize keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
- }
-
+ }
+
for(i = 0; i < files_size; ++i) {
assert(files[i]);
return(mngr);
}
-/**
+/**
* verify_file:
* @mngr: the pointer to keys manager.
* @xml_file: the signed XML file name.
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int res = -1;
-
+
assert(mngr);
assert(xml_file);
doc = xmlParseFile(xml_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
- goto done;
+ goto done;
}
/* create signature context */
/* limit the Reference URI attributes to empty or NULL */
dsigCtx->enabledReferenceUris = xmlSecTransformUriTypeEmpty;
-
+
/* limit allowed transforms for signature and reference processing */
if((xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformInclC14NId) < 0) ||
(xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformExclC14NId) < 0) ||
fprintf(stderr,"Error: failed to limit allowed key data\n");
goto done;
}
-
+
/* Verify signature */
if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
fprintf(stderr,"Error: signature verify\n");
}
/* check that we have only one Reference */
- if((dsigCtx->status == xmlSecDSigStatusSucceeded) &&
+ if((dsigCtx->status == xmlSecDSigStatusSucceeded) &&
(xmlSecPtrListGetSize(&(dsigCtx->signedInfoReferences)) != 1)) {
-
+
fprintf(stderr,"Error: only one reference is allowed\n");
goto done;
}
-
+
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
fprintf(stdout, "Signature is OK\n");
} else {
fprintf(stdout, "Signature is INVALID\n");
- }
+ }
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
return(res);
}
-/**
+/**
* XML Security Library example: CGI verification script.
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ *
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
int verify_request(xmlSecKeysMngrPtr mngr);
int url_decode(char *buf, size_t size);
-int
-main(int argc, char **argv) {
+int
+main(int , char **) {
xmlSecKeysMngrPtr mngr;
#ifndef XMLSEC_NO_XSLT
xsltSecurityPrefsPtr xsltSecPrefs = NULL;
#endif /* XMLSEC_NO_XSLT */
-
+
/* start response */
fprintf(stdout, "Content-type: text/plain\n");
fprintf(stdout, "\n");
-
+
/* Init libxml and libxslt libraries */
xmlInitParser();
LIBXML_TEST_VERSION
xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
xmlSubstituteEntitiesDefault(1);
#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
+ xmlIndentTreeOutput = 1;
#endif /* XMLSEC_NO_XSLT */
-
+
/* make sure that we print out everything to stdout */
xmlGenericErrorContext = stdout;
/* Init libxslt */
#ifndef XMLSEC_NO_XSLT
/* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
+ xsltSecPrefs = xsltNewSecurityPrefs();
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
+ xsltSetDefaultSecurityPrefs(xsltSecPrefs);
#endif /* XMLSEC_NO_XSLT */
-
+
/* Init xmlsec library */
if(xmlSecInit() < 0) {
fprintf(stdout, "Error: xmlsec initialization failed.\n");
/* Load default crypto engine if we are supporting dynamic
* loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
+ * name ("openssl", "nss", etc.) to load corresponding
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
fprintf(stdout, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n");
- return(-1);
+ return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) {
fprintf(stdout, "Error: failed to initialize keys manager.\n");
return(-1);
- }
+ }
if(load_keys(mngr, XMLDSIGVERIFY_KEY_AND_CERTS_FOLDER, 0) < 0) {
xmlSecKeysMngrDestroy(mngr);
return(-1);
}
-
+
if(load_trusted_certs(mngr, XMLDSIGVERIFY_KEY_AND_CERTS_FOLDER, 0) < 0) {
xmlSecKeysMngrDestroy(mngr);
return(-1);
if(verify_request(mngr) < 0) {
xmlSecKeysMngrDestroy(mngr);
return(-1);
- }
+ }
/* Destroy keys manager */
xmlSecKeysMngrDestroy(mngr);
-
+
/* Shutdown xmlsec-crypto library */
xmlSecCryptoShutdown();
-
+
/* Shutdown crypto library */
xmlSecCryptoAppShutdown();
-
+
/* Shutdown xmlsec library */
xmlSecShutdown();
/* Shutdown libxslt/libxml */
#ifndef XMLSEC_NO_XSLT
xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
+ xsltCleanupGlobals();
#endif /* XMLSEC_NO_XSLT */
xmlCleanupParser();
-
+
return(0);
}
* load_trusted_certs:
* @mngr: the keys manager.
* @path: the path to a folder that contains trusted certificates.
- *
+ *
* Loads trusted certificates from @path.
*
* Returns 0 on success or a negative value if an error occurs.
- */
+ */
int load_trusted_certs(xmlSecKeysMngrPtr mngr, const char* path, int report_loaded_certs) {
DIR* dir;
struct dirent* entry;
- char filename[256];
+ char filename[2048];
int len;
-
+
assert(mngr);
assert(path);
-
+
dir = opendir(path);
if(dir == NULL) {
fprintf(stdout, "Error: failed to open folder \"%s\".\n", path);
return(-1);
- }
+ }
while((entry = readdir(dir)) != NULL) {
assert(entry->d_name);
len = strlen(entry->d_name);
closedir(dir);
return(-1);
}
- if(report_loaded_certs) {
+ if(report_loaded_certs) {
fprintf(stdout, "Loaded trusted certificate from \"%s\"...\n", filename);
}
} else if((len > 4) && (strcmp(entry->d_name + len - 4, ".der") == 0)) {
closedir(dir);
return(-1);
}
- if(report_loaded_certs) {
+ if(report_loaded_certs) {
fprintf(stdout, "Loaded trusted certificate from \"%s\"...\n", filename);
}
}
fprintf(stdout,"Error: failed to load keys from \"%s\"\n", filename);
return(-1);
}
-
+
if(report_loaded_keys) {
fprintf(stdout, "Loaded keys from \"%s\"...\n", filename);
}
}
-/**
+/**
* verify_request:
* @mng: the keys manager
*
*
* Returns 0 on success or a negative value if an error occurs.
*/
-int
+int
verify_request(xmlSecKeysMngrPtr mngr) {
xmlBufferPtr buffer = NULL;
- char buf[256];
+ xmlSecByte buf[256];
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
int ret;
int res = -1;
-
+
assert(mngr);
- /* load request in the buffer */
+ /* load request in the buffer */
buffer = xmlBufferCreate();
if(buffer == NULL) {
fprintf(stdout,"Error: failed to create buffer\n");
- goto done;
+ goto done;
}
-
+
while(!feof(stdin)) {
ret = fread(buf, 1, sizeof(buf), stdin);
if(ret < 0) {
fprintf(stdout,"Error: read failed\n");
- goto done;
+ goto done;
}
- xmlBufferAdd(buffer, buf, ret);
+ xmlBufferAdd(buffer, buf, (xmlSecSize)ret);
}
/* is the document submitted from the form? */
if(strncmp((char*)xmlBufferContent(buffer), "_xmldoc=", 8) == 0) {
xmlBufferShrink(buffer, 8);
- buffer->use = url_decode((char*)xmlBufferContent(buffer), xmlBufferLength(buffer));
+ buffer->use = url_decode((char*)xmlBufferContent(buffer), xmlBufferLength(buffer));
}
-
- /**
- * Load doc
+
+ /**
+ * Load doc
*/
- doc = xmlReadMemory(xmlBufferContent(buffer), xmlBufferLength(buffer),
- NULL, NULL,
- XML_PARSE_NOENT | XML_PARSE_NOCDATA |
+ xmlSecParserSetDefaultOptions(XML_PARSE_NOENT | XML_PARSE_NOCDATA |
XML_PARSE_PEDANTIC | XML_PARSE_NOCDATA);
+ doc = xmlReadMemory((const char*)xmlBufferContent(buffer), xmlBufferLength(buffer),
+ NULL, NULL, xmlSecParserGetDefaultOptions());
if (doc == NULL) {
fprintf(stdout, "Error: unable to parse xml document (syntax error)\n");
goto done;
}
-
+
/*
* Check the document is of the right kind
- */
+ */
if(xmlDocGetRootElement(doc) == NULL) {
fprintf(stdout,"Error: empty document\n");
goto done;
}
-
+
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
if(node == NULL) {
fprintf(stdout, "Error: start <dsig:Signature/> node not found\n");
- goto done;
+ goto done;
}
/* create signature context */
fprintf(stdout,"Error: failed to create signature context\n");
goto done;
}
-
+
/* we would like to store and print out everything */
/* actually we would not because it opens a security hole
dsigCtx->flags = XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES |
fprintf(stdout,"Error: signature verification failed\n");
goto done;
}
-
+
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
fprintf(stdout, "RESULT: Signature is OK\n");
} else {
fprintf(stdout, "RESULT: Signature is INVALID\n");
- }
+ }
fprintf(stdout, "---------------------------------------------------\n");
xmlSecDSigCtxDebugDump(dsigCtx, stdout);
/* success */
res = 0;
-done:
+done:
/* cleanup */
if(dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
}
-
+
if(doc != NULL) {
- xmlFreeDoc(doc);
+ xmlFreeDoc(doc);
}
-
+
if(buffer != NULL) {
xmlBufferFree(buffer);
}
/* not the best way to do it */
#define toHex(c) ( ( ('0' <= (c)) && ((c) <= '9') ) ? (c) - '0' : \
- ( ( ('A' <= (c)) && ((c) <= 'F') ) ? (c) - 'A' + 10 : 0 ) )
+ ( ( ('A' <= (c)) && ((c) <= 'F') ) ? (c) - 'A' + 10 : 0 ) )
/**
* url_decode:
* @size: the input buffer size.
*
* Does url decoding in-place.
- *
- * Returns length of the decoded result on success or
+ *
+ * Returns length of the decoded result on success or
* a negative value if an error occurs.
*/
int url_decode(char *buf, size_t size) {
- char *p1, *p2;
-
+ size_t ii, jj;
+ char ch;
+
assert(buf);
-
- p1 = p2 = buf;
- while(p1 - buf < size) {
- if(((*p1) == '%') && ((p1 - buf) <= (size - 3))) {
- *(p2++) = (char)(toHex(p1[1]) * 16 + toHex(p1[2]));
- p1 += 3;
- } else if((*p1) == '+') {
- *(p2++) = ' ';
- p1++;
- } else {
- *(p2++) = *(p1++);
+
+ for(ii = jj = 0; ii < size; ++ii, ++jj) {
+ ch = buf[ii];
+ if((ch == '%') && ((ii + 2) < size)) {
+ buf[jj] = (char)(toHex(buf[ii + 1]) * 16 + toHex(buf[ii + 2]));
+ ii += 2;
+ } else if(ch == '+') {
+ buf[jj] = ' ';
+ } else if(ii != jj){
+ buf[jj] = buf[ii];
}
}
- return(p2 - buf);
+ return((int)jj);
}
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = include
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+ ctags-recursive dvi-recursive html-recursive info-recursive \
+ install-data-recursive install-dvi-recursive \
+ install-exec-recursive install-html-recursive \
+ install-info-recursive install-pdf-recursive \
+ install-ps-recursive install-recursive installcheck-recursive \
+ installdirs-recursive pdf-recursive ps-recursive \
+ tags-recursive uninstall-recursive
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+am__recursive_targets = \
+ $(RECURSIVE_TARGETS) \
+ $(RECURSIVE_CLEAN_TARGETS) \
+ $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
+ distdir distdir-am
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+am__relativize = \
+ dir0=`pwd`; \
+ sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+ sed_rest='s,^[^/]*/*,,'; \
+ sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+ sed_butlast='s,/*[^/]*$$,,'; \
+ while test -n "$$dir1"; do \
+ first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+ if test "$$first" != "."; then \
+ if test "$$first" = ".."; then \
+ dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+ dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+ else \
+ first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+ if test "$$first2" = "$$first"; then \
+ dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+ else \
+ dir2="../$$dir2"; \
+ fi; \
+ dir0="$$dir0"/"$$first"; \
+ fi; \
+ fi; \
+ dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+ done; \
+ reldir="$$dir2"
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+SUBDIRS = xmlsec
+all: all-recursive
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign include/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+# (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+ @fail=; \
+ if $(am__make_keepgoing); then \
+ failcom='fail=yes'; \
+ else \
+ failcom='exit 1'; \
+ fi; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-recursive
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-recursive
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-recursive
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+ @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ $(am__make_dryrun) \
+ || test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+ $(am__relativize); \
+ new_distdir=$$reldir; \
+ dir1=$$subdir; dir2="$(top_distdir)"; \
+ $(am__relativize); \
+ new_top_distdir=$$reldir; \
+ echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
+ echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
+ ($(am__cd) $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$new_top_distdir" \
+ distdir="$$new_distdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ am__skip_mode_fix=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-recursive
+all-am: Makefile
+installdirs: installdirs-recursive
+installdirs-am:
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+html-am:
+
+info: info-recursive
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-recursive
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-recursive
+
+install-html-am:
+
+install-info: install-info-recursive
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-pdf-am:
+
+install-ps: install-ps-recursive
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: $(am__recursive_targets) install-am install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \
+ check-am clean clean-generic clean-libtool cscopelist-am ctags \
+ ctags-am distclean distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ installdirs-am maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+ ps ps-am tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
## Process this file with automake to produce Makefile.in
NULL =
-SUBDIRS = private $(XMLSEC_CRYPTO_LIST)
+SUBDIRS = $(XMLSEC_CRYPTO_LIST)
EXTRA_DIST = skeleton mscrypto $(XMLSEC_CRYPTO_DISABLED_LIST)
xmlsecincdir = $(includedir)/xmlsec1/xmlsec
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@XMLSEC_ENABLE_SOAP_TRUE@am__append_1 = soap.h
+subdir = include/xmlsec
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__xmlsecinc_HEADERS_DIST) \
+ $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES = version.h
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+ ctags-recursive dvi-recursive html-recursive info-recursive \
+ install-data-recursive install-dvi-recursive \
+ install-exec-recursive install-html-recursive \
+ install-info-recursive install-pdf-recursive \
+ install-ps-recursive install-recursive installcheck-recursive \
+ installdirs-recursive pdf-recursive ps-recursive \
+ tags-recursive uninstall-recursive
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__xmlsecinc_HEADERS_DIST = app.h base64.h bn.h buffer.h crypto.h \
+ dl.h errors.h exports.h io.h keyinfo.h keysdata.h keys.h \
+ keysmngr.h list.h membuf.h nodeset.h parser.h private.h \
+ strings.h templates.h transforms.h version.h x509.h xmldsig.h \
+ xmlenc.h xmlsec.h xmltree.h soap.h
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(xmlsecincdir)"
+HEADERS = $(xmlsecinc_HEADERS)
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+am__recursive_targets = \
+ $(RECURSIVE_TARGETS) \
+ $(RECURSIVE_CLEAN_TARGETS) \
+ $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
+ distdir distdir-am
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/version.h.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+am__relativize = \
+ dir0=`pwd`; \
+ sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+ sed_rest='s,^[^/]*/*,,'; \
+ sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+ sed_butlast='s,/*[^/]*$$,,'; \
+ while test -n "$$dir1"; do \
+ first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+ if test "$$first" != "."; then \
+ if test "$$first" = ".."; then \
+ dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+ dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+ else \
+ first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+ if test "$$first2" = "$$first"; then \
+ dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+ else \
+ dir2="../$$dir2"; \
+ fi; \
+ dir0="$$dir0"/"$$first"; \
+ fi; \
+ fi; \
+ dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+ done; \
+ reldir="$$dir2"
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+SUBDIRS = $(XMLSEC_CRYPTO_LIST)
+EXTRA_DIST = skeleton mscrypto $(XMLSEC_CRYPTO_DISABLED_LIST)
+xmlsecincdir = $(includedir)/xmlsec1/xmlsec
+xmlsecinc_HEADERS = app.h base64.h bn.h buffer.h crypto.h dl.h \
+ errors.h exports.h io.h keyinfo.h keysdata.h keys.h keysmngr.h \
+ list.h membuf.h nodeset.h parser.h private.h strings.h \
+ templates.h transforms.h version.h x509.h xmldsig.h xmlenc.h \
+ xmlsec.h xmltree.h $(NULL) $(am__append_1)
+all: all-recursive
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/xmlsec/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign include/xmlsec/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+version.h: $(top_builddir)/config.status $(srcdir)/version.h.in
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-xmlsecincHEADERS: $(xmlsecinc_HEADERS)
+ @$(NORMAL_INSTALL)
+ @list='$(xmlsecinc_HEADERS)'; test -n "$(xmlsecincdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(xmlsecincdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(xmlsecincdir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(xmlsecincdir)'"; \
+ $(INSTALL_HEADER) $$files "$(DESTDIR)$(xmlsecincdir)" || exit $$?; \
+ done
+
+uninstall-xmlsecincHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(xmlsecinc_HEADERS)'; test -n "$(xmlsecincdir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ dir='$(DESTDIR)$(xmlsecincdir)'; $(am__uninstall_files_from_dir)
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+# (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+ @fail=; \
+ if $(am__make_keepgoing); then \
+ failcom='fail=yes'; \
+ else \
+ failcom='exit 1'; \
+ fi; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-recursive
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-recursive
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-recursive
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+ @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ $(am__make_dryrun) \
+ || test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+ $(am__relativize); \
+ new_distdir=$$reldir; \
+ dir1=$$subdir; dir2="$(top_distdir)"; \
+ $(am__relativize); \
+ new_top_distdir=$$reldir; \
+ echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
+ echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
+ ($(am__cd) $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$new_top_distdir" \
+ distdir="$$new_distdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ am__skip_mode_fix=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-recursive
+all-am: Makefile $(HEADERS)
+installdirs: installdirs-recursive
+installdirs-am:
+ for dir in "$(DESTDIR)$(xmlsecincdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+html-am:
+
+info: info-recursive
+
+info-am:
+
+install-data-am: install-xmlsecincHEADERS
+
+install-dvi: install-dvi-recursive
+
+install-dvi-am:
+
+install-exec-am:
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-html: install-html-recursive
+
+install-html-am:
+
+install-info: install-info-recursive
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-pdf-am:
+
+install-ps: install-ps-recursive
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am: uninstall-xmlsecincHEADERS
+
+.MAKE: $(am__recursive_targets) install-am install-exec-am \
+ install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \
+ check-am clean clean-generic clean-libtool cscopelist-am ctags \
+ ctags-am distclean distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-exec-hook \
+ install-html install-html-am install-info install-info-am \
+ install-man install-pdf install-pdf-am install-ps \
+ install-ps-am install-strip install-xmlsecincHEADERS \
+ installcheck installcheck-am installdirs installdirs-am \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-am uninstall uninstall-am uninstall-xmlsecincHEADERS
+
+.PRECIOUS: Makefile
+
+
+remove-old-headers:
+ @if test "x$(DESTDIR)" = "x" && test -d "$(includedir)/xmlsec"; then \
+ echo "----------------------------------------------------------------------"; \
+ echo; \
+ echo "*** WARNING ***:"; \
+ echo; \
+ echo "You seem to have old xmlsec header files installed in:"; \
+ echo; \
+ echo " \"$(includedir)/xmlsec\""; \
+ echo; \
+ echo "The entire directory will be removed now."; \
+ echo "To allow parallel installation of different xmlsec library versions,"; \
+ echo "the header files are now installed in a version specific subdirectory:"; \
+ echo; \
+ echo " \"$(xmlsecincdir)\""; \
+ echo; \
+ echo "----------------------------------------------------------------------"; \
+ echo; \
+ rm -rf "$(includedir)/xmlsec"; \
+ fi
+
+install-exec-hook: remove-old-headers
+ $(mkinstalldirs) $(DESTDIR)$(xmlsecincdir)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_APP_H__
#define __XMLSEC_APP_H__
#include <libxml/tree.h>
#include <libxml/xmlIO.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keysdata.h>
#include <xmlsec/keys.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_BASE64_H__
#define __XMLSEC_BASE64_H__
#include <libxml/tree.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/transforms.h>
int encode,
int columns);
XMLSEC_EXPORT void xmlSecBase64CtxFinalize (xmlSecBase64CtxPtr ctx);
-XMLSEC_EXPORT int xmlSecBase64CtxUpdate (xmlSecBase64CtxPtr ctx,
- const xmlSecByte *in,
+XMLSEC_EXPORT int xmlSecBase64CtxUpdate_ex (xmlSecBase64CtxPtr ctx,
+ const xmlSecByte* in,
xmlSecSize inSize,
- xmlSecByte *out,
- xmlSecSize outSize);
-XMLSEC_EXPORT int xmlSecBase64CtxFinal (xmlSecBase64CtxPtr ctx,
- xmlSecByte *out,
- xmlSecSize outSize);
+ xmlSecByte* out,
+ xmlSecSize outSize,
+ xmlSecSize* outWritten);
+
+XMLSEC_EXPORT int xmlSecBase64CtxFinal_ex (xmlSecBase64CtxPtr ctx,
+ xmlSecByte* out,
+ xmlSecSize outSize,
+ xmlSecSize* outWritten);
/* Standalone routines to do base64 encode/decode "at once" */
-XMLSEC_EXPORT xmlChar* xmlSecBase64Encode (const xmlSecByte *buf,
- xmlSecSize len,
+XMLSEC_EXPORT xmlChar* xmlSecBase64Encode (const xmlSecByte* in,
+ xmlSecSize inSize,
int columns);
-XMLSEC_EXPORT int xmlSecBase64Decode (const xmlChar* str,
- xmlSecByte *buf,
- xmlSecSize len);
+XMLSEC_EXPORT int xmlSecBase64Decode_ex (const xmlChar* str,
+ xmlSecByte* out,
+ xmlSecSize outSize,
+ xmlSecSize* outWritten);
+XMLSEC_EXPORT int xmlSecBase64DecodeInPlace (xmlChar* str,
+ xmlSecSize* outWritten);
+/* These functions are deprecated and will be removed in the future. */
+XMLSEC_DEPRECATED XMLSEC_EXPORT int xmlSecBase64CtxUpdate (xmlSecBase64CtxPtr ctx,
+ const xmlSecByte* in,
+ xmlSecSize inSize,
+ xmlSecByte* out,
+ xmlSecSize outSize);
+XMLSEC_DEPRECATED XMLSEC_EXPORT int xmlSecBase64CtxFinal (xmlSecBase64CtxPtr ctx,
+ xmlSecByte* out,
+ xmlSecSize outSize);
+XMLSEC_DEPRECATED XMLSEC_EXPORT int xmlSecBase64Decode (const xmlChar* str,
+ xmlSecByte* out,
+ xmlSecSize outSize);
#ifdef __cplusplus
}
#endif /* __cplusplus */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_BN_H__
#define __XMLSEC_BN_H__
#include <libxml/tree.h>
+
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_BUFFER_H__
#define __XMLSEC_BUFFER_H__
#include <libxml/tree.h>
+
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#ifdef __cplusplus
xmlSecSize size);
XMLSEC_EXPORT int xmlSecBufferRemoveTail (xmlSecBufferPtr buf,
xmlSecSize size);
-
+XMLSEC_EXPORT int xmlSecBufferReverse (xmlSecBufferPtr buf);
XMLSEC_EXPORT int xmlSecBufferReadFile (xmlSecBufferPtr buf,
const char* filename);
-
XMLSEC_EXPORT int xmlSecBufferBase64NodeContentRead(xmlSecBufferPtr buf,
xmlNodePtr node);
XMLSEC_EXPORT int xmlSecBufferBase64NodeContentWrite(xmlSecBufferPtr buf,
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_CRYPTO_H__
#define __XMLSEC_CRYPTO_H__
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_DL_H__
#define __XMLSEC_DL_H__
#include <libxml/tree.h>
#include <libxml/xmlIO.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keysdata.h>
#include <xmlsec/keys.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_ERRORS_H__
#define __XMLSEC_ERRORS_H__
+#include <xmlsec/exports.h>
+
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
#define XMLSEC_ERRORS_R_ASSERTION 100
/**
+ * XMLSEC_ERRORS_R_CAST_IMPOSSIBLE:
+ *
+ * Impossible to cast from one type to another.
+ */
+#define XMLSEC_ERROR_R_CAST_IMPOSSIBLE 101
+
+/**
* XMLSEC_ERRORS_MAX_NUMBER:
*
* The maximum xmlsec errors number.
+#if !defined(__XMLSEC_FUNCTION__)
+
/* __FUNCTION__ is defined for MSC compiler < MS VS .NET 2003 */
#if defined(_MSC_VER) && (_MSC_VER >= 1300)
#define __XMLSEC_FUNCTION__ __FUNCTION__
-#endif /* _MSC_VER */
+
+/* and for GCC too */
+#elif defined(__GNUC__)
+#define __XMLSEC_FUNCTION__ __func__
/* fallback for __FUNCTION__ */
-#if !defined(__XMLSEC_FUNCTION__)
+#else
#define __XMLSEC_FUNCTION__ ""
+#endif
+
#endif /*!defined(__XMLSEC_FUNCTION__) */
/**
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_EXPORTS_H__
#define __XMLSEC_EXPORTS_H__
extern "C" {
#endif /* __cplusplus */
-/* Now, the export orgy begins. The following we must do for the
- Windows platform with MSVC compiler. */
+/* There are many variations of Windows */
+#if !defined(XMLSEC_WINDOWS)
+
+#if defined(WIN32) || defined(_WIN32) || defined(WINDOWS) || defined(_WINDOWS)
+#define XMLSEC_WINDOWS 1
+#elif defined(_MSC_VER)
+#define XMLSEC_WINDOWS 1
+#elif defined(__MINGW32__) || defined(__MINGW64__)
+#define XMLSEC_WINDOWS 1
+#elif defined(__CYGWIN__)
+#define XMLSEC_WINDOWS 1
+#endif /* */
+
+#endif /* !defined(XMLSEC_WINDOWS) */
+
+/* Now, the export fun begins. The following we must do for the
+ Windows platform. */
#if !defined XMLSEC_EXPORT
-# if defined(_WIN32)
+# if defined(XMLSEC_WINDOWS)
/* if we compile libxmlsec itself: */
# if defined(IN_XMLSEC)
# if !defined(XMLSEC_STATIC)
# define XMLSEC_EXPORT extern
# endif
/* if a client program includes this file: */
-# else
-#if 1
- /* gcc fail by initialisation of global variable with error
- (as example in .../openssl/ciphers.c):
- "initializer element is not constant"
- To avoid this we shouldn't use __declspec(dllimport).
- This will enable auto-import feature. */
-# define XMLSEC_EXPORT
-#else
+# else /* defined(IN_XMLSEC) */
# if !defined(XMLSEC_STATIC)
# define XMLSEC_EXPORT __declspec(dllimport)
# else
-# define XMLSEC_EXPORT
+# define XMLSEC_EXPORT extern
# endif
-#endif
-# endif
+# endif /* defined(IN_XMLSEC) */
/* This holds on all other platforms/compilers, which are easier to
handle in regard to this. */
-# else
+# else /* defined(XMLSEC_WINDOWS) */
# define XMLSEC_EXPORT
-# endif
-#endif
+# endif /* defined(XMLSEC_WINDOWS) */
+#endif /* !defined XMLSEC_EXPORT */
#if !defined XMLSEC_CRYPTO_EXPORT
-# if defined(_WIN32)
+# if defined(XMLSEC_WINDOWS)
/* if we compile libxmlsec itself: */
# if defined(IN_XMLSEC_CRYPTO)
# if !defined(XMLSEC_STATIC)
# define XMLSEC_CRYPTO_EXPORT extern
# endif
/* if a client program includes this file: */
-# else
+# else /* defined(IN_XMLSEC_CRYPTO) */
# if !defined(XMLSEC_STATIC)
# define XMLSEC_CRYPTO_EXPORT __declspec(dllimport)
# else
-# define XMLSEC_CRYPTO_EXPORT
+# define XMLSEC_CRYPTO_EXPORT extern
# endif
-# endif
+# endif /* defined(IN_XMLSEC_CRYPTO) */
/* This holds on all other platforms/compilers, which are easier to
handle in regard to this. */
-# else
+# else /* defined(XMLSEC_WINDOWS) */
# define XMLSEC_CRYPTO_EXPORT
-# endif
-#endif
+# endif /* defined(XMLSEC_WINDOWS) */
+#endif /* !defined XMLSEC_CRYPTO_EXPORT */
#if !defined XMLSEC_EXPORT_VAR
-# if defined(_WIN32)
+# if defined(XMLSEC_WINDOWS)
/* if we compile libxmlsec itself: */
# if defined(IN_XMLSEC)
# if !defined(XMLSEC_STATIC)
# endif
/* This holds on all other platforms/compilers, which are easier to
handle in regard to this. */
-# else
+# else /* defined(XMLSEC_WINDOWS) */
# define XMLSEC_EXPORT_VAR extern
-# endif
+# endif /* defined(XMLSEC_WINDOWS) */
#endif
#ifdef __cplusplus
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = include/xmlsec/gcrypt
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(xmlsecgcryptinc_HEADERS) \
+ $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(xmlsecgcryptincdir)"
+HEADERS = $(xmlsecgcryptinc_HEADERS)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+xmlsecgcryptincdir = $(includedir)/xmlsec1/xmlsec/gcrypt
+xmlsecgcryptinc_HEADERS = \
+app.h \
+crypto.h \
+symbols.h \
+$(NULL)
+
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/xmlsec/gcrypt/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign include/xmlsec/gcrypt/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-xmlsecgcryptincHEADERS: $(xmlsecgcryptinc_HEADERS)
+ @$(NORMAL_INSTALL)
+ @list='$(xmlsecgcryptinc_HEADERS)'; test -n "$(xmlsecgcryptincdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(xmlsecgcryptincdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(xmlsecgcryptincdir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(xmlsecgcryptincdir)'"; \
+ $(INSTALL_HEADER) $$files "$(DESTDIR)$(xmlsecgcryptincdir)" || exit $$?; \
+ done
+
+uninstall-xmlsecgcryptincHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(xmlsecgcryptinc_HEADERS)'; test -n "$(xmlsecgcryptincdir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ dir='$(DESTDIR)$(xmlsecgcryptincdir)'; $(am__uninstall_files_from_dir)
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(xmlsecgcryptincdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-xmlsecgcryptincHEADERS
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-xmlsecgcryptincHEADERS
+
+.MAKE: install-am install-exec-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libtool cscopelist-am ctags ctags-am distclean \
+ distclean-generic distclean-libtool distclean-tags distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-exec-hook install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip install-xmlsecgcryptincHEADERS installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+ uninstall-am uninstall-xmlsecgcryptincHEADERS
+
+.PRECIOUS: Makefile
+
+
+install-exec-hook:
+ $(mkinstalldirs) $(DESTDIR)$(xmlsecgcryptincdir)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GCRYPT_APP_H__
#define __XMLSEC_GCRYPT_APP_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/keysmngr.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GCRYPT_CRYPTO_H__
#define __XMLSEC_GCRYPT_CRYPTO_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
*******************************************************************/
#ifndef XMLSEC_NO_HMAC
-XMLSEC_CRYPTO_EXPORT int xmlSecGCryptHmacGetMinOutputLength(void);
-XMLSEC_CRYPTO_EXPORT void xmlSecGCryptHmacSetMinOutputLength(int min_length);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT int xmlSecGCryptHmacGetMinOutputLength(void);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT void xmlSecGCryptHmacSetMinOutputLength(int min_length);
/**
* xmlSecGCryptKeyDataHmacId:
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GCRYPT_SYMBOLS_H__
#define __XMLSEC_GCRYPT_SYMBOLS_H__
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = include/xmlsec/gnutls
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(xmlsecgnutlsinc_HEADERS) \
+ $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(xmlsecgnutlsincdir)"
+HEADERS = $(xmlsecgnutlsinc_HEADERS)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+xmlsecgnutlsincdir = $(includedir)/xmlsec1/xmlsec/gnutls
+xmlsecgnutlsinc_HEADERS = \
+app.h \
+crypto.h \
+symbols.h \
+x509.h \
+$(NULL)
+
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/xmlsec/gnutls/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign include/xmlsec/gnutls/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-xmlsecgnutlsincHEADERS: $(xmlsecgnutlsinc_HEADERS)
+ @$(NORMAL_INSTALL)
+ @list='$(xmlsecgnutlsinc_HEADERS)'; test -n "$(xmlsecgnutlsincdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(xmlsecgnutlsincdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(xmlsecgnutlsincdir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(xmlsecgnutlsincdir)'"; \
+ $(INSTALL_HEADER) $$files "$(DESTDIR)$(xmlsecgnutlsincdir)" || exit $$?; \
+ done
+
+uninstall-xmlsecgnutlsincHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(xmlsecgnutlsinc_HEADERS)'; test -n "$(xmlsecgnutlsincdir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ dir='$(DESTDIR)$(xmlsecgnutlsincdir)'; $(am__uninstall_files_from_dir)
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(xmlsecgnutlsincdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-xmlsecgnutlsincHEADERS
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-xmlsecgnutlsincHEADERS
+
+.MAKE: install-am install-exec-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libtool cscopelist-am ctags ctags-am distclean \
+ distclean-generic distclean-libtool distclean-tags distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-exec-hook install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip install-xmlsecgnutlsincHEADERS installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+ uninstall-am uninstall-xmlsecgnutlsincHEADERS
+
+.PRECIOUS: Makefile
+
+
+install-exec-hook:
+ $(mkinstalldirs) $(DESTDIR)$(xmlsecgnutlsincdir)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GNUTLS_APP_H__
#define __XMLSEC_GNUTLS_APP_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/keysmngr.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GNUTLS_CRYPTO_H__
#define __XMLSEC_GNUTLS_CRYPTO_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
*******************************************************************/
#ifndef XMLSEC_NO_HMAC
-XMLSEC_CRYPTO_EXPORT int xmlSecGnuTLSHmacGetMinOutputLength(void);
-XMLSEC_CRYPTO_EXPORT void xmlSecGnuTLSHmacSetMinOutputLength(int min_length);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT int xmlSecGnuTLSHmacGetMinOutputLength(void);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT void xmlSecGnuTLSHmacSetMinOutputLength(int min_length);
/**
* xmlSecGnuTLSKeyDataHmacId:
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GNUTLS_SYMBOLS_H__
#define __XMLSEC_GNUTLS_SYMBOLS_H__
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GNUTLS_X509_H__
#define __XMLSEC_GNUTLS_X509_H__
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
const xmlChar *issuerSerial,
const xmlChar *ski,
const xmlSecKeyInfoCtx* keyInfoCtx);
+XMLSEC_CRYPTO_EXPORT gnutls_x509_crt_t xmlSecGnuTLSX509StoreFindCert_ex(const xmlSecKeyDataStorePtr store,
+ const xmlChar *subjectName,
+ const xmlChar *issuerName,
+ const xmlChar *issuerSerial,
+ const xmlSecByte * ski,
+ xmlSecSize skiSize,
+ const xmlSecKeyInfoCtx* keyInfoCtx);
XMLSEC_CRYPTO_EXPORT gnutls_x509_crt_t xmlSecGnuTLSX509StoreVerify (xmlSecKeyDataStorePtr store,
xmlSecPtrListPtr certs,
xmlSecPtrListPtr crls,
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_IO_H__
#define __XMLSEC_IO_H__
#include <libxml/tree.h>
#include <libxml/xmlIO.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/transforms.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_KEYINFO_H__
#define __XMLSEC_KEYINFO_H__
#include <libxml/tree.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/list.h>
#include <xmlsec/keysdata.h>
#define XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS 0x00004000
/**
- * XMLSEC_KEYINFO_FLAGS_SKIP_VERIFY_CHAIN:
- *
- * If the flag is set then we wont stop document validation
- * on certificate chain error. Instead of stopping validation
- * we'll just set flag XMLSEC_KEYINFO_ERROR_FLAGS_BROKEN_CHAIN
- * as flags2 value.
- */
-#define XMLSEC_KEYINFO_FLAGS_ALLOW_BROKEN_CHAIN 0x00008000
-#define XMLSEC_KEYINFO_ERROR_FLAGS_BROKEN_CHAIN 0x00000001
-
-/**
* xmlSecKeyInfoCtx:
* @userData: the pointer to user data (xmlsec and xmlsec-crypto
* never touch this).
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_KEYS_H__
#define __XMLSEC_KEYS_H__
#include <time.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/list.h>
#include <xmlsec/keysdata.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_KEYSDATA_H__
#define __XMLSEC_KEYSDATA_H__
#include <libxml/tree.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
#include <xmlsec/list.h>
* @xmlSecKeyDataFormatPkcs12: the PKCS12 format (bag of keys and certs)
* @xmlSecKeyDataFormatCertPem: the PEM cert.
* @xmlSecKeyDataFormatCertDer: the DER cert.
+ * @xmlSecKeyDataFormatEngine: the crypto engine (e.g. OpenSSL ENGINE).
*
* The key data format (binary, der, pem, etc.).
*/
xmlSecKeyDataFormatPkcs8Der,
xmlSecKeyDataFormatPkcs12,
xmlSecKeyDataFormatCertPem,
- xmlSecKeyDataFormatCertDer
+ xmlSecKeyDataFormatCertDer,
+ xmlSecKeyDataFormatEngine
} xmlSecKeyDataFormat;
/**************************************************************************
#define xmlSecKeyDataKlassGetName(klass) \
(((klass)) ? ((klass)->name) : NULL)
+
+
+/***********************************************************************
+ *
+ * Helper functions for binary key data (HMAC, AES, DES, ...).
+ *
+ **********************************************************************/
+XMLSEC_EXPORT xmlSecSize xmlSecKeyDataBinaryValueGetSize (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT xmlSecBufferPtr xmlSecKeyDataBinaryValueGetBuffer (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT int xmlSecKeyDataBinaryValueSetBuffer (xmlSecKeyDataPtr data,
+ const xmlSecByte* buf,
+ xmlSecSize bufSize);
+
/***********************************************************************
*
* Key Data list
XMLSEC_EXPORT void xmlSecKeyDataIdListDebugXmlDump (xmlSecPtrListPtr list,
FILE* output);
-/**************************************************************************
- *
- * xmlSecKeyDataBinary
- *
- * key (xmlSecBuffer) is located after xmlSecKeyData structure
- *
- *************************************************************************/
-/**
- * xmlSecKeyDataBinarySize:
- *
- * The binary key data object size.
- */
-#define xmlSecKeyDataBinarySize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecBuffer))
-
-XMLSEC_EXPORT int xmlSecKeyDataBinaryValueInitialize (xmlSecKeyDataPtr data);
-XMLSEC_EXPORT int xmlSecKeyDataBinaryValueDuplicate (xmlSecKeyDataPtr dst,
- xmlSecKeyDataPtr src);
-XMLSEC_EXPORT void xmlSecKeyDataBinaryValueFinalize (xmlSecKeyDataPtr data);
-XMLSEC_EXPORT int xmlSecKeyDataBinaryValueXmlRead (xmlSecKeyDataId id,
- xmlSecKeyPtr key,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int xmlSecKeyDataBinaryValueXmlWrite (xmlSecKeyDataId id,
- xmlSecKeyPtr key,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int xmlSecKeyDataBinaryValueBinRead (xmlSecKeyDataId id,
- xmlSecKeyPtr key,
- const xmlSecByte* buf,
- xmlSecSize bufSize,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int xmlSecKeyDataBinaryValueBinWrite (xmlSecKeyDataId id,
- xmlSecKeyPtr key,
- xmlSecByte** buf,
- xmlSecSize* bufSize,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT void xmlSecKeyDataBinaryValueDebugDump (xmlSecKeyDataPtr data,
- FILE* output);
-XMLSEC_EXPORT void xmlSecKeyDataBinaryValueDebugXmlDump (xmlSecKeyDataPtr data,
- FILE* output);
-
-XMLSEC_EXPORT xmlSecSize xmlSecKeyDataBinaryValueGetSize (xmlSecKeyDataPtr data);
-XMLSEC_EXPORT xmlSecBufferPtr xmlSecKeyDataBinaryValueGetBuffer (xmlSecKeyDataPtr data);
-XMLSEC_EXPORT int xmlSecKeyDataBinaryValueSetBuffer (xmlSecKeyDataPtr data,
- const xmlSecByte* buf,
- xmlSecSize bufSize);
/**************************************************************************
*
#define xmlSecKeyDataStorePtrListId xmlSecKeyDataStorePtrListGetKlass()
XMLSEC_EXPORT xmlSecPtrListId xmlSecKeyDataStorePtrListGetKlass (void);
-#ifdef XMLSEC_PRIVATE
XMLSEC_EXPORT void xmlSecImportSetPersistKey (void);
XMLSEC_EXPORT int xmlSecImportGetPersistKey (void);
-#endif
#ifdef __cplusplus
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_KEYSMGMR_H__
#define __XMLSEC_KEYSMGMR_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/list.h>
#include <xmlsec/keys.h>
* Simple Keys Store
*
***************************************************************************/
+
+
+/**
+ * xmlSecKeyDataDsaWrite:
+ * @id: the key data data.
+ * @data: the pointer to input @xmlSecKeyData.
+ * @dsaValue: the pointer to input @xmlSecKeyValueDsa.
+ * @writePrivateKey: the flag indicating if private key component should be output or not.
+ *
+ * Writes @xmlSecKeyData to @xmlSecKeyValueDsa.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+typedef int (*xmlSecSimpleKeysStoreAdoptKeyFunc) (xmlSecKeyStorePtr store,
+ xmlSecKeyPtr key);
+
+
/**
* xmlSecSimpleKeysStoreId:
*
XMLSEC_EXPORT int xmlSecSimpleKeysStoreLoad (xmlSecKeyStorePtr store,
const char *uri,
xmlSecKeysMngrPtr keysMngr);
+XMLSEC_EXPORT int xmlSecSimpleKeysStoreLoad_ex (xmlSecKeyStorePtr store,
+ const char *uri,
+ xmlSecKeysMngrPtr keysMngr,
+ xmlSecSimpleKeysStoreAdoptKeyFunc adoptKeyFunc);
XMLSEC_EXPORT int xmlSecSimpleKeysStoreSave (xmlSecKeyStorePtr store,
const char *filename,
xmlSecKeyDataType type);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_LIST_H__
#define __XMLSEC_LIST_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_MEMBUF_H__
#define __XMLSEC_MEMBUF_H__
#include <libxml/tree.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
#include <xmlsec/transforms.h>
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = include/xmlsec/mscng
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(xmlsecmscnginc_HEADERS) \
+ $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(xmlsecmscngincdir)"
+HEADERS = $(xmlsecmscnginc_HEADERS)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+xmlsecmscngincdir = $(includedir)/xmlsec1/xmlsec/mscng
+xmlsecmscnginc_HEADERS = \
+app.h \
+certkeys.h \
+crypto.h \
+keysstore.h \
+symbols.h \
+x509.h \
+$(NULL)
+
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/xmlsec/mscng/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign include/xmlsec/mscng/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-xmlsecmscngincHEADERS: $(xmlsecmscnginc_HEADERS)
+ @$(NORMAL_INSTALL)
+ @list='$(xmlsecmscnginc_HEADERS)'; test -n "$(xmlsecmscngincdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(xmlsecmscngincdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(xmlsecmscngincdir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(xmlsecmscngincdir)'"; \
+ $(INSTALL_HEADER) $$files "$(DESTDIR)$(xmlsecmscngincdir)" || exit $$?; \
+ done
+
+uninstall-xmlsecmscngincHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(xmlsecmscnginc_HEADERS)'; test -n "$(xmlsecmscngincdir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ dir='$(DESTDIR)$(xmlsecmscngincdir)'; $(am__uninstall_files_from_dir)
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(xmlsecmscngincdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-xmlsecmscngincHEADERS
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-xmlsecmscngincHEADERS
+
+.MAKE: install-am install-exec-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libtool cscopelist-am ctags ctags-am distclean \
+ distclean-generic distclean-libtool distclean-tags distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-exec-hook install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip install-xmlsecmscngincHEADERS installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+ uninstall-am uninstall-xmlsecmscngincHEADERS
+
+.PRECIOUS: Makefile
+
+
+install-exec-hook:
+ $(mkinstalldirs) $(DESTDIR)$(xmlsecmscngincdir)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
#include <windows.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/keysmngr.h>
#include <windows.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <windows.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#ifndef __XMLSEC_MSCNG_KEYSSTORE_H__
#define __XMLSEC_MSCNG_KEYSSTORE_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#ifdef __cplusplus
#ifndef XMLSEC_NO_X509
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
PCCERT_CONTEXT cert);
XMLSEC_CRYPTO_EXPORT int xmlSecMSCngKeyDataX509AdoptCert (xmlSecKeyDataPtr data,
PCCERT_CONTEXT cert);
+XMLSEC_CRYPTO_EXPORT int xmlSecMSCngKeyDataX509AdoptCrl (xmlSecKeyDataPtr data,
+ PCCRL_CONTEXT crl);
XMLSEC_CRYPTO_EXPORT int xmlSecMSCngX509StoreAdoptCert (xmlSecKeyDataStorePtr store,
PCCERT_CONTEXT cert,
xmlSecKeyDataType type);
XMLSEC_CRYPTO_EXPORT int xmlSecMSCngX509StoreAdoptUntrustedStore(xmlSecKeyDataStorePtr store,
HCERTSTORE untrustedStore);
XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT xmlSecMSCngX509StoreVerify (xmlSecKeyDataStorePtr store,
- HCERTSTORE certs,
- xmlSecKeyInfoCtx* keyInfoCtx);
+ HCERTSTORE certs,
+ xmlSecKeyInfoCtx* keyInfoCtx);
PCCERT_CONTEXT xmlSecMSCngX509StoreFindCert (xmlSecKeyDataStorePtr store,
xmlChar *subjectName,
xmlChar *issuerName,
xmlChar *issuerSerial,
xmlChar *ski,
xmlSecKeyInfoCtx* keyInfoCtx);
+PCCERT_CONTEXT xmlSecMSCngX509StoreFindCert_ex (xmlSecKeyDataStorePtr store,
+ xmlChar* subjectName,
+ xmlChar* issuerName,
+ xmlChar* issuerSerial,
+ xmlSecByte* ski,
+ xmlSecSize skiSize,
+ xmlSecKeyInfoCtx* keyInfoCtx);
PCCERT_CONTEXT xmlSecMSCngX509FindCertBySubject (HCERTSTORE store,
LPTSTR wcSubject,
DWORD dwCertEncodingType);
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = include/xmlsec/mscrypto
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(xmlsecmscryptoinc_HEADERS) \
+ $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(xmlsecmscryptoincdir)"
+HEADERS = $(xmlsecmscryptoinc_HEADERS)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+xmlsecmscryptoincdir = $(includedir)/xmlsec1/xmlsec/mscrypto
+xmlsecmscryptoinc_HEADERS = \
+app.h \
+certkeys.h \
+crypto.h \
+keysstore.h \
+symbols.h \
+x509.h \
+$(NULL)
+
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/xmlsec/mscrypto/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign include/xmlsec/mscrypto/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-xmlsecmscryptoincHEADERS: $(xmlsecmscryptoinc_HEADERS)
+ @$(NORMAL_INSTALL)
+ @list='$(xmlsecmscryptoinc_HEADERS)'; test -n "$(xmlsecmscryptoincdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(xmlsecmscryptoincdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(xmlsecmscryptoincdir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(xmlsecmscryptoincdir)'"; \
+ $(INSTALL_HEADER) $$files "$(DESTDIR)$(xmlsecmscryptoincdir)" || exit $$?; \
+ done
+
+uninstall-xmlsecmscryptoincHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(xmlsecmscryptoinc_HEADERS)'; test -n "$(xmlsecmscryptoincdir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ dir='$(DESTDIR)$(xmlsecmscryptoincdir)'; $(am__uninstall_files_from_dir)
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(xmlsecmscryptoincdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-xmlsecmscryptoincHEADERS
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-xmlsecmscryptoincHEADERS
+
+.MAKE: install-am install-exec-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libtool cscopelist-am ctags ctags-am distclean \
+ distclean-generic distclean-libtool distclean-tags distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-exec-hook install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip install-xmlsecmscryptoincHEADERS installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+ uninstall-am uninstall-xmlsecmscryptoincHEADERS
+
+.PRECIOUS: Makefile
+
+
+install-exec-hook:
+ $(mkinstalldirs) $(DESTDIR)$(xmlsecmscryptoincdir)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
#ifndef __XMLSEC_MSCRYPTO_APP_H__
#define __XMLSEC_MSCRYPTO_APP_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/keysmngr.h>
#include <windows.h>
#include <wincrypt.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
xmlSecKeyDataType type);
XMLSEC_CRYPTO_EXPORT HCRYPTKEY xmlSecMSCryptoKeyDataGetDecryptKey(xmlSecKeyDataPtr data);
XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT xmlSecMSCryptoCertDup (PCCERT_CONTEXT pCert);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr xmlSecMSCryptoCertAdopt (PCCERT_CONTEXT pCert,
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr xmlSecMSCryptoCertAdopt (PCCERT_CONTEXT pCert,
xmlSecKeyDataType type);
XMLSEC_CRYPTO_EXPORT HCRYPTPROV xmlSecMSCryptoKeyDataGetMSCryptoProvider(xmlSecKeyDataPtr data);
#include <windows.h>
#include <wincrypt.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
*******************************************************************/
#ifndef XMLSEC_NO_HMAC
-XMLSEC_CRYPTO_EXPORT int xmlSecMSCryptoHmacGetMinOutputLength(void);
-XMLSEC_CRYPTO_EXPORT void xmlSecMSCryptoHmacSetMinOutputLength(int min_length);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT int xmlSecMSCryptoHmacGetMinOutputLength(void);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT void xmlSecMSCryptoHmacSetMinOutputLength(int min_length);
/**
* xmlSecMSCryptoKeyDataHmacId:
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformHmacMd5GetKlass(void);
#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+/**
+ * xmlSecMSCryptoTransformHmacRipemd160Id:
+ *
+ * The HMAC with RipeMD160 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformHmacRipemd160Id \
+ xmlSecMSCryptoTransformHmacRipemd160GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformHmacRipemd160GetKlass(void);
+#endif /* XMLSEC_NO_RIPEMD160 */
+
#ifndef XMLSEC_NO_SHA1
/**
* xmlSecMSCryptoTransformHmacSha1Id:
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformHmacSha1GetKlass(void);
#endif /* XMLSEC_NO_SHA1 */
+#ifndef XMLSEC_NO_SHA224
+/**
+ * xmlSecMSCryptoTransformHmacSha224Id:
+ *
+ * The HMAC with SHA224 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformHmacSha224Id \
+ xmlSecMSCryptoTransformHmacSha224GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformHmacSha224GetKlass(void);
+#endif /* XMLSEC_NO_SHA224 */
+
#ifndef XMLSEC_NO_SHA256
/**
* xmlSecMSCryptoTransformHmacSha256Id:
#ifndef __XMLSEC_MSCRYPTO_KEYSSTORE_H__
#define __XMLSEC_MSCRYPTO_KEYSSTORE_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#ifdef __cplusplus
#ifndef XMLSEC_NO_X509
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_NODESET_H__
#define __XMLSEC_NODESET_H__
#include <libxml/tree.h>
#include <libxml/xpath.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#ifdef __cplusplus
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = include/xmlsec/nss
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(xmlsecnssinc_HEADERS) \
+ $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(xmlsecnssincdir)"
+HEADERS = $(xmlsecnssinc_HEADERS)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+xmlsecnssincdir = $(includedir)/xmlsec1/xmlsec/nss
+xmlsecnssinc_HEADERS = \
+app.h \
+crypto.h \
+symbols.h \
+bignum.h \
+keysstore.h \
+pkikeys.h \
+x509.h \
+$(NULL)
+
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/xmlsec/nss/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign include/xmlsec/nss/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-xmlsecnssincHEADERS: $(xmlsecnssinc_HEADERS)
+ @$(NORMAL_INSTALL)
+ @list='$(xmlsecnssinc_HEADERS)'; test -n "$(xmlsecnssincdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(xmlsecnssincdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(xmlsecnssincdir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(xmlsecnssincdir)'"; \
+ $(INSTALL_HEADER) $$files "$(DESTDIR)$(xmlsecnssincdir)" || exit $$?; \
+ done
+
+uninstall-xmlsecnssincHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(xmlsecnssinc_HEADERS)'; test -n "$(xmlsecnssincdir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ dir='$(DESTDIR)$(xmlsecnssincdir)'; $(am__uninstall_files_from_dir)
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(xmlsecnssincdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-xmlsecnssincHEADERS
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-xmlsecnssincHEADERS
+
+.MAKE: install-am install-exec-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libtool cscopelist-am ctags ctags-am distclean \
+ distclean-generic distclean-libtool distclean-tags distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-exec-hook install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip install-xmlsecnssincHEADERS installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+ uninstall-am uninstall-xmlsecnssincHEADERS
+
+.PRECIOUS: Makefile
+
+
+install-exec-hook:
+ $(mkinstalldirs) $(DESTDIR)$(xmlsecnssincdir)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
#ifndef __XMLSEC_NSS_APP_H__
#include <nspr.h>
#include <nss.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/keysmngr.h>
#include <nspr.h>
#include <nss.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
-XMLSEC_CRYPTO_EXPORT SECItem* xmlSecNssNodeGetBigNumValue (PRArenaPool *arena,
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT SECItem* xmlSecNssNodeGetBigNumValue (PRArenaPool *arena,
const xmlNodePtr cur,
SECItem *a);
-XMLSEC_CRYPTO_EXPORT int xmlSecNssNodeSetBigNumValue (xmlNodePtr cur,
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT int xmlSecNssNodeSetBigNumValue (xmlNodePtr cur,
const SECItem *a,
int addLineBreaks);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
#ifndef __XMLSEC_NSS_CRYPTO_H__
#include <nss.h>
#include <pk11func.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/dl.h>
+
+/* MD5 was removed from NSS */
+#if (NSS_VMAJOR > 3) || ((NSS_VMAJOR == 3) && (NSS_VMINOR > 58))
+#define XMLSEC_NO_MD5 1
+#endif /* (NSS_VMAJOR > 3) || ((NSS_VMAJOR == 3) && (NSS_VMINOR > 58)) */
+
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
*******************************************************************/
#ifndef XMLSEC_NO_HMAC
-XMLSEC_CRYPTO_EXPORT int xmlSecNssHmacGetMinOutputLength(void);
-XMLSEC_CRYPTO_EXPORT void xmlSecNssHmacSetMinOutputLength(int min_length);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT int xmlSecNssHmacGetMinOutputLength(void);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT void xmlSecNssHmacSetMinOutputLength(int min_length);
/**
* xmlSecNssKeyDataHmacId:
#ifndef __XMLSEC_NSS_KEYSSTORE_H__
#define __XMLSEC_NSS_KEYSSTORE_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#ifdef __cplusplus
#include <nspr.h>
#include <nss.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
#ifndef __XMLSEC_NSS_SYMBOLS_H__
#include <nss.h>
#include <cert.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
xmlChar *issuerSerial,
xmlChar *ski,
xmlSecKeyInfoCtx* keyInfoCtx);
+XMLSEC_CRYPTO_EXPORT CERTCertificate* xmlSecNssX509StoreFindCert_ex (xmlSecKeyDataStorePtr store,
+ xmlChar *subjectName,
+ xmlChar *issuerName,
+ xmlChar *issuerSerial,
+ xmlSecByte * ski,
+ xmlSecSize skiSize,
+ xmlSecKeyInfoCtx* keyInfoCtx);
XMLSEC_CRYPTO_EXPORT CERTCertificate* xmlSecNssX509StoreVerify (xmlSecKeyDataStorePtr store,
CERTCertList* certs,
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = include/xmlsec/openssl
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(xmlsecopensslinc_HEADERS) \
+ $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(xmlsecopensslincdir)"
+HEADERS = $(xmlsecopensslinc_HEADERS)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+xmlsecopensslincdir = $(includedir)/xmlsec1/xmlsec/openssl
+xmlsecopensslinc_HEADERS = \
+app.h \
+bn.h \
+crypto.h \
+evp.h \
+symbols.h \
+x509.h \
+$(NULL)
+
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/xmlsec/openssl/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign include/xmlsec/openssl/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-xmlsecopensslincHEADERS: $(xmlsecopensslinc_HEADERS)
+ @$(NORMAL_INSTALL)
+ @list='$(xmlsecopensslinc_HEADERS)'; test -n "$(xmlsecopensslincdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(xmlsecopensslincdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(xmlsecopensslincdir)" || exit 1; \
+ fi; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(xmlsecopensslincdir)'"; \
+ $(INSTALL_HEADER) $$files "$(DESTDIR)$(xmlsecopensslincdir)" || exit $$?; \
+ done
+
+uninstall-xmlsecopensslincHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(xmlsecopensslinc_HEADERS)'; test -n "$(xmlsecopensslincdir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ dir='$(DESTDIR)$(xmlsecopensslincdir)'; $(am__uninstall_files_from_dir)
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(HEADERS)
+installdirs:
+ for dir in "$(DESTDIR)$(xmlsecopensslincdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-xmlsecopensslincHEADERS
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-xmlsecopensslincHEADERS
+
+.MAKE: install-am install-exec-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libtool cscopelist-am ctags ctags-am distclean \
+ distclean-generic distclean-libtool distclean-tags distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-exec-hook install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip install-xmlsecopensslincHEADERS installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+ uninstall-am uninstall-xmlsecopensslincHEADERS
+
+.PRECIOUS: Makefile
+
+
+install-exec-hook:
+ $(mkinstalldirs) $(DESTDIR)$(xmlsecopensslincdir)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_OPENSSL_APP_H__
#define __XMLSEC_OPENSSL_APP_H__
#include <openssl/pem.h>
#include <openssl/bio.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/keysmngr.h>
XMLSEC_CRYPTO_EXPORT void* xmlSecOpenSSLAppGetDefaultPwdCallback(void);
-
#ifdef __cplusplus
}
#endif /* __cplusplus */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_BN_H__
#define __XMLSEC_BN_H__
#include <libxml/tree.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
-XMLSEC_CRYPTO_EXPORT BIGNUM* xmlSecOpenSSLNodeGetBNValue (const xmlNodePtr cur,
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT BIGNUM* xmlSecOpenSSLNodeGetBNValue (const xmlNodePtr cur,
BIGNUM **a);
-XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLNodeSetBNValue (xmlNodePtr cur,
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLNodeSetBNValue (xmlNodePtr cur,
const BIGNUM *a,
int addLineBreaks);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_OPENSSL_CRYPTO_H__
#define __XMLSEC_OPENSSL_CRYPTO_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/dl.h>
#include <openssl/err.h>
+#include <openssl/opensslv.h>
#ifndef OPENSSL_IS_BORINGSSL
#include <openssl/opensslconf.h>
#endif /* OPENSSL_IS_BORINGSSL */
extern "C" {
#endif /* __cplusplus */
-XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctions_openssl(void);
-
-/********************************************************************
- *
- * Init shutdown
- *
- ********************************************************************/
-XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLInit (void);
-XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLShutdown (void);
-
-XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeysMngrInit (xmlSecKeysMngrPtr mngr);
-XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLGenerateRandom (xmlSecBufferPtr buffer,
- xmlSecSize size);
-
-XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLSetDefaultTrustedCertsFolder(const xmlChar* path);
-XMLSEC_CRYPTO_EXPORT const xmlChar* xmlSecOpenSSLGetDefaultTrustedCertsFolder(void);
-
/********************************************************************
*
* What version of the openssl API do we have? (also see configure.ac)
/* LibreSSL decided to take over OpenSSL version 2.0.0, likely will create
* issues down the road... */
#define XMLSEC_OPENSSL_API_100 1
+#if defined(_MSC_VER) || defined(__GNUC__) || defined(__clang__)
+#pragma message("Support for LibreSSL before version 2.7.0 is deprecated and will be removed in the future versions of XMLSec library")
+#endif /* defined(_MSC_VER) || defined(__GNUC__) || defined(__clang__) */
#elif defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L
/* LibreSSL 2.7 implements (most of) OpenSSL 1.1 API */
#define XMLSEC_OPENSSL_API_110 1
+#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
+#define XMLSEC_OPENSSL_API_300 1
+#elif OPENSSL_VERSION_NUMBER >= 0x10101000L
+#define XMLSEC_OPENSSL_API_111 1
+#define XMLSEC_OPENSSL_API_110 1
#elif OPENSSL_VERSION_NUMBER >= 0x10100000L
#define XMLSEC_OPENSSL_API_110 1
+#if defined(_MSC_VER) || defined(__GNUC__) || defined(__clang__)
+#pragma message("Support for OpenSSL before version 1.1.1 is deprecated and will be removed in the future versions of XMLSec library")
+#endif /* defined(_MSC_VER) || defined(__GNUC__) || defined(__clang__) */
#elif OPENSSL_VERSION_NUMBER >= 0x10000000L
#define XMLSEC_OPENSSL_API_100 1
+#if defined(_MSC_VER) || defined(__GNUC__) || defined(__clang__)
+#pragma message("Support for OpenSSL before version 1.1.1 is deprecated and will be removed in the future versions of XMLSec library")
+#endif /* defined(_MSC_VER) || defined(__GNUC__) || defined(__clang__) */
#else /* OPENSSL_VERSION_NUMBER */
#error "This version of OpenSSL library is not supported"
#endif /* OPENSSL_VERSION_NUMBER */
/********************************************************************
*
+ * Common functions
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctions_openssl(void);
+
+XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLInit (void);
+XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLShutdown (void);
+
+XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeysMngrInit (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLGenerateRandom (xmlSecBufferPtr buffer,
+ xmlSecSize size);
+
+XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLSetDefaultTrustedCertsFolder(const xmlChar* path);
+XMLSEC_CRYPTO_EXPORT const xmlChar* xmlSecOpenSSLGetDefaultTrustedCertsFolder(void);
+
+#ifdef XMLSEC_OPENSSL_API_300
+XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLSetLibCtx(OSSL_LIB_CTX* libctx);
+XMLSEC_CRYPTO_EXPORT OSSL_LIB_CTX* xmlSecOpenSSLGetLibCtx(void);
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+/********************************************************************
+ *
+ * BIO helpers
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT BIO* xmlSecOpenSSLCreateMemBio (void);
+XMLSEC_CRYPTO_EXPORT BIO* xmlSecOpenSSLCreateMemBufBio (const xmlSecByte* buf,
+ xmlSecSize bufSize);
+XMLSEC_CRYPTO_EXPORT BIO* xmlSecOpenSSLCreateReadFileBio (const char* path);
+/********************************************************************
+ *
* What is supported by the openssl?
*
*******************************************************************/
#define XMLSEC_NO_X509 1
#endif /* defined(OPENSSL_NO_X509) || defined(OPENSSL_NO_X509_VERIFY) */
+
/********************************************************************
*
* AES transforms
#define xmlSecOpenSSLKeyDataDsaId \
xmlSecOpenSSLKeyDataDsaGetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecOpenSSLKeyDataDsaGetKlass (void);
-XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeyDataDsaAdoptDsa (xmlSecKeyDataPtr data,
- DSA* dsa);
-XMLSEC_CRYPTO_EXPORT DSA* xmlSecOpenSSLKeyDataDsaGetDsa (xmlSecKeyDataPtr data);
XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeyDataDsaAdoptEvp (xmlSecKeyDataPtr data,
EVP_PKEY* pKey);
XMLSEC_CRYPTO_EXPORT EVP_PKEY* xmlSecOpenSSLKeyDataDsaGetEvp (xmlSecKeyDataPtr data);
+
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeyDataDsaAdoptDsa (xmlSecKeyDataPtr data,
+ DSA* dsa);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT DSA* xmlSecOpenSSLKeyDataDsaGetDsa (xmlSecKeyDataPtr data);
+
+
#ifndef XMLSEC_NO_SHA1
/**
* xmlSecOpenSSLTransformDsaSha1Id:
#define xmlSecOpenSSLKeyDataEcdsaId \
xmlSecOpenSSLKeyDataEcdsaGetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecOpenSSLKeyDataEcdsaGetKlass (void);
-XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa (xmlSecKeyDataPtr data,
- EC_KEY* ecdsa);
-XMLSEC_CRYPTO_EXPORT EC_KEY* xmlSecOpenSSLKeyDataEcdsaGetEcdsa (xmlSecKeyDataPtr data);
XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeyDataEcdsaAdoptEvp (xmlSecKeyDataPtr data,
EVP_PKEY* pKey);
XMLSEC_CRYPTO_EXPORT EVP_PKEY* xmlSecOpenSSLKeyDataEcdsaGetEvp (xmlSecKeyDataPtr data);
+
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa (xmlSecKeyDataPtr data,
+ EC_KEY* ecdsa);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT EC_KEY* xmlSecOpenSSLKeyDataEcdsaGetEcdsa (xmlSecKeyDataPtr data);
+
#ifndef XMLSEC_NO_SHA1
/**
* xmlSecOpenSSLTransformEcdsaSha1Id:
*******************************************************************/
#ifndef XMLSEC_NO_HMAC
-XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLHmacGetMinOutputLength(void);
-XMLSEC_CRYPTO_EXPORT void xmlSecOpenSSLHmacSetMinOutputLength(int min_length);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLHmacGetMinOutputLength(void);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT void xmlSecOpenSSLHmacSetMinOutputLength(int min_length);
/**
* xmlSecOpenSSLKeyDataHmacId:
#define xmlSecOpenSSLKeyDataRsaId \
xmlSecOpenSSLKeyDataRsaGetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecOpenSSLKeyDataRsaGetKlass (void);
-XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeyDataRsaAdoptRsa (xmlSecKeyDataPtr data,
- RSA* rsa);
-XMLSEC_CRYPTO_EXPORT RSA* xmlSecOpenSSLKeyDataRsaGetRsa (xmlSecKeyDataPtr data);
XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeyDataRsaAdoptEvp (xmlSecKeyDataPtr data,
EVP_PKEY* pKey);
XMLSEC_CRYPTO_EXPORT EVP_PKEY* xmlSecOpenSSLKeyDataRsaGetEvp (xmlSecKeyDataPtr data);
+
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT int xmlSecOpenSSLKeyDataRsaAdoptRsa (xmlSecKeyDataPtr data,
+ RSA* rsa);
+XMLSEC_DEPRECATED XMLSEC_CRYPTO_EXPORT RSA* xmlSecOpenSSLKeyDataRsaGetRsa (xmlSecKeyDataPtr data);
+
#ifndef XMLSEC_NO_MD5
/**
* xmlSecOpenSSLTransformRsaMd5Id:
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha512GetKlass(void);
#endif /* XMLSEC_NO_SHA512 */
-
XMLSEC_CRYPTO_EXPORT void xmlSecOpenSSLErrorsDefaultCallback (const char* file,
int line,
const char* func,
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_OPENSSL_EVP_H__
#define __XMLSEC_OPENSSL_EVP_H__
#include <openssl/evp.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_OPENSSL_SYMBOLS_H__
#define __XMLSEC_OPENSSL_SYMBOLS_H__
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_OPENSSL_X509_H__
#define __XMLSEC_OPENSSL_X509_H__
#include <openssl/x509.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
xmlChar *issuerSerial,
xmlChar *ski,
xmlSecKeyInfoCtx* keyInfoCtx);
+XMLSEC_CRYPTO_EXPORT X509* xmlSecOpenSSLX509StoreFindCert_ex(xmlSecKeyDataStorePtr store,
+ xmlChar *subjectName,
+ xmlChar *issuerName,
+ xmlChar *issuerSerial,
+ xmlSecByte * ski,
+ xmlSecSize skiSize,
+ xmlSecKeyInfoCtx* keyInfoCtx);
XMLSEC_CRYPTO_EXPORT X509* xmlSecOpenSSLX509StoreVerify (xmlSecKeyDataStorePtr store,
XMLSEC_STACK_OF_X509* certs,
XMLSEC_STACK_OF_X509_CRL* crls,
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_PARSER_H__
#define __XMLSEC_PARSER_H__
#include <libxml/tree.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/transforms.h>
xmlSecSize bufferSize,
const xmlSecByte *postfix,
xmlSecSize postfixSize);
+XMLSEC_EXPORT void xmlSecParsePrepareCtxt (xmlParserCtxtPtr ctxt);
+
+XMLSEC_EXPORT int xmlSecParserGetDefaultOptions(void);
+XMLSEC_EXPORT void xmlSecParserSetDefaultOptions(int options);
/**
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_PRIVATE_H__
#define __XMLSEC_PRIVATE_H__
#ifndef XMLSEC_PRIVATE
-#error "xmlsec/private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
+#error "this file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
#endif /* XMLSEC_PRIVATE */
#include <libxml/tree.h>
#endif
#endif
-#ifdef WIN32
+#if defined(XMLSEC_WINDOWS)
#include <windows.h>
-#endif
+#endif /* defined(XMLSEC_WINDOWS) */
#ifdef __cplusplus
extern "C" {
/**
* UNREFERENCED_PARAMETER:
+ * @param: the parameter without references.
*
- * Macro used to signal to MSVC unused function parameters
+ * Macro used to signal unused function parameters
*/
#ifndef UNREFERENCED_PARAMETER
-#define UNREFERENCED_PARAMETER(x)
+#define UNREFERENCED_PARAMETER(param) ((void)(param))
#endif /* UNREFERENCED_PARAMETER */
/***********************************************************************
+++ /dev/null
-NULL =
-
-xmlsecprivateincdir = $(includedir)/xmlsec1/xmlsec/private
-
-xmlsecprivateinc_HEADERS = \
-xslt.h \
-$(NULL)
-
-install-exec-hook:
- $(mkinstalldirs) $(DESTDIR)$(xmlsecprivateincdir)
-
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_SKELETON_APP_H__
#define __XMLSEC_SKELETON_APP_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/keysmngr.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_SKELETON_CRYPTO_H__
#define __XMLSEC_SKELETON_CRYPTO_H__
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_SKELETON_SYMBOLS_H__
#define __XMLSEC_SKELETON_SYMBOLS_H__
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
17 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>
*/
#ifndef __XMLSEC_SOAP_H__
#define __XMLSEC_SOAP_H__
#ifndef XMLSEC_NO_SOAP
#include <libxml/tree.h>
+
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#ifdef __cplusplus
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_STRINGS_H__
#define __XMLSEC_STRINGS_H__
#include <libxml/tree.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#ifdef __cplusplus
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_TEMPLATES_H__
#define __XMLSEC_TEMPLATES_H__
#include <libxml/tree.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/transforms.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_TRANSFORMS_H__
#define __XMLSEC_TRANSFORMS_H__
#include <libxml/tree.h>
#include <libxml/xpath.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
#include <xmlsec/list.h>
XMLSEC_EXPORT int xmlSecTransformVisa3DHackSetID (xmlSecTransformPtr transform,
const xmlChar* id);
+
+
+/*********************************************************************
+ *
+ * Helper transform functions
+ *
+ ********************************************************************/
+
+#ifndef XMLSEC_NO_HMAC
+XMLSEC_EXPORT xmlSecSize xmlSecTransformHmacGetMinOutputBitsSize(void);
+XMLSEC_EXPORT void xmlSecTransformHmacSetMinOutputBitsSize(xmlSecSize val);
+#endif /* XMLSEC_NO_HMAC */
+
#ifdef __cplusplus
}
#endif /* __cplusplus */
--- /dev/null
+/*
+ * XML Security Library (http://www.aleksey.com/xmlsec).
+ *
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ */
+/**
+ * SECTION:version
+ * @Short_description: Version macros.
+ * @Stability: Stable
+ *
+ */
+#ifndef __XMLSEC_VERSION_H__
+#define __XMLSEC_VERSION_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+/**
+ * XMLSEC_VERSION:
+ *
+ * The library version string in the format
+ * "$major_number.$minor_number.$sub_minor_number".
+ */
+#define XMLSEC_VERSION "1.2.39"
+
+/**
+ * XMLSEC_VERSION_MAJOR:
+ *
+ * The library major version number.
+ */
+#define XMLSEC_VERSION_MAJOR 1
+
+/**
+ * XMLSEC_VERSION_MINOR:
+ *
+ * The library minor version number.
+ */
+#define XMLSEC_VERSION_MINOR 2
+
+/**
+ * XMLSEC_VERSION_SUBMINOR:
+ *
+ * The library sub-minor version number.
+ */
+#define XMLSEC_VERSION_SUBMINOR 39
+
+/**
+ * XMLSEC_VERSION_INFO:
+ *
+ * The library version info string in the format
+ * "$major_number+$minor_number:$sub_minor_number:$minor_number".
+ */
+#define XMLSEC_VERSION_INFO "3:39:2"
+
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __XMLSEC_VERSION_H__ */
+
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:version
* The library version string in the format
* "$major_number.$minor_number.$sub_minor_number".
*/
-#define XMLSEC_VERSION "@XMLSEC_VERSION@"
+#define XMLSEC_VERSION "@XMLSEC_VERSION@"
/**
* XMLSEC_VERSION_MAJOR:
*
* The library major version number.
*/
-#define XMLSEC_VERSION_MAJOR @XMLSEC_VERSION_MAJOR@
+#define XMLSEC_VERSION_MAJOR @XMLSEC_VERSION_MAJOR@
/**
* XMLSEC_VERSION_MINOR:
*
* The library minor version number.
*/
-#define XMLSEC_VERSION_MINOR @XMLSEC_VERSION_MINOR@
+#define XMLSEC_VERSION_MINOR @XMLSEC_VERSION_MINOR@
/**
* XMLSEC_VERSION_SUBMINOR:
*
* The library sub-minor version number.
*/
-#define XMLSEC_VERSION_SUBMINOR @XMLSEC_VERSION_SUBMINOR@
+#define XMLSEC_VERSION_SUBMINOR @XMLSEC_VERSION_SUBMINOR@
/**
* XMLSEC_VERSION_INFO:
* The library version info string in the format
* "$major_number+$minor_number:$sub_minor_number:$minor_number".
*/
-#define XMLSEC_VERSION_INFO "@XMLSEC_VERSION_INFO@"
+#define XMLSEC_VERSION_INFO "@XMLSEC_VERSION_INFO@"
#ifdef __cplusplus
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_X509_H__
#define __XMLSEC_X509_H__
#include <libxml/tree.h>
#include <libxml/parser.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
#include <xmlsec/list.h>
/**
* XMLSEC_X509DATA_CERTIFICATE_NODE:
*
- * <dsig:X509Certificate/> node found or would be written back.
+ * DEPRECATED. <dsig:X509Certificate/> node found or would be written back.
*/
#define XMLSEC_X509DATA_CERTIFICATE_NODE 0x00000001
/**
* XMLSEC_X509DATA_SUBJECTNAME_NODE:
*
- * <dsig:X509SubjectName/> node found or would be written back.
+ * DEPRECATED. <dsig:X509SubjectName/> node found or would be written back.
*/
#define XMLSEC_X509DATA_SUBJECTNAME_NODE 0x00000002
/**
* XMLSEC_X509DATA_ISSUERSERIAL_NODE:
*
- * <dsig:X509IssuerSerial/> node found or would be written back.
+ * DEPRECATED. <dsig:X509IssuerSerial/> node found or would be written back.
*/
#define XMLSEC_X509DATA_ISSUERSERIAL_NODE 0x00000004
/**
* XMLSEC_X509DATA_SKI_NODE:
*
- * <dsig:X509SKI/> node found or would be written back.
+ * DEPRECATED. <dsig:X509SKI/> node found or would be written back.
*/
#define XMLSEC_X509DATA_SKI_NODE 0x00000008
/**
* XMLSEC_X509DATA_CRL_NODE:
*
- * <dsig:X509CRL/> node found or would be written back.
+ * DEPRECATED. <dsig:X509CRL/> node found or would be written back.
*/
#define XMLSEC_X509DATA_CRL_NODE 0x00000010
/**
* XMLSEC_X509DATA_DEFAULT:
*
- * Default set of nodes to write in case of empty
+ * DEPRECATED. Default set of nodes to write in case of empty
* <dsig:X509Data/> node template.
*/
#define XMLSEC_X509DATA_DEFAULT \
(XMLSEC_X509DATA_CERTIFICATE_NODE | XMLSEC_X509DATA_CRL_NODE)
-XMLSEC_EXPORT int xmlSecX509DataGetNodeContent (xmlNodePtr node,
+XMLSEC_DEPRECATED XMLSEC_EXPORT int xmlSecX509DataGetNodeContent (xmlNodePtr node,
xmlSecKeyInfoCtxPtr keyInfoCtx);
#ifdef __cplusplus
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_XMLDSIG_H__
#define __XMLSEC_XMLDSIG_H__
#include <libxml/tree.h>
#include <libxml/parser.h>
-
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/list.h>
#include <xmlsec/buffer.h>
*/
#define XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK 0x00000010
-/** TIZEN CUSTOMIZED
- * XMLSEC_DSIG_FLAGS_IGNORE_REFERENCES:
- *
- * If this flag is set then <dsig:Reference/> nodes will not be processed.
- */
-#define XMLSEC_DSIG_FLAGS_IGNORE_REFERENCES 0x00000020
-
-/** TIZEN CUSTOMIZED
- * XMLSEC_DSIG_FLAGS_CHECK_PROXY:
- *
- * If this flag is set then xmlSecProxyCtx will be processed.
- */
-#define XMLSEC_DSIG_FLAGS_CHECK_PROXY 0x00000040
-
-/** TIZEN CUSTOMIZED
- * XMLSEC_DSIG_FLAGS_SKIP_PROXY:
- *
- * If this flag is set then xmlSecProxyCtx will not be processed.
- */
-#define XMLSEC_DSIG_FLAGS_SKIP_PROXY 0x00000080
-
-/** TIZEN CUSTOMIZED
- * @cache: the cache include reference uri for supporting partial mode.
- * cache represented uri will be check on processing references.
- * @next: the pointer to indicate linked node (xmlSecProxyCtx).
- */
-struct _xmlSecProxyCtx {
- xmlChar* cache;
- struct _xmlSecProxyCtx* next;
-};
-
-typedef struct _xmlSecProxyCtx xmlSecProxyCtx,
- *xmlSecProxyCtxPtr;
-
/**
* xmlSecDSigCtx:
* @userData: the pointer to user data (xmlsec and xmlsec-crypto libraries
xmlSecTransformId defC14NMethodId;
xmlSecTransformId defDigestMethodId;
- /* TIZEN CUSTOMIZED: these data user can set before performing the operation */
- xmlSecProxyCtxPtr skipReferences;
- xmlSecProxyCtxPtr checkReferences;
-
/* these data are returned */
xmlSecKeyPtr signKey;
xmlSecTransformOperation operation;
XMLSEC_EXPORT void xmlSecDSigCtxDebugXmlDump (xmlSecDSigCtxPtr dsigCtx,
FILE* output);
-/* TIZEN CUSTOMIZED: xmlSecProxyCtx operator */
-XMLSEC_EXPORT int xmlSecProxyCtxAdd (xmlSecProxyCtxPtr* proxyCtxPtrPtr,
- const xmlChar* uri);
-XMLSEC_EXPORT void xmlSecProxyCtxDestroy (xmlSecProxyCtxPtr proxyCtxPtr);
/**************************************************************************
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_XMLENC_H__
#define __XMLSEC_XMLENC_H__
#include <libxml/tree.h>
#include <libxml/parser.h>
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
#include <xmlsec/keys.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_H__
#define __XMLSEC_H__
*/
typedef void* xmlSecPtr;
+
+/**
+ * XMLSEC_SIZE_T_FMT:
+ *
+ * The only reason we need this is that MinGW doesn't recognize "%zu"
+ * despite the fact that MSVC runtime supports it for 10+ years.
+ */
+#if defined(__MINGW64__)
+#define XMLSEC_SIZE_T_FMT "%llu"
+#elif defined(__MINGW32__)
+#define XMLSEC_SIZE_T_FMT "%lu"
+#else /*defined(__MINGW32__) */
+#define XMLSEC_SIZE_T_FMT "%zu"
+#endif /* defined(__MINGW32__) */
+
/**
* xmlSecSize:
*
*/
#ifdef XMLSEC_NO_SIZE_T
#define xmlSecSize unsigned int
+#define XMLSEC_SIZE_MAX UINT_MAX
+#define XMLSEC_SIZE_FMT "%u"
#else /* XMLSEC_NO_SIZE_T */
#define xmlSecSize size_t
+#define XMLSEC_SIZE_MAX SIZE_MAX
+#define XMLSEC_SIZE_FMT XMLSEC_SIZE_T_FMT
#endif /* XMLSEC_NO_SIZE_T */
+#define XMLSEC_SIZE_MIN ((xmlSecSize)0)
/**
* XMLSEC_SIZE_BAD_CAST:
* @val: the value to cast
*
- * Bad cast to xmlSecSize
+ * Bad cast to xmlSecSize. This macro is deprecated and will be removed in the future
+ * versions of LibXMLSec.
*/
#define XMLSEC_SIZE_BAD_CAST(val) ((xmlSecSize)(val))
XMLSEC_EXPORT int xmlSecShutdown (void);
XMLSEC_EXPORT const xmlChar * xmlSecGetDefaultCrypto (void);
XMLSEC_EXPORT void xmlSecSetExternalEntityLoader (xmlExternalEntityLoader);
+XMLSEC_EXPORT xmlSecSize xmlSecStrlen (const xmlChar * str);
/**
* XMLSEC_CRYPTO:
/*
* XMLSEC_DEPRECATED function definition
*/
-#if !defined(IN_XMLSEC)
-#ifdef __GNUC__
+#if !defined(IN_XMLSEC) && !defined(IN_XMLSEC_CRYPTO)
+#if defined(__GNUC__)
+#define XMLSEC_DEPRECATED __attribute__((deprecated))
+#elif defined(__clang__)
#define XMLSEC_DEPRECATED __attribute__((deprecated))
#elif defined(_MSC_VER)
#define XMLSEC_DEPRECATED __declspec(deprecated)
#else /* defined(_MSC_VER) */
-#pragma message("WARNING: You need to implement XMLSEC_DEPRECATED for this compiler")
+#warning "WARNING: You need to implement XMLSEC_DEPRECATED for this compiler"
#define XMLSEC_DEPRECATED
#endif /* defined(_MSC_VER) */
-#else /* !defined(IN_XMLSEC) */
+#else /* !defined(IN_XMLSEC) && !defined(IN_XMLSEC_CRYPTO) */
#define XMLSEC_DEPRECATED
-#endif /* !defined(IN_XMLSEC) */
+#endif /* !defined(IN_XMLSEC) && !defined(IN_XMLSEC_CRYPTO) */
/***********************************************************************
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_TREE_H__
#define __XMLSEC_TREE_H__
#include <libxml/tree.h>
#include <libxml/xpath.h>
+
+#include <xmlsec/exports.h>
#include <xmlsec/xmlsec.h>
-#ifdef WIN32
+
+#if defined(XMLSEC_WINDOWS)
#include <windows.h>
-#endif /* WIN32 */
+#endif /* defined(XMLSEC_WINDOWS) */
#ifdef __cplusplus
extern "C" {
#define xmlSecNodeGetName(node) \
(((node)) ? ((const char*)((node)->name)) : NULL)
-XMLSEC_EXPORT const xmlChar* xmlSecGetDefaultLineFeed(void);
-XMLSEC_EXPORT void xmlSecSetDefaultLineFeed(const xmlChar *linefeed);
+XMLSEC_EXPORT const xmlChar* xmlSecGetDefaultLineFeed(void);
+XMLSEC_EXPORT void xmlSecSetDefaultLineFeed(const xmlChar *linefeed);
XMLSEC_EXPORT const xmlChar* xmlSecGetNodeNsHref (const xmlNodePtr cur);
+XMLSEC_EXPORT int xmlSecGetNodeContentAsSize(const xmlNodePtr cur,
+ xmlSecSize defValue,
+ xmlSecSize* res);
XMLSEC_EXPORT int xmlSecCheckNodeName (const xmlNodePtr cur,
const xmlChar *name,
const xmlChar *ns);
* Macro. Returns the hex value of the @c.
*/
#define xmlSecGetHex(c) \
- ( (('0' <= (c)) && ((c) <= '9')) ? (c) - '0' : \
- ( (('a' <= (c)) && ((c) <= 'f')) ? (c) - 'a' + 10 : \
- ( (('A' <= (c)) && ((c) <= 'F')) ? (c) - 'A' + 10 : 0 )))
+ ( (('0' <= (c)) && ((c) <= '9')) ? (c) - '0' : \
+ ( (('a' <= (c)) && ((c) <= 'f')) ? (c) - 'a' + 10 : \
+ ( (('A' <= (c)) && ((c) <= 'F')) ? (c) - 'A' + 10 : 0 )))
/*************************************************************************
*
* Windows string conversions
*
************************************************************************/
-#ifdef WIN32
+#if defined(XMLSEC_WINDOWS)
XMLSEC_EXPORT LPWSTR xmlSecWin32ConvertLocaleToUnicode(const char* str);
XMLSEC_EXPORT LPWSTR xmlSecWin32ConvertUtf8ToUnicode (const xmlChar* str);
XMLSEC_EXPORT xmlChar* xmlSecWin32ConvertTstrToUtf8 (LPCTSTR str);
XMLSEC_EXPORT LPTSTR xmlSecWin32ConvertUtf8ToTstr (const xmlChar* str);
-
-
-#endif /* WIN32 */
+#endif /* defined(XMLSEC_WINDOWS) */
#ifdef __cplusplus
--- /dev/null
+#!/bin/sh
+# install - install a program, script, or datafile
+
+scriptversion=2020-11-14.01; # UTC
+
+# This originates from X11R5 (mit/util/scripts/install.sh), which was
+# later released in X11R6 (xc/config/util/install.sh) with the
+# following copyright and license.
+#
+# Copyright (C) 1994 X Consortium
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
+# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+# Except as contained in this notice, the name of the X Consortium shall not
+# be used in advertising or otherwise to promote the sale, use or other deal-
+# ings in this Software without prior written authorization from the X Consor-
+# tium.
+#
+#
+# FSF changes to this file are in the public domain.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# 'make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.
+
+tab=' '
+nl='
+'
+IFS=" $tab$nl"
+
+# Set DOITPROG to "echo" to test this script.
+
+doit=${DOITPROG-}
+doit_exec=${doit:-exec}
+
+# Put in absolute file names if you don't have them in your path;
+# or use environment vars.
+
+chgrpprog=${CHGRPPROG-chgrp}
+chmodprog=${CHMODPROG-chmod}
+chownprog=${CHOWNPROG-chown}
+cmpprog=${CMPPROG-cmp}
+cpprog=${CPPROG-cp}
+mkdirprog=${MKDIRPROG-mkdir}
+mvprog=${MVPROG-mv}
+rmprog=${RMPROG-rm}
+stripprog=${STRIPPROG-strip}
+
+posix_mkdir=
+
+# Desired mode of installed file.
+mode=0755
+
+# Create dirs (including intermediate dirs) using mode 755.
+# This is like GNU 'install' as of coreutils 8.32 (2020).
+mkdir_umask=22
+
+backupsuffix=
+chgrpcmd=
+chmodcmd=$chmodprog
+chowncmd=
+mvcmd=$mvprog
+rmcmd="$rmprog -f"
+stripcmd=
+
+src=
+dst=
+dir_arg=
+dst_arg=
+
+copy_on_change=false
+is_target_a_directory=possibly
+
+usage="\
+Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
+ or: $0 [OPTION]... SRCFILES... DIRECTORY
+ or: $0 [OPTION]... -t DIRECTORY SRCFILES...
+ or: $0 [OPTION]... -d DIRECTORIES...
+
+In the 1st form, copy SRCFILE to DSTFILE.
+In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
+In the 4th, create DIRECTORIES.
+
+Options:
+ --help display this help and exit.
+ --version display version info and exit.
+
+ -c (ignored)
+ -C install only if different (preserve data modification time)
+ -d create directories instead of installing files.
+ -g GROUP $chgrpprog installed files to GROUP.
+ -m MODE $chmodprog installed files to MODE.
+ -o USER $chownprog installed files to USER.
+ -p pass -p to $cpprog.
+ -s $stripprog installed files.
+ -S SUFFIX attempt to back up existing files, with suffix SUFFIX.
+ -t DIRECTORY install into DIRECTORY.
+ -T report an error if DSTFILE is a directory.
+
+Environment variables override the default commands:
+ CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
+ RMPROG STRIPPROG
+
+By default, rm is invoked with -f; when overridden with RMPROG,
+it's up to you to specify -f if you want it.
+
+If -S is not specified, no backups are attempted.
+
+Email bug reports to bug-automake@gnu.org.
+Automake home page: https://www.gnu.org/software/automake/
+"
+
+while test $# -ne 0; do
+ case $1 in
+ -c) ;;
+
+ -C) copy_on_change=true;;
+
+ -d) dir_arg=true;;
+
+ -g) chgrpcmd="$chgrpprog $2"
+ shift;;
+
+ --help) echo "$usage"; exit $?;;
+
+ -m) mode=$2
+ case $mode in
+ *' '* | *"$tab"* | *"$nl"* | *'*'* | *'?'* | *'['*)
+ echo "$0: invalid mode: $mode" >&2
+ exit 1;;
+ esac
+ shift;;
+
+ -o) chowncmd="$chownprog $2"
+ shift;;
+
+ -p) cpprog="$cpprog -p";;
+
+ -s) stripcmd=$stripprog;;
+
+ -S) backupsuffix="$2"
+ shift;;
+
+ -t)
+ is_target_a_directory=always
+ dst_arg=$2
+ # Protect names problematic for 'test' and other utilities.
+ case $dst_arg in
+ -* | [=\(\)!]) dst_arg=./$dst_arg;;
+ esac
+ shift;;
+
+ -T) is_target_a_directory=never;;
+
+ --version) echo "$0 $scriptversion"; exit $?;;
+
+ --) shift
+ break;;
+
+ -*) echo "$0: invalid option: $1" >&2
+ exit 1;;
+
+ *) break;;
+ esac
+ shift
+done
+
+# We allow the use of options -d and -T together, by making -d
+# take the precedence; this is for compatibility with GNU install.
+
+if test -n "$dir_arg"; then
+ if test -n "$dst_arg"; then
+ echo "$0: target directory not allowed when installing a directory." >&2
+ exit 1
+ fi
+fi
+
+if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
+ # When -d is used, all remaining arguments are directories to create.
+ # When -t is used, the destination is already specified.
+ # Otherwise, the last argument is the destination. Remove it from $@.
+ for arg
+ do
+ if test -n "$dst_arg"; then
+ # $@ is not empty: it contains at least $arg.
+ set fnord "$@" "$dst_arg"
+ shift # fnord
+ fi
+ shift # arg
+ dst_arg=$arg
+ # Protect names problematic for 'test' and other utilities.
+ case $dst_arg in
+ -* | [=\(\)!]) dst_arg=./$dst_arg;;
+ esac
+ done
+fi
+
+if test $# -eq 0; then
+ if test -z "$dir_arg"; then
+ echo "$0: no input file specified." >&2
+ exit 1
+ fi
+ # It's OK to call 'install-sh -d' without argument.
+ # This can happen when creating conditional directories.
+ exit 0
+fi
+
+if test -z "$dir_arg"; then
+ if test $# -gt 1 || test "$is_target_a_directory" = always; then
+ if test ! -d "$dst_arg"; then
+ echo "$0: $dst_arg: Is not a directory." >&2
+ exit 1
+ fi
+ fi
+fi
+
+if test -z "$dir_arg"; then
+ do_exit='(exit $ret); exit $ret'
+ trap "ret=129; $do_exit" 1
+ trap "ret=130; $do_exit" 2
+ trap "ret=141; $do_exit" 13
+ trap "ret=143; $do_exit" 15
+
+ # Set umask so as not to create temps with too-generous modes.
+ # However, 'strip' requires both read and write access to temps.
+ case $mode in
+ # Optimize common cases.
+ *644) cp_umask=133;;
+ *755) cp_umask=22;;
+
+ *[0-7])
+ if test -z "$stripcmd"; then
+ u_plus_rw=
+ else
+ u_plus_rw='% 200'
+ fi
+ cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
+ *)
+ if test -z "$stripcmd"; then
+ u_plus_rw=
+ else
+ u_plus_rw=,u+rw
+ fi
+ cp_umask=$mode$u_plus_rw;;
+ esac
+fi
+
+for src
+do
+ # Protect names problematic for 'test' and other utilities.
+ case $src in
+ -* | [=\(\)!]) src=./$src;;
+ esac
+
+ if test -n "$dir_arg"; then
+ dst=$src
+ dstdir=$dst
+ test -d "$dstdir"
+ dstdir_status=$?
+ # Don't chown directories that already exist.
+ if test $dstdir_status = 0; then
+ chowncmd=""
+ fi
+ else
+
+ # Waiting for this to be detected by the "$cpprog $src $dsttmp" command
+ # might cause directories to be created, which would be especially bad
+ # if $src (and thus $dsttmp) contains '*'.
+ if test ! -f "$src" && test ! -d "$src"; then
+ echo "$0: $src does not exist." >&2
+ exit 1
+ fi
+
+ if test -z "$dst_arg"; then
+ echo "$0: no destination specified." >&2
+ exit 1
+ fi
+ dst=$dst_arg
+
+ # If destination is a directory, append the input filename.
+ if test -d "$dst"; then
+ if test "$is_target_a_directory" = never; then
+ echo "$0: $dst_arg: Is a directory" >&2
+ exit 1
+ fi
+ dstdir=$dst
+ dstbase=`basename "$src"`
+ case $dst in
+ */) dst=$dst$dstbase;;
+ *) dst=$dst/$dstbase;;
+ esac
+ dstdir_status=0
+ else
+ dstdir=`dirname "$dst"`
+ test -d "$dstdir"
+ dstdir_status=$?
+ fi
+ fi
+
+ case $dstdir in
+ */) dstdirslash=$dstdir;;
+ *) dstdirslash=$dstdir/;;
+ esac
+
+ obsolete_mkdir_used=false
+
+ if test $dstdir_status != 0; then
+ case $posix_mkdir in
+ '')
+ # With -d, create the new directory with the user-specified mode.
+ # Otherwise, rely on $mkdir_umask.
+ if test -n "$dir_arg"; then
+ mkdir_mode=-m$mode
+ else
+ mkdir_mode=
+ fi
+
+ posix_mkdir=false
+ # The $RANDOM variable is not portable (e.g., dash). Use it
+ # here however when possible just to lower collision chance.
+ tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
+
+ trap '
+ ret=$?
+ rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null
+ exit $ret
+ ' 0
+
+ # Because "mkdir -p" follows existing symlinks and we likely work
+ # directly in world-writeable /tmp, make sure that the '$tmpdir'
+ # directory is successfully created first before we actually test
+ # 'mkdir -p'.
+ if (umask $mkdir_umask &&
+ $mkdirprog $mkdir_mode "$tmpdir" &&
+ exec $mkdirprog $mkdir_mode -p -- "$tmpdir/a/b") >/dev/null 2>&1
+ then
+ if test -z "$dir_arg" || {
+ # Check for POSIX incompatibilities with -m.
+ # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
+ # other-writable bit of parent directory when it shouldn't.
+ # FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
+ test_tmpdir="$tmpdir/a"
+ ls_ld_tmpdir=`ls -ld "$test_tmpdir"`
+ case $ls_ld_tmpdir in
+ d????-?r-*) different_mode=700;;
+ d????-?--*) different_mode=755;;
+ *) false;;
+ esac &&
+ $mkdirprog -m$different_mode -p -- "$test_tmpdir" && {
+ ls_ld_tmpdir_1=`ls -ld "$test_tmpdir"`
+ test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
+ }
+ }
+ then posix_mkdir=:
+ fi
+ rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir"
+ else
+ # Remove any dirs left behind by ancient mkdir implementations.
+ rmdir ./$mkdir_mode ./-p ./-- "$tmpdir" 2>/dev/null
+ fi
+ trap '' 0;;
+ esac
+
+ if
+ $posix_mkdir && (
+ umask $mkdir_umask &&
+ $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
+ )
+ then :
+ else
+
+ # mkdir does not conform to POSIX,
+ # or it failed possibly due to a race condition. Create the
+ # directory the slow way, step by step, checking for races as we go.
+
+ case $dstdir in
+ /*) prefix='/';;
+ [-=\(\)!]*) prefix='./';;
+ *) prefix='';;
+ esac
+
+ oIFS=$IFS
+ IFS=/
+ set -f
+ set fnord $dstdir
+ shift
+ set +f
+ IFS=$oIFS
+
+ prefixes=
+
+ for d
+ do
+ test X"$d" = X && continue
+
+ prefix=$prefix$d
+ if test -d "$prefix"; then
+ prefixes=
+ else
+ if $posix_mkdir; then
+ (umask $mkdir_umask &&
+ $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
+ # Don't fail if two instances are running concurrently.
+ test -d "$prefix" || exit 1
+ else
+ case $prefix in
+ *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
+ *) qprefix=$prefix;;
+ esac
+ prefixes="$prefixes '$qprefix'"
+ fi
+ fi
+ prefix=$prefix/
+ done
+
+ if test -n "$prefixes"; then
+ # Don't fail if two instances are running concurrently.
+ (umask $mkdir_umask &&
+ eval "\$doit_exec \$mkdirprog $prefixes") ||
+ test -d "$dstdir" || exit 1
+ obsolete_mkdir_used=true
+ fi
+ fi
+ fi
+
+ if test -n "$dir_arg"; then
+ { test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
+ { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
+ { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
+ test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
+ else
+
+ # Make a couple of temp file names in the proper directory.
+ dsttmp=${dstdirslash}_inst.$$_
+ rmtmp=${dstdirslash}_rm.$$_
+
+ # Trap to clean up those temp files at exit.
+ trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
+
+ # Copy the file name to the temp name.
+ (umask $cp_umask &&
+ { test -z "$stripcmd" || {
+ # Create $dsttmp read-write so that cp doesn't create it read-only,
+ # which would cause strip to fail.
+ if test -z "$doit"; then
+ : >"$dsttmp" # No need to fork-exec 'touch'.
+ else
+ $doit touch "$dsttmp"
+ fi
+ }
+ } &&
+ $doit_exec $cpprog "$src" "$dsttmp") &&
+
+ # and set any options; do chmod last to preserve setuid bits.
+ #
+ # If any of these fail, we abort the whole thing. If we want to
+ # ignore errors from any of these, just make sure not to ignore
+ # errors from the above "$doit $cpprog $src $dsttmp" command.
+ #
+ { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
+ { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
+ { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
+ { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
+
+ # If -C, don't bother to copy if it wouldn't change the file.
+ if $copy_on_change &&
+ old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
+ new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
+ set -f &&
+ set X $old && old=:$2:$4:$5:$6 &&
+ set X $new && new=:$2:$4:$5:$6 &&
+ set +f &&
+ test "$old" = "$new" &&
+ $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
+ then
+ rm -f "$dsttmp"
+ else
+ # If $backupsuffix is set, and the file being installed
+ # already exists, attempt a backup. Don't worry if it fails,
+ # e.g., if mv doesn't support -f.
+ if test -n "$backupsuffix" && test -f "$dst"; then
+ $doit $mvcmd -f "$dst" "$dst$backupsuffix" 2>/dev/null
+ fi
+
+ # Rename the file to the real destination.
+ $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
+
+ # The rename failed, perhaps because mv can't rename something else
+ # to itself, or perhaps because mv is so ancient that it does not
+ # support -f.
+ {
+ # Now remove or move aside any old file at destination location.
+ # We try this two ways since rm can't unlink itself on some
+ # systems and the destination file might be busy for other
+ # reasons. In this case, the final cleanup might fail but the new
+ # file should still install successfully.
+ {
+ test ! -f "$dst" ||
+ $doit $rmcmd "$dst" 2>/dev/null ||
+ { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
+ { $doit $rmcmd "$rmtmp" 2>/dev/null; :; }
+ } ||
+ { echo "$0: cannot unlink or rename $dst" >&2
+ (exit 1); exit 1
+ }
+ } &&
+
+ # Now rename the file to the real destination.
+ $doit $mvcmd "$dsttmp" "$dst"
+ }
+ fi || exit 1
+
+ trap '' 0
+ fi
+done
+
+# Local variables:
+# eval: (add-hook 'before-save-hook 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC0"
+# time-stamp-end: "; # UTC"
+# End:
--- /dev/null
+#! /usr/bin/env sh
+## DO NOT EDIT - This file generated from ./build-aux/ltmain.in
+## by inline-source v2019-02-19.15
+
+# libtool (GNU libtool) 2.4.7
+# Provide generalized library-building support services.
+# Written by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996
+
+# Copyright (C) 1996-2019, 2021-2022 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions. There is NO
+# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+# GNU Libtool is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# As a special exception to the GNU General Public License,
+# if you distribute this file as part of a program or library that
+# is built using GNU Libtool, you may include this file under the
+# same distribution terms that you use for the rest of that program.
+#
+# GNU Libtool is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+
+PROGRAM=libtool
+PACKAGE=libtool
+VERSION="2.4.7 Debian-2.4.7-7"
+package_revision=2.4.7
+
+
+## ------ ##
+## Usage. ##
+## ------ ##
+
+# Run './libtool --help' for help with using this script from the
+# command line.
+
+
+## ------------------------------- ##
+## User overridable command paths. ##
+## ------------------------------- ##
+
+# After configure completes, it has a better idea of some of the
+# shell tools we need than the defaults used by the functions shared
+# with bootstrap, so set those here where they can still be over-
+# ridden by the user, but otherwise take precedence.
+
+: ${AUTOCONF="autoconf"}
+: ${AUTOMAKE="automake"}
+
+
+## -------------------------- ##
+## Source external libraries. ##
+## -------------------------- ##
+
+# Much of our low-level functionality needs to be sourced from external
+# libraries, which are installed to $pkgauxdir.
+
+# Set a version string for this script.
+scriptversion=2019-02-19.15; # UTC
+
+# General shell script boiler plate, and helper functions.
+# Written by Gary V. Vaughan, 2004
+
+# This is free software. There is NO warranty; not even for
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+#
+# Copyright (C) 2004-2019, 2021 Bootstrap Authors
+#
+# This file is dual licensed under the terms of the MIT license
+# <https://opensource.org/license/MIT>, and GPL version 2 or later
+# <http://www.gnu.org/licenses/gpl-2.0.html>. You must apply one of
+# these licenses when using or redistributing this software or any of
+# the files within it. See the URLs above, or the file `LICENSE`
+# included in the Bootstrap distribution for the full license texts.
+
+# Please report bugs or propose patches to:
+# <https://github.com/gnulib-modules/bootstrap/issues>
+
+
+## ------ ##
+## Usage. ##
+## ------ ##
+
+# Evaluate this file near the top of your script to gain access to
+# the functions and variables defined here:
+#
+# . `echo "$0" | ${SED-sed} 's|[^/]*$||'`/build-aux/funclib.sh
+#
+# If you need to override any of the default environment variable
+# settings, do that before evaluating this file.
+
+
+## -------------------- ##
+## Shell normalisation. ##
+## -------------------- ##
+
+# Some shells need a little help to be as Bourne compatible as possible.
+# Before doing anything else, make sure all that help has been provided!
+
+DUALCASE=1; export DUALCASE # for MKS sh
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
+ emulate sh
+ NULLCMD=:
+ # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '${1+"$@"}'='"$@"'
+ setopt NO_GLOB_SUBST
+else
+ case `(set -o) 2>/dev/null` in *posix*) set -o posix ;; esac
+fi
+
+# NLS nuisances: We save the old values in case they are required later.
+_G_user_locale=
+_G_safe_locale=
+for _G_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
+do
+ eval "if test set = \"\${$_G_var+set}\"; then
+ save_$_G_var=\$$_G_var
+ $_G_var=C
+ export $_G_var
+ _G_user_locale=\"$_G_var=\\\$save_\$_G_var; \$_G_user_locale\"
+ _G_safe_locale=\"$_G_var=C; \$_G_safe_locale\"
+ fi"
+done
+# These NLS vars are set unconditionally (bootstrap issue #24). Unset those
+# in case the environment reset is needed later and the $save_* variant is not
+# defined (see the code above).
+LC_ALL=C
+LANGUAGE=C
+export LANGUAGE LC_ALL
+
+# Make sure IFS has a sensible default
+sp=' '
+nl='
+'
+IFS="$sp $nl"
+
+# There are apparently some retarded systems that use ';' as a PATH separator!
+if test "${PATH_SEPARATOR+set}" != set; then
+ PATH_SEPARATOR=:
+ (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+ (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+ PATH_SEPARATOR=';'
+ }
+fi
+
+
+# func_unset VAR
+# --------------
+# Portably unset VAR.
+# In some shells, an 'unset VAR' statement leaves a non-zero return
+# status if VAR is already unset, which might be problematic if the
+# statement is used at the end of a function (thus poisoning its return
+# value) or when 'set -e' is active (causing even a spurious abort of
+# the script in this case).
+func_unset ()
+{
+ { eval $1=; (eval unset $1) >/dev/null 2>&1 && eval unset $1 || : ; }
+}
+
+
+# Make sure CDPATH doesn't cause `cd` commands to output the target dir.
+func_unset CDPATH
+
+# Make sure ${,E,F}GREP behave sanely.
+func_unset GREP_OPTIONS
+
+
+## ------------------------- ##
+## Locate command utilities. ##
+## ------------------------- ##
+
+
+# func_executable_p FILE
+# ----------------------
+# Check that FILE is an executable regular file.
+func_executable_p ()
+{
+ test -f "$1" && test -x "$1"
+}
+
+
+# func_path_progs PROGS_LIST CHECK_FUNC [PATH]
+# --------------------------------------------
+# Search for either a program that responds to --version with output
+# containing "GNU", or else returned by CHECK_FUNC otherwise, by
+# trying all the directories in PATH with each of the elements of
+# PROGS_LIST.
+#
+# CHECK_FUNC should accept the path to a candidate program, and
+# set $func_check_prog_result if it truncates its output less than
+# $_G_path_prog_max characters.
+func_path_progs ()
+{
+ _G_progs_list=$1
+ _G_check_func=$2
+ _G_PATH=${3-"$PATH"}
+
+ _G_path_prog_max=0
+ _G_path_prog_found=false
+ _G_save_IFS=$IFS; IFS=${PATH_SEPARATOR-:}
+ for _G_dir in $_G_PATH; do
+ IFS=$_G_save_IFS
+ test -z "$_G_dir" && _G_dir=.
+ for _G_prog_name in $_G_progs_list; do
+ for _exeext in '' .EXE; do
+ _G_path_prog=$_G_dir/$_G_prog_name$_exeext
+ func_executable_p "$_G_path_prog" || continue
+ case `"$_G_path_prog" --version 2>&1` in
+ *GNU*) func_path_progs_result=$_G_path_prog _G_path_prog_found=: ;;
+ *) $_G_check_func $_G_path_prog
+ func_path_progs_result=$func_check_prog_result
+ ;;
+ esac
+ $_G_path_prog_found && break 3
+ done
+ done
+ done
+ IFS=$_G_save_IFS
+ test -z "$func_path_progs_result" && {
+ echo "no acceptable sed could be found in \$PATH" >&2
+ exit 1
+ }
+}
+
+
+# We want to be able to use the functions in this file before configure
+# has figured out where the best binaries are kept, which means we have
+# to search for them ourselves - except when the results are already set
+# where we skip the searches.
+
+# Unless the user overrides by setting SED, search the path for either GNU
+# sed, or the sed that truncates its output the least.
+test -z "$SED" && {
+ _G_sed_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/
+ for _G_i in 1 2 3 4 5 6 7; do
+ _G_sed_script=$_G_sed_script$nl$_G_sed_script
+ done
+ echo "$_G_sed_script" 2>/dev/null | sed 99q >conftest.sed
+ _G_sed_script=
+
+ func_check_prog_sed ()
+ {
+ _G_path_prog=$1
+
+ _G_count=0
+ printf 0123456789 >conftest.in
+ while :
+ do
+ cat conftest.in conftest.in >conftest.tmp
+ mv conftest.tmp conftest.in
+ cp conftest.in conftest.nl
+ echo '' >> conftest.nl
+ "$_G_path_prog" -f conftest.sed <conftest.nl >conftest.out 2>/dev/null || break
+ diff conftest.out conftest.nl >/dev/null 2>&1 || break
+ _G_count=`expr $_G_count + 1`
+ if test "$_G_count" -gt "$_G_path_prog_max"; then
+ # Best one so far, save it but keep looking for a better one
+ func_check_prog_result=$_G_path_prog
+ _G_path_prog_max=$_G_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test 10 -lt "$_G_count" && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out
+ }
+
+ func_path_progs "sed gsed" func_check_prog_sed "$PATH:/usr/xpg4/bin"
+ rm -f conftest.sed
+ SED=$func_path_progs_result
+}
+
+
+# Unless the user overrides by setting GREP, search the path for either GNU
+# grep, or the grep that truncates its output the least.
+test -z "$GREP" && {
+ func_check_prog_grep ()
+ {
+ _G_path_prog=$1
+
+ _G_count=0
+ _G_path_prog_max=0
+ printf 0123456789 >conftest.in
+ while :
+ do
+ cat conftest.in conftest.in >conftest.tmp
+ mv conftest.tmp conftest.in
+ cp conftest.in conftest.nl
+ echo 'GREP' >> conftest.nl
+ "$_G_path_prog" -e 'GREP$' -e '-(cannot match)-' <conftest.nl >conftest.out 2>/dev/null || break
+ diff conftest.out conftest.nl >/dev/null 2>&1 || break
+ _G_count=`expr $_G_count + 1`
+ if test "$_G_count" -gt "$_G_path_prog_max"; then
+ # Best one so far, save it but keep looking for a better one
+ func_check_prog_result=$_G_path_prog
+ _G_path_prog_max=$_G_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test 10 -lt "$_G_count" && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out
+ }
+
+ func_path_progs "grep ggrep" func_check_prog_grep "$PATH:/usr/xpg4/bin"
+ GREP=$func_path_progs_result
+}
+
+
+## ------------------------------- ##
+## User overridable command paths. ##
+## ------------------------------- ##
+
+# All uppercase variable names are used for environment variables. These
+# variables can be overridden by the user before calling a script that
+# uses them if a suitable command of that name is not already available
+# in the command search PATH.
+
+: ${CP="cp -f"}
+: ${ECHO="printf %s\n"}
+: ${EGREP="$GREP -E"}
+: ${FGREP="$GREP -F"}
+: ${LN_S="ln -s"}
+: ${MAKE="make"}
+: ${MKDIR="mkdir"}
+: ${MV="mv -f"}
+: ${RM="rm -f"}
+: ${SHELL="${CONFIG_SHELL-/bin/sh}"}
+
+
+## -------------------- ##
+## Useful sed snippets. ##
+## -------------------- ##
+
+sed_dirname='s|/[^/]*$||'
+sed_basename='s|^.*/||'
+
+# Sed substitution that helps us do robust quoting. It backslashifies
+# metacharacters that are still active within double-quoted strings.
+sed_quote_subst='s|\([`"$\\]\)|\\\1|g'
+
+# Same as above, but do not quote variable references.
+sed_double_quote_subst='s/\(["`\\]\)/\\\1/g'
+
+# Sed substitution that turns a string into a regex matching for the
+# string literally.
+sed_make_literal_regex='s|[].[^$\\*\/]|\\&|g'
+
+# Sed substitution that converts a w32 file name or path
+# that contains forward slashes, into one that contains
+# (escaped) backslashes. A very naive implementation.
+sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g'
+
+# Re-'\' parameter expansions in output of sed_double_quote_subst that
+# were '\'-ed in input to the same. If an odd number of '\' preceded a
+# '$' in input to sed_double_quote_subst, that '$' was protected from
+# expansion. Since each input '\' is now two '\'s, look for any number
+# of runs of four '\'s followed by two '\'s and then a '$'. '\' that '$'.
+_G_bs='\\'
+_G_bs2='\\\\'
+_G_bs4='\\\\\\\\'
+_G_dollar='\$'
+sed_double_backslash="\
+ s/$_G_bs4/&\\
+/g
+ s/^$_G_bs2$_G_dollar/$_G_bs&/
+ s/\\([^$_G_bs]\\)$_G_bs2$_G_dollar/\\1$_G_bs2$_G_bs$_G_dollar/g
+ s/\n//g"
+
+# require_check_ifs_backslash
+# ---------------------------
+# Check if we can use backslash as IFS='\' separator, and set
+# $check_ifs_backshlash_broken to ':' or 'false'.
+require_check_ifs_backslash=func_require_check_ifs_backslash
+func_require_check_ifs_backslash ()
+{
+ _G_save_IFS=$IFS
+ IFS='\'
+ _G_check_ifs_backshlash='a\\b'
+ for _G_i in $_G_check_ifs_backshlash
+ do
+ case $_G_i in
+ a)
+ check_ifs_backshlash_broken=false
+ ;;
+ '')
+ break
+ ;;
+ *)
+ check_ifs_backshlash_broken=:
+ break
+ ;;
+ esac
+ done
+ IFS=$_G_save_IFS
+ require_check_ifs_backslash=:
+}
+
+
+## ----------------- ##
+## Global variables. ##
+## ----------------- ##
+
+# Except for the global variables explicitly listed below, the following
+# functions in the '^func_' namespace, and the '^require_' namespace
+# variables initialised in the 'Resource management' section, sourcing
+# this file will not pollute your global namespace with anything
+# else. There's no portable way to scope variables in Bourne shell
+# though, so actually running these functions will sometimes place
+# results into a variable named after the function, and often use
+# temporary variables in the '^_G_' namespace. If you are careful to
+# avoid using those namespaces casually in your sourcing script, things
+# should continue to work as you expect. And, of course, you can freely
+# overwrite any of the functions or variables defined here before
+# calling anything to customize them.
+
+EXIT_SUCCESS=0
+EXIT_FAILURE=1
+EXIT_MISMATCH=63 # $? = 63 is used to indicate version mismatch to missing.
+EXIT_SKIP=77 # $? = 77 is used to indicate a skipped test to automake.
+
+# Allow overriding, eg assuming that you follow the convention of
+# putting '$debug_cmd' at the start of all your functions, you can get
+# bash to show function call trace with:
+#
+# debug_cmd='echo "${FUNCNAME[0]} $*" >&2' bash your-script-name
+debug_cmd=${debug_cmd-":"}
+exit_cmd=:
+
+# By convention, finish your script with:
+#
+# exit $exit_status
+#
+# so that you can set exit_status to non-zero if you want to indicate
+# something went wrong during execution without actually bailing out at
+# the point of failure.
+exit_status=$EXIT_SUCCESS
+
+# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh
+# is ksh but when the shell is invoked as "sh" and the current value of
+# the _XPG environment variable is not equal to 1 (one), the special
+# positional parameter $0, within a function call, is the name of the
+# function.
+progpath=$0
+
+# The name of this program.
+progname=`$ECHO "$progpath" |$SED "$sed_basename"`
+
+# Make sure we have an absolute progpath for reexecution:
+case $progpath in
+ [\\/]*|[A-Za-z]:\\*) ;;
+ *[\\/]*)
+ progdir=`$ECHO "$progpath" |$SED "$sed_dirname"`
+ progdir=`cd "$progdir" && pwd`
+ progpath=$progdir/$progname
+ ;;
+ *)
+ _G_IFS=$IFS
+ IFS=${PATH_SEPARATOR-:}
+ for progdir in $PATH; do
+ IFS=$_G_IFS
+ test -x "$progdir/$progname" && break
+ done
+ IFS=$_G_IFS
+ test -n "$progdir" || progdir=`pwd`
+ progpath=$progdir/$progname
+ ;;
+esac
+
+
+## ----------------- ##
+## Standard options. ##
+## ----------------- ##
+
+# The following options affect the operation of the functions defined
+# below, and should be set appropriately depending on run-time para-
+# meters passed on the command line.
+
+opt_dry_run=false
+opt_quiet=false
+opt_verbose=false
+
+# Categories 'all' and 'none' are always available. Append any others
+# you will pass as the first argument to func_warning from your own
+# code.
+warning_categories=
+
+# By default, display warnings according to 'opt_warning_types'. Set
+# 'warning_func' to ':' to elide all warnings, or func_fatal_error to
+# treat the next displayed warning as a fatal error.
+warning_func=func_warn_and_continue
+
+# Set to 'all' to display all warnings, 'none' to suppress all
+# warnings, or a space delimited list of some subset of
+# 'warning_categories' to display only the listed warnings.
+opt_warning_types=all
+
+
+## -------------------- ##
+## Resource management. ##
+## -------------------- ##
+
+# This section contains definitions for functions that each ensure a
+# particular resource (a file, or a non-empty configuration variable for
+# example) is available, and if appropriate to extract default values
+# from pertinent package files. Call them using their associated
+# 'require_*' variable to ensure that they are executed, at most, once.
+#
+# It's entirely deliberate that calling these functions can set
+# variables that don't obey the namespace limitations obeyed by the rest
+# of this file, in order that that they be as useful as possible to
+# callers.
+
+
+# require_term_colors
+# -------------------
+# Allow display of bold text on terminals that support it.
+require_term_colors=func_require_term_colors
+func_require_term_colors ()
+{
+ $debug_cmd
+
+ test -t 1 && {
+ # COLORTERM and USE_ANSI_COLORS environment variables take
+ # precedence, because most terminfo databases neglect to describe
+ # whether color sequences are supported.
+ test -n "${COLORTERM+set}" && : ${USE_ANSI_COLORS="1"}
+
+ if test 1 = "$USE_ANSI_COLORS"; then
+ # Standard ANSI escape sequences
+ tc_reset='\e[0m'
+ tc_bold='\e[1m'; tc_standout='\e[7m'
+ tc_red='\e[31m'; tc_green='\e[32m'
+ tc_blue='\e[34m'; tc_cyan='\e[36m'
+ else
+ # Otherwise trust the terminfo database after all.
+ test -n "`tput sgr0 2>/dev/null`" && {
+ tc_reset=`tput sgr0`
+ test -n "`tput bold 2>/dev/null`" && tc_bold=`tput bold`
+ tc_standout=$tc_bold
+ test -n "`tput smso 2>/dev/null`" && tc_standout=`tput smso`
+ test -n "`tput setaf 1 2>/dev/null`" && tc_red=`tput setaf 1`
+ test -n "`tput setaf 2 2>/dev/null`" && tc_green=`tput setaf 2`
+ test -n "`tput setaf 4 2>/dev/null`" && tc_blue=`tput setaf 4`
+ test -n "`tput setaf 5 2>/dev/null`" && tc_cyan=`tput setaf 5`
+ }
+ fi
+ }
+
+ require_term_colors=:
+}
+
+
+## ----------------- ##
+## Function library. ##
+## ----------------- ##
+
+# This section contains a variety of useful functions to call in your
+# scripts. Take note of the portable wrappers for features provided by
+# some modern shells, which will fall back to slower equivalents on
+# less featureful shells.
+
+
+# func_append VAR VALUE
+# ---------------------
+# Append VALUE onto the existing contents of VAR.
+
+ # _G_HAVE_PLUSEQ_OP
+ # Can be empty, in which case the shell is probed, "yes" if += is
+ # useable or anything else if it does not work.
+ if test -z "$_G_HAVE_PLUSEQ_OP" && \
+ __PLUSEQ_TEST="a" && \
+ __PLUSEQ_TEST+=" b" 2>/dev/null && \
+ test "a b" = "$__PLUSEQ_TEST"; then
+ _G_HAVE_PLUSEQ_OP=yes
+ fi
+
+if test yes = "$_G_HAVE_PLUSEQ_OP"
+then
+ # This is an XSI compatible shell, allowing a faster implementation...
+ eval 'func_append ()
+ {
+ $debug_cmd
+
+ eval "$1+=\$2"
+ }'
+else
+ # ...otherwise fall back to using expr, which is often a shell builtin.
+ func_append ()
+ {
+ $debug_cmd
+
+ eval "$1=\$$1\$2"
+ }
+fi
+
+
+# func_append_quoted VAR VALUE
+# ----------------------------
+# Quote VALUE and append to the end of shell variable VAR, separated
+# by a space.
+if test yes = "$_G_HAVE_PLUSEQ_OP"; then
+ eval 'func_append_quoted ()
+ {
+ $debug_cmd
+
+ func_quote_arg pretty "$2"
+ eval "$1+=\\ \$func_quote_arg_result"
+ }'
+else
+ func_append_quoted ()
+ {
+ $debug_cmd
+
+ func_quote_arg pretty "$2"
+ eval "$1=\$$1\\ \$func_quote_arg_result"
+ }
+fi
+
+
+# func_append_uniq VAR VALUE
+# --------------------------
+# Append unique VALUE onto the existing contents of VAR, assuming
+# entries are delimited by the first character of VALUE. For example:
+#
+# func_append_uniq options " --another-option option-argument"
+#
+# will only append to $options if " --another-option option-argument "
+# is not already present somewhere in $options already (note spaces at
+# each end implied by leading space in second argument).
+func_append_uniq ()
+{
+ $debug_cmd
+
+ eval _G_current_value='`$ECHO $'$1'`'
+ _G_delim=`expr "$2" : '\(.\)'`
+
+ case $_G_delim$_G_current_value$_G_delim in
+ *"$2$_G_delim"*) ;;
+ *) func_append "$@" ;;
+ esac
+}
+
+
+# func_arith TERM...
+# ------------------
+# Set func_arith_result to the result of evaluating TERMs.
+ test -z "$_G_HAVE_ARITH_OP" \
+ && (eval 'test 2 = $(( 1 + 1 ))') 2>/dev/null \
+ && _G_HAVE_ARITH_OP=yes
+
+if test yes = "$_G_HAVE_ARITH_OP"; then
+ eval 'func_arith ()
+ {
+ $debug_cmd
+
+ func_arith_result=$(( $* ))
+ }'
+else
+ func_arith ()
+ {
+ $debug_cmd
+
+ func_arith_result=`expr "$@"`
+ }
+fi
+
+
+# func_basename FILE
+# ------------------
+# Set func_basename_result to FILE with everything up to and including
+# the last / stripped.
+if test yes = "$_G_HAVE_XSI_OPS"; then
+ # If this shell supports suffix pattern removal, then use it to avoid
+ # forking. Hide the definitions single quotes in case the shell chokes
+ # on unsupported syntax...
+ _b='func_basename_result=${1##*/}'
+ _d='case $1 in
+ */*) func_dirname_result=${1%/*}$2 ;;
+ * ) func_dirname_result=$3 ;;
+ esac'
+
+else
+ # ...otherwise fall back to using sed.
+ _b='func_basename_result=`$ECHO "$1" |$SED "$sed_basename"`'
+ _d='func_dirname_result=`$ECHO "$1" |$SED "$sed_dirname"`
+ if test "X$func_dirname_result" = "X$1"; then
+ func_dirname_result=$3
+ else
+ func_append func_dirname_result "$2"
+ fi'
+fi
+
+eval 'func_basename ()
+{
+ $debug_cmd
+
+ '"$_b"'
+}'
+
+
+# func_dirname FILE APPEND NONDIR_REPLACEMENT
+# -------------------------------------------
+# Compute the dirname of FILE. If nonempty, add APPEND to the result,
+# otherwise set result to NONDIR_REPLACEMENT.
+eval 'func_dirname ()
+{
+ $debug_cmd
+
+ '"$_d"'
+}'
+
+
+# func_dirname_and_basename FILE APPEND NONDIR_REPLACEMENT
+# --------------------------------------------------------
+# Perform func_basename and func_dirname in a single function
+# call:
+# dirname: Compute the dirname of FILE. If nonempty,
+# add APPEND to the result, otherwise set result
+# to NONDIR_REPLACEMENT.
+# value returned in "$func_dirname_result"
+# basename: Compute filename of FILE.
+# value retuned in "$func_basename_result"
+# For efficiency, we do not delegate to the functions above but instead
+# duplicate the functionality here.
+eval 'func_dirname_and_basename ()
+{
+ $debug_cmd
+
+ '"$_b"'
+ '"$_d"'
+}'
+
+
+# func_echo ARG...
+# ----------------
+# Echo program name prefixed message.
+func_echo ()
+{
+ $debug_cmd
+
+ _G_message=$*
+
+ func_echo_IFS=$IFS
+ IFS=$nl
+ for _G_line in $_G_message; do
+ IFS=$func_echo_IFS
+ $ECHO "$progname: $_G_line"
+ done
+ IFS=$func_echo_IFS
+}
+
+
+# func_echo_all ARG...
+# --------------------
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+ $ECHO "$*"
+}
+
+
+# func_echo_infix_1 INFIX ARG...
+# ------------------------------
+# Echo program name, followed by INFIX on the first line, with any
+# additional lines not showing INFIX.
+func_echo_infix_1 ()
+{
+ $debug_cmd
+
+ $require_term_colors
+
+ _G_infix=$1; shift
+ _G_indent=$_G_infix
+ _G_prefix="$progname: $_G_infix: "
+ _G_message=$*
+
+ # Strip color escape sequences before counting printable length
+ for _G_tc in "$tc_reset" "$tc_bold" "$tc_standout" "$tc_red" "$tc_green" "$tc_blue" "$tc_cyan"
+ do
+ test -n "$_G_tc" && {
+ _G_esc_tc=`$ECHO "$_G_tc" | $SED "$sed_make_literal_regex"`
+ _G_indent=`$ECHO "$_G_indent" | $SED "s|$_G_esc_tc||g"`
+ }
+ done
+ _G_indent="$progname: "`echo "$_G_indent" | $SED 's|.| |g'`" " ## exclude from sc_prohibit_nested_quotes
+
+ func_echo_infix_1_IFS=$IFS
+ IFS=$nl
+ for _G_line in $_G_message; do
+ IFS=$func_echo_infix_1_IFS
+ $ECHO "$_G_prefix$tc_bold$_G_line$tc_reset" >&2
+ _G_prefix=$_G_indent
+ done
+ IFS=$func_echo_infix_1_IFS
+}
+
+
+# func_error ARG...
+# -----------------
+# Echo program name prefixed message to standard error.
+func_error ()
+{
+ $debug_cmd
+
+ $require_term_colors
+
+ func_echo_infix_1 " $tc_standout${tc_red}error$tc_reset" "$*" >&2
+}
+
+
+# func_fatal_error ARG...
+# -----------------------
+# Echo program name prefixed message to standard error, and exit.
+func_fatal_error ()
+{
+ $debug_cmd
+
+ func_error "$*"
+ exit $EXIT_FAILURE
+}
+
+
+# func_grep EXPRESSION FILENAME
+# -----------------------------
+# Check whether EXPRESSION matches any line of FILENAME, without output.
+func_grep ()
+{
+ $debug_cmd
+
+ $GREP "$1" "$2" >/dev/null 2>&1
+}
+
+
+# func_len STRING
+# ---------------
+# Set func_len_result to the length of STRING. STRING may not
+# start with a hyphen.
+ test -z "$_G_HAVE_XSI_OPS" \
+ && (eval 'x=a/b/c;
+ test 5aa/bb/cc = "${#x}${x%%/*}${x%/*}${x#*/}${x##*/}"') 2>/dev/null \
+ && _G_HAVE_XSI_OPS=yes
+
+if test yes = "$_G_HAVE_XSI_OPS"; then
+ eval 'func_len ()
+ {
+ $debug_cmd
+
+ func_len_result=${#1}
+ }'
+else
+ func_len ()
+ {
+ $debug_cmd
+
+ func_len_result=`expr "$1" : ".*" 2>/dev/null || echo $max_cmd_len`
+ }
+fi
+
+
+# func_mkdir_p DIRECTORY-PATH
+# ---------------------------
+# Make sure the entire path to DIRECTORY-PATH is available.
+func_mkdir_p ()
+{
+ $debug_cmd
+
+ _G_directory_path=$1
+ _G_dir_list=
+
+ if test -n "$_G_directory_path" && test : != "$opt_dry_run"; then
+
+ # Protect directory names starting with '-'
+ case $_G_directory_path in
+ -*) _G_directory_path=./$_G_directory_path ;;
+ esac
+
+ # While some portion of DIR does not yet exist...
+ while test ! -d "$_G_directory_path"; do
+ # ...make a list in topmost first order. Use a colon delimited
+ # list incase some portion of path contains whitespace.
+ _G_dir_list=$_G_directory_path:$_G_dir_list
+
+ # If the last portion added has no slash in it, the list is done
+ case $_G_directory_path in */*) ;; *) break ;; esac
+
+ # ...otherwise throw away the child directory and loop
+ _G_directory_path=`$ECHO "$_G_directory_path" | $SED -e "$sed_dirname"`
+ done
+ _G_dir_list=`$ECHO "$_G_dir_list" | $SED 's|:*$||'`
+
+ func_mkdir_p_IFS=$IFS; IFS=:
+ for _G_dir in $_G_dir_list; do
+ IFS=$func_mkdir_p_IFS
+ # mkdir can fail with a 'File exist' error if two processes
+ # try to create one of the directories concurrently. Don't
+ # stop in that case!
+ $MKDIR "$_G_dir" 2>/dev/null || :
+ done
+ IFS=$func_mkdir_p_IFS
+
+ # Bail out if we (or some other process) failed to create a directory.
+ test -d "$_G_directory_path" || \
+ func_fatal_error "Failed to create '$1'"
+ fi
+}
+
+
+# func_mktempdir [BASENAME]
+# -------------------------
+# Make a temporary directory that won't clash with other running
+# libtool processes, and avoids race conditions if possible. If
+# given, BASENAME is the basename for that directory.
+func_mktempdir ()
+{
+ $debug_cmd
+
+ _G_template=${TMPDIR-/tmp}/${1-$progname}
+
+ if test : = "$opt_dry_run"; then
+ # Return a directory name, but don't create it in dry-run mode
+ _G_tmpdir=$_G_template-$$
+ else
+
+ # If mktemp works, use that first and foremost
+ _G_tmpdir=`mktemp -d "$_G_template-XXXXXXXX" 2>/dev/null`
+
+ if test ! -d "$_G_tmpdir"; then
+ # Failing that, at least try and use $RANDOM to avoid a race
+ _G_tmpdir=$_G_template-${RANDOM-0}$$
+
+ func_mktempdir_umask=`umask`
+ umask 0077
+ $MKDIR "$_G_tmpdir"
+ umask $func_mktempdir_umask
+ fi
+
+ # If we're not in dry-run mode, bomb out on failure
+ test -d "$_G_tmpdir" || \
+ func_fatal_error "cannot create temporary directory '$_G_tmpdir'"
+ fi
+
+ $ECHO "$_G_tmpdir"
+}
+
+
+# func_normal_abspath PATH
+# ------------------------
+# Remove doubled-up and trailing slashes, "." path components,
+# and cancel out any ".." path components in PATH after making
+# it an absolute path.
+func_normal_abspath ()
+{
+ $debug_cmd
+
+ # These SED scripts presuppose an absolute path with a trailing slash.
+ _G_pathcar='s|^/\([^/]*\).*$|\1|'
+ _G_pathcdr='s|^/[^/]*||'
+ _G_removedotparts=':dotsl
+ s|/\./|/|g
+ t dotsl
+ s|/\.$|/|'
+ _G_collapseslashes='s|/\{1,\}|/|g'
+ _G_finalslash='s|/*$|/|'
+
+ # Start from root dir and reassemble the path.
+ func_normal_abspath_result=
+ func_normal_abspath_tpath=$1
+ func_normal_abspath_altnamespace=
+ case $func_normal_abspath_tpath in
+ "")
+ # Empty path, that just means $cwd.
+ func_stripname '' '/' "`pwd`"
+ func_normal_abspath_result=$func_stripname_result
+ return
+ ;;
+ # The next three entries are used to spot a run of precisely
+ # two leading slashes without using negated character classes;
+ # we take advantage of case's first-match behaviour.
+ ///*)
+ # Unusual form of absolute path, do nothing.
+ ;;
+ //*)
+ # Not necessarily an ordinary path; POSIX reserves leading '//'
+ # and for example Cygwin uses it to access remote file shares
+ # over CIFS/SMB, so we conserve a leading double slash if found.
+ func_normal_abspath_altnamespace=/
+ ;;
+ /*)
+ # Absolute path, do nothing.
+ ;;
+ *)
+ # Relative path, prepend $cwd.
+ func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath
+ ;;
+ esac
+
+ # Cancel out all the simple stuff to save iterations. We also want
+ # the path to end with a slash for ease of parsing, so make sure
+ # there is one (and only one) here.
+ func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \
+ -e "$_G_removedotparts" -e "$_G_collapseslashes" -e "$_G_finalslash"`
+ while :; do
+ # Processed it all yet?
+ if test / = "$func_normal_abspath_tpath"; then
+ # If we ascended to the root using ".." the result may be empty now.
+ if test -z "$func_normal_abspath_result"; then
+ func_normal_abspath_result=/
+ fi
+ break
+ fi
+ func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \
+ -e "$_G_pathcar"`
+ func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \
+ -e "$_G_pathcdr"`
+ # Figure out what to do with it
+ case $func_normal_abspath_tcomponent in
+ "")
+ # Trailing empty path component, ignore it.
+ ;;
+ ..)
+ # Parent dir; strip last assembled component from result.
+ func_dirname "$func_normal_abspath_result"
+ func_normal_abspath_result=$func_dirname_result
+ ;;
+ *)
+ # Actual path component, append it.
+ func_append func_normal_abspath_result "/$func_normal_abspath_tcomponent"
+ ;;
+ esac
+ done
+ # Restore leading double-slash if one was found on entry.
+ func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result
+}
+
+
+# func_notquiet ARG...
+# --------------------
+# Echo program name prefixed message only when not in quiet mode.
+func_notquiet ()
+{
+ $debug_cmd
+
+ $opt_quiet || func_echo ${1+"$@"}
+
+ # A bug in bash halts the script if the last line of a function
+ # fails when set -e is in force, so we need another command to
+ # work around that:
+ :
+}
+
+
+# func_relative_path SRCDIR DSTDIR
+# --------------------------------
+# Set func_relative_path_result to the relative path from SRCDIR to DSTDIR.
+func_relative_path ()
+{
+ $debug_cmd
+
+ func_relative_path_result=
+ func_normal_abspath "$1"
+ func_relative_path_tlibdir=$func_normal_abspath_result
+ func_normal_abspath "$2"
+ func_relative_path_tbindir=$func_normal_abspath_result
+
+ # Ascend the tree starting from libdir
+ while :; do
+ # check if we have found a prefix of bindir
+ case $func_relative_path_tbindir in
+ $func_relative_path_tlibdir)
+ # found an exact match
+ func_relative_path_tcancelled=
+ break
+ ;;
+ $func_relative_path_tlibdir*)
+ # found a matching prefix
+ func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir"
+ func_relative_path_tcancelled=$func_stripname_result
+ if test -z "$func_relative_path_result"; then
+ func_relative_path_result=.
+ fi
+ break
+ ;;
+ *)
+ func_dirname $func_relative_path_tlibdir
+ func_relative_path_tlibdir=$func_dirname_result
+ if test -z "$func_relative_path_tlibdir"; then
+ # Have to descend all the way to the root!
+ func_relative_path_result=../$func_relative_path_result
+ func_relative_path_tcancelled=$func_relative_path_tbindir
+ break
+ fi
+ func_relative_path_result=../$func_relative_path_result
+ ;;
+ esac
+ done
+
+ # Now calculate path; take care to avoid doubling-up slashes.
+ func_stripname '' '/' "$func_relative_path_result"
+ func_relative_path_result=$func_stripname_result
+ func_stripname '/' '/' "$func_relative_path_tcancelled"
+ if test -n "$func_stripname_result"; then
+ func_append func_relative_path_result "/$func_stripname_result"
+ fi
+
+ # Normalisation. If bindir is libdir, return '.' else relative path.
+ if test -n "$func_relative_path_result"; then
+ func_stripname './' '' "$func_relative_path_result"
+ func_relative_path_result=$func_stripname_result
+ fi
+
+ test -n "$func_relative_path_result" || func_relative_path_result=.
+
+ :
+}
+
+
+# func_quote_portable EVAL ARG
+# ----------------------------
+# Internal function to portably implement func_quote_arg. Note that we still
+# keep attention to performance here so we as much as possible try to avoid
+# calling sed binary (so far O(N) complexity as long as func_append is O(1)).
+func_quote_portable ()
+{
+ $debug_cmd
+
+ $require_check_ifs_backslash
+
+ func_quote_portable_result=$2
+
+ # one-time-loop (easy break)
+ while true
+ do
+ if $1; then
+ func_quote_portable_result=`$ECHO "$2" | $SED \
+ -e "$sed_double_quote_subst" -e "$sed_double_backslash"`
+ break
+ fi
+
+ # Quote for eval.
+ case $func_quote_portable_result in
+ *[\\\`\"\$]*)
+ # Fallback to sed for $func_check_bs_ifs_broken=:, or when the string
+ # contains the shell wildcard characters.
+ case $check_ifs_backshlash_broken$func_quote_portable_result in
+ :*|*[\[\*\?]*)
+ func_quote_portable_result=`$ECHO "$func_quote_portable_result" \
+ | $SED "$sed_quote_subst"`
+ break
+ ;;
+ esac
+
+ func_quote_portable_old_IFS=$IFS
+ for _G_char in '\' '`' '"' '$'
+ do
+ # STATE($1) PREV($2) SEPARATOR($3)
+ set start "" ""
+ func_quote_portable_result=dummy"$_G_char$func_quote_portable_result$_G_char"dummy
+ IFS=$_G_char
+ for _G_part in $func_quote_portable_result
+ do
+ case $1 in
+ quote)
+ func_append func_quote_portable_result "$3$2"
+ set quote "$_G_part" "\\$_G_char"
+ ;;
+ start)
+ set first "" ""
+ func_quote_portable_result=
+ ;;
+ first)
+ set quote "$_G_part" ""
+ ;;
+ esac
+ done
+ done
+ IFS=$func_quote_portable_old_IFS
+ ;;
+ *) ;;
+ esac
+ break
+ done
+
+ func_quote_portable_unquoted_result=$func_quote_portable_result
+ case $func_quote_portable_result in
+ # double-quote args containing shell metacharacters to delay
+ # word splitting, command substitution and variable expansion
+ # for a subsequent eval.
+ # many bourne shells cannot handle close brackets correctly
+ # in scan sets, so we specify it separately.
+ *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"")
+ func_quote_portable_result=\"$func_quote_portable_result\"
+ ;;
+ esac
+}
+
+
+# func_quotefast_eval ARG
+# -----------------------
+# Quote one ARG (internal). This is equivalent to 'func_quote_arg eval ARG',
+# but optimized for speed. Result is stored in $func_quotefast_eval.
+if test xyes = `(x=; printf -v x %q yes; echo x"$x") 2>/dev/null`; then
+ printf -v _GL_test_printf_tilde %q '~'
+ if test '\~' = "$_GL_test_printf_tilde"; then
+ func_quotefast_eval ()
+ {
+ printf -v func_quotefast_eval_result %q "$1"
+ }
+ else
+ # Broken older Bash implementations. Make those faster too if possible.
+ func_quotefast_eval ()
+ {
+ case $1 in
+ '~'*)
+ func_quote_portable false "$1"
+ func_quotefast_eval_result=$func_quote_portable_result
+ ;;
+ *)
+ printf -v func_quotefast_eval_result %q "$1"
+ ;;
+ esac
+ }
+ fi
+else
+ func_quotefast_eval ()
+ {
+ func_quote_portable false "$1"
+ func_quotefast_eval_result=$func_quote_portable_result
+ }
+fi
+
+
+# func_quote_arg MODEs ARG
+# ------------------------
+# Quote one ARG to be evaled later. MODEs argument may contain zero or more
+# specifiers listed below separated by ',' character. This function returns two
+# values:
+# i) func_quote_arg_result
+# double-quoted (when needed), suitable for a subsequent eval
+# ii) func_quote_arg_unquoted_result
+# has all characters that are still active within double
+# quotes backslashified. Available only if 'unquoted' is specified.
+#
+# Available modes:
+# ----------------
+# 'eval' (default)
+# - escape shell special characters
+# 'expand'
+# - the same as 'eval'; but do not quote variable references
+# 'pretty'
+# - request aesthetic output, i.e. '"a b"' instead of 'a\ b'. This might
+# be used later in func_quote to get output like: 'echo "a b"' instead
+# of 'echo a\ b'. This is slower than default on some shells.
+# 'unquoted'
+# - produce also $func_quote_arg_unquoted_result which does not contain
+# wrapping double-quotes.
+#
+# Examples for 'func_quote_arg pretty,unquoted string':
+#
+# string | *_result | *_unquoted_result
+# ------------+-----------------------+-------------------
+# " | \" | \"
+# a b | "a b" | a b
+# "a b" | "\"a b\"" | \"a b\"
+# * | "*" | *
+# z="${x-$y}" | "z=\"\${x-\$y}\"" | z=\"\${x-\$y}\"
+#
+# Examples for 'func_quote_arg pretty,unquoted,expand string':
+#
+# string | *_result | *_unquoted_result
+# --------------+---------------------+--------------------
+# z="${x-$y}" | "z=\"${x-$y}\"" | z=\"${x-$y}\"
+func_quote_arg ()
+{
+ _G_quote_expand=false
+ case ,$1, in
+ *,expand,*)
+ _G_quote_expand=:
+ ;;
+ esac
+
+ case ,$1, in
+ *,pretty,*|*,expand,*|*,unquoted,*)
+ func_quote_portable $_G_quote_expand "$2"
+ func_quote_arg_result=$func_quote_portable_result
+ func_quote_arg_unquoted_result=$func_quote_portable_unquoted_result
+ ;;
+ *)
+ # Faster quote-for-eval for some shells.
+ func_quotefast_eval "$2"
+ func_quote_arg_result=$func_quotefast_eval_result
+ ;;
+ esac
+}
+
+
+# func_quote MODEs ARGs...
+# ------------------------
+# Quote all ARGs to be evaled later and join them into single command. See
+# func_quote_arg's description for more info.
+func_quote ()
+{
+ $debug_cmd
+ _G_func_quote_mode=$1 ; shift
+ func_quote_result=
+ while test 0 -lt $#; do
+ func_quote_arg "$_G_func_quote_mode" "$1"
+ if test -n "$func_quote_result"; then
+ func_append func_quote_result " $func_quote_arg_result"
+ else
+ func_append func_quote_result "$func_quote_arg_result"
+ fi
+ shift
+ done
+}
+
+
+# func_stripname PREFIX SUFFIX NAME
+# ---------------------------------
+# strip PREFIX and SUFFIX from NAME, and store in func_stripname_result.
+# PREFIX and SUFFIX must not contain globbing or regex special
+# characters, hashes, percent signs, but SUFFIX may contain a leading
+# dot (in which case that matches only a dot).
+if test yes = "$_G_HAVE_XSI_OPS"; then
+ eval 'func_stripname ()
+ {
+ $debug_cmd
+
+ # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are
+ # positional parameters, so assign one to ordinary variable first.
+ func_stripname_result=$3
+ func_stripname_result=${func_stripname_result#"$1"}
+ func_stripname_result=${func_stripname_result%"$2"}
+ }'
+else
+ func_stripname ()
+ {
+ $debug_cmd
+
+ case $2 in
+ .*) func_stripname_result=`$ECHO "$3" | $SED -e "s%^$1%%" -e "s%\\\\$2\$%%"`;;
+ *) func_stripname_result=`$ECHO "$3" | $SED -e "s%^$1%%" -e "s%$2\$%%"`;;
+ esac
+ }
+fi
+
+
+# func_show_eval CMD [FAIL_EXP]
+# -----------------------------
+# Unless opt_quiet is true, then output CMD. Then, if opt_dryrun is
+# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP
+# is given, then evaluate it.
+func_show_eval ()
+{
+ $debug_cmd
+
+ _G_cmd=$1
+ _G_fail_exp=${2-':'}
+
+ func_quote_arg pretty,expand "$_G_cmd"
+ eval "func_notquiet $func_quote_arg_result"
+
+ $opt_dry_run || {
+ eval "$_G_cmd"
+ _G_status=$?
+ if test 0 -ne "$_G_status"; then
+ eval "(exit $_G_status); $_G_fail_exp"
+ fi
+ }
+}
+
+
+# func_show_eval_locale CMD [FAIL_EXP]
+# ------------------------------------
+# Unless opt_quiet is true, then output CMD. Then, if opt_dryrun is
+# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP
+# is given, then evaluate it. Use the saved locale for evaluation.
+func_show_eval_locale ()
+{
+ $debug_cmd
+
+ _G_cmd=$1
+ _G_fail_exp=${2-':'}
+
+ $opt_quiet || {
+ func_quote_arg expand,pretty "$_G_cmd"
+ eval "func_echo $func_quote_arg_result"
+ }
+
+ $opt_dry_run || {
+ eval "$_G_user_locale
+ $_G_cmd"
+ _G_status=$?
+ eval "$_G_safe_locale"
+ if test 0 -ne "$_G_status"; then
+ eval "(exit $_G_status); $_G_fail_exp"
+ fi
+ }
+}
+
+
+# func_tr_sh
+# ----------
+# Turn $1 into a string suitable for a shell variable name.
+# Result is stored in $func_tr_sh_result. All characters
+# not in the set a-zA-Z0-9_ are replaced with '_'. Further,
+# if $1 begins with a digit, a '_' is prepended as well.
+func_tr_sh ()
+{
+ $debug_cmd
+
+ case $1 in
+ [0-9]* | *[!a-zA-Z0-9_]*)
+ func_tr_sh_result=`$ECHO "$1" | $SED -e 's/^\([0-9]\)/_\1/' -e 's/[^a-zA-Z0-9_]/_/g'`
+ ;;
+ * )
+ func_tr_sh_result=$1
+ ;;
+ esac
+}
+
+
+# func_verbose ARG...
+# -------------------
+# Echo program name prefixed message in verbose mode only.
+func_verbose ()
+{
+ $debug_cmd
+
+ $opt_verbose && func_echo "$*"
+
+ :
+}
+
+
+# func_warn_and_continue ARG...
+# -----------------------------
+# Echo program name prefixed warning message to standard error.
+func_warn_and_continue ()
+{
+ $debug_cmd
+
+ $require_term_colors
+
+ func_echo_infix_1 "${tc_red}warning$tc_reset" "$*" >&2
+}
+
+
+# func_warning CATEGORY ARG...
+# ----------------------------
+# Echo program name prefixed warning message to standard error. Warning
+# messages can be filtered according to CATEGORY, where this function
+# elides messages where CATEGORY is not listed in the global variable
+# 'opt_warning_types'.
+func_warning ()
+{
+ $debug_cmd
+
+ # CATEGORY must be in the warning_categories list!
+ case " $warning_categories " in
+ *" $1 "*) ;;
+ *) func_internal_error "invalid warning category '$1'" ;;
+ esac
+
+ _G_category=$1
+ shift
+
+ case " $opt_warning_types " in
+ *" $_G_category "*) $warning_func ${1+"$@"} ;;
+ esac
+}
+
+
+# func_sort_ver VER1 VER2
+# -----------------------
+# 'sort -V' is not generally available.
+# Note this deviates from the version comparison in automake
+# in that it treats 1.5 < 1.5.0, and treats 1.4.4a < 1.4-p3a
+# but this should suffice as we won't be specifying old
+# version formats or redundant trailing .0 in bootstrap.conf.
+# If we did want full compatibility then we should probably
+# use m4_version_compare from autoconf.
+func_sort_ver ()
+{
+ $debug_cmd
+
+ printf '%s\n%s\n' "$1" "$2" \
+ | sort -t. -k 1,1n -k 2,2n -k 3,3n -k 4,4n -k 5,5n -k 6,6n -k 7,7n -k 8,8n -k 9,9n
+}
+
+# func_lt_ver PREV CURR
+# ---------------------
+# Return true if PREV and CURR are in the correct order according to
+# func_sort_ver, otherwise false. Use it like this:
+#
+# func_lt_ver "$prev_ver" "$proposed_ver" || func_fatal_error "..."
+func_lt_ver ()
+{
+ $debug_cmd
+
+ test "x$1" = x`func_sort_ver "$1" "$2" | $SED 1q`
+}
+
+
+# Local variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'before-save-hook 'time-stamp)
+# time-stamp-pattern: "10/scriptversion=%:y-%02m-%02d.%02H; # UTC"
+# time-stamp-time-zone: "UTC"
+# End:
+#! /bin/sh
+
+# A portable, pluggable option parser for Bourne shell.
+# Written by Gary V. Vaughan, 2010
+
+# This is free software. There is NO warranty; not even for
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+#
+# Copyright (C) 2010-2019, 2021 Bootstrap Authors
+#
+# This file is dual licensed under the terms of the MIT license
+# <https://opensource.org/license/MIT>, and GPL version 2 or later
+# <http://www.gnu.org/licenses/gpl-2.0.html>. You must apply one of
+# these licenses when using or redistributing this software or any of
+# the files within it. See the URLs above, or the file `LICENSE`
+# included in the Bootstrap distribution for the full license texts.
+
+# Please report bugs or propose patches to:
+# <https://github.com/gnulib-modules/bootstrap/issues>
+
+# Set a version string for this script.
+scriptversion=2019-02-19.15; # UTC
+
+
+## ------ ##
+## Usage. ##
+## ------ ##
+
+# This file is a library for parsing options in your shell scripts along
+# with assorted other useful supporting features that you can make use
+# of too.
+#
+# For the simplest scripts you might need only:
+#
+# #!/bin/sh
+# . relative/path/to/funclib.sh
+# . relative/path/to/options-parser
+# scriptversion=1.0
+# func_options ${1+"$@"}
+# eval set dummy "$func_options_result"; shift
+# ...rest of your script...
+#
+# In order for the '--version' option to work, you will need to have a
+# suitably formatted comment like the one at the top of this file
+# starting with '# Written by ' and ending with '# Copyright'.
+#
+# For '-h' and '--help' to work, you will also need a one line
+# description of your script's purpose in a comment directly above the
+# '# Written by ' line, like the one at the top of this file.
+#
+# The default options also support '--debug', which will turn on shell
+# execution tracing (see the comment above debug_cmd below for another
+# use), and '--verbose' and the func_verbose function to allow your script
+# to display verbose messages only when your user has specified
+# '--verbose'.
+#
+# After sourcing this file, you can plug in processing for additional
+# options by amending the variables from the 'Configuration' section
+# below, and following the instructions in the 'Option parsing'
+# section further down.
+
+## -------------- ##
+## Configuration. ##
+## -------------- ##
+
+# You should override these variables in your script after sourcing this
+# file so that they reflect the customisations you have added to the
+# option parser.
+
+# The usage line for option parsing errors and the start of '-h' and
+# '--help' output messages. You can embed shell variables for delayed
+# expansion at the time the message is displayed, but you will need to
+# quote other shell meta-characters carefully to prevent them being
+# expanded when the contents are evaled.
+usage='$progpath [OPTION]...'
+
+# Short help message in response to '-h' and '--help'. Add to this or
+# override it after sourcing this library to reflect the full set of
+# options your script accepts.
+usage_message="\
+ --debug enable verbose shell tracing
+ -W, --warnings=CATEGORY
+ report the warnings falling in CATEGORY [all]
+ -v, --verbose verbosely report processing
+ --version print version information and exit
+ -h, --help print short or long help message and exit
+"
+
+# Additional text appended to 'usage_message' in response to '--help'.
+long_help_message="
+Warning categories include:
+ 'all' show all warnings
+ 'none' turn off all the warnings
+ 'error' warnings are treated as fatal errors"
+
+# Help message printed before fatal option parsing errors.
+fatal_help="Try '\$progname --help' for more information."
+
+
+
+## ------------------------- ##
+## Hook function management. ##
+## ------------------------- ##
+
+# This section contains functions for adding, removing, and running hooks
+# in the main code. A hook is just a list of function names that can be
+# run in order later on.
+
+# func_hookable FUNC_NAME
+# -----------------------
+# Declare that FUNC_NAME will run hooks added with
+# 'func_add_hook FUNC_NAME ...'.
+func_hookable ()
+{
+ $debug_cmd
+
+ func_append hookable_fns " $1"
+}
+
+
+# func_add_hook FUNC_NAME HOOK_FUNC
+# ---------------------------------
+# Request that FUNC_NAME call HOOK_FUNC before it returns. FUNC_NAME must
+# first have been declared "hookable" by a call to 'func_hookable'.
+func_add_hook ()
+{
+ $debug_cmd
+
+ case " $hookable_fns " in
+ *" $1 "*) ;;
+ *) func_fatal_error "'$1' does not accept hook functions." ;;
+ esac
+
+ eval func_append ${1}_hooks '" $2"'
+}
+
+
+# func_remove_hook FUNC_NAME HOOK_FUNC
+# ------------------------------------
+# Remove HOOK_FUNC from the list of hook functions to be called by
+# FUNC_NAME.
+func_remove_hook ()
+{
+ $debug_cmd
+
+ eval ${1}_hooks='`$ECHO "\$'$1'_hooks" |$SED "s| '$2'||"`'
+}
+
+
+# func_propagate_result FUNC_NAME_A FUNC_NAME_B
+# ---------------------------------------------
+# If the *_result variable of FUNC_NAME_A _is set_, assign its value to
+# *_result variable of FUNC_NAME_B.
+func_propagate_result ()
+{
+ $debug_cmd
+
+ func_propagate_result_result=:
+ if eval "test \"\${${1}_result+set}\" = set"
+ then
+ eval "${2}_result=\$${1}_result"
+ else
+ func_propagate_result_result=false
+ fi
+}
+
+
+# func_run_hooks FUNC_NAME [ARG]...
+# ---------------------------------
+# Run all hook functions registered to FUNC_NAME.
+# It's assumed that the list of hook functions contains nothing more
+# than a whitespace-delimited list of legal shell function names, and
+# no effort is wasted trying to catch shell meta-characters or preserve
+# whitespace.
+func_run_hooks ()
+{
+ $debug_cmd
+
+ _G_rc_run_hooks=false
+
+ case " $hookable_fns " in
+ *" $1 "*) ;;
+ *) func_fatal_error "'$1' does not support hook functions." ;;
+ esac
+
+ eval _G_hook_fns=\$$1_hooks; shift
+
+ for _G_hook in $_G_hook_fns; do
+ func_unset "${_G_hook}_result"
+ eval $_G_hook '${1+"$@"}'
+ func_propagate_result $_G_hook func_run_hooks
+ if $func_propagate_result_result; then
+ eval set dummy "$func_run_hooks_result"; shift
+ fi
+ done
+}
+
+
+
+## --------------- ##
+## Option parsing. ##
+## --------------- ##
+
+# In order to add your own option parsing hooks, you must accept the
+# full positional parameter list from your hook function. You may remove
+# or edit any options that you action, and then pass back the remaining
+# unprocessed options in '<hooked_function_name>_result', escaped
+# suitably for 'eval'.
+#
+# The '<hooked_function_name>_result' variable is automatically unset
+# before your hook gets called; for best performance, only set the
+# *_result variable when necessary (i.e. don't call the 'func_quote'
+# function unnecessarily because it can be an expensive operation on some
+# machines).
+#
+# Like this:
+#
+# my_options_prep ()
+# {
+# $debug_cmd
+#
+# # Extend the existing usage message.
+# usage_message=$usage_message'
+# -s, --silent don'\''t print informational messages
+# '
+# # No change in '$@' (ignored completely by this hook). Leave
+# # my_options_prep_result variable intact.
+# }
+# func_add_hook func_options_prep my_options_prep
+#
+#
+# my_silent_option ()
+# {
+# $debug_cmd
+#
+# args_changed=false
+#
+# # Note that, for efficiency, we parse as many options as we can
+# # recognise in a loop before passing the remainder back to the
+# # caller on the first unrecognised argument we encounter.
+# while test $# -gt 0; do
+# opt=$1; shift
+# case $opt in
+# --silent|-s) opt_silent=:
+# args_changed=:
+# ;;
+# # Separate non-argument short options:
+# -s*) func_split_short_opt "$_G_opt"
+# set dummy "$func_split_short_opt_name" \
+# "-$func_split_short_opt_arg" ${1+"$@"}
+# shift
+# args_changed=:
+# ;;
+# *) # Make sure the first unrecognised option "$_G_opt"
+# # is added back to "$@" in case we need it later,
+# # if $args_changed was set to 'true'.
+# set dummy "$_G_opt" ${1+"$@"}; shift; break ;;
+# esac
+# done
+#
+# # Only call 'func_quote' here if we processed at least one argument.
+# if $args_changed; then
+# func_quote eval ${1+"$@"}
+# my_silent_option_result=$func_quote_result
+# fi
+# }
+# func_add_hook func_parse_options my_silent_option
+#
+#
+# my_option_validation ()
+# {
+# $debug_cmd
+#
+# $opt_silent && $opt_verbose && func_fatal_help "\
+# '--silent' and '--verbose' options are mutually exclusive."
+# }
+# func_add_hook func_validate_options my_option_validation
+#
+# You'll also need to manually amend $usage_message to reflect the extra
+# options you parse. It's preferable to append if you can, so that
+# multiple option parsing hooks can be added safely.
+
+
+# func_options_finish [ARG]...
+# ----------------------------
+# Finishing the option parse loop (call 'func_options' hooks ATM).
+func_options_finish ()
+{
+ $debug_cmd
+
+ func_run_hooks func_options ${1+"$@"}
+ func_propagate_result func_run_hooks func_options_finish
+}
+
+
+# func_options [ARG]...
+# ---------------------
+# All the functions called inside func_options are hookable. See the
+# individual implementations for details.
+func_hookable func_options
+func_options ()
+{
+ $debug_cmd
+
+ _G_options_quoted=false
+
+ for my_func in options_prep parse_options validate_options options_finish
+ do
+ func_unset func_${my_func}_result
+ func_unset func_run_hooks_result
+ eval func_$my_func '${1+"$@"}'
+ func_propagate_result func_$my_func func_options
+ if $func_propagate_result_result; then
+ eval set dummy "$func_options_result"; shift
+ _G_options_quoted=:
+ fi
+ done
+
+ $_G_options_quoted || {
+ # As we (func_options) are top-level options-parser function and
+ # nobody quoted "$@" for us yet, we need to do it explicitly for
+ # caller.
+ func_quote eval ${1+"$@"}
+ func_options_result=$func_quote_result
+ }
+}
+
+
+# func_options_prep [ARG]...
+# --------------------------
+# All initialisations required before starting the option parse loop.
+# Note that when calling hook functions, we pass through the list of
+# positional parameters. If a hook function modifies that list, and
+# needs to propagate that back to rest of this script, then the complete
+# modified list must be put in 'func_run_hooks_result' before returning.
+func_hookable func_options_prep
+func_options_prep ()
+{
+ $debug_cmd
+
+ # Option defaults:
+ opt_verbose=false
+ opt_warning_types=
+
+ func_run_hooks func_options_prep ${1+"$@"}
+ func_propagate_result func_run_hooks func_options_prep
+}
+
+
+# func_parse_options [ARG]...
+# ---------------------------
+# The main option parsing loop.
+func_hookable func_parse_options
+func_parse_options ()
+{
+ $debug_cmd
+
+ _G_parse_options_requote=false
+ # this just eases exit handling
+ while test $# -gt 0; do
+ # Defer to hook functions for initial option parsing, so they
+ # get priority in the event of reusing an option name.
+ func_run_hooks func_parse_options ${1+"$@"}
+ func_propagate_result func_run_hooks func_parse_options
+ if $func_propagate_result_result; then
+ eval set dummy "$func_parse_options_result"; shift
+ # Even though we may have changed "$@", we passed the "$@" array
+ # down into the hook and it quoted it for us (because we are in
+ # this if-branch). No need to quote it again.
+ _G_parse_options_requote=false
+ fi
+
+ # Break out of the loop if we already parsed every option.
+ test $# -gt 0 || break
+
+ # We expect that one of the options parsed in this function matches
+ # and thus we remove _G_opt from "$@" and need to re-quote.
+ _G_match_parse_options=:
+ _G_opt=$1
+ shift
+ case $_G_opt in
+ --debug|-x) debug_cmd='set -x'
+ func_echo "enabling shell trace mode" >&2
+ $debug_cmd
+ ;;
+
+ --no-warnings|--no-warning|--no-warn)
+ set dummy --warnings none ${1+"$@"}
+ shift
+ ;;
+
+ --warnings|--warning|-W)
+ if test $# = 0 && func_missing_arg $_G_opt; then
+ _G_parse_options_requote=:
+ break
+ fi
+ case " $warning_categories $1" in
+ *" $1 "*)
+ # trailing space prevents matching last $1 above
+ func_append_uniq opt_warning_types " $1"
+ ;;
+ *all)
+ opt_warning_types=$warning_categories
+ ;;
+ *none)
+ opt_warning_types=none
+ warning_func=:
+ ;;
+ *error)
+ opt_warning_types=$warning_categories
+ warning_func=func_fatal_error
+ ;;
+ *)
+ func_fatal_error \
+ "unsupported warning category: '$1'"
+ ;;
+ esac
+ shift
+ ;;
+
+ --verbose|-v) opt_verbose=: ;;
+ --version) func_version ;;
+ -\?|-h) func_usage ;;
+ --help) func_help ;;
+
+ # Separate optargs to long options (plugins may need this):
+ --*=*) func_split_equals "$_G_opt"
+ set dummy "$func_split_equals_lhs" \
+ "$func_split_equals_rhs" ${1+"$@"}
+ shift
+ ;;
+
+ # Separate optargs to short options:
+ -W*)
+ func_split_short_opt "$_G_opt"
+ set dummy "$func_split_short_opt_name" \
+ "$func_split_short_opt_arg" ${1+"$@"}
+ shift
+ ;;
+
+ # Separate non-argument short options:
+ -\?*|-h*|-v*|-x*)
+ func_split_short_opt "$_G_opt"
+ set dummy "$func_split_short_opt_name" \
+ "-$func_split_short_opt_arg" ${1+"$@"}
+ shift
+ ;;
+
+ --) _G_parse_options_requote=: ; break ;;
+ -*) func_fatal_help "unrecognised option: '$_G_opt'" ;;
+ *) set dummy "$_G_opt" ${1+"$@"}; shift
+ _G_match_parse_options=false
+ break
+ ;;
+ esac
+
+ if $_G_match_parse_options; then
+ _G_parse_options_requote=:
+ fi
+ done
+
+ if $_G_parse_options_requote; then
+ # save modified positional parameters for caller
+ func_quote eval ${1+"$@"}
+ func_parse_options_result=$func_quote_result
+ fi
+}
+
+
+# func_validate_options [ARG]...
+# ------------------------------
+# Perform any sanity checks on option settings and/or unconsumed
+# arguments.
+func_hookable func_validate_options
+func_validate_options ()
+{
+ $debug_cmd
+
+ # Display all warnings if -W was not given.
+ test -n "$opt_warning_types" || opt_warning_types=" $warning_categories"
+
+ func_run_hooks func_validate_options ${1+"$@"}
+ func_propagate_result func_run_hooks func_validate_options
+
+ # Bail if the options were screwed!
+ $exit_cmd $EXIT_FAILURE
+}
+
+
+
+## ----------------- ##
+## Helper functions. ##
+## ----------------- ##
+
+# This section contains the helper functions used by the rest of the
+# hookable option parser framework in ascii-betical order.
+
+
+# func_fatal_help ARG...
+# ----------------------
+# Echo program name prefixed message to standard error, followed by
+# a help hint, and exit.
+func_fatal_help ()
+{
+ $debug_cmd
+
+ eval \$ECHO \""Usage: $usage"\"
+ eval \$ECHO \""$fatal_help"\"
+ func_error ${1+"$@"}
+ exit $EXIT_FAILURE
+}
+
+
+# func_help
+# ---------
+# Echo long help message to standard output and exit.
+func_help ()
+{
+ $debug_cmd
+
+ func_usage_message
+ $ECHO "$long_help_message"
+ exit 0
+}
+
+
+# func_missing_arg ARGNAME
+# ------------------------
+# Echo program name prefixed message to standard error and set global
+# exit_cmd.
+func_missing_arg ()
+{
+ $debug_cmd
+
+ func_error "Missing argument for '$1'."
+ exit_cmd=exit
+}
+
+
+# func_split_equals STRING
+# ------------------------
+# Set func_split_equals_lhs and func_split_equals_rhs shell variables
+# after splitting STRING at the '=' sign.
+test -z "$_G_HAVE_XSI_OPS" \
+ && (eval 'x=a/b/c;
+ test 5aa/bb/cc = "${#x}${x%%/*}${x%/*}${x#*/}${x##*/}"') 2>/dev/null \
+ && _G_HAVE_XSI_OPS=yes
+
+if test yes = "$_G_HAVE_XSI_OPS"
+then
+ # This is an XSI compatible shell, allowing a faster implementation...
+ eval 'func_split_equals ()
+ {
+ $debug_cmd
+
+ func_split_equals_lhs=${1%%=*}
+ func_split_equals_rhs=${1#*=}
+ if test "x$func_split_equals_lhs" = "x$1"; then
+ func_split_equals_rhs=
+ fi
+ }'
+else
+ # ...otherwise fall back to using expr, which is often a shell builtin.
+ func_split_equals ()
+ {
+ $debug_cmd
+
+ func_split_equals_lhs=`expr "x$1" : 'x\([^=]*\)'`
+ func_split_equals_rhs=
+ test "x$func_split_equals_lhs=" = "x$1" \
+ || func_split_equals_rhs=`expr "x$1" : 'x[^=]*=\(.*\)$'`
+ }
+fi #func_split_equals
+
+
+# func_split_short_opt SHORTOPT
+# -----------------------------
+# Set func_split_short_opt_name and func_split_short_opt_arg shell
+# variables after splitting SHORTOPT after the 2nd character.
+if test yes = "$_G_HAVE_XSI_OPS"
+then
+ # This is an XSI compatible shell, allowing a faster implementation...
+ eval 'func_split_short_opt ()
+ {
+ $debug_cmd
+
+ func_split_short_opt_arg=${1#??}
+ func_split_short_opt_name=${1%"$func_split_short_opt_arg"}
+ }'
+else
+ # ...otherwise fall back to using expr, which is often a shell builtin.
+ func_split_short_opt ()
+ {
+ $debug_cmd
+
+ func_split_short_opt_name=`expr "x$1" : 'x\(-.\)'`
+ func_split_short_opt_arg=`expr "x$1" : 'x-.\(.*\)$'`
+ }
+fi #func_split_short_opt
+
+
+# func_usage
+# ----------
+# Echo short help message to standard output and exit.
+func_usage ()
+{
+ $debug_cmd
+
+ func_usage_message
+ $ECHO "Run '$progname --help |${PAGER-more}' for full usage"
+ exit 0
+}
+
+
+# func_usage_message
+# ------------------
+# Echo short help message to standard output.
+func_usage_message ()
+{
+ $debug_cmd
+
+ eval \$ECHO \""Usage: $usage"\"
+ echo
+ $SED -n 's|^# ||
+ /^Written by/{
+ x;p;x
+ }
+ h
+ /^Written by/q' < "$progpath"
+ echo
+ eval \$ECHO \""$usage_message"\"
+}
+
+
+# func_version
+# ------------
+# Echo version message to standard output and exit.
+# The version message is extracted from the calling file's header
+# comments, with leading '# ' stripped:
+# 1. First display the progname and version
+# 2. Followed by the header comment line matching /^# Written by /
+# 3. Then a blank line followed by the first following line matching
+# /^# Copyright /
+# 4. Immediately followed by any lines between the previous matches,
+# except lines preceding the intervening completely blank line.
+# For example, see the header comments of this file.
+func_version ()
+{
+ $debug_cmd
+
+ printf '%s\n' "$progname $scriptversion"
+ $SED -n '
+ /^# Written by /!b
+ s|^# ||; p; n
+
+ :fwd2blnk
+ /./ {
+ n
+ b fwd2blnk
+ }
+ p; n
+
+ :holdwrnt
+ s|^# ||
+ s|^# *$||
+ /^Copyright /!{
+ /./H
+ n
+ b holdwrnt
+ }
+
+ s|\((C)\)[ 0-9,-]*[ ,-]\([1-9][0-9]* \)|\1 \2|
+ G
+ s|\(\n\)\n*|\1|g
+ p; q' < "$progpath"
+
+ exit $?
+}
+
+
+# Local variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'before-save-hook 'time-stamp)
+# time-stamp-pattern: "30/scriptversion=%:y-%02m-%02d.%02H; # UTC"
+# time-stamp-time-zone: "UTC"
+# End:
+
+# Set a version string.
+scriptversion='(GNU libtool) 2.4.7'
+
+
+# func_echo ARG...
+# ----------------
+# Libtool also displays the current mode in messages, so override
+# funclib.sh func_echo with this custom definition.
+func_echo ()
+{
+ $debug_cmd
+
+ _G_message=$*
+
+ func_echo_IFS=$IFS
+ IFS=$nl
+ for _G_line in $_G_message; do
+ IFS=$func_echo_IFS
+ $ECHO "$progname${opt_mode+: $opt_mode}: $_G_line"
+ done
+ IFS=$func_echo_IFS
+}
+
+
+# func_warning ARG...
+# -------------------
+# Libtool warnings are not categorized, so override funclib.sh
+# func_warning with this simpler definition.
+func_warning ()
+{
+ $debug_cmd
+
+ $warning_func ${1+"$@"}
+}
+
+
+## ---------------- ##
+## Options parsing. ##
+## ---------------- ##
+
+# Hook in the functions to make sure our own options are parsed during
+# the option parsing loop.
+
+usage='$progpath [OPTION]... [MODE-ARG]...'
+
+# Short help message in response to '-h'.
+usage_message="Options:
+ --config show all configuration variables
+ --debug enable verbose shell tracing
+ -n, --dry-run display commands without modifying any files
+ --features display basic configuration information and exit
+ --mode=MODE use operation mode MODE
+ --no-warnings equivalent to '-Wnone'
+ --preserve-dup-deps don't remove duplicate dependency libraries
+ --quiet, --silent don't print informational messages
+ --tag=TAG use configuration variables from tag TAG
+ -v, --verbose print more informational messages than default
+ --version print version information
+ -W, --warnings=CATEGORY report the warnings falling in CATEGORY [all]
+ -h, --help, --help-all print short, long, or detailed help message
+"
+
+# Additional text appended to 'usage_message' in response to '--help'.
+func_help ()
+{
+ $debug_cmd
+
+ func_usage_message
+ $ECHO "$long_help_message
+
+MODE must be one of the following:
+
+ clean remove files from the build directory
+ compile compile a source file into a libtool object
+ execute automatically set library path, then run a program
+ finish complete the installation of libtool libraries
+ install install libraries or executables
+ link create a library or an executable
+ uninstall remove libraries from an installed directory
+
+MODE-ARGS vary depending on the MODE. When passed as first option,
+'--mode=MODE' may be abbreviated as 'MODE' or a unique abbreviation of that.
+Try '$progname --help --mode=MODE' for a more detailed description of MODE.
+
+When reporting a bug, please describe a test case to reproduce it and
+include the following information:
+
+ host-triplet: $host
+ shell: $SHELL
+ compiler: $LTCC
+ compiler flags: $LTCFLAGS
+ linker: $LD (gnu? $with_gnu_ld)
+ version: $progname $scriptversion Debian-2.4.7-7
+ automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q`
+ autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q`
+
+Report bugs to <bug-libtool@gnu.org>.
+GNU libtool home page: <http://www.gnu.org/s/libtool/>.
+General help using GNU software: <http://www.gnu.org/gethelp/>."
+ exit 0
+}
+
+
+# func_lo2o OBJECT-NAME
+# ---------------------
+# Transform OBJECT-NAME from a '.lo' suffix to the platform specific
+# object suffix.
+
+lo2o=s/\\.lo\$/.$objext/
+o2lo=s/\\.$objext\$/.lo/
+
+if test yes = "$_G_HAVE_XSI_OPS"; then
+ eval 'func_lo2o ()
+ {
+ case $1 in
+ *.lo) func_lo2o_result=${1%.lo}.$objext ;;
+ * ) func_lo2o_result=$1 ;;
+ esac
+ }'
+
+ # func_xform LIBOBJ-OR-SOURCE
+ # ---------------------------
+ # Transform LIBOBJ-OR-SOURCE from a '.o' or '.c' (or otherwise)
+ # suffix to a '.lo' libtool-object suffix.
+ eval 'func_xform ()
+ {
+ func_xform_result=${1%.*}.lo
+ }'
+else
+ # ...otherwise fall back to using sed.
+ func_lo2o ()
+ {
+ func_lo2o_result=`$ECHO "$1" | $SED "$lo2o"`
+ }
+
+ func_xform ()
+ {
+ func_xform_result=`$ECHO "$1" | $SED 's|\.[^.]*$|.lo|'`
+ }
+fi
+
+
+# func_fatal_configuration ARG...
+# -------------------------------
+# Echo program name prefixed message to standard error, followed by
+# a configuration failure hint, and exit.
+func_fatal_configuration ()
+{
+ func_fatal_error ${1+"$@"} \
+ "See the $PACKAGE documentation for more information." \
+ "Fatal configuration error."
+}
+
+
+# func_config
+# -----------
+# Display the configuration for all the tags in this script.
+func_config ()
+{
+ re_begincf='^# ### BEGIN LIBTOOL'
+ re_endcf='^# ### END LIBTOOL'
+
+ # Default configuration.
+ $SED "1,/$re_begincf CONFIG/d;/$re_endcf CONFIG/,\$d" < "$progpath"
+
+ # Now print the configurations for the tags.
+ for tagname in $taglist; do
+ $SED -n "/$re_begincf TAG CONFIG: $tagname\$/,/$re_endcf TAG CONFIG: $tagname\$/p" < "$progpath"
+ done
+
+ exit $?
+}
+
+
+# func_features
+# -------------
+# Display the features supported by this script.
+func_features ()
+{
+ echo "host: $host"
+ if test yes = "$build_libtool_libs"; then
+ echo "enable shared libraries"
+ else
+ echo "disable shared libraries"
+ fi
+ if test yes = "$build_old_libs"; then
+ echo "enable static libraries"
+ else
+ echo "disable static libraries"
+ fi
+
+ exit $?
+}
+
+
+# func_enable_tag TAGNAME
+# -----------------------
+# Verify that TAGNAME is valid, and either flag an error and exit, or
+# enable the TAGNAME tag. We also add TAGNAME to the global $taglist
+# variable here.
+func_enable_tag ()
+{
+ # Global variable:
+ tagname=$1
+
+ re_begincf="^# ### BEGIN LIBTOOL TAG CONFIG: $tagname\$"
+ re_endcf="^# ### END LIBTOOL TAG CONFIG: $tagname\$"
+ sed_extractcf=/$re_begincf/,/$re_endcf/p
+
+ # Validate tagname.
+ case $tagname in
+ *[!-_A-Za-z0-9,/]*)
+ func_fatal_error "invalid tag name: $tagname"
+ ;;
+ esac
+
+ # Don't test for the "default" C tag, as we know it's
+ # there but not specially marked.
+ case $tagname in
+ CC) ;;
+ *)
+ if $GREP "$re_begincf" "$progpath" >/dev/null 2>&1; then
+ taglist="$taglist $tagname"
+
+ # Evaluate the configuration. Be careful to quote the path
+ # and the sed script, to avoid splitting on whitespace, but
+ # also don't use non-portable quotes within backquotes within
+ # quotes we have to do it in 2 steps:
+ extractedcf=`$SED -n -e "$sed_extractcf" < "$progpath"`
+ eval "$extractedcf"
+ else
+ func_error "ignoring unknown tag $tagname"
+ fi
+ ;;
+ esac
+}
+
+
+# func_check_version_match
+# ------------------------
+# Ensure that we are using m4 macros, and libtool script from the same
+# release of libtool.
+func_check_version_match ()
+{
+ if test "$package_revision" != "$macro_revision"; then
+ if test "$VERSION" != "$macro_version"; then
+ if test -z "$macro_version"; then
+ cat >&2 <<_LT_EOF
+$progname: Version mismatch error. This is $PACKAGE $VERSION, but the
+$progname: definition of this LT_INIT comes from an older release.
+$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION
+$progname: and run autoconf again.
+_LT_EOF
+ else
+ cat >&2 <<_LT_EOF
+$progname: Version mismatch error. This is $PACKAGE $VERSION, but the
+$progname: definition of this LT_INIT comes from $PACKAGE $macro_version.
+$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION
+$progname: and run autoconf again.
+_LT_EOF
+ fi
+ else
+ cat >&2 <<_LT_EOF
+$progname: Version mismatch error. This is $PACKAGE $VERSION, revision $package_revision,
+$progname: but the definition of this LT_INIT comes from revision $macro_revision.
+$progname: You should recreate aclocal.m4 with macros from revision $package_revision
+$progname: of $PACKAGE $VERSION and run autoconf again.
+_LT_EOF
+ fi
+
+ exit $EXIT_MISMATCH
+ fi
+}
+
+
+# libtool_options_prep [ARG]...
+# -----------------------------
+# Preparation for options parsed by libtool.
+libtool_options_prep ()
+{
+ $debug_mode
+
+ # Option defaults:
+ opt_config=false
+ opt_dlopen=
+ opt_dry_run=false
+ opt_help=false
+ opt_mode=
+ opt_preserve_dup_deps=false
+ opt_quiet=false
+
+ nonopt=
+ preserve_args=
+
+ _G_rc_lt_options_prep=:
+
+ _G_rc_lt_options_prep=:
+
+ # Shorthand for --mode=foo, only valid as the first argument
+ case $1 in
+ clean|clea|cle|cl)
+ shift; set dummy --mode clean ${1+"$@"}; shift
+ ;;
+ compile|compil|compi|comp|com|co|c)
+ shift; set dummy --mode compile ${1+"$@"}; shift
+ ;;
+ execute|execut|execu|exec|exe|ex|e)
+ shift; set dummy --mode execute ${1+"$@"}; shift
+ ;;
+ finish|finis|fini|fin|fi|f)
+ shift; set dummy --mode finish ${1+"$@"}; shift
+ ;;
+ install|instal|insta|inst|ins|in|i)
+ shift; set dummy --mode install ${1+"$@"}; shift
+ ;;
+ link|lin|li|l)
+ shift; set dummy --mode link ${1+"$@"}; shift
+ ;;
+ uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u)
+ shift; set dummy --mode uninstall ${1+"$@"}; shift
+ ;;
+ *)
+ _G_rc_lt_options_prep=false
+ ;;
+ esac
+
+ if $_G_rc_lt_options_prep; then
+ # Pass back the list of options.
+ func_quote eval ${1+"$@"}
+ libtool_options_prep_result=$func_quote_result
+ fi
+}
+func_add_hook func_options_prep libtool_options_prep
+
+
+# libtool_parse_options [ARG]...
+# ---------------------------------
+# Provide handling for libtool specific options.
+libtool_parse_options ()
+{
+ $debug_cmd
+
+ _G_rc_lt_parse_options=false
+
+ # Perform our own loop to consume as many options as possible in
+ # each iteration.
+ while test $# -gt 0; do
+ _G_match_lt_parse_options=:
+ _G_opt=$1
+ shift
+ case $_G_opt in
+ --dry-run|--dryrun|-n)
+ opt_dry_run=:
+ ;;
+
+ --config) func_config ;;
+
+ --dlopen|-dlopen)
+ opt_dlopen="${opt_dlopen+$opt_dlopen
+}$1"
+ shift
+ ;;
+
+ --preserve-dup-deps)
+ opt_preserve_dup_deps=: ;;
+
+ --features) func_features ;;
+
+ --finish) set dummy --mode finish ${1+"$@"}; shift ;;
+
+ --help) opt_help=: ;;
+
+ --help-all) opt_help=': help-all' ;;
+
+ --mode) test $# = 0 && func_missing_arg $_G_opt && break
+ opt_mode=$1
+ case $1 in
+ # Valid mode arguments:
+ clean|compile|execute|finish|install|link|relink|uninstall) ;;
+
+ # Catch anything else as an error
+ *) func_error "invalid argument for $_G_opt"
+ exit_cmd=exit
+ break
+ ;;
+ esac
+ shift
+ ;;
+
+ --no-silent|--no-quiet)
+ opt_quiet=false
+ func_append preserve_args " $_G_opt"
+ ;;
+
+ --no-warnings|--no-warning|--no-warn)
+ opt_warning=false
+ func_append preserve_args " $_G_opt"
+ ;;
+
+ --no-verbose)
+ opt_verbose=false
+ func_append preserve_args " $_G_opt"
+ ;;
+
+ --silent|--quiet)
+ opt_quiet=:
+ opt_verbose=false
+ func_append preserve_args " $_G_opt"
+ ;;
+
+ --tag) test $# = 0 && func_missing_arg $_G_opt && break
+ opt_tag=$1
+ func_append preserve_args " $_G_opt $1"
+ func_enable_tag "$1"
+ shift
+ ;;
+
+ --verbose|-v) opt_quiet=false
+ opt_verbose=:
+ func_append preserve_args " $_G_opt"
+ ;;
+
+ # An option not handled by this hook function:
+ *) set dummy "$_G_opt" ${1+"$@"} ; shift
+ _G_match_lt_parse_options=false
+ break
+ ;;
+ esac
+ $_G_match_lt_parse_options && _G_rc_lt_parse_options=:
+ done
+
+ if $_G_rc_lt_parse_options; then
+ # save modified positional parameters for caller
+ func_quote eval ${1+"$@"}
+ libtool_parse_options_result=$func_quote_result
+ fi
+}
+func_add_hook func_parse_options libtool_parse_options
+
+
+
+# libtool_validate_options [ARG]...
+# ---------------------------------
+# Perform any sanity checks on option settings and/or unconsumed
+# arguments.
+libtool_validate_options ()
+{
+ # save first non-option argument
+ if test 0 -lt $#; then
+ nonopt=$1
+ shift
+ fi
+
+ # preserve --debug
+ test : = "$debug_cmd" || func_append preserve_args " --debug"
+
+ case $host in
+ # Solaris2 added to fix http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16452
+ # see also: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59788
+ *cygwin* | *mingw* | *pw32* | *cegcc* | *solaris2* | *os2*)
+ # don't eliminate duplications in $postdeps and $predeps
+ opt_duplicate_compiler_generated_deps=:
+ ;;
+ *)
+ opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps
+ ;;
+ esac
+
+ $opt_help || {
+ # Sanity checks first:
+ func_check_version_match
+
+ test yes != "$build_libtool_libs" \
+ && test yes != "$build_old_libs" \
+ && func_fatal_configuration "not configured to build any kind of library"
+
+ # Darwin sucks
+ eval std_shrext=\"$shrext_cmds\"
+
+ # Only execute mode is allowed to have -dlopen flags.
+ if test -n "$opt_dlopen" && test execute != "$opt_mode"; then
+ func_error "unrecognized option '-dlopen'"
+ $ECHO "$help" 1>&2
+ exit $EXIT_FAILURE
+ fi
+
+ # Change the help message to a mode-specific one.
+ generic_help=$help
+ help="Try '$progname --help --mode=$opt_mode' for more information."
+ }
+
+ # Pass back the unparsed argument list
+ func_quote eval ${1+"$@"}
+ libtool_validate_options_result=$func_quote_result
+}
+func_add_hook func_validate_options libtool_validate_options
+
+
+# Process options as early as possible so that --help and --version
+# can return quickly.
+func_options ${1+"$@"}
+eval set dummy "$func_options_result"; shift
+
+
+
+## ----------- ##
+## Main. ##
+## ----------- ##
+
+magic='%%%MAGIC variable%%%'
+magic_exe='%%%MAGIC EXE variable%%%'
+
+# Global variables.
+extracted_archives=
+extracted_serial=0
+
+# If this variable is set in any of the actions, the command in it
+# will be execed at the end. This prevents here-documents from being
+# left over by shells.
+exec_cmd=
+
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+ eval 'cat <<_LTECHO_EOF
+$1
+_LTECHO_EOF'
+}
+
+# func_generated_by_libtool
+# True iff stdin has been generated by Libtool. This function is only
+# a basic sanity check; it will hardly flush out determined imposters.
+func_generated_by_libtool_p ()
+{
+ $GREP "^# Generated by .*$PACKAGE" > /dev/null 2>&1
+}
+
+# func_lalib_p file
+# True iff FILE is a libtool '.la' library or '.lo' object file.
+# This function is only a basic sanity check; it will hardly flush out
+# determined imposters.
+func_lalib_p ()
+{
+ test -f "$1" &&
+ $SED -e 4q "$1" 2>/dev/null | func_generated_by_libtool_p
+}
+
+# func_lalib_unsafe_p file
+# True iff FILE is a libtool '.la' library or '.lo' object file.
+# This function implements the same check as func_lalib_p without
+# resorting to external programs. To this end, it redirects stdin and
+# closes it afterwards, without saving the original file descriptor.
+# As a safety measure, use it only where a negative result would be
+# fatal anyway. Works if 'file' does not exist.
+func_lalib_unsafe_p ()
+{
+ lalib_p=no
+ if test -f "$1" && test -r "$1" && exec 5<&0 <"$1"; then
+ for lalib_p_l in 1 2 3 4
+ do
+ read lalib_p_line
+ case $lalib_p_line in
+ \#\ Generated\ by\ *$PACKAGE* ) lalib_p=yes; break;;
+ esac
+ done
+ exec 0<&5 5<&-
+ fi
+ test yes = "$lalib_p"
+}
+
+# func_ltwrapper_script_p file
+# True iff FILE is a libtool wrapper script
+# This function is only a basic sanity check; it will hardly flush out
+# determined imposters.
+func_ltwrapper_script_p ()
+{
+ test -f "$1" &&
+ $lt_truncate_bin < "$1" 2>/dev/null | func_generated_by_libtool_p
+}
+
+# func_ltwrapper_executable_p file
+# True iff FILE is a libtool wrapper executable
+# This function is only a basic sanity check; it will hardly flush out
+# determined imposters.
+func_ltwrapper_executable_p ()
+{
+ func_ltwrapper_exec_suffix=
+ case $1 in
+ *.exe) ;;
+ *) func_ltwrapper_exec_suffix=.exe ;;
+ esac
+ $GREP "$magic_exe" "$1$func_ltwrapper_exec_suffix" >/dev/null 2>&1
+}
+
+# func_ltwrapper_scriptname file
+# Assumes file is an ltwrapper_executable
+# uses $file to determine the appropriate filename for a
+# temporary ltwrapper_script.
+func_ltwrapper_scriptname ()
+{
+ func_dirname_and_basename "$1" "" "."
+ func_stripname '' '.exe' "$func_basename_result"
+ func_ltwrapper_scriptname_result=$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper
+}
+
+# func_ltwrapper_p file
+# True iff FILE is a libtool wrapper script or wrapper executable
+# This function is only a basic sanity check; it will hardly flush out
+# determined imposters.
+func_ltwrapper_p ()
+{
+ func_ltwrapper_script_p "$1" || func_ltwrapper_executable_p "$1"
+}
+
+
+# func_execute_cmds commands fail_cmd
+# Execute tilde-delimited COMMANDS.
+# If FAIL_CMD is given, eval that upon failure.
+# FAIL_CMD may read-access the current command in variable CMD!
+func_execute_cmds ()
+{
+ $debug_cmd
+
+ save_ifs=$IFS; IFS='~'
+ for cmd in $1; do
+ IFS=$sp$nl
+ eval cmd=\"$cmd\"
+ IFS=$save_ifs
+ func_show_eval "$cmd" "${2-:}"
+ done
+ IFS=$save_ifs
+}
+
+
+# func_source file
+# Source FILE, adding directory component if necessary.
+# Note that it is not necessary on cygwin/mingw to append a dot to
+# FILE even if both FILE and FILE.exe exist: automatic-append-.exe
+# behavior happens only for exec(3), not for open(2)! Also, sourcing
+# 'FILE.' does not work on cygwin managed mounts.
+func_source ()
+{
+ $debug_cmd
+
+ case $1 in
+ */* | *\\*) . "$1" ;;
+ *) . "./$1" ;;
+ esac
+}
+
+
+# func_resolve_sysroot PATH
+# Replace a leading = in PATH with a sysroot. Store the result into
+# func_resolve_sysroot_result
+func_resolve_sysroot ()
+{
+ func_resolve_sysroot_result=$1
+ case $func_resolve_sysroot_result in
+ =*)
+ func_stripname '=' '' "$func_resolve_sysroot_result"
+ func_resolve_sysroot_result=$lt_sysroot$func_stripname_result
+ ;;
+ esac
+}
+
+# func_replace_sysroot PATH
+# If PATH begins with the sysroot, replace it with = and
+# store the result into func_replace_sysroot_result.
+func_replace_sysroot ()
+{
+ case $lt_sysroot:$1 in
+ ?*:"$lt_sysroot"*)
+ func_stripname "$lt_sysroot" '' "$1"
+ func_replace_sysroot_result='='$func_stripname_result
+ ;;
+ *)
+ # Including no sysroot.
+ func_replace_sysroot_result=$1
+ ;;
+ esac
+}
+
+# func_infer_tag arg
+# Infer tagged configuration to use if any are available and
+# if one wasn't chosen via the "--tag" command line option.
+# Only attempt this if the compiler in the base compile
+# command doesn't match the default compiler.
+# arg is usually of the form 'gcc ...'
+func_infer_tag ()
+{
+ $debug_cmd
+
+ if test -n "$available_tags" && test -z "$tagname"; then
+ CC_quoted=
+ for arg in $CC; do
+ func_append_quoted CC_quoted "$arg"
+ done
+ CC_expanded=`func_echo_all $CC`
+ CC_quoted_expanded=`func_echo_all $CC_quoted`
+ case $@ in
+ # Blanks in the command may have been stripped by the calling shell,
+ # but not from the CC environment variable when configure was run.
+ " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \
+ " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*) ;;
+ # Blanks at the start of $base_compile will cause this to fail
+ # if we don't check for them as well.
+ *)
+ for z in $available_tags; do
+ if $GREP "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then
+ # Evaluate the configuration.
+ eval "`$SED -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`"
+ CC_quoted=
+ for arg in $CC; do
+ # Double-quote args containing other shell metacharacters.
+ func_append_quoted CC_quoted "$arg"
+ done
+ CC_expanded=`func_echo_all $CC`
+ CC_quoted_expanded=`func_echo_all $CC_quoted`
+ case "$@ " in
+ " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \
+ " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*)
+ # The compiler in the base compile command matches
+ # the one in the tagged configuration.
+ # Assume this is the tagged configuration we want.
+ tagname=$z
+ break
+ ;;
+ esac
+ fi
+ done
+ # If $tagname still isn't set, then no tagged configuration
+ # was found and let the user know that the "--tag" command
+ # line option must be used.
+ if test -z "$tagname"; then
+ func_echo "unable to infer tagged configuration"
+ func_fatal_error "specify a tag with '--tag'"
+# else
+# func_verbose "using $tagname tagged configuration"
+ fi
+ ;;
+ esac
+ fi
+}
+
+
+
+# func_write_libtool_object output_name pic_name nonpic_name
+# Create a libtool object file (analogous to a ".la" file),
+# but don't create it if we're doing a dry run.
+func_write_libtool_object ()
+{
+ write_libobj=$1
+ if test yes = "$build_libtool_libs"; then
+ write_lobj=\'$2\'
+ else
+ write_lobj=none
+ fi
+
+ if test yes = "$build_old_libs"; then
+ write_oldobj=\'$3\'
+ else
+ write_oldobj=none
+ fi
+
+ $opt_dry_run || {
+ cat >${write_libobj}T <<EOF
+# $write_libobj - a libtool object file
+# Generated by $PROGRAM (GNU $PACKAGE) $VERSION
+#
+# Please DO NOT delete this file!
+# It is necessary for linking the library.
+
+# Name of the PIC object.
+pic_object=$write_lobj
+
+# Name of the non-PIC object
+non_pic_object=$write_oldobj
+
+EOF
+ $MV "${write_libobj}T" "$write_libobj"
+ }
+}
+
+
+##################################################
+# FILE NAME AND PATH CONVERSION HELPER FUNCTIONS #
+##################################################
+
+# func_convert_core_file_wine_to_w32 ARG
+# Helper function used by file name conversion functions when $build is *nix,
+# and $host is mingw, cygwin, or some other w32 environment. Relies on a
+# correctly configured wine environment available, with the winepath program
+# in $build's $PATH.
+#
+# ARG is the $build file name to be converted to w32 format.
+# Result is available in $func_convert_core_file_wine_to_w32_result, and will
+# be empty on error (or when ARG is empty)
+func_convert_core_file_wine_to_w32 ()
+{
+ $debug_cmd
+
+ func_convert_core_file_wine_to_w32_result=$1
+ if test -n "$1"; then
+ # Unfortunately, winepath does not exit with a non-zero error code, so we
+ # are forced to check the contents of stdout. On the other hand, if the
+ # command is not found, the shell will set an exit code of 127 and print
+ # *an error message* to stdout. So we must check for both error code of
+ # zero AND non-empty stdout, which explains the odd construction:
+ func_convert_core_file_wine_to_w32_tmp=`winepath -w "$1" 2>/dev/null`
+ if test "$?" -eq 0 && test -n "$func_convert_core_file_wine_to_w32_tmp"; then
+ func_convert_core_file_wine_to_w32_result=`$ECHO "$func_convert_core_file_wine_to_w32_tmp" |
+ $SED -e "$sed_naive_backslashify"`
+ else
+ func_convert_core_file_wine_to_w32_result=
+ fi
+ fi
+}
+# end: func_convert_core_file_wine_to_w32
+
+
+# func_convert_core_path_wine_to_w32 ARG
+# Helper function used by path conversion functions when $build is *nix, and
+# $host is mingw, cygwin, or some other w32 environment. Relies on a correctly
+# configured wine environment available, with the winepath program in $build's
+# $PATH. Assumes ARG has no leading or trailing path separator characters.
+#
+# ARG is path to be converted from $build format to win32.
+# Result is available in $func_convert_core_path_wine_to_w32_result.
+# Unconvertible file (directory) names in ARG are skipped; if no directory names
+# are convertible, then the result may be empty.
+func_convert_core_path_wine_to_w32 ()
+{
+ $debug_cmd
+
+ # unfortunately, winepath doesn't convert paths, only file names
+ func_convert_core_path_wine_to_w32_result=
+ if test -n "$1"; then
+ oldIFS=$IFS
+ IFS=:
+ for func_convert_core_path_wine_to_w32_f in $1; do
+ IFS=$oldIFS
+ func_convert_core_file_wine_to_w32 "$func_convert_core_path_wine_to_w32_f"
+ if test -n "$func_convert_core_file_wine_to_w32_result"; then
+ if test -z "$func_convert_core_path_wine_to_w32_result"; then
+ func_convert_core_path_wine_to_w32_result=$func_convert_core_file_wine_to_w32_result
+ else
+ func_append func_convert_core_path_wine_to_w32_result ";$func_convert_core_file_wine_to_w32_result"
+ fi
+ fi
+ done
+ IFS=$oldIFS
+ fi
+}
+# end: func_convert_core_path_wine_to_w32
+
+
+# func_cygpath ARGS...
+# Wrapper around calling the cygpath program via LT_CYGPATH. This is used when
+# when (1) $build is *nix and Cygwin is hosted via a wine environment; or (2)
+# $build is MSYS and $host is Cygwin, or (3) $build is Cygwin. In case (1) or
+# (2), returns the Cygwin file name or path in func_cygpath_result (input
+# file name or path is assumed to be in w32 format, as previously converted
+# from $build's *nix or MSYS format). In case (3), returns the w32 file name
+# or path in func_cygpath_result (input file name or path is assumed to be in
+# Cygwin format). Returns an empty string on error.
+#
+# ARGS are passed to cygpath, with the last one being the file name or path to
+# be converted.
+#
+# Specify the absolute *nix (or w32) name to cygpath in the LT_CYGPATH
+# environment variable; do not put it in $PATH.
+func_cygpath ()
+{
+ $debug_cmd
+
+ if test -n "$LT_CYGPATH" && test -f "$LT_CYGPATH"; then
+ func_cygpath_result=`$LT_CYGPATH "$@" 2>/dev/null`
+ if test "$?" -ne 0; then
+ # on failure, ensure result is empty
+ func_cygpath_result=
+ fi
+ else
+ func_cygpath_result=
+ func_error "LT_CYGPATH is empty or specifies non-existent file: '$LT_CYGPATH'"
+ fi
+}
+#end: func_cygpath
+
+
+# func_convert_core_msys_to_w32 ARG
+# Convert file name or path ARG from MSYS format to w32 format. Return
+# result in func_convert_core_msys_to_w32_result.
+func_convert_core_msys_to_w32 ()
+{
+ $debug_cmd
+
+ # awkward: cmd appends spaces to result
+ func_convert_core_msys_to_w32_result=`( cmd //c echo "$1" ) 2>/dev/null |
+ $SED -e 's/[ ]*$//' -e "$sed_naive_backslashify"`
+}
+#end: func_convert_core_msys_to_w32
+
+
+# func_convert_file_check ARG1 ARG2
+# Verify that ARG1 (a file name in $build format) was converted to $host
+# format in ARG2. Otherwise, emit an error message, but continue (resetting
+# func_to_host_file_result to ARG1).
+func_convert_file_check ()
+{
+ $debug_cmd
+
+ if test -z "$2" && test -n "$1"; then
+ func_error "Could not determine host file name corresponding to"
+ func_error " '$1'"
+ func_error "Continuing, but uninstalled executables may not work."
+ # Fallback:
+ func_to_host_file_result=$1
+ fi
+}
+# end func_convert_file_check
+
+
+# func_convert_path_check FROM_PATHSEP TO_PATHSEP FROM_PATH TO_PATH
+# Verify that FROM_PATH (a path in $build format) was converted to $host
+# format in TO_PATH. Otherwise, emit an error message, but continue, resetting
+# func_to_host_file_result to a simplistic fallback value (see below).
+func_convert_path_check ()
+{
+ $debug_cmd
+
+ if test -z "$4" && test -n "$3"; then
+ func_error "Could not determine the host path corresponding to"
+ func_error " '$3'"
+ func_error "Continuing, but uninstalled executables may not work."
+ # Fallback. This is a deliberately simplistic "conversion" and
+ # should not be "improved". See libtool.info.
+ if test "x$1" != "x$2"; then
+ lt_replace_pathsep_chars="s|$1|$2|g"
+ func_to_host_path_result=`echo "$3" |
+ $SED -e "$lt_replace_pathsep_chars"`
+ else
+ func_to_host_path_result=$3
+ fi
+ fi
+}
+# end func_convert_path_check
+
+
+# func_convert_path_front_back_pathsep FRONTPAT BACKPAT REPL ORIG
+# Modifies func_to_host_path_result by prepending REPL if ORIG matches FRONTPAT
+# and appending REPL if ORIG matches BACKPAT.
+func_convert_path_front_back_pathsep ()
+{
+ $debug_cmd
+
+ case $4 in
+ $1 ) func_to_host_path_result=$3$func_to_host_path_result
+ ;;
+ esac
+ case $4 in
+ $2 ) func_append func_to_host_path_result "$3"
+ ;;
+ esac
+}
+# end func_convert_path_front_back_pathsep
+
+
+##################################################
+# $build to $host FILE NAME CONVERSION FUNCTIONS #
+##################################################
+# invoked via '$to_host_file_cmd ARG'
+#
+# In each case, ARG is the path to be converted from $build to $host format.
+# Result will be available in $func_to_host_file_result.
+
+
+# func_to_host_file ARG
+# Converts the file name ARG from $build format to $host format. Return result
+# in func_to_host_file_result.
+func_to_host_file ()
+{
+ $debug_cmd
+
+ $to_host_file_cmd "$1"
+}
+# end func_to_host_file
+
+
+# func_to_tool_file ARG LAZY
+# converts the file name ARG from $build format to toolchain format. Return
+# result in func_to_tool_file_result. If the conversion in use is listed
+# in (the comma separated) LAZY, no conversion takes place.
+func_to_tool_file ()
+{
+ $debug_cmd
+
+ case ,$2, in
+ *,"$to_tool_file_cmd",*)
+ func_to_tool_file_result=$1
+ ;;
+ *)
+ $to_tool_file_cmd "$1"
+ func_to_tool_file_result=$func_to_host_file_result
+ ;;
+ esac
+}
+# end func_to_tool_file
+
+
+# func_convert_file_noop ARG
+# Copy ARG to func_to_host_file_result.
+func_convert_file_noop ()
+{
+ func_to_host_file_result=$1
+}
+# end func_convert_file_noop
+
+
+# func_convert_file_msys_to_w32 ARG
+# Convert file name ARG from (mingw) MSYS to (mingw) w32 format; automatic
+# conversion to w32 is not available inside the cwrapper. Returns result in
+# func_to_host_file_result.
+func_convert_file_msys_to_w32 ()
+{
+ $debug_cmd
+
+ func_to_host_file_result=$1
+ if test -n "$1"; then
+ func_convert_core_msys_to_w32 "$1"
+ func_to_host_file_result=$func_convert_core_msys_to_w32_result
+ fi
+ func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_msys_to_w32
+
+
+# func_convert_file_cygwin_to_w32 ARG
+# Convert file name ARG from Cygwin to w32 format. Returns result in
+# func_to_host_file_result.
+func_convert_file_cygwin_to_w32 ()
+{
+ $debug_cmd
+
+ func_to_host_file_result=$1
+ if test -n "$1"; then
+ # because $build is cygwin, we call "the" cygpath in $PATH; no need to use
+ # LT_CYGPATH in this case.
+ func_to_host_file_result=`cygpath -m "$1"`
+ fi
+ func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_cygwin_to_w32
+
+
+# func_convert_file_nix_to_w32 ARG
+# Convert file name ARG from *nix to w32 format. Requires a wine environment
+# and a working winepath. Returns result in func_to_host_file_result.
+func_convert_file_nix_to_w32 ()
+{
+ $debug_cmd
+
+ func_to_host_file_result=$1
+ if test -n "$1"; then
+ func_convert_core_file_wine_to_w32 "$1"
+ func_to_host_file_result=$func_convert_core_file_wine_to_w32_result
+ fi
+ func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_nix_to_w32
+
+
+# func_convert_file_msys_to_cygwin ARG
+# Convert file name ARG from MSYS to Cygwin format. Requires LT_CYGPATH set.
+# Returns result in func_to_host_file_result.
+func_convert_file_msys_to_cygwin ()
+{
+ $debug_cmd
+
+ func_to_host_file_result=$1
+ if test -n "$1"; then
+ func_convert_core_msys_to_w32 "$1"
+ func_cygpath -u "$func_convert_core_msys_to_w32_result"
+ func_to_host_file_result=$func_cygpath_result
+ fi
+ func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_msys_to_cygwin
+
+
+# func_convert_file_nix_to_cygwin ARG
+# Convert file name ARG from *nix to Cygwin format. Requires Cygwin installed
+# in a wine environment, working winepath, and LT_CYGPATH set. Returns result
+# in func_to_host_file_result.
+func_convert_file_nix_to_cygwin ()
+{
+ $debug_cmd
+
+ func_to_host_file_result=$1
+ if test -n "$1"; then
+ # convert from *nix to w32, then use cygpath to convert from w32 to cygwin.
+ func_convert_core_file_wine_to_w32 "$1"
+ func_cygpath -u "$func_convert_core_file_wine_to_w32_result"
+ func_to_host_file_result=$func_cygpath_result
+ fi
+ func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_nix_to_cygwin
+
+
+#############################################
+# $build to $host PATH CONVERSION FUNCTIONS #
+#############################################
+# invoked via '$to_host_path_cmd ARG'
+#
+# In each case, ARG is the path to be converted from $build to $host format.
+# The result will be available in $func_to_host_path_result.
+#
+# Path separators are also converted from $build format to $host format. If
+# ARG begins or ends with a path separator character, it is preserved (but
+# converted to $host format) on output.
+#
+# All path conversion functions are named using the following convention:
+# file name conversion function : func_convert_file_X_to_Y ()
+# path conversion function : func_convert_path_X_to_Y ()
+# where, for any given $build/$host combination the 'X_to_Y' value is the
+# same. If conversion functions are added for new $build/$host combinations,
+# the two new functions must follow this pattern, or func_init_to_host_path_cmd
+# will break.
+
+
+# func_init_to_host_path_cmd
+# Ensures that function "pointer" variable $to_host_path_cmd is set to the
+# appropriate value, based on the value of $to_host_file_cmd.
+to_host_path_cmd=
+func_init_to_host_path_cmd ()
+{
+ $debug_cmd
+
+ if test -z "$to_host_path_cmd"; then
+ func_stripname 'func_convert_file_' '' "$to_host_file_cmd"
+ to_host_path_cmd=func_convert_path_$func_stripname_result
+ fi
+}
+
+
+# func_to_host_path ARG
+# Converts the path ARG from $build format to $host format. Return result
+# in func_to_host_path_result.
+func_to_host_path ()
+{
+ $debug_cmd
+
+ func_init_to_host_path_cmd
+ $to_host_path_cmd "$1"
+}
+# end func_to_host_path
+
+
+# func_convert_path_noop ARG
+# Copy ARG to func_to_host_path_result.
+func_convert_path_noop ()
+{
+ func_to_host_path_result=$1
+}
+# end func_convert_path_noop
+
+
+# func_convert_path_msys_to_w32 ARG
+# Convert path ARG from (mingw) MSYS to (mingw) w32 format; automatic
+# conversion to w32 is not available inside the cwrapper. Returns result in
+# func_to_host_path_result.
+func_convert_path_msys_to_w32 ()
+{
+ $debug_cmd
+
+ func_to_host_path_result=$1
+ if test -n "$1"; then
+ # Remove leading and trailing path separator characters from ARG. MSYS
+ # behavior is inconsistent here; cygpath turns them into '.;' and ';.';
+ # and winepath ignores them completely.
+ func_stripname : : "$1"
+ func_to_host_path_tmp1=$func_stripname_result
+ func_convert_core_msys_to_w32 "$func_to_host_path_tmp1"
+ func_to_host_path_result=$func_convert_core_msys_to_w32_result
+ func_convert_path_check : ";" \
+ "$func_to_host_path_tmp1" "$func_to_host_path_result"
+ func_convert_path_front_back_pathsep ":*" "*:" ";" "$1"
+ fi
+}
+# end func_convert_path_msys_to_w32
+
+
+# func_convert_path_cygwin_to_w32 ARG
+# Convert path ARG from Cygwin to w32 format. Returns result in
+# func_to_host_file_result.
+func_convert_path_cygwin_to_w32 ()
+{
+ $debug_cmd
+
+ func_to_host_path_result=$1
+ if test -n "$1"; then
+ # See func_convert_path_msys_to_w32:
+ func_stripname : : "$1"
+ func_to_host_path_tmp1=$func_stripname_result
+ func_to_host_path_result=`cygpath -m -p "$func_to_host_path_tmp1"`
+ func_convert_path_check : ";" \
+ "$func_to_host_path_tmp1" "$func_to_host_path_result"
+ func_convert_path_front_back_pathsep ":*" "*:" ";" "$1"
+ fi
+}
+# end func_convert_path_cygwin_to_w32
+
+
+# func_convert_path_nix_to_w32 ARG
+# Convert path ARG from *nix to w32 format. Requires a wine environment and
+# a working winepath. Returns result in func_to_host_file_result.
+func_convert_path_nix_to_w32 ()
+{
+ $debug_cmd
+
+ func_to_host_path_result=$1
+ if test -n "$1"; then
+ # See func_convert_path_msys_to_w32:
+ func_stripname : : "$1"
+ func_to_host_path_tmp1=$func_stripname_result
+ func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1"
+ func_to_host_path_result=$func_convert_core_path_wine_to_w32_result
+ func_convert_path_check : ";" \
+ "$func_to_host_path_tmp1" "$func_to_host_path_result"
+ func_convert_path_front_back_pathsep ":*" "*:" ";" "$1"
+ fi
+}
+# end func_convert_path_nix_to_w32
+
+
+# func_convert_path_msys_to_cygwin ARG
+# Convert path ARG from MSYS to Cygwin format. Requires LT_CYGPATH set.
+# Returns result in func_to_host_file_result.
+func_convert_path_msys_to_cygwin ()
+{
+ $debug_cmd
+
+ func_to_host_path_result=$1
+ if test -n "$1"; then
+ # See func_convert_path_msys_to_w32:
+ func_stripname : : "$1"
+ func_to_host_path_tmp1=$func_stripname_result
+ func_convert_core_msys_to_w32 "$func_to_host_path_tmp1"
+ func_cygpath -u -p "$func_convert_core_msys_to_w32_result"
+ func_to_host_path_result=$func_cygpath_result
+ func_convert_path_check : : \
+ "$func_to_host_path_tmp1" "$func_to_host_path_result"
+ func_convert_path_front_back_pathsep ":*" "*:" : "$1"
+ fi
+}
+# end func_convert_path_msys_to_cygwin
+
+
+# func_convert_path_nix_to_cygwin ARG
+# Convert path ARG from *nix to Cygwin format. Requires Cygwin installed in a
+# a wine environment, working winepath, and LT_CYGPATH set. Returns result in
+# func_to_host_file_result.
+func_convert_path_nix_to_cygwin ()
+{
+ $debug_cmd
+
+ func_to_host_path_result=$1
+ if test -n "$1"; then
+ # Remove leading and trailing path separator characters from
+ # ARG. msys behavior is inconsistent here, cygpath turns them
+ # into '.;' and ';.', and winepath ignores them completely.
+ func_stripname : : "$1"
+ func_to_host_path_tmp1=$func_stripname_result
+ func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1"
+ func_cygpath -u -p "$func_convert_core_path_wine_to_w32_result"
+ func_to_host_path_result=$func_cygpath_result
+ func_convert_path_check : : \
+ "$func_to_host_path_tmp1" "$func_to_host_path_result"
+ func_convert_path_front_back_pathsep ":*" "*:" : "$1"
+ fi
+}
+# end func_convert_path_nix_to_cygwin
+
+
+# func_dll_def_p FILE
+# True iff FILE is a Windows DLL '.def' file.
+# Keep in sync with _LT_DLL_DEF_P in libtool.m4
+func_dll_def_p ()
+{
+ $debug_cmd
+
+ func_dll_def_p_tmp=`$SED -n \
+ -e 's/^[ ]*//' \
+ -e '/^\(;.*\)*$/d' \
+ -e 's/^\(EXPORTS\|LIBRARY\)\([ ].*\)*$/DEF/p' \
+ -e q \
+ "$1"`
+ test DEF = "$func_dll_def_p_tmp"
+}
+
+
+# func_mode_compile arg...
+func_mode_compile ()
+{
+ $debug_cmd
+
+ # Get the compilation command and the source file.
+ base_compile=
+ srcfile=$nonopt # always keep a non-empty value in "srcfile"
+ suppress_opt=yes
+ suppress_output=
+ arg_mode=normal
+ libobj=
+ later=
+ pie_flag=
+
+ for arg
+ do
+ case $arg_mode in
+ arg )
+ # do not "continue". Instead, add this to base_compile
+ lastarg=$arg
+ arg_mode=normal
+ ;;
+
+ target )
+ libobj=$arg
+ arg_mode=normal
+ continue
+ ;;
+
+ normal )
+ # Accept any command-line options.
+ case $arg in
+ -o)
+ test -n "$libobj" && \
+ func_fatal_error "you cannot specify '-o' more than once"
+ arg_mode=target
+ continue
+ ;;
+
+ -pie | -fpie | -fPIE)
+ func_append pie_flag " $arg"
+ continue
+ ;;
+
+ -shared | -static | -prefer-pic | -prefer-non-pic)
+ func_append later " $arg"
+ continue
+ ;;
+
+ -no-suppress)
+ suppress_opt=no
+ continue
+ ;;
+
+ -Xcompiler)
+ arg_mode=arg # the next one goes into the "base_compile" arg list
+ continue # The current "srcfile" will either be retained or
+ ;; # replaced later. I would guess that would be a bug.
+
+ -Wc,*)
+ func_stripname '-Wc,' '' "$arg"
+ args=$func_stripname_result
+ lastarg=
+ save_ifs=$IFS; IFS=,
+ for arg in $args; do
+ IFS=$save_ifs
+ func_append_quoted lastarg "$arg"
+ done
+ IFS=$save_ifs
+ func_stripname ' ' '' "$lastarg"
+ lastarg=$func_stripname_result
+
+ # Add the arguments to base_compile.
+ func_append base_compile " $lastarg"
+ continue
+ ;;
+
+ *)
+ # Accept the current argument as the source file.
+ # The previous "srcfile" becomes the current argument.
+ #
+ lastarg=$srcfile
+ srcfile=$arg
+ ;;
+ esac # case $arg
+ ;;
+ esac # case $arg_mode
+
+ # Aesthetically quote the previous argument.
+ func_append_quoted base_compile "$lastarg"
+ done # for arg
+
+ case $arg_mode in
+ arg)
+ func_fatal_error "you must specify an argument for -Xcompile"
+ ;;
+ target)
+ func_fatal_error "you must specify a target with '-o'"
+ ;;
+ *)
+ # Get the name of the library object.
+ test -z "$libobj" && {
+ func_basename "$srcfile"
+ libobj=$func_basename_result
+ }
+ ;;
+ esac
+
+ # Recognize several different file suffixes.
+ # If the user specifies -o file.o, it is replaced with file.lo
+ case $libobj in
+ *.[cCFSifmso] | \
+ *.ada | *.adb | *.ads | *.asm | \
+ *.c++ | *.cc | *.ii | *.class | *.cpp | *.cxx | \
+ *.[fF][09]? | *.for | *.java | *.go | *.obj | *.sx | *.cu | *.cup)
+ func_xform "$libobj"
+ libobj=$func_xform_result
+ ;;
+ esac
+
+ case $libobj in
+ *.lo) func_lo2o "$libobj"; obj=$func_lo2o_result ;;
+ *)
+ func_fatal_error "cannot determine name of library object from '$libobj'"
+ ;;
+ esac
+
+ func_infer_tag $base_compile
+
+ for arg in $later; do
+ case $arg in
+ -shared)
+ test yes = "$build_libtool_libs" \
+ || func_fatal_configuration "cannot build a shared library"
+ build_old_libs=no
+ continue
+ ;;
+
+ -static)
+ build_libtool_libs=no
+ build_old_libs=yes
+ continue
+ ;;
+
+ -prefer-pic)
+ pic_mode=yes
+ continue
+ ;;
+
+ -prefer-non-pic)
+ pic_mode=no
+ continue
+ ;;
+ esac
+ done
+
+ func_quote_arg pretty "$libobj"
+ test "X$libobj" != "X$func_quote_arg_result" \
+ && $ECHO "X$libobj" | $GREP '[]~#^*{};<>?"'"'"' &()|`$[]' \
+ && func_warning "libobj name '$libobj' may not contain shell special characters."
+ func_dirname_and_basename "$obj" "/" ""
+ objname=$func_basename_result
+ xdir=$func_dirname_result
+ lobj=$xdir$objdir/$objname
+
+ test -z "$base_compile" && \
+ func_fatal_help "you must specify a compilation command"
+
+ # Delete any leftover library objects.
+ if test yes = "$build_old_libs"; then
+ removelist="$obj $lobj $libobj ${libobj}T"
+ else
+ removelist="$lobj $libobj ${libobj}T"
+ fi
+
+ # On Cygwin there's no "real" PIC flag so we must build both object types
+ case $host_os in
+ cygwin* | mingw* | pw32* | os2* | cegcc*)
+ pic_mode=default
+ ;;
+ esac
+ if test no = "$pic_mode" && test pass_all != "$deplibs_check_method"; then
+ # non-PIC code in shared libraries is not supported
+ pic_mode=default
+ fi
+
+ # Calculate the filename of the output object if compiler does
+ # not support -o with -c
+ if test no = "$compiler_c_o"; then
+ output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.$objext
+ lockfile=$output_obj.lock
+ else
+ output_obj=
+ need_locks=no
+ lockfile=
+ fi
+
+ # Lock this critical section if it is needed
+ # We use this script file to make the link, it avoids creating a new file
+ if test yes = "$need_locks"; then
+ until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do
+ func_echo "Waiting for $lockfile to be removed"
+ sleep 2
+ done
+ elif test warn = "$need_locks"; then
+ if test -f "$lockfile"; then
+ $ECHO "\
+*** ERROR, $lockfile exists and contains:
+`cat $lockfile 2>/dev/null`
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support '-c' and '-o' together. If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+ $opt_dry_run || $RM $removelist
+ exit $EXIT_FAILURE
+ fi
+ func_append removelist " $output_obj"
+ $ECHO "$srcfile" > "$lockfile"
+ fi
+
+ $opt_dry_run || $RM $removelist
+ func_append removelist " $lockfile"
+ trap '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' 1 2 15
+
+ func_to_tool_file "$srcfile" func_convert_file_msys_to_w32
+ srcfile=$func_to_tool_file_result
+ func_quote_arg pretty "$srcfile"
+ qsrcfile=$func_quote_arg_result
+
+ # Only build a PIC object if we are building libtool libraries.
+ if test yes = "$build_libtool_libs"; then
+ # Without this assignment, base_compile gets emptied.
+ fbsd_hideous_sh_bug=$base_compile
+
+ if test no != "$pic_mode"; then
+ command="$base_compile $qsrcfile $pic_flag"
+ else
+ # Don't build PIC code
+ command="$base_compile $qsrcfile"
+ fi
+
+ func_mkdir_p "$xdir$objdir"
+
+ if test -z "$output_obj"; then
+ # Place PIC objects in $objdir
+ func_append command " -o $lobj"
+ fi
+
+ func_show_eval_locale "$command" \
+ 'test -n "$output_obj" && $RM $removelist; exit $EXIT_FAILURE'
+
+ if test warn = "$need_locks" &&
+ test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then
+ $ECHO "\
+*** ERROR, $lockfile contains:
+`cat $lockfile 2>/dev/null`
+
+but it should contain:
+$srcfile
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support '-c' and '-o' together. If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+ $opt_dry_run || $RM $removelist
+ exit $EXIT_FAILURE
+ fi
+
+ # Just move the object if needed, then go on to compile the next one
+ if test -n "$output_obj" && test "X$output_obj" != "X$lobj"; then
+ func_show_eval '$MV "$output_obj" "$lobj"' \
+ 'error=$?; $opt_dry_run || $RM $removelist; exit $error'
+ fi
+
+ # Allow error messages only from the first compilation.
+ if test yes = "$suppress_opt"; then
+ suppress_output=' >/dev/null 2>&1'
+ fi
+ fi
+
+ # Only build a position-dependent object if we build old libraries.
+ if test yes = "$build_old_libs"; then
+ if test yes != "$pic_mode"; then
+ # Don't build PIC code
+ command="$base_compile $qsrcfile$pie_flag"
+ else
+ command="$base_compile $qsrcfile $pic_flag"
+ fi
+ if test yes = "$compiler_c_o"; then
+ func_append command " -o $obj"
+ fi
+
+ # Suppress compiler output if we already did a PIC compilation.
+ func_append command "$suppress_output"
+ func_show_eval_locale "$command" \
+ '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE'
+
+ if test warn = "$need_locks" &&
+ test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then
+ $ECHO "\
+*** ERROR, $lockfile contains:
+`cat $lockfile 2>/dev/null`
+
+but it should contain:
+$srcfile
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support '-c' and '-o' together. If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+ $opt_dry_run || $RM $removelist
+ exit $EXIT_FAILURE
+ fi
+
+ # Just move the object if needed
+ if test -n "$output_obj" && test "X$output_obj" != "X$obj"; then
+ func_show_eval '$MV "$output_obj" "$obj"' \
+ 'error=$?; $opt_dry_run || $RM $removelist; exit $error'
+ fi
+ fi
+
+ $opt_dry_run || {
+ func_write_libtool_object "$libobj" "$objdir/$objname" "$objname"
+
+ # Unlock the critical section if it was locked
+ if test no != "$need_locks"; then
+ removelist=$lockfile
+ $RM "$lockfile"
+ fi
+ }
+
+ exit $EXIT_SUCCESS
+}
+
+$opt_help || {
+ test compile = "$opt_mode" && func_mode_compile ${1+"$@"}
+}
+
+func_mode_help ()
+{
+ # We need to display help for each of the modes.
+ case $opt_mode in
+ "")
+ # Generic help is extracted from the usage comments
+ # at the start of this file.
+ func_help
+ ;;
+
+ clean)
+ $ECHO \
+"Usage: $progname [OPTION]... --mode=clean RM [RM-OPTION]... FILE...
+
+Remove files from the build directory.
+
+RM is the name of the program to use to delete files associated with each FILE
+(typically '/bin/rm'). RM-OPTIONS are options (such as '-f') to be passed
+to RM.
+
+If FILE is a libtool library, object or program, all the files associated
+with it are deleted. Otherwise, only FILE itself is deleted using RM."
+ ;;
+
+ compile)
+ $ECHO \
+"Usage: $progname [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE
+
+Compile a source file into a libtool library object.
+
+This mode accepts the following additional options:
+
+ -o OUTPUT-FILE set the output file name to OUTPUT-FILE
+ -no-suppress do not suppress compiler output for multiple passes
+ -prefer-pic try to build PIC objects only
+ -prefer-non-pic try to build non-PIC objects only
+ -shared do not build a '.o' file suitable for static linking
+ -static only build a '.o' file suitable for static linking
+ -Wc,FLAG
+ -Xcompiler FLAG pass FLAG directly to the compiler
+
+COMPILE-COMMAND is a command to be used in creating a 'standard' object file
+from the given SOURCEFILE.
+
+The output file name is determined by removing the directory component from
+SOURCEFILE, then substituting the C source code suffix '.c' with the
+library object suffix, '.lo'."
+ ;;
+
+ execute)
+ $ECHO \
+"Usage: $progname [OPTION]... --mode=execute COMMAND [ARGS]...
+
+Automatically set library path, then run a program.
+
+This mode accepts the following additional options:
+
+ -dlopen FILE add the directory containing FILE to the library path
+
+This mode sets the library path environment variable according to '-dlopen'
+flags.
+
+If any of the ARGS are libtool executable wrappers, then they are translated
+into their corresponding uninstalled binary, and any of their required library
+directories are added to the library path.
+
+Then, COMMAND is executed, with ARGS as arguments."
+ ;;
+
+ finish)
+ $ECHO \
+"Usage: $progname [OPTION]... --mode=finish [LIBDIR]...
+
+Complete the installation of libtool libraries.
+
+Each LIBDIR is a directory that contains libtool libraries.
+
+The commands that this mode executes may require superuser privileges. Use
+the '--dry-run' option if you just want to see what would be executed."
+ ;;
+
+ install)
+ $ECHO \
+"Usage: $progname [OPTION]... --mode=install INSTALL-COMMAND...
+
+Install executables or libraries.
+
+INSTALL-COMMAND is the installation command. The first component should be
+either the 'install' or 'cp' program.
+
+The following components of INSTALL-COMMAND are treated specially:
+
+ -inst-prefix-dir PREFIX-DIR Use PREFIX-DIR as a staging area for installation
+
+The rest of the components are interpreted as arguments to that command (only
+BSD-compatible install options are recognized)."
+ ;;
+
+ link)
+ $ECHO \
+"Usage: $progname [OPTION]... --mode=link LINK-COMMAND...
+
+Link object files or libraries together to form another library, or to
+create an executable program.
+
+LINK-COMMAND is a command using the C compiler that you would use to create
+a program from several object files.
+
+The following components of LINK-COMMAND are treated specially:
+
+ -all-static do not do any dynamic linking at all
+ -avoid-version do not add a version suffix if possible
+ -bindir BINDIR specify path to binaries directory (for systems where
+ libraries must be found in the PATH setting at runtime)
+ -dlopen FILE '-dlpreopen' FILE if it cannot be dlopened at runtime
+ -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols
+ -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3)
+ -export-symbols SYMFILE
+ try to export only the symbols listed in SYMFILE
+ -export-symbols-regex REGEX
+ try to export only the symbols matching REGEX
+ -LLIBDIR search LIBDIR for required installed libraries
+ -lNAME OUTPUT-FILE requires the installed library libNAME
+ -module build a library that can dlopened
+ -no-fast-install disable the fast-install mode
+ -no-install link a not-installable executable
+ -no-undefined declare that a library does not refer to external symbols
+ -o OUTPUT-FILE create OUTPUT-FILE from the specified objects
+ -objectlist FILE use a list of object files found in FILE to specify objects
+ -os2dllname NAME force a short DLL name on OS/2 (no effect on other OSes)
+ -precious-files-regex REGEX
+ don't remove output files matching REGEX
+ -release RELEASE specify package release information
+ -rpath LIBDIR the created library will eventually be installed in LIBDIR
+ -R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries
+ -shared only do dynamic linking of libtool libraries
+ -shrext SUFFIX override the standard shared library file extension
+ -static do not do any dynamic linking of uninstalled libtool libraries
+ -static-libtool-libs
+ do not do any dynamic linking of libtool libraries
+ -version-info CURRENT[:REVISION[:AGE]]
+ specify library version info [each variable defaults to 0]
+ -weak LIBNAME declare that the target provides the LIBNAME interface
+ -Wc,FLAG
+ -Xcompiler FLAG pass linker-specific FLAG directly to the compiler
+ -Wa,FLAG
+ -Xassembler FLAG pass linker-specific FLAG directly to the assembler
+ -Wl,FLAG
+ -Xlinker FLAG pass linker-specific FLAG directly to the linker
+ -XCClinker FLAG pass link-specific FLAG to the compiler driver (CC)
+
+All other options (arguments beginning with '-') are ignored.
+
+Every other argument is treated as a filename. Files ending in '.la' are
+treated as uninstalled libtool libraries, other files are standard or library
+object files.
+
+If the OUTPUT-FILE ends in '.la', then a libtool library is created,
+only library objects ('.lo' files) may be specified, and '-rpath' is
+required, except when creating a convenience library.
+
+If OUTPUT-FILE ends in '.a' or '.lib', then a standard library is created
+using 'ar' and 'ranlib', or on Windows using 'lib'.
+
+If OUTPUT-FILE ends in '.lo' or '.$objext', then a reloadable object file
+is created, otherwise an executable program is created."
+ ;;
+
+ uninstall)
+ $ECHO \
+"Usage: $progname [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE...
+
+Remove libraries from an installation directory.
+
+RM is the name of the program to use to delete files associated with each FILE
+(typically '/bin/rm'). RM-OPTIONS are options (such as '-f') to be passed
+to RM.
+
+If FILE is a libtool library, all the files associated with it are deleted.
+Otherwise, only FILE itself is deleted using RM."
+ ;;
+
+ *)
+ func_fatal_help "invalid operation mode '$opt_mode'"
+ ;;
+ esac
+
+ echo
+ $ECHO "Try '$progname --help' for more information about other modes."
+}
+
+# Now that we've collected a possible --mode arg, show help if necessary
+if $opt_help; then
+ if test : = "$opt_help"; then
+ func_mode_help
+ else
+ {
+ func_help noexit
+ for opt_mode in compile link execute install finish uninstall clean; do
+ func_mode_help
+ done
+ } | $SED -n '1p; 2,$s/^Usage:/ or: /p'
+ {
+ func_help noexit
+ for opt_mode in compile link execute install finish uninstall clean; do
+ echo
+ func_mode_help
+ done
+ } |
+ $SED '1d
+ /^When reporting/,/^Report/{
+ H
+ d
+ }
+ $x
+ /information about other modes/d
+ /more detailed .*MODE/d
+ s/^Usage:.*--mode=\([^ ]*\) .*/Description of \1 mode:/'
+ fi
+ exit $?
+fi
+
+
+# func_mode_execute arg...
+func_mode_execute ()
+{
+ $debug_cmd
+
+ # The first argument is the command name.
+ cmd=$nonopt
+ test -z "$cmd" && \
+ func_fatal_help "you must specify a COMMAND"
+
+ # Handle -dlopen flags immediately.
+ for file in $opt_dlopen; do
+ test -f "$file" \
+ || func_fatal_help "'$file' is not a file"
+
+ dir=
+ case $file in
+ *.la)
+ func_resolve_sysroot "$file"
+ file=$func_resolve_sysroot_result
+
+ # Check to see that this really is a libtool archive.
+ func_lalib_unsafe_p "$file" \
+ || func_fatal_help "'$lib' is not a valid libtool archive"
+
+ # Read the libtool library.
+ dlname=
+ library_names=
+ func_source "$file"
+
+ # Skip this library if it cannot be dlopened.
+ if test -z "$dlname"; then
+ # Warn if it was a shared library.
+ test -n "$library_names" && \
+ func_warning "'$file' was not linked with '-export-dynamic'"
+ continue
+ fi
+
+ func_dirname "$file" "" "."
+ dir=$func_dirname_result
+
+ if test -f "$dir/$objdir/$dlname"; then
+ func_append dir "/$objdir"
+ else
+ if test ! -f "$dir/$dlname"; then
+ func_fatal_error "cannot find '$dlname' in '$dir' or '$dir/$objdir'"
+ fi
+ fi
+ ;;
+
+ *.lo)
+ # Just add the directory containing the .lo file.
+ func_dirname "$file" "" "."
+ dir=$func_dirname_result
+ ;;
+
+ *)
+ func_warning "'-dlopen' is ignored for non-libtool libraries and objects"
+ continue
+ ;;
+ esac
+
+ # Get the absolute pathname.
+ absdir=`cd "$dir" && pwd`
+ test -n "$absdir" && dir=$absdir
+
+ # Now add the directory to shlibpath_var.
+ if eval "test -z \"\$$shlibpath_var\""; then
+ eval "$shlibpath_var=\"\$dir\""
+ else
+ eval "$shlibpath_var=\"\$dir:\$$shlibpath_var\""
+ fi
+ done
+
+ # This variable tells wrapper scripts just to set shlibpath_var
+ # rather than running their programs.
+ libtool_execute_magic=$magic
+
+ # Check if any of the arguments is a wrapper script.
+ args=
+ for file
+ do
+ case $file in
+ -* | *.la | *.lo ) ;;
+ *)
+ # Do a test to see if this is really a libtool program.
+ if func_ltwrapper_script_p "$file"; then
+ func_source "$file"
+ # Transform arg to wrapped name.
+ file=$progdir/$program
+ elif func_ltwrapper_executable_p "$file"; then
+ func_ltwrapper_scriptname "$file"
+ func_source "$func_ltwrapper_scriptname_result"
+ # Transform arg to wrapped name.
+ file=$progdir/$program
+ fi
+ ;;
+ esac
+ # Quote arguments (to preserve shell metacharacters).
+ func_append_quoted args "$file"
+ done
+
+ if $opt_dry_run; then
+ # Display what would be done.
+ if test -n "$shlibpath_var"; then
+ eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\""
+ echo "export $shlibpath_var"
+ fi
+ $ECHO "$cmd$args"
+ exit $EXIT_SUCCESS
+ else
+ if test -n "$shlibpath_var"; then
+ # Export the shlibpath_var.
+ eval "export $shlibpath_var"
+ fi
+
+ # Restore saved environment variables
+ for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
+ do
+ eval "if test \"\${save_$lt_var+set}\" = set; then
+ $lt_var=\$save_$lt_var; export $lt_var
+ else
+ $lt_unset $lt_var
+ fi"
+ done
+
+ # Now prepare to actually exec the command.
+ exec_cmd=\$cmd$args
+ fi
+}
+
+test execute = "$opt_mode" && func_mode_execute ${1+"$@"}
+
+
+# func_mode_finish arg...
+func_mode_finish ()
+{
+ $debug_cmd
+
+ libs=
+ libdirs=
+ admincmds=
+
+ for opt in "$nonopt" ${1+"$@"}
+ do
+ if test -d "$opt"; then
+ func_append libdirs " $opt"
+
+ elif test -f "$opt"; then
+ if func_lalib_unsafe_p "$opt"; then
+ func_append libs " $opt"
+ else
+ func_warning "'$opt' is not a valid libtool archive"
+ fi
+
+ else
+ func_fatal_error "invalid argument '$opt'"
+ fi
+ done
+
+ if test -n "$libs"; then
+ if test -n "$lt_sysroot"; then
+ sysroot_regex=`$ECHO "$lt_sysroot" | $SED "$sed_make_literal_regex"`
+ sysroot_cmd="s/\([ ']\)$sysroot_regex/\1/g;"
+ else
+ sysroot_cmd=
+ fi
+
+ # Remove sysroot references
+ if $opt_dry_run; then
+ for lib in $libs; do
+ echo "removing references to $lt_sysroot and '=' prefixes from $lib"
+ done
+ else
+ tmpdir=`func_mktempdir`
+ for lib in $libs; do
+ $SED -e "$sysroot_cmd s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \
+ > $tmpdir/tmp-la
+ mv -f $tmpdir/tmp-la $lib
+ done
+ ${RM}r "$tmpdir"
+ fi
+ fi
+
+ if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then
+ for libdir in $libdirs; do
+ if test -n "$finish_cmds"; then
+ # Do each command in the finish commands.
+ func_execute_cmds "$finish_cmds" 'admincmds="$admincmds
+'"$cmd"'"'
+ fi
+ if test -n "$finish_eval"; then
+ # Do the single finish_eval.
+ eval cmds=\"$finish_eval\"
+ $opt_dry_run || eval "$cmds" || func_append admincmds "
+ $cmds"
+ fi
+ done
+ fi
+
+ # Exit here if they wanted silent mode.
+ $opt_quiet && exit $EXIT_SUCCESS
+
+ if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then
+ echo "----------------------------------------------------------------------"
+ echo "Libraries have been installed in:"
+ for libdir in $libdirs; do
+ $ECHO " $libdir"
+ done
+ echo
+ echo "If you ever happen to want to link against installed libraries"
+ echo "in a given directory, LIBDIR, you must either use libtool, and"
+ echo "specify the full pathname of the library, or use the '-LLIBDIR'"
+ echo "flag during linking and do at least one of the following:"
+ if test -n "$shlibpath_var"; then
+ echo " - add LIBDIR to the '$shlibpath_var' environment variable"
+ echo " during execution"
+ fi
+ if test -n "$runpath_var"; then
+ echo " - add LIBDIR to the '$runpath_var' environment variable"
+ echo " during linking"
+ fi
+ if test -n "$hardcode_libdir_flag_spec"; then
+ libdir=LIBDIR
+ eval flag=\"$hardcode_libdir_flag_spec\"
+
+ $ECHO " - use the '$flag' linker flag"
+ fi
+ if test -n "$admincmds"; then
+ $ECHO " - have your system administrator run these commands:$admincmds"
+ fi
+ if test -f /etc/ld.so.conf; then
+ echo " - have your system administrator add LIBDIR to '/etc/ld.so.conf'"
+ fi
+ echo
+
+ echo "See any operating system documentation about shared libraries for"
+ case $host in
+ solaris2.[6789]|solaris2.1[0-9])
+ echo "more information, such as the ld(1), crle(1) and ld.so(8) manual"
+ echo "pages."
+ ;;
+ *)
+ echo "more information, such as the ld(1) and ld.so(8) manual pages."
+ ;;
+ esac
+ echo "----------------------------------------------------------------------"
+ fi
+ exit $EXIT_SUCCESS
+}
+
+test finish = "$opt_mode" && func_mode_finish ${1+"$@"}
+
+
+# func_mode_install arg...
+func_mode_install ()
+{
+ $debug_cmd
+
+ # There may be an optional sh(1) argument at the beginning of
+ # install_prog (especially on Windows NT).
+ if test "$SHELL" = "$nonopt" || test /bin/sh = "$nonopt" ||
+ # Allow the use of GNU shtool's install command.
+ case $nonopt in *shtool*) :;; *) false;; esac
+ then
+ # Aesthetically quote it.
+ func_quote_arg pretty "$nonopt"
+ install_prog="$func_quote_arg_result "
+ arg=$1
+ shift
+ else
+ install_prog=
+ arg=$nonopt
+ fi
+
+ # The real first argument should be the name of the installation program.
+ # Aesthetically quote it.
+ func_quote_arg pretty "$arg"
+ func_append install_prog "$func_quote_arg_result"
+ install_shared_prog=$install_prog
+ case " $install_prog " in
+ *[\\\ /]cp\ *) install_cp=: ;;
+ *) install_cp=false ;;
+ esac
+
+ # We need to accept at least all the BSD install flags.
+ dest=
+ files=
+ opts=
+ prev=
+ install_type=
+ isdir=false
+ stripme=
+ no_mode=:
+ for arg
+ do
+ arg2=
+ if test -n "$dest"; then
+ func_append files " $dest"
+ dest=$arg
+ continue
+ fi
+
+ case $arg in
+ -d) isdir=: ;;
+ -f)
+ if $install_cp; then :; else
+ prev=$arg
+ fi
+ ;;
+ -g | -m | -o)
+ prev=$arg
+ ;;
+ -s)
+ stripme=" -s"
+ continue
+ ;;
+ -*)
+ ;;
+ *)
+ # If the previous option needed an argument, then skip it.
+ if test -n "$prev"; then
+ if test X-m = "X$prev" && test -n "$install_override_mode"; then
+ arg2=$install_override_mode
+ no_mode=false
+ fi
+ prev=
+ else
+ dest=$arg
+ continue
+ fi
+ ;;
+ esac
+
+ # Aesthetically quote the argument.
+ func_quote_arg pretty "$arg"
+ func_append install_prog " $func_quote_arg_result"
+ if test -n "$arg2"; then
+ func_quote_arg pretty "$arg2"
+ fi
+ func_append install_shared_prog " $func_quote_arg_result"
+ done
+
+ test -z "$install_prog" && \
+ func_fatal_help "you must specify an install program"
+
+ test -n "$prev" && \
+ func_fatal_help "the '$prev' option requires an argument"
+
+ if test -n "$install_override_mode" && $no_mode; then
+ if $install_cp; then :; else
+ func_quote_arg pretty "$install_override_mode"
+ func_append install_shared_prog " -m $func_quote_arg_result"
+ fi
+ fi
+
+ if test -z "$files"; then
+ if test -z "$dest"; then
+ func_fatal_help "no file or destination specified"
+ else
+ func_fatal_help "you must specify a destination"
+ fi
+ fi
+
+ # Strip any trailing slash from the destination.
+ func_stripname '' '/' "$dest"
+ dest=$func_stripname_result
+
+ # Check to see that the destination is a directory.
+ test -d "$dest" && isdir=:
+ if $isdir; then
+ destdir=$dest
+ destname=
+ else
+ func_dirname_and_basename "$dest" "" "."
+ destdir=$func_dirname_result
+ destname=$func_basename_result
+
+ # Not a directory, so check to see that there is only one file specified.
+ set dummy $files; shift
+ test "$#" -gt 1 && \
+ func_fatal_help "'$dest' is not a directory"
+ fi
+ case $destdir in
+ [\\/]* | [A-Za-z]:[\\/]*) ;;
+ *)
+ for file in $files; do
+ case $file in
+ *.lo) ;;
+ *)
+ func_fatal_help "'$destdir' must be an absolute directory name"
+ ;;
+ esac
+ done
+ ;;
+ esac
+
+ # This variable tells wrapper scripts just to set variables rather
+ # than running their programs.
+ libtool_install_magic=$magic
+
+ staticlibs=
+ future_libdirs=
+ current_libdirs=
+ for file in $files; do
+
+ # Do each installation.
+ case $file in
+ *.$libext)
+ # Do the static libraries later.
+ func_append staticlibs " $file"
+ ;;
+
+ *.la)
+ func_resolve_sysroot "$file"
+ file=$func_resolve_sysroot_result
+
+ # Check to see that this really is a libtool archive.
+ func_lalib_unsafe_p "$file" \
+ || func_fatal_help "'$file' is not a valid libtool archive"
+
+ library_names=
+ old_library=
+ relink_command=
+ func_source "$file"
+
+ # Add the libdir to current_libdirs if it is the destination.
+ if test "X$destdir" = "X$libdir"; then
+ case "$current_libdirs " in
+ *" $libdir "*) ;;
+ *) func_append current_libdirs " $libdir" ;;
+ esac
+ else
+ # Note the libdir as a future libdir.
+ case "$future_libdirs " in
+ *" $libdir "*) ;;
+ *) func_append future_libdirs " $libdir" ;;
+ esac
+ fi
+
+ func_dirname "$file" "/" ""
+ dir=$func_dirname_result
+ func_append dir "$objdir"
+
+ if test -n "$relink_command"; then
+ # Determine the prefix the user has applied to our future dir.
+ inst_prefix_dir=`$ECHO "$destdir" | $SED -e "s%$libdir\$%%"`
+
+ # Don't allow the user to place us outside of our expected
+ # location b/c this prevents finding dependent libraries that
+ # are installed to the same prefix.
+ # At present, this check doesn't affect windows .dll's that
+ # are installed into $libdir/../bin (currently, that works fine)
+ # but it's something to keep an eye on.
+ test "$inst_prefix_dir" = "$destdir" && \
+ func_fatal_error "error: cannot install '$file' to a directory not ending in $libdir"
+
+ if test -n "$inst_prefix_dir"; then
+ # Stick the inst_prefix_dir data into the link command.
+ relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"`
+ else
+ relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%%"`
+ fi
+
+ func_warning "relinking '$file'"
+ func_show_eval "$relink_command" \
+ 'func_fatal_error "error: relink '\''$file'\'' with the above command before installing it"'
+ fi
+
+ # See the names of the shared library.
+ set dummy $library_names; shift
+ if test -n "$1"; then
+ realname=$1
+ shift
+
+ srcname=$realname
+ test -n "$relink_command" && srcname=${realname}T
+
+ # Install the shared library and build the symlinks.
+ func_show_eval "$install_shared_prog $dir/$srcname $destdir/$realname" \
+ 'exit $?'
+ tstripme=$stripme
+ case $host_os in
+ cygwin* | mingw* | pw32* | cegcc*)
+ case $realname in
+ *.dll.a)
+ tstripme=
+ ;;
+ esac
+ ;;
+ os2*)
+ case $realname in
+ *_dll.a)
+ tstripme=
+ ;;
+ esac
+ ;;
+ esac
+ if test -n "$tstripme" && test -n "$striplib"; then
+ func_show_eval "$striplib $destdir/$realname" 'exit $?'
+ fi
+
+ if test "$#" -gt 0; then
+ # Delete the old symlinks, and create new ones.
+ # Try 'ln -sf' first, because the 'ln' binary might depend on
+ # the symlink we replace! Solaris /bin/ln does not understand -f,
+ # so we also need to try rm && ln -s.
+ for linkname
+ do
+ test "$linkname" != "$realname" \
+ && func_show_eval "(cd $destdir && { $LN_S -f $realname $linkname || { $RM $linkname && $LN_S $realname $linkname; }; })"
+ done
+ fi
+
+ # Do each command in the postinstall commands.
+ lib=$destdir/$realname
+ func_execute_cmds "$postinstall_cmds" 'exit $?'
+ fi
+
+ # Install the pseudo-library for information purposes.
+ func_basename "$file"
+ name=$func_basename_result
+ instname=$dir/${name}i
+ func_show_eval "$install_prog $instname $destdir/$name" 'exit $?'
+
+ # Maybe install the static library, too.
+ test -n "$old_library" && func_append staticlibs " $dir/$old_library"
+ ;;
+
+ *.lo)
+ # Install (i.e. copy) a libtool object.
+
+ # Figure out destination file name, if it wasn't already specified.
+ if test -n "$destname"; then
+ destfile=$destdir/$destname
+ else
+ func_basename "$file"
+ destfile=$func_basename_result
+ destfile=$destdir/$destfile
+ fi
+
+ # Deduce the name of the destination old-style object file.
+ case $destfile in
+ *.lo)
+ func_lo2o "$destfile"
+ staticdest=$func_lo2o_result
+ ;;
+ *.$objext)
+ staticdest=$destfile
+ destfile=
+ ;;
+ *)
+ func_fatal_help "cannot copy a libtool object to '$destfile'"
+ ;;
+ esac
+
+ # Install the libtool object if requested.
+ test -n "$destfile" && \
+ func_show_eval "$install_prog $file $destfile" 'exit $?'
+
+ # Install the old object if enabled.
+ if test yes = "$build_old_libs"; then
+ # Deduce the name of the old-style object file.
+ func_lo2o "$file"
+ staticobj=$func_lo2o_result
+ func_show_eval "$install_prog \$staticobj \$staticdest" 'exit $?'
+ fi
+ exit $EXIT_SUCCESS
+ ;;
+
+ *)
+ # Figure out destination file name, if it wasn't already specified.
+ if test -n "$destname"; then
+ destfile=$destdir/$destname
+ else
+ func_basename "$file"
+ destfile=$func_basename_result
+ destfile=$destdir/$destfile
+ fi
+
+ # If the file is missing, and there is a .exe on the end, strip it
+ # because it is most likely a libtool script we actually want to
+ # install
+ stripped_ext=
+ case $file in
+ *.exe)
+ if test ! -f "$file"; then
+ func_stripname '' '.exe' "$file"
+ file=$func_stripname_result
+ stripped_ext=.exe
+ fi
+ ;;
+ esac
+
+ # Do a test to see if this is really a libtool program.
+ case $host in
+ *cygwin* | *mingw*)
+ if func_ltwrapper_executable_p "$file"; then
+ func_ltwrapper_scriptname "$file"
+ wrapper=$func_ltwrapper_scriptname_result
+ else
+ func_stripname '' '.exe' "$file"
+ wrapper=$func_stripname_result
+ fi
+ ;;
+ *)
+ wrapper=$file
+ ;;
+ esac
+ if func_ltwrapper_script_p "$wrapper"; then
+ notinst_deplibs=
+ relink_command=
+
+ func_source "$wrapper"
+
+ # Check the variables that should have been set.
+ test -z "$generated_by_libtool_version" && \
+ func_fatal_error "invalid libtool wrapper script '$wrapper'"
+
+ finalize=:
+ for lib in $notinst_deplibs; do
+ # Check to see that each library is installed.
+ libdir=
+ if test -f "$lib"; then
+ func_source "$lib"
+ fi
+ libfile=$libdir/`$ECHO "$lib" | $SED 's%^.*/%%g'`
+ if test -n "$libdir" && test ! -f "$libfile"; then
+ func_warning "'$lib' has not been installed in '$libdir'"
+ finalize=false
+ fi
+ done
+
+ relink_command=
+ func_source "$wrapper"
+
+ outputname=
+ if test no = "$fast_install" && test -n "$relink_command"; then
+ $opt_dry_run || {
+ if $finalize; then
+ tmpdir=`func_mktempdir`
+ func_basename "$file$stripped_ext"
+ file=$func_basename_result
+ outputname=$tmpdir/$file
+ # Replace the output file specification.
+ relink_command=`$ECHO "$relink_command" | $SED 's%@OUTPUT@%'"$outputname"'%g'`
+
+ $opt_quiet || {
+ func_quote_arg expand,pretty "$relink_command"
+ eval "func_echo $func_quote_arg_result"
+ }
+ if eval "$relink_command"; then :
+ else
+ func_error "error: relink '$file' with the above command before installing it"
+ $opt_dry_run || ${RM}r "$tmpdir"
+ continue
+ fi
+ file=$outputname
+ else
+ func_warning "cannot relink '$file'"
+ fi
+ }
+ else
+ # Install the binary that we compiled earlier.
+ file=`$ECHO "$file$stripped_ext" | $SED "s%\([^/]*\)$%$objdir/\1%"`
+ fi
+ fi
+
+ # remove .exe since cygwin /usr/bin/install will append another
+ # one anyway
+ case $install_prog,$host in
+ */usr/bin/install*,*cygwin*)
+ case $file:$destfile in
+ *.exe:*.exe)
+ # this is ok
+ ;;
+ *.exe:*)
+ destfile=$destfile.exe
+ ;;
+ *:*.exe)
+ func_stripname '' '.exe' "$destfile"
+ destfile=$func_stripname_result
+ ;;
+ esac
+ ;;
+ esac
+ func_show_eval "$install_prog\$stripme \$file \$destfile" 'exit $?'
+ $opt_dry_run || if test -n "$outputname"; then
+ ${RM}r "$tmpdir"
+ fi
+ ;;
+ esac
+ done
+
+ for file in $staticlibs; do
+ func_basename "$file"
+ name=$func_basename_result
+
+ # Set up the ranlib parameters.
+ oldlib=$destdir/$name
+ func_to_tool_file "$oldlib" func_convert_file_msys_to_w32
+ tool_oldlib=$func_to_tool_file_result
+
+ func_show_eval "$install_prog \$file \$oldlib" 'exit $?'
+
+ if test -n "$stripme" && test -n "$old_striplib"; then
+ func_show_eval "$old_striplib $tool_oldlib" 'exit $?'
+ fi
+
+ # Do each command in the postinstall commands.
+ func_execute_cmds "$old_postinstall_cmds" 'exit $?'
+ done
+
+ test -n "$future_libdirs" && \
+ func_warning "remember to run '$progname --finish$future_libdirs'"
+
+ if test -n "$current_libdirs"; then
+ # Maybe just do a dry run.
+ $opt_dry_run && current_libdirs=" -n$current_libdirs"
+ exec_cmd='$SHELL "$progpath" $preserve_args --finish$current_libdirs'
+ else
+ exit $EXIT_SUCCESS
+ fi
+}
+
+test install = "$opt_mode" && func_mode_install ${1+"$@"}
+
+
+# func_generate_dlsyms outputname originator pic_p
+# Extract symbols from dlprefiles and create ${outputname}S.o with
+# a dlpreopen symbol table.
+func_generate_dlsyms ()
+{
+ $debug_cmd
+
+ my_outputname=$1
+ my_originator=$2
+ my_pic_p=${3-false}
+ my_prefix=`$ECHO "$my_originator" | $SED 's%[^a-zA-Z0-9]%_%g'`
+ my_dlsyms=
+
+ if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then
+ if test -n "$NM" && test -n "$global_symbol_pipe"; then
+ my_dlsyms=${my_outputname}S.c
+ else
+ func_error "not configured to extract global symbols from dlpreopened files"
+ fi
+ fi
+
+ if test -n "$my_dlsyms"; then
+ case $my_dlsyms in
+ "") ;;
+ *.c)
+ # Discover the nlist of each of the dlfiles.
+ nlist=$output_objdir/$my_outputname.nm
+
+ func_show_eval "$RM $nlist ${nlist}S ${nlist}T"
+
+ # Parse the name list into a source file.
+ func_verbose "creating $output_objdir/$my_dlsyms"
+
+ $opt_dry_run || $ECHO > "$output_objdir/$my_dlsyms" "\
+/* $my_dlsyms - symbol resolution table for '$my_outputname' dlsym emulation. */
+/* Generated by $PROGRAM (GNU $PACKAGE) $VERSION */
+
+#ifdef __cplusplus
+extern \"C\" {
+#endif
+
+#if defined __GNUC__ && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4))
+#pragma GCC diagnostic ignored \"-Wstrict-prototypes\"
+#endif
+
+/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */
+#if defined _WIN32 || defined __CYGWIN__ || defined _WIN32_WCE
+/* DATA imports from DLLs on WIN32 can't be const, because runtime
+ relocations are performed -- see ld's documentation on pseudo-relocs. */
+# define LT_DLSYM_CONST
+#elif defined __osf__
+/* This system does not cope well with relocations in const data. */
+# define LT_DLSYM_CONST
+#else
+# define LT_DLSYM_CONST const
+#endif
+
+#define STREQ(s1, s2) (strcmp ((s1), (s2)) == 0)
+
+/* External symbol declarations for the compiler. */\
+"
+
+ if test yes = "$dlself"; then
+ func_verbose "generating symbol list for '$output'"
+
+ $opt_dry_run || echo ': @PROGRAM@ ' > "$nlist"
+
+ # Add our own program objects to the symbol list.
+ progfiles=`$ECHO "$objs$old_deplibs" | $SP2NL | $SED "$lo2o" | $NL2SP`
+ for progfile in $progfiles; do
+ func_to_tool_file "$progfile" func_convert_file_msys_to_w32
+ func_verbose "extracting global C symbols from '$func_to_tool_file_result'"
+ $opt_dry_run || eval "$NM $func_to_tool_file_result | $global_symbol_pipe >> '$nlist'"
+ done
+
+ if test -n "$exclude_expsyms"; then
+ $opt_dry_run || {
+ eval '$EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T'
+ eval '$MV "$nlist"T "$nlist"'
+ }
+ fi
+
+ if test -n "$export_symbols_regex"; then
+ $opt_dry_run || {
+ eval '$EGREP -e "$export_symbols_regex" "$nlist" > "$nlist"T'
+ eval '$MV "$nlist"T "$nlist"'
+ }
+ fi
+
+ # Prepare the list of exported symbols
+ if test -z "$export_symbols"; then
+ export_symbols=$output_objdir/$outputname.exp
+ $opt_dry_run || {
+ $RM $export_symbols
+ eval "$SED -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"'
+ case $host in
+ *cygwin* | *mingw* | *cegcc* )
+ eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
+ eval 'cat "$export_symbols" >> "$output_objdir/$outputname.def"'
+ ;;
+ esac
+ }
+ else
+ $opt_dry_run || {
+ eval "$SED -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"'
+ eval '$GREP -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T'
+ eval '$MV "$nlist"T "$nlist"'
+ case $host in
+ *cygwin* | *mingw* | *cegcc* )
+ eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
+ eval 'cat "$nlist" >> "$output_objdir/$outputname.def"'
+ ;;
+ esac
+ }
+ fi
+ fi
+
+ for dlprefile in $dlprefiles; do
+ func_verbose "extracting global C symbols from '$dlprefile'"
+ func_basename "$dlprefile"
+ name=$func_basename_result
+ case $host in
+ *cygwin* | *mingw* | *cegcc* )
+ # if an import library, we need to obtain dlname
+ if func_win32_import_lib_p "$dlprefile"; then
+ func_tr_sh "$dlprefile"
+ eval "curr_lafile=\$libfile_$func_tr_sh_result"
+ dlprefile_dlbasename=
+ if test -n "$curr_lafile" && func_lalib_p "$curr_lafile"; then
+ # Use subshell, to avoid clobbering current variable values
+ dlprefile_dlname=`source "$curr_lafile" && echo "$dlname"`
+ if test -n "$dlprefile_dlname"; then
+ func_basename "$dlprefile_dlname"
+ dlprefile_dlbasename=$func_basename_result
+ else
+ # no lafile. user explicitly requested -dlpreopen <import library>.
+ $sharedlib_from_linklib_cmd "$dlprefile"
+ dlprefile_dlbasename=$sharedlib_from_linklib_result
+ fi
+ fi
+ $opt_dry_run || {
+ if test -n "$dlprefile_dlbasename"; then
+ eval '$ECHO ": $dlprefile_dlbasename" >> "$nlist"'
+ else
+ func_warning "Could not compute DLL name from $name"
+ eval '$ECHO ": $name " >> "$nlist"'
+ fi
+ func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32
+ eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe |
+ $SED -e '/I __imp/d' -e 's/I __nm_/D /;s/_nm__//' >> '$nlist'"
+ }
+ else # not an import lib
+ $opt_dry_run || {
+ eval '$ECHO ": $name " >> "$nlist"'
+ func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32
+ eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'"
+ }
+ fi
+ ;;
+ *)
+ $opt_dry_run || {
+ eval '$ECHO ": $name " >> "$nlist"'
+ func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32
+ eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'"
+ }
+ ;;
+ esac
+ done
+
+ $opt_dry_run || {
+ # Make sure we have at least an empty file.
+ test -f "$nlist" || : > "$nlist"
+
+ if test -n "$exclude_expsyms"; then
+ $EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T
+ $MV "$nlist"T "$nlist"
+ fi
+
+ # Try sorting and uniquifying the output.
+ if $GREP -v "^: " < "$nlist" |
+ if sort -k 3 </dev/null >/dev/null 2>&1; then
+ sort -k 3
+ else
+ sort +2
+ fi |
+ uniq > "$nlist"S; then
+ :
+ else
+ $GREP -v "^: " < "$nlist" > "$nlist"S
+ fi
+
+ if test -f "$nlist"S; then
+ eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$my_dlsyms"'
+ else
+ echo '/* NONE */' >> "$output_objdir/$my_dlsyms"
+ fi
+
+ func_show_eval '$RM "${nlist}I"'
+ if test -n "$global_symbol_to_import"; then
+ eval "$global_symbol_to_import"' < "$nlist"S > "$nlist"I'
+ fi
+
+ echo >> "$output_objdir/$my_dlsyms" "\
+
+/* The mapping between symbol names and symbols. */
+typedef struct {
+ const char *name;
+ void *address;
+} lt_dlsymlist;
+extern LT_DLSYM_CONST lt_dlsymlist
+lt_${my_prefix}_LTX_preloaded_symbols[];\
+"
+
+ if test -s "$nlist"I; then
+ echo >> "$output_objdir/$my_dlsyms" "\
+static void lt_syminit(void)
+{
+ LT_DLSYM_CONST lt_dlsymlist *symbol = lt_${my_prefix}_LTX_preloaded_symbols;
+ for (; symbol->name; ++symbol)
+ {"
+ $SED 's/.*/ if (STREQ (symbol->name, \"&\")) symbol->address = (void *) \&&;/' < "$nlist"I >> "$output_objdir/$my_dlsyms"
+ echo >> "$output_objdir/$my_dlsyms" "\
+ }
+}"
+ fi
+ echo >> "$output_objdir/$my_dlsyms" "\
+LT_DLSYM_CONST lt_dlsymlist
+lt_${my_prefix}_LTX_preloaded_symbols[] =
+{ {\"$my_originator\", (void *) 0},"
+
+ if test -s "$nlist"I; then
+ echo >> "$output_objdir/$my_dlsyms" "\
+ {\"@INIT@\", (void *) <_syminit},"
+ fi
+
+ case $need_lib_prefix in
+ no)
+ eval "$global_symbol_to_c_name_address" < "$nlist" >> "$output_objdir/$my_dlsyms"
+ ;;
+ *)
+ eval "$global_symbol_to_c_name_address_lib_prefix" < "$nlist" >> "$output_objdir/$my_dlsyms"
+ ;;
+ esac
+ echo >> "$output_objdir/$my_dlsyms" "\
+ {0, (void *) 0}
+};
+
+/* This works around a problem in FreeBSD linker */
+#ifdef FREEBSD_WORKAROUND
+static const void *lt_preloaded_setup() {
+ return lt_${my_prefix}_LTX_preloaded_symbols;
+}
+#endif
+
+#ifdef __cplusplus
+}
+#endif\
+"
+ } # !$opt_dry_run
+
+ pic_flag_for_symtable=
+ case "$compile_command " in
+ *" -static "*) ;;
+ *)
+ case $host in
+ # compiling the symbol table file with pic_flag works around
+ # a FreeBSD bug that causes programs to crash when -lm is
+ # linked before any other PIC object. But we must not use
+ # pic_flag when linking with -static. The problem exists in
+ # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1.
+ *-*-freebsd2.*|*-*-freebsd3.0*|*-*-freebsdelf3.0*)
+ pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND" ;;
+ *-*-hpux*)
+ pic_flag_for_symtable=" $pic_flag" ;;
+ *)
+ $my_pic_p && pic_flag_for_symtable=" $pic_flag"
+ ;;
+ esac
+ ;;
+ esac
+ symtab_cflags=
+ for arg in $LTCFLAGS; do
+ case $arg in
+ -pie | -fpie | -fPIE) ;;
+ *) func_append symtab_cflags " $arg" ;;
+ esac
+ done
+
+ # Now compile the dynamic symbol file.
+ func_show_eval '(cd $output_objdir && $LTCC$symtab_cflags -c$no_builtin_flag$pic_flag_for_symtable "$my_dlsyms")' 'exit $?'
+
+ # Clean up the generated files.
+ func_show_eval '$RM "$output_objdir/$my_dlsyms" "$nlist" "${nlist}S" "${nlist}T" "${nlist}I"'
+
+ # Transform the symbol file into the correct name.
+ symfileobj=$output_objdir/${my_outputname}S.$objext
+ case $host in
+ *cygwin* | *mingw* | *cegcc* )
+ if test -f "$output_objdir/$my_outputname.def"; then
+ compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
+ finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
+ else
+ compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+ finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+ fi
+ ;;
+ *)
+ compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+ finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+ ;;
+ esac
+ ;;
+ *)
+ func_fatal_error "unknown suffix for '$my_dlsyms'"
+ ;;
+ esac
+ else
+ # We keep going just in case the user didn't refer to
+ # lt_preloaded_symbols. The linker will fail if global_symbol_pipe
+ # really was required.
+
+ # Nullify the symbol file.
+ compile_command=`$ECHO "$compile_command" | $SED "s% @SYMFILE@%%"`
+ finalize_command=`$ECHO "$finalize_command" | $SED "s% @SYMFILE@%%"`
+ fi
+}
+
+# func_cygming_gnu_implib_p ARG
+# This predicate returns with zero status (TRUE) if
+# ARG is a GNU/binutils-style import library. Returns
+# with nonzero status (FALSE) otherwise.
+func_cygming_gnu_implib_p ()
+{
+ $debug_cmd
+
+ func_to_tool_file "$1" func_convert_file_msys_to_w32
+ func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'`
+ test -n "$func_cygming_gnu_implib_tmp"
+}
+
+# func_cygming_ms_implib_p ARG
+# This predicate returns with zero status (TRUE) if
+# ARG is an MS-style import library. Returns
+# with nonzero status (FALSE) otherwise.
+func_cygming_ms_implib_p ()
+{
+ $debug_cmd
+
+ func_to_tool_file "$1" func_convert_file_msys_to_w32
+ func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'`
+ test -n "$func_cygming_ms_implib_tmp"
+}
+
+# func_win32_libid arg
+# return the library type of file 'arg'
+#
+# Need a lot of goo to handle *both* DLLs and import libs
+# Has to be a shell function in order to 'eat' the argument
+# that is supplied when $file_magic_command is called.
+# Despite the name, also deal with 64 bit binaries.
+func_win32_libid ()
+{
+ $debug_cmd
+
+ win32_libid_type=unknown
+ win32_fileres=`file -L $1 2>/dev/null`
+ case $win32_fileres in
+ *ar\ archive\ import\ library*) # definitely import
+ win32_libid_type="x86 archive import"
+ ;;
+ *ar\ archive*) # could be an import, or static
+ # Keep the egrep pattern in sync with the one in _LT_CHECK_MAGIC_METHOD.
+ if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null |
+ $EGREP 'file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' >/dev/null; then
+ case $nm_interface in
+ "MS dumpbin")
+ if func_cygming_ms_implib_p "$1" ||
+ func_cygming_gnu_implib_p "$1"
+ then
+ win32_nmres=import
+ else
+ win32_nmres=
+ fi
+ ;;
+ *)
+ func_to_tool_file "$1" func_convert_file_msys_to_w32
+ win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" |
+ $SED -n -e '
+ 1,100{
+ / I /{
+ s|.*|import|
+ p
+ q
+ }
+ }'`
+ ;;
+ esac
+ case $win32_nmres in
+ import*) win32_libid_type="x86 archive import";;
+ *) win32_libid_type="x86 archive static";;
+ esac
+ fi
+ ;;
+ *DLL*)
+ win32_libid_type="x86 DLL"
+ ;;
+ *executable*) # but shell scripts are "executable" too...
+ case $win32_fileres in
+ *MS\ Windows\ PE\ Intel*)
+ win32_libid_type="x86 DLL"
+ ;;
+ esac
+ ;;
+ esac
+ $ECHO "$win32_libid_type"
+}
+
+# func_cygming_dll_for_implib ARG
+#
+# Platform-specific function to extract the
+# name of the DLL associated with the specified
+# import library ARG.
+# Invoked by eval'ing the libtool variable
+# $sharedlib_from_linklib_cmd
+# Result is available in the variable
+# $sharedlib_from_linklib_result
+func_cygming_dll_for_implib ()
+{
+ $debug_cmd
+
+ sharedlib_from_linklib_result=`$DLLTOOL --identify-strict --identify "$1"`
+}
+
+# func_cygming_dll_for_implib_fallback_core SECTION_NAME LIBNAMEs
+#
+# The is the core of a fallback implementation of a
+# platform-specific function to extract the name of the
+# DLL associated with the specified import library LIBNAME.
+#
+# SECTION_NAME is either .idata$6 or .idata$7, depending
+# on the platform and compiler that created the implib.
+#
+# Echos the name of the DLL associated with the
+# specified import library.
+func_cygming_dll_for_implib_fallback_core ()
+{
+ $debug_cmd
+
+ match_literal=`$ECHO "$1" | $SED "$sed_make_literal_regex"`
+ $OBJDUMP -s --section "$1" "$2" 2>/dev/null |
+ $SED '/^Contents of section '"$match_literal"':/{
+ # Place marker at beginning of archive member dllname section
+ s/.*/====MARK====/
+ p
+ d
+ }
+ # These lines can sometimes be longer than 43 characters, but
+ # are always uninteresting
+ /:[ ]*file format pe[i]\{,1\}-/d
+ /^In archive [^:]*:/d
+ # Ensure marker is printed
+ /^====MARK====/p
+ # Remove all lines with less than 43 characters
+ /^.\{43\}/!d
+ # From remaining lines, remove first 43 characters
+ s/^.\{43\}//' |
+ $SED -n '
+ # Join marker and all lines until next marker into a single line
+ /^====MARK====/ b para
+ H
+ $ b para
+ b
+ :para
+ x
+ s/\n//g
+ # Remove the marker
+ s/^====MARK====//
+ # Remove trailing dots and whitespace
+ s/[\. \t]*$//
+ # Print
+ /./p' |
+ # we now have a list, one entry per line, of the stringified
+ # contents of the appropriate section of all members of the
+ # archive that possess that section. Heuristic: eliminate
+ # all those that have a first or second character that is
+ # a '.' (that is, objdump's representation of an unprintable
+ # character.) This should work for all archives with less than
+ # 0x302f exports -- but will fail for DLLs whose name actually
+ # begins with a literal '.' or a single character followed by
+ # a '.'.
+ #
+ # Of those that remain, print the first one.
+ $SED -e '/^\./d;/^.\./d;q'
+}
+
+# func_cygming_dll_for_implib_fallback ARG
+# Platform-specific function to extract the
+# name of the DLL associated with the specified
+# import library ARG.
+#
+# This fallback implementation is for use when $DLLTOOL
+# does not support the --identify-strict option.
+# Invoked by eval'ing the libtool variable
+# $sharedlib_from_linklib_cmd
+# Result is available in the variable
+# $sharedlib_from_linklib_result
+func_cygming_dll_for_implib_fallback ()
+{
+ $debug_cmd
+
+ if func_cygming_gnu_implib_p "$1"; then
+ # binutils import library
+ sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$7' "$1"`
+ elif func_cygming_ms_implib_p "$1"; then
+ # ms-generated import library
+ sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$6' "$1"`
+ else
+ # unknown
+ sharedlib_from_linklib_result=
+ fi
+}
+
+
+# func_extract_an_archive dir oldlib
+func_extract_an_archive ()
+{
+ $debug_cmd
+
+ f_ex_an_ar_dir=$1; shift
+ f_ex_an_ar_oldlib=$1
+ if test yes = "$lock_old_archive_extraction"; then
+ lockfile=$f_ex_an_ar_oldlib.lock
+ until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do
+ func_echo "Waiting for $lockfile to be removed"
+ sleep 2
+ done
+ fi
+ func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" \
+ 'stat=$?; rm -f "$lockfile"; exit $stat'
+ if test yes = "$lock_old_archive_extraction"; then
+ $opt_dry_run || rm -f "$lockfile"
+ fi
+ if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then
+ :
+ else
+ func_fatal_error "object name conflicts in archive: $f_ex_an_ar_dir/$f_ex_an_ar_oldlib"
+ fi
+}
+
+
+# func_extract_archives gentop oldlib ...
+func_extract_archives ()
+{
+ $debug_cmd
+
+ my_gentop=$1; shift
+ my_oldlibs=${1+"$@"}
+ my_oldobjs=
+ my_xlib=
+ my_xabs=
+ my_xdir=
+
+ for my_xlib in $my_oldlibs; do
+ # Extract the objects.
+ case $my_xlib in
+ [\\/]* | [A-Za-z]:[\\/]*) my_xabs=$my_xlib ;;
+ *) my_xabs=`pwd`"/$my_xlib" ;;
+ esac
+ func_basename "$my_xlib"
+ my_xlib=$func_basename_result
+ my_xlib_u=$my_xlib
+ while :; do
+ case " $extracted_archives " in
+ *" $my_xlib_u "*)
+ func_arith $extracted_serial + 1
+ extracted_serial=$func_arith_result
+ my_xlib_u=lt$extracted_serial-$my_xlib ;;
+ *) break ;;
+ esac
+ done
+ extracted_archives="$extracted_archives $my_xlib_u"
+ my_xdir=$my_gentop/$my_xlib_u
+
+ func_mkdir_p "$my_xdir"
+
+ case $host in
+ *-darwin*)
+ func_verbose "Extracting $my_xabs"
+ # Do not bother doing anything if just a dry run
+ $opt_dry_run || {
+ darwin_orig_dir=`pwd`
+ cd $my_xdir || exit $?
+ darwin_archive=$my_xabs
+ darwin_curdir=`pwd`
+ func_basename "$darwin_archive"
+ darwin_base_archive=$func_basename_result
+ darwin_arches=`$LIPO -info "$darwin_archive" 2>/dev/null | $GREP Architectures 2>/dev/null || true`
+ if test -n "$darwin_arches"; then
+ darwin_arches=`$ECHO "$darwin_arches" | $SED -e 's/.*are://'`
+ darwin_arch=
+ func_verbose "$darwin_base_archive has multiple architectures $darwin_arches"
+ for darwin_arch in $darwin_arches; do
+ func_mkdir_p "unfat-$$/$darwin_base_archive-$darwin_arch"
+ $LIPO -thin $darwin_arch -output "unfat-$$/$darwin_base_archive-$darwin_arch/$darwin_base_archive" "$darwin_archive"
+ cd "unfat-$$/$darwin_base_archive-$darwin_arch"
+ func_extract_an_archive "`pwd`" "$darwin_base_archive"
+ cd "$darwin_curdir"
+ $RM "unfat-$$/$darwin_base_archive-$darwin_arch/$darwin_base_archive"
+ done # $darwin_arches
+ ## Okay now we've a bunch of thin objects, gotta fatten them up :)
+ darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print | $SED -e "$sed_basename" | sort -u`
+ darwin_file=
+ darwin_files=
+ for darwin_file in $darwin_filelist; do
+ darwin_files=`find unfat-$$ -name $darwin_file -print | sort | $NL2SP`
+ $LIPO -create -output "$darwin_file" $darwin_files
+ done # $darwin_filelist
+ $RM -rf unfat-$$
+ cd "$darwin_orig_dir"
+ else
+ cd $darwin_orig_dir
+ func_extract_an_archive "$my_xdir" "$my_xabs"
+ fi # $darwin_arches
+ } # !$opt_dry_run
+ ;;
+ *)
+ func_extract_an_archive "$my_xdir" "$my_xabs"
+ ;;
+ esac
+ my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | sort | $NL2SP`
+ done
+
+ func_extract_archives_result=$my_oldobjs
+}
+
+
+# func_emit_wrapper [arg=no]
+#
+# Emit a libtool wrapper script on stdout.
+# Don't directly open a file because we may want to
+# incorporate the script contents within a cygwin/mingw
+# wrapper executable. Must ONLY be called from within
+# func_mode_link because it depends on a number of variables
+# set therein.
+#
+# ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR
+# variable will take. If 'yes', then the emitted script
+# will assume that the directory where it is stored is
+# the $objdir directory. This is a cygwin/mingw-specific
+# behavior.
+func_emit_wrapper ()
+{
+ func_emit_wrapper_arg1=${1-no}
+
+ $ECHO "\
+#! $SHELL
+
+# $output - temporary wrapper script for $objdir/$outputname
+# Generated by $PROGRAM (GNU $PACKAGE) $VERSION
+#
+# The $output program cannot be directly executed until all the libtool
+# libraries that it depends on are installed.
+#
+# This wrapper script should never be moved out of the build directory.
+# If it is, it will not operate correctly.
+
+# Sed substitution that helps us do robust quoting. It backslashifies
+# metacharacters that are still active within double-quoted strings.
+sed_quote_subst='$sed_quote_subst'
+
+# Be Bourne compatible
+if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then
+ emulate sh
+ NULLCMD=:
+ # Zsh 3.x and 4.x performs word splitting on \${1+\"\$@\"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '\${1+\"\$@\"}'='\"\$@\"'
+ setopt NO_GLOB_SUBST
+else
+ case \`(set -o) 2>/dev/null\` in *posix*) set -o posix;; esac
+fi
+BIN_SH=xpg4; export BIN_SH # for Tru64
+DUALCASE=1; export DUALCASE # for MKS sh
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+relink_command=\"$relink_command\"
+
+# This environment variable determines our operation mode.
+if test \"\$libtool_install_magic\" = \"$magic\"; then
+ # install mode needs the following variables:
+ generated_by_libtool_version='$macro_version'
+ notinst_deplibs='$notinst_deplibs'
+else
+ # When we are sourced in execute mode, \$file and \$ECHO are already set.
+ if test \"\$libtool_execute_magic\" != \"$magic\"; then
+ file=\"\$0\""
+
+ func_quote_arg pretty "$ECHO"
+ qECHO=$func_quote_arg_result
+ $ECHO "\
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+ eval 'cat <<_LTECHO_EOF
+\$1
+_LTECHO_EOF'
+}
+ ECHO=$qECHO
+ fi
+
+# Very basic option parsing. These options are (a) specific to
+# the libtool wrapper, (b) are identical between the wrapper
+# /script/ and the wrapper /executable/ that is used only on
+# windows platforms, and (c) all begin with the string "--lt-"
+# (application programs are unlikely to have options that match
+# this pattern).
+#
+# There are only two supported options: --lt-debug and
+# --lt-dump-script. There is, deliberately, no --lt-help.
+#
+# The first argument to this parsing function should be the
+# script's $0 value, followed by "$@".
+lt_option_debug=
+func_parse_lt_options ()
+{
+ lt_script_arg0=\$0
+ shift
+ for lt_opt
+ do
+ case \"\$lt_opt\" in
+ --lt-debug) lt_option_debug=1 ;;
+ --lt-dump-script)
+ lt_dump_D=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%/[^/]*$%%'\`
+ test \"X\$lt_dump_D\" = \"X\$lt_script_arg0\" && lt_dump_D=.
+ lt_dump_F=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%^.*/%%'\`
+ cat \"\$lt_dump_D/\$lt_dump_F\"
+ exit 0
+ ;;
+ --lt-*)
+ \$ECHO \"Unrecognized --lt- option: '\$lt_opt'\" 1>&2
+ exit 1
+ ;;
+ esac
+ done
+
+ # Print the debug banner immediately:
+ if test -n \"\$lt_option_debug\"; then
+ echo \"$outputname:$output:\$LINENO: libtool wrapper (GNU $PACKAGE) $VERSION\" 1>&2
+ fi
+}
+
+# Used when --lt-debug. Prints its arguments to stdout
+# (redirection is the responsibility of the caller)
+func_lt_dump_args ()
+{
+ lt_dump_args_N=1;
+ for lt_arg
+ do
+ \$ECHO \"$outputname:$output:\$LINENO: newargv[\$lt_dump_args_N]: \$lt_arg\"
+ lt_dump_args_N=\`expr \$lt_dump_args_N + 1\`
+ done
+}
+
+# Core function for launching the target application
+func_exec_program_core ()
+{
+"
+ case $host in
+ # Backslashes separate directories on plain windows
+ *-*-mingw | *-*-os2* | *-cegcc*)
+ $ECHO "\
+ if test -n \"\$lt_option_debug\"; then
+ \$ECHO \"$outputname:$output:\$LINENO: newargv[0]: \$progdir\\\\\$program\" 1>&2
+ func_lt_dump_args \${1+\"\$@\"} 1>&2
+ fi
+ exec \"\$progdir\\\\\$program\" \${1+\"\$@\"}
+"
+ ;;
+
+ *)
+ $ECHO "\
+ if test -n \"\$lt_option_debug\"; then
+ \$ECHO \"$outputname:$output:\$LINENO: newargv[0]: \$progdir/\$program\" 1>&2
+ func_lt_dump_args \${1+\"\$@\"} 1>&2
+ fi
+ exec \"\$progdir/\$program\" \${1+\"\$@\"}
+"
+ ;;
+ esac
+ $ECHO "\
+ \$ECHO \"\$0: cannot exec \$program \$*\" 1>&2
+ exit 1
+}
+
+# A function to encapsulate launching the target application
+# Strips options in the --lt-* namespace from \$@ and
+# launches target application with the remaining arguments.
+func_exec_program ()
+{
+ case \" \$* \" in
+ *\\ --lt-*)
+ for lt_wr_arg
+ do
+ case \$lt_wr_arg in
+ --lt-*) ;;
+ *) set x \"\$@\" \"\$lt_wr_arg\"; shift;;
+ esac
+ shift
+ done ;;
+ esac
+ func_exec_program_core \${1+\"\$@\"}
+}
+
+ # Parse options
+ func_parse_lt_options \"\$0\" \${1+\"\$@\"}
+
+ # Find the directory that this script lives in.
+ thisdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*$%%'\`
+ test \"x\$thisdir\" = \"x\$file\" && thisdir=.
+
+ # Follow symbolic links until we get to the real thisdir.
+ file=\`ls -ld \"\$file\" | $SED -n 's/.*-> //p'\`
+ while test -n \"\$file\"; do
+ destdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*\$%%'\`
+
+ # If there was a directory component, then change thisdir.
+ if test \"x\$destdir\" != \"x\$file\"; then
+ case \"\$destdir\" in
+ [\\\\/]* | [A-Za-z]:[\\\\/]*) thisdir=\"\$destdir\" ;;
+ *) thisdir=\"\$thisdir/\$destdir\" ;;
+ esac
+ fi
+
+ file=\`\$ECHO \"\$file\" | $SED 's%^.*/%%'\`
+ file=\`ls -ld \"\$thisdir/\$file\" | $SED -n 's/.*-> //p'\`
+ done
+
+ # Usually 'no', except on cygwin/mingw when embedded into
+ # the cwrapper.
+ WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=$func_emit_wrapper_arg1
+ if test \"\$WRAPPER_SCRIPT_BELONGS_IN_OBJDIR\" = \"yes\"; then
+ # special case for '.'
+ if test \"\$thisdir\" = \".\"; then
+ thisdir=\`pwd\`
+ fi
+ # remove .libs from thisdir
+ case \"\$thisdir\" in
+ *[\\\\/]$objdir ) thisdir=\`\$ECHO \"\$thisdir\" | $SED 's%[\\\\/][^\\\\/]*$%%'\` ;;
+ $objdir ) thisdir=. ;;
+ esac
+ fi
+
+ # Try to get the absolute directory name.
+ absdir=\`cd \"\$thisdir\" && pwd\`
+ test -n \"\$absdir\" && thisdir=\"\$absdir\"
+"
+
+ if test yes = "$fast_install"; then
+ $ECHO "\
+ program=lt-'$outputname'$exeext
+ progdir=\"\$thisdir/$objdir\"
+
+ if test ! -f \"\$progdir/\$program\" ||
+ { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | $SED 1q\`; \\
+ test \"X\$file\" != \"X\$progdir/\$program\"; }; then
+
+ file=\"\$\$-\$program\"
+
+ if test ! -d \"\$progdir\"; then
+ $MKDIR \"\$progdir\"
+ else
+ $RM \"\$progdir/\$file\"
+ fi"
+
+ $ECHO "\
+
+ # relink executable if necessary
+ if test -n \"\$relink_command\"; then
+ if relink_command_output=\`eval \$relink_command 2>&1\`; then :
+ else
+ \$ECHO \"\$relink_command_output\" >&2
+ $RM \"\$progdir/\$file\"
+ exit 1
+ fi
+ fi
+
+ $MV \"\$progdir/\$file\" \"\$progdir/\$program\" 2>/dev/null ||
+ { $RM \"\$progdir/\$program\";
+ $MV \"\$progdir/\$file\" \"\$progdir/\$program\"; }
+ $RM \"\$progdir/\$file\"
+ fi"
+ else
+ $ECHO "\
+ program='$outputname'
+ progdir=\"\$thisdir/$objdir\"
+"
+ fi
+
+ $ECHO "\
+
+ if test -f \"\$progdir/\$program\"; then"
+
+ # fixup the dll searchpath if we need to.
+ #
+ # Fix the DLL searchpath if we need to. Do this before prepending
+ # to shlibpath, because on Windows, both are PATH and uninstalled
+ # libraries must come first.
+ if test -n "$dllsearchpath"; then
+ $ECHO "\
+ # Add the dll search path components to the executable PATH
+ PATH=$dllsearchpath:\$PATH
+"
+ fi
+
+ # Export our shlibpath_var if we have one.
+ if test yes = "$shlibpath_overrides_runpath" && test -n "$shlibpath_var" && test -n "$temp_rpath"; then
+ $ECHO "\
+ # Add our own library path to $shlibpath_var
+ $shlibpath_var=\"$temp_rpath\$$shlibpath_var\"
+
+ # Some systems cannot cope with colon-terminated $shlibpath_var
+ # The second colon is a workaround for a bug in BeOS R4 sed
+ $shlibpath_var=\`\$ECHO \"\$$shlibpath_var\" | $SED 's/::*\$//'\`
+
+ export $shlibpath_var
+"
+ fi
+
+ $ECHO "\
+ if test \"\$libtool_execute_magic\" != \"$magic\"; then
+ # Run the actual program with our arguments.
+ func_exec_program \${1+\"\$@\"}
+ fi
+ else
+ # The program doesn't exist.
+ \$ECHO \"\$0: error: '\$progdir/\$program' does not exist\" 1>&2
+ \$ECHO \"This script is just a wrapper for \$program.\" 1>&2
+ \$ECHO \"See the $PACKAGE documentation for more information.\" 1>&2
+ exit 1
+ fi
+fi\
+"
+}
+
+
+# func_emit_cwrapperexe_src
+# emit the source code for a wrapper executable on stdout
+# Must ONLY be called from within func_mode_link because
+# it depends on a number of variable set therein.
+func_emit_cwrapperexe_src ()
+{
+ cat <<EOF
+
+/* $cwrappersource - temporary wrapper executable for $objdir/$outputname
+ Generated by $PROGRAM (GNU $PACKAGE) $VERSION
+
+ The $output program cannot be directly executed until all the libtool
+ libraries that it depends on are installed.
+
+ This wrapper executable should never be moved out of the build directory.
+ If it is, it will not operate correctly.
+*/
+EOF
+ cat <<"EOF"
+#ifdef _MSC_VER
+# define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef _MSC_VER
+# include <direct.h>
+# include <process.h>
+# include <io.h>
+#else
+# include <unistd.h>
+# include <stdint.h>
+# ifdef __CYGWIN__
+# include <io.h>
+# endif
+#endif
+#include <malloc.h>
+#include <stdarg.h>
+#include <assert.h>
+#include <string.h>
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+
+#define STREQ(s1, s2) (strcmp ((s1), (s2)) == 0)
+
+/* declarations of non-ANSI functions */
+#if defined __MINGW32__
+# ifdef __STRICT_ANSI__
+int _putenv (const char *);
+# endif
+#elif defined __CYGWIN__
+# ifdef __STRICT_ANSI__
+char *realpath (const char *, char *);
+int putenv (char *);
+int setenv (const char *, const char *, int);
+# endif
+/* #elif defined other_platform || defined ... */
+#endif
+
+/* portability defines, excluding path handling macros */
+#if defined _MSC_VER
+# define setmode _setmode
+# define stat _stat
+# define chmod _chmod
+# define getcwd _getcwd
+# define putenv _putenv
+# define S_IXUSR _S_IEXEC
+#elif defined __MINGW32__
+# define setmode _setmode
+# define stat _stat
+# define chmod _chmod
+# define getcwd _getcwd
+# define putenv _putenv
+#elif defined __CYGWIN__
+# define HAVE_SETENV
+# define FOPEN_WB "wb"
+/* #elif defined other platforms ... */
+#endif
+
+#if defined PATH_MAX
+# define LT_PATHMAX PATH_MAX
+#elif defined MAXPATHLEN
+# define LT_PATHMAX MAXPATHLEN
+#else
+# define LT_PATHMAX 1024
+#endif
+
+#ifndef S_IXOTH
+# define S_IXOTH 0
+#endif
+#ifndef S_IXGRP
+# define S_IXGRP 0
+#endif
+
+/* path handling portability macros */
+#ifndef DIR_SEPARATOR
+# define DIR_SEPARATOR '/'
+# define PATH_SEPARATOR ':'
+#endif
+
+#if defined _WIN32 || defined __MSDOS__ || defined __DJGPP__ || \
+ defined __OS2__
+# define HAVE_DOS_BASED_FILE_SYSTEM
+# define FOPEN_WB "wb"
+# ifndef DIR_SEPARATOR_2
+# define DIR_SEPARATOR_2 '\\'
+# endif
+# ifndef PATH_SEPARATOR_2
+# define PATH_SEPARATOR_2 ';'
+# endif
+#endif
+
+#ifndef DIR_SEPARATOR_2
+# define IS_DIR_SEPARATOR(ch) ((ch) == DIR_SEPARATOR)
+#else /* DIR_SEPARATOR_2 */
+# define IS_DIR_SEPARATOR(ch) \
+ (((ch) == DIR_SEPARATOR) || ((ch) == DIR_SEPARATOR_2))
+#endif /* DIR_SEPARATOR_2 */
+
+#ifndef PATH_SEPARATOR_2
+# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR)
+#else /* PATH_SEPARATOR_2 */
+# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2)
+#endif /* PATH_SEPARATOR_2 */
+
+#ifndef FOPEN_WB
+# define FOPEN_WB "w"
+#endif
+#ifndef _O_BINARY
+# define _O_BINARY 0
+#endif
+
+#define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type)))
+#define XFREE(stale) do { \
+ if (stale) { free (stale); stale = 0; } \
+} while (0)
+
+#if defined LT_DEBUGWRAPPER
+static int lt_debug = 1;
+#else
+static int lt_debug = 0;
+#endif
+
+const char *program_name = "libtool-wrapper"; /* in case xstrdup fails */
+
+void *xmalloc (size_t num);
+char *xstrdup (const char *string);
+const char *base_name (const char *name);
+char *find_executable (const char *wrapper);
+char *chase_symlinks (const char *pathspec);
+int make_executable (const char *path);
+int check_executable (const char *path);
+char *strendzap (char *str, const char *pat);
+void lt_debugprintf (const char *file, int line, const char *fmt, ...);
+void lt_fatal (const char *file, int line, const char *message, ...);
+static const char *nonnull (const char *s);
+static const char *nonempty (const char *s);
+void lt_setenv (const char *name, const char *value);
+char *lt_extend_str (const char *orig_value, const char *add, int to_end);
+void lt_update_exe_path (const char *name, const char *value);
+void lt_update_lib_path (const char *name, const char *value);
+char **prepare_spawn (char **argv);
+void lt_dump_script (FILE *f);
+EOF
+
+ cat <<EOF
+#if __GNUC__ < 4 || (__GNUC__ == 4 && __GNUC_MINOR__ < 5)
+# define externally_visible volatile
+#else
+# define externally_visible __attribute__((externally_visible)) volatile
+#endif
+externally_visible const char * MAGIC_EXE = "$magic_exe";
+const char * LIB_PATH_VARNAME = "$shlibpath_var";
+EOF
+
+ if test yes = "$shlibpath_overrides_runpath" && test -n "$shlibpath_var" && test -n "$temp_rpath"; then
+ func_to_host_path "$temp_rpath"
+ cat <<EOF
+const char * LIB_PATH_VALUE = "$func_to_host_path_result";
+EOF
+ else
+ cat <<"EOF"
+const char * LIB_PATH_VALUE = "";
+EOF
+ fi
+
+ if test -n "$dllsearchpath"; then
+ func_to_host_path "$dllsearchpath:"
+ cat <<EOF
+const char * EXE_PATH_VARNAME = "PATH";
+const char * EXE_PATH_VALUE = "$func_to_host_path_result";
+EOF
+ else
+ cat <<"EOF"
+const char * EXE_PATH_VARNAME = "";
+const char * EXE_PATH_VALUE = "";
+EOF
+ fi
+
+ if test yes = "$fast_install"; then
+ cat <<EOF
+const char * TARGET_PROGRAM_NAME = "lt-$outputname"; /* hopefully, no .exe */
+EOF
+ else
+ cat <<EOF
+const char * TARGET_PROGRAM_NAME = "$outputname"; /* hopefully, no .exe */
+EOF
+ fi
+
+
+ cat <<"EOF"
+
+#define LTWRAPPER_OPTION_PREFIX "--lt-"
+
+static const char *ltwrapper_option_prefix = LTWRAPPER_OPTION_PREFIX;
+static const char *dumpscript_opt = LTWRAPPER_OPTION_PREFIX "dump-script";
+static const char *debug_opt = LTWRAPPER_OPTION_PREFIX "debug";
+
+int
+main (int argc, char *argv[])
+{
+ char **newargz;
+ int newargc;
+ char *tmp_pathspec;
+ char *actual_cwrapper_path;
+ char *actual_cwrapper_name;
+ char *target_name;
+ char *lt_argv_zero;
+ int rval = 127;
+
+ int i;
+
+ program_name = (char *) xstrdup (base_name (argv[0]));
+ newargz = XMALLOC (char *, (size_t) argc + 1);
+
+ /* very simple arg parsing; don't want to rely on getopt
+ * also, copy all non cwrapper options to newargz, except
+ * argz[0], which is handled differently
+ */
+ newargc=0;
+ for (i = 1; i < argc; i++)
+ {
+ if (STREQ (argv[i], dumpscript_opt))
+ {
+EOF
+ case $host in
+ *mingw* | *cygwin* )
+ # make stdout use "unix" line endings
+ echo " setmode(1,_O_BINARY);"
+ ;;
+ esac
+
+ cat <<"EOF"
+ lt_dump_script (stdout);
+ return 0;
+ }
+ if (STREQ (argv[i], debug_opt))
+ {
+ lt_debug = 1;
+ continue;
+ }
+ if (STREQ (argv[i], ltwrapper_option_prefix))
+ {
+ /* however, if there is an option in the LTWRAPPER_OPTION_PREFIX
+ namespace, but it is not one of the ones we know about and
+ have already dealt with, above (inluding dump-script), then
+ report an error. Otherwise, targets might begin to believe
+ they are allowed to use options in the LTWRAPPER_OPTION_PREFIX
+ namespace. The first time any user complains about this, we'll
+ need to make LTWRAPPER_OPTION_PREFIX a configure-time option
+ or a configure.ac-settable value.
+ */
+ lt_fatal (__FILE__, __LINE__,
+ "unrecognized %s option: '%s'",
+ ltwrapper_option_prefix, argv[i]);
+ }
+ /* otherwise ... */
+ newargz[++newargc] = xstrdup (argv[i]);
+ }
+ newargz[++newargc] = NULL;
+
+EOF
+ cat <<EOF
+ /* The GNU banner must be the first non-error debug message */
+ lt_debugprintf (__FILE__, __LINE__, "libtool wrapper (GNU $PACKAGE) $VERSION\n");
+EOF
+ cat <<"EOF"
+ lt_debugprintf (__FILE__, __LINE__, "(main) argv[0]: %s\n", argv[0]);
+ lt_debugprintf (__FILE__, __LINE__, "(main) program_name: %s\n", program_name);
+
+ tmp_pathspec = find_executable (argv[0]);
+ if (tmp_pathspec == NULL)
+ lt_fatal (__FILE__, __LINE__, "couldn't find %s", argv[0]);
+ lt_debugprintf (__FILE__, __LINE__,
+ "(main) found exe (before symlink chase) at: %s\n",
+ tmp_pathspec);
+
+ actual_cwrapper_path = chase_symlinks (tmp_pathspec);
+ lt_debugprintf (__FILE__, __LINE__,
+ "(main) found exe (after symlink chase) at: %s\n",
+ actual_cwrapper_path);
+ XFREE (tmp_pathspec);
+
+ actual_cwrapper_name = xstrdup (base_name (actual_cwrapper_path));
+ strendzap (actual_cwrapper_path, actual_cwrapper_name);
+
+ /* wrapper name transforms */
+ strendzap (actual_cwrapper_name, ".exe");
+ tmp_pathspec = lt_extend_str (actual_cwrapper_name, ".exe", 1);
+ XFREE (actual_cwrapper_name);
+ actual_cwrapper_name = tmp_pathspec;
+ tmp_pathspec = 0;
+
+ /* target_name transforms -- use actual target program name; might have lt- prefix */
+ target_name = xstrdup (base_name (TARGET_PROGRAM_NAME));
+ strendzap (target_name, ".exe");
+ tmp_pathspec = lt_extend_str (target_name, ".exe", 1);
+ XFREE (target_name);
+ target_name = tmp_pathspec;
+ tmp_pathspec = 0;
+
+ lt_debugprintf (__FILE__, __LINE__,
+ "(main) libtool target name: %s\n",
+ target_name);
+EOF
+
+ cat <<EOF
+ newargz[0] =
+ XMALLOC (char, (strlen (actual_cwrapper_path) +
+ strlen ("$objdir") + 1 + strlen (actual_cwrapper_name) + 1));
+ strcpy (newargz[0], actual_cwrapper_path);
+ strcat (newargz[0], "$objdir");
+ strcat (newargz[0], "/");
+EOF
+
+ cat <<"EOF"
+ /* stop here, and copy so we don't have to do this twice */
+ tmp_pathspec = xstrdup (newargz[0]);
+
+ /* do NOT want the lt- prefix here, so use actual_cwrapper_name */
+ strcat (newargz[0], actual_cwrapper_name);
+
+ /* DO want the lt- prefix here if it exists, so use target_name */
+ lt_argv_zero = lt_extend_str (tmp_pathspec, target_name, 1);
+ XFREE (tmp_pathspec);
+ tmp_pathspec = NULL;
+EOF
+
+ case $host_os in
+ mingw*)
+ cat <<"EOF"
+ {
+ char* p;
+ while ((p = strchr (newargz[0], '\\')) != NULL)
+ {
+ *p = '/';
+ }
+ while ((p = strchr (lt_argv_zero, '\\')) != NULL)
+ {
+ *p = '/';
+ }
+ }
+EOF
+ ;;
+ esac
+
+ cat <<"EOF"
+ XFREE (target_name);
+ XFREE (actual_cwrapper_path);
+ XFREE (actual_cwrapper_name);
+
+ lt_setenv ("BIN_SH", "xpg4"); /* for Tru64 */
+ lt_setenv ("DUALCASE", "1"); /* for MSK sh */
+ /* Update the DLL searchpath. EXE_PATH_VALUE ($dllsearchpath) must
+ be prepended before (that is, appear after) LIB_PATH_VALUE ($temp_rpath)
+ because on Windows, both *_VARNAMEs are PATH but uninstalled
+ libraries must come first. */
+ lt_update_exe_path (EXE_PATH_VARNAME, EXE_PATH_VALUE);
+ lt_update_lib_path (LIB_PATH_VARNAME, LIB_PATH_VALUE);
+
+ lt_debugprintf (__FILE__, __LINE__, "(main) lt_argv_zero: %s\n",
+ nonnull (lt_argv_zero));
+ for (i = 0; i < newargc; i++)
+ {
+ lt_debugprintf (__FILE__, __LINE__, "(main) newargz[%d]: %s\n",
+ i, nonnull (newargz[i]));
+ }
+
+EOF
+
+ case $host_os in
+ mingw*)
+ cat <<"EOF"
+ /* execv doesn't actually work on mingw as expected on unix */
+ newargz = prepare_spawn (newargz);
+ rval = (int) _spawnv (_P_WAIT, lt_argv_zero, (const char * const *) newargz);
+ if (rval == -1)
+ {
+ /* failed to start process */
+ lt_debugprintf (__FILE__, __LINE__,
+ "(main) failed to launch target \"%s\": %s\n",
+ lt_argv_zero, nonnull (strerror (errno)));
+ return 127;
+ }
+ return rval;
+EOF
+ ;;
+ *)
+ cat <<"EOF"
+ execv (lt_argv_zero, newargz);
+ return rval; /* =127, but avoids unused variable warning */
+EOF
+ ;;
+ esac
+
+ cat <<"EOF"
+}
+
+void *
+xmalloc (size_t num)
+{
+ void *p = (void *) malloc (num);
+ if (!p)
+ lt_fatal (__FILE__, __LINE__, "memory exhausted");
+
+ return p;
+}
+
+char *
+xstrdup (const char *string)
+{
+ return string ? strcpy ((char *) xmalloc (strlen (string) + 1),
+ string) : NULL;
+}
+
+const char *
+base_name (const char *name)
+{
+ const char *base;
+
+#if defined HAVE_DOS_BASED_FILE_SYSTEM
+ /* Skip over the disk name in MSDOS pathnames. */
+ if (isalpha ((unsigned char) name[0]) && name[1] == ':')
+ name += 2;
+#endif
+
+ for (base = name; *name; name++)
+ if (IS_DIR_SEPARATOR (*name))
+ base = name + 1;
+ return base;
+}
+
+int
+check_executable (const char *path)
+{
+ struct stat st;
+
+ lt_debugprintf (__FILE__, __LINE__, "(check_executable): %s\n",
+ nonempty (path));
+ if ((!path) || (!*path))
+ return 0;
+
+ if ((stat (path, &st) >= 0)
+ && (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)))
+ return 1;
+ else
+ return 0;
+}
+
+int
+make_executable (const char *path)
+{
+ int rval = 0;
+ struct stat st;
+
+ lt_debugprintf (__FILE__, __LINE__, "(make_executable): %s\n",
+ nonempty (path));
+ if ((!path) || (!*path))
+ return 0;
+
+ if (stat (path, &st) >= 0)
+ {
+ rval = chmod (path, st.st_mode | S_IXOTH | S_IXGRP | S_IXUSR);
+ }
+ return rval;
+}
+
+/* Searches for the full path of the wrapper. Returns
+ newly allocated full path name if found, NULL otherwise
+ Does not chase symlinks, even on platforms that support them.
+*/
+char *
+find_executable (const char *wrapper)
+{
+ int has_slash = 0;
+ const char *p;
+ const char *p_next;
+ /* static buffer for getcwd */
+ char tmp[LT_PATHMAX + 1];
+ size_t tmp_len;
+ char *concat_name;
+
+ lt_debugprintf (__FILE__, __LINE__, "(find_executable): %s\n",
+ nonempty (wrapper));
+
+ if ((wrapper == NULL) || (*wrapper == '\0'))
+ return NULL;
+
+ /* Absolute path? */
+#if defined HAVE_DOS_BASED_FILE_SYSTEM
+ if (isalpha ((unsigned char) wrapper[0]) && wrapper[1] == ':')
+ {
+ concat_name = xstrdup (wrapper);
+ if (check_executable (concat_name))
+ return concat_name;
+ XFREE (concat_name);
+ }
+ else
+ {
+#endif
+ if (IS_DIR_SEPARATOR (wrapper[0]))
+ {
+ concat_name = xstrdup (wrapper);
+ if (check_executable (concat_name))
+ return concat_name;
+ XFREE (concat_name);
+ }
+#if defined HAVE_DOS_BASED_FILE_SYSTEM
+ }
+#endif
+
+ for (p = wrapper; *p; p++)
+ if (*p == '/')
+ {
+ has_slash = 1;
+ break;
+ }
+ if (!has_slash)
+ {
+ /* no slashes; search PATH */
+ const char *path = getenv ("PATH");
+ if (path != NULL)
+ {
+ for (p = path; *p; p = p_next)
+ {
+ const char *q;
+ size_t p_len;
+ for (q = p; *q; q++)
+ if (IS_PATH_SEPARATOR (*q))
+ break;
+ p_len = (size_t) (q - p);
+ p_next = (*q == '\0' ? q : q + 1);
+ if (p_len == 0)
+ {
+ /* empty path: current directory */
+ if (getcwd (tmp, LT_PATHMAX) == NULL)
+ lt_fatal (__FILE__, __LINE__, "getcwd failed: %s",
+ nonnull (strerror (errno)));
+ tmp_len = strlen (tmp);
+ concat_name =
+ XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1);
+ memcpy (concat_name, tmp, tmp_len);
+ concat_name[tmp_len] = '/';
+ strcpy (concat_name + tmp_len + 1, wrapper);
+ }
+ else
+ {
+ concat_name =
+ XMALLOC (char, p_len + 1 + strlen (wrapper) + 1);
+ memcpy (concat_name, p, p_len);
+ concat_name[p_len] = '/';
+ strcpy (concat_name + p_len + 1, wrapper);
+ }
+ if (check_executable (concat_name))
+ return concat_name;
+ XFREE (concat_name);
+ }
+ }
+ /* not found in PATH; assume curdir */
+ }
+ /* Relative path | not found in path: prepend cwd */
+ if (getcwd (tmp, LT_PATHMAX) == NULL)
+ lt_fatal (__FILE__, __LINE__, "getcwd failed: %s",
+ nonnull (strerror (errno)));
+ tmp_len = strlen (tmp);
+ concat_name = XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1);
+ memcpy (concat_name, tmp, tmp_len);
+ concat_name[tmp_len] = '/';
+ strcpy (concat_name + tmp_len + 1, wrapper);
+
+ if (check_executable (concat_name))
+ return concat_name;
+ XFREE (concat_name);
+ return NULL;
+}
+
+char *
+chase_symlinks (const char *pathspec)
+{
+#ifndef S_ISLNK
+ return xstrdup (pathspec);
+#else
+ char buf[LT_PATHMAX];
+ struct stat s;
+ char *tmp_pathspec = xstrdup (pathspec);
+ char *p;
+ int has_symlinks = 0;
+ while (strlen (tmp_pathspec) && !has_symlinks)
+ {
+ lt_debugprintf (__FILE__, __LINE__,
+ "checking path component for symlinks: %s\n",
+ tmp_pathspec);
+ if (lstat (tmp_pathspec, &s) == 0)
+ {
+ if (S_ISLNK (s.st_mode) != 0)
+ {
+ has_symlinks = 1;
+ break;
+ }
+
+ /* search backwards for last DIR_SEPARATOR */
+ p = tmp_pathspec + strlen (tmp_pathspec) - 1;
+ while ((p > tmp_pathspec) && (!IS_DIR_SEPARATOR (*p)))
+ p--;
+ if ((p == tmp_pathspec) && (!IS_DIR_SEPARATOR (*p)))
+ {
+ /* no more DIR_SEPARATORS left */
+ break;
+ }
+ *p = '\0';
+ }
+ else
+ {
+ lt_fatal (__FILE__, __LINE__,
+ "error accessing file \"%s\": %s",
+ tmp_pathspec, nonnull (strerror (errno)));
+ }
+ }
+ XFREE (tmp_pathspec);
+
+ if (!has_symlinks)
+ {
+ return xstrdup (pathspec);
+ }
+
+ tmp_pathspec = realpath (pathspec, buf);
+ if (tmp_pathspec == 0)
+ {
+ lt_fatal (__FILE__, __LINE__,
+ "could not follow symlinks for %s", pathspec);
+ }
+ return xstrdup (tmp_pathspec);
+#endif
+}
+
+char *
+strendzap (char *str, const char *pat)
+{
+ size_t len, patlen;
+
+ assert (str != NULL);
+ assert (pat != NULL);
+
+ len = strlen (str);
+ patlen = strlen (pat);
+
+ if (patlen <= len)
+ {
+ str += len - patlen;
+ if (STREQ (str, pat))
+ *str = '\0';
+ }
+ return str;
+}
+
+void
+lt_debugprintf (const char *file, int line, const char *fmt, ...)
+{
+ va_list args;
+ if (lt_debug)
+ {
+ (void) fprintf (stderr, "%s:%s:%d: ", program_name, file, line);
+ va_start (args, fmt);
+ (void) vfprintf (stderr, fmt, args);
+ va_end (args);
+ }
+}
+
+static void
+lt_error_core (int exit_status, const char *file,
+ int line, const char *mode,
+ const char *message, va_list ap)
+{
+ fprintf (stderr, "%s:%s:%d: %s: ", program_name, file, line, mode);
+ vfprintf (stderr, message, ap);
+ fprintf (stderr, ".\n");
+
+ if (exit_status >= 0)
+ exit (exit_status);
+}
+
+void
+lt_fatal (const char *file, int line, const char *message, ...)
+{
+ va_list ap;
+ va_start (ap, message);
+ lt_error_core (EXIT_FAILURE, file, line, "FATAL", message, ap);
+ va_end (ap);
+}
+
+static const char *
+nonnull (const char *s)
+{
+ return s ? s : "(null)";
+}
+
+static const char *
+nonempty (const char *s)
+{
+ return (s && !*s) ? "(empty)" : nonnull (s);
+}
+
+void
+lt_setenv (const char *name, const char *value)
+{
+ lt_debugprintf (__FILE__, __LINE__,
+ "(lt_setenv) setting '%s' to '%s'\n",
+ nonnull (name), nonnull (value));
+ {
+#ifdef HAVE_SETENV
+ /* always make a copy, for consistency with !HAVE_SETENV */
+ char *str = xstrdup (value);
+ setenv (name, str, 1);
+#else
+ size_t len = strlen (name) + 1 + strlen (value) + 1;
+ char *str = XMALLOC (char, len);
+ sprintf (str, "%s=%s", name, value);
+ if (putenv (str) != EXIT_SUCCESS)
+ {
+ XFREE (str);
+ }
+#endif
+ }
+}
+
+char *
+lt_extend_str (const char *orig_value, const char *add, int to_end)
+{
+ char *new_value;
+ if (orig_value && *orig_value)
+ {
+ size_t orig_value_len = strlen (orig_value);
+ size_t add_len = strlen (add);
+ new_value = XMALLOC (char, add_len + orig_value_len + 1);
+ if (to_end)
+ {
+ strcpy (new_value, orig_value);
+ strcpy (new_value + orig_value_len, add);
+ }
+ else
+ {
+ strcpy (new_value, add);
+ strcpy (new_value + add_len, orig_value);
+ }
+ }
+ else
+ {
+ new_value = xstrdup (add);
+ }
+ return new_value;
+}
+
+void
+lt_update_exe_path (const char *name, const char *value)
+{
+ lt_debugprintf (__FILE__, __LINE__,
+ "(lt_update_exe_path) modifying '%s' by prepending '%s'\n",
+ nonnull (name), nonnull (value));
+
+ if (name && *name && value && *value)
+ {
+ char *new_value = lt_extend_str (getenv (name), value, 0);
+ /* some systems can't cope with a ':'-terminated path #' */
+ size_t len = strlen (new_value);
+ while ((len > 0) && IS_PATH_SEPARATOR (new_value[len-1]))
+ {
+ new_value[--len] = '\0';
+ }
+ lt_setenv (name, new_value);
+ XFREE (new_value);
+ }
+}
+
+void
+lt_update_lib_path (const char *name, const char *value)
+{
+ lt_debugprintf (__FILE__, __LINE__,
+ "(lt_update_lib_path) modifying '%s' by prepending '%s'\n",
+ nonnull (name), nonnull (value));
+
+ if (name && *name && value && *value)
+ {
+ char *new_value = lt_extend_str (getenv (name), value, 0);
+ lt_setenv (name, new_value);
+ XFREE (new_value);
+ }
+}
+
+EOF
+ case $host_os in
+ mingw*)
+ cat <<"EOF"
+
+/* Prepares an argument vector before calling spawn().
+ Note that spawn() does not by itself call the command interpreter
+ (getenv ("COMSPEC") != NULL ? getenv ("COMSPEC") :
+ ({ OSVERSIONINFO v; v.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
+ GetVersionEx(&v);
+ v.dwPlatformId == VER_PLATFORM_WIN32_NT;
+ }) ? "cmd.exe" : "command.com").
+ Instead it simply concatenates the arguments, separated by ' ', and calls
+ CreateProcess(). We must quote the arguments since Win32 CreateProcess()
+ interprets characters like ' ', '\t', '\\', '"' (but not '<' and '>') in a
+ special way:
+ - Space and tab are interpreted as delimiters. They are not treated as
+ delimiters if they are surrounded by double quotes: "...".
+ - Unescaped double quotes are removed from the input. Their only effect is
+ that within double quotes, space and tab are treated like normal
+ characters.
+ - Backslashes not followed by double quotes are not special.
+ - But 2*n+1 backslashes followed by a double quote become
+ n backslashes followed by a double quote (n >= 0):
+ \" -> "
+ \\\" -> \"
+ \\\\\" -> \\"
+ */
+#define SHELL_SPECIAL_CHARS "\"\\ \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037"
+#define SHELL_SPACE_CHARS " \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037"
+char **
+prepare_spawn (char **argv)
+{
+ size_t argc;
+ char **new_argv;
+ size_t i;
+
+ /* Count number of arguments. */
+ for (argc = 0; argv[argc] != NULL; argc++)
+ ;
+
+ /* Allocate new argument vector. */
+ new_argv = XMALLOC (char *, argc + 1);
+
+ /* Put quoted arguments into the new argument vector. */
+ for (i = 0; i < argc; i++)
+ {
+ const char *string = argv[i];
+
+ if (string[0] == '\0')
+ new_argv[i] = xstrdup ("\"\"");
+ else if (strpbrk (string, SHELL_SPECIAL_CHARS) != NULL)
+ {
+ int quote_around = (strpbrk (string, SHELL_SPACE_CHARS) != NULL);
+ size_t length;
+ unsigned int backslashes;
+ const char *s;
+ char *quoted_string;
+ char *p;
+
+ length = 0;
+ backslashes = 0;
+ if (quote_around)
+ length++;
+ for (s = string; *s != '\0'; s++)
+ {
+ char c = *s;
+ if (c == '"')
+ length += backslashes + 1;
+ length++;
+ if (c == '\\')
+ backslashes++;
+ else
+ backslashes = 0;
+ }
+ if (quote_around)
+ length += backslashes + 1;
+
+ quoted_string = XMALLOC (char, length + 1);
+
+ p = quoted_string;
+ backslashes = 0;
+ if (quote_around)
+ *p++ = '"';
+ for (s = string; *s != '\0'; s++)
+ {
+ char c = *s;
+ if (c == '"')
+ {
+ unsigned int j;
+ for (j = backslashes + 1; j > 0; j--)
+ *p++ = '\\';
+ }
+ *p++ = c;
+ if (c == '\\')
+ backslashes++;
+ else
+ backslashes = 0;
+ }
+ if (quote_around)
+ {
+ unsigned int j;
+ for (j = backslashes; j > 0; j--)
+ *p++ = '\\';
+ *p++ = '"';
+ }
+ *p = '\0';
+
+ new_argv[i] = quoted_string;
+ }
+ else
+ new_argv[i] = (char *) string;
+ }
+ new_argv[argc] = NULL;
+
+ return new_argv;
+}
+EOF
+ ;;
+ esac
+
+ cat <<"EOF"
+void lt_dump_script (FILE* f)
+{
+EOF
+ func_emit_wrapper yes |
+ $SED -n -e '
+s/^\(.\{79\}\)\(..*\)/\1\
+\2/
+h
+s/\([\\"]\)/\\\1/g
+s/$/\\n/
+s/\([^\n]*\).*/ fputs ("\1", f);/p
+g
+D'
+ cat <<"EOF"
+}
+EOF
+}
+# end: func_emit_cwrapperexe_src
+
+# func_win32_import_lib_p ARG
+# True if ARG is an import lib, as indicated by $file_magic_cmd
+func_win32_import_lib_p ()
+{
+ $debug_cmd
+
+ case `eval $file_magic_cmd \"\$1\" 2>/dev/null | $SED -e 10q` in
+ *import*) : ;;
+ *) false ;;
+ esac
+}
+
+# func_suncc_cstd_abi
+# !!ONLY CALL THIS FOR SUN CC AFTER $compile_command IS FULLY EXPANDED!!
+# Several compiler flags select an ABI that is incompatible with the
+# Cstd library. Avoid specifying it if any are in CXXFLAGS.
+func_suncc_cstd_abi ()
+{
+ $debug_cmd
+
+ case " $compile_command " in
+ *" -compat=g "*|*\ -std=c++[0-9][0-9]\ *|*" -library=stdcxx4 "*|*" -library=stlport4 "*)
+ suncc_use_cstd_abi=no
+ ;;
+ *)
+ suncc_use_cstd_abi=yes
+ ;;
+ esac
+}
+
+# func_mode_link arg...
+func_mode_link ()
+{
+ $debug_cmd
+
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
+ # It is impossible to link a dll without this setting, and
+ # we shouldn't force the makefile maintainer to figure out
+ # what system we are compiling for in order to pass an extra
+ # flag for every libtool invocation.
+ # allow_undefined=no
+
+ # FIXME: Unfortunately, there are problems with the above when trying
+ # to make a dll that has undefined symbols, in which case not
+ # even a static library is built. For now, we need to specify
+ # -no-undefined on the libtool link line when we can be certain
+ # that all symbols are satisfied, otherwise we get a static library.
+ allow_undefined=yes
+ ;;
+ *)
+ allow_undefined=yes
+ ;;
+ esac
+ libtool_args=$nonopt
+ base_compile="$nonopt $@"
+ compile_command=$nonopt
+ finalize_command=$nonopt
+
+ compile_rpath=
+ finalize_rpath=
+ compile_shlibpath=
+ finalize_shlibpath=
+ convenience=
+ old_convenience=
+ deplibs=
+ old_deplibs=
+ compiler_flags=
+ linker_flags=
+ dllsearchpath=
+ lib_search_path=`pwd`
+ inst_prefix_dir=
+ new_inherited_linker_flags=
+
+ avoid_version=no
+ bindir=
+ dlfiles=
+ dlprefiles=
+ dlself=no
+ export_dynamic=no
+ export_symbols=
+ export_symbols_regex=
+ generated=
+ libobjs=
+ ltlibs=
+ module=no
+ no_install=no
+ objs=
+ os2dllname=
+ non_pic_objects=
+ precious_files_regex=
+ prefer_static_libs=no
+ preload=false
+ prev=
+ prevarg=
+ release=
+ rpath=
+ xrpath=
+ perm_rpath=
+ temp_rpath=
+ thread_safe=no
+ vinfo=
+ vinfo_number=no
+ weak_libs=
+ single_module=$wl-single_module
+ func_infer_tag $base_compile
+
+ # We need to know -static, to get the right output filenames.
+ for arg
+ do
+ case $arg in
+ -shared)
+ test yes != "$build_libtool_libs" \
+ && func_fatal_configuration "cannot build a shared library"
+ build_old_libs=no
+ break
+ ;;
+ -all-static | -static | -static-libtool-libs)
+ case $arg in
+ -all-static)
+ if test yes = "$build_libtool_libs" && test -z "$link_static_flag"; then
+ func_warning "complete static linking is impossible in this configuration"
+ fi
+ if test -n "$link_static_flag"; then
+ dlopen_self=$dlopen_self_static
+ fi
+ prefer_static_libs=yes
+ ;;
+ -static)
+ if test -z "$pic_flag" && test -n "$link_static_flag"; then
+ dlopen_self=$dlopen_self_static
+ fi
+ prefer_static_libs=built
+ ;;
+ -static-libtool-libs)
+ if test -z "$pic_flag" && test -n "$link_static_flag"; then
+ dlopen_self=$dlopen_self_static
+ fi
+ prefer_static_libs=yes
+ ;;
+ esac
+ build_libtool_libs=no
+ build_old_libs=yes
+ break
+ ;;
+ esac
+ done
+
+ # See if our shared archives depend on static archives.
+ test -n "$old_archive_from_new_cmds" && build_old_libs=yes
+
+ # Go through the arguments, transforming them on the way.
+ while test "$#" -gt 0; do
+ arg=$1
+ shift
+ func_quote_arg pretty,unquoted "$arg"
+ qarg=$func_quote_arg_unquoted_result
+ func_append libtool_args " $func_quote_arg_result"
+
+ # If the previous option needs an argument, assign it.
+ if test -n "$prev"; then
+ case $prev in
+ output)
+ func_append compile_command " @OUTPUT@"
+ func_append finalize_command " @OUTPUT@"
+ ;;
+ esac
+
+ case $prev in
+ bindir)
+ bindir=$arg
+ prev=
+ continue
+ ;;
+ dlfiles|dlprefiles)
+ $preload || {
+ # Add the symbol object into the linking commands.
+ func_append compile_command " @SYMFILE@"
+ func_append finalize_command " @SYMFILE@"
+ preload=:
+ }
+ case $arg in
+ *.la | *.lo) ;; # We handle these cases below.
+ force)
+ if test no = "$dlself"; then
+ dlself=needless
+ export_dynamic=yes
+ fi
+ prev=
+ continue
+ ;;
+ self)
+ if test dlprefiles = "$prev"; then
+ dlself=yes
+ elif test dlfiles = "$prev" && test yes != "$dlopen_self"; then
+ dlself=yes
+ else
+ dlself=needless
+ export_dynamic=yes
+ fi
+ prev=
+ continue
+ ;;
+ *)
+ if test dlfiles = "$prev"; then
+ func_append dlfiles " $arg"
+ else
+ func_append dlprefiles " $arg"
+ fi
+ prev=
+ continue
+ ;;
+ esac
+ ;;
+ expsyms)
+ export_symbols=$arg
+ test -f "$arg" \
+ || func_fatal_error "symbol file '$arg' does not exist"
+ prev=
+ continue
+ ;;
+ expsyms_regex)
+ export_symbols_regex=$arg
+ prev=
+ continue
+ ;;
+ framework)
+ case $host in
+ *-*-darwin*)
+ case "$deplibs " in
+ *" $qarg.ltframework "*) ;;
+ *) func_append deplibs " $qarg.ltframework" # this is fixed later
+ ;;
+ esac
+ ;;
+ esac
+ prev=
+ continue
+ ;;
+ inst_prefix)
+ inst_prefix_dir=$arg
+ prev=
+ continue
+ ;;
+ mllvm)
+ # Clang does not use LLVM to link, so we can simply discard any
+ # '-mllvm $arg' options when doing the link step.
+ prev=
+ continue
+ ;;
+ objectlist)
+ if test -f "$arg"; then
+ save_arg=$arg
+ moreargs=
+ for fil in `cat "$save_arg"`
+ do
+# func_append moreargs " $fil"
+ arg=$fil
+ # A libtool-controlled object.
+
+ # Check to see that this really is a libtool object.
+ if func_lalib_unsafe_p "$arg"; then
+ pic_object=
+ non_pic_object=
+
+ # Read the .lo file
+ func_source "$arg"
+
+ if test -z "$pic_object" ||
+ test -z "$non_pic_object" ||
+ test none = "$pic_object" &&
+ test none = "$non_pic_object"; then
+ func_fatal_error "cannot find name of object for '$arg'"
+ fi
+
+ # Extract subdirectory from the argument.
+ func_dirname "$arg" "/" ""
+ xdir=$func_dirname_result
+
+ if test none != "$pic_object"; then
+ # Prepend the subdirectory the object is found in.
+ pic_object=$xdir$pic_object
+
+ if test dlfiles = "$prev"; then
+ if test yes = "$build_libtool_libs" && test yes = "$dlopen_support"; then
+ func_append dlfiles " $pic_object"
+ prev=
+ continue
+ else
+ # If libtool objects are unsupported, then we need to preload.
+ prev=dlprefiles
+ fi
+ fi
+
+ # CHECK ME: I think I busted this. -Ossama
+ if test dlprefiles = "$prev"; then
+ # Preload the old-style object.
+ func_append dlprefiles " $pic_object"
+ prev=
+ fi
+
+ # A PIC object.
+ func_append libobjs " $pic_object"
+ arg=$pic_object
+ fi
+
+ # Non-PIC object.
+ if test none != "$non_pic_object"; then
+ # Prepend the subdirectory the object is found in.
+ non_pic_object=$xdir$non_pic_object
+
+ # A standard non-PIC object
+ func_append non_pic_objects " $non_pic_object"
+ if test -z "$pic_object" || test none = "$pic_object"; then
+ arg=$non_pic_object
+ fi
+ else
+ # If the PIC object exists, use it instead.
+ # $xdir was prepended to $pic_object above.
+ non_pic_object=$pic_object
+ func_append non_pic_objects " $non_pic_object"
+ fi
+ else
+ # Only an error if not doing a dry-run.
+ if $opt_dry_run; then
+ # Extract subdirectory from the argument.
+ func_dirname "$arg" "/" ""
+ xdir=$func_dirname_result
+
+ func_lo2o "$arg"
+ pic_object=$xdir$objdir/$func_lo2o_result
+ non_pic_object=$xdir$func_lo2o_result
+ func_append libobjs " $pic_object"
+ func_append non_pic_objects " $non_pic_object"
+ else
+ func_fatal_error "'$arg' is not a valid libtool object"
+ fi
+ fi
+ done
+ else
+ func_fatal_error "link input file '$arg' does not exist"
+ fi
+ arg=$save_arg
+ prev=
+ continue
+ ;;
+ os2dllname)
+ os2dllname=$arg
+ prev=
+ continue
+ ;;
+ precious_regex)
+ precious_files_regex=$arg
+ prev=
+ continue
+ ;;
+ release)
+ release=-$arg
+ prev=
+ continue
+ ;;
+ rpath | xrpath)
+ # We need an absolute path.
+ case $arg in
+ [\\/]* | [A-Za-z]:[\\/]*) ;;
+ *)
+ func_fatal_error "only absolute run-paths are allowed"
+ ;;
+ esac
+ if test rpath = "$prev"; then
+ case "$rpath " in
+ *" $arg "*) ;;
+ *) func_append rpath " $arg" ;;
+ esac
+ else
+ case "$xrpath " in
+ *" $arg "*) ;;
+ *) func_append xrpath " $arg" ;;
+ esac
+ fi
+ prev=
+ continue
+ ;;
+ shrext)
+ shrext_cmds=$arg
+ prev=
+ continue
+ ;;
+ weak)
+ func_append weak_libs " $arg"
+ prev=
+ continue
+ ;;
+ xassembler)
+ func_append compiler_flags " -Xassembler $qarg"
+ prev=
+ func_append compile_command " -Xassembler $qarg"
+ func_append finalize_command " -Xassembler $qarg"
+ continue
+ ;;
+ xcclinker)
+ func_append linker_flags " $qarg"
+ func_append compiler_flags " $qarg"
+ prev=
+ func_append compile_command " $qarg"
+ func_append finalize_command " $qarg"
+ continue
+ ;;
+ xcompiler)
+ func_append compiler_flags " $qarg"
+ prev=
+ func_append compile_command " $qarg"
+ func_append finalize_command " $qarg"
+ continue
+ ;;
+ xlinker)
+ func_append linker_flags " $qarg"
+ func_append compiler_flags " $wl$qarg"
+ prev=
+ func_append compile_command " $wl$qarg"
+ func_append finalize_command " $wl$qarg"
+ continue
+ ;;
+ *)
+ eval "$prev=\"\$arg\""
+ prev=
+ continue
+ ;;
+ esac
+ fi # test -n "$prev"
+
+ prevarg=$arg
+
+ case $arg in
+ -all-static)
+ if test -n "$link_static_flag"; then
+ # See comment for -static flag below, for more details.
+ func_append compile_command " $link_static_flag"
+ func_append finalize_command " $link_static_flag"
+ fi
+ continue
+ ;;
+
+ -allow-undefined)
+ # FIXME: remove this flag sometime in the future.
+ func_fatal_error "'-allow-undefined' must not be used because it is the default"
+ ;;
+
+ -avoid-version)
+ avoid_version=yes
+ continue
+ ;;
+
+ -bindir)
+ prev=bindir
+ continue
+ ;;
+
+ -dlopen)
+ prev=dlfiles
+ continue
+ ;;
+
+ -dlpreopen)
+ prev=dlprefiles
+ continue
+ ;;
+
+ -export-dynamic)
+ export_dynamic=yes
+ continue
+ ;;
+
+ -export-symbols | -export-symbols-regex)
+ if test -n "$export_symbols" || test -n "$export_symbols_regex"; then
+ func_fatal_error "more than one -exported-symbols argument is not allowed"
+ fi
+ if test X-export-symbols = "X$arg"; then
+ prev=expsyms
+ else
+ prev=expsyms_regex
+ fi
+ continue
+ ;;
+
+ -framework)
+ prev=framework
+ continue
+ ;;
+
+ -inst-prefix-dir)
+ prev=inst_prefix
+ continue
+ ;;
+
+ # The native IRIX linker understands -LANG:*, -LIST:* and -LNO:*
+ # so, if we see these flags be careful not to treat them like -L
+ -L[A-Z][A-Z]*:*)
+ case $with_gcc/$host in
+ no/*-*-irix* | /*-*-irix*)
+ func_append compile_command " $arg"
+ func_append finalize_command " $arg"
+ ;;
+ esac
+ continue
+ ;;
+
+ -L*)
+ func_stripname "-L" '' "$arg"
+ if test -z "$func_stripname_result"; then
+ if test "$#" -gt 0; then
+ func_fatal_error "require no space between '-L' and '$1'"
+ else
+ func_fatal_error "need path for '-L' option"
+ fi
+ fi
+ func_resolve_sysroot "$func_stripname_result"
+ dir=$func_resolve_sysroot_result
+ # We need an absolute path.
+ case $dir in
+ [\\/]* | [A-Za-z]:[\\/]*) ;;
+ *)
+ absdir=`cd "$dir" && pwd`
+ test -z "$absdir" && \
+ func_fatal_error "cannot determine absolute directory name of '$dir'"
+ dir=$absdir
+ ;;
+ esac
+ case "$deplibs " in
+ *" -L$dir "* | *" $arg "*)
+ # Will only happen for absolute or sysroot arguments
+ ;;
+ *)
+ # Preserve sysroot, but never include relative directories
+ case $dir in
+ [\\/]* | [A-Za-z]:[\\/]* | =*) func_append deplibs " $arg" ;;
+ *) func_append deplibs " -L$dir" ;;
+ esac
+ func_append lib_search_path " $dir"
+ ;;
+ esac
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
+ testbindir=`$ECHO "$dir" | $SED 's*/lib$*/bin*'`
+ case :$dllsearchpath: in
+ *":$dir:"*) ;;
+ ::) dllsearchpath=$dir;;
+ *) func_append dllsearchpath ":$dir";;
+ esac
+ case :$dllsearchpath: in
+ *":$testbindir:"*) ;;
+ ::) dllsearchpath=$testbindir;;
+ *) func_append dllsearchpath ":$testbindir";;
+ esac
+ ;;
+ esac
+ continue
+ ;;
+
+ -l*)
+ if test X-lc = "X$arg" || test X-lm = "X$arg"; then
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc* | *-*-haiku*)
+ # These systems don't actually have a C or math library (as such)
+ continue
+ ;;
+ *-*-os2*)
+ # These systems don't actually have a C library (as such)
+ test X-lc = "X$arg" && continue
+ ;;
+ *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig* | *-*-midnightbsd*)
+ # Do not include libc due to us having libc/libc_r.
+ test X-lc = "X$arg" && continue
+ ;;
+ *-*-rhapsody* | *-*-darwin1.[012])
+ # Rhapsody C and math libraries are in the System framework
+ func_append deplibs " System.ltframework"
+ continue
+ ;;
+ *-*-sco3.2v5* | *-*-sco5v6*)
+ # Causes problems with __ctype
+ test X-lc = "X$arg" && continue
+ ;;
+ *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*)
+ # Compiler inserts libc in the correct place for threads to work
+ test X-lc = "X$arg" && continue
+ ;;
+ esac
+ elif test X-lc_r = "X$arg"; then
+ case $host in
+ *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig* | *-*-midnightbsd*)
+ # Do not include libc_r directly, use -pthread flag.
+ continue
+ ;;
+ esac
+ fi
+ func_append deplibs " $arg"
+ continue
+ ;;
+
+ -mllvm)
+ prev=mllvm
+ continue
+ ;;
+
+ -module)
+ module=yes
+ continue
+ ;;
+
+ # Tru64 UNIX uses -model [arg] to determine the layout of C++
+ # classes, name mangling, and exception handling.
+ # Darwin uses the -arch flag to determine output architecture.
+ -model|-arch|-isysroot|--sysroot)
+ func_append compiler_flags " $arg"
+ func_append compile_command " $arg"
+ func_append finalize_command " $arg"
+ prev=xcompiler
+ continue
+ ;;
+ # Solaris ld rejects as of 11.4. Refer to Oracle bug 22985199.
+ -pthread)
+ case $host in
+ *solaris2*) ;;
+ *)
+ case "$new_inherited_linker_flags " in
+ *" $arg "*) ;;
+ * ) func_append new_inherited_linker_flags " $arg" ;;
+ esac
+ ;;
+ esac
+ continue
+ ;;
+ -mt|-mthreads|-kthread|-Kthread|-pthreads|--thread-safe \
+ |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*)
+ func_append compiler_flags " $arg"
+ func_append compile_command " $arg"
+ func_append finalize_command " $arg"
+ case "$new_inherited_linker_flags " in
+ *" $arg "*) ;;
+ * ) func_append new_inherited_linker_flags " $arg" ;;
+ esac
+ continue
+ ;;
+
+ -multi_module)
+ single_module=$wl-multi_module
+ continue
+ ;;
+
+ -no-fast-install)
+ fast_install=no
+ continue
+ ;;
+
+ -no-install)
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-darwin* | *-cegcc*)
+ # The PATH hackery in wrapper scripts is required on Windows
+ # and Darwin in order for the loader to find any dlls it needs.
+ func_warning "'-no-install' is ignored for $host"
+ func_warning "assuming '-no-fast-install' instead"
+ fast_install=no
+ ;;
+ *) no_install=yes ;;
+ esac
+ continue
+ ;;
+
+ -no-undefined)
+ allow_undefined=no
+ continue
+ ;;
+
+ -objectlist)
+ prev=objectlist
+ continue
+ ;;
+
+ -os2dllname)
+ prev=os2dllname
+ continue
+ ;;
+
+ -o) prev=output ;;
+
+ -precious-files-regex)
+ prev=precious_regex
+ continue
+ ;;
+
+ -release)
+ prev=release
+ continue
+ ;;
+
+ -rpath)
+ prev=rpath
+ continue
+ ;;
+
+ -R)
+ prev=xrpath
+ continue
+ ;;
+
+ -R*)
+ func_stripname '-R' '' "$arg"
+ dir=$func_stripname_result
+ # We need an absolute path.
+ case $dir in
+ [\\/]* | [A-Za-z]:[\\/]*) ;;
+ =*)
+ func_stripname '=' '' "$dir"
+ dir=$lt_sysroot$func_stripname_result
+ ;;
+ *)
+ func_fatal_error "only absolute run-paths are allowed"
+ ;;
+ esac
+ case "$xrpath " in
+ *" $dir "*) ;;
+ *) func_append xrpath " $dir" ;;
+ esac
+ continue
+ ;;
+
+ -shared)
+ # The effects of -shared are defined in a previous loop.
+ continue
+ ;;
+
+ -shrext)
+ prev=shrext
+ continue
+ ;;
+
+ -static | -static-libtool-libs)
+ # The effects of -static are defined in a previous loop.
+ # We used to do the same as -all-static on platforms that
+ # didn't have a PIC flag, but the assumption that the effects
+ # would be equivalent was wrong. It would break on at least
+ # Digital Unix and AIX.
+ continue
+ ;;
+
+ -thread-safe)
+ thread_safe=yes
+ continue
+ ;;
+
+ -version-info)
+ prev=vinfo
+ continue
+ ;;
+
+ -version-number)
+ prev=vinfo
+ vinfo_number=yes
+ continue
+ ;;
+
+ -weak)
+ prev=weak
+ continue
+ ;;
+
+ -Wc,*)
+ func_stripname '-Wc,' '' "$arg"
+ args=$func_stripname_result
+ arg=
+ save_ifs=$IFS; IFS=,
+ for flag in $args; do
+ IFS=$save_ifs
+ func_quote_arg pretty "$flag"
+ func_append arg " $func_quote_arg_result"
+ func_append compiler_flags " $func_quote_arg_result"
+ done
+ IFS=$save_ifs
+ func_stripname ' ' '' "$arg"
+ arg=$func_stripname_result
+ ;;
+
+ -Wl,*)
+ func_stripname '-Wl,' '' "$arg"
+ args=$func_stripname_result
+ arg=
+ save_ifs=$IFS; IFS=,
+ for flag in $args; do
+ IFS=$save_ifs
+ func_quote_arg pretty "$flag"
+ func_append arg " $wl$func_quote_arg_result"
+ func_append compiler_flags " $wl$func_quote_arg_result"
+ func_append linker_flags " $func_quote_arg_result"
+ done
+ IFS=$save_ifs
+ func_stripname ' ' '' "$arg"
+ arg=$func_stripname_result
+ ;;
+
+ -Xassembler)
+ prev=xassembler
+ continue
+ ;;
+
+ -Xcompiler)
+ prev=xcompiler
+ continue
+ ;;
+
+ -Xlinker)
+ prev=xlinker
+ continue
+ ;;
+
+ -XCClinker)
+ prev=xcclinker
+ continue
+ ;;
+
+ # -msg_* for osf cc
+ -msg_*)
+ func_quote_arg pretty "$arg"
+ arg=$func_quote_arg_result
+ ;;
+
+ # Flags to be passed through unchanged, with rationale:
+ # -64, -mips[0-9] enable 64-bit mode for the SGI compiler
+ # -r[0-9][0-9]* specify processor for the SGI compiler
+ # -xarch=*, -xtarget=* enable 64-bit mode for the Sun compiler
+ # +DA*, +DD* enable 64-bit mode for the HP compiler
+ # -q* compiler args for the IBM compiler
+ # -m*, -t[45]*, -txscale* architecture-specific flags for GCC
+ # -F/path path to uninstalled frameworks, gcc on darwin
+ # -p, -pg, --coverage, -fprofile-* profiling flags for GCC
+ # -fstack-protector* stack protector flags for GCC
+ # @file GCC response files
+ # -tp=* Portland pgcc target processor selection
+ # --sysroot=* for sysroot support
+ # -O*, -g*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization
+ # -specs=* GCC specs files
+ # -stdlib=* select c++ std lib with clang
+ # -fsanitize=* Clang/GCC memory and address sanitizer
+ # -fuse-ld=* Linker select flags for GCC
+ # -static-* direct GCC to link specific libraries statically
+ # -fcilkplus Cilk Plus language extension features for C/C++
+ # -Wa,* Pass flags directly to the assembler
+ -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \
+ -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \
+ -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*| \
+ -specs=*|-fsanitize=*|-fuse-ld=*|-static-*|-fcilkplus|-Wa,*)
+ func_quote_arg pretty "$arg"
+ arg=$func_quote_arg_result
+ func_append compile_command " $arg"
+ func_append finalize_command " $arg"
+ func_append compiler_flags " $arg"
+ continue
+ ;;
+
+ -Z*)
+ if test os2 = "`expr $host : '.*\(os2\)'`"; then
+ # OS/2 uses -Zxxx to specify OS/2-specific options
+ compiler_flags="$compiler_flags $arg"
+ func_append compile_command " $arg"
+ func_append finalize_command " $arg"
+ case $arg in
+ -Zlinker | -Zstack)
+ prev=xcompiler
+ ;;
+ esac
+ continue
+ else
+ # Otherwise treat like 'Some other compiler flag' below
+ func_quote_arg pretty "$arg"
+ arg=$func_quote_arg_result
+ fi
+ ;;
+
+ # Some other compiler flag.
+ -* | +*)
+ func_quote_arg pretty "$arg"
+ arg=$func_quote_arg_result
+ ;;
+
+ *.$objext)
+ # A standard object.
+ func_append objs " $arg"
+ ;;
+
+ *.lo)
+ # A libtool-controlled object.
+
+ # Check to see that this really is a libtool object.
+ if func_lalib_unsafe_p "$arg"; then
+ pic_object=
+ non_pic_object=
+
+ # Read the .lo file
+ func_source "$arg"
+
+ if test -z "$pic_object" ||
+ test -z "$non_pic_object" ||
+ test none = "$pic_object" &&
+ test none = "$non_pic_object"; then
+ func_fatal_error "cannot find name of object for '$arg'"
+ fi
+
+ # Extract subdirectory from the argument.
+ func_dirname "$arg" "/" ""
+ xdir=$func_dirname_result
+
+ test none = "$pic_object" || {
+ # Prepend the subdirectory the object is found in.
+ pic_object=$xdir$pic_object
+
+ if test dlfiles = "$prev"; then
+ if test yes = "$build_libtool_libs" && test yes = "$dlopen_support"; then
+ func_append dlfiles " $pic_object"
+ prev=
+ continue
+ else
+ # If libtool objects are unsupported, then we need to preload.
+ prev=dlprefiles
+ fi
+ fi
+
+ # CHECK ME: I think I busted this. -Ossama
+ if test dlprefiles = "$prev"; then
+ # Preload the old-style object.
+ func_append dlprefiles " $pic_object"
+ prev=
+ fi
+
+ # A PIC object.
+ func_append libobjs " $pic_object"
+ arg=$pic_object
+ }
+
+ # Non-PIC object.
+ if test none != "$non_pic_object"; then
+ # Prepend the subdirectory the object is found in.
+ non_pic_object=$xdir$non_pic_object
+
+ # A standard non-PIC object
+ func_append non_pic_objects " $non_pic_object"
+ if test -z "$pic_object" || test none = "$pic_object"; then
+ arg=$non_pic_object
+ fi
+ else
+ # If the PIC object exists, use it instead.
+ # $xdir was prepended to $pic_object above.
+ non_pic_object=$pic_object
+ func_append non_pic_objects " $non_pic_object"
+ fi
+ else
+ # Only an error if not doing a dry-run.
+ if $opt_dry_run; then
+ # Extract subdirectory from the argument.
+ func_dirname "$arg" "/" ""
+ xdir=$func_dirname_result
+
+ func_lo2o "$arg"
+ pic_object=$xdir$objdir/$func_lo2o_result
+ non_pic_object=$xdir$func_lo2o_result
+ func_append libobjs " $pic_object"
+ func_append non_pic_objects " $non_pic_object"
+ else
+ func_fatal_error "'$arg' is not a valid libtool object"
+ fi
+ fi
+ ;;
+
+ *.$libext)
+ # An archive.
+ func_append deplibs " $arg"
+ func_append old_deplibs " $arg"
+ continue
+ ;;
+
+ *.la)
+ # A libtool-controlled library.
+
+ func_resolve_sysroot "$arg"
+ if test dlfiles = "$prev"; then
+ # This library was specified with -dlopen.
+ func_append dlfiles " $func_resolve_sysroot_result"
+ prev=
+ elif test dlprefiles = "$prev"; then
+ # The library was specified with -dlpreopen.
+ func_append dlprefiles " $func_resolve_sysroot_result"
+ prev=
+ else
+ func_append deplibs " $func_resolve_sysroot_result"
+ fi
+ continue
+ ;;
+
+ # Some other compiler argument.
+ *)
+ # Unknown arguments in both finalize_command and compile_command need
+ # to be aesthetically quoted because they are evaled later.
+ func_quote_arg pretty "$arg"
+ arg=$func_quote_arg_result
+ ;;
+ esac # arg
+
+ # Now actually substitute the argument into the commands.
+ if test -n "$arg"; then
+ func_append compile_command " $arg"
+ func_append finalize_command " $arg"
+ fi
+ done # argument parsing loop
+
+ test -n "$prev" && \
+ func_fatal_help "the '$prevarg' option requires an argument"
+
+ if test yes = "$export_dynamic" && test -n "$export_dynamic_flag_spec"; then
+ eval arg=\"$export_dynamic_flag_spec\"
+ func_append compile_command " $arg"
+ func_append finalize_command " $arg"
+ fi
+
+ oldlibs=
+ # calculate the name of the file, without its directory
+ func_basename "$output"
+ outputname=$func_basename_result
+ libobjs_save=$libobjs
+
+ if test -n "$shlibpath_var"; then
+ # get the directories listed in $shlibpath_var
+ eval shlib_search_path=\`\$ECHO \"\$$shlibpath_var\" \| \$SED \'s/:/ /g\'\`
+ else
+ shlib_search_path=
+ fi
+ eval sys_lib_search_path=\"$sys_lib_search_path_spec\"
+ eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\"
+
+ # Definition is injected by LT_CONFIG during libtool generation.
+ func_munge_path_list sys_lib_dlsearch_path "$LT_SYS_LIBRARY_PATH"
+
+ func_dirname "$output" "/" ""
+ output_objdir=$func_dirname_result$objdir
+ func_to_tool_file "$output_objdir/"
+ tool_output_objdir=$func_to_tool_file_result
+ # Create the object directory.
+ func_mkdir_p "$output_objdir"
+
+ # Determine the type of output
+ case $output in
+ "")
+ func_fatal_help "you must specify an output file"
+ ;;
+ *.$libext) linkmode=oldlib ;;
+ *.lo | *.$objext) linkmode=obj ;;
+ *.la) linkmode=lib ;;
+ *) linkmode=prog ;; # Anything else should be a program.
+ esac
+
+ specialdeplibs=
+
+ libs=
+ # Find all interdependent deplibs by searching for libraries
+ # that are linked more than once (e.g. -la -lb -la)
+ for deplib in $deplibs; do
+ if $opt_preserve_dup_deps; then
+ case "$libs " in
+ *" $deplib "*) func_append specialdeplibs " $deplib" ;;
+ esac
+ fi
+ func_append libs " $deplib"
+ done
+
+ if test lib = "$linkmode"; then
+ libs="$predeps $libs $compiler_lib_search_path $postdeps"
+
+ # Compute libraries that are listed more than once in $predeps
+ # $postdeps and mark them as special (i.e., whose duplicates are
+ # not to be eliminated).
+ pre_post_deps=
+ if $opt_duplicate_compiler_generated_deps; then
+ for pre_post_dep in $predeps $postdeps; do
+ case "$pre_post_deps " in
+ *" $pre_post_dep "*) func_append specialdeplibs " $pre_post_deps" ;;
+ esac
+ func_append pre_post_deps " $pre_post_dep"
+ done
+ fi
+ pre_post_deps=
+ fi
+
+ deplibs=
+ newdependency_libs=
+ newlib_search_path=
+ need_relink=no # whether we're linking any uninstalled libtool libraries
+ notinst_deplibs= # not-installed libtool libraries
+ notinst_path= # paths that contain not-installed libtool libraries
+
+ case $linkmode in
+ lib)
+ passes="conv dlpreopen link"
+ for file in $dlfiles $dlprefiles; do
+ case $file in
+ *.la) ;;
+ *)
+ func_fatal_help "libraries can '-dlopen' only libtool libraries: $file"
+ ;;
+ esac
+ done
+ ;;
+ prog)
+ compile_deplibs=
+ finalize_deplibs=
+ alldeplibs=false
+ newdlfiles=
+ newdlprefiles=
+ passes="conv scan dlopen dlpreopen link"
+ ;;
+ *) passes="conv"
+ ;;
+ esac
+
+ for pass in $passes; do
+ # The preopen pass in lib mode reverses $deplibs; put it back here
+ # so that -L comes before libs that need it for instance...
+ if test lib,link = "$linkmode,$pass"; then
+ ## FIXME: Find the place where the list is rebuilt in the wrong
+ ## order, and fix it there properly
+ tmp_deplibs=
+ for deplib in $deplibs; do
+ tmp_deplibs="$deplib $tmp_deplibs"
+ done
+ deplibs=$tmp_deplibs
+ fi
+
+ if test lib,link = "$linkmode,$pass" ||
+ test prog,scan = "$linkmode,$pass"; then
+ libs=$deplibs
+ deplibs=
+ fi
+ if test prog = "$linkmode"; then
+ case $pass in
+ dlopen) libs=$dlfiles ;;
+ dlpreopen) libs=$dlprefiles ;;
+ link)
+ libs="$deplibs %DEPLIBS%"
+ test "X$link_all_deplibs" != Xno && libs="$libs $dependency_libs"
+ ;;
+ esac
+ fi
+ if test lib,dlpreopen = "$linkmode,$pass"; then
+ # Collect and forward deplibs of preopened libtool libs
+ for lib in $dlprefiles; do
+ # Ignore non-libtool-libs
+ dependency_libs=
+ func_resolve_sysroot "$lib"
+ case $lib in
+ *.la) func_source "$func_resolve_sysroot_result" ;;
+ esac
+
+ # Collect preopened libtool deplibs, except any this library
+ # has declared as weak libs
+ for deplib in $dependency_libs; do
+ func_basename "$deplib"
+ deplib_base=$func_basename_result
+ case " $weak_libs " in
+ *" $deplib_base "*) ;;
+ *) func_append deplibs " $deplib" ;;
+ esac
+ done
+ done
+ libs=$dlprefiles
+ fi
+ if test dlopen = "$pass"; then
+ # Collect dlpreopened libraries
+ save_deplibs=$deplibs
+ deplibs=
+ fi
+
+ for deplib in $libs; do
+ lib=
+ found=false
+ case $deplib in
+ -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \
+ |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*)
+ if test prog,link = "$linkmode,$pass"; then
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ else
+ func_append compiler_flags " $deplib"
+ if test lib = "$linkmode"; then
+ case "$new_inherited_linker_flags " in
+ *" $deplib "*) ;;
+ * ) func_append new_inherited_linker_flags " $deplib" ;;
+ esac
+ fi
+ fi
+ continue
+ ;;
+ -l*)
+ if test lib != "$linkmode" && test prog != "$linkmode"; then
+ func_warning "'-l' is ignored for archives/objects"
+ continue
+ fi
+ func_stripname '-l' '' "$deplib"
+ name=$func_stripname_result
+ if test lib = "$linkmode"; then
+ searchdirs="$newlib_search_path $lib_search_path $compiler_lib_search_dirs $sys_lib_search_path $shlib_search_path"
+ else
+ searchdirs="$newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path"
+ fi
+ for searchdir in $searchdirs; do
+ for search_ext in .la $std_shrext .so .a; do
+ # Search the libtool library
+ lib=$searchdir/lib$name$search_ext
+ if test -f "$lib"; then
+ if test .la = "$search_ext"; then
+ found=:
+ else
+ found=false
+ fi
+ break 2
+ fi
+ done
+ done
+ if $found; then
+ # deplib is a libtool library
+ # If $allow_libtool_libs_with_static_runtimes && $deplib is a stdlib,
+ # We need to do some special things here, and not later.
+ if test yes = "$allow_libtool_libs_with_static_runtimes"; then
+ case " $predeps $postdeps " in
+ *" $deplib "*)
+ if func_lalib_p "$lib"; then
+ library_names=
+ old_library=
+ func_source "$lib"
+ for l in $old_library $library_names; do
+ ll=$l
+ done
+ if test "X$ll" = "X$old_library"; then # only static version available
+ found=false
+ func_dirname "$lib" "" "."
+ ladir=$func_dirname_result
+ lib=$ladir/$old_library
+ if test prog,link = "$linkmode,$pass"; then
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ else
+ deplibs="$deplib $deplibs"
+ test lib = "$linkmode" && newdependency_libs="$deplib $newdependency_libs"
+ fi
+ continue
+ fi
+ fi
+ ;;
+ *) ;;
+ esac
+ fi
+ else
+ # deplib doesn't seem to be a libtool library
+ if test prog,link = "$linkmode,$pass"; then
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ else
+ deplibs="$deplib $deplibs"
+ test lib = "$linkmode" && newdependency_libs="$deplib $newdependency_libs"
+ fi
+ continue
+ fi
+ ;; # -l
+ *.ltframework)
+ if test prog,link = "$linkmode,$pass"; then
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ else
+ deplibs="$deplib $deplibs"
+ if test lib = "$linkmode"; then
+ case "$new_inherited_linker_flags " in
+ *" $deplib "*) ;;
+ * ) func_append new_inherited_linker_flags " $deplib" ;;
+ esac
+ fi
+ fi
+ continue
+ ;;
+ -L*)
+ case $linkmode in
+ lib)
+ deplibs="$deplib $deplibs"
+ test conv = "$pass" && continue
+ newdependency_libs="$deplib $newdependency_libs"
+ func_stripname '-L' '' "$deplib"
+ func_resolve_sysroot "$func_stripname_result"
+ func_append newlib_search_path " $func_resolve_sysroot_result"
+ ;;
+ prog)
+ if test conv = "$pass"; then
+ deplibs="$deplib $deplibs"
+ continue
+ fi
+ if test scan = "$pass"; then
+ deplibs="$deplib $deplibs"
+ else
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ fi
+ func_stripname '-L' '' "$deplib"
+ func_resolve_sysroot "$func_stripname_result"
+ func_append newlib_search_path " $func_resolve_sysroot_result"
+ ;;
+ *)
+ func_warning "'-L' is ignored for archives/objects"
+ ;;
+ esac # linkmode
+ continue
+ ;; # -L
+ -R*)
+ if test link = "$pass"; then
+ func_stripname '-R' '' "$deplib"
+ func_resolve_sysroot "$func_stripname_result"
+ dir=$func_resolve_sysroot_result
+ # Make sure the xrpath contains only unique directories.
+ case "$xrpath " in
+ *" $dir "*) ;;
+ *) func_append xrpath " $dir" ;;
+ esac
+ fi
+ deplibs="$deplib $deplibs"
+ continue
+ ;;
+ *.la)
+ func_resolve_sysroot "$deplib"
+ lib=$func_resolve_sysroot_result
+ ;;
+ *.$libext)
+ if test conv = "$pass"; then
+ deplibs="$deplib $deplibs"
+ continue
+ fi
+ case $linkmode in
+ lib)
+ # Linking convenience modules into shared libraries is allowed,
+ # but linking other static libraries is non-portable.
+ case " $dlpreconveniencelibs " in
+ *" $deplib "*) ;;
+ *)
+ valid_a_lib=false
+ case $deplibs_check_method in
+ match_pattern*)
+ set dummy $deplibs_check_method; shift
+ match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"`
+ if eval "\$ECHO \"$deplib\"" 2>/dev/null | $SED 10q \
+ | $EGREP "$match_pattern_regex" > /dev/null; then
+ valid_a_lib=:
+ fi
+ ;;
+ pass_all)
+ valid_a_lib=:
+ ;;
+ esac
+ if $valid_a_lib; then
+ echo
+ $ECHO "*** Warning: Linking the shared library $output against the"
+ $ECHO "*** static library $deplib is not portable!"
+ deplibs="$deplib $deplibs"
+ else
+ echo
+ $ECHO "*** Warning: Trying to link with static lib archive $deplib."
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which you do not appear to have"
+ echo "*** because the file extensions .$libext of this argument makes me believe"
+ echo "*** that it is just a static archive that I should not use here."
+ fi
+ ;;
+ esac
+ continue
+ ;;
+ prog)
+ if test link != "$pass"; then
+ deplibs="$deplib $deplibs"
+ else
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ fi
+ continue
+ ;;
+ esac # linkmode
+ ;; # *.$libext
+ *.lo | *.$objext)
+ if test conv = "$pass"; then
+ deplibs="$deplib $deplibs"
+ elif test prog = "$linkmode"; then
+ if test dlpreopen = "$pass" || test yes != "$dlopen_support" || test no = "$build_libtool_libs"; then
+ # If there is no dlopen support or we're linking statically,
+ # we need to preload.
+ func_append newdlprefiles " $deplib"
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ else
+ func_append newdlfiles " $deplib"
+ fi
+ fi
+ continue
+ ;;
+ %DEPLIBS%)
+ alldeplibs=:
+ continue
+ ;;
+ esac # case $deplib
+
+ $found || test -f "$lib" \
+ || func_fatal_error "cannot find the library '$lib' or unhandled argument '$deplib'"
+
+ # Check to see that this really is a libtool archive.
+ func_lalib_unsafe_p "$lib" \
+ || func_fatal_error "'$lib' is not a valid libtool archive"
+
+ func_dirname "$lib" "" "."
+ ladir=$func_dirname_result
+
+ dlname=
+ dlopen=
+ dlpreopen=
+ libdir=
+ library_names=
+ old_library=
+ inherited_linker_flags=
+ # If the library was installed with an old release of libtool,
+ # it will not redefine variables installed, or shouldnotlink
+ installed=yes
+ shouldnotlink=no
+ avoidtemprpath=
+
+
+ # Read the .la file
+ func_source "$lib"
+
+ # Convert "-framework foo" to "foo.ltframework"
+ if test -n "$inherited_linker_flags"; then
+ tmp_inherited_linker_flags=`$ECHO "$inherited_linker_flags" | $SED 's/-framework \([^ $]*\)/\1.ltframework/g'`
+ for tmp_inherited_linker_flag in $tmp_inherited_linker_flags; do
+ case " $new_inherited_linker_flags " in
+ *" $tmp_inherited_linker_flag "*) ;;
+ *) func_append new_inherited_linker_flags " $tmp_inherited_linker_flag";;
+ esac
+ done
+ fi
+ dependency_libs=`$ECHO " $dependency_libs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+ if test lib,link = "$linkmode,$pass" ||
+ test prog,scan = "$linkmode,$pass" ||
+ { test prog != "$linkmode" && test lib != "$linkmode"; }; then
+ test -n "$dlopen" && func_append dlfiles " $dlopen"
+ test -n "$dlpreopen" && func_append dlprefiles " $dlpreopen"
+ fi
+
+ if test conv = "$pass"; then
+ # Only check for convenience libraries
+ deplibs="$lib $deplibs"
+ if test -z "$libdir"; then
+ if test -z "$old_library"; then
+ func_fatal_error "cannot find name of link library for '$lib'"
+ fi
+ # It is a libtool convenience library, so add in its objects.
+ func_append convenience " $ladir/$objdir/$old_library"
+ func_append old_convenience " $ladir/$objdir/$old_library"
+ tmp_libs=
+ for deplib in $dependency_libs; do
+ deplibs="$deplib $deplibs"
+ if $opt_preserve_dup_deps; then
+ case "$tmp_libs " in
+ *" $deplib "*) func_append specialdeplibs " $deplib" ;;
+ esac
+ fi
+ func_append tmp_libs " $deplib"
+ done
+ elif test prog != "$linkmode" && test lib != "$linkmode"; then
+ func_fatal_error "'$lib' is not a convenience library"
+ fi
+ continue
+ fi # $pass = conv
+
+
+ # Get the name of the library we link against.
+ linklib=
+ if test -n "$old_library" &&
+ { test yes = "$prefer_static_libs" ||
+ test built,no = "$prefer_static_libs,$installed"; }; then
+ linklib=$old_library
+ else
+ for l in $old_library $library_names; do
+ linklib=$l
+ done
+ fi
+ if test -z "$linklib"; then
+ func_fatal_error "cannot find name of link library for '$lib'"
+ fi
+
+ # This library was specified with -dlopen.
+ if test dlopen = "$pass"; then
+ test -z "$libdir" \
+ && func_fatal_error "cannot -dlopen a convenience library: '$lib'"
+ if test -z "$dlname" ||
+ test yes != "$dlopen_support" ||
+ test no = "$build_libtool_libs"
+ then
+ # If there is no dlname, no dlopen support or we're linking
+ # statically, we need to preload. We also need to preload any
+ # dependent libraries so libltdl's deplib preloader doesn't
+ # bomb out in the load deplibs phase.
+ func_append dlprefiles " $lib $dependency_libs"
+ else
+ func_append newdlfiles " $lib"
+ fi
+ continue
+ fi # $pass = dlopen
+
+ # We need an absolute path.
+ case $ladir in
+ [\\/]* | [A-Za-z]:[\\/]*) abs_ladir=$ladir ;;
+ *)
+ abs_ladir=`cd "$ladir" && pwd`
+ if test -z "$abs_ladir"; then
+ func_warning "cannot determine absolute directory name of '$ladir'"
+ func_warning "passing it literally to the linker, although it might fail"
+ abs_ladir=$ladir
+ fi
+ ;;
+ esac
+ func_basename "$lib"
+ laname=$func_basename_result
+
+ # Find the relevant object directory and library name.
+ if test yes = "$installed"; then
+ if test ! -f "$lt_sysroot$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then
+ func_warning "library '$lib' was moved."
+ dir=$ladir
+ absdir=$abs_ladir
+ libdir=$abs_ladir
+ else
+ dir=$lt_sysroot$libdir
+ absdir=$lt_sysroot$libdir
+ fi
+ test yes = "$hardcode_automatic" && avoidtemprpath=yes
+ else
+ if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then
+ dir=$ladir
+ absdir=$abs_ladir
+ # Remove this search path later
+ func_append notinst_path " $abs_ladir"
+ else
+ dir=$ladir/$objdir
+ absdir=$abs_ladir/$objdir
+ # Remove this search path later
+ func_append notinst_path " $abs_ladir"
+ fi
+ fi # $installed = yes
+ func_stripname 'lib' '.la' "$laname"
+ name=$func_stripname_result
+
+ # This library was specified with -dlpreopen.
+ if test dlpreopen = "$pass"; then
+ if test -z "$libdir" && test prog = "$linkmode"; then
+ func_fatal_error "only libraries may -dlpreopen a convenience library: '$lib'"
+ fi
+ case $host in
+ # special handling for platforms with PE-DLLs.
+ *cygwin* | *mingw* | *cegcc* )
+ # Linker will automatically link against shared library if both
+ # static and shared are present. Therefore, ensure we extract
+ # symbols from the import library if a shared library is present
+ # (otherwise, the dlopen module name will be incorrect). We do
+ # this by putting the import library name into $newdlprefiles.
+ # We recover the dlopen module name by 'saving' the la file
+ # name in a special purpose variable, and (later) extracting the
+ # dlname from the la file.
+ if test -n "$dlname"; then
+ func_tr_sh "$dir/$linklib"
+ eval "libfile_$func_tr_sh_result=\$abs_ladir/\$laname"
+ func_append newdlprefiles " $dir/$linklib"
+ else
+ func_append newdlprefiles " $dir/$old_library"
+ # Keep a list of preopened convenience libraries to check
+ # that they are being used correctly in the link pass.
+ test -z "$libdir" && \
+ func_append dlpreconveniencelibs " $dir/$old_library"
+ fi
+ ;;
+ * )
+ # Prefer using a static library (so that no silly _DYNAMIC symbols
+ # are required to link).
+ if test -n "$old_library"; then
+ func_append newdlprefiles " $dir/$old_library"
+ # Keep a list of preopened convenience libraries to check
+ # that they are being used correctly in the link pass.
+ test -z "$libdir" && \
+ func_append dlpreconveniencelibs " $dir/$old_library"
+ # Otherwise, use the dlname, so that lt_dlopen finds it.
+ elif test -n "$dlname"; then
+ func_append newdlprefiles " $dir/$dlname"
+ else
+ func_append newdlprefiles " $dir/$linklib"
+ fi
+ ;;
+ esac
+ fi # $pass = dlpreopen
+
+ if test -z "$libdir"; then
+ # Link the convenience library
+ if test lib = "$linkmode"; then
+ deplibs="$dir/$old_library $deplibs"
+ elif test prog,link = "$linkmode,$pass"; then
+ compile_deplibs="$dir/$old_library $compile_deplibs"
+ finalize_deplibs="$dir/$old_library $finalize_deplibs"
+ else
+ deplibs="$lib $deplibs" # used for prog,scan pass
+ fi
+ continue
+ fi
+
+
+ if test prog = "$linkmode" && test link != "$pass"; then
+ func_append newlib_search_path " $ladir"
+ deplibs="$lib $deplibs"
+
+ linkalldeplibs=false
+ if test no != "$link_all_deplibs" || test -z "$library_names" ||
+ test no = "$build_libtool_libs"; then
+ linkalldeplibs=:
+ fi
+
+ tmp_libs=
+ for deplib in $dependency_libs; do
+ case $deplib in
+ -L*) func_stripname '-L' '' "$deplib"
+ func_resolve_sysroot "$func_stripname_result"
+ func_append newlib_search_path " $func_resolve_sysroot_result"
+ ;;
+ esac
+ # Need to link against all dependency_libs?
+ if $linkalldeplibs; then
+ deplibs="$deplib $deplibs"
+ else
+ # Need to hardcode shared library paths
+ # or/and link against static libraries
+ newdependency_libs="$deplib $newdependency_libs"
+ fi
+ if $opt_preserve_dup_deps; then
+ case "$tmp_libs " in
+ *" $deplib "*) func_append specialdeplibs " $deplib" ;;
+ esac
+ fi
+ func_append tmp_libs " $deplib"
+ done # for deplib
+ continue
+ fi # $linkmode = prog...
+
+ if test prog,link = "$linkmode,$pass"; then
+ if test -n "$library_names" &&
+ { { test no = "$prefer_static_libs" ||
+ test built,yes = "$prefer_static_libs,$installed"; } ||
+ test -z "$old_library"; }; then
+ # We need to hardcode the library path
+ if test -n "$shlibpath_var" && test -z "$avoidtemprpath"; then
+ # Make sure the rpath contains only unique directories.
+ case $temp_rpath: in
+ *"$absdir:"*) ;;
+ *) func_append temp_rpath "$absdir:" ;;
+ esac
+ fi
+
+ # Hardcode the library path.
+ # Skip directories that are in the system default run-time
+ # search path.
+ case " $sys_lib_dlsearch_path " in
+ *" $absdir "*) ;;
+ *)
+ case "$compile_rpath " in
+ *" $absdir "*) ;;
+ *) func_append compile_rpath " $absdir" ;;
+ esac
+ ;;
+ esac
+ case " $sys_lib_dlsearch_path " in
+ *" $libdir "*) ;;
+ *)
+ case "$finalize_rpath " in
+ *" $libdir "*) ;;
+ *) func_append finalize_rpath " $libdir" ;;
+ esac
+ ;;
+ esac
+ fi # $linkmode,$pass = prog,link...
+
+ if $alldeplibs &&
+ { test pass_all = "$deplibs_check_method" ||
+ { test yes = "$build_libtool_libs" &&
+ test -n "$library_names"; }; }; then
+ # We only need to search for static libraries
+ continue
+ fi
+ fi
+
+ link_static=no # Whether the deplib will be linked statically
+ use_static_libs=$prefer_static_libs
+ if test built = "$use_static_libs" && test yes = "$installed"; then
+ use_static_libs=no
+ fi
+ if test -n "$library_names" &&
+ { test no = "$use_static_libs" || test -z "$old_library"; }; then
+ case $host in
+ *cygwin* | *mingw* | *cegcc* | *os2*)
+ # No point in relinking DLLs because paths are not encoded
+ func_append notinst_deplibs " $lib"
+ need_relink=no
+ ;;
+ *)
+ if test no = "$installed"; then
+ func_append notinst_deplibs " $lib"
+ need_relink=yes
+ fi
+ ;;
+ esac
+ # This is a shared library
+
+ # Warn about portability, can't link against -module's on some
+ # systems (darwin). Don't bleat about dlopened modules though!
+ dlopenmodule=
+ for dlpremoduletest in $dlprefiles; do
+ if test "X$dlpremoduletest" = "X$lib"; then
+ dlopenmodule=$dlpremoduletest
+ break
+ fi
+ done
+ if test -z "$dlopenmodule" && test yes = "$shouldnotlink" && test link = "$pass"; then
+ echo
+ if test prog = "$linkmode"; then
+ $ECHO "*** Warning: Linking the executable $output against the loadable module"
+ else
+ $ECHO "*** Warning: Linking the shared library $output against the loadable module"
+ fi
+ $ECHO "*** $linklib is not portable!"
+ fi
+ if test lib = "$linkmode" &&
+ test yes = "$hardcode_into_libs"; then
+ # Hardcode the library path.
+ # Skip directories that are in the system default run-time
+ # search path.
+ case " $sys_lib_dlsearch_path " in
+ *" $absdir "*) ;;
+ *)
+ case "$compile_rpath " in
+ *" $absdir "*) ;;
+ *) func_append compile_rpath " $absdir" ;;
+ esac
+ ;;
+ esac
+ case " $sys_lib_dlsearch_path " in
+ *" $libdir "*) ;;
+ *)
+ case "$finalize_rpath " in
+ *" $libdir "*) ;;
+ *) func_append finalize_rpath " $libdir" ;;
+ esac
+ ;;
+ esac
+ fi
+
+ if test -n "$old_archive_from_expsyms_cmds"; then
+ # figure out the soname
+ set dummy $library_names
+ shift
+ realname=$1
+ shift
+ libname=`eval "\\$ECHO \"$libname_spec\""`
+ # use dlname if we got it. it's perfectly good, no?
+ if test -n "$dlname"; then
+ soname=$dlname
+ elif test -n "$soname_spec"; then
+ # bleh windows
+ case $host in
+ *cygwin* | mingw* | *cegcc* | *os2*)
+ func_arith $current - $age
+ major=$func_arith_result
+ versuffix=-$major
+ ;;
+ esac
+ eval soname=\"$soname_spec\"
+ else
+ soname=$realname
+ fi
+
+ # Make a new name for the extract_expsyms_cmds to use
+ soroot=$soname
+ func_basename "$soroot"
+ soname=$func_basename_result
+ func_stripname 'lib' '.dll' "$soname"
+ newlib=libimp-$func_stripname_result.a
+
+ # If the library has no export list, then create one now
+ if test -f "$output_objdir/$soname-def"; then :
+ else
+ func_verbose "extracting exported symbol list from '$soname'"
+ func_execute_cmds "$extract_expsyms_cmds" 'exit $?'
+ fi
+
+ # Create $newlib
+ if test -f "$output_objdir/$newlib"; then :; else
+ func_verbose "generating import library for '$soname'"
+ func_execute_cmds "$old_archive_from_expsyms_cmds" 'exit $?'
+ fi
+ # make sure the library variables are pointing to the new library
+ dir=$output_objdir
+ linklib=$newlib
+ fi # test -n "$old_archive_from_expsyms_cmds"
+
+ if test prog = "$linkmode" || test relink != "$opt_mode"; then
+ add_shlibpath=
+ add_dir=
+ add=
+ lib_linked=yes
+ case $hardcode_action in
+ immediate | unsupported)
+ if test no = "$hardcode_direct"; then
+ add=$dir/$linklib
+ case $host in
+ *-*-sco3.2v5.0.[024]*) add_dir=-L$dir ;;
+ *-*-sysv4*uw2*) add_dir=-L$dir ;;
+ *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \
+ *-*-unixware7*) add_dir=-L$dir ;;
+ *-*-darwin* )
+ # if the lib is a (non-dlopened) module then we cannot
+ # link against it, someone is ignoring the earlier warnings
+ if /usr/bin/file -L $add 2> /dev/null |
+ $GREP ": [^:]* bundle" >/dev/null; then
+ if test "X$dlopenmodule" != "X$lib"; then
+ $ECHO "*** Warning: lib $linklib is a module, not a shared library"
+ if test -z "$old_library"; then
+ echo
+ echo "*** And there doesn't seem to be a static archive available"
+ echo "*** The link will probably fail, sorry"
+ else
+ add=$dir/$old_library
+ fi
+ elif test -n "$old_library"; then
+ add=$dir/$old_library
+ fi
+ fi
+ esac
+ elif test no = "$hardcode_minus_L"; then
+ case $host in
+ *-*-sunos*) add_shlibpath=$dir ;;
+ esac
+ add_dir=-L$dir
+ add=-l$name
+ elif test no = "$hardcode_shlibpath_var"; then
+ add_shlibpath=$dir
+ add=-l$name
+ else
+ lib_linked=no
+ fi
+ ;;
+ relink)
+ if test yes = "$hardcode_direct" &&
+ test no = "$hardcode_direct_absolute"; then
+ add=$dir/$linklib
+ elif test yes = "$hardcode_minus_L"; then
+ add_dir=-L$absdir
+ # Try looking first in the location we're being installed to.
+ if test -n "$inst_prefix_dir"; then
+ case $libdir in
+ [\\/]*)
+ func_append add_dir " -L$inst_prefix_dir$libdir"
+ ;;
+ esac
+ fi
+ add=-l$name
+ elif test yes = "$hardcode_shlibpath_var"; then
+ add_shlibpath=$dir
+ add=-l$name
+ else
+ lib_linked=no
+ fi
+ ;;
+ *) lib_linked=no ;;
+ esac
+
+ if test yes != "$lib_linked"; then
+ func_fatal_configuration "unsupported hardcode properties"
+ fi
+
+ if test -n "$add_shlibpath"; then
+ case :$compile_shlibpath: in
+ *":$add_shlibpath:"*) ;;
+ *) func_append compile_shlibpath "$add_shlibpath:" ;;
+ esac
+ fi
+ if test prog = "$linkmode"; then
+ test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs"
+ test -n "$add" && compile_deplibs="$add $compile_deplibs"
+ else
+ test -n "$add_dir" && deplibs="$add_dir $deplibs"
+ test -n "$add" && deplibs="$add $deplibs"
+ if test yes != "$hardcode_direct" &&
+ test yes != "$hardcode_minus_L" &&
+ test yes = "$hardcode_shlibpath_var"; then
+ case :$finalize_shlibpath: in
+ *":$libdir:"*) ;;
+ *) func_append finalize_shlibpath "$libdir:" ;;
+ esac
+ fi
+ fi
+ fi
+
+ if test prog = "$linkmode" || test relink = "$opt_mode"; then
+ add_shlibpath=
+ add_dir=
+ add=
+ # Finalize command for both is simple: just hardcode it.
+ if test yes = "$hardcode_direct" &&
+ test no = "$hardcode_direct_absolute"; then
+ add=$libdir/$linklib
+ elif test yes = "$hardcode_minus_L"; then
+ add_dir=-L$libdir
+ add=-l$name
+ elif test yes = "$hardcode_shlibpath_var"; then
+ case :$finalize_shlibpath: in
+ *":$libdir:"*) ;;
+ *) func_append finalize_shlibpath "$libdir:" ;;
+ esac
+ add=-l$name
+ elif test yes = "$hardcode_automatic"; then
+ if test -n "$inst_prefix_dir" &&
+ test -f "$inst_prefix_dir$libdir/$linklib"; then
+ add=$inst_prefix_dir$libdir/$linklib
+ else
+ add=$libdir/$linklib
+ fi
+ else
+ # We cannot seem to hardcode it, guess we'll fake it.
+ add_dir=-L$libdir
+ # Try looking first in the location we're being installed to.
+ if test -n "$inst_prefix_dir"; then
+ case $libdir in
+ [\\/]*)
+ func_append add_dir " -L$inst_prefix_dir$libdir"
+ ;;
+ esac
+ fi
+ add=-l$name
+ fi
+
+ if test prog = "$linkmode"; then
+ test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs"
+ test -n "$add" && finalize_deplibs="$add $finalize_deplibs"
+ else
+ test -n "$add_dir" && deplibs="$add_dir $deplibs"
+ test -n "$add" && deplibs="$add $deplibs"
+ fi
+ fi
+ elif test prog = "$linkmode"; then
+ # Here we assume that one of hardcode_direct or hardcode_minus_L
+ # is not unsupported. This is valid on all known static and
+ # shared platforms.
+ if test unsupported != "$hardcode_direct"; then
+ test -n "$old_library" && linklib=$old_library
+ compile_deplibs="$dir/$linklib $compile_deplibs"
+ finalize_deplibs="$dir/$linklib $finalize_deplibs"
+ else
+ compile_deplibs="-l$name -L$dir $compile_deplibs"
+ finalize_deplibs="-l$name -L$dir $finalize_deplibs"
+ fi
+ elif test yes = "$build_libtool_libs"; then
+ # Not a shared library
+ if test pass_all != "$deplibs_check_method"; then
+ # We're trying link a shared library against a static one
+ # but the system doesn't support it.
+
+ # Just print a warning and add the library to dependency_libs so
+ # that the program can be linked against the static library.
+ echo
+ $ECHO "*** Warning: This system cannot link to static lib archive $lib."
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which you do not appear to have."
+ if test yes = "$module"; then
+ echo "*** But as you try to build a module library, libtool will still create "
+ echo "*** a static module, that should work as long as the dlopening application"
+ echo "*** is linked with the -dlopen flag to resolve symbols at runtime."
+ if test -z "$global_symbol_pipe"; then
+ echo
+ echo "*** However, this would only work if libtool was able to extract symbol"
+ echo "*** lists from a program, using 'nm' or equivalent, but libtool could"
+ echo "*** not find such a program. So, this module is probably useless."
+ echo "*** 'nm' from GNU binutils and a full rebuild may help."
+ fi
+ if test no = "$build_old_libs"; then
+ build_libtool_libs=module
+ build_old_libs=yes
+ else
+ build_libtool_libs=no
+ fi
+ fi
+ else
+ deplibs="$dir/$old_library $deplibs"
+ link_static=yes
+ fi
+ fi # link shared/static library?
+
+ if test lib = "$linkmode"; then
+ if test -n "$dependency_libs" &&
+ { test yes != "$hardcode_into_libs" ||
+ test yes = "$build_old_libs" ||
+ test yes = "$link_static"; }; then
+ # Extract -R from dependency_libs
+ temp_deplibs=
+ for libdir in $dependency_libs; do
+ case $libdir in
+ -R*) func_stripname '-R' '' "$libdir"
+ temp_xrpath=$func_stripname_result
+ case " $xrpath " in
+ *" $temp_xrpath "*) ;;
+ *) func_append xrpath " $temp_xrpath";;
+ esac;;
+ *) func_append temp_deplibs " $libdir";;
+ esac
+ done
+ dependency_libs=$temp_deplibs
+ fi
+
+ func_append newlib_search_path " $absdir"
+ # Link against this library
+ test no = "$link_static" && newdependency_libs="$abs_ladir/$laname $newdependency_libs"
+ # ... and its dependency_libs
+ tmp_libs=
+ for deplib in $dependency_libs; do
+ newdependency_libs="$deplib $newdependency_libs"
+ case $deplib in
+ -L*) func_stripname '-L' '' "$deplib"
+ func_resolve_sysroot "$func_stripname_result";;
+ *) func_resolve_sysroot "$deplib" ;;
+ esac
+ if $opt_preserve_dup_deps; then
+ case "$tmp_libs " in
+ *" $func_resolve_sysroot_result "*)
+ func_append specialdeplibs " $func_resolve_sysroot_result" ;;
+ esac
+ fi
+ func_append tmp_libs " $func_resolve_sysroot_result"
+ done
+
+ if test no != "$link_all_deplibs"; then
+ # Add the search paths of all dependency libraries
+ for deplib in $dependency_libs; do
+ path=
+ case $deplib in
+ -L*) path=$deplib ;;
+ *.la)
+ func_resolve_sysroot "$deplib"
+ deplib=$func_resolve_sysroot_result
+ func_dirname "$deplib" "" "."
+ dir=$func_dirname_result
+ # We need an absolute path.
+ case $dir in
+ [\\/]* | [A-Za-z]:[\\/]*) absdir=$dir ;;
+ *)
+ absdir=`cd "$dir" && pwd`
+ if test -z "$absdir"; then
+ func_warning "cannot determine absolute directory name of '$dir'"
+ absdir=$dir
+ fi
+ ;;
+ esac
+ if $GREP "^installed=no" $deplib > /dev/null; then
+ case $host in
+ *-*-darwin*)
+ depdepl=
+ eval deplibrary_names=`$SED -n -e 's/^library_names=\(.*\)$/\1/p' $deplib`
+ if test -n "$deplibrary_names"; then
+ for tmp in $deplibrary_names; do
+ depdepl=$tmp
+ done
+ if test -f "$absdir/$objdir/$depdepl"; then
+ depdepl=$absdir/$objdir/$depdepl
+ darwin_install_name=`$OTOOL -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'`
+ if test -z "$darwin_install_name"; then
+ darwin_install_name=`$OTOOL64 -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'`
+ fi
+ func_append compiler_flags " $wl-dylib_file $wl$darwin_install_name:$depdepl"
+ func_append linker_flags " -dylib_file $darwin_install_name:$depdepl"
+ path=
+ fi
+ fi
+ ;;
+ *)
+ path=-L$absdir/$objdir
+ ;;
+ esac
+ else
+ eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $deplib`
+ test -z "$libdir" && \
+ func_fatal_error "'$deplib' is not a valid libtool archive"
+ test "$absdir" != "$libdir" && \
+ func_warning "'$deplib' seems to be moved"
+
+ path=-L$absdir
+ fi
+ ;;
+ esac
+ case " $deplibs " in
+ *" $path "*) ;;
+ *) deplibs="$path $deplibs" ;;
+ esac
+ done
+ fi # link_all_deplibs != no
+ fi # linkmode = lib
+ done # for deplib in $libs
+ if test link = "$pass"; then
+ if test prog = "$linkmode"; then
+ compile_deplibs="$new_inherited_linker_flags $compile_deplibs"
+ finalize_deplibs="$new_inherited_linker_flags $finalize_deplibs"
+ else
+ compiler_flags="$compiler_flags "`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+ fi
+ fi
+ dependency_libs=$newdependency_libs
+ if test dlpreopen = "$pass"; then
+ # Link the dlpreopened libraries before other libraries
+ for deplib in $save_deplibs; do
+ deplibs="$deplib $deplibs"
+ done
+ fi
+ if test dlopen != "$pass"; then
+ test conv = "$pass" || {
+ # Make sure lib_search_path contains only unique directories.
+ lib_search_path=
+ for dir in $newlib_search_path; do
+ case "$lib_search_path " in
+ *" $dir "*) ;;
+ *) func_append lib_search_path " $dir" ;;
+ esac
+ done
+ newlib_search_path=
+ }
+
+ if test prog,link = "$linkmode,$pass"; then
+ vars="compile_deplibs finalize_deplibs"
+ else
+ vars=deplibs
+ fi
+ for var in $vars dependency_libs; do
+ # Add libraries to $var in reverse order
+ eval tmp_libs=\"\$$var\"
+ new_libs=
+ for deplib in $tmp_libs; do
+ # FIXME: Pedantically, this is the right thing to do, so
+ # that some nasty dependency loop isn't accidentally
+ # broken:
+ #new_libs="$deplib $new_libs"
+ # Pragmatically, this seems to cause very few problems in
+ # practice:
+ case $deplib in
+ -L*) new_libs="$deplib $new_libs" ;;
+ -R*) ;;
+ *)
+ # And here is the reason: when a library appears more
+ # than once as an explicit dependence of a library, or
+ # is implicitly linked in more than once by the
+ # compiler, it is considered special, and multiple
+ # occurrences thereof are not removed. Compare this
+ # with having the same library being listed as a
+ # dependency of multiple other libraries: in this case,
+ # we know (pedantically, we assume) the library does not
+ # need to be listed more than once, so we keep only the
+ # last copy. This is not always right, but it is rare
+ # enough that we require users that really mean to play
+ # such unportable linking tricks to link the library
+ # using -Wl,-lname, so that libtool does not consider it
+ # for duplicate removal.
+ case " $specialdeplibs " in
+ *" $deplib "*) new_libs="$deplib $new_libs" ;;
+ *)
+ case " $new_libs " in
+ *" $deplib "*) ;;
+ *) new_libs="$deplib $new_libs" ;;
+ esac
+ ;;
+ esac
+ ;;
+ esac
+ done
+ tmp_libs=
+ for deplib in $new_libs; do
+ case $deplib in
+ -L*)
+ case " $tmp_libs " in
+ *" $deplib "*) ;;
+ *) func_append tmp_libs " $deplib" ;;
+ esac
+ ;;
+ *) func_append tmp_libs " $deplib" ;;
+ esac
+ done
+ eval $var=\"$tmp_libs\"
+ done # for var
+ fi
+
+ # Add Sun CC postdeps if required:
+ test CXX = "$tagname" && {
+ case $host_os in
+ linux*)
+ case `$CC -V 2>&1 | $SED 5q` in
+ *Sun\ C*) # Sun C++ 5.9
+ func_suncc_cstd_abi
+
+ if test no != "$suncc_use_cstd_abi"; then
+ func_append postdeps ' -library=Cstd -library=Crun'
+ fi
+ ;;
+ esac
+ ;;
+
+ solaris*)
+ func_cc_basename "$CC"
+ case $func_cc_basename_result in
+ CC* | sunCC*)
+ func_suncc_cstd_abi
+
+ if test no != "$suncc_use_cstd_abi"; then
+ func_append postdeps ' -library=Cstd -library=Crun'
+ fi
+ ;;
+ esac
+ ;;
+ esac
+ }
+
+ # Last step: remove runtime libs from dependency_libs
+ # (they stay in deplibs)
+ tmp_libs=
+ for i in $dependency_libs; do
+ case " $predeps $postdeps $compiler_lib_search_path " in
+ *" $i "*)
+ i=
+ ;;
+ esac
+ if test -n "$i"; then
+ func_append tmp_libs " $i"
+ fi
+ done
+ dependency_libs=$tmp_libs
+ done # for pass
+ if test prog = "$linkmode"; then
+ dlfiles=$newdlfiles
+ fi
+ if test prog = "$linkmode" || test lib = "$linkmode"; then
+ dlprefiles=$newdlprefiles
+ fi
+
+ case $linkmode in
+ oldlib)
+ if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then
+ func_warning "'-dlopen' is ignored for archives"
+ fi
+
+ case " $deplibs" in
+ *\ -l* | *\ -L*)
+ func_warning "'-l' and '-L' are ignored for archives" ;;
+ esac
+
+ test -n "$rpath" && \
+ func_warning "'-rpath' is ignored for archives"
+
+ test -n "$xrpath" && \
+ func_warning "'-R' is ignored for archives"
+
+ test -n "$vinfo" && \
+ func_warning "'-version-info/-version-number' is ignored for archives"
+
+ test -n "$release" && \
+ func_warning "'-release' is ignored for archives"
+
+ test -n "$export_symbols$export_symbols_regex" && \
+ func_warning "'-export-symbols' is ignored for archives"
+
+ # Now set the variables for building old libraries.
+ build_libtool_libs=no
+ oldlibs=$output
+ func_append objs "$old_deplibs"
+ ;;
+
+ lib)
+ # Make sure we only generate libraries of the form 'libNAME.la'.
+ case $outputname in
+ lib*)
+ func_stripname 'lib' '.la' "$outputname"
+ name=$func_stripname_result
+ eval shared_ext=\"$shrext_cmds\"
+ eval libname=\"$libname_spec\"
+ ;;
+ *)
+ test no = "$module" \
+ && func_fatal_help "libtool library '$output' must begin with 'lib'"
+
+ if test no != "$need_lib_prefix"; then
+ # Add the "lib" prefix for modules if required
+ func_stripname '' '.la' "$outputname"
+ name=$func_stripname_result
+ eval shared_ext=\"$shrext_cmds\"
+ eval libname=\"$libname_spec\"
+ else
+ func_stripname '' '.la' "$outputname"
+ libname=$func_stripname_result
+ fi
+ ;;
+ esac
+
+ if test -n "$objs"; then
+ if test pass_all != "$deplibs_check_method"; then
+ func_fatal_error "cannot build libtool library '$output' from non-libtool objects on this host:$objs"
+ else
+ echo
+ $ECHO "*** Warning: Linking the shared library $output against the non-libtool"
+ $ECHO "*** objects $objs is not portable!"
+ func_append libobjs " $objs"
+ fi
+ fi
+
+ test no = "$dlself" \
+ || func_warning "'-dlopen self' is ignored for libtool libraries"
+
+ set dummy $rpath
+ shift
+ test 1 -lt "$#" \
+ && func_warning "ignoring multiple '-rpath's for a libtool library"
+
+ install_libdir=$1
+
+ oldlibs=
+ if test -z "$rpath"; then
+ if test yes = "$build_libtool_libs"; then
+ # Building a libtool convenience library.
+ # Some compilers have problems with a '.al' extension so
+ # convenience libraries should have the same extension an
+ # archive normally would.
+ oldlibs="$output_objdir/$libname.$libext $oldlibs"
+ build_libtool_libs=convenience
+ build_old_libs=yes
+ fi
+
+ test -n "$vinfo" && \
+ func_warning "'-version-info/-version-number' is ignored for convenience libraries"
+
+ test -n "$release" && \
+ func_warning "'-release' is ignored for convenience libraries"
+ else
+
+ # Parse the version information argument.
+ save_ifs=$IFS; IFS=:
+ set dummy $vinfo 0 0 0
+ shift
+ IFS=$save_ifs
+
+ test -n "$7" && \
+ func_fatal_help "too many parameters to '-version-info'"
+
+ # convert absolute version numbers to libtool ages
+ # this retains compatibility with .la files and attempts
+ # to make the code below a bit more comprehensible
+
+ case $vinfo_number in
+ yes)
+ number_major=$1
+ number_minor=$2
+ number_revision=$3
+ #
+ # There are really only two kinds -- those that
+ # use the current revision as the major version
+ # and those that subtract age and use age as
+ # a minor version. But, then there is irix
+ # that has an extra 1 added just for fun
+ #
+ case $version_type in
+ # correct linux to gnu/linux during the next big refactor
+ darwin|freebsd-elf|linux|midnightbsd-elf|osf|windows|none)
+ func_arith $number_major + $number_minor
+ current=$func_arith_result
+ age=$number_minor
+ revision=$number_revision
+ ;;
+ freebsd-aout|qnx|sunos)
+ current=$number_major
+ revision=$number_minor
+ age=0
+ ;;
+ irix|nonstopux)
+ func_arith $number_major + $number_minor
+ current=$func_arith_result
+ age=$number_minor
+ revision=$number_minor
+ lt_irix_increment=no
+ ;;
+ *)
+ func_fatal_configuration "$modename: unknown library version type '$version_type'"
+ ;;
+ esac
+ ;;
+ no)
+ current=$1
+ revision=$2
+ age=$3
+ ;;
+ esac
+
+ # Check that each of the things are valid numbers.
+ case $current in
+ 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
+ *)
+ func_error "CURRENT '$current' must be a nonnegative integer"
+ func_fatal_error "'$vinfo' is not valid version information"
+ ;;
+ esac
+
+ case $revision in
+ 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
+ *)
+ func_error "REVISION '$revision' must be a nonnegative integer"
+ func_fatal_error "'$vinfo' is not valid version information"
+ ;;
+ esac
+
+ case $age in
+ 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
+ *)
+ func_error "AGE '$age' must be a nonnegative integer"
+ func_fatal_error "'$vinfo' is not valid version information"
+ ;;
+ esac
+
+ if test "$age" -gt "$current"; then
+ func_error "AGE '$age' is greater than the current interface number '$current'"
+ func_fatal_error "'$vinfo' is not valid version information"
+ fi
+
+ # Calculate the version variables.
+ major=
+ versuffix=
+ verstring=
+ case $version_type in
+ none) ;;
+
+ darwin)
+ # Like Linux, but with the current version available in
+ # verstring for coding it into the library header
+ func_arith $current - $age
+ major=.$func_arith_result
+ versuffix=$major.$age.$revision
+ # Darwin ld doesn't like 0 for these options...
+ func_arith $current + 1
+ minor_current=$func_arith_result
+ xlcverstring="$wl-compatibility_version $wl$minor_current $wl-current_version $wl$minor_current.$revision"
+ verstring="-compatibility_version $minor_current -current_version $minor_current.$revision"
+ # On Darwin other compilers
+ case $CC in
+ nagfor*)
+ verstring="$wl-compatibility_version $wl$minor_current $wl-current_version $wl$minor_current.$revision"
+ ;;
+ *)
+ verstring="-compatibility_version $minor_current -current_version $minor_current.$revision"
+ ;;
+ esac
+ ;;
+
+ freebsd-aout)
+ major=.$current
+ versuffix=.$current.$revision
+ ;;
+
+ freebsd-elf | midnightbsd-elf)
+ func_arith $current - $age
+ major=.$func_arith_result
+ versuffix=$major.$age.$revision
+ ;;
+
+ irix | nonstopux)
+ if test no = "$lt_irix_increment"; then
+ func_arith $current - $age
+ else
+ func_arith $current - $age + 1
+ fi
+ major=$func_arith_result
+
+ case $version_type in
+ nonstopux) verstring_prefix=nonstopux ;;
+ *) verstring_prefix=sgi ;;
+ esac
+ verstring=$verstring_prefix$major.$revision
+
+ # Add in all the interfaces that we are compatible with.
+ loop=$revision
+ while test 0 -ne "$loop"; do
+ func_arith $revision - $loop
+ iface=$func_arith_result
+ func_arith $loop - 1
+ loop=$func_arith_result
+ verstring=$verstring_prefix$major.$iface:$verstring
+ done
+
+ # Before this point, $major must not contain '.'.
+ major=.$major
+ versuffix=$major.$revision
+ ;;
+
+ linux) # correct to gnu/linux during the next big refactor
+ func_arith $current - $age
+ major=.$func_arith_result
+ versuffix=$major.$age.$revision
+ ;;
+
+ osf)
+ func_arith $current - $age
+ major=.$func_arith_result
+ versuffix=.$current.$age.$revision
+ verstring=$current.$age.$revision
+
+ # Add in all the interfaces that we are compatible with.
+ loop=$age
+ while test 0 -ne "$loop"; do
+ func_arith $current - $loop
+ iface=$func_arith_result
+ func_arith $loop - 1
+ loop=$func_arith_result
+ verstring=$verstring:$iface.0
+ done
+
+ # Make executables depend on our current version.
+ func_append verstring ":$current.0"
+ ;;
+
+ qnx)
+ major=.$current
+ versuffix=.$current
+ ;;
+
+ sco)
+ major=.$current
+ versuffix=.$current
+ ;;
+
+ sunos)
+ major=.$current
+ versuffix=.$current.$revision
+ ;;
+
+ windows)
+ # Use '-' rather than '.', since we only want one
+ # extension on DOS 8.3 file systems.
+ func_arith $current - $age
+ major=$func_arith_result
+ versuffix=-$major
+ ;;
+
+ *)
+ func_fatal_configuration "unknown library version type '$version_type'"
+ ;;
+ esac
+
+ # Clear the version info if we defaulted, and they specified a release.
+ if test -z "$vinfo" && test -n "$release"; then
+ major=
+ case $version_type in
+ darwin)
+ # we can't check for "0.0" in archive_cmds due to quoting
+ # problems, so we reset it completely
+ verstring=
+ ;;
+ *)
+ verstring=0.0
+ ;;
+ esac
+ if test no = "$need_version"; then
+ versuffix=
+ else
+ versuffix=.0.0
+ fi
+ fi
+
+ # Remove version info from name if versioning should be avoided
+ if test yes,no = "$avoid_version,$need_version"; then
+ major=
+ versuffix=
+ verstring=
+ fi
+
+ # Check to see if the archive will have undefined symbols.
+ if test yes = "$allow_undefined"; then
+ if test unsupported = "$allow_undefined_flag"; then
+ if test yes = "$build_old_libs"; then
+ func_warning "undefined symbols not allowed in $host shared libraries; building static only"
+ build_libtool_libs=no
+ else
+ func_fatal_error "can't build $host shared library unless -no-undefined is specified"
+ fi
+ fi
+ else
+ # Don't allow undefined symbols.
+ allow_undefined_flag=$no_undefined_flag
+ fi
+
+ fi
+
+ func_generate_dlsyms "$libname" "$libname" :
+ func_append libobjs " $symfileobj"
+ test " " = "$libobjs" && libobjs=
+
+ if test relink != "$opt_mode"; then
+ # Remove our outputs, but don't remove object files since they
+ # may have been created when compiling PIC objects.
+ removelist=
+ tempremovelist=`$ECHO "$output_objdir/*"`
+ for p in $tempremovelist; do
+ case $p in
+ *.$objext | *.gcno)
+ ;;
+ $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/$libname$release.*)
+ if test -n "$precious_files_regex"; then
+ if $ECHO "$p" | $EGREP -e "$precious_files_regex" >/dev/null 2>&1
+ then
+ continue
+ fi
+ fi
+ func_append removelist " $p"
+ ;;
+ *) ;;
+ esac
+ done
+ test -n "$removelist" && \
+ func_show_eval "${RM}r \$removelist"
+ fi
+
+ # Now set the variables for building old libraries.
+ if test yes = "$build_old_libs" && test convenience != "$build_libtool_libs"; then
+ func_append oldlibs " $output_objdir/$libname.$libext"
+
+ # Transform .lo files to .o files.
+ oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.$libext$/d; $lo2o" | $NL2SP`
+ fi
+
+ # Eliminate all temporary directories.
+ #for path in $notinst_path; do
+ # lib_search_path=`$ECHO "$lib_search_path " | $SED "s% $path % %g"`
+ # deplibs=`$ECHO "$deplibs " | $SED "s% -L$path % %g"`
+ # dependency_libs=`$ECHO "$dependency_libs " | $SED "s% -L$path % %g"`
+ #done
+
+ if test -n "$xrpath"; then
+ # If the user specified any rpath flags, then add them.
+ temp_xrpath=
+ for libdir in $xrpath; do
+ func_replace_sysroot "$libdir"
+ func_append temp_xrpath " -R$func_replace_sysroot_result"
+ case "$finalize_rpath " in
+ *" $libdir "*) ;;
+ *) func_append finalize_rpath " $libdir" ;;
+ esac
+ done
+ if test yes != "$hardcode_into_libs" || test yes = "$build_old_libs"; then
+ dependency_libs="$temp_xrpath $dependency_libs"
+ fi
+ fi
+
+ # Make sure dlfiles contains only unique files that won't be dlpreopened
+ old_dlfiles=$dlfiles
+ dlfiles=
+ for lib in $old_dlfiles; do
+ case " $dlprefiles $dlfiles " in
+ *" $lib "*) ;;
+ *) func_append dlfiles " $lib" ;;
+ esac
+ done
+
+ # Make sure dlprefiles contains only unique files
+ old_dlprefiles=$dlprefiles
+ dlprefiles=
+ for lib in $old_dlprefiles; do
+ case "$dlprefiles " in
+ *" $lib "*) ;;
+ *) func_append dlprefiles " $lib" ;;
+ esac
+ done
+
+ if test yes = "$build_libtool_libs"; then
+ if test -n "$rpath"; then
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc* | *-*-haiku*)
+ # these systems don't actually have a c library (as such)!
+ ;;
+ *-*-rhapsody* | *-*-darwin1.[012])
+ # Rhapsody C library is in the System framework
+ func_append deplibs " System.ltframework"
+ ;;
+ *-*-netbsd*)
+ # Don't link with libc until the a.out ld.so is fixed.
+ ;;
+ *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-midnightbsd*)
+ # Do not include libc due to us having libc/libc_r.
+ ;;
+ *-*-sco3.2v5* | *-*-sco5v6*)
+ # Causes problems with __ctype
+ ;;
+ *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*)
+ # Compiler inserts libc in the correct place for threads to work
+ ;;
+ *)
+ # Add libc to deplibs on all other systems if necessary.
+ if test yes = "$build_libtool_need_lc"; then
+ func_append deplibs " -lc"
+ fi
+ ;;
+ esac
+ fi
+
+ # Transform deplibs into only deplibs that can be linked in shared.
+ name_save=$name
+ libname_save=$libname
+ release_save=$release
+ versuffix_save=$versuffix
+ major_save=$major
+ # I'm not sure if I'm treating the release correctly. I think
+ # release should show up in the -l (ie -lgmp5) so we don't want to
+ # add it in twice. Is that correct?
+ release=
+ versuffix=
+ major=
+ newdeplibs=
+ droppeddeps=no
+ case $deplibs_check_method in
+ pass_all)
+ # Don't check for shared/static. Everything works.
+ # This might be a little naive. We might want to check
+ # whether the library exists or not. But this is on
+ # osf3 & osf4 and I'm not really sure... Just
+ # implementing what was already the behavior.
+ newdeplibs=$deplibs
+ ;;
+ test_compile)
+ # This code stresses the "libraries are programs" paradigm to its
+ # limits. Maybe even breaks it. We compile a program, linking it
+ # against the deplibs as a proxy for the library. Then we can check
+ # whether they linked in statically or dynamically with ldd.
+ $opt_dry_run || $RM conftest.c
+ cat > conftest.c <<EOF
+ int main() { return 0; }
+EOF
+ $opt_dry_run || $RM conftest
+ if $LTCC $LTCFLAGS -o conftest conftest.c $deplibs; then
+ ldd_output=`ldd conftest`
+ for i in $deplibs; do
+ case $i in
+ -l*)
+ func_stripname -l '' "$i"
+ name=$func_stripname_result
+ if test yes = "$allow_libtool_libs_with_static_runtimes"; then
+ case " $predeps $postdeps " in
+ *" $i "*)
+ func_append newdeplibs " $i"
+ i=
+ ;;
+ esac
+ fi
+ if test -n "$i"; then
+ libname=`eval "\\$ECHO \"$libname_spec\""`
+ deplib_matches=`eval "\\$ECHO \"$library_names_spec\""`
+ set dummy $deplib_matches; shift
+ deplib_match=$1
+ if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0; then
+ func_append newdeplibs " $i"
+ else
+ droppeddeps=yes
+ echo
+ $ECHO "*** Warning: dynamic linker does not accept needed library $i."
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which I believe you do not have"
+ echo "*** because a test_compile did reveal that the linker did not use it for"
+ echo "*** its dynamic dependency list that programs get resolved with at runtime."
+ fi
+ fi
+ ;;
+ *)
+ func_append newdeplibs " $i"
+ ;;
+ esac
+ done
+ else
+ # Error occurred in the first compile. Let's try to salvage
+ # the situation: Compile a separate program for each library.
+ for i in $deplibs; do
+ case $i in
+ -l*)
+ func_stripname -l '' "$i"
+ name=$func_stripname_result
+ $opt_dry_run || $RM conftest
+ if $LTCC $LTCFLAGS -o conftest conftest.c $i; then
+ ldd_output=`ldd conftest`
+ if test yes = "$allow_libtool_libs_with_static_runtimes"; then
+ case " $predeps $postdeps " in
+ *" $i "*)
+ func_append newdeplibs " $i"
+ i=
+ ;;
+ esac
+ fi
+ if test -n "$i"; then
+ libname=`eval "\\$ECHO \"$libname_spec\""`
+ deplib_matches=`eval "\\$ECHO \"$library_names_spec\""`
+ set dummy $deplib_matches; shift
+ deplib_match=$1
+ if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0; then
+ func_append newdeplibs " $i"
+ else
+ droppeddeps=yes
+ echo
+ $ECHO "*** Warning: dynamic linker does not accept needed library $i."
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which you do not appear to have"
+ echo "*** because a test_compile did reveal that the linker did not use this one"
+ echo "*** as a dynamic dependency that programs can get resolved with at runtime."
+ fi
+ fi
+ else
+ droppeddeps=yes
+ echo
+ $ECHO "*** Warning! Library $i is needed by this library but I was not able to"
+ echo "*** make it link in! You will probably need to install it or some"
+ echo "*** library that it depends on before this library will be fully"
+ echo "*** functional. Installing it before continuing would be even better."
+ fi
+ ;;
+ *)
+ func_append newdeplibs " $i"
+ ;;
+ esac
+ done
+ fi
+ ;;
+ file_magic*)
+ set dummy $deplibs_check_method; shift
+ file_magic_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"`
+ for a_deplib in $deplibs; do
+ case $a_deplib in
+ -l*)
+ func_stripname -l '' "$a_deplib"
+ name=$func_stripname_result
+ if test yes = "$allow_libtool_libs_with_static_runtimes"; then
+ case " $predeps $postdeps " in
+ *" $a_deplib "*)
+ func_append newdeplibs " $a_deplib"
+ a_deplib=
+ ;;
+ esac
+ fi
+ if test -n "$a_deplib"; then
+ libname=`eval "\\$ECHO \"$libname_spec\""`
+ if test -n "$file_magic_glob"; then
+ libnameglob=`func_echo_all "$libname" | $SED -e $file_magic_glob`
+ else
+ libnameglob=$libname
+ fi
+ test yes = "$want_nocaseglob" && nocaseglob=`shopt -p nocaseglob`
+ for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do
+ if test yes = "$want_nocaseglob"; then
+ shopt -s nocaseglob
+ potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null`
+ $nocaseglob
+ else
+ potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null`
+ fi
+ for potent_lib in $potential_libs; do
+ # Follow soft links.
+ if ls -lLd "$potent_lib" 2>/dev/null |
+ $GREP " -> " >/dev/null; then
+ continue
+ fi
+ # The statement above tries to avoid entering an
+ # endless loop below, in case of cyclic links.
+ # We might still enter an endless loop, since a link
+ # loop can be closed while we follow links,
+ # but so what?
+ potlib=$potent_lib
+ while test -h "$potlib" 2>/dev/null; do
+ potliblink=`ls -ld $potlib | $SED 's/.* -> //'`
+ case $potliblink in
+ [\\/]* | [A-Za-z]:[\\/]*) potlib=$potliblink;;
+ *) potlib=`$ECHO "$potlib" | $SED 's|[^/]*$||'`"$potliblink";;
+ esac
+ done
+ if eval $file_magic_cmd \"\$potlib\" 2>/dev/null |
+ $SED -e 10q |
+ $EGREP "$file_magic_regex" > /dev/null; then
+ func_append newdeplibs " $a_deplib"
+ a_deplib=
+ break 2
+ fi
+ done
+ done
+ fi
+ if test -n "$a_deplib"; then
+ droppeddeps=yes
+ echo
+ $ECHO "*** Warning: linker path does not have real file for library $a_deplib."
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which you do not appear to have"
+ echo "*** because I did check the linker path looking for a file starting"
+ if test -z "$potlib"; then
+ $ECHO "*** with $libname but no candidates were found. (...for file magic test)"
+ else
+ $ECHO "*** with $libname and none of the candidates passed a file format test"
+ $ECHO "*** using a file magic. Last file checked: $potlib"
+ fi
+ fi
+ ;;
+ *)
+ # Add a -L argument.
+ func_append newdeplibs " $a_deplib"
+ ;;
+ esac
+ done # Gone through all deplibs.
+ ;;
+ match_pattern*)
+ set dummy $deplibs_check_method; shift
+ match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"`
+ for a_deplib in $deplibs; do
+ case $a_deplib in
+ -l*)
+ func_stripname -l '' "$a_deplib"
+ name=$func_stripname_result
+ if test yes = "$allow_libtool_libs_with_static_runtimes"; then
+ case " $predeps $postdeps " in
+ *" $a_deplib "*)
+ func_append newdeplibs " $a_deplib"
+ a_deplib=
+ ;;
+ esac
+ fi
+ if test -n "$a_deplib"; then
+ libname=`eval "\\$ECHO \"$libname_spec\""`
+ for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do
+ potential_libs=`ls $i/$libname[.-]* 2>/dev/null`
+ for potent_lib in $potential_libs; do
+ potlib=$potent_lib # see symlink-check above in file_magic test
+ if eval "\$ECHO \"$potent_lib\"" 2>/dev/null | $SED 10q | \
+ $EGREP "$match_pattern_regex" > /dev/null; then
+ func_append newdeplibs " $a_deplib"
+ a_deplib=
+ break 2
+ fi
+ done
+ done
+ fi
+ if test -n "$a_deplib"; then
+ droppeddeps=yes
+ echo
+ $ECHO "*** Warning: linker path does not have real file for library $a_deplib."
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which you do not appear to have"
+ echo "*** because I did check the linker path looking for a file starting"
+ if test -z "$potlib"; then
+ $ECHO "*** with $libname but no candidates were found. (...for regex pattern test)"
+ else
+ $ECHO "*** with $libname and none of the candidates passed a file format test"
+ $ECHO "*** using a regex pattern. Last file checked: $potlib"
+ fi
+ fi
+ ;;
+ *)
+ # Add a -L argument.
+ func_append newdeplibs " $a_deplib"
+ ;;
+ esac
+ done # Gone through all deplibs.
+ ;;
+ none | unknown | *)
+ newdeplibs=
+ tmp_deplibs=`$ECHO " $deplibs" | $SED 's/ -lc$//; s/ -[LR][^ ]*//g'`
+ if test yes = "$allow_libtool_libs_with_static_runtimes"; then
+ for i in $predeps $postdeps; do
+ # can't use Xsed below, because $i might contain '/'
+ tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s|$i||"`
+ done
+ fi
+ case $tmp_deplibs in
+ *[!\ \ ]*)
+ echo
+ if test none = "$deplibs_check_method"; then
+ echo "*** Warning: inter-library dependencies are not supported in this platform."
+ else
+ echo "*** Warning: inter-library dependencies are not known to be supported."
+ fi
+ echo "*** All declared inter-library dependencies are being dropped."
+ droppeddeps=yes
+ ;;
+ esac
+ ;;
+ esac
+ versuffix=$versuffix_save
+ major=$major_save
+ release=$release_save
+ libname=$libname_save
+ name=$name_save
+
+ case $host in
+ *-*-rhapsody* | *-*-darwin1.[012])
+ # On Rhapsody replace the C library with the System framework
+ newdeplibs=`$ECHO " $newdeplibs" | $SED 's/ -lc / System.ltframework /'`
+ ;;
+ esac
+
+ if test yes = "$droppeddeps"; then
+ if test yes = "$module"; then
+ echo
+ echo "*** Warning: libtool could not satisfy all declared inter-library"
+ $ECHO "*** dependencies of module $libname. Therefore, libtool will create"
+ echo "*** a static module, that should work as long as the dlopening"
+ echo "*** application is linked with the -dlopen flag."
+ if test -z "$global_symbol_pipe"; then
+ echo
+ echo "*** However, this would only work if libtool was able to extract symbol"
+ echo "*** lists from a program, using 'nm' or equivalent, but libtool could"
+ echo "*** not find such a program. So, this module is probably useless."
+ echo "*** 'nm' from GNU binutils and a full rebuild may help."
+ fi
+ if test no = "$build_old_libs"; then
+ oldlibs=$output_objdir/$libname.$libext
+ build_libtool_libs=module
+ build_old_libs=yes
+ else
+ build_libtool_libs=no
+ fi
+ else
+ echo "*** The inter-library dependencies that have been dropped here will be"
+ echo "*** automatically added whenever a program is linked with this library"
+ echo "*** or is declared to -dlopen it."
+
+ if test no = "$allow_undefined"; then
+ echo
+ echo "*** Since this library must not contain undefined symbols,"
+ echo "*** because either the platform does not support them or"
+ echo "*** it was explicitly requested with -no-undefined,"
+ echo "*** libtool will only create a static version of it."
+ if test no = "$build_old_libs"; then
+ oldlibs=$output_objdir/$libname.$libext
+ build_libtool_libs=module
+ build_old_libs=yes
+ else
+ build_libtool_libs=no
+ fi
+ fi
+ fi
+ fi
+ # Done checking deplibs!
+ deplibs=$newdeplibs
+ fi
+ # Time to change all our "foo.ltframework" stuff back to "-framework foo"
+ case $host in
+ *-*-darwin*)
+ newdeplibs=`$ECHO " $newdeplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+ new_inherited_linker_flags=`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+ deplibs=`$ECHO " $deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+ ;;
+ esac
+
+ # move library search paths that coincide with paths to not yet
+ # installed libraries to the beginning of the library search list
+ new_libs=
+ for path in $notinst_path; do
+ case " $new_libs " in
+ *" -L$path/$objdir "*) ;;
+ *)
+ case " $deplibs " in
+ *" -L$path/$objdir "*)
+ func_append new_libs " -L$path/$objdir" ;;
+ esac
+ ;;
+ esac
+ done
+ for deplib in $deplibs; do
+ case $deplib in
+ -L*)
+ case " $new_libs " in
+ *" $deplib "*) ;;
+ *) func_append new_libs " $deplib" ;;
+ esac
+ ;;
+ *) func_append new_libs " $deplib" ;;
+ esac
+ done
+ deplibs=$new_libs
+
+ # All the library-specific variables (install_libdir is set above).
+ library_names=
+ old_library=
+ dlname=
+
+ # Test again, we may have decided not to build it any more
+ if test yes = "$build_libtool_libs"; then
+ # Remove $wl instances when linking with ld.
+ # FIXME: should test the right _cmds variable.
+ case $archive_cmds in
+ *\$LD\ *) wl= ;;
+ esac
+ if test yes = "$hardcode_into_libs"; then
+ # Hardcode the library paths
+ hardcode_libdirs=
+ dep_rpath=
+ rpath=$finalize_rpath
+ test relink = "$opt_mode" || rpath=$compile_rpath$rpath
+ for libdir in $rpath; do
+ if test -n "$hardcode_libdir_flag_spec"; then
+ if test -n "$hardcode_libdir_separator"; then
+ func_replace_sysroot "$libdir"
+ libdir=$func_replace_sysroot_result
+ if test -z "$hardcode_libdirs"; then
+ hardcode_libdirs=$libdir
+ else
+ # Just accumulate the unique libdirs.
+ case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
+ *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+ ;;
+ *)
+ func_append hardcode_libdirs "$hardcode_libdir_separator$libdir"
+ ;;
+ esac
+ fi
+ else
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ func_append dep_rpath " $flag"
+ fi
+ elif test -n "$runpath_var"; then
+ case "$perm_rpath " in
+ *" $libdir "*) ;;
+ *) func_append perm_rpath " $libdir" ;;
+ esac
+ fi
+ done
+ # Substitute the hardcoded libdirs into the rpath.
+ if test -n "$hardcode_libdir_separator" &&
+ test -n "$hardcode_libdirs"; then
+ libdir=$hardcode_libdirs
+ eval "dep_rpath=\"$hardcode_libdir_flag_spec\""
+ fi
+ if test -n "$runpath_var" && test -n "$perm_rpath"; then
+ # We should set the runpath_var.
+ rpath=
+ for dir in $perm_rpath; do
+ func_append rpath "$dir:"
+ done
+ eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var"
+ fi
+ test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs"
+ fi
+
+ shlibpath=$finalize_shlibpath
+ test relink = "$opt_mode" || shlibpath=$compile_shlibpath$shlibpath
+ if test -n "$shlibpath"; then
+ eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var"
+ fi
+
+ # Get the real and link names of the library.
+ eval shared_ext=\"$shrext_cmds\"
+ eval library_names=\"$library_names_spec\"
+ set dummy $library_names
+ shift
+ realname=$1
+ shift
+
+ if test -n "$soname_spec"; then
+ eval soname=\"$soname_spec\"
+ else
+ soname=$realname
+ fi
+ if test -z "$dlname"; then
+ dlname=$soname
+ fi
+
+ lib=$output_objdir/$realname
+ linknames=
+ for link
+ do
+ func_append linknames " $link"
+ done
+
+ # Use standard objects if they are pic
+ test -z "$pic_flag" && libobjs=`$ECHO "$libobjs" | $SP2NL | $SED "$lo2o" | $NL2SP`
+ test "X$libobjs" = "X " && libobjs=
+
+ delfiles=
+ if test -n "$export_symbols" && test -n "$include_expsyms"; then
+ $opt_dry_run || cp "$export_symbols" "$output_objdir/$libname.uexp"
+ export_symbols=$output_objdir/$libname.uexp
+ func_append delfiles " $export_symbols"
+ fi
+
+ orig_export_symbols=
+ case $host_os in
+ cygwin* | mingw* | cegcc*)
+ if test -n "$export_symbols" && test -z "$export_symbols_regex"; then
+ # exporting using user supplied symfile
+ func_dll_def_p "$export_symbols" || {
+ # and it's NOT already a .def file. Must figure out
+ # which of the given symbols are data symbols and tag
+ # them as such. So, trigger use of export_symbols_cmds.
+ # export_symbols gets reassigned inside the "prepare
+ # the list of exported symbols" if statement, so the
+ # include_expsyms logic still works.
+ orig_export_symbols=$export_symbols
+ export_symbols=
+ always_export_symbols=yes
+ }
+ fi
+ ;;
+ esac
+
+ # Prepare the list of exported symbols
+ if test -z "$export_symbols"; then
+ if test yes = "$always_export_symbols" || test -n "$export_symbols_regex"; then
+ func_verbose "generating symbol list for '$libname.la'"
+ export_symbols=$output_objdir/$libname.exp
+ $opt_dry_run || $RM $export_symbols
+ cmds=$export_symbols_cmds
+ save_ifs=$IFS; IFS='~'
+ for cmd1 in $cmds; do
+ IFS=$save_ifs
+ # Take the normal branch if the nm_file_list_spec branch
+ # doesn't work or if tool conversion is not needed.
+ case $nm_file_list_spec~$to_tool_file_cmd in
+ *~func_convert_file_noop | *~func_convert_file_msys_to_w32 | ~*)
+ try_normal_branch=yes
+ eval cmd=\"$cmd1\"
+ func_len " $cmd"
+ len=$func_len_result
+ ;;
+ *)
+ try_normal_branch=no
+ ;;
+ esac
+ if test yes = "$try_normal_branch" \
+ && { test "$len" -lt "$max_cmd_len" \
+ || test "$max_cmd_len" -le -1; }
+ then
+ func_show_eval "$cmd" 'exit $?'
+ skipped_export=false
+ elif test -n "$nm_file_list_spec"; then
+ func_basename "$output"
+ output_la=$func_basename_result
+ save_libobjs=$libobjs
+ save_output=$output
+ output=$output_objdir/$output_la.nm
+ func_to_tool_file "$output"
+ libobjs=$nm_file_list_spec$func_to_tool_file_result
+ func_append delfiles " $output"
+ func_verbose "creating $NM input file list: $output"
+ for obj in $save_libobjs; do
+ func_to_tool_file "$obj"
+ $ECHO "$func_to_tool_file_result"
+ done > "$output"
+ eval cmd=\"$cmd1\"
+ func_show_eval "$cmd" 'exit $?'
+ output=$save_output
+ libobjs=$save_libobjs
+ skipped_export=false
+ else
+ # The command line is too long to execute in one step.
+ func_verbose "using reloadable object file for export list..."
+ skipped_export=:
+ # Break out early, otherwise skipped_export may be
+ # set to false by a later but shorter cmd.
+ break
+ fi
+ done
+ IFS=$save_ifs
+ if test -n "$export_symbols_regex" && test : != "$skipped_export"; then
+ func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"'
+ func_show_eval '$MV "${export_symbols}T" "$export_symbols"'
+ fi
+ fi
+ fi
+
+ if test -n "$export_symbols" && test -n "$include_expsyms"; then
+ tmp_export_symbols=$export_symbols
+ test -n "$orig_export_symbols" && tmp_export_symbols=$orig_export_symbols
+ $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"'
+ fi
+
+ if test : != "$skipped_export" && test -n "$orig_export_symbols"; then
+ # The given exports_symbols file has to be filtered, so filter it.
+ func_verbose "filter symbol list for '$libname.la' to tag DATA exports"
+ # FIXME: $output_objdir/$libname.filter potentially contains lots of
+ # 's' commands, which not all seds can handle. GNU sed should be fine
+ # though. Also, the filter scales superlinearly with the number of
+ # global variables. join(1) would be nice here, but unfortunately
+ # isn't a blessed tool.
+ $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter
+ func_append delfiles " $export_symbols $output_objdir/$libname.filter"
+ export_symbols=$output_objdir/$libname.def
+ $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols
+ fi
+
+ tmp_deplibs=
+ for test_deplib in $deplibs; do
+ case " $convenience " in
+ *" $test_deplib "*) ;;
+ *)
+ func_append tmp_deplibs " $test_deplib"
+ ;;
+ esac
+ done
+ deplibs=$tmp_deplibs
+
+ if test -n "$convenience"; then
+ if test -n "$whole_archive_flag_spec" &&
+ test yes = "$compiler_needs_object" &&
+ test -z "$libobjs"; then
+ # extract the archives, so we have objects to list.
+ # TODO: could optimize this to just extract one archive.
+ whole_archive_flag_spec=
+ fi
+ if test -n "$whole_archive_flag_spec"; then
+ save_libobjs=$libobjs
+ eval libobjs=\"\$libobjs $whole_archive_flag_spec\"
+ test "X$libobjs" = "X " && libobjs=
+ else
+ gentop=$output_objdir/${outputname}x
+ func_append generated " $gentop"
+
+ func_extract_archives $gentop $convenience
+ func_append libobjs " $func_extract_archives_result"
+ test "X$libobjs" = "X " && libobjs=
+ fi
+ fi
+
+ if test yes = "$thread_safe" && test -n "$thread_safe_flag_spec"; then
+ eval flag=\"$thread_safe_flag_spec\"
+ func_append linker_flags " $flag"
+ fi
+
+ # Make a backup of the uninstalled library when relinking
+ if test relink = "$opt_mode"; then
+ $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}U && $MV $realname ${realname}U)' || exit $?
+ fi
+
+ # Do each of the archive commands.
+ if test yes = "$module" && test -n "$module_cmds"; then
+ if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then
+ eval test_cmds=\"$module_expsym_cmds\"
+ cmds=$module_expsym_cmds
+ else
+ eval test_cmds=\"$module_cmds\"
+ cmds=$module_cmds
+ fi
+ else
+ if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then
+ eval test_cmds=\"$archive_expsym_cmds\"
+ cmds=$archive_expsym_cmds
+ else
+ eval test_cmds=\"$archive_cmds\"
+ cmds=$archive_cmds
+ fi
+ fi
+
+ if test : != "$skipped_export" &&
+ func_len " $test_cmds" &&
+ len=$func_len_result &&
+ test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then
+ :
+ else
+ # The command line is too long to link in one step, link piecewise
+ # or, if using GNU ld and skipped_export is not :, use a linker
+ # script.
+
+ # Save the value of $output and $libobjs because we want to
+ # use them later. If we have whole_archive_flag_spec, we
+ # want to use save_libobjs as it was before
+ # whole_archive_flag_spec was expanded, because we can't
+ # assume the linker understands whole_archive_flag_spec.
+ # This may have to be revisited, in case too many
+ # convenience libraries get linked in and end up exceeding
+ # the spec.
+ if test -z "$convenience" || test -z "$whole_archive_flag_spec"; then
+ save_libobjs=$libobjs
+ fi
+ save_output=$output
+ func_basename "$output"
+ output_la=$func_basename_result
+
+ # Clear the reloadable object creation command queue and
+ # initialize k to one.
+ test_cmds=
+ concat_cmds=
+ objlist=
+ last_robj=
+ k=1
+
+ if test -n "$save_libobjs" && test : != "$skipped_export" && test yes = "$with_gnu_ld"; then
+ output=$output_objdir/$output_la.lnkscript
+ func_verbose "creating GNU ld script: $output"
+ echo 'INPUT (' > $output
+ for obj in $save_libobjs
+ do
+ func_to_tool_file "$obj"
+ $ECHO "$func_to_tool_file_result" >> $output
+ done
+ echo ')' >> $output
+ func_append delfiles " $output"
+ func_to_tool_file "$output"
+ output=$func_to_tool_file_result
+ elif test -n "$save_libobjs" && test : != "$skipped_export" && test -n "$file_list_spec"; then
+ output=$output_objdir/$output_la.lnk
+ func_verbose "creating linker input file list: $output"
+ : > $output
+ set x $save_libobjs
+ shift
+ firstobj=
+ if test yes = "$compiler_needs_object"; then
+ firstobj="$1 "
+ shift
+ fi
+ for obj
+ do
+ func_to_tool_file "$obj"
+ $ECHO "$func_to_tool_file_result" >> $output
+ done
+ func_append delfiles " $output"
+ func_to_tool_file "$output"
+ output=$firstobj\"$file_list_spec$func_to_tool_file_result\"
+ else
+ if test -n "$save_libobjs"; then
+ func_verbose "creating reloadable object files..."
+ output=$output_objdir/$output_la-$k.$objext
+ eval test_cmds=\"$reload_cmds\"
+ func_len " $test_cmds"
+ len0=$func_len_result
+ len=$len0
+
+ # Loop over the list of objects to be linked.
+ for obj in $save_libobjs
+ do
+ func_len " $obj"
+ func_arith $len + $func_len_result
+ len=$func_arith_result
+ if test -z "$objlist" ||
+ test "$len" -lt "$max_cmd_len"; then
+ func_append objlist " $obj"
+ else
+ # The command $test_cmds is almost too long, add a
+ # command to the queue.
+ if test 1 -eq "$k"; then
+ # The first file doesn't have a previous command to add.
+ reload_objs=$objlist
+ eval concat_cmds=\"$reload_cmds\"
+ else
+ # All subsequent reloadable object files will link in
+ # the last one created.
+ reload_objs="$objlist $last_robj"
+ eval concat_cmds=\"\$concat_cmds~$reload_cmds~\$RM $last_robj\"
+ fi
+ last_robj=$output_objdir/$output_la-$k.$objext
+ func_arith $k + 1
+ k=$func_arith_result
+ output=$output_objdir/$output_la-$k.$objext
+ objlist=" $obj"
+ func_len " $last_robj"
+ func_arith $len0 + $func_len_result
+ len=$func_arith_result
+ fi
+ done
+ # Handle the remaining objects by creating one last
+ # reloadable object file. All subsequent reloadable object
+ # files will link in the last one created.
+ test -z "$concat_cmds" || concat_cmds=$concat_cmds~
+ reload_objs="$objlist $last_robj"
+ eval concat_cmds=\"\$concat_cmds$reload_cmds\"
+ if test -n "$last_robj"; then
+ eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\"
+ fi
+ func_append delfiles " $output"
+
+ else
+ output=
+ fi
+
+ ${skipped_export-false} && {
+ func_verbose "generating symbol list for '$libname.la'"
+ export_symbols=$output_objdir/$libname.exp
+ $opt_dry_run || $RM $export_symbols
+ libobjs=$output
+ # Append the command to create the export file.
+ test -z "$concat_cmds" || concat_cmds=$concat_cmds~
+ eval concat_cmds=\"\$concat_cmds$export_symbols_cmds\"
+ if test -n "$last_robj"; then
+ eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\"
+ fi
+ }
+
+ test -n "$save_libobjs" &&
+ func_verbose "creating a temporary reloadable object file: $output"
+
+ # Loop through the commands generated above and execute them.
+ save_ifs=$IFS; IFS='~'
+ for cmd in $concat_cmds; do
+ IFS=$save_ifs
+ $opt_quiet || {
+ func_quote_arg expand,pretty "$cmd"
+ eval "func_echo $func_quote_arg_result"
+ }
+ $opt_dry_run || eval "$cmd" || {
+ lt_exit=$?
+
+ # Restore the uninstalled library and exit
+ if test relink = "$opt_mode"; then
+ ( cd "$output_objdir" && \
+ $RM "${realname}T" && \
+ $MV "${realname}U" "$realname" )
+ fi
+
+ exit $lt_exit
+ }
+ done
+ IFS=$save_ifs
+
+ if test -n "$export_symbols_regex" && ${skipped_export-false}; then
+ func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"'
+ func_show_eval '$MV "${export_symbols}T" "$export_symbols"'
+ fi
+ fi
+
+ ${skipped_export-false} && {
+ if test -n "$export_symbols" && test -n "$include_expsyms"; then
+ tmp_export_symbols=$export_symbols
+ test -n "$orig_export_symbols" && tmp_export_symbols=$orig_export_symbols
+ $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"'
+ fi
+
+ if test -n "$orig_export_symbols"; then
+ # The given exports_symbols file has to be filtered, so filter it.
+ func_verbose "filter symbol list for '$libname.la' to tag DATA exports"
+ # FIXME: $output_objdir/$libname.filter potentially contains lots of
+ # 's' commands, which not all seds can handle. GNU sed should be fine
+ # though. Also, the filter scales superlinearly with the number of
+ # global variables. join(1) would be nice here, but unfortunately
+ # isn't a blessed tool.
+ $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter
+ func_append delfiles " $export_symbols $output_objdir/$libname.filter"
+ export_symbols=$output_objdir/$libname.def
+ $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols
+ fi
+ }
+
+ libobjs=$output
+ # Restore the value of output.
+ output=$save_output
+
+ if test -n "$convenience" && test -n "$whole_archive_flag_spec"; then
+ eval libobjs=\"\$libobjs $whole_archive_flag_spec\"
+ test "X$libobjs" = "X " && libobjs=
+ fi
+ # Expand the library linking commands again to reset the
+ # value of $libobjs for piecewise linking.
+
+ # Do each of the archive commands.
+ if test yes = "$module" && test -n "$module_cmds"; then
+ if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then
+ cmds=$module_expsym_cmds
+ else
+ cmds=$module_cmds
+ fi
+ else
+ if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then
+ cmds=$archive_expsym_cmds
+ else
+ cmds=$archive_cmds
+ fi
+ fi
+ fi
+
+ if test -n "$delfiles"; then
+ # Append the command to remove temporary files to $cmds.
+ eval cmds=\"\$cmds~\$RM $delfiles\"
+ fi
+
+ # Add any objects from preloaded convenience libraries
+ if test -n "$dlprefiles"; then
+ gentop=$output_objdir/${outputname}x
+ func_append generated " $gentop"
+
+ func_extract_archives $gentop $dlprefiles
+ func_append libobjs " $func_extract_archives_result"
+ test "X$libobjs" = "X " && libobjs=
+ fi
+
+ save_ifs=$IFS; IFS='~'
+ for cmd in $cmds; do
+ IFS=$sp$nl
+ eval cmd=\"$cmd\"
+ IFS=$save_ifs
+ $opt_quiet || {
+ func_quote_arg expand,pretty "$cmd"
+ eval "func_echo $func_quote_arg_result"
+ }
+ $opt_dry_run || eval "$cmd" || {
+ lt_exit=$?
+
+ # Restore the uninstalled library and exit
+ if test relink = "$opt_mode"; then
+ ( cd "$output_objdir" && \
+ $RM "${realname}T" && \
+ $MV "${realname}U" "$realname" )
+ fi
+
+ exit $lt_exit
+ }
+ done
+ IFS=$save_ifs
+
+ # Restore the uninstalled library and exit
+ if test relink = "$opt_mode"; then
+ $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}T && $MV $realname ${realname}T && $MV ${realname}U $realname)' || exit $?
+
+ if test -n "$convenience"; then
+ if test -z "$whole_archive_flag_spec"; then
+ func_show_eval '${RM}r "$gentop"'
+ fi
+ fi
+
+ exit $EXIT_SUCCESS
+ fi
+
+ # Create links to the real library.
+ for linkname in $linknames; do
+ if test "$realname" != "$linkname"; then
+ func_show_eval '(cd "$output_objdir" && $RM "$linkname" && $LN_S "$realname" "$linkname")' 'exit $?'
+ fi
+ done
+
+ # If -module or -export-dynamic was specified, set the dlname.
+ if test yes = "$module" || test yes = "$export_dynamic"; then
+ # On all known operating systems, these are identical.
+ dlname=$soname
+ fi
+ fi
+ ;;
+
+ obj)
+ if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then
+ func_warning "'-dlopen' is ignored for objects"
+ fi
+
+ case " $deplibs" in
+ *\ -l* | *\ -L*)
+ func_warning "'-l' and '-L' are ignored for objects" ;;
+ esac
+
+ test -n "$rpath" && \
+ func_warning "'-rpath' is ignored for objects"
+
+ test -n "$xrpath" && \
+ func_warning "'-R' is ignored for objects"
+
+ test -n "$vinfo" && \
+ func_warning "'-version-info' is ignored for objects"
+
+ test -n "$release" && \
+ func_warning "'-release' is ignored for objects"
+
+ case $output in
+ *.lo)
+ test -n "$objs$old_deplibs" && \
+ func_fatal_error "cannot build library object '$output' from non-libtool objects"
+
+ libobj=$output
+ func_lo2o "$libobj"
+ obj=$func_lo2o_result
+ ;;
+ *)
+ libobj=
+ obj=$output
+ ;;
+ esac
+
+ # Delete the old objects.
+ $opt_dry_run || $RM $obj $libobj
+
+ # Objects from convenience libraries. This assumes
+ # single-version convenience libraries. Whenever we create
+ # different ones for PIC/non-PIC, this we'll have to duplicate
+ # the extraction.
+ reload_conv_objs=
+ gentop=
+ # if reload_cmds runs $LD directly, get rid of -Wl from
+ # whole_archive_flag_spec and hope we can get by with turning comma
+ # into space.
+ case $reload_cmds in
+ *\$LD[\ \$]*) wl= ;;
+ esac
+ if test -n "$convenience"; then
+ if test -n "$whole_archive_flag_spec"; then
+ eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\"
+ test -n "$wl" || tmp_whole_archive_flags=`$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'`
+ reload_conv_objs=$reload_objs\ $tmp_whole_archive_flags
+ else
+ gentop=$output_objdir/${obj}x
+ func_append generated " $gentop"
+
+ func_extract_archives $gentop $convenience
+ reload_conv_objs="$reload_objs $func_extract_archives_result"
+ fi
+ fi
+
+ # If we're not building shared, we need to use non_pic_objs
+ test yes = "$build_libtool_libs" || libobjs=$non_pic_objects
+
+ # Create the old-style object.
+ reload_objs=$objs$old_deplibs' '`$ECHO "$libobjs" | $SP2NL | $SED "/\.$libext$/d; /\.lib$/d; $lo2o" | $NL2SP`' '$reload_conv_objs
+
+ output=$obj
+ func_execute_cmds "$reload_cmds" 'exit $?'
+
+ # Exit if we aren't doing a library object file.
+ if test -z "$libobj"; then
+ if test -n "$gentop"; then
+ func_show_eval '${RM}r "$gentop"'
+ fi
+
+ exit $EXIT_SUCCESS
+ fi
+
+ test yes = "$build_libtool_libs" || {
+ if test -n "$gentop"; then
+ func_show_eval '${RM}r "$gentop"'
+ fi
+
+ # Create an invalid libtool object if no PIC, so that we don't
+ # accidentally link it into a program.
+ # $show "echo timestamp > $libobj"
+ # $opt_dry_run || eval "echo timestamp > $libobj" || exit $?
+ exit $EXIT_SUCCESS
+ }
+
+ if test -n "$pic_flag" || test default != "$pic_mode"; then
+ # Only do commands if we really have different PIC objects.
+ reload_objs="$libobjs $reload_conv_objs"
+ output=$libobj
+ func_execute_cmds "$reload_cmds" 'exit $?'
+ fi
+
+ if test -n "$gentop"; then
+ func_show_eval '${RM}r "$gentop"'
+ fi
+
+ exit $EXIT_SUCCESS
+ ;;
+
+ prog)
+ case $host in
+ *cygwin*) func_stripname '' '.exe' "$output"
+ output=$func_stripname_result.exe;;
+ esac
+ test -n "$vinfo" && \
+ func_warning "'-version-info' is ignored for programs"
+
+ test -n "$release" && \
+ func_warning "'-release' is ignored for programs"
+
+ $preload \
+ && test unknown,unknown,unknown = "$dlopen_support,$dlopen_self,$dlopen_self_static" \
+ && func_warning "'LT_INIT([dlopen])' not used. Assuming no dlopen support."
+
+ case $host in
+ *-*-rhapsody* | *-*-darwin1.[012])
+ # On Rhapsody replace the C library is the System framework
+ compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's/ -lc / System.ltframework /'`
+ finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's/ -lc / System.ltframework /'`
+ ;;
+ esac
+
+ case $host in
+ *-*-darwin*)
+ # Don't allow lazy linking, it breaks C++ global constructors
+ # But is supposedly fixed on 10.4 or later (yay!).
+ if test CXX = "$tagname"; then
+ case ${MACOSX_DEPLOYMENT_TARGET-10.0} in
+ 10.[0123])
+ func_append compile_command " $wl-bind_at_load"
+ func_append finalize_command " $wl-bind_at_load"
+ ;;
+ esac
+ fi
+ # Time to change all our "foo.ltframework" stuff back to "-framework foo"
+ compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+ finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+ ;;
+ esac
+
+
+ # move library search paths that coincide with paths to not yet
+ # installed libraries to the beginning of the library search list
+ new_libs=
+ for path in $notinst_path; do
+ case " $new_libs " in
+ *" -L$path/$objdir "*) ;;
+ *)
+ case " $compile_deplibs " in
+ *" -L$path/$objdir "*)
+ func_append new_libs " -L$path/$objdir" ;;
+ esac
+ ;;
+ esac
+ done
+ for deplib in $compile_deplibs; do
+ case $deplib in
+ -L*)
+ case " $new_libs " in
+ *" $deplib "*) ;;
+ *) func_append new_libs " $deplib" ;;
+ esac
+ ;;
+ *) func_append new_libs " $deplib" ;;
+ esac
+ done
+ compile_deplibs=$new_libs
+
+
+ func_append compile_command " $compile_deplibs"
+ func_append finalize_command " $finalize_deplibs"
+
+ if test -n "$rpath$xrpath"; then
+ # If the user specified any rpath flags, then add them.
+ for libdir in $rpath $xrpath; do
+ # This is the magic to use -rpath.
+ case "$finalize_rpath " in
+ *" $libdir "*) ;;
+ *) func_append finalize_rpath " $libdir" ;;
+ esac
+ done
+ fi
+
+ # Now hardcode the library paths
+ rpath=
+ hardcode_libdirs=
+ for libdir in $compile_rpath $finalize_rpath; do
+ if test -n "$hardcode_libdir_flag_spec"; then
+ if test -n "$hardcode_libdir_separator"; then
+ if test -z "$hardcode_libdirs"; then
+ hardcode_libdirs=$libdir
+ else
+ # Just accumulate the unique libdirs.
+ case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
+ *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+ ;;
+ *)
+ func_append hardcode_libdirs "$hardcode_libdir_separator$libdir"
+ ;;
+ esac
+ fi
+ else
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ func_append rpath " $flag"
+ fi
+ elif test -n "$runpath_var"; then
+ case "$perm_rpath " in
+ *" $libdir "*) ;;
+ *) func_append perm_rpath " $libdir" ;;
+ esac
+ fi
+ case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
+ testbindir=`$ECHO "$libdir" | $SED -e 's*/lib$*/bin*'`
+ case :$dllsearchpath: in
+ *":$libdir:"*) ;;
+ ::) dllsearchpath=$libdir;;
+ *) func_append dllsearchpath ":$libdir";;
+ esac
+ case :$dllsearchpath: in
+ *":$testbindir:"*) ;;
+ ::) dllsearchpath=$testbindir;;
+ *) func_append dllsearchpath ":$testbindir";;
+ esac
+ ;;
+ esac
+ done
+ # Substitute the hardcoded libdirs into the rpath.
+ if test -n "$hardcode_libdir_separator" &&
+ test -n "$hardcode_libdirs"; then
+ libdir=$hardcode_libdirs
+ eval rpath=\" $hardcode_libdir_flag_spec\"
+ fi
+ compile_rpath=$rpath
+
+ rpath=
+ hardcode_libdirs=
+ for libdir in $finalize_rpath; do
+ if test -n "$hardcode_libdir_flag_spec"; then
+ if test -n "$hardcode_libdir_separator"; then
+ if test -z "$hardcode_libdirs"; then
+ hardcode_libdirs=$libdir
+ else
+ # Just accumulate the unique libdirs.
+ case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
+ *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+ ;;
+ *)
+ func_append hardcode_libdirs "$hardcode_libdir_separator$libdir"
+ ;;
+ esac
+ fi
+ else
+ eval flag=\"$hardcode_libdir_flag_spec\"
+ func_append rpath " $flag"
+ fi
+ elif test -n "$runpath_var"; then
+ case "$finalize_perm_rpath " in
+ *" $libdir "*) ;;
+ *) func_append finalize_perm_rpath " $libdir" ;;
+ esac
+ fi
+ done
+ # Substitute the hardcoded libdirs into the rpath.
+ if test -n "$hardcode_libdir_separator" &&
+ test -n "$hardcode_libdirs"; then
+ libdir=$hardcode_libdirs
+ eval rpath=\" $hardcode_libdir_flag_spec\"
+ fi
+ finalize_rpath=$rpath
+
+ if test -n "$libobjs" && test yes = "$build_old_libs"; then
+ # Transform all the library objects into standard objects.
+ compile_command=`$ECHO "$compile_command" | $SP2NL | $SED "$lo2o" | $NL2SP`
+ finalize_command=`$ECHO "$finalize_command" | $SP2NL | $SED "$lo2o" | $NL2SP`
+ fi
+
+ func_generate_dlsyms "$outputname" "@PROGRAM@" false
+
+ # template prelinking step
+ if test -n "$prelink_cmds"; then
+ func_execute_cmds "$prelink_cmds" 'exit $?'
+ fi
+
+ wrappers_required=:
+ case $host in
+ *cegcc* | *mingw32ce*)
+ # Disable wrappers for cegcc and mingw32ce hosts, we are cross compiling anyway.
+ wrappers_required=false
+ ;;
+ *cygwin* | *mingw* )
+ test yes = "$build_libtool_libs" || wrappers_required=false
+ ;;
+ *)
+ if test no = "$need_relink" || test yes != "$build_libtool_libs"; then
+ wrappers_required=false
+ fi
+ ;;
+ esac
+ $wrappers_required || {
+ # Replace the output file specification.
+ compile_command=`$ECHO "$compile_command" | $SED 's%@OUTPUT@%'"$output"'%g'`
+ link_command=$compile_command$compile_rpath
+
+ # We have no uninstalled library dependencies, so finalize right now.
+ exit_status=0
+ func_show_eval "$link_command" 'exit_status=$?'
+
+ if test -n "$postlink_cmds"; then
+ func_to_tool_file "$output"
+ postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'`
+ func_execute_cmds "$postlink_cmds" 'exit $?'
+ fi
+
+ # Delete the generated files.
+ if test -f "$output_objdir/${outputname}S.$objext"; then
+ func_show_eval '$RM "$output_objdir/${outputname}S.$objext"'
+ fi
+
+ exit $exit_status
+ }
+
+ if test -n "$compile_shlibpath$finalize_shlibpath"; then
+ compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command"
+ fi
+ if test -n "$finalize_shlibpath"; then
+ finalize_command="$shlibpath_var=\"$finalize_shlibpath\$$shlibpath_var\" $finalize_command"
+ fi
+
+ compile_var=
+ finalize_var=
+ if test -n "$runpath_var"; then
+ if test -n "$perm_rpath"; then
+ # We should set the runpath_var.
+ rpath=
+ for dir in $perm_rpath; do
+ func_append rpath "$dir:"
+ done
+ compile_var="$runpath_var=\"$rpath\$$runpath_var\" "
+ fi
+ if test -n "$finalize_perm_rpath"; then
+ # We should set the runpath_var.
+ rpath=
+ for dir in $finalize_perm_rpath; do
+ func_append rpath "$dir:"
+ done
+ finalize_var="$runpath_var=\"$rpath\$$runpath_var\" "
+ fi
+ fi
+
+ if test yes = "$no_install"; then
+ # We don't need to create a wrapper script.
+ link_command=$compile_var$compile_command$compile_rpath
+ # Replace the output file specification.
+ link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output"'%g'`
+ # Delete the old output file.
+ $opt_dry_run || $RM $output
+ # Link the executable and exit
+ func_show_eval "$link_command" 'exit $?'
+
+ if test -n "$postlink_cmds"; then
+ func_to_tool_file "$output"
+ postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'`
+ func_execute_cmds "$postlink_cmds" 'exit $?'
+ fi
+
+ exit $EXIT_SUCCESS
+ fi
+
+ case $hardcode_action,$fast_install in
+ relink,*)
+ # Fast installation is not supported
+ link_command=$compile_var$compile_command$compile_rpath
+ relink_command=$finalize_var$finalize_command$finalize_rpath
+
+ func_warning "this platform does not like uninstalled shared libraries"
+ func_warning "'$output' will be relinked during installation"
+ ;;
+ *,yes)
+ link_command=$finalize_var$compile_command$finalize_rpath
+ relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'`
+ ;;
+ *,no)
+ link_command=$compile_var$compile_command$compile_rpath
+ relink_command=$finalize_var$finalize_command$finalize_rpath
+ ;;
+ *,needless)
+ link_command=$finalize_var$compile_command$finalize_rpath
+ relink_command=
+ ;;
+ esac
+
+ # Replace the output file specification.
+ link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'`
+
+ # Delete the old output files.
+ $opt_dry_run || $RM $output $output_objdir/$outputname $output_objdir/lt-$outputname
+
+ func_show_eval "$link_command" 'exit $?'
+
+ if test -n "$postlink_cmds"; then
+ func_to_tool_file "$output_objdir/$outputname"
+ postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'`
+ func_execute_cmds "$postlink_cmds" 'exit $?'
+ fi
+
+ # Now create the wrapper script.
+ func_verbose "creating $output"
+
+ # Quote the relink command for shipping.
+ if test -n "$relink_command"; then
+ # Preserve any variables that may affect compiler behavior
+ for var in $variables_saved_for_relink; do
+ if eval test -z \"\${$var+set}\"; then
+ relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command"
+ elif eval var_value=\$$var; test -z "$var_value"; then
+ relink_command="$var=; export $var; $relink_command"
+ else
+ func_quote_arg pretty "$var_value"
+ relink_command="$var=$func_quote_arg_result; export $var; $relink_command"
+ fi
+ done
+ func_quote eval cd "`pwd`"
+ func_quote_arg pretty,unquoted "($func_quote_result; $relink_command)"
+ relink_command=$func_quote_arg_unquoted_result
+ fi
+
+ # Only actually do things if not in dry run mode.
+ $opt_dry_run || {
+ # win32 will think the script is a binary if it has
+ # a .exe suffix, so we strip it off here.
+ case $output in
+ *.exe) func_stripname '' '.exe' "$output"
+ output=$func_stripname_result ;;
+ esac
+ # test for cygwin because mv fails w/o .exe extensions
+ case $host in
+ *cygwin*)
+ exeext=.exe
+ func_stripname '' '.exe' "$outputname"
+ outputname=$func_stripname_result ;;
+ *) exeext= ;;
+ esac
+ case $host in
+ *cygwin* | *mingw* )
+ func_dirname_and_basename "$output" "" "."
+ output_name=$func_basename_result
+ output_path=$func_dirname_result
+ cwrappersource=$output_path/$objdir/lt-$output_name.c
+ cwrapper=$output_path/$output_name.exe
+ $RM $cwrappersource $cwrapper
+ trap "$RM $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15
+
+ func_emit_cwrapperexe_src > $cwrappersource
+
+ # The wrapper executable is built using the $host compiler,
+ # because it contains $host paths and files. If cross-
+ # compiling, it, like the target executable, must be
+ # executed on the $host or under an emulation environment.
+ $opt_dry_run || {
+ $LTCC $LTCFLAGS -o $cwrapper $cwrappersource
+ $STRIP $cwrapper
+ }
+
+ # Now, create the wrapper script for func_source use:
+ func_ltwrapper_scriptname $cwrapper
+ $RM $func_ltwrapper_scriptname_result
+ trap "$RM $func_ltwrapper_scriptname_result; exit $EXIT_FAILURE" 1 2 15
+ $opt_dry_run || {
+ # note: this script will not be executed, so do not chmod.
+ if test "x$build" = "x$host"; then
+ $cwrapper --lt-dump-script > $func_ltwrapper_scriptname_result
+ else
+ func_emit_wrapper no > $func_ltwrapper_scriptname_result
+ fi
+ }
+ ;;
+ * )
+ $RM $output
+ trap "$RM $output; exit $EXIT_FAILURE" 1 2 15
+
+ func_emit_wrapper no > $output
+ chmod +x $output
+ ;;
+ esac
+ }
+ exit $EXIT_SUCCESS
+ ;;
+ esac
+
+ # See if we need to build an old-fashioned archive.
+ for oldlib in $oldlibs; do
+
+ case $build_libtool_libs in
+ convenience)
+ oldobjs="$libobjs_save $symfileobj"
+ addlibs=$convenience
+ build_libtool_libs=no
+ ;;
+ module)
+ oldobjs=$libobjs_save
+ addlibs=$old_convenience
+ build_libtool_libs=no
+ ;;
+ *)
+ oldobjs="$old_deplibs $non_pic_objects"
+ $preload && test -f "$symfileobj" \
+ && func_append oldobjs " $symfileobj"
+ addlibs=$old_convenience
+ ;;
+ esac
+
+ if test -n "$addlibs"; then
+ gentop=$output_objdir/${outputname}x
+ func_append generated " $gentop"
+
+ func_extract_archives $gentop $addlibs
+ func_append oldobjs " $func_extract_archives_result"
+ fi
+
+ # Do each command in the archive commands.
+ if test -n "$old_archive_from_new_cmds" && test yes = "$build_libtool_libs"; then
+ cmds=$old_archive_from_new_cmds
+ else
+
+ # Add any objects from preloaded convenience libraries
+ if test -n "$dlprefiles"; then
+ gentop=$output_objdir/${outputname}x
+ func_append generated " $gentop"
+
+ func_extract_archives $gentop $dlprefiles
+ func_append oldobjs " $func_extract_archives_result"
+ fi
+
+ # POSIX demands no paths to be encoded in archives. We have
+ # to avoid creating archives with duplicate basenames if we
+ # might have to extract them afterwards, e.g., when creating a
+ # static archive out of a convenience library, or when linking
+ # the entirety of a libtool archive into another (currently
+ # not supported by libtool).
+ if (for obj in $oldobjs
+ do
+ func_basename "$obj"
+ $ECHO "$func_basename_result"
+ done | sort | sort -uc >/dev/null 2>&1); then
+ :
+ else
+ echo "copying selected object files to avoid basename conflicts..."
+ gentop=$output_objdir/${outputname}x
+ func_append generated " $gentop"
+ func_mkdir_p "$gentop"
+ save_oldobjs=$oldobjs
+ oldobjs=
+ counter=1
+ for obj in $save_oldobjs
+ do
+ func_basename "$obj"
+ objbase=$func_basename_result
+ case " $oldobjs " in
+ " ") oldobjs=$obj ;;
+ *[\ /]"$objbase "*)
+ while :; do
+ # Make sure we don't pick an alternate name that also
+ # overlaps.
+ newobj=lt$counter-$objbase
+ func_arith $counter + 1
+ counter=$func_arith_result
+ case " $oldobjs " in
+ *[\ /]"$newobj "*) ;;
+ *) if test ! -f "$gentop/$newobj"; then break; fi ;;
+ esac
+ done
+ func_show_eval "ln $obj $gentop/$newobj || cp $obj $gentop/$newobj"
+ func_append oldobjs " $gentop/$newobj"
+ ;;
+ *) func_append oldobjs " $obj" ;;
+ esac
+ done
+ fi
+ func_to_tool_file "$oldlib" func_convert_file_msys_to_w32
+ tool_oldlib=$func_to_tool_file_result
+ eval cmds=\"$old_archive_cmds\"
+
+ func_len " $cmds"
+ len=$func_len_result
+ if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then
+ cmds=$old_archive_cmds
+ elif test -n "$archiver_list_spec"; then
+ func_verbose "using command file archive linking..."
+ for obj in $oldobjs
+ do
+ func_to_tool_file "$obj"
+ $ECHO "$func_to_tool_file_result"
+ done > $output_objdir/$libname.libcmd
+ func_to_tool_file "$output_objdir/$libname.libcmd"
+ oldobjs=" $archiver_list_spec$func_to_tool_file_result"
+ cmds=$old_archive_cmds
+ else
+ # the command line is too long to link in one step, link in parts
+ func_verbose "using piecewise archive linking..."
+ save_RANLIB=$RANLIB
+ RANLIB=:
+ objlist=
+ concat_cmds=
+ save_oldobjs=$oldobjs
+ oldobjs=
+ # Is there a better way of finding the last object in the list?
+ for obj in $save_oldobjs
+ do
+ last_oldobj=$obj
+ done
+ eval test_cmds=\"$old_archive_cmds\"
+ func_len " $test_cmds"
+ len0=$func_len_result
+ len=$len0
+ for obj in $save_oldobjs
+ do
+ func_len " $obj"
+ func_arith $len + $func_len_result
+ len=$func_arith_result
+ func_append objlist " $obj"
+ if test "$len" -lt "$max_cmd_len"; then
+ :
+ else
+ # the above command should be used before it gets too long
+ oldobjs=$objlist
+ if test "$obj" = "$last_oldobj"; then
+ RANLIB=$save_RANLIB
+ fi
+ test -z "$concat_cmds" || concat_cmds=$concat_cmds~
+ eval concat_cmds=\"\$concat_cmds$old_archive_cmds\"
+ objlist=
+ len=$len0
+ fi
+ done
+ RANLIB=$save_RANLIB
+ oldobjs=$objlist
+ if test -z "$oldobjs"; then
+ eval cmds=\"\$concat_cmds\"
+ else
+ eval cmds=\"\$concat_cmds~\$old_archive_cmds\"
+ fi
+ fi
+ fi
+ func_execute_cmds "$cmds" 'exit $?'
+ done
+
+ test -n "$generated" && \
+ func_show_eval "${RM}r$generated"
+
+ # Now create the libtool archive.
+ case $output in
+ *.la)
+ old_library=
+ test yes = "$build_old_libs" && old_library=$libname.$libext
+ func_verbose "creating $output"
+
+ # Preserve any variables that may affect compiler behavior
+ for var in $variables_saved_for_relink; do
+ if eval test -z \"\${$var+set}\"; then
+ relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command"
+ elif eval var_value=\$$var; test -z "$var_value"; then
+ relink_command="$var=; export $var; $relink_command"
+ else
+ func_quote_arg pretty,unquoted "$var_value"
+ relink_command="$var=$func_quote_arg_unquoted_result; export $var; $relink_command"
+ fi
+ done
+ # Quote the link command for shipping.
+ func_quote eval cd "`pwd`"
+ relink_command="($func_quote_result; $SHELL \"$progpath\" $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)"
+ func_quote_arg pretty,unquoted "$relink_command"
+ relink_command=$func_quote_arg_unquoted_result
+ if test yes = "$hardcode_automatic"; then
+ relink_command=
+ fi
+
+ # Only create the output if not a dry run.
+ $opt_dry_run || {
+ for installed in no yes; do
+ if test yes = "$installed"; then
+ if test -z "$install_libdir"; then
+ break
+ fi
+ output=$output_objdir/${outputname}i
+ # Replace all uninstalled libtool libraries with the installed ones
+ newdependency_libs=
+ for deplib in $dependency_libs; do
+ case $deplib in
+ *.la)
+ func_basename "$deplib"
+ name=$func_basename_result
+ func_resolve_sysroot "$deplib"
+ eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result`
+ test -z "$libdir" && \
+ func_fatal_error "'$deplib' is not a valid libtool archive"
+ func_append newdependency_libs " ${lt_sysroot:+=}$libdir/$name"
+ ;;
+ -L*)
+ func_stripname -L '' "$deplib"
+ func_replace_sysroot "$func_stripname_result"
+ func_append newdependency_libs " -L$func_replace_sysroot_result"
+ ;;
+ -R*)
+ func_stripname -R '' "$deplib"
+ func_replace_sysroot "$func_stripname_result"
+ func_append newdependency_libs " -R$func_replace_sysroot_result"
+ ;;
+ *) func_append newdependency_libs " $deplib" ;;
+ esac
+ done
+ dependency_libs=$newdependency_libs
+ newdlfiles=
+
+ for lib in $dlfiles; do
+ case $lib in
+ *.la)
+ func_basename "$lib"
+ name=$func_basename_result
+ eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $lib`
+ test -z "$libdir" && \
+ func_fatal_error "'$lib' is not a valid libtool archive"
+ func_append newdlfiles " ${lt_sysroot:+=}$libdir/$name"
+ ;;
+ *) func_append newdlfiles " $lib" ;;
+ esac
+ done
+ dlfiles=$newdlfiles
+ newdlprefiles=
+ for lib in $dlprefiles; do
+ case $lib in
+ *.la)
+ # Only pass preopened files to the pseudo-archive (for
+ # eventual linking with the app. that links it) if we
+ # didn't already link the preopened objects directly into
+ # the library:
+ func_basename "$lib"
+ name=$func_basename_result
+ eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $lib`
+ test -z "$libdir" && \
+ func_fatal_error "'$lib' is not a valid libtool archive"
+ func_append newdlprefiles " ${lt_sysroot:+=}$libdir/$name"
+ ;;
+ esac
+ done
+ dlprefiles=$newdlprefiles
+ else
+ newdlfiles=
+ for lib in $dlfiles; do
+ case $lib in
+ [\\/]* | [A-Za-z]:[\\/]*) abs=$lib ;;
+ *) abs=`pwd`"/$lib" ;;
+ esac
+ func_append newdlfiles " $abs"
+ done
+ dlfiles=$newdlfiles
+ newdlprefiles=
+ for lib in $dlprefiles; do
+ case $lib in
+ [\\/]* | [A-Za-z]:[\\/]*) abs=$lib ;;
+ *) abs=`pwd`"/$lib" ;;
+ esac
+ func_append newdlprefiles " $abs"
+ done
+ dlprefiles=$newdlprefiles
+ fi
+ $RM $output
+ # place dlname in correct position for cygwin
+ # In fact, it would be nice if we could use this code for all target
+ # systems that can't hard-code library paths into their executables
+ # and that have no shared library path variable independent of PATH,
+ # but it turns out we can't easily determine that from inspecting
+ # libtool variables, so we have to hard-code the OSs to which it
+ # applies here; at the moment, that means platforms that use the PE
+ # object format with DLL files. See the long comment at the top of
+ # tests/bindir.at for full details.
+ tdlname=$dlname
+ case $host,$output,$installed,$module,$dlname in
+ *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll)
+ # If a -bindir argument was supplied, place the dll there.
+ if test -n "$bindir"; then
+ func_relative_path "$install_libdir" "$bindir"
+ tdlname=$func_relative_path_result/$dlname
+ else
+ # Otherwise fall back on heuristic.
+ tdlname=../bin/$dlname
+ fi
+ ;;
+ esac
+ $ECHO > $output "\
+# $outputname - a libtool library file
+# Generated by $PROGRAM (GNU $PACKAGE) $VERSION
+#
+# Please DO NOT delete this file!
+# It is necessary for linking the library.
+
+# The name that we can dlopen(3).
+dlname='$tdlname'
+
+# Names of this library.
+library_names='$library_names'
+
+# The name of the static archive.
+old_library='$old_library'
+
+# Linker flags that cannot go in dependency_libs.
+inherited_linker_flags='$new_inherited_linker_flags'
+
+# Libraries that this one depends upon.
+dependency_libs='$dependency_libs'
+
+# Names of additional weak libraries provided by this library
+weak_library_names='$weak_libs'
+
+# Version information for $libname.
+current=$current
+age=$age
+revision=$revision
+
+# Is this an already installed library?
+installed=$installed
+
+# Should we warn about portability when linking against -modules?
+shouldnotlink=$module
+
+# Files to dlopen/dlpreopen
+dlopen='$dlfiles'
+dlpreopen='$dlprefiles'
+
+# Directory that this library needs to be installed in:
+libdir='$install_libdir'"
+ if test no,yes = "$installed,$need_relink"; then
+ $ECHO >> $output "\
+relink_command=\"$relink_command\""
+ fi
+ done
+ }
+
+ # Do a symbolic link so that the libtool archive can be found in
+ # LD_LIBRARY_PATH before the program is installed.
+ func_show_eval '( cd "$output_objdir" && $RM "$outputname" && $LN_S "../$outputname" "$outputname" )' 'exit $?'
+ ;;
+ esac
+ exit $EXIT_SUCCESS
+}
+
+if test link = "$opt_mode" || test relink = "$opt_mode"; then
+ func_mode_link ${1+"$@"}
+fi
+
+
+# func_mode_uninstall arg...
+func_mode_uninstall ()
+{
+ $debug_cmd
+
+ RM=$nonopt
+ files=
+ rmforce=false
+ exit_status=0
+
+ # This variable tells wrapper scripts just to set variables rather
+ # than running their programs.
+ libtool_install_magic=$magic
+
+ for arg
+ do
+ case $arg in
+ -f) func_append RM " $arg"; rmforce=: ;;
+ -*) func_append RM " $arg" ;;
+ *) func_append files " $arg" ;;
+ esac
+ done
+
+ test -z "$RM" && \
+ func_fatal_help "you must specify an RM program"
+
+ rmdirs=
+
+ for file in $files; do
+ func_dirname "$file" "" "."
+ dir=$func_dirname_result
+ if test . = "$dir"; then
+ odir=$objdir
+ else
+ odir=$dir/$objdir
+ fi
+ func_basename "$file"
+ name=$func_basename_result
+ test uninstall = "$opt_mode" && odir=$dir
+
+ # Remember odir for removal later, being careful to avoid duplicates
+ if test clean = "$opt_mode"; then
+ case " $rmdirs " in
+ *" $odir "*) ;;
+ *) func_append rmdirs " $odir" ;;
+ esac
+ fi
+
+ # Don't error if the file doesn't exist and rm -f was used.
+ if { test -L "$file"; } >/dev/null 2>&1 ||
+ { test -h "$file"; } >/dev/null 2>&1 ||
+ test -f "$file"; then
+ :
+ elif test -d "$file"; then
+ exit_status=1
+ continue
+ elif $rmforce; then
+ continue
+ fi
+
+ rmfiles=$file
+
+ case $name in
+ *.la)
+ # Possibly a libtool archive, so verify it.
+ if func_lalib_p "$file"; then
+ func_source $dir/$name
+
+ # Delete the libtool libraries and symlinks.
+ for n in $library_names; do
+ func_append rmfiles " $odir/$n"
+ done
+ test -n "$old_library" && func_append rmfiles " $odir/$old_library"
+
+ case $opt_mode in
+ clean)
+ case " $library_names " in
+ *" $dlname "*) ;;
+ *) test -n "$dlname" && func_append rmfiles " $odir/$dlname" ;;
+ esac
+ test -n "$libdir" && func_append rmfiles " $odir/$name $odir/${name}i"
+ ;;
+ uninstall)
+ if test -n "$library_names"; then
+ # Do each command in the postuninstall commands.
+ func_execute_cmds "$postuninstall_cmds" '$rmforce || exit_status=1'
+ fi
+
+ if test -n "$old_library"; then
+ # Do each command in the old_postuninstall commands.
+ func_execute_cmds "$old_postuninstall_cmds" '$rmforce || exit_status=1'
+ fi
+ # FIXME: should reinstall the best remaining shared library.
+ ;;
+ esac
+ fi
+ ;;
+
+ *.lo)
+ # Possibly a libtool object, so verify it.
+ if func_lalib_p "$file"; then
+
+ # Read the .lo file
+ func_source $dir/$name
+
+ # Add PIC object to the list of files to remove.
+ if test -n "$pic_object" && test none != "$pic_object"; then
+ func_append rmfiles " $dir/$pic_object"
+ fi
+
+ # Add non-PIC object to the list of files to remove.
+ if test -n "$non_pic_object" && test none != "$non_pic_object"; then
+ func_append rmfiles " $dir/$non_pic_object"
+ fi
+ fi
+ ;;
+
+ *)
+ if test clean = "$opt_mode"; then
+ noexename=$name
+ case $file in
+ *.exe)
+ func_stripname '' '.exe' "$file"
+ file=$func_stripname_result
+ func_stripname '' '.exe' "$name"
+ noexename=$func_stripname_result
+ # $file with .exe has already been added to rmfiles,
+ # add $file without .exe
+ func_append rmfiles " $file"
+ ;;
+ esac
+ # Do a test to see if this is a libtool program.
+ if func_ltwrapper_p "$file"; then
+ if func_ltwrapper_executable_p "$file"; then
+ func_ltwrapper_scriptname "$file"
+ relink_command=
+ func_source $func_ltwrapper_scriptname_result
+ func_append rmfiles " $func_ltwrapper_scriptname_result"
+ else
+ relink_command=
+ func_source $dir/$noexename
+ fi
+
+ # note $name still contains .exe if it was in $file originally
+ # as does the version of $file that was added into $rmfiles
+ func_append rmfiles " $odir/$name $odir/${name}S.$objext"
+ if test yes = "$fast_install" && test -n "$relink_command"; then
+ func_append rmfiles " $odir/lt-$name"
+ fi
+ if test "X$noexename" != "X$name"; then
+ func_append rmfiles " $odir/lt-$noexename.c"
+ fi
+ fi
+ fi
+ ;;
+ esac
+ func_show_eval "$RM $rmfiles" 'exit_status=1'
+ done
+
+ # Try to remove the $objdir's in the directories where we deleted files
+ for dir in $rmdirs; do
+ if test -d "$dir"; then
+ func_show_eval "rmdir $dir >/dev/null 2>&1"
+ fi
+ done
+
+ exit $exit_status
+}
+
+if test uninstall = "$opt_mode" || test clean = "$opt_mode"; then
+ func_mode_uninstall ${1+"$@"}
+fi
+
+test -z "$opt_mode" && {
+ help=$generic_help
+ func_fatal_help "you must specify a MODE"
+}
+
+test -z "$exec_cmd" && \
+ func_fatal_help "invalid operation mode '$opt_mode'"
+
+if test -n "$exec_cmd"; then
+ eval exec "$exec_cmd"
+ exit $EXIT_FAILURE
+fi
+
+exit $exit_status
+
+
+# The TAGs below are defined such that we never get into a situation
+# where we disable both kinds of libraries. Given conflicting
+# choices, we go for a static library, that is the most portable,
+# since we can't tell whether shared libraries were disabled because
+# the user asked for that or because the platform doesn't support
+# them. This is particularly important on AIX, because we don't
+# support having both static and shared libraries enabled at the same
+# time on that platform, so we default to a shared-only configuration.
+# If a disable-shared tag is given, we'll fallback to a static-only
+# configuration. But we'll never go from static-only to shared-only.
+
+# ### BEGIN LIBTOOL TAG CONFIG: disable-shared
+build_libtool_libs=no
+build_old_libs=yes
+# ### END LIBTOOL TAG CONFIG: disable-shared
+
+# ### BEGIN LIBTOOL TAG CONFIG: disable-static
+build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac`
+# ### END LIBTOOL TAG CONFIG: disable-static
+
+# Local Variables:
+# mode:shell-script
+# sh-indentation:2
+# End:
--- /dev/null
+# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
+#
+# Copyright (C) 1996-2001, 2003-2019, 2021-2022 Free Software
+# Foundation, Inc.
+# Written by Gordon Matzigkeit, 1996
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+m4_define([_LT_COPYING], [dnl
+# Copyright (C) 2014 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions. There is NO
+# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+# GNU Libtool is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of of the License, or
+# (at your option) any later version.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program or library that is built
+# using GNU Libtool, you may include this file under the same
+# distribution terms that you use for the rest of that program.
+#
+# GNU Libtool is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+])
+
+# serial 59 LT_INIT
+
+
+# LT_PREREQ(VERSION)
+# ------------------
+# Complain and exit if this libtool version is less that VERSION.
+m4_defun([LT_PREREQ],
+[m4_if(m4_version_compare(m4_defn([LT_PACKAGE_VERSION]), [$1]), -1,
+ [m4_default([$3],
+ [m4_fatal([Libtool version $1 or higher is required],
+ 63)])],
+ [$2])])
+
+
+# _LT_CHECK_BUILDDIR
+# ------------------
+# Complain if the absolute build directory name contains unusual characters
+m4_defun([_LT_CHECK_BUILDDIR],
+[case `pwd` in
+ *\ * | *\ *)
+ AC_MSG_WARN([Libtool does not cope well with whitespace in `pwd`]) ;;
+esac
+])
+
+
+# LT_INIT([OPTIONS])
+# ------------------
+AC_DEFUN([LT_INIT],
+[AC_PREREQ([2.62])dnl We use AC_PATH_PROGS_FEATURE_CHECK
+AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl
+AC_BEFORE([$0], [LT_LANG])dnl
+AC_BEFORE([$0], [LT_OUTPUT])dnl
+AC_BEFORE([$0], [LTDL_INIT])dnl
+m4_require([_LT_CHECK_BUILDDIR])dnl
+
+dnl Autoconf doesn't catch unexpanded LT_ macros by default:
+m4_pattern_forbid([^_?LT_[A-Z_]+$])dnl
+m4_pattern_allow([^(_LT_EOF|LT_DLGLOBAL|LT_DLLAZY_OR_NOW|LT_MULTI_MODULE)$])dnl
+dnl aclocal doesn't pull ltoptions.m4, ltsugar.m4, or ltversion.m4
+dnl unless we require an AC_DEFUNed macro:
+AC_REQUIRE([LTOPTIONS_VERSION])dnl
+AC_REQUIRE([LTSUGAR_VERSION])dnl
+AC_REQUIRE([LTVERSION_VERSION])dnl
+AC_REQUIRE([LTOBSOLETE_VERSION])dnl
+m4_require([_LT_PROG_LTMAIN])dnl
+
+_LT_SHELL_INIT([SHELL=${CONFIG_SHELL-/bin/sh}])
+
+dnl Parse OPTIONS
+_LT_SET_OPTIONS([$0], [$1])
+
+# This can be used to rebuild libtool when needed
+LIBTOOL_DEPS=$ltmain
+
+# Always use our own libtool.
+LIBTOOL='$(SHELL) $(top_builddir)/libtool'
+AC_SUBST(LIBTOOL)dnl
+
+_LT_SETUP
+
+# Only expand once:
+m4_define([LT_INIT])
+])# LT_INIT
+
+# Old names:
+AU_ALIAS([AC_PROG_LIBTOOL], [LT_INIT])
+AU_ALIAS([AM_PROG_LIBTOOL], [LT_INIT])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_PROG_LIBTOOL], [])
+dnl AC_DEFUN([AM_PROG_LIBTOOL], [])
+
+
+# _LT_PREPARE_CC_BASENAME
+# -----------------------
+m4_defun([_LT_PREPARE_CC_BASENAME], [
+# Calculate cc_basename. Skip known compiler wrappers and cross-prefix.
+func_cc_basename ()
+{
+ for cc_temp in @S|@*""; do
+ case $cc_temp in
+ compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;;
+ distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+ done
+ func_cc_basename_result=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"`
+}
+])# _LT_PREPARE_CC_BASENAME
+
+
+# _LT_CC_BASENAME(CC)
+# -------------------
+# It would be clearer to call AC_REQUIREs from _LT_PREPARE_CC_BASENAME,
+# but that macro is also expanded into generated libtool script, which
+# arranges for $SED and $ECHO to be set by different means.
+m4_defun([_LT_CC_BASENAME],
+[m4_require([_LT_PREPARE_CC_BASENAME])dnl
+AC_REQUIRE([_LT_DECL_SED])dnl
+AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl
+func_cc_basename $1
+cc_basename=$func_cc_basename_result
+])
+
+
+# _LT_FILEUTILS_DEFAULTS
+# ----------------------
+# It is okay to use these file commands and assume they have been set
+# sensibly after 'm4_require([_LT_FILEUTILS_DEFAULTS])'.
+m4_defun([_LT_FILEUTILS_DEFAULTS],
+[: ${CP="cp -f"}
+: ${MV="mv -f"}
+: ${RM="rm -f"}
+])# _LT_FILEUTILS_DEFAULTS
+
+
+# _LT_SETUP
+# ---------
+m4_defun([_LT_SETUP],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl
+AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl
+
+_LT_DECL([], [PATH_SEPARATOR], [1], [The PATH separator for the build system])dnl
+dnl
+_LT_DECL([], [host_alias], [0], [The host system])dnl
+_LT_DECL([], [host], [0])dnl
+_LT_DECL([], [host_os], [0])dnl
+dnl
+_LT_DECL([], [build_alias], [0], [The build system])dnl
+_LT_DECL([], [build], [0])dnl
+_LT_DECL([], [build_os], [0])dnl
+dnl
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([LT_PATH_LD])dnl
+AC_REQUIRE([LT_PATH_NM])dnl
+dnl
+AC_REQUIRE([AC_PROG_LN_S])dnl
+test -z "$LN_S" && LN_S="ln -s"
+_LT_DECL([], [LN_S], [1], [Whether we need soft or hard links])dnl
+dnl
+AC_REQUIRE([LT_CMD_MAX_LEN])dnl
+_LT_DECL([objext], [ac_objext], [0], [Object file suffix (normally "o")])dnl
+_LT_DECL([], [exeext], [0], [Executable file suffix (normally "")])dnl
+dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_CHECK_SHELL_FEATURES])dnl
+m4_require([_LT_PATH_CONVERSION_FUNCTIONS])dnl
+m4_require([_LT_CMD_RELOAD])dnl
+m4_require([_LT_DECL_FILECMD])dnl
+m4_require([_LT_CHECK_MAGIC_METHOD])dnl
+m4_require([_LT_CHECK_SHAREDLIB_FROM_LINKLIB])dnl
+m4_require([_LT_CMD_OLD_ARCHIVE])dnl
+m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl
+m4_require([_LT_WITH_SYSROOT])dnl
+m4_require([_LT_CMD_TRUNCATE])dnl
+
+_LT_CONFIG_LIBTOOL_INIT([
+# See if we are running on zsh, and set the options that allow our
+# commands through without removal of \ escapes INIT.
+if test -n "\${ZSH_VERSION+set}"; then
+ setopt NO_GLOB_SUBST
+fi
+])
+if test -n "${ZSH_VERSION+set}"; then
+ setopt NO_GLOB_SUBST
+fi
+
+_LT_CHECK_OBJDIR
+
+m4_require([_LT_TAG_COMPILER])dnl
+
+case $host_os in
+aix3*)
+ # AIX sometimes has problems with the GCC collect2 program. For some
+ # reason, if we set the COLLECT_NAMES environment variable, the problems
+ # vanish in a puff of smoke.
+ if test set != "${COLLECT_NAMES+set}"; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+ fi
+ ;;
+esac
+
+# Global variables:
+ofile=libtool
+can_build_shared=yes
+
+# All known linkers require a '.a' archive for static linking (except MSVC and
+# ICC, which need '.lib').
+libext=a
+
+with_gnu_ld=$lt_cv_prog_gnu_ld
+
+old_CC=$CC
+old_CFLAGS=$CFLAGS
+
+# Set sane defaults for various variables
+test -z "$CC" && CC=cc
+test -z "$LTCC" && LTCC=$CC
+test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS
+test -z "$LD" && LD=ld
+test -z "$ac_objext" && ac_objext=o
+
+_LT_CC_BASENAME([$compiler])
+
+# Only perform the check for file, if the check method requires it
+test -z "$MAGIC_CMD" && MAGIC_CMD=file
+case $deplibs_check_method in
+file_magic*)
+ if test "$file_magic_cmd" = '$MAGIC_CMD'; then
+ _LT_PATH_MAGIC
+ fi
+ ;;
+esac
+
+# Use C for the default configuration in the libtool script
+LT_SUPPORTED_TAG([CC])
+_LT_LANG_C_CONFIG
+_LT_LANG_DEFAULT_CONFIG
+_LT_CONFIG_COMMANDS
+])# _LT_SETUP
+
+
+# _LT_PREPARE_SED_QUOTE_VARS
+# --------------------------
+# Define a few sed substitution that help us do robust quoting.
+m4_defun([_LT_PREPARE_SED_QUOTE_VARS],
+[# Backslashify metacharacters that are still active within
+# double-quoted strings.
+sed_quote_subst='s/\([["`$\\]]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\([["`\\]]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to delay expansion of an escaped single quote.
+delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+])
+
+# _LT_PROG_LTMAIN
+# ---------------
+# Note that this code is called both from 'configure', and 'config.status'
+# now that we use AC_CONFIG_COMMANDS to generate libtool. Notably,
+# 'config.status' has no value for ac_aux_dir unless we are using Automake,
+# so we pass a copy along to make sure it has a sensible value anyway.
+m4_defun([_LT_PROG_LTMAIN],
+[m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([ltmain.sh])])dnl
+_LT_CONFIG_LIBTOOL_INIT([ac_aux_dir='$ac_aux_dir'])
+ltmain=$ac_aux_dir/ltmain.sh
+])# _LT_PROG_LTMAIN
+
+
+## ------------------------------------- ##
+## Accumulate code for creating libtool. ##
+## ------------------------------------- ##
+
+# So that we can recreate a full libtool script including additional
+# tags, we accumulate the chunks of code to send to AC_CONFIG_COMMANDS
+# in macros and then make a single call at the end using the 'libtool'
+# label.
+
+
+# _LT_CONFIG_LIBTOOL_INIT([INIT-COMMANDS])
+# ----------------------------------------
+# Register INIT-COMMANDS to be passed to AC_CONFIG_COMMANDS later.
+m4_define([_LT_CONFIG_LIBTOOL_INIT],
+[m4_ifval([$1],
+ [m4_append([_LT_OUTPUT_LIBTOOL_INIT],
+ [$1
+])])])
+
+# Initialize.
+m4_define([_LT_OUTPUT_LIBTOOL_INIT])
+
+
+# _LT_CONFIG_LIBTOOL([COMMANDS])
+# ------------------------------
+# Register COMMANDS to be passed to AC_CONFIG_COMMANDS later.
+m4_define([_LT_CONFIG_LIBTOOL],
+[m4_ifval([$1],
+ [m4_append([_LT_OUTPUT_LIBTOOL_COMMANDS],
+ [$1
+])])])
+
+# Initialize.
+m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS])
+
+
+# _LT_CONFIG_SAVE_COMMANDS([COMMANDS], [INIT_COMMANDS])
+# -----------------------------------------------------
+m4_defun([_LT_CONFIG_SAVE_COMMANDS],
+[_LT_CONFIG_LIBTOOL([$1])
+_LT_CONFIG_LIBTOOL_INIT([$2])
+])
+
+
+# _LT_FORMAT_COMMENT([COMMENT])
+# -----------------------------
+# Add leading comment marks to the start of each line, and a trailing
+# full-stop to the whole comment if one is not present already.
+m4_define([_LT_FORMAT_COMMENT],
+[m4_ifval([$1], [
+m4_bpatsubst([m4_bpatsubst([$1], [^ *], [# ])],
+ [['`$\]], [\\\&])]m4_bmatch([$1], [[!?.]$], [], [.])
+)])
+
+
+
+## ------------------------ ##
+## FIXME: Eliminate VARNAME ##
+## ------------------------ ##
+
+
+# _LT_DECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION], [IS-TAGGED?])
+# -------------------------------------------------------------------
+# CONFIGNAME is the name given to the value in the libtool script.
+# VARNAME is the (base) name used in the configure script.
+# VALUE may be 0, 1 or 2 for a computed quote escaped value based on
+# VARNAME. Any other value will be used directly.
+m4_define([_LT_DECL],
+[lt_if_append_uniq([lt_decl_varnames], [$2], [, ],
+ [lt_dict_add_subkey([lt_decl_dict], [$2], [libtool_name],
+ [m4_ifval([$1], [$1], [$2])])
+ lt_dict_add_subkey([lt_decl_dict], [$2], [value], [$3])
+ m4_ifval([$4],
+ [lt_dict_add_subkey([lt_decl_dict], [$2], [description], [$4])])
+ lt_dict_add_subkey([lt_decl_dict], [$2],
+ [tagged?], [m4_ifval([$5], [yes], [no])])])
+])
+
+
+# _LT_TAGDECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION])
+# --------------------------------------------------------
+m4_define([_LT_TAGDECL], [_LT_DECL([$1], [$2], [$3], [$4], [yes])])
+
+
+# lt_decl_tag_varnames([SEPARATOR], [VARNAME1...])
+# ------------------------------------------------
+m4_define([lt_decl_tag_varnames],
+[_lt_decl_filter([tagged?], [yes], $@)])
+
+
+# _lt_decl_filter(SUBKEY, VALUE, [SEPARATOR], [VARNAME1..])
+# ---------------------------------------------------------
+m4_define([_lt_decl_filter],
+[m4_case([$#],
+ [0], [m4_fatal([$0: too few arguments: $#])],
+ [1], [m4_fatal([$0: too few arguments: $#: $1])],
+ [2], [lt_dict_filter([lt_decl_dict], [$1], [$2], [], lt_decl_varnames)],
+ [3], [lt_dict_filter([lt_decl_dict], [$1], [$2], [$3], lt_decl_varnames)],
+ [lt_dict_filter([lt_decl_dict], $@)])[]dnl
+])
+
+
+# lt_decl_quote_varnames([SEPARATOR], [VARNAME1...])
+# --------------------------------------------------
+m4_define([lt_decl_quote_varnames],
+[_lt_decl_filter([value], [1], $@)])
+
+
+# lt_decl_dquote_varnames([SEPARATOR], [VARNAME1...])
+# ---------------------------------------------------
+m4_define([lt_decl_dquote_varnames],
+[_lt_decl_filter([value], [2], $@)])
+
+
+# lt_decl_varnames_tagged([SEPARATOR], [VARNAME1...])
+# ---------------------------------------------------
+m4_define([lt_decl_varnames_tagged],
+[m4_assert([$# <= 2])dnl
+_$0(m4_quote(m4_default([$1], [[, ]])),
+ m4_ifval([$2], [[$2]], [m4_dquote(lt_decl_tag_varnames)]),
+ m4_split(m4_normalize(m4_quote(_LT_TAGS)), [ ]))])
+m4_define([_lt_decl_varnames_tagged],
+[m4_ifval([$3], [lt_combine([$1], [$2], [_], $3)])])
+
+
+# lt_decl_all_varnames([SEPARATOR], [VARNAME1...])
+# ------------------------------------------------
+m4_define([lt_decl_all_varnames],
+[_$0(m4_quote(m4_default([$1], [[, ]])),
+ m4_if([$2], [],
+ m4_quote(lt_decl_varnames),
+ m4_quote(m4_shift($@))))[]dnl
+])
+m4_define([_lt_decl_all_varnames],
+[lt_join($@, lt_decl_varnames_tagged([$1],
+ lt_decl_tag_varnames([[, ]], m4_shift($@))))dnl
+])
+
+
+# _LT_CONFIG_STATUS_DECLARE([VARNAME])
+# ------------------------------------
+# Quote a variable value, and forward it to 'config.status' so that its
+# declaration there will have the same value as in 'configure'. VARNAME
+# must have a single quote delimited value for this to work.
+m4_define([_LT_CONFIG_STATUS_DECLARE],
+[$1='`$ECHO "$][$1" | $SED "$delay_single_quote_subst"`'])
+
+
+# _LT_CONFIG_STATUS_DECLARATIONS
+# ------------------------------
+# We delimit libtool config variables with single quotes, so when
+# we write them to config.status, we have to be sure to quote all
+# embedded single quotes properly. In configure, this macro expands
+# each variable declared with _LT_DECL (and _LT_TAGDECL) into:
+#
+# <var>='`$ECHO "$<var>" | $SED "$delay_single_quote_subst"`'
+m4_defun([_LT_CONFIG_STATUS_DECLARATIONS],
+[m4_foreach([_lt_var], m4_quote(lt_decl_all_varnames),
+ [m4_n([_LT_CONFIG_STATUS_DECLARE(_lt_var)])])])
+
+
+# _LT_LIBTOOL_TAGS
+# ----------------
+# Output comment and list of tags supported by the script
+m4_defun([_LT_LIBTOOL_TAGS],
+[_LT_FORMAT_COMMENT([The names of the tagged configurations supported by this script])dnl
+available_tags='_LT_TAGS'dnl
+])
+
+
+# _LT_LIBTOOL_DECLARE(VARNAME, [TAG])
+# -----------------------------------
+# Extract the dictionary values for VARNAME (optionally with TAG) and
+# expand to a commented shell variable setting:
+#
+# # Some comment about what VAR is for.
+# visible_name=$lt_internal_name
+m4_define([_LT_LIBTOOL_DECLARE],
+[_LT_FORMAT_COMMENT(m4_quote(lt_dict_fetch([lt_decl_dict], [$1],
+ [description])))[]dnl
+m4_pushdef([_libtool_name],
+ m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [libtool_name])))[]dnl
+m4_case(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [value])),
+ [0], [_libtool_name=[$]$1],
+ [1], [_libtool_name=$lt_[]$1],
+ [2], [_libtool_name=$lt_[]$1],
+ [_libtool_name=lt_dict_fetch([lt_decl_dict], [$1], [value])])[]dnl
+m4_ifval([$2], [_$2])[]m4_popdef([_libtool_name])[]dnl
+])
+
+
+# _LT_LIBTOOL_CONFIG_VARS
+# -----------------------
+# Produce commented declarations of non-tagged libtool config variables
+# suitable for insertion in the LIBTOOL CONFIG section of the 'libtool'
+# script. Tagged libtool config variables (even for the LIBTOOL CONFIG
+# section) are produced by _LT_LIBTOOL_TAG_VARS.
+m4_defun([_LT_LIBTOOL_CONFIG_VARS],
+[m4_foreach([_lt_var],
+ m4_quote(_lt_decl_filter([tagged?], [no], [], lt_decl_varnames)),
+ [m4_n([_LT_LIBTOOL_DECLARE(_lt_var)])])])
+
+
+# _LT_LIBTOOL_TAG_VARS(TAG)
+# -------------------------
+m4_define([_LT_LIBTOOL_TAG_VARS],
+[m4_foreach([_lt_var], m4_quote(lt_decl_tag_varnames),
+ [m4_n([_LT_LIBTOOL_DECLARE(_lt_var, [$1])])])])
+
+
+# _LT_TAGVAR(VARNAME, [TAGNAME])
+# ------------------------------
+m4_define([_LT_TAGVAR], [m4_ifval([$2], [$1_$2], [$1])])
+
+
+# _LT_CONFIG_COMMANDS
+# -------------------
+# Send accumulated output to $CONFIG_STATUS. Thanks to the lists of
+# variables for single and double quote escaping we saved from calls
+# to _LT_DECL, we can put quote escaped variables declarations
+# into 'config.status', and then the shell code to quote escape them in
+# for loops in 'config.status'. Finally, any additional code accumulated
+# from calls to _LT_CONFIG_LIBTOOL_INIT is expanded.
+m4_defun([_LT_CONFIG_COMMANDS],
+[AC_PROVIDE_IFELSE([LT_OUTPUT],
+ dnl If the libtool generation code has been placed in $CONFIG_LT,
+ dnl instead of duplicating it all over again into config.status,
+ dnl then we will have config.status run $CONFIG_LT later, so it
+ dnl needs to know what name is stored there:
+ [AC_CONFIG_COMMANDS([libtool],
+ [$SHELL $CONFIG_LT || AS_EXIT(1)], [CONFIG_LT='$CONFIG_LT'])],
+ dnl If the libtool generation code is destined for config.status,
+ dnl expand the accumulated commands and init code now:
+ [AC_CONFIG_COMMANDS([libtool],
+ [_LT_OUTPUT_LIBTOOL_COMMANDS], [_LT_OUTPUT_LIBTOOL_COMMANDS_INIT])])
+])#_LT_CONFIG_COMMANDS
+
+
+# Initialize.
+m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS_INIT],
+[
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+sed_quote_subst='$sed_quote_subst'
+double_quote_subst='$double_quote_subst'
+delay_variable_subst='$delay_variable_subst'
+_LT_CONFIG_STATUS_DECLARATIONS
+LTCC='$LTCC'
+LTCFLAGS='$LTCFLAGS'
+compiler='$compiler_DEFAULT'
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+ eval 'cat <<_LTECHO_EOF
+\$[]1
+_LTECHO_EOF'
+}
+
+# Quote evaled strings.
+for var in lt_decl_all_varnames([[ \
+]], lt_decl_quote_varnames); do
+ case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
+ *[[\\\\\\\`\\"\\\$]]*)
+ eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" ## exclude from sc_prohibit_nested_quotes
+ ;;
+ *)
+ eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+ ;;
+ esac
+done
+
+# Double-quote double-evaled strings.
+for var in lt_decl_all_varnames([[ \
+]], lt_decl_dquote_varnames); do
+ case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
+ *[[\\\\\\\`\\"\\\$]]*)
+ eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" ## exclude from sc_prohibit_nested_quotes
+ ;;
+ *)
+ eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+ ;;
+ esac
+done
+
+_LT_OUTPUT_LIBTOOL_INIT
+])
+
+# _LT_GENERATED_FILE_INIT(FILE, [COMMENT])
+# ------------------------------------
+# Generate a child script FILE with all initialization necessary to
+# reuse the environment learned by the parent script, and make the
+# file executable. If COMMENT is supplied, it is inserted after the
+# '#!' sequence but before initialization text begins. After this
+# macro, additional text can be appended to FILE to form the body of
+# the child script. The macro ends with non-zero status if the
+# file could not be fully written (such as if the disk is full).
+m4_ifdef([AS_INIT_GENERATED],
+[m4_defun([_LT_GENERATED_FILE_INIT],[AS_INIT_GENERATED($@)])],
+[m4_defun([_LT_GENERATED_FILE_INIT],
+[m4_require([AS_PREPARE])]dnl
+[m4_pushdef([AS_MESSAGE_LOG_FD])]dnl
+[lt_write_fail=0
+cat >$1 <<_ASEOF || lt_write_fail=1
+#! $SHELL
+# Generated by $as_me.
+$2
+SHELL=\${CONFIG_SHELL-$SHELL}
+export SHELL
+_ASEOF
+cat >>$1 <<\_ASEOF || lt_write_fail=1
+AS_SHELL_SANITIZE
+_AS_PREPARE
+exec AS_MESSAGE_FD>&1
+_ASEOF
+test 0 = "$lt_write_fail" && chmod +x $1[]dnl
+m4_popdef([AS_MESSAGE_LOG_FD])])])# _LT_GENERATED_FILE_INIT
+
+# LT_OUTPUT
+# ---------
+# This macro allows early generation of the libtool script (before
+# AC_OUTPUT is called), incase it is used in configure for compilation
+# tests.
+AC_DEFUN([LT_OUTPUT],
+[: ${CONFIG_LT=./config.lt}
+AC_MSG_NOTICE([creating $CONFIG_LT])
+_LT_GENERATED_FILE_INIT(["$CONFIG_LT"],
+[# Run this file to recreate a libtool stub with the current configuration.])
+
+cat >>"$CONFIG_LT" <<\_LTEOF
+lt_cl_silent=false
+exec AS_MESSAGE_LOG_FD>>config.log
+{
+ echo
+ AS_BOX([Running $as_me.])
+} >&AS_MESSAGE_LOG_FD
+
+lt_cl_help="\
+'$as_me' creates a local libtool stub from the current configuration,
+for use in further configure time tests before the real libtool is
+generated.
+
+Usage: $[0] [[OPTIONS]]
+
+ -h, --help print this help, then exit
+ -V, --version print version number, then exit
+ -q, --quiet do not print progress messages
+ -d, --debug don't remove temporary files
+
+Report bugs to <bug-libtool@gnu.org>."
+
+lt_cl_version="\
+m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl
+m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION])
+configured by $[0], generated by m4_PACKAGE_STRING.
+
+Copyright (C) 2011 Free Software Foundation, Inc.
+This config.lt script is free software; the Free Software Foundation
+gives unlimited permision to copy, distribute and modify it."
+
+while test 0 != $[#]
+do
+ case $[1] in
+ --version | --v* | -V )
+ echo "$lt_cl_version"; exit 0 ;;
+ --help | --h* | -h )
+ echo "$lt_cl_help"; exit 0 ;;
+ --debug | --d* | -d )
+ debug=: ;;
+ --quiet | --q* | --silent | --s* | -q )
+ lt_cl_silent=: ;;
+
+ -*) AC_MSG_ERROR([unrecognized option: $[1]
+Try '$[0] --help' for more information.]) ;;
+
+ *) AC_MSG_ERROR([unrecognized argument: $[1]
+Try '$[0] --help' for more information.]) ;;
+ esac
+ shift
+done
+
+if $lt_cl_silent; then
+ exec AS_MESSAGE_FD>/dev/null
+fi
+_LTEOF
+
+cat >>"$CONFIG_LT" <<_LTEOF
+_LT_OUTPUT_LIBTOOL_COMMANDS_INIT
+_LTEOF
+
+cat >>"$CONFIG_LT" <<\_LTEOF
+AC_MSG_NOTICE([creating $ofile])
+_LT_OUTPUT_LIBTOOL_COMMANDS
+AS_EXIT(0)
+_LTEOF
+chmod +x "$CONFIG_LT"
+
+# configure is writing to config.log, but config.lt does its own redirection,
+# appending to config.log, which fails on DOS, as config.log is still kept
+# open by configure. Here we exec the FD to /dev/null, effectively closing
+# config.log, so it can be properly (re)opened and appended to by config.lt.
+lt_cl_success=:
+test yes = "$silent" &&
+ lt_config_lt_args="$lt_config_lt_args --quiet"
+exec AS_MESSAGE_LOG_FD>/dev/null
+$SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false
+exec AS_MESSAGE_LOG_FD>>config.log
+$lt_cl_success || AS_EXIT(1)
+])# LT_OUTPUT
+
+
+# _LT_CONFIG(TAG)
+# ---------------
+# If TAG is the built-in tag, create an initial libtool script with a
+# default configuration from the untagged config vars. Otherwise add code
+# to config.status for appending the configuration named by TAG from the
+# matching tagged config vars.
+m4_defun([_LT_CONFIG],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+_LT_CONFIG_SAVE_COMMANDS([
+ m4_define([_LT_TAG], m4_if([$1], [], [C], [$1]))dnl
+ m4_if(_LT_TAG, [C], [
+ # See if we are running on zsh, and set the options that allow our
+ # commands through without removal of \ escapes.
+ if test -n "${ZSH_VERSION+set}"; then
+ setopt NO_GLOB_SUBST
+ fi
+
+ cfgfile=${ofile}T
+ trap "$RM \"$cfgfile\"; exit 1" 1 2 15
+ $RM "$cfgfile"
+
+ cat <<_LT_EOF >> "$cfgfile"
+#! $SHELL
+# Generated automatically by $as_me ($PACKAGE) $VERSION
+# NOTE: Changes made to this file will be lost: look at ltmain.sh.
+
+# Provide generalized library-building support services.
+# Written by Gordon Matzigkeit, 1996
+
+_LT_COPYING
+_LT_LIBTOOL_TAGS
+
+# Configured defaults for sys_lib_dlsearch_path munging.
+: \${LT_SYS_LIBRARY_PATH="$configure_time_lt_sys_library_path"}
+
+# ### BEGIN LIBTOOL CONFIG
+_LT_LIBTOOL_CONFIG_VARS
+_LT_LIBTOOL_TAG_VARS
+# ### END LIBTOOL CONFIG
+
+_LT_EOF
+
+ cat <<'_LT_EOF' >> "$cfgfile"
+
+# ### BEGIN FUNCTIONS SHARED WITH CONFIGURE
+
+_LT_PREPARE_MUNGE_PATH_LIST
+_LT_PREPARE_CC_BASENAME
+
+# ### END FUNCTIONS SHARED WITH CONFIGURE
+
+_LT_EOF
+
+ case $host_os in
+ aix3*)
+ cat <<\_LT_EOF >> "$cfgfile"
+# AIX sometimes has problems with the GCC collect2 program. For some
+# reason, if we set the COLLECT_NAMES environment variable, the problems
+# vanish in a puff of smoke.
+if test set != "${COLLECT_NAMES+set}"; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+fi
+_LT_EOF
+ ;;
+ esac
+
+ _LT_PROG_LTMAIN
+
+ # We use sed instead of cat because bash on DJGPP gets confused if
+ # if finds mixed CR/LF and LF-only lines. Since sed operates in
+ # text mode, it properly converts lines to CR/LF. This bash problem
+ # is reportedly fixed, but why not run on old versions too?
+ $SED '$q' "$ltmain" >> "$cfgfile" \
+ || (rm -f "$cfgfile"; exit 1)
+
+ mv -f "$cfgfile" "$ofile" ||
+ (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
+ chmod +x "$ofile"
+],
+[cat <<_LT_EOF >> "$ofile"
+
+dnl Unfortunately we have to use $1 here, since _LT_TAG is not expanded
+dnl in a comment (ie after a #).
+# ### BEGIN LIBTOOL TAG CONFIG: $1
+_LT_LIBTOOL_TAG_VARS(_LT_TAG)
+# ### END LIBTOOL TAG CONFIG: $1
+_LT_EOF
+])dnl /m4_if
+],
+[m4_if([$1], [], [
+ PACKAGE='$PACKAGE'
+ VERSION='$VERSION'
+ RM='$RM'
+ ofile='$ofile'], [])
+])dnl /_LT_CONFIG_SAVE_COMMANDS
+])# _LT_CONFIG
+
+
+# LT_SUPPORTED_TAG(TAG)
+# ---------------------
+# Trace this macro to discover what tags are supported by the libtool
+# --tag option, using:
+# autoconf --trace 'LT_SUPPORTED_TAG:$1'
+AC_DEFUN([LT_SUPPORTED_TAG], [])
+
+
+# C support is built-in for now
+m4_define([_LT_LANG_C_enabled], [])
+m4_define([_LT_TAGS], [])
+
+
+# LT_LANG(LANG)
+# -------------
+# Enable libtool support for the given language if not already enabled.
+AC_DEFUN([LT_LANG],
+[AC_BEFORE([$0], [LT_OUTPUT])dnl
+m4_case([$1],
+ [C], [_LT_LANG(C)],
+ [C++], [_LT_LANG(CXX)],
+ [Go], [_LT_LANG(GO)],
+ [Java], [_LT_LANG(GCJ)],
+ [Fortran 77], [_LT_LANG(F77)],
+ [Fortran], [_LT_LANG(FC)],
+ [Windows Resource], [_LT_LANG(RC)],
+ [m4_ifdef([_LT_LANG_]$1[_CONFIG],
+ [_LT_LANG($1)],
+ [m4_fatal([$0: unsupported language: "$1"])])])dnl
+])# LT_LANG
+
+
+# _LT_LANG(LANGNAME)
+# ------------------
+m4_defun([_LT_LANG],
+[m4_ifdef([_LT_LANG_]$1[_enabled], [],
+ [LT_SUPPORTED_TAG([$1])dnl
+ m4_append([_LT_TAGS], [$1 ])dnl
+ m4_define([_LT_LANG_]$1[_enabled], [])dnl
+ _LT_LANG_$1_CONFIG($1)])dnl
+])# _LT_LANG
+
+
+m4_ifndef([AC_PROG_GO], [
+############################################################
+# NOTE: This macro has been submitted for inclusion into #
+# GNU Autoconf as AC_PROG_GO. When it is available in #
+# a released version of Autoconf we should remove this #
+# macro and use it instead. #
+############################################################
+m4_defun([AC_PROG_GO],
+[AC_LANG_PUSH(Go)dnl
+AC_ARG_VAR([GOC], [Go compiler command])dnl
+AC_ARG_VAR([GOFLAGS], [Go compiler flags])dnl
+_AC_ARG_VAR_LDFLAGS()dnl
+AC_CHECK_TOOL(GOC, gccgo)
+if test -z "$GOC"; then
+ if test -n "$ac_tool_prefix"; then
+ AC_CHECK_PROG(GOC, [${ac_tool_prefix}gccgo], [${ac_tool_prefix}gccgo])
+ fi
+fi
+if test -z "$GOC"; then
+ AC_CHECK_PROG(GOC, gccgo, gccgo, false)
+fi
+])#m4_defun
+])#m4_ifndef
+
+
+# _LT_LANG_DEFAULT_CONFIG
+# -----------------------
+m4_defun([_LT_LANG_DEFAULT_CONFIG],
+[AC_PROVIDE_IFELSE([AC_PROG_CXX],
+ [LT_LANG(CXX)],
+ [m4_define([AC_PROG_CXX], defn([AC_PROG_CXX])[LT_LANG(CXX)])])
+
+AC_PROVIDE_IFELSE([AC_PROG_F77],
+ [LT_LANG(F77)],
+ [m4_define([AC_PROG_F77], defn([AC_PROG_F77])[LT_LANG(F77)])])
+
+AC_PROVIDE_IFELSE([AC_PROG_FC],
+ [LT_LANG(FC)],
+ [m4_define([AC_PROG_FC], defn([AC_PROG_FC])[LT_LANG(FC)])])
+
+dnl The call to [A][M_PROG_GCJ] is quoted like that to stop aclocal
+dnl pulling things in needlessly.
+AC_PROVIDE_IFELSE([AC_PROG_GCJ],
+ [LT_LANG(GCJ)],
+ [AC_PROVIDE_IFELSE([A][M_PROG_GCJ],
+ [LT_LANG(GCJ)],
+ [AC_PROVIDE_IFELSE([LT_PROG_GCJ],
+ [LT_LANG(GCJ)],
+ [m4_ifdef([AC_PROG_GCJ],
+ [m4_define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[LT_LANG(GCJ)])])
+ m4_ifdef([A][M_PROG_GCJ],
+ [m4_define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[LT_LANG(GCJ)])])
+ m4_ifdef([LT_PROG_GCJ],
+ [m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])])
+
+AC_PROVIDE_IFELSE([AC_PROG_GO],
+ [LT_LANG(GO)],
+ [m4_define([AC_PROG_GO], defn([AC_PROG_GO])[LT_LANG(GO)])])
+
+AC_PROVIDE_IFELSE([LT_PROG_RC],
+ [LT_LANG(RC)],
+ [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])])
+])# _LT_LANG_DEFAULT_CONFIG
+
+# Obsolete macros:
+AU_DEFUN([AC_LIBTOOL_CXX], [LT_LANG(C++)])
+AU_DEFUN([AC_LIBTOOL_F77], [LT_LANG(Fortran 77)])
+AU_DEFUN([AC_LIBTOOL_FC], [LT_LANG(Fortran)])
+AU_DEFUN([AC_LIBTOOL_GCJ], [LT_LANG(Java)])
+AU_DEFUN([AC_LIBTOOL_RC], [LT_LANG(Windows Resource)])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_CXX], [])
+dnl AC_DEFUN([AC_LIBTOOL_F77], [])
+dnl AC_DEFUN([AC_LIBTOOL_FC], [])
+dnl AC_DEFUN([AC_LIBTOOL_GCJ], [])
+dnl AC_DEFUN([AC_LIBTOOL_RC], [])
+
+
+# _LT_TAG_COMPILER
+# ----------------
+m4_defun([_LT_TAG_COMPILER],
+[AC_REQUIRE([AC_PROG_CC])dnl
+
+_LT_DECL([LTCC], [CC], [1], [A C compiler])dnl
+_LT_DECL([LTCFLAGS], [CFLAGS], [1], [LTCC compiler flags])dnl
+_LT_TAGDECL([CC], [compiler], [1], [A language specific compiler])dnl
+_LT_TAGDECL([with_gcc], [GCC], [0], [Is the compiler the GNU compiler?])dnl
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+])# _LT_TAG_COMPILER
+
+
+# _LT_COMPILER_BOILERPLATE
+# ------------------------
+# Check for compiler boilerplate output or warnings with
+# the simple compiler test code.
+m4_defun([_LT_COMPILER_BOILERPLATE],
+[m4_require([_LT_DECL_SED])dnl
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$RM conftest*
+])# _LT_COMPILER_BOILERPLATE
+
+
+# _LT_LINKER_BOILERPLATE
+# ----------------------
+# Check for linker boilerplate output or warnings with
+# the simple link test code.
+m4_defun([_LT_LINKER_BOILERPLATE],
+[m4_require([_LT_DECL_SED])dnl
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$RM -r conftest*
+])# _LT_LINKER_BOILERPLATE
+
+# _LT_REQUIRED_DARWIN_CHECKS
+# -------------------------
+m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[
+ case $host_os in
+ rhapsody* | darwin*)
+ AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:])
+ AC_CHECK_TOOL([NMEDIT], [nmedit], [:])
+ AC_CHECK_TOOL([LIPO], [lipo], [:])
+ AC_CHECK_TOOL([OTOOL], [otool], [:])
+ AC_CHECK_TOOL([OTOOL64], [otool64], [:])
+ _LT_DECL([], [DSYMUTIL], [1],
+ [Tool to manipulate archived DWARF debug symbol files on Mac OS X])
+ _LT_DECL([], [NMEDIT], [1],
+ [Tool to change global to local symbols on Mac OS X])
+ _LT_DECL([], [LIPO], [1],
+ [Tool to manipulate fat objects and archives on Mac OS X])
+ _LT_DECL([], [OTOOL], [1],
+ [ldd/readelf like tool for Mach-O binaries on Mac OS X])
+ _LT_DECL([], [OTOOL64], [1],
+ [ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4])
+
+ AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod],
+ [lt_cv_apple_cc_single_mod=no
+ if test -z "$LT_MULTI_MODULE"; then
+ # By default we will add the -single_module flag. You can override
+ # by either setting the environment variable LT_MULTI_MODULE
+ # non-empty at configure time, or by adding -multi_module to the
+ # link flags.
+ rm -rf libconftest.dylib*
+ echo "int foo(void){return 1;}" > conftest.c
+ echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+-dynamiclib -Wl,-single_module conftest.c" >&AS_MESSAGE_LOG_FD
+ $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+ -dynamiclib -Wl,-single_module conftest.c 2>conftest.err
+ _lt_result=$?
+ # If there is a non-empty error log, and "single_module"
+ # appears in it, assume the flag caused a linker warning
+ if test -s conftest.err && $GREP single_module conftest.err; then
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ # Otherwise, if the output was created with a 0 exit code from
+ # the compiler, it worked.
+ elif test -f libconftest.dylib && test 0 = "$_lt_result"; then
+ lt_cv_apple_cc_single_mod=yes
+ else
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ fi
+ rm -rf libconftest.dylib*
+ rm -f conftest.*
+ fi])
+
+ AC_CACHE_CHECK([for -exported_symbols_list linker flag],
+ [lt_cv_ld_exported_symbols_list],
+ [lt_cv_ld_exported_symbols_list=no
+ save_LDFLAGS=$LDFLAGS
+ echo "_main" > conftest.sym
+ LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym"
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
+ [lt_cv_ld_exported_symbols_list=yes],
+ [lt_cv_ld_exported_symbols_list=no])
+ LDFLAGS=$save_LDFLAGS
+ ])
+
+ AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load],
+ [lt_cv_ld_force_load=no
+ cat > conftest.c << _LT_EOF
+int forced_loaded() { return 2;}
+_LT_EOF
+ echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD
+ $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD
+ echo "$AR $AR_FLAGS libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD
+ $AR $AR_FLAGS libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD
+ echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD
+ $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD
+ cat > conftest.c << _LT_EOF
+int main() { return 0;}
+_LT_EOF
+ echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD
+ $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err
+ _lt_result=$?
+ if test -s conftest.err && $GREP force_load conftest.err; then
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ elif test -f conftest && test 0 = "$_lt_result" && $GREP forced_load conftest >/dev/null 2>&1; then
+ lt_cv_ld_force_load=yes
+ else
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ fi
+ rm -f conftest.err libconftest.a conftest conftest.c
+ rm -rf conftest.dSYM
+ ])
+ case $host_os in
+ rhapsody* | darwin1.[[012]])
+ _lt_dar_allow_undefined='$wl-undefined ${wl}suppress' ;;
+ darwin1.*)
+ _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
+ darwin*)
+ case $MACOSX_DEPLOYMENT_TARGET,$host in
+ 10.[[012]],*|,*powerpc*-darwin[[5-8]]*)
+ _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
+ *)
+ _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
+ esac
+ ;;
+ esac
+ if test yes = "$lt_cv_apple_cc_single_mod"; then
+ _lt_dar_single_mod='$single_module'
+ fi
+ if test yes = "$lt_cv_ld_exported_symbols_list"; then
+ _lt_dar_export_syms=' $wl-exported_symbols_list,$output_objdir/$libname-symbols.expsym'
+ else
+ _lt_dar_export_syms='~$NMEDIT -s $output_objdir/$libname-symbols.expsym $lib'
+ fi
+ if test : != "$DSYMUTIL" && test no = "$lt_cv_ld_force_load"; then
+ _lt_dsymutil='~$DSYMUTIL $lib || :'
+ else
+ _lt_dsymutil=
+ fi
+ ;;
+ esac
+])
+
+
+# _LT_DARWIN_LINKER_FEATURES([TAG])
+# ---------------------------------
+# Checks for linker and compiler features on darwin
+m4_defun([_LT_DARWIN_LINKER_FEATURES],
+[
+ m4_require([_LT_REQUIRED_DARWIN_CHECKS])
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_automatic, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+ if test yes = "$lt_cv_ld_force_load"; then
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience $wl-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`'
+ m4_case([$1], [F77], [_LT_TAGVAR(compiler_needs_object, $1)=yes],
+ [FC], [_LT_TAGVAR(compiler_needs_object, $1)=yes])
+ else
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=''
+ fi
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_TAGVAR(allow_undefined_flag, $1)=$_lt_dar_allow_undefined
+ case $cc_basename in
+ ifort*|nagfor*) _lt_dar_can_shared=yes ;;
+ *) _lt_dar_can_shared=$GCC ;;
+ esac
+ if test yes = "$_lt_dar_can_shared"; then
+ output_verbose_link_cmd=func_echo_all
+ _LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dsymutil"
+ _LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dsymutil"
+ _LT_TAGVAR(archive_expsym_cmds, $1)="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil"
+ _LT_TAGVAR(module_expsym_cmds, $1)="$SED -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil"
+ m4_if([$1], [CXX],
+[ if test yes != "$lt_cv_apple_cc_single_mod"; then
+ _LT_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dsymutil"
+ _LT_TAGVAR(archive_expsym_cmds, $1)="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dar_export_syms$_lt_dsymutil"
+ fi
+],[])
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+])
+
+# _LT_SYS_MODULE_PATH_AIX([TAGNAME])
+# ----------------------------------
+# Links a minimal program and checks the executable
+# for the system default hardcoded library path. In most cases,
+# this is /usr/lib:/lib, but when the MPI compilers are used
+# the location of the communication and MPI libs are included too.
+# If we don't find anything, use the default library path according
+# to the aix ld manual.
+# Store the results from the different compilers for each TAGNAME.
+# Allow to override them for all tags through lt_cv_aix_libpath.
+m4_defun([_LT_SYS_MODULE_PATH_AIX],
+[m4_require([_LT_DECL_SED])dnl
+if test set = "${lt_cv_aix_libpath+set}"; then
+ aix_libpath=$lt_cv_aix_libpath
+else
+ AC_CACHE_VAL([_LT_TAGVAR([lt_cv_aix_libpath_], [$1])],
+ [AC_LINK_IFELSE([AC_LANG_PROGRAM],[
+ lt_aix_libpath_sed='[
+ /Import File Strings/,/^$/ {
+ /^0/ {
+ s/^0 *\([^ ]*\) *$/\1/
+ p
+ }
+ }]'
+ _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+ # Check for a 64-bit object if we didn't find anything.
+ if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then
+ _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+ fi],[])
+ if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then
+ _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=/usr/lib:/lib
+ fi
+ ])
+ aix_libpath=$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])
+fi
+])# _LT_SYS_MODULE_PATH_AIX
+
+
+# _LT_SHELL_INIT(ARG)
+# -------------------
+m4_define([_LT_SHELL_INIT],
+[m4_divert_text([M4SH-INIT], [$1
+])])# _LT_SHELL_INIT
+
+
+
+# _LT_PROG_ECHO_BACKSLASH
+# -----------------------
+# Find how we can fake an echo command that does not interpret backslash.
+# In particular, with Autoconf 2.60 or later we add some code to the start
+# of the generated configure script that will find a shell with a builtin
+# printf (that we can use as an echo command).
+m4_defun([_LT_PROG_ECHO_BACKSLASH],
+[ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+
+AC_MSG_CHECKING([how to print strings])
+# Test print first, because it will be a builtin if present.
+if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \
+ test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then
+ ECHO='print -r --'
+elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then
+ ECHO='printf %s\n'
+else
+ # Use this function as a fallback that always works.
+ func_fallback_echo ()
+ {
+ eval 'cat <<_LTECHO_EOF
+$[]1
+_LTECHO_EOF'
+ }
+ ECHO='func_fallback_echo'
+fi
+
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+ $ECHO "$*"
+}
+
+case $ECHO in
+ printf*) AC_MSG_RESULT([printf]) ;;
+ print*) AC_MSG_RESULT([print -r]) ;;
+ *) AC_MSG_RESULT([cat]) ;;
+esac
+
+m4_ifdef([_AS_DETECT_SUGGESTED],
+[_AS_DETECT_SUGGESTED([
+ test -n "${ZSH_VERSION+set}${BASH_VERSION+set}" || (
+ ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+ ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+ PATH=/empty FPATH=/empty; export PATH FPATH
+ test "X`printf %s $ECHO`" = "X$ECHO" \
+ || test "X`print -r -- $ECHO`" = "X$ECHO" )])])
+
+_LT_DECL([], [SHELL], [1], [Shell to use when invoking shell scripts])
+_LT_DECL([], [ECHO], [1], [An echo program that protects backslashes])
+])# _LT_PROG_ECHO_BACKSLASH
+
+
+# _LT_WITH_SYSROOT
+# ----------------
+AC_DEFUN([_LT_WITH_SYSROOT],
+[m4_require([_LT_DECL_SED])dnl
+AC_MSG_CHECKING([for sysroot])
+AC_ARG_WITH([sysroot],
+[AS_HELP_STRING([--with-sysroot@<:@=DIR@:>@],
+ [Search for dependent libraries within DIR (or the compiler's sysroot
+ if not specified).])],
+[], [with_sysroot=no])
+
+dnl lt_sysroot will always be passed unquoted. We quote it here
+dnl in case the user passed a directory name.
+lt_sysroot=
+case $with_sysroot in #(
+ yes)
+ if test yes = "$GCC"; then
+ lt_sysroot=`$CC --print-sysroot 2>/dev/null`
+ fi
+ ;; #(
+ /*)
+ lt_sysroot=`echo "$with_sysroot" | $SED -e "$sed_quote_subst"`
+ ;; #(
+ no|'')
+ ;; #(
+ *)
+ AC_MSG_RESULT([$with_sysroot])
+ AC_MSG_ERROR([The sysroot must be an absolute path.])
+ ;;
+esac
+
+ AC_MSG_RESULT([${lt_sysroot:-no}])
+_LT_DECL([], [lt_sysroot], [0], [The root where to search for ]dnl
+[dependent libraries, and where our libraries should be installed.])])
+
+# _LT_ENABLE_LOCK
+# ---------------
+m4_defun([_LT_ENABLE_LOCK],
+[AC_ARG_ENABLE([libtool-lock],
+ [AS_HELP_STRING([--disable-libtool-lock],
+ [avoid locking (might break parallel builds)])])
+test no = "$enable_libtool_lock" || enable_libtool_lock=yes
+
+# Some flags need to be propagated to the compiler or linker for good
+# libtool support.
+case $host in
+ia64-*-hpux*)
+ # Find out what ABI is being produced by ac_compile, and set mode
+ # options accordingly.
+ echo 'int i;' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case `$FILECMD conftest.$ac_objext` in
+ *ELF-32*)
+ HPUX_IA64_MODE=32
+ ;;
+ *ELF-64*)
+ HPUX_IA64_MODE=64
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+*-*-irix6*)
+ # Find out what ABI is being produced by ac_compile, and set linker
+ # options accordingly.
+ echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ if test yes = "$lt_cv_prog_gnu_ld"; then
+ case `$FILECMD conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -melf32bsmip"
+ ;;
+ *N32*)
+ LD="${LD-ld} -melf32bmipn32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -melf64bmip"
+ ;;
+ esac
+ else
+ case `$FILECMD conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -32"
+ ;;
+ *N32*)
+ LD="${LD-ld} -n32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -64"
+ ;;
+ esac
+ fi
+ fi
+ rm -rf conftest*
+ ;;
+
+mips64*-*linux*)
+ # Find out what ABI is being produced by ac_compile, and set linker
+ # options accordingly.
+ echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ emul=elf
+ case `$FILECMD conftest.$ac_objext` in
+ *32-bit*)
+ emul="${emul}32"
+ ;;
+ *64-bit*)
+ emul="${emul}64"
+ ;;
+ esac
+ case `$FILECMD conftest.$ac_objext` in
+ *MSB*)
+ emul="${emul}btsmip"
+ ;;
+ *LSB*)
+ emul="${emul}ltsmip"
+ ;;
+ esac
+ case `$FILECMD conftest.$ac_objext` in
+ *N32*)
+ emul="${emul}n32"
+ ;;
+ esac
+ LD="${LD-ld} -m $emul"
+ fi
+ rm -rf conftest*
+ ;;
+
+x86_64-*kfreebsd*-gnu|x86_64-*linux*|powerpc*-*linux*| \
+s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
+ # Find out what ABI is being produced by ac_compile, and set linker
+ # options accordingly. Note that the listed cases only cover the
+ # situations where additional linker options are needed (such as when
+ # doing 32-bit compilation for a host where ld defaults to 64-bit, or
+ # vice versa); the common cases where no linker options are needed do
+ # not appear in the list.
+ echo 'int i;' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case `$FILECMD conftest.o` in
+ *32-bit*)
+ case $host in
+ x86_64-*kfreebsd*-gnu)
+ LD="${LD-ld} -m elf_i386_fbsd"
+ ;;
+ x86_64-*linux*)
+ case `$FILECMD conftest.o` in
+ *x86-64*)
+ LD="${LD-ld} -m elf32_x86_64"
+ ;;
+ *)
+ LD="${LD-ld} -m elf_i386"
+ ;;
+ esac
+ ;;
+ powerpc64le-*linux*)
+ LD="${LD-ld} -m elf32lppclinux"
+ ;;
+ powerpc64-*linux*)
+ LD="${LD-ld} -m elf32ppclinux"
+ ;;
+ s390x-*linux*)
+ LD="${LD-ld} -m elf_s390"
+ ;;
+ sparc64-*linux*)
+ LD="${LD-ld} -m elf32_sparc"
+ ;;
+ esac
+ ;;
+ *64-bit*)
+ case $host in
+ x86_64-*kfreebsd*-gnu)
+ LD="${LD-ld} -m elf_x86_64_fbsd"
+ ;;
+ x86_64-*linux*)
+ LD="${LD-ld} -m elf_x86_64"
+ ;;
+ powerpcle-*linux*)
+ LD="${LD-ld} -m elf64lppc"
+ ;;
+ powerpc-*linux*)
+ LD="${LD-ld} -m elf64ppc"
+ ;;
+ s390*-*linux*|s390*-*tpf*)
+ LD="${LD-ld} -m elf64_s390"
+ ;;
+ sparc*-*linux*)
+ LD="${LD-ld} -m elf64_sparc"
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+
+*-*-sco3.2v5*)
+ # On SCO OpenServer 5, we need -belf to get full-featured binaries.
+ SAVE_CFLAGS=$CFLAGS
+ CFLAGS="$CFLAGS -belf"
+ AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf,
+ [AC_LANG_PUSH(C)
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],[[]])],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no])
+ AC_LANG_POP])
+ if test yes != "$lt_cv_cc_needs_belf"; then
+ # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
+ CFLAGS=$SAVE_CFLAGS
+ fi
+ ;;
+*-*solaris*)
+ # Find out what ABI is being produced by ac_compile, and set linker
+ # options accordingly.
+ echo 'int i;' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case `$FILECMD conftest.o` in
+ *64-bit*)
+ case $lt_cv_prog_gnu_ld in
+ yes*)
+ case $host in
+ i?86-*-solaris*|x86_64-*-solaris*)
+ LD="${LD-ld} -m elf_x86_64"
+ ;;
+ sparc*-*-solaris*)
+ LD="${LD-ld} -m elf64_sparc"
+ ;;
+ esac
+ # GNU ld 2.21 introduced _sol2 emulations. Use them if available.
+ if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then
+ LD=${LD-ld}_sol2
+ fi
+ ;;
+ *)
+ if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
+ LD="${LD-ld} -64"
+ fi
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+esac
+
+need_locks=$enable_libtool_lock
+])# _LT_ENABLE_LOCK
+
+
+# _LT_PROG_AR
+# -----------
+m4_defun([_LT_PROG_AR],
+[AC_CHECK_TOOLS(AR, [ar], false)
+: ${AR=ar}
+_LT_DECL([], [AR], [1], [The archiver])
+
+# Use ARFLAGS variable as AR's operation code to sync the variable naming with
+# Automake. If both AR_FLAGS and ARFLAGS are specified, AR_FLAGS should have
+# higher priority because thats what people were doing historically (setting
+# ARFLAGS for automake and AR_FLAGS for libtool). FIXME: Make the AR_FLAGS
+# variable obsoleted/removed.
+
+test ${AR_FLAGS+y} || AR_FLAGS=${ARFLAGS-cr}
+lt_ar_flags=$AR_FLAGS
+_LT_DECL([], [lt_ar_flags], [0], [Flags to create an archive (by configure)])
+
+# Make AR_FLAGS overridable by 'make ARFLAGS='. Don't try to run-time override
+# by AR_FLAGS because that was never working and AR_FLAGS is about to die.
+_LT_DECL([], [AR_FLAGS], [\@S|@{ARFLAGS-"\@S|@lt_ar_flags"}],
+ [Flags to create an archive])
+
+AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file],
+ [lt_cv_ar_at_file=no
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM],
+ [echo conftest.$ac_objext > conftest.lst
+ lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&AS_MESSAGE_LOG_FD'
+ AC_TRY_EVAL([lt_ar_try])
+ if test 0 -eq "$ac_status"; then
+ # Ensure the archiver fails upon bogus file names.
+ rm -f conftest.$ac_objext libconftest.a
+ AC_TRY_EVAL([lt_ar_try])
+ if test 0 -ne "$ac_status"; then
+ lt_cv_ar_at_file=@
+ fi
+ fi
+ rm -f conftest.* libconftest.a
+ ])
+ ])
+
+if test no = "$lt_cv_ar_at_file"; then
+ archiver_list_spec=
+else
+ archiver_list_spec=$lt_cv_ar_at_file
+fi
+_LT_DECL([], [archiver_list_spec], [1],
+ [How to feed a file listing to the archiver])
+])# _LT_PROG_AR
+
+
+# _LT_CMD_OLD_ARCHIVE
+# -------------------
+m4_defun([_LT_CMD_OLD_ARCHIVE],
+[_LT_PROG_AR
+
+AC_CHECK_TOOL(STRIP, strip, :)
+test -z "$STRIP" && STRIP=:
+_LT_DECL([], [STRIP], [1], [A symbol stripping program])
+
+AC_CHECK_TOOL(RANLIB, ranlib, :)
+test -z "$RANLIB" && RANLIB=:
+_LT_DECL([], [RANLIB], [1],
+ [Commands used to install an old-style archive])
+
+# Determine commands to create old-style static archives.
+old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs'
+old_postinstall_cmds='chmod 644 $oldlib'
+old_postuninstall_cmds=
+
+if test -n "$RANLIB"; then
+ case $host_os in
+ bitrig* | openbsd*)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib"
+ ;;
+ *)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib"
+ ;;
+ esac
+ old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib"
+fi
+
+case $host_os in
+ darwin*)
+ lock_old_archive_extraction=yes ;;
+ *)
+ lock_old_archive_extraction=no ;;
+esac
+_LT_DECL([], [old_postinstall_cmds], [2])
+_LT_DECL([], [old_postuninstall_cmds], [2])
+_LT_TAGDECL([], [old_archive_cmds], [2],
+ [Commands used to build an old-style archive])
+_LT_DECL([], [lock_old_archive_extraction], [0],
+ [Whether to use a lock for old archive extraction])
+])# _LT_CMD_OLD_ARCHIVE
+
+
+# _LT_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
+# [OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE])
+# ----------------------------------------------------------------
+# Check whether the given compiler option works
+AC_DEFUN([_LT_COMPILER_OPTION],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_SED])dnl
+AC_CACHE_CHECK([$1], [$2],
+ [$2=no
+ m4_if([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4])
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="$3" ## exclude from sc_useless_quotes_in_assignment
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ $2=yes
+ fi
+ fi
+ $RM conftest*
+])
+
+if test yes = "[$]$2"; then
+ m4_if([$5], , :, [$5])
+else
+ m4_if([$6], , :, [$6])
+fi
+])# _LT_COMPILER_OPTION
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_COMPILER_OPTION], [_LT_COMPILER_OPTION])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION], [])
+
+
+# _LT_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
+# [ACTION-SUCCESS], [ACTION-FAILURE])
+# ----------------------------------------------------
+# Check whether the given linker option works
+AC_DEFUN([_LT_LINKER_OPTION],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_SED])dnl
+AC_CACHE_CHECK([$1], [$2],
+ [$2=no
+ save_LDFLAGS=$LDFLAGS
+ LDFLAGS="$LDFLAGS $3"
+ echo "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&AS_MESSAGE_LOG_FD
+ $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ $2=yes
+ fi
+ else
+ $2=yes
+ fi
+ fi
+ $RM -r conftest*
+ LDFLAGS=$save_LDFLAGS
+])
+
+if test yes = "[$]$2"; then
+ m4_if([$4], , :, [$4])
+else
+ m4_if([$5], , :, [$5])
+fi
+])# _LT_LINKER_OPTION
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_LINKER_OPTION], [_LT_LINKER_OPTION])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_LINKER_OPTION], [])
+
+
+# LT_CMD_MAX_LEN
+#---------------
+AC_DEFUN([LT_CMD_MAX_LEN],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+# find the maximum length of command line arguments
+AC_MSG_CHECKING([the maximum length of command line arguments])
+AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
+ i=0
+ teststring=ABCD
+
+ case $build_os in
+ msdosdjgpp*)
+ # On DJGPP, this test can blow up pretty badly due to problems in libc
+ # (any single argument exceeding 2000 bytes causes a buffer overrun
+ # during glob expansion). Even if it were fixed, the result of this
+ # check would be larger than it should be.
+ lt_cv_sys_max_cmd_len=12288; # 12K is about right
+ ;;
+
+ gnu*)
+ # Under GNU Hurd, this test is not required because there is
+ # no limit to the length of command line arguments.
+ # Libtool will interpret -1 as no limit whatsoever
+ lt_cv_sys_max_cmd_len=-1;
+ ;;
+
+ cygwin* | mingw* | cegcc*)
+ # On Win9x/ME, this test blows up -- it succeeds, but takes
+ # about 5 minutes as the teststring grows exponentially.
+ # Worse, since 9x/ME are not pre-emptively multitasking,
+ # you end up with a "frozen" computer, even though with patience
+ # the test eventually succeeds (with a max line length of 256k).
+ # Instead, let's just punt: use the minimum linelength reported by
+ # all of the supported platforms: 8192 (on NT/2K/XP).
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ mint*)
+ # On MiNT this can take a long time and run out of memory.
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ amigaos*)
+ # On AmigaOS with pdksh, this test takes hours, literally.
+ # So we just punt and use a minimum line length of 8192.
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ bitrig* | darwin* | dragonfly* | freebsd* | midnightbsd* | netbsd* | openbsd*)
+ # This has been around since 386BSD, at least. Likely further.
+ if test -x /sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
+ elif test -x /usr/sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax`
+ else
+ lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs
+ fi
+ # And add a safety zone
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+ ;;
+
+ interix*)
+ # We know the value 262144 and hardcode it with a safety zone (like BSD)
+ lt_cv_sys_max_cmd_len=196608
+ ;;
+
+ os2*)
+ # The test takes a long time on OS/2.
+ lt_cv_sys_max_cmd_len=8192
+ ;;
+
+ osf*)
+ # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
+ # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
+ # nice to cause kernel panics so lets avoid the loop below.
+ # First set a reasonable default.
+ lt_cv_sys_max_cmd_len=16384
+ #
+ if test -x /sbin/sysconfig; then
+ case `/sbin/sysconfig -q proc exec_disable_arg_limit` in
+ *1*) lt_cv_sys_max_cmd_len=-1 ;;
+ esac
+ fi
+ ;;
+ sco3.2v5*)
+ lt_cv_sys_max_cmd_len=102400
+ ;;
+ sysv5* | sco5v6* | sysv4.2uw2*)
+ kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
+ if test -n "$kargmax"; then
+ lt_cv_sys_max_cmd_len=`echo $kargmax | $SED 's/.*[[ ]]//'`
+ else
+ lt_cv_sys_max_cmd_len=32768
+ fi
+ ;;
+ *)
+ lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null`
+ if test -n "$lt_cv_sys_max_cmd_len" && \
+ test undefined != "$lt_cv_sys_max_cmd_len"; then
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+ else
+ # Make teststring a little bigger before we do anything with it.
+ # a 1K string should be a reasonable start.
+ for i in 1 2 3 4 5 6 7 8; do
+ teststring=$teststring$teststring
+ done
+ SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
+ # If test is not a shell built-in, we'll probably end up computing a
+ # maximum length that is only half of the actual maximum length, but
+ # we can't tell.
+ while { test X`env echo "$teststring$teststring" 2>/dev/null` \
+ = "X$teststring$teststring"; } >/dev/null 2>&1 &&
+ test 17 != "$i" # 1/2 MB should be enough
+ do
+ i=`expr $i + 1`
+ teststring=$teststring$teststring
+ done
+ # Only check the string length outside the loop.
+ lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1`
+ teststring=
+ # Add a significant safety factor because C++ compilers can tack on
+ # massive amounts of additional arguments before passing them to the
+ # linker. It appears as though 1/2 is a usable value.
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2`
+ fi
+ ;;
+ esac
+])
+if test -n "$lt_cv_sys_max_cmd_len"; then
+ AC_MSG_RESULT($lt_cv_sys_max_cmd_len)
+else
+ AC_MSG_RESULT(none)
+fi
+max_cmd_len=$lt_cv_sys_max_cmd_len
+_LT_DECL([], [max_cmd_len], [0],
+ [What is the maximum length of a command?])
+])# LT_CMD_MAX_LEN
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_SYS_MAX_CMD_LEN], [LT_CMD_MAX_LEN])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], [])
+
+
+# _LT_HEADER_DLFCN
+# ----------------
+m4_defun([_LT_HEADER_DLFCN],
+[AC_CHECK_HEADERS([dlfcn.h], [], [], [AC_INCLUDES_DEFAULT])dnl
+])# _LT_HEADER_DLFCN
+
+
+# _LT_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE,
+# ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING)
+# ----------------------------------------------------------------
+m4_defun([_LT_TRY_DLOPEN_SELF],
+[m4_require([_LT_HEADER_DLFCN])dnl
+if test yes = "$cross_compiling"; then :
+ [$4]
+else
+ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+ lt_status=$lt_dlunknown
+ cat > conftest.$ac_ext <<_LT_EOF
+[#line $LINENO "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LT_DLGLOBAL RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+# define LT_DLGLOBAL DL_GLOBAL
+# else
+# define LT_DLGLOBAL 0
+# endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+ find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+# ifdef RTLD_LAZY
+# define LT_DLLAZY_OR_NOW RTLD_LAZY
+# else
+# ifdef DL_LAZY
+# define LT_DLLAZY_OR_NOW DL_LAZY
+# else
+# ifdef RTLD_NOW
+# define LT_DLLAZY_OR_NOW RTLD_NOW
+# else
+# ifdef DL_NOW
+# define LT_DLLAZY_OR_NOW DL_NOW
+# else
+# define LT_DLLAZY_OR_NOW 0
+# endif
+# endif
+# endif
+# endif
+#endif
+
+/* When -fvisibility=hidden is used, assume the code has been annotated
+ correspondingly for the symbols needed. */
+#if defined __GNUC__ && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
+int main ()
+{
+ void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+ int status = $lt_dlunknown;
+
+ if (self)
+ {
+ if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
+ else
+ {
+ if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ else puts (dlerror ());
+ }
+ /* dlclose (self); */
+ }
+ else
+ puts (dlerror ());
+
+ return status;
+}]
+_LT_EOF
+ if AC_TRY_EVAL(ac_link) && test -s "conftest$ac_exeext" 2>/dev/null; then
+ (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null
+ lt_status=$?
+ case x$lt_status in
+ x$lt_dlno_uscore) $1 ;;
+ x$lt_dlneed_uscore) $2 ;;
+ x$lt_dlunknown|x*) $3 ;;
+ esac
+ else :
+ # compilation failed
+ $3
+ fi
+fi
+rm -fr conftest*
+])# _LT_TRY_DLOPEN_SELF
+
+
+# LT_SYS_DLOPEN_SELF
+# ------------------
+AC_DEFUN([LT_SYS_DLOPEN_SELF],
+[m4_require([_LT_HEADER_DLFCN])dnl
+if test yes != "$enable_dlopen"; then
+ enable_dlopen=unknown
+ enable_dlopen_self=unknown
+ enable_dlopen_self_static=unknown
+else
+ lt_cv_dlopen=no
+ lt_cv_dlopen_libs=
+
+ case $host_os in
+ beos*)
+ lt_cv_dlopen=load_add_on
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+ ;;
+
+ mingw* | pw32* | cegcc*)
+ lt_cv_dlopen=LoadLibrary
+ lt_cv_dlopen_libs=
+ ;;
+
+ cygwin*)
+ lt_cv_dlopen=dlopen
+ lt_cv_dlopen_libs=
+ ;;
+
+ darwin*)
+ # if libdl is installed we need to link against it
+ AC_CHECK_LIB([dl], [dlopen],
+ [lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-ldl],[
+ lt_cv_dlopen=dyld
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+ ])
+ ;;
+
+ tpf*)
+ # Don't try to run any link tests for TPF. We know it's impossible
+ # because TPF is a cross-compiler, and we know how we open DSOs.
+ lt_cv_dlopen=dlopen
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=no
+ ;;
+
+ *)
+ AC_CHECK_FUNC([shl_load],
+ [lt_cv_dlopen=shl_load],
+ [AC_CHECK_LIB([dld], [shl_load],
+ [lt_cv_dlopen=shl_load lt_cv_dlopen_libs=-ldld],
+ [AC_CHECK_FUNC([dlopen],
+ [lt_cv_dlopen=dlopen],
+ [AC_CHECK_LIB([dl], [dlopen],
+ [lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-ldl],
+ [AC_CHECK_LIB([svld], [dlopen],
+ [lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-lsvld],
+ [AC_CHECK_LIB([dld], [dld_link],
+ [lt_cv_dlopen=dld_link lt_cv_dlopen_libs=-ldld])
+ ])
+ ])
+ ])
+ ])
+ ])
+ ;;
+ esac
+
+ if test no = "$lt_cv_dlopen"; then
+ enable_dlopen=no
+ else
+ enable_dlopen=yes
+ fi
+
+ case $lt_cv_dlopen in
+ dlopen)
+ save_CPPFLAGS=$CPPFLAGS
+ test yes = "$ac_cv_header_dlfcn_h" && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
+
+ save_LDFLAGS=$LDFLAGS
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
+
+ save_LIBS=$LIBS
+ LIBS="$lt_cv_dlopen_libs $LIBS"
+
+ AC_CACHE_CHECK([whether a program can dlopen itself],
+ lt_cv_dlopen_self, [dnl
+ _LT_TRY_DLOPEN_SELF(
+ lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes,
+ lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross)
+ ])
+
+ if test yes = "$lt_cv_dlopen_self"; then
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
+ AC_CACHE_CHECK([whether a statically linked program can dlopen itself],
+ lt_cv_dlopen_self_static, [dnl
+ _LT_TRY_DLOPEN_SELF(
+ lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes,
+ lt_cv_dlopen_self_static=no, lt_cv_dlopen_self_static=cross)
+ ])
+ fi
+
+ CPPFLAGS=$save_CPPFLAGS
+ LDFLAGS=$save_LDFLAGS
+ LIBS=$save_LIBS
+ ;;
+ esac
+
+ case $lt_cv_dlopen_self in
+ yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
+ *) enable_dlopen_self=unknown ;;
+ esac
+
+ case $lt_cv_dlopen_self_static in
+ yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
+ *) enable_dlopen_self_static=unknown ;;
+ esac
+fi
+_LT_DECL([dlopen_support], [enable_dlopen], [0],
+ [Whether dlopen is supported])
+_LT_DECL([dlopen_self], [enable_dlopen_self], [0],
+ [Whether dlopen of programs is supported])
+_LT_DECL([dlopen_self_static], [enable_dlopen_self_static], [0],
+ [Whether dlopen of statically linked programs is supported])
+])# LT_SYS_DLOPEN_SELF
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_DLOPEN_SELF], [LT_SYS_DLOPEN_SELF])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF], [])
+
+
+# _LT_COMPILER_C_O([TAGNAME])
+# ---------------------------
+# Check to see if options -c and -o are simultaneously supported by compiler.
+# This macro does not hard code the compiler like AC_PROG_CC_C_O.
+m4_defun([_LT_COMPILER_C_O],
+[m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_TAG_COMPILER])dnl
+AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext],
+ [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)],
+ [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no
+ $RM -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&AS_MESSAGE_LOG_FD
+ echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ _LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
+ fi
+ fi
+ chmod u+w . 2>&AS_MESSAGE_LOG_FD
+ $RM conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+ $RM out/* && rmdir out
+ cd ..
+ $RM -r conftest
+ $RM conftest*
+])
+_LT_TAGDECL([compiler_c_o], [lt_cv_prog_compiler_c_o], [1],
+ [Does compiler simultaneously support -c and -o options?])
+])# _LT_COMPILER_C_O
+
+
+# _LT_COMPILER_FILE_LOCKS([TAGNAME])
+# ----------------------------------
+# Check to see if we can do hard links to lock some files if needed
+m4_defun([_LT_COMPILER_FILE_LOCKS],
+[m4_require([_LT_ENABLE_LOCK])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+_LT_COMPILER_C_O([$1])
+
+hard_links=nottested
+if test no = "$_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)" && test no != "$need_locks"; then
+ # do not overwrite the value of need_locks provided by the user
+ AC_MSG_CHECKING([if we can lock with hard links])
+ hard_links=yes
+ $RM conftest*
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ touch conftest.a
+ ln conftest.a conftest.b 2>&5 || hard_links=no
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ AC_MSG_RESULT([$hard_links])
+ if test no = "$hard_links"; then
+ AC_MSG_WARN(['$CC' does not support '-c -o', so 'make -j' may be unsafe])
+ need_locks=warn
+ fi
+else
+ need_locks=no
+fi
+_LT_DECL([], [need_locks], [1], [Must we lock files when doing compilation?])
+])# _LT_COMPILER_FILE_LOCKS
+
+
+# _LT_CHECK_OBJDIR
+# ----------------
+m4_defun([_LT_CHECK_OBJDIR],
+[AC_CACHE_CHECK([for objdir], [lt_cv_objdir],
+[rm -f .libs 2>/dev/null
+mkdir .libs 2>/dev/null
+if test -d .libs; then
+ lt_cv_objdir=.libs
+else
+ # MS-DOS does not allow filenames that begin with a dot.
+ lt_cv_objdir=_libs
+fi
+rmdir .libs 2>/dev/null])
+objdir=$lt_cv_objdir
+_LT_DECL([], [objdir], [0],
+ [The name of the directory that contains temporary libtool files])dnl
+m4_pattern_allow([LT_OBJDIR])dnl
+AC_DEFINE_UNQUOTED([LT_OBJDIR], "$lt_cv_objdir/",
+ [Define to the sub-directory where libtool stores uninstalled libraries.])
+])# _LT_CHECK_OBJDIR
+
+
+# _LT_LINKER_HARDCODE_LIBPATH([TAGNAME])
+# --------------------------------------
+# Check hardcoding attributes.
+m4_defun([_LT_LINKER_HARDCODE_LIBPATH],
+[AC_MSG_CHECKING([how to hardcode library paths into programs])
+_LT_TAGVAR(hardcode_action, $1)=
+if test -n "$_LT_TAGVAR(hardcode_libdir_flag_spec, $1)" ||
+ test -n "$_LT_TAGVAR(runpath_var, $1)" ||
+ test yes = "$_LT_TAGVAR(hardcode_automatic, $1)"; then
+
+ # We can hardcode non-existent directories.
+ if test no != "$_LT_TAGVAR(hardcode_direct, $1)" &&
+ # If the only mechanism to avoid hardcoding is shlibpath_var, we
+ # have to relink, otherwise we might link with an installed library
+ # when we should be linking with a yet-to-be-installed one
+ ## test no != "$_LT_TAGVAR(hardcode_shlibpath_var, $1)" &&
+ test no != "$_LT_TAGVAR(hardcode_minus_L, $1)"; then
+ # Linking always hardcodes the temporary library directory.
+ _LT_TAGVAR(hardcode_action, $1)=relink
+ else
+ # We can link without hardcoding, and we can hardcode nonexisting dirs.
+ _LT_TAGVAR(hardcode_action, $1)=immediate
+ fi
+else
+ # We cannot hardcode anything, or else we can only hardcode existing
+ # directories.
+ _LT_TAGVAR(hardcode_action, $1)=unsupported
+fi
+AC_MSG_RESULT([$_LT_TAGVAR(hardcode_action, $1)])
+
+if test relink = "$_LT_TAGVAR(hardcode_action, $1)" ||
+ test yes = "$_LT_TAGVAR(inherit_rpath, $1)"; then
+ # Fast installation is not supported
+ enable_fast_install=no
+elif test yes = "$shlibpath_overrides_runpath" ||
+ test no = "$enable_shared"; then
+ # Fast installation is not necessary
+ enable_fast_install=needless
+fi
+_LT_TAGDECL([], [hardcode_action], [0],
+ [How to hardcode a shared library path into an executable])
+])# _LT_LINKER_HARDCODE_LIBPATH
+
+
+# _LT_CMD_STRIPLIB
+# ----------------
+m4_defun([_LT_CMD_STRIPLIB],
+[m4_require([_LT_DECL_EGREP])
+striplib=
+old_striplib=
+AC_MSG_CHECKING([whether stripping libraries is possible])
+if test -z "$STRIP"; then
+ AC_MSG_RESULT([no])
+else
+ if $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then
+ old_striplib="$STRIP --strip-debug"
+ striplib="$STRIP --strip-unneeded"
+ AC_MSG_RESULT([yes])
+ else
+ case $host_os in
+ darwin*)
+ # FIXME - insert some real tests, host_os isn't really good enough
+ striplib="$STRIP -x"
+ old_striplib="$STRIP -S"
+ AC_MSG_RESULT([yes])
+ ;;
+ freebsd*)
+ if $STRIP -V 2>&1 | $GREP "elftoolchain" >/dev/null; then
+ old_striplib="$STRIP --strip-debug"
+ striplib="$STRIP --strip-unneeded"
+ AC_MSG_RESULT([yes])
+ else
+ AC_MSG_RESULT([no])
+ fi
+ ;;
+ *)
+ AC_MSG_RESULT([no])
+ ;;
+ esac
+ fi
+fi
+_LT_DECL([], [old_striplib], [1], [Commands to strip libraries])
+_LT_DECL([], [striplib], [1])
+])# _LT_CMD_STRIPLIB
+
+
+# _LT_PREPARE_MUNGE_PATH_LIST
+# ---------------------------
+# Make sure func_munge_path_list() is defined correctly.
+m4_defun([_LT_PREPARE_MUNGE_PATH_LIST],
+[[# func_munge_path_list VARIABLE PATH
+# -----------------------------------
+# VARIABLE is name of variable containing _space_ separated list of
+# directories to be munged by the contents of PATH, which is string
+# having a format:
+# "DIR[:DIR]:"
+# string "DIR[ DIR]" will be prepended to VARIABLE
+# ":DIR[:DIR]"
+# string "DIR[ DIR]" will be appended to VARIABLE
+# "DIRP[:DIRP]::[DIRA:]DIRA"
+# string "DIRP[ DIRP]" will be prepended to VARIABLE and string
+# "DIRA[ DIRA]" will be appended to VARIABLE
+# "DIR[:DIR]"
+# VARIABLE will be replaced by "DIR[ DIR]"
+func_munge_path_list ()
+{
+ case x@S|@2 in
+ x)
+ ;;
+ *:)
+ eval @S|@1=\"`$ECHO @S|@2 | $SED 's/:/ /g'` \@S|@@S|@1\"
+ ;;
+ x:*)
+ eval @S|@1=\"\@S|@@S|@1 `$ECHO @S|@2 | $SED 's/:/ /g'`\"
+ ;;
+ *::*)
+ eval @S|@1=\"\@S|@@S|@1\ `$ECHO @S|@2 | $SED -e 's/.*:://' -e 's/:/ /g'`\"
+ eval @S|@1=\"`$ECHO @S|@2 | $SED -e 's/::.*//' -e 's/:/ /g'`\ \@S|@@S|@1\"
+ ;;
+ *)
+ eval @S|@1=\"`$ECHO @S|@2 | $SED 's/:/ /g'`\"
+ ;;
+ esac
+}
+]])# _LT_PREPARE_PATH_LIST
+
+
+# _LT_SYS_DYNAMIC_LINKER([TAG])
+# -----------------------------
+# PORTME Fill in your ld.so characteristics
+m4_defun([_LT_SYS_DYNAMIC_LINKER],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_OBJDUMP])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_CHECK_SHELL_FEATURES])dnl
+m4_require([_LT_PREPARE_MUNGE_PATH_LIST])dnl
+AC_MSG_CHECKING([dynamic linker characteristics])
+m4_if([$1],
+ [], [
+if test yes = "$GCC"; then
+ case $host_os in
+ darwin*) lt_awk_arg='/^libraries:/,/LR/' ;;
+ *) lt_awk_arg='/^libraries:/' ;;
+ esac
+ case $host_os in
+ mingw* | cegcc*) lt_sed_strip_eq='s|=\([[A-Za-z]]:\)|\1|g' ;;
+ *) lt_sed_strip_eq='s|=/|/|g' ;;
+ esac
+ lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq`
+ case $lt_search_path_spec in
+ *\;*)
+ # if the path contains ";" then we assume it to be the separator
+ # otherwise default to the standard path separator (i.e. ":") - it is
+ # assumed that no part of a normal pathname contains ";" but that should
+ # okay in the real world where ";" in dirpaths is itself problematic.
+ lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'`
+ ;;
+ *)
+ lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"`
+ ;;
+ esac
+ # Ok, now we have the path, separated by spaces, we can step through it
+ # and add multilib dir if necessary...
+ lt_tmp_lt_search_path_spec=
+ lt_multi_os_dir=/`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null`
+ # ...but if some path component already ends with the multilib dir we assume
+ # that all is fine and trust -print-search-dirs as is (GCC 4.2? or newer).
+ case "$lt_multi_os_dir; $lt_search_path_spec " in
+ "/; "* | "/.; "* | "/./; "* | *"$lt_multi_os_dir "* | *"$lt_multi_os_dir/ "*)
+ lt_multi_os_dir=
+ ;;
+ esac
+ for lt_sys_path in $lt_search_path_spec; do
+ if test -d "$lt_sys_path$lt_multi_os_dir"; then
+ lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path$lt_multi_os_dir"
+ elif test -n "$lt_multi_os_dir"; then
+ test -d "$lt_sys_path" && \
+ lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
+ fi
+ done
+ lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk '
+BEGIN {RS = " "; FS = "/|\n";} {
+ lt_foo = "";
+ lt_count = 0;
+ for (lt_i = NF; lt_i > 0; lt_i--) {
+ if ($lt_i != "" && $lt_i != ".") {
+ if ($lt_i == "..") {
+ lt_count++;
+ } else {
+ if (lt_count == 0) {
+ lt_foo = "/" $lt_i lt_foo;
+ } else {
+ lt_count--;
+ }
+ }
+ }
+ }
+ if (lt_foo != "") { lt_freq[[lt_foo]]++; }
+ if (lt_freq[[lt_foo]] == 1) { print lt_foo; }
+}'`
+ # AWK program above erroneously prepends '/' to C:/dos/paths
+ # for these hosts.
+ case $host_os in
+ mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\
+ $SED 's|/\([[A-Za-z]]:\)|\1|g'` ;;
+ esac
+ sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP`
+else
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi])
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=.so
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+AC_ARG_VAR([LT_SYS_LIBRARY_PATH],
+[User-defined run-time library search path.])
+
+case $host_os in
+aix3*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname$release$shared_ext$versuffix $libname.a'
+ shlibpath_var=LIBPATH
+
+ # AIX 3 has no versioning support, so we append a major version to the name.
+ soname_spec='$libname$release$shared_ext$major'
+ ;;
+
+aix[[4-9]]*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ hardcode_into_libs=yes
+ if test ia64 = "$host_cpu"; then
+ # AIX 5 supports IA64
+ library_names_spec='$libname$release$shared_ext$major $libname$release$shared_ext$versuffix $libname$shared_ext'
+ shlibpath_var=LD_LIBRARY_PATH
+ else
+ # With GCC up to 2.95.x, collect2 would create an import file
+ # for dependence libraries. The import file would start with
+ # the line '#! .'. This would cause the generated library to
+ # depend on '.', always an invalid library. This was fixed in
+ # development snapshots of GCC prior to 3.0.
+ case $host_os in
+ aix4 | aix4.[[01]] | aix4.[[01]].*)
+ if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+ echo ' yes '
+ echo '#endif'; } | $CC -E - | $GREP yes > /dev/null; then
+ :
+ else
+ can_build_shared=no
+ fi
+ ;;
+ esac
+ # Using Import Files as archive members, it is possible to support
+ # filename-based versioning of shared library archives on AIX. While
+ # this would work for both with and without runtime linking, it will
+ # prevent static linking of such archives. So we do filename-based
+ # shared library versioning with .so extension only, which is used
+ # when both runtime linking and shared linking is enabled.
+ # Unfortunately, runtime linking may impact performance, so we do
+ # not want this to be the default eventually. Also, we use the
+ # versioned .so libs for executables only if there is the -brtl
+ # linker flag in LDFLAGS as well, or --with-aix-soname=svr4 only.
+ # To allow for filename-based versioning support, we need to create
+ # libNAME.so.V as an archive file, containing:
+ # *) an Import File, referring to the versioned filename of the
+ # archive as well as the shared archive member, telling the
+ # bitwidth (32 or 64) of that shared object, and providing the
+ # list of exported symbols of that shared object, eventually
+ # decorated with the 'weak' keyword
+ # *) the shared object with the F_LOADONLY flag set, to really avoid
+ # it being seen by the linker.
+ # At run time we better use the real file rather than another symlink,
+ # but for link time we create the symlink libNAME.so -> libNAME.so.V
+
+ case $with_aix_soname,$aix_use_runtimelinking in
+ # AIX (on Power*) has no versioning support, so currently we cannot hardcode correct
+ # soname into executable. Probably we can add versioning support to
+ # collect2, so additional links can be useful in future.
+ aix,yes) # traditional libtool
+ dynamic_linker='AIX unversionable lib.so'
+ # If using run time linking (on AIX 4.2 or later) use lib<name>.so
+ # instead of lib<name>.a to let people know that these are not
+ # typical AIX shared libraries.
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ ;;
+ aix,no) # traditional AIX only
+ dynamic_linker='AIX lib.a[(]lib.so.V[)]'
+ # We preserve .a as extension for shared libraries through AIX4.2
+ # and later when we are not doing run time linking.
+ library_names_spec='$libname$release.a $libname.a'
+ soname_spec='$libname$release$shared_ext$major'
+ ;;
+ svr4,*) # full svr4 only
+ dynamic_linker="AIX lib.so.V[(]$shared_archive_member_spec.o[)]"
+ library_names_spec='$libname$release$shared_ext$major $libname$shared_ext'
+ # We do not specify a path in Import Files, so LIBPATH fires.
+ shlibpath_overrides_runpath=yes
+ ;;
+ *,yes) # both, prefer svr4
+ dynamic_linker="AIX lib.so.V[(]$shared_archive_member_spec.o[)], lib.a[(]lib.so.V[)]"
+ library_names_spec='$libname$release$shared_ext$major $libname$shared_ext'
+ # unpreferred sharedlib libNAME.a needs extra handling
+ postinstall_cmds='test -n "$linkname" || linkname="$realname"~func_stripname "" ".so" "$linkname"~$install_shared_prog "$dir/$func_stripname_result.$libext" "$destdir/$func_stripname_result.$libext"~test -z "$tstripme" || test -z "$striplib" || $striplib "$destdir/$func_stripname_result.$libext"'
+ postuninstall_cmds='for n in $library_names $old_library; do :; done~func_stripname "" ".so" "$n"~test "$func_stripname_result" = "$n" || func_append rmfiles " $odir/$func_stripname_result.$libext"'
+ # We do not specify a path in Import Files, so LIBPATH fires.
+ shlibpath_overrides_runpath=yes
+ ;;
+ *,no) # both, prefer aix
+ dynamic_linker="AIX lib.a[(]lib.so.V[)], lib.so.V[(]$shared_archive_member_spec.o[)]"
+ library_names_spec='$libname$release.a $libname.a'
+ soname_spec='$libname$release$shared_ext$major'
+ # unpreferred sharedlib libNAME.so.V and symlink libNAME.so need extra handling
+ postinstall_cmds='test -z "$dlname" || $install_shared_prog $dir/$dlname $destdir/$dlname~test -z "$tstripme" || test -z "$striplib" || $striplib $destdir/$dlname~test -n "$linkname" || linkname=$realname~func_stripname "" ".a" "$linkname"~(cd "$destdir" && $LN_S -f $dlname $func_stripname_result.so)'
+ postuninstall_cmds='test -z "$dlname" || func_append rmfiles " $odir/$dlname"~for n in $old_library $library_names; do :; done~func_stripname "" ".a" "$n"~func_append rmfiles " $odir/$func_stripname_result.so"'
+ ;;
+ esac
+ shlibpath_var=LIBPATH
+ fi
+ ;;
+
+amigaos*)
+ case $host_cpu in
+ powerpc)
+ # Since July 2007 AmigaOS4 officially supports .so libraries.
+ # When compiling the executable, add -use-dynld -Lsobjs: to the compileline.
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ ;;
+ m68k)
+ library_names_spec='$libname.ixlibrary $libname.a'
+ # Create ${libname}_ixlibrary.a entries in /sys/libs.
+ finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+ ;;
+ esac
+ ;;
+
+beos*)
+ library_names_spec='$libname$shared_ext'
+ dynamic_linker="$host_os ld.so"
+ shlibpath_var=LIBRARY_PATH
+ ;;
+
+bsdi[[45]]*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+ # the default ld.so.conf also contains /usr/contrib/lib and
+ # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+ # libtool to hard-code these into programs
+ ;;
+
+cygwin* | mingw* | pw32* | cegcc*)
+ version_type=windows
+ shrext_cmds=.dll
+ need_version=no
+ need_lib_prefix=no
+
+ case $GCC,$cc_basename in
+ yes,*)
+ # gcc
+ library_names_spec='$libname.dll.a'
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \$file`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\$base_file'\''i; echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname~
+ if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then
+ eval '\''$striplib \$dldir/$dlname'\'' || exit \$?;
+ fi'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $RM \$dlpath'
+ shlibpath_overrides_runpath=yes
+
+ case $host_os in
+ cygwin*)
+ # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+ soname_spec='`echo $libname | $SED -e 's/^lib/cyg/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext'
+m4_if([$1], [],[
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"])
+ ;;
+ mingw* | cegcc*)
+ # MinGW DLLs use traditional 'lib' prefix
+ soname_spec='$libname`echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext'
+ ;;
+ pw32*)
+ # pw32 DLLs use 'pw' prefix rather than 'lib'
+ library_names_spec='`echo $libname | $SED -e 's/^lib/pw/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext'
+ ;;
+ esac
+ dynamic_linker='Win32 ld.exe'
+ ;;
+
+ *,cl* | *,icl*)
+ # Native MSVC or ICC
+ libname_spec='$name'
+ soname_spec='$libname`echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext'
+ library_names_spec='$libname.dll.lib'
+
+ case $build_os in
+ mingw*)
+ sys_lib_search_path_spec=
+ lt_save_ifs=$IFS
+ IFS=';'
+ for lt_path in $LIB
+ do
+ IFS=$lt_save_ifs
+ # Let DOS variable expansion print the short 8.3 style file name.
+ lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"`
+ sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path"
+ done
+ IFS=$lt_save_ifs
+ # Convert to MSYS style.
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'`
+ ;;
+ cygwin*)
+ # Convert to unix form, then to dos form, then back to unix form
+ # but this time dos style (no spaces!) so that the unix form looks
+ # like /cygdrive/c/PROGRA~1:/cygdr...
+ sys_lib_search_path_spec=`cygpath --path --unix "$LIB"`
+ sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null`
+ sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ ;;
+ *)
+ sys_lib_search_path_spec=$LIB
+ if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then
+ # It is most probably a Windows format PATH.
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+ # FIXME: find the short name or the path components, as spaces are
+ # common. (e.g. "Program Files" -> "PROGRA~1")
+ ;;
+ esac
+
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \$file`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\$base_file'\''i; echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $RM \$dlpath'
+ shlibpath_overrides_runpath=yes
+ dynamic_linker='Win32 link.exe'
+ ;;
+
+ *)
+ # Assume MSVC and ICC wrapper
+ library_names_spec='$libname`echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext $libname.lib'
+ dynamic_linker='Win32 ld.exe'
+ ;;
+ esac
+ # FIXME: first we should search . and the directory the executable is in
+ shlibpath_var=PATH
+ ;;
+
+darwin* | rhapsody*)
+ dynamic_linker="$host_os dyld"
+ version_type=darwin
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$major$shared_ext $libname$shared_ext'
+ soname_spec='$libname$release$major$shared_ext'
+ shlibpath_overrides_runpath=yes
+ shlibpath_var=DYLD_LIBRARY_PATH
+ shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+m4_if([$1], [],[
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"])
+ sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+ ;;
+
+dgux*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+freebsd* | dragonfly* | midnightbsd*)
+ # DragonFly does not have aout. When/if they implement a new
+ # versioning mechanism, adjust this.
+ if test -x /usr/bin/objformat; then
+ objformat=`/usr/bin/objformat`
+ else
+ case $host_os in
+ freebsd[[23]].*) objformat=aout ;;
+ *) objformat=elf ;;
+ esac
+ fi
+ version_type=freebsd-$objformat
+ case $version_type in
+ freebsd-elf*)
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ need_version=no
+ need_lib_prefix=no
+ ;;
+ freebsd-*)
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix'
+ need_version=yes
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_os in
+ freebsd2.*)
+ shlibpath_overrides_runpath=yes
+ ;;
+ freebsd3.[[01]]* | freebsdelf3.[[01]]*)
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \
+ freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1)
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+ *) # from 4.6 on, and DragonFly
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ esac
+ ;;
+
+haiku*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ dynamic_linker="$host_os runtime_loader"
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
+ hardcode_into_libs=yes
+ ;;
+
+hpux9* | hpux10* | hpux11*)
+ # Give a soname corresponding to the major version so that dld.sl refuses to
+ # link against other versions.
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ case $host_cpu in
+ ia64*)
+ shrext_cmds='.so'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.so"
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ if test 32 = "$HPUX_IA64_MODE"; then
+ sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+ sys_lib_dlsearch_path_spec=/usr/lib/hpux32
+ else
+ sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+ sys_lib_dlsearch_path_spec=/usr/lib/hpux64
+ fi
+ ;;
+ hppa*64*)
+ shrext_cmds='.sl'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ *)
+ shrext_cmds='.sl'
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=SHLIB_PATH
+ shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ ;;
+ esac
+ # HP-UX runs *really* slowly unless shared libraries are mode 555, ...
+ postinstall_cmds='chmod 555 $lib'
+ # or fails outright, so override atomically:
+ install_override_mode=555
+ ;;
+
+interix[[3-9]]*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $host_os in
+ nonstopux*) version_type=nonstopux ;;
+ *)
+ if test yes = "$lt_cv_prog_gnu_ld"; then
+ version_type=linux # correct to gnu/linux during the next big refactor
+ else
+ version_type=irix
+ fi ;;
+ esac
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='$libname$release$shared_ext$major'
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$release$shared_ext $libname$shared_ext'
+ case $host_os in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in # libtool.m4 will add one of these switches to LD
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+ libsuff= shlibsuff= libmagic=32-bit;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+ libsuff=32 shlibsuff=N32 libmagic=N32;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+ libsuff=64 shlibsuff=64 libmagic=64-bit;;
+ *) libsuff= shlibsuff= libmagic=never-match;;
+ esac
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec="/usr/lib$libsuff /lib$libsuff /usr/local/lib$libsuff"
+ sys_lib_dlsearch_path_spec="/usr/lib$libsuff /lib$libsuff"
+ hardcode_into_libs=yes
+ ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+ dynamic_linker=no
+ ;;
+
+linux*android*)
+ version_type=none # Android doesn't support versioned libraries.
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext'
+ soname_spec='$libname$release$shared_ext'
+ finish_cmds=
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ dynamic_linker='Android linker'
+ # Don't embed -rpath directories since the linker doesn't support them.
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+
+ # Some binutils ld are patched to set DT_RUNPATH
+ AC_CACHE_VAL([lt_cv_shlibpath_overrides_runpath],
+ [lt_cv_shlibpath_overrides_runpath=no
+ save_LDFLAGS=$LDFLAGS
+ save_libdir=$libdir
+ eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \
+ LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\""
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
+ [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null],
+ [lt_cv_shlibpath_overrides_runpath=yes])])
+ LDFLAGS=$save_LDFLAGS
+ libdir=$save_libdir
+ ])
+ shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath
+
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ # Ideally, we could use ldconfig to report *all* directores which are
+ # searched for libraries, however this is still not possible. Aside from not
+ # being certain /sbin/ldconfig is available, command
+ # 'ldconfig -N -X -v | grep ^/' on 64bit Fedora does not report /usr/lib64,
+ # even though it is searched at run-time. Try to do the best guess by
+ # appending ld.so.conf contents (and includes) to the search path.
+ if test -f /etc/ld.so.conf; then
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
+ sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ fi
+
+ # We used to test for /lib/ld.so.1 and disable shared libraries on
+ # powerpc, because MkLinux only supported shared libraries with the
+ # GNU dynamic linker. Since this was broken with cross compilers,
+ # most powerpc-linux boxes support dynamic linking these days and
+ # people can always --disable-shared, the test was removed, and we
+ # assume the GNU/Linux dynamic linker is in use.
+ dynamic_linker='GNU/Linux ld.so'
+ ;;
+
+netbsdelf*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='NetBSD ld.elf_so'
+ ;;
+
+netbsd*)
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ dynamic_linker='NetBSD (a.out) ld.so'
+ else
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ dynamic_linker='NetBSD ld.elf_so'
+ fi
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+
+newsos6)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+*nto* | *qnx*)
+ version_type=qnx
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='ldqnx.so'
+ ;;
+
+openbsd* | bitrig*)
+ version_type=sunos
+ sys_lib_dlsearch_path_spec=/usr/lib
+ need_lib_prefix=no
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`"; then
+ need_version=no
+ else
+ need_version=yes
+ fi
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+os2*)
+ libname_spec='$name'
+ version_type=windows
+ shrext_cmds=.dll
+ need_version=no
+ need_lib_prefix=no
+ # OS/2 can only load a DLL with a base name of 8 characters or less.
+ soname_spec='`test -n "$os2dllname" && libname="$os2dllname";
+ v=$($ECHO $release$versuffix | tr -d .-);
+ n=$($ECHO $libname | cut -b -$((8 - ${#v})) | tr . _);
+ $ECHO $n$v`$shared_ext'
+ library_names_spec='${libname}_dll.$libext'
+ dynamic_linker='OS/2 ld.exe'
+ shlibpath_var=BEGINLIBPATH
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ postinstall_cmds='base_file=`basename \$file`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\$base_file'\''i; $ECHO \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname~
+ if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then
+ eval '\''$striplib \$dldir/$dlname'\'' || exit \$?;
+ fi'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; $ECHO \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $RM \$dlpath'
+ ;;
+
+osf3* | osf4* | osf5*)
+ version_type=osf
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='$libname$release$shared_ext$major'
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+
+rdos*)
+ dynamic_linker=no
+ ;;
+
+solaris*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ # ldd complains unless libraries are executable
+ postinstall_cmds='chmod +x $lib'
+ ;;
+
+sunos4*)
+ version_type=sunos
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix'
+ finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ if test yes = "$with_gnu_ld"; then
+ need_lib_prefix=no
+ fi
+ need_version=yes
+ ;;
+
+sysv4 | sysv4.3*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_vendor in
+ sni)
+ shlibpath_overrides_runpath=no
+ need_lib_prefix=no
+ runpath_var=LD_RUN_PATH
+ ;;
+ siemens)
+ need_lib_prefix=no
+ ;;
+ motorola)
+ need_lib_prefix=no
+ need_version=no
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+ ;;
+ esac
+ ;;
+
+sysv4*MP*)
+ if test -d /usr/nec; then
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname$shared_ext.$versuffix $libname$shared_ext.$major $libname$shared_ext'
+ soname_spec='$libname$shared_ext.$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ fi
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ version_type=sco
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ if test yes = "$with_gnu_ld"; then
+ sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+ else
+ sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+ case $host_os in
+ sco3.2v5*)
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+ ;;
+ esac
+ fi
+ sys_lib_dlsearch_path_spec='/usr/lib'
+ ;;
+
+tpf*)
+ # TPF is a cross-target only. Preferred cross-host = GNU/Linux.
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+uts4*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext'
+ soname_spec='$libname$release$shared_ext$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+*)
+ dynamic_linker=no
+ ;;
+esac
+AC_MSG_RESULT([$dynamic_linker])
+test no = "$dynamic_linker" && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test yes = "$GCC"; then
+ variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+if test set = "${lt_cv_sys_lib_search_path_spec+set}"; then
+ sys_lib_search_path_spec=$lt_cv_sys_lib_search_path_spec
+fi
+
+if test set = "${lt_cv_sys_lib_dlsearch_path_spec+set}"; then
+ sys_lib_dlsearch_path_spec=$lt_cv_sys_lib_dlsearch_path_spec
+fi
+
+# remember unaugmented sys_lib_dlsearch_path content for libtool script decls...
+configure_time_dlsearch_path=$sys_lib_dlsearch_path_spec
+
+# ... but it needs LT_SYS_LIBRARY_PATH munging for other configure-time code
+func_munge_path_list sys_lib_dlsearch_path_spec "$LT_SYS_LIBRARY_PATH"
+
+# to be used as default LT_SYS_LIBRARY_PATH value in generated libtool
+configure_time_lt_sys_library_path=$LT_SYS_LIBRARY_PATH
+
+_LT_DECL([], [variables_saved_for_relink], [1],
+ [Variables whose values should be saved in libtool wrapper scripts and
+ restored at link time])
+_LT_DECL([], [need_lib_prefix], [0],
+ [Do we need the "lib" prefix for modules?])
+_LT_DECL([], [need_version], [0], [Do we need a version for libraries?])
+_LT_DECL([], [version_type], [0], [Library versioning type])
+_LT_DECL([], [runpath_var], [0], [Shared library runtime path variable])
+_LT_DECL([], [shlibpath_var], [0],[Shared library path variable])
+_LT_DECL([], [shlibpath_overrides_runpath], [0],
+ [Is shlibpath searched before the hard-coded library search path?])
+_LT_DECL([], [libname_spec], [1], [Format of library name prefix])
+_LT_DECL([], [library_names_spec], [1],
+ [[List of archive names. First name is the real one, the rest are links.
+ The last name is the one that the linker finds with -lNAME]])
+_LT_DECL([], [soname_spec], [1],
+ [[The coded name of the library, if different from the real name]])
+_LT_DECL([], [install_override_mode], [1],
+ [Permission mode override for installation of shared libraries])
+_LT_DECL([], [postinstall_cmds], [2],
+ [Command to use after installation of a shared archive])
+_LT_DECL([], [postuninstall_cmds], [2],
+ [Command to use after uninstallation of a shared archive])
+_LT_DECL([], [finish_cmds], [2],
+ [Commands used to finish a libtool library installation in a directory])
+_LT_DECL([], [finish_eval], [1],
+ [[As "finish_cmds", except a single script fragment to be evaled but
+ not shown]])
+_LT_DECL([], [hardcode_into_libs], [0],
+ [Whether we should hardcode library paths into libraries])
+_LT_DECL([], [sys_lib_search_path_spec], [2],
+ [Compile-time system search path for libraries])
+_LT_DECL([sys_lib_dlsearch_path_spec], [configure_time_dlsearch_path], [2],
+ [Detected run-time system search path for libraries])
+_LT_DECL([], [configure_time_lt_sys_library_path], [2],
+ [Explicit LT_SYS_LIBRARY_PATH set during ./configure time])
+])# _LT_SYS_DYNAMIC_LINKER
+
+
+# _LT_PATH_TOOL_PREFIX(TOOL)
+# --------------------------
+# find a file program that can recognize shared library
+AC_DEFUN([_LT_PATH_TOOL_PREFIX],
+[m4_require([_LT_DECL_EGREP])dnl
+AC_MSG_CHECKING([for $1])
+AC_CACHE_VAL(lt_cv_path_MAGIC_CMD,
+[case $MAGIC_CMD in
+[[\\/*] | ?:[\\/]*])
+ lt_cv_path_MAGIC_CMD=$MAGIC_CMD # Let the user override the test with a path.
+ ;;
+*)
+ lt_save_MAGIC_CMD=$MAGIC_CMD
+ lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR
+dnl $ac_dummy forces splitting on constant user-supplied paths.
+dnl POSIX.2 word splitting is done only on the output of word expansions,
+dnl not every word. This closes a longstanding sh security hole.
+ ac_dummy="m4_if([$2], , $PATH, [$2])"
+ for ac_dir in $ac_dummy; do
+ IFS=$lt_save_ifs
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$1"; then
+ lt_cv_path_MAGIC_CMD=$ac_dir/"$1"
+ if test -n "$file_magic_test_file"; then
+ case $deplibs_check_method in
+ "file_magic "*)
+ file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+ MAGIC_CMD=$lt_cv_path_MAGIC_CMD
+ if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+ $EGREP "$file_magic_regex" > /dev/null; then
+ :
+ else
+ cat <<_LT_EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such. This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem. Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+_LT_EOF
+ fi ;;
+ esac
+ fi
+ break
+ fi
+ done
+ IFS=$lt_save_ifs
+ MAGIC_CMD=$lt_save_MAGIC_CMD
+ ;;
+esac])
+MAGIC_CMD=$lt_cv_path_MAGIC_CMD
+if test -n "$MAGIC_CMD"; then
+ AC_MSG_RESULT($MAGIC_CMD)
+else
+ AC_MSG_RESULT(no)
+fi
+_LT_DECL([], [MAGIC_CMD], [0],
+ [Used to examine libraries when file_magic_cmd begins with "file"])dnl
+])# _LT_PATH_TOOL_PREFIX
+
+# Old name:
+AU_ALIAS([AC_PATH_TOOL_PREFIX], [_LT_PATH_TOOL_PREFIX])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_PATH_TOOL_PREFIX], [])
+
+
+# _LT_PATH_MAGIC
+# --------------
+# find a file program that can recognize a shared library
+m4_defun([_LT_PATH_MAGIC],
+[_LT_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH)
+if test -z "$lt_cv_path_MAGIC_CMD"; then
+ if test -n "$ac_tool_prefix"; then
+ _LT_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH)
+ else
+ MAGIC_CMD=:
+ fi
+fi
+])# _LT_PATH_MAGIC
+
+
+# LT_PATH_LD
+# ----------
+# find the pathname to the GNU or non-GNU linker
+AC_DEFUN([LT_PATH_LD],
+[AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_PROG_ECHO_BACKSLASH])dnl
+
+AC_ARG_WITH([gnu-ld],
+ [AS_HELP_STRING([--with-gnu-ld],
+ [assume the C compiler uses GNU ld @<:@default=no@:>@])],
+ [test no = "$withval" || with_gnu_ld=yes],
+ [with_gnu_ld=no])dnl
+
+ac_prog=ld
+if test yes = "$GCC"; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ AC_MSG_CHECKING([for ld used by $CC])
+ case $host in
+ *-*-mingw*)
+ # gcc leaves a trailing carriage return, which upsets mingw
+ ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+ *)
+ ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+ esac
+ case $ac_prog in
+ # Accept absolute paths.
+ [[\\/]]* | ?:[[\\/]]*)
+ re_direlt='/[[^/]][[^/]]*/\.\./'
+ # Canonicalize the pathname of ld
+ ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'`
+ while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do
+ ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"`
+ done
+ test -z "$LD" && LD=$ac_prog
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test yes = "$with_gnu_ld"; then
+ AC_MSG_CHECKING([for GNU ld])
+else
+ AC_MSG_CHECKING([for non-GNU ld])
+fi
+AC_CACHE_VAL(lt_cv_path_LD,
+[if test -z "$LD"; then
+ lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH; do
+ IFS=$lt_save_ifs
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+ lt_cv_path_LD=$ac_dir/$ac_prog
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some variants of GNU ld only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ case `"$lt_cv_path_LD" -v 2>&1 </dev/null` in
+ *GNU* | *'with BFD'*)
+ test no != "$with_gnu_ld" && break
+ ;;
+ *)
+ test yes != "$with_gnu_ld" && break
+ ;;
+ esac
+ fi
+ done
+ IFS=$lt_save_ifs
+else
+ lt_cv_path_LD=$LD # Let the user override the test with a path.
+fi])
+LD=$lt_cv_path_LD
+if test -n "$LD"; then
+ AC_MSG_RESULT($LD)
+else
+ AC_MSG_RESULT(no)
+fi
+test -z "$LD" && AC_MSG_ERROR([no acceptable ld found in \$PATH])
+_LT_PATH_LD_GNU
+AC_SUBST([LD])
+
+_LT_TAGDECL([], [LD], [1], [The linker used to build libraries])
+])# LT_PATH_LD
+
+# Old names:
+AU_ALIAS([AM_PROG_LD], [LT_PATH_LD])
+AU_ALIAS([AC_PROG_LD], [LT_PATH_LD])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_PROG_LD], [])
+dnl AC_DEFUN([AC_PROG_LD], [])
+
+
+# _LT_PATH_LD_GNU
+#- --------------
+m4_defun([_LT_PATH_LD_GNU],
+[AC_CACHE_CHECK([if the linker ($LD) is GNU ld], lt_cv_prog_gnu_ld,
+[# I'd rather use --version here, but apparently some GNU lds only accept -v.
+case `$LD -v 2>&1 </dev/null` in
+*GNU* | *'with BFD'*)
+ lt_cv_prog_gnu_ld=yes
+ ;;
+*)
+ lt_cv_prog_gnu_ld=no
+ ;;
+esac])
+with_gnu_ld=$lt_cv_prog_gnu_ld
+])# _LT_PATH_LD_GNU
+
+
+# _LT_CMD_RELOAD
+# --------------
+# find reload flag for linker
+# -- PORTME Some linkers may need a different reload flag.
+m4_defun([_LT_CMD_RELOAD],
+[AC_CACHE_CHECK([for $LD option to reload object files],
+ lt_cv_ld_reload_flag,
+ [lt_cv_ld_reload_flag='-r'])
+reload_flag=$lt_cv_ld_reload_flag
+case $reload_flag in
+"" | " "*) ;;
+*) reload_flag=" $reload_flag" ;;
+esac
+reload_cmds='$LD$reload_flag -o $output$reload_objs'
+case $host_os in
+ cygwin* | mingw* | pw32* | cegcc*)
+ if test yes != "$GCC"; then
+ reload_cmds=false
+ fi
+ ;;
+ darwin*)
+ if test yes = "$GCC"; then
+ reload_cmds='$LTCC $LTCFLAGS -nostdlib $wl-r -o $output$reload_objs'
+ else
+ reload_cmds='$LD$reload_flag -o $output$reload_objs'
+ fi
+ ;;
+esac
+_LT_TAGDECL([], [reload_flag], [1], [How to create reloadable object files])dnl
+_LT_TAGDECL([], [reload_cmds], [2])dnl
+])# _LT_CMD_RELOAD
+
+
+# _LT_PATH_DD
+# -----------
+# find a working dd
+m4_defun([_LT_PATH_DD],
+[AC_CACHE_CHECK([for a working dd], [ac_cv_path_lt_DD],
+[printf 0123456789abcdef0123456789abcdef >conftest.i
+cat conftest.i conftest.i >conftest2.i
+: ${lt_DD:=$DD}
+AC_PATH_PROGS_FEATURE_CHECK([lt_DD], [dd],
+[if "$ac_path_lt_DD" bs=32 count=1 <conftest2.i >conftest.out 2>/dev/null; then
+ cmp -s conftest.i conftest.out \
+ && ac_cv_path_lt_DD="$ac_path_lt_DD" ac_path_lt_DD_found=:
+fi])
+rm -f conftest.i conftest2.i conftest.out])
+])# _LT_PATH_DD
+
+
+# _LT_CMD_TRUNCATE
+# ----------------
+# find command to truncate a binary pipe
+m4_defun([_LT_CMD_TRUNCATE],
+[m4_require([_LT_PATH_DD])
+AC_CACHE_CHECK([how to truncate binary pipes], [lt_cv_truncate_bin],
+[printf 0123456789abcdef0123456789abcdef >conftest.i
+cat conftest.i conftest.i >conftest2.i
+lt_cv_truncate_bin=
+if "$ac_cv_path_lt_DD" bs=32 count=1 <conftest2.i >conftest.out 2>/dev/null; then
+ cmp -s conftest.i conftest.out \
+ && lt_cv_truncate_bin="$ac_cv_path_lt_DD bs=4096 count=1"
+fi
+rm -f conftest.i conftest2.i conftest.out
+test -z "$lt_cv_truncate_bin" && lt_cv_truncate_bin="$SED -e 4q"])
+_LT_DECL([lt_truncate_bin], [lt_cv_truncate_bin], [1],
+ [Command to truncate a binary pipe])
+])# _LT_CMD_TRUNCATE
+
+
+# _LT_CHECK_MAGIC_METHOD
+# ----------------------
+# how to check for library dependencies
+# -- PORTME fill in with the dynamic library characteristics
+m4_defun([_LT_CHECK_MAGIC_METHOD],
+[m4_require([_LT_DECL_EGREP])
+m4_require([_LT_DECL_OBJDUMP])
+AC_CACHE_CHECK([how to recognize dependent libraries],
+lt_cv_deplibs_check_method,
+[lt_cv_file_magic_cmd='$MAGIC_CMD'
+lt_cv_file_magic_test_file=
+lt_cv_deplibs_check_method='unknown'
+# Need to set the preceding variable on all platforms that support
+# interlibrary dependencies.
+# 'none' -- dependencies not supported.
+# 'unknown' -- same as none, but documents that we really don't know.
+# 'pass_all' -- all dependencies passed with no checks.
+# 'test_compile' -- check by making test program.
+# 'file_magic [[regex]]' -- check by looking for files in library path
+# that responds to the $file_magic_cmd with a given extended regex.
+# If you have 'file' or equivalent on your system and you're not sure
+# whether 'pass_all' will *always* work, you probably want this one.
+
+case $host_os in
+aix[[4-9]]*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+beos*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+bsdi[[45]]*)
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib)'
+ lt_cv_file_magic_cmd='$FILECMD -L'
+ lt_cv_file_magic_test_file=/shlib/libc.so
+ ;;
+
+cygwin*)
+ # func_win32_libid is a shell function defined in ltmain.sh
+ lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+ lt_cv_file_magic_cmd='func_win32_libid'
+ ;;
+
+mingw* | pw32*)
+ # Base MSYS/MinGW do not provide the 'file' command needed by
+ # func_win32_libid shell function, so use a weaker test based on 'objdump',
+ # unless we find 'file', for example because we are cross-compiling.
+ if ( file / ) >/dev/null 2>&1; then
+ lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+ lt_cv_file_magic_cmd='func_win32_libid'
+ else
+ # Keep this pattern in sync with the one in func_win32_libid.
+ lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)'
+ lt_cv_file_magic_cmd='$OBJDUMP -f'
+ fi
+ ;;
+
+cegcc*)
+ # use the weaker test based on 'objdump'. See mingw*.
+ lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?'
+ lt_cv_file_magic_cmd='$OBJDUMP -f'
+ ;;
+
+darwin* | rhapsody*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+freebsd* | dragonfly* | midnightbsd*)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+ case $host_cpu in
+ i*86 )
+ # Not sure whether the presence of OpenBSD here was a mistake.
+ # Let's accept both of them until this is cleared up.
+ lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library'
+ lt_cv_file_magic_cmd=$FILECMD
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
+ ;;
+ esac
+ else
+ lt_cv_deplibs_check_method=pass_all
+ fi
+ ;;
+
+haiku*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+hpux10.20* | hpux11*)
+ lt_cv_file_magic_cmd=$FILECMD
+ case $host_cpu in
+ ia64*)
+ lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64'
+ lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
+ ;;
+ hppa*64*)
+ [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]']
+ lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
+ ;;
+ *)
+ lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]]\.[[0-9]]) shared library'
+ lt_cv_file_magic_test_file=/usr/lib/libc.sl
+ ;;
+ esac
+ ;;
+
+interix[[3-9]]*)
+ # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$'
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $LD in
+ *-32|*"-32 ") libmagic=32-bit;;
+ *-n32|*"-n32 ") libmagic=N32;;
+ *-64|*"-64 ") libmagic=64-bit;;
+ *) libmagic=never-match;;
+ esac
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+netbsd* | netbsdelf*-gnu)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$'
+ fi
+ ;;
+
+newos6*)
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)'
+ lt_cv_file_magic_cmd=$FILECMD
+ lt_cv_file_magic_test_file=/usr/lib/libnls.so
+ ;;
+
+*nto* | *qnx*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+openbsd* | bitrig*)
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`"; then
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
+ fi
+ ;;
+
+osf3* | osf4* | osf5*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+rdos*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+solaris*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+sysv4 | sysv4.3*)
+ case $host_vendor in
+ motorola)
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]'
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*`
+ ;;
+ ncr)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ sequent)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )'
+ ;;
+ sni)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib"
+ lt_cv_file_magic_test_file=/lib/libc.so
+ ;;
+ siemens)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ pc)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ esac
+ ;;
+
+tpf*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+os2*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+esac
+])
+
+file_magic_glob=
+want_nocaseglob=no
+if test "$build" = "$host"; then
+ case $host_os in
+ mingw* | pw32*)
+ if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then
+ want_nocaseglob=yes
+ else
+ file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[[\1]]\/[[\1]]\/g;/g"`
+ fi
+ ;;
+ esac
+fi
+
+file_magic_cmd=$lt_cv_file_magic_cmd
+deplibs_check_method=$lt_cv_deplibs_check_method
+test -z "$deplibs_check_method" && deplibs_check_method=unknown
+
+_LT_DECL([], [deplibs_check_method], [1],
+ [Method to check whether dependent libraries are shared objects])
+_LT_DECL([], [file_magic_cmd], [1],
+ [Command to use when deplibs_check_method = "file_magic"])
+_LT_DECL([], [file_magic_glob], [1],
+ [How to find potential files when deplibs_check_method = "file_magic"])
+_LT_DECL([], [want_nocaseglob], [1],
+ [Find potential files using nocaseglob when deplibs_check_method = "file_magic"])
+])# _LT_CHECK_MAGIC_METHOD
+
+
+# LT_PATH_NM
+# ----------
+# find the pathname to a BSD- or MS-compatible name lister
+AC_DEFUN([LT_PATH_NM],
+[AC_REQUIRE([AC_PROG_CC])dnl
+AC_CACHE_CHECK([for BSD- or MS-compatible name lister (nm)], lt_cv_path_NM,
+[if test -n "$NM"; then
+ # Let the user override the test.
+ lt_cv_path_NM=$NM
+else
+ lt_nm_to_check=${ac_tool_prefix}nm
+ if test -n "$ac_tool_prefix" && test "$build" = "$host"; then
+ lt_nm_to_check="$lt_nm_to_check nm"
+ fi
+ for lt_tmp_nm in $lt_nm_to_check; do
+ lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do
+ IFS=$lt_save_ifs
+ test -z "$ac_dir" && ac_dir=.
+ tmp_nm=$ac_dir/$lt_tmp_nm
+ if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext"; then
+ # Check to see if the nm accepts a BSD-compat flag.
+ # Adding the 'sed 1q' prevents false positives on HP-UX, which says:
+ # nm: unknown option "B" ignored
+ # Tru64's nm complains that /dev/null is an invalid object file
+ # MSYS converts /dev/null to NUL, MinGW nm treats NUL as empty
+ case $build_os in
+ mingw*) lt_bad_file=conftest.nm/nofile ;;
+ *) lt_bad_file=/dev/null ;;
+ esac
+ case `"$tmp_nm" -B $lt_bad_file 2>&1 | $SED '1q'` in
+ *$lt_bad_file* | *'Invalid file or object type'*)
+ lt_cv_path_NM="$tmp_nm -B"
+ break 2
+ ;;
+ *)
+ case `"$tmp_nm" -p /dev/null 2>&1 | $SED '1q'` in
+ */dev/null*)
+ lt_cv_path_NM="$tmp_nm -p"
+ break 2
+ ;;
+ *)
+ lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but
+ continue # so that we can try to find one that supports BSD flags
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ done
+ IFS=$lt_save_ifs
+ done
+ : ${lt_cv_path_NM=no}
+fi])
+if test no != "$lt_cv_path_NM"; then
+ NM=$lt_cv_path_NM
+else
+ # Didn't find any BSD compatible name lister, look for dumpbin.
+ if test -n "$DUMPBIN"; then :
+ # Let the user override the test.
+ else
+ AC_CHECK_TOOLS(DUMPBIN, [dumpbin "link -dump"], :)
+ case `$DUMPBIN -symbols -headers /dev/null 2>&1 | $SED '1q'` in
+ *COFF*)
+ DUMPBIN="$DUMPBIN -symbols -headers"
+ ;;
+ *)
+ DUMPBIN=:
+ ;;
+ esac
+ fi
+ AC_SUBST([DUMPBIN])
+ if test : != "$DUMPBIN"; then
+ NM=$DUMPBIN
+ fi
+fi
+test -z "$NM" && NM=nm
+AC_SUBST([NM])
+_LT_DECL([], [NM], [1], [A BSD- or MS-compatible name lister])dnl
+
+AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface],
+ [lt_cv_nm_interface="BSD nm"
+ echo "int some_variable = 0;" > conftest.$ac_ext
+ (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval "$ac_compile" 2>conftest.err)
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD)
+ (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ (eval echo "\"\$as_me:$LINENO: output\"" >&AS_MESSAGE_LOG_FD)
+ cat conftest.out >&AS_MESSAGE_LOG_FD
+ if $GREP 'External.*some_variable' conftest.out > /dev/null; then
+ lt_cv_nm_interface="MS dumpbin"
+ fi
+ rm -f conftest*])
+])# LT_PATH_NM
+
+# Old names:
+AU_ALIAS([AM_PROG_NM], [LT_PATH_NM])
+AU_ALIAS([AC_PROG_NM], [LT_PATH_NM])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_PROG_NM], [])
+dnl AC_DEFUN([AC_PROG_NM], [])
+
+# _LT_CHECK_SHAREDLIB_FROM_LINKLIB
+# --------------------------------
+# how to determine the name of the shared library
+# associated with a specific link library.
+# -- PORTME fill in with the dynamic library characteristics
+m4_defun([_LT_CHECK_SHAREDLIB_FROM_LINKLIB],
+[m4_require([_LT_DECL_EGREP])
+m4_require([_LT_DECL_OBJDUMP])
+m4_require([_LT_DECL_DLLTOOL])
+AC_CACHE_CHECK([how to associate runtime and link libraries],
+lt_cv_sharedlib_from_linklib_cmd,
+[lt_cv_sharedlib_from_linklib_cmd='unknown'
+
+case $host_os in
+cygwin* | mingw* | pw32* | cegcc*)
+ # two different shell functions defined in ltmain.sh;
+ # decide which one to use based on capabilities of $DLLTOOL
+ case `$DLLTOOL --help 2>&1` in
+ *--identify-strict*)
+ lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib
+ ;;
+ *)
+ lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback
+ ;;
+ esac
+ ;;
+*)
+ # fallback: assume linklib IS sharedlib
+ lt_cv_sharedlib_from_linklib_cmd=$ECHO
+ ;;
+esac
+])
+sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd
+test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO
+
+_LT_DECL([], [sharedlib_from_linklib_cmd], [1],
+ [Command to associate shared and link libraries])
+])# _LT_CHECK_SHAREDLIB_FROM_LINKLIB
+
+
+# _LT_PATH_MANIFEST_TOOL
+# ----------------------
+# locate the manifest tool
+m4_defun([_LT_PATH_MANIFEST_TOOL],
+[AC_CHECK_TOOL(MANIFEST_TOOL, mt, :)
+test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt
+AC_CACHE_CHECK([if $MANIFEST_TOOL is a manifest tool], [lt_cv_path_mainfest_tool],
+ [lt_cv_path_mainfest_tool=no
+ echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&AS_MESSAGE_LOG_FD
+ $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ if $GREP 'Manifest Tool' conftest.out > /dev/null; then
+ lt_cv_path_mainfest_tool=yes
+ fi
+ rm -f conftest*])
+if test yes != "$lt_cv_path_mainfest_tool"; then
+ MANIFEST_TOOL=:
+fi
+_LT_DECL([], [MANIFEST_TOOL], [1], [Manifest tool])dnl
+])# _LT_PATH_MANIFEST_TOOL
+
+
+# _LT_DLL_DEF_P([FILE])
+# ---------------------
+# True iff FILE is a Windows DLL '.def' file.
+# Keep in sync with func_dll_def_p in the libtool script
+AC_DEFUN([_LT_DLL_DEF_P],
+[dnl
+ test DEF = "`$SED -n dnl
+ -e '\''s/^[[ ]]*//'\'' dnl Strip leading whitespace
+ -e '\''/^\(;.*\)*$/d'\'' dnl Delete empty lines and comments
+ -e '\''s/^\(EXPORTS\|LIBRARY\)\([[ ]].*\)*$/DEF/p'\'' dnl
+ -e q dnl Only consider the first "real" line
+ $1`" dnl
+])# _LT_DLL_DEF_P
+
+
+# LT_LIB_M
+# --------
+# check for math library
+AC_DEFUN([LT_LIB_M],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+LIBM=
+case $host in
+*-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*)
+ # These system don't have libm, or don't need it
+ ;;
+*-ncr-sysv4.3*)
+ AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM=-lmw)
+ AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm")
+ ;;
+*)
+ AC_CHECK_LIB(m, cos, LIBM=-lm)
+ ;;
+esac
+AC_SUBST([LIBM])
+])# LT_LIB_M
+
+# Old name:
+AU_ALIAS([AC_CHECK_LIBM], [LT_LIB_M])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_CHECK_LIBM], [])
+
+
+# _LT_COMPILER_NO_RTTI([TAGNAME])
+# -------------------------------
+m4_defun([_LT_COMPILER_NO_RTTI],
+[m4_require([_LT_TAG_COMPILER])dnl
+
+_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
+
+if test yes = "$GCC"; then
+ case $cc_basename in
+ nvcc*)
+ _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -Xcompiler -fno-builtin' ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' ;;
+ esac
+
+ _LT_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions],
+ lt_cv_prog_compiler_rtti_exceptions,
+ [-fno-rtti -fno-exceptions], [],
+ [_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"])
+fi
+_LT_TAGDECL([no_builtin_flag], [lt_prog_compiler_no_builtin_flag], [1],
+ [Compiler flag to turn off builtin functions])
+])# _LT_COMPILER_NO_RTTI
+
+
+# _LT_CMD_GLOBAL_SYMBOLS
+# ----------------------
+m4_defun([_LT_CMD_GLOBAL_SYMBOLS],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AC_PROG_AWK])dnl
+AC_REQUIRE([LT_PATH_NM])dnl
+AC_REQUIRE([LT_PATH_LD])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_TAG_COMPILER])dnl
+
+# Check for command to grab the raw symbol name followed by C symbol from nm.
+AC_MSG_CHECKING([command to parse $NM output from $compiler object])
+AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe],
+[
+# These are sane defaults that work on at least a few old systems.
+# [They come from Ultrix. What could be older than Ultrix?!! ;)]
+
+# Character class describing NM global symbol codes.
+symcode='[[BCDEGRST]]'
+
+# Regexp to match symbols that can be accessed directly from C.
+sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)'
+
+# Define system-specific variables.
+case $host_os in
+aix*)
+ symcode='[[BCDT]]'
+ ;;
+cygwin* | mingw* | pw32* | cegcc*)
+ symcode='[[ABCDGISTW]]'
+ ;;
+hpux*)
+ if test ia64 = "$host_cpu"; then
+ symcode='[[ABCDEGRST]]'
+ fi
+ ;;
+irix* | nonstopux*)
+ symcode='[[BCDEGRST]]'
+ ;;
+osf*)
+ symcode='[[BCDEGQRST]]'
+ ;;
+solaris*)
+ symcode='[[BDRT]]'
+ ;;
+sco3.2v5*)
+ symcode='[[DT]]'
+ ;;
+sysv4.2uw2*)
+ symcode='[[DT]]'
+ ;;
+sysv5* | sco5v6* | unixware* | OpenUNIX*)
+ symcode='[[ABDT]]'
+ ;;
+sysv4)
+ symcode='[[DFNSTU]]'
+ ;;
+esac
+
+# If we're using GNU nm, then use its standard symbol codes.
+case `$NM -V 2>&1` in
+*GNU* | *'with BFD'*)
+ symcode='[[ABCDGIRSTW]]' ;;
+esac
+
+if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+ # Gets list of data symbols to import.
+ lt_cv_sys_global_symbol_to_import="$SED -n -e 's/^I .* \(.*\)$/\1/p'"
+ # Adjust the below global symbol transforms to fixup imported variables.
+ lt_cdecl_hook=" -e 's/^I .* \(.*\)$/extern __declspec(dllimport) char \1;/p'"
+ lt_c_name_hook=" -e 's/^I .* \(.*\)$/ {\"\1\", (void *) 0},/p'"
+ lt_c_name_lib_hook="\
+ -e 's/^I .* \(lib.*\)$/ {\"\1\", (void *) 0},/p'\
+ -e 's/^I .* \(.*\)$/ {\"lib\1\", (void *) 0},/p'"
+else
+ # Disable hooks by default.
+ lt_cv_sys_global_symbol_to_import=
+ lt_cdecl_hook=
+ lt_c_name_hook=
+ lt_c_name_lib_hook=
+fi
+
+# Transform an extracted symbol line into a proper C declaration.
+# Some systems (esp. on ia64) link data and code symbols differently,
+# so use this general approach.
+lt_cv_sys_global_symbol_to_cdecl="$SED -n"\
+$lt_cdecl_hook\
+" -e 's/^T .* \(.*\)$/extern int \1();/p'"\
+" -e 's/^$symcode$symcode* .* \(.*\)$/extern char \1;/p'"
+
+# Transform an extracted symbol line into symbol name and symbol address
+lt_cv_sys_global_symbol_to_c_name_address="$SED -n"\
+$lt_c_name_hook\
+" -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\
+" -e 's/^$symcode$symcode* .* \(.*\)$/ {\"\1\", (void *) \&\1},/p'"
+
+# Transform an extracted symbol line into symbol name with lib prefix and
+# symbol address.
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="$SED -n"\
+$lt_c_name_lib_hook\
+" -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\
+" -e 's/^$symcode$symcode* .* \(lib.*\)$/ {\"\1\", (void *) \&\1},/p'"\
+" -e 's/^$symcode$symcode* .* \(.*\)$/ {\"lib\1\", (void *) \&\1},/p'"
+
+# Handle CRLF in mingw tool chain
+opt_cr=
+case $build_os in
+mingw*)
+ opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp
+ ;;
+esac
+
+# Try without a prefix underscore, then with it.
+for ac_symprfx in "" "_"; do
+
+ # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol.
+ symxfrm="\\1 $ac_symprfx\\2 \\2"
+
+ # Write the raw and C identifiers.
+ if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+ # Fake it for dumpbin and say T for any non-static function,
+ # D for any global variable and I for any imported variable.
+ # Also find C++ and __fastcall symbols from MSVC++ or ICC,
+ # which start with @ or ?.
+ lt_cv_sys_global_symbol_pipe="$AWK ['"\
+" {last_section=section; section=\$ 3};"\
+" /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\
+" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\
+" /^ *Symbol name *: /{split(\$ 0,sn,\":\"); si=substr(sn[2],2)};"\
+" /^ *Type *: code/{print \"T\",si,substr(si,length(prfx))};"\
+" /^ *Type *: data/{print \"I\",si,substr(si,length(prfx))};"\
+" \$ 0!~/External *\|/{next};"\
+" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\
+" {if(hide[section]) next};"\
+" {f=\"D\"}; \$ 0~/\(\).*\|/{f=\"T\"};"\
+" {split(\$ 0,a,/\||\r/); split(a[2],s)};"\
+" s[1]~/^[@?]/{print f,s[1],s[1]; next};"\
+" s[1]~prfx {split(s[1],t,\"@\"); print f,t[1],substr(t[1],length(prfx))}"\
+" ' prfx=^$ac_symprfx]"
+ else
+ lt_cv_sys_global_symbol_pipe="$SED -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
+ fi
+ lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | $SED '/ __gnu_lto/d'"
+
+ # Check to see that the pipe works correctly.
+ pipe_works=no
+
+ rm -f conftest*
+ cat > conftest.$ac_ext <<_LT_EOF
+#ifdef __cplusplus
+extern "C" {
+#endif
+char nm_test_var;
+void nm_test_func(void);
+void nm_test_func(void){}
+#ifdef __cplusplus
+}
+#endif
+int main(){nm_test_var='a';nm_test_func();return(0);}
+_LT_EOF
+
+ if AC_TRY_EVAL(ac_compile); then
+ # Now try to grab the symbols.
+ nlist=conftest.nm
+ $ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&AS_MESSAGE_LOG_FD
+ if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&AS_MESSAGE_LOG_FD && test -s "$nlist"; then
+ # Try sorting and uniquifying the output.
+ if sort "$nlist" | uniq > "$nlist"T; then
+ mv -f "$nlist"T "$nlist"
+ else
+ rm -f "$nlist"T
+ fi
+
+ # Make sure that we snagged all the symbols we need.
+ if $GREP ' nm_test_var$' "$nlist" >/dev/null; then
+ if $GREP ' nm_test_func$' "$nlist" >/dev/null; then
+ cat <<_LT_EOF > conftest.$ac_ext
+/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */
+#if defined _WIN32 || defined __CYGWIN__ || defined _WIN32_WCE
+/* DATA imports from DLLs on WIN32 can't be const, because runtime
+ relocations are performed -- see ld's documentation on pseudo-relocs. */
+# define LT@&t@_DLSYM_CONST
+#elif defined __osf__
+/* This system does not cope well with relocations in const data. */
+# define LT@&t@_DLSYM_CONST
+#else
+# define LT@&t@_DLSYM_CONST const
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+_LT_EOF
+ # Now generate the symbol file.
+ eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext'
+
+ cat <<_LT_EOF >> conftest.$ac_ext
+
+/* The mapping between symbol names and symbols. */
+LT@&t@_DLSYM_CONST struct {
+ const char *name;
+ void *address;
+}
+lt__PROGRAM__LTX_preloaded_symbols[[]] =
+{
+ { "@PROGRAM@", (void *) 0 },
+_LT_EOF
+ $SED "s/^$symcode$symcode* .* \(.*\)$/ {\"\1\", (void *) \&\1},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext
+ cat <<\_LT_EOF >> conftest.$ac_ext
+ {0, (void *) 0}
+};
+
+/* This works around a problem in FreeBSD linker */
+#ifdef FREEBSD_WORKAROUND
+static const void *lt_preloaded_setup() {
+ return lt__PROGRAM__LTX_preloaded_symbols;
+}
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+_LT_EOF
+ # Now try linking the two files.
+ mv conftest.$ac_objext conftstm.$ac_objext
+ lt_globsym_save_LIBS=$LIBS
+ lt_globsym_save_CFLAGS=$CFLAGS
+ LIBS=conftstm.$ac_objext
+ CFLAGS="$CFLAGS$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)"
+ if AC_TRY_EVAL(ac_link) && test -s conftest$ac_exeext; then
+ pipe_works=yes
+ fi
+ LIBS=$lt_globsym_save_LIBS
+ CFLAGS=$lt_globsym_save_CFLAGS
+ else
+ echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD
+ fi
+ else
+ echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD
+ fi
+ else
+ echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD
+ fi
+ else
+ echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD
+ cat conftest.$ac_ext >&5
+ fi
+ rm -rf conftest* conftst*
+
+ # Do not use the global_symbol_pipe unless it works.
+ if test yes = "$pipe_works"; then
+ break
+ else
+ lt_cv_sys_global_symbol_pipe=
+ fi
+done
+])
+if test -z "$lt_cv_sys_global_symbol_pipe"; then
+ lt_cv_sys_global_symbol_to_cdecl=
+fi
+if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then
+ AC_MSG_RESULT(failed)
+else
+ AC_MSG_RESULT(ok)
+fi
+
+# Response file support.
+if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+ nm_file_list_spec='@'
+elif $NM --help 2>/dev/null | grep '[[@]]FILE' >/dev/null; then
+ nm_file_list_spec='@'
+fi
+
+_LT_DECL([global_symbol_pipe], [lt_cv_sys_global_symbol_pipe], [1],
+ [Take the output of nm and produce a listing of raw symbols and C names])
+_LT_DECL([global_symbol_to_cdecl], [lt_cv_sys_global_symbol_to_cdecl], [1],
+ [Transform the output of nm in a proper C declaration])
+_LT_DECL([global_symbol_to_import], [lt_cv_sys_global_symbol_to_import], [1],
+ [Transform the output of nm into a list of symbols to manually relocate])
+_LT_DECL([global_symbol_to_c_name_address],
+ [lt_cv_sys_global_symbol_to_c_name_address], [1],
+ [Transform the output of nm in a C name address pair])
+_LT_DECL([global_symbol_to_c_name_address_lib_prefix],
+ [lt_cv_sys_global_symbol_to_c_name_address_lib_prefix], [1],
+ [Transform the output of nm in a C name address pair when lib prefix is needed])
+_LT_DECL([nm_interface], [lt_cv_nm_interface], [1],
+ [The name lister interface])
+_LT_DECL([], [nm_file_list_spec], [1],
+ [Specify filename containing input files for $NM])
+]) # _LT_CMD_GLOBAL_SYMBOLS
+
+
+# _LT_COMPILER_PIC([TAGNAME])
+# ---------------------------
+m4_defun([_LT_COMPILER_PIC],
+[m4_require([_LT_TAG_COMPILER])dnl
+_LT_TAGVAR(lt_prog_compiler_wl, $1)=
+_LT_TAGVAR(lt_prog_compiler_pic, $1)=
+_LT_TAGVAR(lt_prog_compiler_static, $1)=
+
+m4_if([$1], [CXX], [
+ # C++ specific cases for pic, static, wl, etc.
+ if test yes = "$GXX"; then
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test ia64 = "$host_cpu"; then
+ # AIX 5 now supports IA64 processor
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ fi
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ m68k)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the '-m68020' flag to GCC prevents building anything better,
+ # like '-m68040'.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
+ ;;
+ esac
+ ;;
+
+ beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+ mingw* | cygwin* | os2* | pw32* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ # Although the cygwin gcc ignores -fPIC, still need this for old-style
+ # (--disable-auto-import) libraries
+ m4_if([$1], [GCJ], [],
+ [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+ case $host_os in
+ os2*)
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-static'
+ ;;
+ esac
+ ;;
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
+ ;;
+ *djgpp*)
+ # DJGPP does not support shared libraries at all
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+ ;;
+ haiku*)
+ # PIC is the default for Haiku.
+ # The "-static" flag exists, but is broken.
+ _LT_TAGVAR(lt_prog_compiler_static, $1)=
+ ;;
+ interix[[3-9]]*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
+ fi
+ ;;
+ hpux*)
+ # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
+ # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag
+ # sets the default TLS model and affects inlining.
+ case $host_cpu in
+ hppa*64*)
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ ;;
+ *qnx* | *nto*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ else
+ case $host_os in
+ aix[[4-9]]*)
+ # All AIX code is PIC.
+ if test ia64 = "$host_cpu"; then
+ # AIX 5 now supports IA64 processor
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ else
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+ chorus*)
+ case $cc_basename in
+ cxch68*)
+ # Green Hills C++ Compiler
+ # _LT_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a"
+ ;;
+ esac
+ ;;
+ mingw* | cygwin* | os2* | pw32* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ m4_if([$1], [GCJ], [],
+ [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+ ;;
+ dgux*)
+ case $cc_basename in
+ ec++*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ ;;
+ ghcx*)
+ # Green Hills C++ Compiler
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ freebsd* | dragonfly* | midnightbsd*)
+ # FreeBSD uses GNU C++
+ ;;
+ hpux9* | hpux10* | hpux11*)
+ case $cc_basename in
+ CC*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-a ${wl}archive'
+ if test ia64 != "$host_cpu"; then
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+ fi
+ ;;
+ aCC*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-a ${wl}archive'
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+ ;;
+ esac
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ interix*)
+ # This is c89, which is MS Visual C++ (no shared libs)
+ # Anyone wants to do a port?
+ ;;
+ irix5* | irix6* | nonstopux*)
+ case $cc_basename in
+ CC*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ # CC pic flag -KPIC is the default.
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*)
+ case $cc_basename in
+ KCC*)
+ # KAI C++ Compiler
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ ecpc* )
+ # old Intel C++ for x86_64, which still supported -KPIC.
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ icpc* )
+ # Intel C++, used to be incompatible with GCC.
+ # ICC 10 doesn't accept -KPIC any more.
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ pgCC* | pgcpp*)
+ # Portland Group C++ compiler
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ cxx*)
+ # Compaq C++
+ # Make sure the PIC flag is empty. It appears that all Alpha
+ # Linux and Compaq Tru64 Unix objects are PIC.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+ xlc* | xlC* | bgxl[[cC]]* | mpixl[[cC]]*)
+ # IBM XL 8.0, 9.0 on PPC and BlueGene
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
+ ;;
+ *)
+ case `$CC -V 2>&1 | $SED 5q` in
+ *Sun\ C*)
+ # Sun C++ 5.9
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+ lynxos*)
+ ;;
+ m88k*)
+ ;;
+ mvs*)
+ case $cc_basename in
+ cxx*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ netbsd* | netbsdelf*-gnu)
+ ;;
+ *qnx* | *nto*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+ ;;
+ osf3* | osf4* | osf5*)
+ case $cc_basename in
+ KCC*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
+ ;;
+ RCC*)
+ # Rational C++ 2.4.1
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ ;;
+ cxx*)
+ # Digital/Compaq C++
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # Make sure the PIC flag is empty. It appears that all Alpha
+ # Linux and Compaq Tru64 Unix objects are PIC.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ psos*)
+ ;;
+ solaris*)
+ case $cc_basename in
+ CC* | sunCC*)
+ # Sun C++ 4.2, 5.x and Centerline C++
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+ ;;
+ gcx*)
+ # Green Hills C++ Compiler
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ sunos4*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.x
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ lcc*)
+ # Lucid
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ case $cc_basename in
+ CC*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ esac
+ ;;
+ tandem*)
+ case $cc_basename in
+ NCC*)
+ # NonStop-UX NCC 3.20
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ ;;
+ *)
+ ;;
+ esac
+ ;;
+ vxworks*)
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ ;;
+ esac
+ fi
+],
+[
+ if test yes = "$GCC"; then
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test ia64 = "$host_cpu"; then
+ # AIX 5 now supports IA64 processor
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ fi
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ m68k)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the '-m68020' flag to GCC prevents building anything better,
+ # like '-m68040'.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
+ ;;
+ esac
+ ;;
+
+ beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+
+ mingw* | cygwin* | pw32* | os2* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ # Although the cygwin gcc ignores -fPIC, still need this for old-style
+ # (--disable-auto-import) libraries
+ m4_if([$1], [GCJ], [],
+ [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+ case $host_os in
+ os2*)
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-static'
+ ;;
+ esac
+ ;;
+
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
+ ;;
+
+ haiku*)
+ # PIC is the default for Haiku.
+ # The "-static" flag exists, but is broken.
+ _LT_TAGVAR(lt_prog_compiler_static, $1)=
+ ;;
+
+ hpux*)
+ # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
+ # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag
+ # sets the default TLS model and affects inlining.
+ case $host_cpu in
+ hppa*64*)
+ # +Z the default
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+ ;;
+
+ interix[[3-9]]*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+
+ msdosdjgpp*)
+ # Just because we use GCC doesn't mean we suddenly get shared libraries
+ # on systems that don't support them.
+ _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ enable_shared=no
+ ;;
+
+ *nto* | *qnx*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
+ fi
+ ;;
+
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ ;;
+ esac
+
+ case $cc_basename in
+ nvcc*) # Cuda Compiler Driver 2.2
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker '
+ if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)="-Xcompiler $_LT_TAGVAR(lt_prog_compiler_pic, $1)"
+ fi
+ ;;
+ esac
+ else
+ # PORTME Check for flag to pass linker flags through the system compiler.
+ case $host_os in
+ aix*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ if test ia64 = "$host_cpu"; then
+ # AIX 5 now supports IA64 processor
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ else
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
+ case $cc_basename in
+ nagfor*)
+ # NAG Fortran compiler
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,-Wl,,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ esac
+ ;;
+
+ mingw* | cygwin* | pw32* | os2* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ m4_if([$1], [GCJ], [],
+ [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+ case $host_os in
+ os2*)
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-static'
+ ;;
+ esac
+ ;;
+
+ hpux9* | hpux10* | hpux11*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+ ;;
+ esac
+ # Is there a better lt_prog_compiler_static that works with the bundled CC?
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-a ${wl}archive'
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # PIC (with -KPIC) is the default.
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+
+ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*)
+ case $cc_basename in
+ # old Intel for x86_64, which still supported -KPIC.
+ ecc*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ # flang / f18. f95 an alias for gfortran or flang on Debian
+ flang* | f18* | f95*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ # icc used to be incompatible with GCC.
+ # ICC 10 doesn't accept -KPIC any more.
+ icc* | ifort*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ # Lahey Fortran 8.1.
+ lf95*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='--static'
+ ;;
+ nagfor*)
+ # NAG Fortran compiler
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,-Wl,,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ tcc*)
+ # Fabrice Bellard et al's Tiny C Compiler
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*)
+ # Portland Group compilers (*not* the Pentium gcc compiler,
+ # which looks to be a dead project)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ ccc*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # All Alpha code is PIC.
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+ xl* | bgxl* | bgf* | mpixl*)
+ # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
+ ;;
+ *)
+ case `$CC -V 2>&1 | $SED 5q` in
+ *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [[1-7]].* | *Sun*Fortran*\ 8.[[0-3]]*)
+ # Sun Fortran 8.3 passes all unrecognized flags to the linker
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)=''
+ ;;
+ *Sun\ F* | *Sun*Fortran*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+ ;;
+ *Sun\ C*)
+ # Sun C 5.9
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ ;;
+ *Intel*\ [[CF]]*Compiler*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
+ *Portland\ Group*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+
+ newsos6)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ *nto* | *qnx*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+ ;;
+
+ osf3* | osf4* | osf5*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ # All OSF/1 code is PIC.
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+
+ rdos*)
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+ ;;
+
+ solaris*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ case $cc_basename in
+ f77* | f90* | f95* | sunf77* | sunf90* | sunf95*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';;
+ esac
+ ;;
+
+ sunos4*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ sysv4 | sysv4.2uw2* | sysv4.3*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ fi
+ ;;
+
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ unicos*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ ;;
+
+ uts4*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+ ;;
+
+ *)
+ _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+ ;;
+ esac
+ fi
+])
+case $host_os in
+ # For platforms that do not support PIC, -DPIC is meaningless:
+ *djgpp*)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+ ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])"
+ ;;
+esac
+
+AC_CACHE_CHECK([for $compiler option to produce PIC],
+ [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)],
+ [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_prog_compiler_pic, $1)])
+_LT_TAGVAR(lt_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then
+ _LT_COMPILER_OPTION([if $compiler PIC flag $_LT_TAGVAR(lt_prog_compiler_pic, $1) works],
+ [_LT_TAGVAR(lt_cv_prog_compiler_pic_works, $1)],
+ [$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])], [],
+ [case $_LT_TAGVAR(lt_prog_compiler_pic, $1) in
+ "" | " "*) ;;
+ *) _LT_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_TAGVAR(lt_prog_compiler_pic, $1)" ;;
+ esac],
+ [_LT_TAGVAR(lt_prog_compiler_pic, $1)=
+ _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no])
+fi
+_LT_TAGDECL([pic_flag], [lt_prog_compiler_pic], [1],
+ [Additional compiler flags for building library objects])
+
+_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1],
+ [How to pass a linker flag through the compiler])
+#
+# Check to make sure the static flag actually works.
+#
+wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_TAGVAR(lt_prog_compiler_static, $1)\"
+_LT_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works],
+ _LT_TAGVAR(lt_cv_prog_compiler_static_works, $1),
+ $lt_tmp_static_flag,
+ [],
+ [_LT_TAGVAR(lt_prog_compiler_static, $1)=])
+_LT_TAGDECL([link_static_flag], [lt_prog_compiler_static], [1],
+ [Compiler flag to prevent dynamic linking])
+])# _LT_COMPILER_PIC
+
+
+# _LT_LINKER_SHLIBS([TAGNAME])
+# ----------------------------
+# See if the linker supports building shared libraries.
+m4_defun([_LT_LINKER_SHLIBS],
+[AC_REQUIRE([LT_PATH_LD])dnl
+AC_REQUIRE([LT_PATH_NM])dnl
+m4_require([_LT_PATH_MANIFEST_TOOL])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl
+m4_require([_LT_TAG_COMPILER])dnl
+AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
+m4_if([$1], [CXX], [
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
+ case $host_os in
+ aix[[4-9]]*)
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to GNU nm, but means don't demangle to AIX nm.
+ # Without the "-l" option, or with the "-B" option, AIX nm treats
+ # weak defined symbols like other global defined symbols, whereas
+ # GNU nm marks them as "W".
+ # While the 'weak' keyword is ignored in the Export File, we need
+ # it in the Import File for the 'aix-soname' feature, so we have
+ # to replace the "-B" option with "-P" for AIX nm.
+ if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols'
+ else
+ _LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols'
+ fi
+ ;;
+ pw32*)
+ _LT_TAGVAR(export_symbols_cmds, $1)=$ltdll_cmds
+ ;;
+ cygwin* | mingw* | cegcc*)
+ case $cc_basename in
+ cl* | icl*)
+ _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+ ;;
+ *)
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols'
+ _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname']
+ ;;
+ esac
+ ;;
+ linux* | k*bsd*-gnu | gnu*)
+ _LT_TAGVAR(link_all_deplibs, $1)=no
+ ;;
+ *)
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ ;;
+ esac
+], [
+ runpath_var=
+ _LT_TAGVAR(allow_undefined_flag, $1)=
+ _LT_TAGVAR(always_export_symbols, $1)=no
+ _LT_TAGVAR(archive_cmds, $1)=
+ _LT_TAGVAR(archive_expsym_cmds, $1)=
+ _LT_TAGVAR(compiler_needs_object, $1)=no
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)=
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ _LT_TAGVAR(hardcode_automatic, $1)=no
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=
+ _LT_TAGVAR(hardcode_minus_L, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+ _LT_TAGVAR(inherit_rpath, $1)=no
+ _LT_TAGVAR(link_all_deplibs, $1)=unknown
+ _LT_TAGVAR(module_cmds, $1)=
+ _LT_TAGVAR(module_expsym_cmds, $1)=
+ _LT_TAGVAR(old_archive_from_new_cmds, $1)=
+ _LT_TAGVAR(old_archive_from_expsyms_cmds, $1)=
+ _LT_TAGVAR(thread_safe_flag_spec, $1)=
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=
+ # include_expsyms should be a list of space-separated symbols to be *always*
+ # included in the symbol list
+ _LT_TAGVAR(include_expsyms, $1)=
+ # exclude_expsyms can be an extended regexp of symbols to exclude
+ # it will be wrapped by ' (' and ')$', so one must not match beginning or
+ # end of line. Example: 'a|bc|.*d.*' will exclude the symbols 'a' and 'bc',
+ # as well as any symbol that contains 'd'.
+ _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
+ # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+ # platforms (ab)use it in PIC code, but their linkers get confused if
+ # the symbol is explicitly referenced. Since portable code cannot
+ # rely on this symbol name, it's probably fine to never include it in
+ # preloaded symbol tables.
+ # Exclude shared library initialization/finalization symbols.
+dnl Note also adjust exclude_expsyms for C++ above.
+ extract_expsyms_cmds=
+
+ case $host_os in
+ cygwin* | mingw* | pw32* | cegcc*)
+ # FIXME: the MSVC++ and ICC port hasn't been tested in a loooong time
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++ or Intel C++ Compiler.
+ if test yes != "$GCC"; then
+ with_gnu_ld=no
+ fi
+ ;;
+ interix*)
+ # we just hope/assume this is gcc and not c89 (= MSVC++ or ICC)
+ with_gnu_ld=yes
+ ;;
+ openbsd* | bitrig*)
+ with_gnu_ld=no
+ ;;
+ linux* | k*bsd*-gnu | gnu*)
+ _LT_TAGVAR(link_all_deplibs, $1)=no
+ ;;
+ esac
+
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+
+ # On some targets, GNU ld is compatible enough with the native linker
+ # that we're better off using the native interface for both.
+ lt_use_gnu_ld_interface=no
+ if test yes = "$with_gnu_ld"; then
+ case $host_os in
+ aix*)
+ # The AIX port of GNU ld has always aspired to compatibility
+ # with the native linker. However, as the warning in the GNU ld
+ # block says, versions before 2.19.5* couldn't really create working
+ # shared libraries, regardless of the interface used.
+ case `$LD -v 2>&1` in
+ *\ \(GNU\ Binutils\)\ 2.19.5*) ;;
+ *\ \(GNU\ Binutils\)\ 2.[[2-9]]*) ;;
+ *\ \(GNU\ Binutils\)\ [[3-9]]*) ;;
+ *)
+ lt_use_gnu_ld_interface=yes
+ ;;
+ esac
+ ;;
+ *)
+ lt_use_gnu_ld_interface=yes
+ ;;
+ esac
+ fi
+
+ if test yes = "$lt_use_gnu_ld_interface"; then
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ wlarc='$wl'
+
+ # Set some defaults for GNU ld with shared library support. These
+ # are reset later if shared libraries are not supported. Putting them
+ # here allows them to be overridden if necessary.
+ runpath_var=LD_RUN_PATH
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic'
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=$wlarc'--whole-archive$convenience '$wlarc'--no-whole-archive'
+ else
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=
+ fi
+ supports_anon_versioning=no
+ case `$LD -v | $SED -e 's/([[^)]]\+)\s\+//' 2>&1` in
+ *GNU\ gold*) supports_anon_versioning=yes ;;
+ *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11
+ *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
+ *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
+ *\ 2.11.*) ;; # other 2.11 versions
+ *) supports_anon_versioning=yes ;;
+ esac
+
+ # See if GNU ld supports shared libraries.
+ case $host_os in
+ aix[[3-9]]*)
+ # On AIX/PPC, the GNU linker is very broken
+ if test ia64 != "$host_cpu"; then
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.19, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support. If you
+*** really care for shared libraries, you may want to install binutils
+*** 2.20 or above, or modify your PATH so that a non-GNU linker is found.
+*** You will then need to restart the configuration process.
+
+_LT_EOF
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)=''
+ ;;
+ m68k)
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ ;;
+ esac
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ cygwin* | mingw* | pw32* | cegcc*)
+ # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
+ # as there is no search path for DLLs.
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-all-symbols'
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_TAGVAR(always_export_symbols, $1)=no
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols'
+ _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname']
+
+ if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname $wl--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file, use it as
+ # is; otherwise, prepend EXPORTS...
+ _LT_TAGVAR(archive_expsym_cmds, $1)='if _LT_DLL_DEF_P([$export_symbols]); then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname $wl--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ haiku*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+
+ os2*)
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ shrext_cmds=.dll
+ _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~
+ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~
+ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~
+ $ECHO EXPORTS >> $output_objdir/$libname.def~
+ emxexp $libobjs | $SED /"_DLL_InitTerm"/d >> $output_objdir/$libname.def~
+ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~
+ emximp -o $lib $output_objdir/$libname.def'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~
+ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~
+ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~
+ $ECHO EXPORTS >> $output_objdir/$libname.def~
+ prefix_cmds="$SED"~
+ if test EXPORTS = "`$SED 1q $export_symbols`"; then
+ prefix_cmds="$prefix_cmds -e 1d";
+ fi~
+ prefix_cmds="$prefix_cmds -e \"s/^\(.*\)$/_\1/g\""~
+ cat $export_symbols | $prefix_cmds >> $output_objdir/$libname.def~
+ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~
+ emximp -o $lib $output_objdir/$libname.def'
+ _LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def'
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ _LT_TAGVAR(file_list_spec, $1)='@'
+ ;;
+
+ interix[[3-9]]*)
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+
+ gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu)
+ tmp_diet=no
+ if test linux-dietlibc = "$host_os"; then
+ case $cc_basename in
+ diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn)
+ esac
+ fi
+ if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \
+ && test no = "$tmp_diet"
+ then
+ tmp_addflag=' $pic_flag'
+ tmp_sharedflag='-shared'
+ case $cc_basename,$host_cpu in
+ pgcc*) # Portland Group C compiler
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
+ tmp_addflag=' $pic_flag'
+ ;;
+ pgf77* | pgf90* | pgf95* | pgfortran*)
+ # Portland Group f77 and f90 compilers
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
+ tmp_addflag=' $pic_flag -Mnomain' ;;
+ ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64
+ tmp_addflag=' -i_dynamic' ;;
+ efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64
+ tmp_addflag=' -i_dynamic -nofor_main' ;;
+ ifc* | ifort*) # Intel Fortran compiler
+ tmp_addflag=' -nofor_main' ;;
+ lf95*) # Lahey Fortran 8.1
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=
+ tmp_sharedflag='--shared' ;;
+ nagfor*) # NAGFOR 5.3
+ tmp_sharedflag='-Wl,-shared' ;;
+ xl[[cC]]* | bgxl[[cC]]* | mpixl[[cC]]*) # IBM XL C 8.0 on PPC (deal with xlf below)
+ tmp_sharedflag='-qmkshrobj'
+ tmp_addflag= ;;
+ nvcc*) # Cuda Compiler Driver 2.2
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
+ _LT_TAGVAR(compiler_needs_object, $1)=yes
+ ;;
+ esac
+ case `$CC -V 2>&1 | $SED 5q` in
+ *Sun\ C*) # Sun C 5.9
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
+ _LT_TAGVAR(compiler_needs_object, $1)=yes
+ tmp_sharedflag='-G' ;;
+ *Sun\ F*) # Sun Fortran 8.3
+ tmp_sharedflag='-G' ;;
+ esac
+ _LT_TAGVAR(archive_cmds, $1)='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+
+ if test yes = "$supports_anon_versioning"; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ echo "local: *; };" >> $output_objdir/$libname.ver~
+ $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib'
+ fi
+
+ case $cc_basename in
+ tcc*)
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='-rdynamic'
+ ;;
+ xlf* | bgf* | bgxlf* | mpixlf*)
+ # IBM XL Fortran 10.1 on PPC cannot create shared libs itself
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib'
+ if test yes = "$supports_anon_versioning"; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ echo "local: *; };" >> $output_objdir/$libname.ver~
+ $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
+ fi
+ ;;
+ esac
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ netbsd* | netbsdelf*-gnu)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
+ wlarc=
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ fi
+ ;;
+
+ solaris*)
+ if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+ case `$LD -v 2>&1` in
+ *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*)
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 cannot
+*** reliably create shared libraries on SCO systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.16.91.0.3 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ ;;
+ *)
+ # For security reasons, it is highly recommended that you always
+ # use absolute paths for naming shared libraries, and exclude the
+ # DT_RUNPATH tag from executables and libraries. But doing so
+ # requires that you compile everything twice, which is a pain.
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+
+ sunos4*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ wlarc=
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ *)
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+
+ if test no = "$_LT_TAGVAR(ld_shlibs, $1)"; then
+ runpath_var=
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)=
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=
+ fi
+ else
+ # PORTME fill in a description of your system's linker (not GNU ld)
+ case $host_os in
+ aix3*)
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_TAGVAR(always_export_symbols, $1)=yes
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
+ # Note: this linker hardcodes the directories in LIBPATH if there
+ # are no directories specified by -L.
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ if test yes = "$GCC" && test -z "$lt_prog_compiler_static"; then
+ # Neither direct hardcoding nor static linking is supported with a
+ # broken collect2.
+ _LT_TAGVAR(hardcode_direct, $1)=unsupported
+ fi
+ ;;
+
+ aix[[4-9]]*)
+ if test ia64 = "$host_cpu"; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=
+ else
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to GNU nm, but means don't demangle to AIX nm.
+ # Without the "-l" option, or with the "-B" option, AIX nm treats
+ # weak defined symbols like other global defined symbols, whereas
+ # GNU nm marks them as "W".
+ # While the 'weak' keyword is ignored in the Export File, we need
+ # it in the Import File for the 'aix-soname' feature, so we have
+ # to replace the "-B" option with "-P" for AIX nm.
+ if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols'
+ else
+ _LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols'
+ fi
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # have runtime linking enabled, and use it for executables.
+ # For shared libraries, we enable/disable runtime linking
+ # depending on the kind of the shared library created -
+ # when "with_aix_soname,aix_use_runtimelinking" is:
+ # "aix,no" lib.a(lib.so.V) shared, rtl:no, for executables
+ # "aix,yes" lib.so shared, rtl:yes, for executables
+ # lib.a static archive
+ # "both,no" lib.so.V(shr.o) shared, rtl:yes
+ # lib.a(lib.so.V) shared, rtl:no, for executables
+ # "both,yes" lib.so.V(shr.o) shared, rtl:yes, for executables
+ # lib.a(lib.so.V) shared, rtl:no
+ # "svr4,*" lib.so.V(shr.o) shared, rtl:yes, for executables
+ # lib.a static archive
+ case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
+ for ld_flag in $LDFLAGS; do
+ if (test x-brtl = "x$ld_flag" || test x-Wl,-brtl = "x$ld_flag"); then
+ aix_use_runtimelinking=yes
+ break
+ fi
+ done
+ if test svr4,no = "$with_aix_soname,$aix_use_runtimelinking"; then
+ # With aix-soname=svr4, we create the lib.so.V shared archives only,
+ # so we don't have lib.a shared libs to link our executables.
+ # We have to force runtime linking in this case.
+ aix_use_runtimelinking=yes
+ LDFLAGS="$LDFLAGS -Wl,-brtl"
+ fi
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ _LT_TAGVAR(archive_cmds, $1)=''
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_TAGVAR(file_list_spec, $1)='$wl-f,'
+ case $with_aix_soname,$aix_use_runtimelinking in
+ aix,*) ;; # traditional, no import file
+ svr4,* | *,yes) # use import file
+ # The Import File defines what to hardcode.
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=no
+ ;;
+ esac
+
+ if test yes = "$GCC"; then
+ case $host_os in aix4.[[012]]|aix4.[[012]].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`$CC -print-prog-name=collect2`
+ if test -f "$collect2name" &&
+ strings "$collect2name" | $GREP resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ :
+ else
+ # We have old collect2
+ _LT_TAGVAR(hardcode_direct, $1)=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=
+ fi
+ ;;
+ esac
+ shared_flag='-shared'
+ if test yes = "$aix_use_runtimelinking"; then
+ shared_flag="$shared_flag "'$wl-G'
+ fi
+ # Need to ensure runtime linking is disabled for the traditional
+ # shared library, or the linker may eventually find shared libraries
+ # /with/ Import File - we do not want to mix them.
+ shared_flag_aix='-shared'
+ shared_flag_svr4='-shared $wl-G'
+ else
+ # not using gcc
+ if test ia64 = "$host_cpu"; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test yes = "$aix_use_runtimelinking"; then
+ shared_flag='$wl-G'
+ else
+ shared_flag='$wl-bM:SRE'
+ fi
+ shared_flag_aix='$wl-bM:SRE'
+ shared_flag_svr4='$wl-G'
+ fi
+ fi
+
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-bexpall'
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to export.
+ _LT_TAGVAR(always_export_symbols, $1)=yes
+ if test aix,yes = "$with_aix_soname,$aix_use_runtimelinking"; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ _LT_TAGVAR(allow_undefined_flag, $1)='-berok'
+ # Determine the default libpath from the value encoded in an
+ # empty executable.
+ _LT_SYS_MODULE_PATH_AIX([$1])
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-blibpath:$libdir:'"$aix_libpath"
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs $wl'$no_entry_flag' $compiler_flags `if test -n "$allow_undefined_flag"; then func_echo_all "$wl$allow_undefined_flag"; else :; fi` $wl'$exp_sym_flag:\$export_symbols' '$shared_flag
+ else
+ if test ia64 = "$host_cpu"; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R $libdir:/usr/lib:/lib'
+ _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
+ _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\$wl$no_entry_flag"' $compiler_flags $wl$allow_undefined_flag '"\$wl$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an
+ # empty executable.
+ _LT_SYS_MODULE_PATH_AIX([$1])
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ _LT_TAGVAR(no_undefined_flag, $1)=' $wl-bernotok'
+ _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-berok'
+ if test yes = "$with_gnu_ld"; then
+ # We only use this code for GNU lds that support --whole-archive.
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive$convenience $wl--no-whole-archive'
+ else
+ # Exported symbols can be pulled into shared objects from archives
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+ fi
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$RM -r $output_objdir/$realname.d~$MKDIR $output_objdir/$realname.d'
+ # -brtl affects multiple linker settings, -berok does not and is overridden later
+ compiler_flags_filtered='`func_echo_all "$compiler_flags " | $SED -e "s%-brtl\\([[, ]]\\)%-berok\\1%g"`'
+ if test svr4 != "$with_aix_soname"; then
+ # This is similar to how AIX traditionally builds its shared libraries.
+ _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$CC '$shared_flag_aix' -o $output_objdir/$realname.d/$soname $libobjs $deplibs $wl-bnoentry '$compiler_flags_filtered'$wl-bE:$export_symbols$allow_undefined_flag~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$realname.d/$soname'
+ fi
+ if test aix != "$with_aix_soname"; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$CC '$shared_flag_svr4' -o $output_objdir/$realname.d/$shared_archive_member_spec.o $libobjs $deplibs $wl-bnoentry '$compiler_flags_filtered'$wl-bE:$export_symbols$allow_undefined_flag~$STRIP -e $output_objdir/$realname.d/$shared_archive_member_spec.o~( func_echo_all "#! $soname($shared_archive_member_spec.o)"; if test shr_64 = "$shared_archive_member_spec"; then func_echo_all "# 64"; else func_echo_all "# 32"; fi; cat $export_symbols ) > $output_objdir/$realname.d/$shared_archive_member_spec.imp~$AR $AR_FLAGS $output_objdir/$soname $output_objdir/$realname.d/$shared_archive_member_spec.o $output_objdir/$realname.d/$shared_archive_member_spec.imp'
+ else
+ # used by -dlpreopen to get the symbols
+ _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$MV $output_objdir/$realname.d/$soname $output_objdir'
+ fi
+ _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$RM -r $output_objdir/$realname.d'
+ fi
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)=''
+ ;;
+ m68k)
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ ;;
+ esac
+ ;;
+
+ bsdi[[45]]*)
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic
+ ;;
+
+ cygwin* | mingw* | pw32* | cegcc*)
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++ or Intel C++ Compiler.
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ case $cc_basename in
+ cl* | icl*)
+ # Native MSVC or ICC
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_TAGVAR(always_export_symbols, $1)=yes
+ _LT_TAGVAR(file_list_spec, $1)='@'
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=.dll
+ # FIXME: Setting linknames here is a bad hack.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~linknames='
+ _LT_TAGVAR(archive_expsym_cmds, $1)='if _LT_DLL_DEF_P([$export_symbols]); then
+ cp "$export_symbols" "$output_objdir/$soname.def";
+ echo "$tool_output_objdir$soname.def" > "$output_objdir/$soname.exp";
+ else
+ $SED -e '\''s/^/-link -EXPORT:/'\'' < $export_symbols > $output_objdir/$soname.exp;
+ fi~
+ $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+ linknames='
+ # The linker will not automatically build a static lib if we build a DLL.
+ # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1,DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols'
+ # Don't use ranlib
+ _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib'
+ _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~
+ lt_tool_outputfile="@TOOL_OUTPUT@"~
+ case $lt_outputfile in
+ *.exe|*.EXE) ;;
+ *)
+ lt_outputfile=$lt_outputfile.exe
+ lt_tool_outputfile=$lt_tool_outputfile.exe
+ ;;
+ esac~
+ if test : != "$MANIFEST_TOOL" && test -f "$lt_outputfile.manifest"; then
+ $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+ $RM "$lt_outputfile.manifest";
+ fi'
+ ;;
+ *)
+ # Assume MSVC and ICC wrapper
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=.dll
+ # FIXME: Setting linknames here is a bad hack.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames='
+ # The linker will automatically build a .lib file if we build a DLL.
+ _LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
+ # FIXME: Should let the user specify the lib program.
+ _LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs'
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ ;;
+ esac
+ ;;
+
+ darwin* | rhapsody*)
+ _LT_DARWIN_LINKER_FEATURES($1)
+ ;;
+
+ dgux*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+ # support. Future versions do this automatically, but an explicit c++rt0.o
+ # does not break anything, and helps significantly (at the cost of a little
+ # extra space).
+ freebsd2.2*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+ freebsd2.*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+ freebsd* | dragonfly* | midnightbsd*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ hpux9*)
+ if test yes = "$GCC"; then
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared $pic_flag $wl+b $wl$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib'
+ fi
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl+b $wl$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E'
+ ;;
+
+ hpux10*)
+ if test yes,no = "$GCC,$with_gnu_ld"; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ if test no = "$with_gnu_ld"; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl+b $wl$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E'
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ fi
+ ;;
+
+ hpux11*)
+ if test yes,no = "$GCC,$with_gnu_ld"; then
+ case $host_cpu in
+ hppa*64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $wl+h $wl$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $wl+h $wl$soname $wl+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ else
+ case $host_cpu in
+ hppa*64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname $wl+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ m4_if($1, [], [
+ # Older versions of the 11.00 compiler do not understand -b yet
+ # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does)
+ _LT_LINKER_OPTION([if $CC understands -b],
+ _LT_TAGVAR(lt_cv_prog_compiler__b, $1), [-b],
+ [_LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags'],
+ [_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'])],
+ [_LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags'])
+ ;;
+ esac
+ fi
+ if test no = "$with_gnu_ld"; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl+b $wl$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+ *)
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ ;;
+ esac
+ fi
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ if test yes = "$GCC"; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib'
+ # Try to use the -exported_symbol ld option, if it does not
+ # work, assume that -exports_file does not work either and
+ # implicitly export all symbols.
+ # This should be the same for all languages, so no per-tag cache variable.
+ AC_CACHE_CHECK([whether the $host_os linker accepts -exported_symbol],
+ [lt_cv_irix_exported_symbol],
+ [save_LDFLAGS=$LDFLAGS
+ LDFLAGS="$LDFLAGS -shared $wl-exported_symbol ${wl}foo $wl-update_registry $wl/dev/null"
+ AC_LINK_IFELSE(
+ [AC_LANG_SOURCE(
+ [AC_LANG_CASE([C], [[int foo (void) { return 0; }]],
+ [C++], [[int foo (void) { return 0; }]],
+ [Fortran 77], [[
+ subroutine foo
+ end]],
+ [Fortran], [[
+ subroutine foo
+ end]])])],
+ [lt_cv_irix_exported_symbol=yes],
+ [lt_cv_irix_exported_symbol=no])
+ LDFLAGS=$save_LDFLAGS])
+ if test yes = "$lt_cv_irix_exported_symbol"; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations $wl-exports_file $wl$export_symbols -o $lib'
+ fi
+ _LT_TAGVAR(link_all_deplibs, $1)=no
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -exports_file $export_symbols -o $lib'
+ fi
+ _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(inherit_rpath, $1)=yes
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+
+ linux*)
+ case $cc_basename in
+ tcc*)
+ # Fabrice Bellard et al's Tiny C Compiler
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ ;;
+ esac
+ ;;
+
+ netbsd* | netbsdelf*-gnu)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF
+ fi
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ newsos6)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ *nto* | *qnx*)
+ ;;
+
+ openbsd* | bitrig*)
+ if test -f /usr/libexec/ld.so; then
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`"; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags $wl-retain-symbols-file,$export_symbols'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir'
+ fi
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ os2*)
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ shrext_cmds=.dll
+ _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~
+ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~
+ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~
+ $ECHO EXPORTS >> $output_objdir/$libname.def~
+ emxexp $libobjs | $SED /"_DLL_InitTerm"/d >> $output_objdir/$libname.def~
+ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~
+ emximp -o $lib $output_objdir/$libname.def'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~
+ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~
+ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~
+ $ECHO EXPORTS >> $output_objdir/$libname.def~
+ prefix_cmds="$SED"~
+ if test EXPORTS = "`$SED 1q $export_symbols`"; then
+ prefix_cmds="$prefix_cmds -e 1d";
+ fi~
+ prefix_cmds="$prefix_cmds -e \"s/^\(.*\)$/_\1/g\""~
+ cat $export_symbols | $prefix_cmds >> $output_objdir/$libname.def~
+ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~
+ emximp -o $lib $output_objdir/$libname.def'
+ _LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def'
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ _LT_TAGVAR(file_list_spec, $1)='@'
+ ;;
+
+ osf3*)
+ if test yes = "$GCC"; then
+ _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-expect_unresolved $wl\*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib'
+ else
+ _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
+ fi
+ _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ ;;
+
+ osf4* | osf5*) # as osf3* with the addition of -msym flag
+ if test yes = "$GCC"; then
+ _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-expect_unresolved $wl\*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $pic_flag $libobjs $deplibs $compiler_flags $wl-msym $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ else
+ _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~
+ $CC -shared$allow_undefined_flag $wl-input $wl$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib~$RM $lib.exp'
+
+ # Both c and cxx compiler support -rpath directly
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+ fi
+ _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ ;;
+
+ solaris*)
+ _LT_TAGVAR(no_undefined_flag, $1)=' -z defs'
+ if test yes = "$GCC"; then
+ wlarc='$wl'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $wl-z ${wl}text $wl-h $wl$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -shared $pic_flag $wl-z ${wl}text $wl-M $wl$lib.exp $wl-h $wl$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+ else
+ case `$CC -V 2>&1` in
+ *"Compilers 5.0"*)
+ wlarc=''
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G$allow_undefined_flag -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $LD -G$allow_undefined_flag -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp'
+ ;;
+ *)
+ wlarc='$wl'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G$allow_undefined_flag -h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -G$allow_undefined_flag -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+ ;;
+ esac
+ fi
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ case $host_os in
+ solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+ *)
+ # The compiler driver will combine and reorder linker options,
+ # but understands '-z linker_flag'. GCC discards it without '$wl',
+ # but is careful enough not to reorder.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ if test yes = "$GCC"; then
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl-z ${wl}allextract$convenience $wl-z ${wl}defaultextract'
+ else
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract'
+ fi
+ ;;
+ esac
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+
+ sunos4*)
+ if test sequent = "$host_vendor"; then
+ # Use $CC to link under sequent, because it throws in some extra .o
+ # files that make .init and .fini sections work.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G $wl-h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ sysv4)
+ case $host_vendor in
+ sni)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_direct, $1)=yes # is this really true???
+ ;;
+ siemens)
+ ## LD is ld it makes a PLAMLIB
+ ## CC just makes a GrossModule.
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs'
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ ;;
+ motorola)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie
+ ;;
+ esac
+ runpath_var='LD_RUN_PATH'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ sysv4.3*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ runpath_var=LD_RUN_PATH
+ hardcode_runpath_var=yes
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+ fi
+ ;;
+
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
+ _LT_TAGVAR(no_undefined_flag, $1)='$wl-z,text'
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ runpath_var='LD_RUN_PATH'
+
+ if test yes = "$GCC"; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We CANNOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ _LT_TAGVAR(no_undefined_flag, $1)='$wl-z,text'
+ _LT_TAGVAR(allow_undefined_flag, $1)='$wl-z,nodefs'
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R,$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ if test yes = "$GCC"; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ uts4*)
+ _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+
+ *)
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+
+ if test sni = "$host_vendor"; then
+ case $host in
+ sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-Blargedynsym'
+ ;;
+ esac
+ fi
+ fi
+])
+AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)])
+test no = "$_LT_TAGVAR(ld_shlibs, $1)" && can_build_shared=no
+
+_LT_TAGVAR(with_gnu_ld, $1)=$with_gnu_ld
+
+_LT_DECL([], [libext], [0], [Old archive suffix (normally "a")])dnl
+_LT_DECL([], [shrext_cmds], [1], [Shared library suffix (normally ".so")])dnl
+_LT_DECL([], [extract_expsyms_cmds], [2],
+ [The commands to extract the exported symbol list from a shared archive])
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$_LT_TAGVAR(archive_cmds_need_lc, $1)" in
+x|xyes)
+ # Assume -lc should be added
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+
+ if test yes,yes = "$GCC,$enable_shared"; then
+ case $_LT_TAGVAR(archive_cmds, $1) in
+ *'~'*)
+ # FIXME: we may have to deal with multi-command sequences.
+ ;;
+ '$CC '*)
+ # Test whether the compiler implicitly links with -lc since on some
+ # systems, -lgcc has to come before -lc. If gcc already passes -lc
+ # to ld, don't add -lc before -lgcc.
+ AC_CACHE_CHECK([whether -lc should be explicitly linked in],
+ [lt_cv_]_LT_TAGVAR(archive_cmds_need_lc, $1),
+ [$RM conftest*
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ if AC_TRY_EVAL(ac_compile) 2>conftest.err; then
+ soname=conftest
+ lib=conftest
+ libobjs=conftest.$ac_objext
+ deplibs=
+ wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1)
+ pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1)
+ compiler_flags=-v
+ linker_flags=-v
+ verstring=
+ output_objdir=.
+ libname=conftest
+ lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1)
+ _LT_TAGVAR(allow_undefined_flag, $1)=
+ if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1)
+ then
+ lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ else
+ lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+ fi
+ _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag
+ else
+ cat conftest.err 1>&5
+ fi
+ $RM conftest*
+ ])
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=$lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)
+ ;;
+ esac
+ fi
+ ;;
+esac
+
+_LT_TAGDECL([build_libtool_need_lc], [archive_cmds_need_lc], [0],
+ [Whether or not to add -lc for building shared libraries])
+_LT_TAGDECL([allow_libtool_libs_with_static_runtimes],
+ [enable_shared_with_static_runtimes], [0],
+ [Whether or not to disallow shared libs when runtime libs are static])
+_LT_TAGDECL([], [export_dynamic_flag_spec], [1],
+ [Compiler flag to allow reflexive dlopens])
+_LT_TAGDECL([], [whole_archive_flag_spec], [1],
+ [Compiler flag to generate shared objects directly from archives])
+_LT_TAGDECL([], [compiler_needs_object], [1],
+ [Whether the compiler copes with passing no objects directly])
+_LT_TAGDECL([], [old_archive_from_new_cmds], [2],
+ [Create an old-style archive from a shared archive])
+_LT_TAGDECL([], [old_archive_from_expsyms_cmds], [2],
+ [Create a temporary old-style archive to link instead of a shared archive])
+_LT_TAGDECL([], [archive_cmds], [2], [Commands used to build a shared archive])
+_LT_TAGDECL([], [archive_expsym_cmds], [2])
+_LT_TAGDECL([], [module_cmds], [2],
+ [Commands used to build a loadable module if different from building
+ a shared archive.])
+_LT_TAGDECL([], [module_expsym_cmds], [2])
+_LT_TAGDECL([], [with_gnu_ld], [1],
+ [Whether we are building with GNU ld or not])
+_LT_TAGDECL([], [allow_undefined_flag], [1],
+ [Flag that allows shared libraries with undefined symbols to be built])
+_LT_TAGDECL([], [no_undefined_flag], [1],
+ [Flag that enforces no undefined symbols])
+_LT_TAGDECL([], [hardcode_libdir_flag_spec], [1],
+ [Flag to hardcode $libdir into a binary during linking.
+ This must work even if $libdir does not exist])
+_LT_TAGDECL([], [hardcode_libdir_separator], [1],
+ [Whether we need a single "-rpath" flag with a separated argument])
+_LT_TAGDECL([], [hardcode_direct], [0],
+ [Set to "yes" if using DIR/libNAME$shared_ext during linking hardcodes
+ DIR into the resulting binary])
+_LT_TAGDECL([], [hardcode_direct_absolute], [0],
+ [Set to "yes" if using DIR/libNAME$shared_ext during linking hardcodes
+ DIR into the resulting binary and the resulting library dependency is
+ "absolute", i.e impossible to change by setting $shlibpath_var if the
+ library is relocated])
+_LT_TAGDECL([], [hardcode_minus_L], [0],
+ [Set to "yes" if using the -LDIR flag during linking hardcodes DIR
+ into the resulting binary])
+_LT_TAGDECL([], [hardcode_shlibpath_var], [0],
+ [Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR
+ into the resulting binary])
+_LT_TAGDECL([], [hardcode_automatic], [0],
+ [Set to "yes" if building a shared library automatically hardcodes DIR
+ into the library and all subsequent libraries and executables linked
+ against it])
+_LT_TAGDECL([], [inherit_rpath], [0],
+ [Set to yes if linker adds runtime paths of dependent libraries
+ to runtime path list])
+_LT_TAGDECL([], [link_all_deplibs], [0],
+ [Whether libtool must link a program against all its dependency libraries])
+_LT_TAGDECL([], [always_export_symbols], [0],
+ [Set to "yes" if exported symbols are required])
+_LT_TAGDECL([], [export_symbols_cmds], [2],
+ [The commands to list exported symbols])
+_LT_TAGDECL([], [exclude_expsyms], [1],
+ [Symbols that should not be listed in the preloaded symbols])
+_LT_TAGDECL([], [include_expsyms], [1],
+ [Symbols that must always be exported])
+_LT_TAGDECL([], [prelink_cmds], [2],
+ [Commands necessary for linking programs (against libraries) with templates])
+_LT_TAGDECL([], [postlink_cmds], [2],
+ [Commands necessary for finishing linking programs])
+_LT_TAGDECL([], [file_list_spec], [1],
+ [Specify filename containing input files])
+dnl FIXME: Not yet implemented
+dnl _LT_TAGDECL([], [thread_safe_flag_spec], [1],
+dnl [Compiler flag to generate thread safe objects])
+])# _LT_LINKER_SHLIBS
+
+
+# _LT_LANG_C_CONFIG([TAG])
+# ------------------------
+# Ensure that the configuration variables for a C compiler are suitably
+# defined. These variables are subsequently used by _LT_CONFIG to write
+# the compiler configuration to 'libtool'.
+m4_defun([_LT_LANG_C_CONFIG],
+[m4_require([_LT_DECL_EGREP])dnl
+lt_save_CC=$CC
+AC_LANG_PUSH(C)
+
+# Source file extension for C test sources.
+ac_ext=c
+
+# Object file extension for compiled C test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="int some_variable = 0;"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='int main(){return(0);}'
+
+_LT_TAG_COMPILER
+# Save the default compiler, since it gets overwritten when the other
+# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP.
+compiler_DEFAULT=$CC
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+ _LT_COMPILER_NO_RTTI($1)
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_SYS_DYNAMIC_LINKER($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+ LT_SYS_DLOPEN_SELF
+ _LT_CMD_STRIPLIB
+
+ # Report what library types will actually be built
+ AC_MSG_CHECKING([if libtool supports shared libraries])
+ AC_MSG_RESULT([$can_build_shared])
+
+ AC_MSG_CHECKING([whether to build shared libraries])
+ test no = "$can_build_shared" && enable_shared=no
+
+ # On AIX, shared libraries and static libraries use the same namespace, and
+ # are all built from PIC.
+ case $host_os in
+ aix3*)
+ test yes = "$enable_shared" && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+
+ aix[[4-9]]*)
+ if test ia64 != "$host_cpu"; then
+ case $enable_shared,$with_aix_soname,$aix_use_runtimelinking in
+ yes,aix,yes) ;; # shared object as lib.so file only
+ yes,svr4,*) ;; # shared object as lib.so archive member only
+ yes,*) enable_static=no ;; # shared object in lib.a archive as well
+ esac
+ fi
+ ;;
+ esac
+ AC_MSG_RESULT([$enable_shared])
+
+ AC_MSG_CHECKING([whether to build static libraries])
+ # Make sure either enable_shared or enable_static is yes.
+ test yes = "$enable_shared" || enable_static=yes
+ AC_MSG_RESULT([$enable_static])
+
+ _LT_CONFIG($1)
+fi
+AC_LANG_POP
+CC=$lt_save_CC
+])# _LT_LANG_C_CONFIG
+
+
+# _LT_LANG_CXX_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for a C++ compiler are suitably
+# defined. These variables are subsequently used by _LT_CONFIG to write
+# the compiler configuration to 'libtool'.
+m4_defun([_LT_LANG_CXX_CONFIG],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_PATH_MANIFEST_TOOL])dnl
+if test -n "$CXX" && ( test no != "$CXX" &&
+ ( (test g++ = "$CXX" && `g++ -v >/dev/null 2>&1` ) ||
+ (test g++ != "$CXX"))); then
+ AC_PROG_CXXCPP
+else
+ _lt_caught_CXX_error=yes
+fi
+
+AC_LANG_PUSH(C++)
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_TAGVAR(allow_undefined_flag, $1)=
+_LT_TAGVAR(always_export_symbols, $1)=no
+_LT_TAGVAR(archive_expsym_cmds, $1)=
+_LT_TAGVAR(compiler_needs_object, $1)=no
+_LT_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_TAGVAR(hardcode_direct, $1)=no
+_LT_TAGVAR(hardcode_direct_absolute, $1)=no
+_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_TAGVAR(hardcode_minus_L, $1)=no
+_LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+_LT_TAGVAR(hardcode_automatic, $1)=no
+_LT_TAGVAR(inherit_rpath, $1)=no
+_LT_TAGVAR(module_cmds, $1)=
+_LT_TAGVAR(module_expsym_cmds, $1)=
+_LT_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+_LT_TAGVAR(no_undefined_flag, $1)=
+_LT_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Source file extension for C++ test sources.
+ac_ext=cpp
+
+# Object file extension for compiled C++ test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# No sense in running all these tests if we already determined that
+# the CXX compiler isn't working. Some variables (like enable_shared)
+# are currently assumed to apply to all compilers on this platform,
+# and will be corrupted by setting them based on a non-working compiler.
+if test yes != "$_lt_caught_CXX_error"; then
+ # Code to be used in simple compile tests
+ lt_simple_compile_test_code="int some_variable = 0;"
+
+ # Code to be used in simple link tests
+ lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }'
+
+ # ltmain only uses $CC for tagged configurations so make sure $CC is set.
+ _LT_TAG_COMPILER
+
+ # save warnings/boilerplate of simple test code
+ _LT_COMPILER_BOILERPLATE
+ _LT_LINKER_BOILERPLATE
+
+ # Allow CC to be a program name with arguments.
+ lt_save_CC=$CC
+ lt_save_CFLAGS=$CFLAGS
+ lt_save_LD=$LD
+ lt_save_GCC=$GCC
+ GCC=$GXX
+ lt_save_with_gnu_ld=$with_gnu_ld
+ lt_save_path_LD=$lt_cv_path_LD
+ if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then
+ lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx
+ else
+ $as_unset lt_cv_prog_gnu_ld
+ fi
+ if test -n "${lt_cv_path_LDCXX+set}"; then
+ lt_cv_path_LD=$lt_cv_path_LDCXX
+ else
+ $as_unset lt_cv_path_LD
+ fi
+ test -z "${LDCXX+set}" || LD=$LDCXX
+ CC=${CXX-"c++"}
+ CFLAGS=$CXXFLAGS
+ compiler=$CC
+ _LT_TAGVAR(compiler, $1)=$CC
+ _LT_CC_BASENAME([$compiler])
+
+ if test -n "$compiler"; then
+ # We don't want -fno-exception when compiling C++ code, so set the
+ # no_builtin_flag separately
+ if test yes = "$GXX"; then
+ _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
+ else
+ _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
+ fi
+
+ if test yes = "$GXX"; then
+ # Set up default GNU C++ configuration
+
+ LT_PATH_LD
+
+ # Check if GNU C++ uses GNU ld as the underlying linker, since the
+ # archiving commands below assume that GNU ld is being used.
+ if test yes = "$with_gnu_ld"; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic'
+
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to
+ # investigate it a little bit more. (MM)
+ wlarc='$wl'
+
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if eval "`$CC -print-prog-name=ld` --help 2>&1" |
+ $GREP 'no-whole-archive' > /dev/null; then
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=$wlarc'--whole-archive$convenience '$wlarc'--no-whole-archive'
+ else
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=
+ fi
+ else
+ with_gnu_ld=no
+ wlarc=
+
+ # A generic and very simple default shared library creation
+ # command for GNU C++ for the case where it uses the native
+ # linker, instead of GNU ld. If possible, this setting should
+ # overridden to take advantage of the native linker features on
+ # the platform it is being used on.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+ fi
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"'
+
+ else
+ GXX=no
+ with_gnu_ld=no
+ wlarc=
+ fi
+
+ # PORTME: fill in a description of your system's C++ link characteristics
+ AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+ case $host_os in
+ aix3*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ aix[[4-9]]*)
+ if test ia64 = "$host_cpu"; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=
+ else
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # have runtime linking enabled, and use it for executables.
+ # For shared libraries, we enable/disable runtime linking
+ # depending on the kind of the shared library created -
+ # when "with_aix_soname,aix_use_runtimelinking" is:
+ # "aix,no" lib.a(lib.so.V) shared, rtl:no, for executables
+ # "aix,yes" lib.so shared, rtl:yes, for executables
+ # lib.a static archive
+ # "both,no" lib.so.V(shr.o) shared, rtl:yes
+ # lib.a(lib.so.V) shared, rtl:no, for executables
+ # "both,yes" lib.so.V(shr.o) shared, rtl:yes, for executables
+ # lib.a(lib.so.V) shared, rtl:no
+ # "svr4,*" lib.so.V(shr.o) shared, rtl:yes, for executables
+ # lib.a static archive
+ case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
+ for ld_flag in $LDFLAGS; do
+ case $ld_flag in
+ *-brtl*)
+ aix_use_runtimelinking=yes
+ break
+ ;;
+ esac
+ done
+ if test svr4,no = "$with_aix_soname,$aix_use_runtimelinking"; then
+ # With aix-soname=svr4, we create the lib.so.V shared archives only,
+ # so we don't have lib.a shared libs to link our executables.
+ # We have to force runtime linking in this case.
+ aix_use_runtimelinking=yes
+ LDFLAGS="$LDFLAGS -Wl,-brtl"
+ fi
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ _LT_TAGVAR(archive_cmds, $1)=''
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_TAGVAR(file_list_spec, $1)='$wl-f,'
+ case $with_aix_soname,$aix_use_runtimelinking in
+ aix,*) ;; # no import file
+ svr4,* | *,yes) # use import file
+ # The Import File defines what to hardcode.
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=no
+ ;;
+ esac
+
+ if test yes = "$GXX"; then
+ case $host_os in aix4.[[012]]|aix4.[[012]].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`$CC -print-prog-name=collect2`
+ if test -f "$collect2name" &&
+ strings "$collect2name" | $GREP resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ :
+ else
+ # We have old collect2
+ _LT_TAGVAR(hardcode_direct, $1)=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=
+ fi
+ esac
+ shared_flag='-shared'
+ if test yes = "$aix_use_runtimelinking"; then
+ shared_flag=$shared_flag' $wl-G'
+ fi
+ # Need to ensure runtime linking is disabled for the traditional
+ # shared library, or the linker may eventually find shared libraries
+ # /with/ Import File - we do not want to mix them.
+ shared_flag_aix='-shared'
+ shared_flag_svr4='-shared $wl-G'
+ else
+ # not using gcc
+ if test ia64 = "$host_cpu"; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test yes = "$aix_use_runtimelinking"; then
+ shared_flag='$wl-G'
+ else
+ shared_flag='$wl-bM:SRE'
+ fi
+ shared_flag_aix='$wl-bM:SRE'
+ shared_flag_svr4='$wl-G'
+ fi
+ fi
+
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-bexpall'
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to
+ # export.
+ _LT_TAGVAR(always_export_symbols, $1)=yes
+ if test aix,yes = "$with_aix_soname,$aix_use_runtimelinking"; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ # The "-G" linker flag allows undefined symbols.
+ _LT_TAGVAR(no_undefined_flag, $1)='-bernotok'
+ # Determine the default libpath from the value encoded in an empty
+ # executable.
+ _LT_SYS_MODULE_PATH_AIX([$1])
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-blibpath:$libdir:'"$aix_libpath"
+
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs $wl'$no_entry_flag' $compiler_flags `if test -n "$allow_undefined_flag"; then func_echo_all "$wl$allow_undefined_flag"; else :; fi` $wl'$exp_sym_flag:\$export_symbols' '$shared_flag
+ else
+ if test ia64 = "$host_cpu"; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R $libdir:/usr/lib:/lib'
+ _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
+ _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\$wl$no_entry_flag"' $compiler_flags $wl$allow_undefined_flag '"\$wl$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an
+ # empty executable.
+ _LT_SYS_MODULE_PATH_AIX([$1])
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ _LT_TAGVAR(no_undefined_flag, $1)=' $wl-bernotok'
+ _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-berok'
+ if test yes = "$with_gnu_ld"; then
+ # We only use this code for GNU lds that support --whole-archive.
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive$convenience $wl--no-whole-archive'
+ else
+ # Exported symbols can be pulled into shared objects from archives
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+ fi
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$RM -r $output_objdir/$realname.d~$MKDIR $output_objdir/$realname.d'
+ # -brtl affects multiple linker settings, -berok does not and is overridden later
+ compiler_flags_filtered='`func_echo_all "$compiler_flags " | $SED -e "s%-brtl\\([[, ]]\\)%-berok\\1%g"`'
+ if test svr4 != "$with_aix_soname"; then
+ # This is similar to how AIX traditionally builds its shared
+ # libraries. Need -bnortl late, we may have -brtl in LDFLAGS.
+ _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$CC '$shared_flag_aix' -o $output_objdir/$realname.d/$soname $libobjs $deplibs $wl-bnoentry '$compiler_flags_filtered'$wl-bE:$export_symbols$allow_undefined_flag~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$realname.d/$soname'
+ fi
+ if test aix != "$with_aix_soname"; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$CC '$shared_flag_svr4' -o $output_objdir/$realname.d/$shared_archive_member_spec.o $libobjs $deplibs $wl-bnoentry '$compiler_flags_filtered'$wl-bE:$export_symbols$allow_undefined_flag~$STRIP -e $output_objdir/$realname.d/$shared_archive_member_spec.o~( func_echo_all "#! $soname($shared_archive_member_spec.o)"; if test shr_64 = "$shared_archive_member_spec"; then func_echo_all "# 64"; else func_echo_all "# 32"; fi; cat $export_symbols ) > $output_objdir/$realname.d/$shared_archive_member_spec.imp~$AR $AR_FLAGS $output_objdir/$soname $output_objdir/$realname.d/$shared_archive_member_spec.o $output_objdir/$realname.d/$shared_archive_member_spec.imp'
+ else
+ # used by -dlpreopen to get the symbols
+ _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$MV $output_objdir/$realname.d/$soname $output_objdir'
+ fi
+ _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$RM -r $output_objdir/$realname.d'
+ fi
+ fi
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ chorus*)
+ case $cc_basename in
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ cygwin* | mingw* | pw32* | cegcc*)
+ case $GXX,$cc_basename in
+ ,cl* | no,cl* | ,icl* | no,icl*)
+ # Native MSVC or ICC
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_TAGVAR(always_export_symbols, $1)=yes
+ _LT_TAGVAR(file_list_spec, $1)='@'
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=.dll
+ # FIXME: Setting linknames here is a bad hack.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~linknames='
+ _LT_TAGVAR(archive_expsym_cmds, $1)='if _LT_DLL_DEF_P([$export_symbols]); then
+ cp "$export_symbols" "$output_objdir/$soname.def";
+ echo "$tool_output_objdir$soname.def" > "$output_objdir/$soname.exp";
+ else
+ $SED -e '\''s/^/-link -EXPORT:/'\'' < $export_symbols > $output_objdir/$soname.exp;
+ fi~
+ $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+ linknames='
+ # The linker will not automatically build a static lib if we build a DLL.
+ # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ # Don't use ranlib
+ _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib'
+ _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~
+ lt_tool_outputfile="@TOOL_OUTPUT@"~
+ case $lt_outputfile in
+ *.exe|*.EXE) ;;
+ *)
+ lt_outputfile=$lt_outputfile.exe
+ lt_tool_outputfile=$lt_tool_outputfile.exe
+ ;;
+ esac~
+ func_to_tool_file "$lt_outputfile"~
+ if test : != "$MANIFEST_TOOL" && test -f "$lt_outputfile.manifest"; then
+ $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+ $RM "$lt_outputfile.manifest";
+ fi'
+ ;;
+ *)
+ # g++
+ # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
+ # as there is no search path for DLLs.
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-all-symbols'
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ _LT_TAGVAR(always_export_symbols, $1)=no
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+
+ if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname $wl--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file, use it as
+ # is; otherwise, prepend EXPORTS...
+ _LT_TAGVAR(archive_expsym_cmds, $1)='if _LT_DLL_DEF_P([$export_symbols]); then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname $wl--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+ darwin* | rhapsody*)
+ _LT_DARWIN_LINKER_FEATURES($1)
+ ;;
+
+ os2*)
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes
+ _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+ shrext_cmds=.dll
+ _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~
+ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~
+ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~
+ $ECHO EXPORTS >> $output_objdir/$libname.def~
+ emxexp $libobjs | $SED /"_DLL_InitTerm"/d >> $output_objdir/$libname.def~
+ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~
+ emximp -o $lib $output_objdir/$libname.def'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~
+ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~
+ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~
+ $ECHO EXPORTS >> $output_objdir/$libname.def~
+ prefix_cmds="$SED"~
+ if test EXPORTS = "`$SED 1q $export_symbols`"; then
+ prefix_cmds="$prefix_cmds -e 1d";
+ fi~
+ prefix_cmds="$prefix_cmds -e \"s/^\(.*\)$/_\1/g\""~
+ cat $export_symbols | $prefix_cmds >> $output_objdir/$libname.def~
+ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~
+ emximp -o $lib $output_objdir/$libname.def'
+ _LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def'
+ _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+ _LT_TAGVAR(file_list_spec, $1)='@'
+ ;;
+
+ dgux*)
+ case $cc_basename in
+ ec++*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ ghcx*)
+ # Green Hills C++ Compiler
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ freebsd2.*)
+ # C++ shared libraries reported to be fairly broken before
+ # switch to ELF
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ freebsd-elf*)
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ ;;
+
+ freebsd* | dragonfly* | midnightbsd*)
+ # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF
+ # conventions
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+ ;;
+
+ haiku*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+
+ hpux9*)
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl+b $wl$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
+ # but as the default
+ # location of the library.
+
+ case $cc_basename in
+ CC*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ aCC*)
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -b $wl+b $wl$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib'
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+ ;;
+ *)
+ if test yes = "$GXX"; then
+ _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib $pic_flag $wl+b $wl$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib'
+ else
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+
+ hpux10*|hpux11*)
+ if test no = "$with_gnu_ld"; then
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl+b $wl$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ ;;
+ *)
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E'
+ ;;
+ esac
+ fi
+ case $host_cpu in
+ hppa*64*|ia64*)
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ ;;
+ *)
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
+ # but as the default
+ # location of the library.
+ ;;
+ esac
+
+ case $cc_basename in
+ CC*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ aCC*)
+ case $host_cpu in
+ hppa*64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ ia64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname $wl+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ esac
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+ ;;
+ *)
+ if test yes = "$GXX"; then
+ if test no = "$with_gnu_ld"; then
+ case $host_cpu in
+ hppa*64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC $wl+h $wl$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ ia64*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag $wl+h $wl$soname $wl+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ ;;
+ esac
+ fi
+ else
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+
+ interix[[3-9]]*)
+ _LT_TAGVAR(hardcode_direct, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+ irix5* | irix6*)
+ case $cc_basename in
+ CC*)
+ # SGI C++
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
+
+ # Archives containing C++ object files must be created using
+ # "CC -ar", where "CC" is the IRIX C++ compiler. This is
+ # necessary to make sure instantiated templates are included
+ # in the archive.
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs'
+ ;;
+ *)
+ if test yes = "$GXX"; then
+ if test no = "$with_gnu_ld"; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib'
+ else
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` -o $lib'
+ fi
+ fi
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+ esac
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+ _LT_TAGVAR(inherit_rpath, $1)=yes
+ ;;
+
+ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*)
+ case $cc_basename in
+ KCC*)
+ # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+ # KCC will only create a shared library if the output file
+ # ends with ".so" (or ".sl" for HP-UX), so rename the library
+ # to its proper name (with version) after linking.
+ _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\$tempext\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\$tempext\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib $wl-retain-symbols-file,$export_symbols; mv \$templib $lib'
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic'
+
+ # Archives containing C++ object files must be created using
+ # "CC -Bstatic", where "CC" is the KAI C++ compiler.
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs'
+ ;;
+ icpc* | ecpc* )
+ # Intel C++
+ with_gnu_ld=yes
+ # version 8.0 and above of icpc choke on multiply defined symbols
+ # if we add $predep_objects and $postdep_objects, however 7.1 and
+ # earlier do not add the objects themselves.
+ case `$CC -V 2>&1` in
+ *"Version 7."*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ ;;
+ *) # Version 8.0 or newer
+ tmp_idyn=
+ case $host_cpu in
+ ia64*) tmp_idyn=' -i_dynamic';;
+ esac
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ ;;
+ esac
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive$convenience $wl--no-whole-archive'
+ ;;
+ pgCC* | pgcpp*)
+ # Portland Group C++ compiler
+ case `$CC -V` in
+ *pgCC\ [[1-5]].* | *pgcpp\ [[1-5]].*)
+ _LT_TAGVAR(prelink_cmds, $1)='tpldir=Template.dir~
+ rm -rf $tpldir~
+ $CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~
+ compile_command="$compile_command `find $tpldir -name \*.o | sort | $NL2SP`"'
+ _LT_TAGVAR(old_archive_cmds, $1)='tpldir=Template.dir~
+ rm -rf $tpldir~
+ $CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~
+ $AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | sort | $NL2SP`~
+ $RANLIB $oldlib'
+ _LT_TAGVAR(archive_cmds, $1)='tpldir=Template.dir~
+ rm -rf $tpldir~
+ $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
+ $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='tpldir=Template.dir~
+ rm -rf $tpldir~
+ $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
+ $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ ;;
+ *) # Version 6 and above use weak symbols
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
+ ;;
+ esac
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl--rpath $wl$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
+ ;;
+ cxx*)
+ # Compaq C++
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib $wl-retain-symbols-file $wl$export_symbols'
+
+ runpath_var=LD_RUN_PATH
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "X$list" | $Xsed'
+ ;;
+ xl* | mpixl* | bgxl*)
+ # IBM XL 8.0 on PPC, with GNU ld
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ if test yes = "$supports_anon_versioning"; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ echo "local: *; };" >> $output_objdir/$libname.ver~
+ $CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib'
+ fi
+ ;;
+ *)
+ case `$CC -V 2>&1 | $SED 5q` in
+ *Sun\ C*)
+ # Sun C++ 5.9
+ _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G$allow_undefined_flag -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G$allow_undefined_flag -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-retain-symbols-file $wl$export_symbols'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive'
+ _LT_TAGVAR(compiler_needs_object, $1)=yes
+
+ # Not sure whether something based on
+ # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1
+ # would be better.
+ output_verbose_link_cmd='func_echo_all'
+
+ # Archives containing C++ object files must be created using
+ # "CC -xar", where "CC" is the Sun C++ compiler. This is
+ # necessary to make sure instantiated templates are included
+ # in the archive.
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+
+ lynxos*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ m88k*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ mvs*)
+ case $cc_basename in
+ cxx*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ netbsd*)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags'
+ wlarc=
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ fi
+ # Workaround some broken pre-1.5 toolchains
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"'
+ ;;
+
+ *nto* | *qnx*)
+ _LT_TAGVAR(ld_shlibs, $1)=yes
+ ;;
+
+ openbsd* | bitrig*)
+ if test -f /usr/libexec/ld.so; then
+ _LT_TAGVAR(hardcode_direct, $1)=yes
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir'
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`"; then
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-retain-symbols-file,$export_symbols -o $lib'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=$wlarc'--whole-archive$convenience '$wlarc'--no-whole-archive'
+ fi
+ output_verbose_link_cmd=func_echo_all
+ else
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+
+ osf3* | osf4* | osf5*)
+ case $cc_basename in
+ KCC*)
+ # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+ # KCC will only create a shared library if the output file
+ # ends with ".so" (or ".sl" for HP-UX), so rename the library
+ # to its proper name (with version) after linking.
+ _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo "$lib" | $SED -e "s/\$tempext\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Archives containing C++ object files must be created using
+ # the KAI C++ compiler.
+ case $host in
+ osf3*) _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' ;;
+ *) _LT_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs' ;;
+ esac
+ ;;
+ RCC*)
+ # Rational C++ 2.4.1
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ cxx*)
+ case $host in
+ osf3*)
+ _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-expect_unresolved $wl\*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $soname `test -n "$verstring" && func_echo_all "$wl-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ ;;
+ *)
+ _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~
+ echo "-hidden">> $lib.exp~
+ $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname $wl-input $wl$lib.exp `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib~
+ $RM $lib.exp'
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+ ;;
+ esac
+
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ #
+ # There doesn't appear to be a way to prevent this compiler from
+ # explicitly linking system object files so we need to strip them
+ # from the output so that they don't get included in the library
+ # dependencies.
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+ ;;
+ *)
+ if test yes,no = "$GXX,$with_gnu_ld"; then
+ _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-expect_unresolved $wl\*'
+ case $host in
+ osf3*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-msym $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib'
+ ;;
+ esac
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"'
+
+ else
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ fi
+ ;;
+ esac
+ ;;
+
+ psos*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ sunos4*)
+ case $cc_basename in
+ CC*)
+ # Sun C++ 4.x
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ lcc*)
+ # Lucid
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ solaris*)
+ case $cc_basename in
+ CC* | sunCC*)
+ # Sun C++ 4.2, 5.x and Centerline C++
+ _LT_TAGVAR(archive_cmds_need_lc,$1)=yes
+ _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G$allow_undefined_flag -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -G$allow_undefined_flag $wl-M $wl$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ case $host_os in
+ solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+ *)
+ # The compiler driver will combine and reorder linker options,
+ # but understands '-z linker_flag'.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract'
+ ;;
+ esac
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+
+ output_verbose_link_cmd='func_echo_all'
+
+ # Archives containing C++ object files must be created using
+ # "CC -xar", where "CC" is the Sun C++ compiler. This is
+ # necessary to make sure instantiated templates are included
+ # in the archive.
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
+ ;;
+ gcx*)
+ # Green Hills C++ Compiler
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-h $wl$soname -o $lib'
+
+ # The C++ compiler must be used to create the archive.
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs'
+ ;;
+ *)
+ # GNU C++ compiler with Solaris linker
+ if test yes,no = "$GXX,$with_gnu_ld"; then
+ _LT_TAGVAR(no_undefined_flag, $1)=' $wl-z ${wl}defs'
+ if $CC --version | $GREP -v '^2\.7' > /dev/null; then
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-h $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -shared $pic_flag -nostdlib $wl-M $wl$lib.exp $wl-h $wl$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"'
+ else
+ # g++ 2.7 appears to require '-G' NOT '-shared' on this
+ # platform.
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-h $wl$soname -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -G -nostdlib $wl-M $wl$lib.exp $wl-h $wl$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+ # Commands to make compiler produce verbose output that lists
+ # what "hidden" libraries, object files and flags are used when
+ # linking a shared library.
+ output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"'
+ fi
+
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R $wl$libdir'
+ case $host_os in
+ solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+ *)
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl-z ${wl}allextract$convenience $wl-z ${wl}defaultextract'
+ ;;
+ esac
+ fi
+ ;;
+ esac
+ ;;
+
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
+ _LT_TAGVAR(no_undefined_flag, $1)='$wl-z,text'
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ runpath_var='LD_RUN_PATH'
+
+ case $cc_basename in
+ CC*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We CANNOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ _LT_TAGVAR(no_undefined_flag, $1)='$wl-z,text'
+ _LT_TAGVAR(allow_undefined_flag, $1)='$wl-z,nodefs'
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+ _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R,$libdir'
+ _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ case $cc_basename in
+ CC*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -G $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC -Tprelink_objects $oldobjs~
+ '"$_LT_TAGVAR(old_archive_cmds, $1)"
+ _LT_TAGVAR(reload_cmds, $1)='$CC -Tprelink_objects $reload_objs~
+ '"$_LT_TAGVAR(reload_cmds, $1)"
+ ;;
+ *)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ ;;
+
+ tandem*)
+ case $cc_basename in
+ NCC*)
+ # NonStop-UX NCC 3.20
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+ ;;
+
+ vxworks*)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+
+ *)
+ # FIXME: insert proper C++ library support
+ _LT_TAGVAR(ld_shlibs, $1)=no
+ ;;
+ esac
+
+ AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)])
+ test no = "$_LT_TAGVAR(ld_shlibs, $1)" && can_build_shared=no
+
+ _LT_TAGVAR(GCC, $1)=$GXX
+ _LT_TAGVAR(LD, $1)=$LD
+
+ ## CAVEAT EMPTOR:
+ ## There is no encapsulation within the following macros, do not change
+ ## the running order or otherwise move them around unless you know exactly
+ ## what you are doing...
+ _LT_SYS_HIDDEN_LIBDEPS($1)
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_SYS_DYNAMIC_LINKER($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+
+ _LT_CONFIG($1)
+ fi # test -n "$compiler"
+
+ CC=$lt_save_CC
+ CFLAGS=$lt_save_CFLAGS
+ LDCXX=$LD
+ LD=$lt_save_LD
+ GCC=$lt_save_GCC
+ with_gnu_ld=$lt_save_with_gnu_ld
+ lt_cv_path_LDCXX=$lt_cv_path_LD
+ lt_cv_path_LD=$lt_save_path_LD
+ lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld
+ lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld
+fi # test yes != "$_lt_caught_CXX_error"
+
+AC_LANG_POP
+])# _LT_LANG_CXX_CONFIG
+
+
+# _LT_FUNC_STRIPNAME_CNF
+# ----------------------
+# func_stripname_cnf prefix suffix name
+# strip PREFIX and SUFFIX off of NAME.
+# PREFIX and SUFFIX must not contain globbing or regex special
+# characters, hashes, percent signs, but SUFFIX may contain a leading
+# dot (in which case that matches only a dot).
+#
+# This function is identical to the (non-XSI) version of func_stripname,
+# except this one can be used by m4 code that may be executed by configure,
+# rather than the libtool script.
+m4_defun([_LT_FUNC_STRIPNAME_CNF],[dnl
+AC_REQUIRE([_LT_DECL_SED])
+AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])
+func_stripname_cnf ()
+{
+ case @S|@2 in
+ .*) func_stripname_result=`$ECHO "@S|@3" | $SED "s%^@S|@1%%; s%\\\\@S|@2\$%%"`;;
+ *) func_stripname_result=`$ECHO "@S|@3" | $SED "s%^@S|@1%%; s%@S|@2\$%%"`;;
+ esac
+} # func_stripname_cnf
+])# _LT_FUNC_STRIPNAME_CNF
+
+
+# _LT_SYS_HIDDEN_LIBDEPS([TAGNAME])
+# ---------------------------------
+# Figure out "hidden" library dependencies from verbose
+# compiler output when linking a shared library.
+# Parse the compiler output and extract the necessary
+# objects, libraries and library flags.
+m4_defun([_LT_SYS_HIDDEN_LIBDEPS],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+AC_REQUIRE([_LT_FUNC_STRIPNAME_CNF])dnl
+# Dependencies to place before and after the object being linked:
+_LT_TAGVAR(predep_objects, $1)=
+_LT_TAGVAR(postdep_objects, $1)=
+_LT_TAGVAR(predeps, $1)=
+_LT_TAGVAR(postdeps, $1)=
+_LT_TAGVAR(compiler_lib_search_path, $1)=
+
+dnl we can't use the lt_simple_compile_test_code here,
+dnl because it contains code intended for an executable,
+dnl not a library. It's possible we should let each
+dnl tag define a new lt_????_link_test_code variable,
+dnl but it's only used here...
+m4_if([$1], [], [cat > conftest.$ac_ext <<_LT_EOF
+int a;
+void foo (void) { a = 0; }
+_LT_EOF
+], [$1], [CXX], [cat > conftest.$ac_ext <<_LT_EOF
+class Foo
+{
+public:
+ Foo (void) { a = 0; }
+private:
+ int a;
+};
+_LT_EOF
+], [$1], [F77], [cat > conftest.$ac_ext <<_LT_EOF
+ subroutine foo
+ implicit none
+ integer*4 a
+ a=0
+ return
+ end
+_LT_EOF
+], [$1], [FC], [cat > conftest.$ac_ext <<_LT_EOF
+ subroutine foo
+ implicit none
+ integer a
+ a=0
+ return
+ end
+_LT_EOF
+], [$1], [GCJ], [cat > conftest.$ac_ext <<_LT_EOF
+public class foo {
+ private int a;
+ public void bar (void) {
+ a = 0;
+ }
+};
+_LT_EOF
+], [$1], [GO], [cat > conftest.$ac_ext <<_LT_EOF
+package foo
+func foo() {
+}
+_LT_EOF
+])
+
+_lt_libdeps_save_CFLAGS=$CFLAGS
+case "$CC $CFLAGS " in #(
+*\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;;
+*\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;;
+*\ -fuse-linker-plugin*\ *) CFLAGS="$CFLAGS -fno-use-linker-plugin" ;;
+esac
+
+dnl Parse the compiler output and extract the necessary
+dnl objects, libraries and library flags.
+if AC_TRY_EVAL(ac_compile); then
+ # Parse the compiler output and extract the necessary
+ # objects, libraries and library flags.
+
+ # Sentinel used to keep track of whether or not we are before
+ # the conftest object file.
+ pre_test_object_deps_done=no
+
+ for p in `eval "$output_verbose_link_cmd"`; do
+ case $prev$p in
+
+ -L* | -R* | -l*)
+ # Some compilers place space between "-{L,R}" and the path.
+ # Remove the space.
+ if test x-L = "$p" ||
+ test x-R = "$p"; then
+ prev=$p
+ continue
+ fi
+
+ # Expand the sysroot to ease extracting the directories later.
+ if test -z "$prev"; then
+ case $p in
+ -L*) func_stripname_cnf '-L' '' "$p"; prev=-L; p=$func_stripname_result ;;
+ -R*) func_stripname_cnf '-R' '' "$p"; prev=-R; p=$func_stripname_result ;;
+ -l*) func_stripname_cnf '-l' '' "$p"; prev=-l; p=$func_stripname_result ;;
+ esac
+ fi
+ case $p in
+ =*) func_stripname_cnf '=' '' "$p"; p=$lt_sysroot$func_stripname_result ;;
+ esac
+ if test no = "$pre_test_object_deps_done"; then
+ case $prev in
+ -L | -R)
+ # Internal compiler library paths should come after those
+ # provided the user. The postdeps already come after the
+ # user supplied libs so there is no need to process them.
+ if test -z "$_LT_TAGVAR(compiler_lib_search_path, $1)"; then
+ _LT_TAGVAR(compiler_lib_search_path, $1)=$prev$p
+ else
+ _LT_TAGVAR(compiler_lib_search_path, $1)="${_LT_TAGVAR(compiler_lib_search_path, $1)} $prev$p"
+ fi
+ ;;
+ # The "-l" case would never come before the object being
+ # linked, so don't bother handling this case.
+ esac
+ else
+ if test -z "$_LT_TAGVAR(postdeps, $1)"; then
+ _LT_TAGVAR(postdeps, $1)=$prev$p
+ else
+ _LT_TAGVAR(postdeps, $1)="${_LT_TAGVAR(postdeps, $1)} $prev$p"
+ fi
+ fi
+ prev=
+ ;;
+
+ *.lto.$objext) ;; # Ignore GCC LTO objects
+ *.$objext)
+ # This assumes that the test object file only shows up
+ # once in the compiler output.
+ if test "$p" = "conftest.$objext"; then
+ pre_test_object_deps_done=yes
+ continue
+ fi
+
+ if test no = "$pre_test_object_deps_done"; then
+ if test -z "$_LT_TAGVAR(predep_objects, $1)"; then
+ _LT_TAGVAR(predep_objects, $1)=$p
+ else
+ _LT_TAGVAR(predep_objects, $1)="$_LT_TAGVAR(predep_objects, $1) $p"
+ fi
+ else
+ if test -z "$_LT_TAGVAR(postdep_objects, $1)"; then
+ _LT_TAGVAR(postdep_objects, $1)=$p
+ else
+ _LT_TAGVAR(postdep_objects, $1)="$_LT_TAGVAR(postdep_objects, $1) $p"
+ fi
+ fi
+ ;;
+
+ *) ;; # Ignore the rest.
+
+ esac
+ done
+
+ # Clean up.
+ rm -f a.out a.exe
+else
+ echo "libtool.m4: error: problem compiling $1 test program"
+fi
+
+$RM -f confest.$objext
+CFLAGS=$_lt_libdeps_save_CFLAGS
+
+# PORTME: override above test on systems where it is broken
+m4_if([$1], [CXX],
+[case $host_os in
+interix[[3-9]]*)
+ # Interix 3.5 installs completely hosed .la files for C++, so rather than
+ # hack all around it, let's just trust "g++" to DTRT.
+ _LT_TAGVAR(predep_objects,$1)=
+ _LT_TAGVAR(postdep_objects,$1)=
+ _LT_TAGVAR(postdeps,$1)=
+ ;;
+esac
+])
+
+case " $_LT_TAGVAR(postdeps, $1) " in
+*" -lc "*) _LT_TAGVAR(archive_cmds_need_lc, $1)=no ;;
+esac
+ _LT_TAGVAR(compiler_lib_search_dirs, $1)=
+if test -n "${_LT_TAGVAR(compiler_lib_search_path, $1)}"; then
+ _LT_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_TAGVAR(compiler_lib_search_path, $1)}" | $SED -e 's! -L! !g' -e 's!^ !!'`
+fi
+_LT_TAGDECL([], [compiler_lib_search_dirs], [1],
+ [The directories searched by this compiler when creating a shared library])
+_LT_TAGDECL([], [predep_objects], [1],
+ [Dependencies to place before and after the objects being linked to
+ create a shared library])
+_LT_TAGDECL([], [postdep_objects], [1])
+_LT_TAGDECL([], [predeps], [1])
+_LT_TAGDECL([], [postdeps], [1])
+_LT_TAGDECL([], [compiler_lib_search_path], [1],
+ [The library search path used internally by the compiler when linking
+ a shared library])
+])# _LT_SYS_HIDDEN_LIBDEPS
+
+
+# _LT_LANG_F77_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for a Fortran 77 compiler are
+# suitably defined. These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to 'libtool'.
+m4_defun([_LT_LANG_F77_CONFIG],
+[AC_LANG_PUSH(Fortran 77)
+if test -z "$F77" || test no = "$F77"; then
+ _lt_disable_F77=yes
+fi
+
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_TAGVAR(allow_undefined_flag, $1)=
+_LT_TAGVAR(always_export_symbols, $1)=no
+_LT_TAGVAR(archive_expsym_cmds, $1)=
+_LT_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_TAGVAR(hardcode_direct, $1)=no
+_LT_TAGVAR(hardcode_direct_absolute, $1)=no
+_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_TAGVAR(hardcode_minus_L, $1)=no
+_LT_TAGVAR(hardcode_automatic, $1)=no
+_LT_TAGVAR(inherit_rpath, $1)=no
+_LT_TAGVAR(module_cmds, $1)=
+_LT_TAGVAR(module_expsym_cmds, $1)=
+_LT_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+_LT_TAGVAR(no_undefined_flag, $1)=
+_LT_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Source file extension for f77 test sources.
+ac_ext=f
+
+# Object file extension for compiled f77 test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# No sense in running all these tests if we already determined that
+# the F77 compiler isn't working. Some variables (like enable_shared)
+# are currently assumed to apply to all compilers on this platform,
+# and will be corrupted by setting them based on a non-working compiler.
+if test yes != "$_lt_disable_F77"; then
+ # Code to be used in simple compile tests
+ lt_simple_compile_test_code="\
+ subroutine t
+ return
+ end
+"
+
+ # Code to be used in simple link tests
+ lt_simple_link_test_code="\
+ program t
+ end
+"
+
+ # ltmain only uses $CC for tagged configurations so make sure $CC is set.
+ _LT_TAG_COMPILER
+
+ # save warnings/boilerplate of simple test code
+ _LT_COMPILER_BOILERPLATE
+ _LT_LINKER_BOILERPLATE
+
+ # Allow CC to be a program name with arguments.
+ lt_save_CC=$CC
+ lt_save_GCC=$GCC
+ lt_save_CFLAGS=$CFLAGS
+ CC=${F77-"f77"}
+ CFLAGS=$FFLAGS
+ compiler=$CC
+ _LT_TAGVAR(compiler, $1)=$CC
+ _LT_CC_BASENAME([$compiler])
+ GCC=$G77
+ if test -n "$compiler"; then
+ AC_MSG_CHECKING([if libtool supports shared libraries])
+ AC_MSG_RESULT([$can_build_shared])
+
+ AC_MSG_CHECKING([whether to build shared libraries])
+ test no = "$can_build_shared" && enable_shared=no
+
+ # On AIX, shared libraries and static libraries use the same namespace, and
+ # are all built from PIC.
+ case $host_os in
+ aix3*)
+ test yes = "$enable_shared" && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+ aix[[4-9]]*)
+ if test ia64 != "$host_cpu"; then
+ case $enable_shared,$with_aix_soname,$aix_use_runtimelinking in
+ yes,aix,yes) ;; # shared object as lib.so file only
+ yes,svr4,*) ;; # shared object as lib.so archive member only
+ yes,*) enable_static=no ;; # shared object in lib.a archive as well
+ esac
+ fi
+ ;;
+ esac
+ AC_MSG_RESULT([$enable_shared])
+
+ AC_MSG_CHECKING([whether to build static libraries])
+ # Make sure either enable_shared or enable_static is yes.
+ test yes = "$enable_shared" || enable_static=yes
+ AC_MSG_RESULT([$enable_static])
+
+ _LT_TAGVAR(GCC, $1)=$G77
+ _LT_TAGVAR(LD, $1)=$LD
+
+ ## CAVEAT EMPTOR:
+ ## There is no encapsulation within the following macros, do not change
+ ## the running order or otherwise move them around unless you know exactly
+ ## what you are doing...
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_SYS_DYNAMIC_LINKER($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+
+ _LT_CONFIG($1)
+ fi # test -n "$compiler"
+
+ GCC=$lt_save_GCC
+ CC=$lt_save_CC
+ CFLAGS=$lt_save_CFLAGS
+fi # test yes != "$_lt_disable_F77"
+
+AC_LANG_POP
+])# _LT_LANG_F77_CONFIG
+
+
+# _LT_LANG_FC_CONFIG([TAG])
+# -------------------------
+# Ensure that the configuration variables for a Fortran compiler are
+# suitably defined. These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to 'libtool'.
+m4_defun([_LT_LANG_FC_CONFIG],
+[AC_LANG_PUSH(Fortran)
+
+if test -z "$FC" || test no = "$FC"; then
+ _lt_disable_FC=yes
+fi
+
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_TAGVAR(allow_undefined_flag, $1)=
+_LT_TAGVAR(always_export_symbols, $1)=no
+_LT_TAGVAR(archive_expsym_cmds, $1)=
+_LT_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_TAGVAR(hardcode_direct, $1)=no
+_LT_TAGVAR(hardcode_direct_absolute, $1)=no
+_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_TAGVAR(hardcode_minus_L, $1)=no
+_LT_TAGVAR(hardcode_automatic, $1)=no
+_LT_TAGVAR(inherit_rpath, $1)=no
+_LT_TAGVAR(module_cmds, $1)=
+_LT_TAGVAR(module_expsym_cmds, $1)=
+_LT_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+_LT_TAGVAR(no_undefined_flag, $1)=
+_LT_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Source file extension for fc test sources.
+ac_ext=${ac_fc_srcext-f}
+
+# Object file extension for compiled fc test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# No sense in running all these tests if we already determined that
+# the FC compiler isn't working. Some variables (like enable_shared)
+# are currently assumed to apply to all compilers on this platform,
+# and will be corrupted by setting them based on a non-working compiler.
+if test yes != "$_lt_disable_FC"; then
+ # Code to be used in simple compile tests
+ lt_simple_compile_test_code="\
+ subroutine t
+ return
+ end
+"
+
+ # Code to be used in simple link tests
+ lt_simple_link_test_code="\
+ program t
+ end
+"
+
+ # ltmain only uses $CC for tagged configurations so make sure $CC is set.
+ _LT_TAG_COMPILER
+
+ # save warnings/boilerplate of simple test code
+ _LT_COMPILER_BOILERPLATE
+ _LT_LINKER_BOILERPLATE
+
+ # Allow CC to be a program name with arguments.
+ lt_save_CC=$CC
+ lt_save_GCC=$GCC
+ lt_save_CFLAGS=$CFLAGS
+ CC=${FC-"f95"}
+ CFLAGS=$FCFLAGS
+ compiler=$CC
+ GCC=$ac_cv_fc_compiler_gnu
+
+ _LT_TAGVAR(compiler, $1)=$CC
+ _LT_CC_BASENAME([$compiler])
+
+ if test -n "$compiler"; then
+ AC_MSG_CHECKING([if libtool supports shared libraries])
+ AC_MSG_RESULT([$can_build_shared])
+
+ AC_MSG_CHECKING([whether to build shared libraries])
+ test no = "$can_build_shared" && enable_shared=no
+
+ # On AIX, shared libraries and static libraries use the same namespace, and
+ # are all built from PIC.
+ case $host_os in
+ aix3*)
+ test yes = "$enable_shared" && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+ aix[[4-9]]*)
+ if test ia64 != "$host_cpu"; then
+ case $enable_shared,$with_aix_soname,$aix_use_runtimelinking in
+ yes,aix,yes) ;; # shared object as lib.so file only
+ yes,svr4,*) ;; # shared object as lib.so archive member only
+ yes,*) enable_static=no ;; # shared object in lib.a archive as well
+ esac
+ fi
+ ;;
+ esac
+ AC_MSG_RESULT([$enable_shared])
+
+ AC_MSG_CHECKING([whether to build static libraries])
+ # Make sure either enable_shared or enable_static is yes.
+ test yes = "$enable_shared" || enable_static=yes
+ AC_MSG_RESULT([$enable_static])
+
+ _LT_TAGVAR(GCC, $1)=$ac_cv_fc_compiler_gnu
+ _LT_TAGVAR(LD, $1)=$LD
+
+ ## CAVEAT EMPTOR:
+ ## There is no encapsulation within the following macros, do not change
+ ## the running order or otherwise move them around unless you know exactly
+ ## what you are doing...
+ _LT_SYS_HIDDEN_LIBDEPS($1)
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_SYS_DYNAMIC_LINKER($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+
+ _LT_CONFIG($1)
+ fi # test -n "$compiler"
+
+ GCC=$lt_save_GCC
+ CC=$lt_save_CC
+ CFLAGS=$lt_save_CFLAGS
+fi # test yes != "$_lt_disable_FC"
+
+AC_LANG_POP
+])# _LT_LANG_FC_CONFIG
+
+
+# _LT_LANG_GCJ_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for the GNU Java Compiler compiler
+# are suitably defined. These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to 'libtool'.
+m4_defun([_LT_LANG_GCJ_CONFIG],
+[AC_REQUIRE([LT_PROG_GCJ])dnl
+AC_LANG_SAVE
+
+# Source file extension for Java test sources.
+ac_ext=java
+
+# Object file extension for compiled Java test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="class foo {}"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='public class conftest { public static void main(String[[]] argv) {}; }'
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_TAG_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC=$CC
+lt_save_CFLAGS=$CFLAGS
+lt_save_GCC=$GCC
+GCC=yes
+CC=${GCJ-"gcj"}
+CFLAGS=$GCJFLAGS
+compiler=$CC
+_LT_TAGVAR(compiler, $1)=$CC
+_LT_TAGVAR(LD, $1)=$LD
+_LT_CC_BASENAME([$compiler])
+
+# GCJ did not exist at the time GCC didn't implicitly link libc in.
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+ _LT_COMPILER_NO_RTTI($1)
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+
+ _LT_CONFIG($1)
+fi
+
+AC_LANG_RESTORE
+
+GCC=$lt_save_GCC
+CC=$lt_save_CC
+CFLAGS=$lt_save_CFLAGS
+])# _LT_LANG_GCJ_CONFIG
+
+
+# _LT_LANG_GO_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for the GNU Go compiler
+# are suitably defined. These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to 'libtool'.
+m4_defun([_LT_LANG_GO_CONFIG],
+[AC_REQUIRE([LT_PROG_GO])dnl
+AC_LANG_SAVE
+
+# Source file extension for Go test sources.
+ac_ext=go
+
+# Object file extension for compiled Go test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="package main; func main() { }"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='package main; func main() { }'
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_TAG_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC=$CC
+lt_save_CFLAGS=$CFLAGS
+lt_save_GCC=$GCC
+GCC=yes
+CC=${GOC-"gccgo"}
+CFLAGS=$GOFLAGS
+compiler=$CC
+_LT_TAGVAR(compiler, $1)=$CC
+_LT_TAGVAR(LD, $1)=$LD
+_LT_CC_BASENAME([$compiler])
+
+# Go did not exist at the time GCC didn't implicitly link libc in.
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+ _LT_COMPILER_NO_RTTI($1)
+ _LT_COMPILER_PIC($1)
+ _LT_COMPILER_C_O($1)
+ _LT_COMPILER_FILE_LOCKS($1)
+ _LT_LINKER_SHLIBS($1)
+ _LT_LINKER_HARDCODE_LIBPATH($1)
+
+ _LT_CONFIG($1)
+fi
+
+AC_LANG_RESTORE
+
+GCC=$lt_save_GCC
+CC=$lt_save_CC
+CFLAGS=$lt_save_CFLAGS
+])# _LT_LANG_GO_CONFIG
+
+
+# _LT_LANG_RC_CONFIG([TAG])
+# -------------------------
+# Ensure that the configuration variables for the Windows resource compiler
+# are suitably defined. These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to 'libtool'.
+m4_defun([_LT_LANG_RC_CONFIG],
+[AC_REQUIRE([LT_PROG_RC])dnl
+AC_LANG_SAVE
+
+# Source file extension for RC test sources.
+ac_ext=rc
+
+# Object file extension for compiled RC test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }'
+
+# Code to be used in simple link tests
+lt_simple_link_test_code=$lt_simple_compile_test_code
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_TAG_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC=$CC
+lt_save_CFLAGS=$CFLAGS
+lt_save_GCC=$GCC
+GCC=
+CC=${RC-"windres"}
+CFLAGS=
+compiler=$CC
+_LT_TAGVAR(compiler, $1)=$CC
+_LT_CC_BASENAME([$compiler])
+_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
+
+if test -n "$compiler"; then
+ :
+ _LT_CONFIG($1)
+fi
+
+GCC=$lt_save_GCC
+AC_LANG_RESTORE
+CC=$lt_save_CC
+CFLAGS=$lt_save_CFLAGS
+])# _LT_LANG_RC_CONFIG
+
+
+# LT_PROG_GCJ
+# -----------
+AC_DEFUN([LT_PROG_GCJ],
+[m4_ifdef([AC_PROG_GCJ], [AC_PROG_GCJ],
+ [m4_ifdef([A][M_PROG_GCJ], [A][M_PROG_GCJ],
+ [AC_CHECK_TOOL(GCJ, gcj,)
+ test set = "${GCJFLAGS+set}" || GCJFLAGS="-g -O2"
+ AC_SUBST(GCJFLAGS)])])[]dnl
+])
+
+# Old name:
+AU_ALIAS([LT_AC_PROG_GCJ], [LT_PROG_GCJ])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([LT_AC_PROG_GCJ], [])
+
+
+# LT_PROG_GO
+# ----------
+AC_DEFUN([LT_PROG_GO],
+[AC_CHECK_TOOL(GOC, gccgo,)
+])
+
+
+# LT_PROG_RC
+# ----------
+AC_DEFUN([LT_PROG_RC],
+[AC_CHECK_TOOL(RC, windres,)
+])
+
+# Old name:
+AU_ALIAS([LT_AC_PROG_RC], [LT_PROG_RC])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([LT_AC_PROG_RC], [])
+
+
+# _LT_DECL_EGREP
+# --------------
+# If we don't have a new enough Autoconf to choose the best grep
+# available, choose the one first in the user's PATH.
+m4_defun([_LT_DECL_EGREP],
+[AC_REQUIRE([AC_PROG_EGREP])dnl
+AC_REQUIRE([AC_PROG_FGREP])dnl
+test -z "$GREP" && GREP=grep
+_LT_DECL([], [GREP], [1], [A grep program that handles long lines])
+_LT_DECL([], [EGREP], [1], [An ERE matcher])
+_LT_DECL([], [FGREP], [1], [A literal string matcher])
+dnl Non-bleeding-edge autoconf doesn't subst GREP, so do it here too
+AC_SUBST([GREP])
+])
+
+
+# _LT_DECL_OBJDUMP
+# --------------
+# If we don't have a new enough Autoconf to choose the best objdump
+# available, choose the one first in the user's PATH.
+m4_defun([_LT_DECL_OBJDUMP],
+[AC_CHECK_TOOL(OBJDUMP, objdump, false)
+test -z "$OBJDUMP" && OBJDUMP=objdump
+_LT_DECL([], [OBJDUMP], [1], [An object symbol dumper])
+AC_SUBST([OBJDUMP])
+])
+
+# _LT_DECL_DLLTOOL
+# ----------------
+# Ensure DLLTOOL variable is set.
+m4_defun([_LT_DECL_DLLTOOL],
+[AC_CHECK_TOOL(DLLTOOL, dlltool, false)
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+_LT_DECL([], [DLLTOOL], [1], [DLL creation program])
+AC_SUBST([DLLTOOL])
+])
+
+# _LT_DECL_FILECMD
+# ----------------
+# Check for a file(cmd) program that can be used to detect file type and magic
+m4_defun([_LT_DECL_FILECMD],
+[AC_CHECK_TOOL([FILECMD], [file], [:])
+_LT_DECL([], [FILECMD], [1], [A file(cmd) program that detects file types])
+])# _LD_DECL_FILECMD
+
+# _LT_DECL_SED
+# ------------
+# Check for a fully-functional sed program, that truncates
+# as few characters as possible. Prefer GNU sed if found.
+m4_defun([_LT_DECL_SED],
+[AC_PROG_SED
+test -z "$SED" && SED=sed
+Xsed="$SED -e 1s/^X//"
+_LT_DECL([], [SED], [1], [A sed program that does not truncate output])
+_LT_DECL([], [Xsed], ["\$SED -e 1s/^X//"],
+ [Sed that helps us avoid accidentally triggering echo(1) options like -n])
+])# _LT_DECL_SED
+
+m4_ifndef([AC_PROG_SED], [
+############################################################
+# NOTE: This macro has been submitted for inclusion into #
+# GNU Autoconf as AC_PROG_SED. When it is available in #
+# a released version of Autoconf we should remove this #
+# macro and use it instead. #
+############################################################
+
+m4_defun([AC_PROG_SED],
+[AC_MSG_CHECKING([for a sed that does not truncate output])
+AC_CACHE_VAL(lt_cv_path_SED,
+[# Loop through the user's path and test for sed and gsed.
+# Then use that list of sed's as ones to test for truncation.
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for lt_ac_prog in sed gsed; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then
+ lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext"
+ fi
+ done
+ done
+done
+IFS=$as_save_IFS
+lt_ac_max=0
+lt_ac_count=0
+# Add /usr/xpg4/bin/sed as it is typically found on Solaris
+# along with /bin/sed that truncates output.
+for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do
+ test ! -f "$lt_ac_sed" && continue
+ cat /dev/null > conftest.in
+ lt_ac_count=0
+ echo $ECHO_N "0123456789$ECHO_C" >conftest.in
+ # Check for GNU sed and select it if it is found.
+ if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then
+ lt_cv_path_SED=$lt_ac_sed
+ break
+ fi
+ while true; do
+ cat conftest.in conftest.in >conftest.tmp
+ mv conftest.tmp conftest.in
+ cp conftest.in conftest.nl
+ echo >>conftest.nl
+ $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break
+ cmp -s conftest.out conftest.nl || break
+ # 10000 chars as input seems more than enough
+ test 10 -lt "$lt_ac_count" && break
+ lt_ac_count=`expr $lt_ac_count + 1`
+ if test "$lt_ac_count" -gt "$lt_ac_max"; then
+ lt_ac_max=$lt_ac_count
+ lt_cv_path_SED=$lt_ac_sed
+ fi
+ done
+done
+])
+SED=$lt_cv_path_SED
+AC_SUBST([SED])
+AC_MSG_RESULT([$SED])
+])#AC_PROG_SED
+])#m4_ifndef
+
+# Old name:
+AU_ALIAS([LT_AC_PROG_SED], [AC_PROG_SED])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([LT_AC_PROG_SED], [])
+
+
+# _LT_CHECK_SHELL_FEATURES
+# ------------------------
+# Find out whether the shell is Bourne or XSI compatible,
+# or has some other useful features.
+m4_defun([_LT_CHECK_SHELL_FEATURES],
+[if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
+ lt_unset=unset
+else
+ lt_unset=false
+fi
+_LT_DECL([], [lt_unset], [0], [whether the shell understands "unset"])dnl
+
+# test EBCDIC or ASCII
+case `echo X|tr X '\101'` in
+ A) # ASCII based system
+ # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr
+ lt_SP2NL='tr \040 \012'
+ lt_NL2SP='tr \015\012 \040\040'
+ ;;
+ *) # EBCDIC based system
+ lt_SP2NL='tr \100 \n'
+ lt_NL2SP='tr \r\n \100\100'
+ ;;
+esac
+_LT_DECL([SP2NL], [lt_SP2NL], [1], [turn spaces into newlines])dnl
+_LT_DECL([NL2SP], [lt_NL2SP], [1], [turn newlines into spaces])dnl
+])# _LT_CHECK_SHELL_FEATURES
+
+
+# _LT_PATH_CONVERSION_FUNCTIONS
+# -----------------------------
+# Determine what file name conversion functions should be used by
+# func_to_host_file (and, implicitly, by func_to_host_path). These are needed
+# for certain cross-compile configurations and native mingw.
+m4_defun([_LT_PATH_CONVERSION_FUNCTIONS],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+AC_MSG_CHECKING([how to convert $build file names to $host format])
+AC_CACHE_VAL(lt_cv_to_host_file_cmd,
+[case $host in
+ *-*-mingw* )
+ case $build in
+ *-*-mingw* ) # actually msys
+ lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32
+ ;;
+ *-*-cygwin* )
+ lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32
+ ;;
+ * ) # otherwise, assume *nix
+ lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32
+ ;;
+ esac
+ ;;
+ *-*-cygwin* )
+ case $build in
+ *-*-mingw* ) # actually msys
+ lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin
+ ;;
+ *-*-cygwin* )
+ lt_cv_to_host_file_cmd=func_convert_file_noop
+ ;;
+ * ) # otherwise, assume *nix
+ lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin
+ ;;
+ esac
+ ;;
+ * ) # unhandled hosts (and "normal" native builds)
+ lt_cv_to_host_file_cmd=func_convert_file_noop
+ ;;
+esac
+])
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+AC_MSG_RESULT([$lt_cv_to_host_file_cmd])
+_LT_DECL([to_host_file_cmd], [lt_cv_to_host_file_cmd],
+ [0], [convert $build file names to $host format])dnl
+
+AC_MSG_CHECKING([how to convert $build file names to toolchain format])
+AC_CACHE_VAL(lt_cv_to_tool_file_cmd,
+[#assume ordinary cross tools, or native build.
+lt_cv_to_tool_file_cmd=func_convert_file_noop
+case $host in
+ *-*-mingw* )
+ case $build in
+ *-*-mingw* ) # actually msys
+ lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32
+ ;;
+ esac
+ ;;
+esac
+])
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
+AC_MSG_RESULT([$lt_cv_to_tool_file_cmd])
+_LT_DECL([to_tool_file_cmd], [lt_cv_to_tool_file_cmd],
+ [0], [convert $build files to toolchain format])dnl
+])# _LT_PATH_CONVERSION_FUNCTIONS
--- /dev/null
+# Helper functions for option handling. -*- Autoconf -*-
+#
+# Copyright (C) 2004-2005, 2007-2009, 2011-2019, 2021-2022 Free
+# Software Foundation, Inc.
+# Written by Gary V. Vaughan, 2004
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# serial 8 ltoptions.m4
+
+# This is to help aclocal find these macros, as it can't see m4_define.
+AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])])
+
+
+# _LT_MANGLE_OPTION(MACRO-NAME, OPTION-NAME)
+# ------------------------------------------
+m4_define([_LT_MANGLE_OPTION],
+[[_LT_OPTION_]m4_bpatsubst($1__$2, [[^a-zA-Z0-9_]], [_])])
+
+
+# _LT_SET_OPTION(MACRO-NAME, OPTION-NAME)
+# ---------------------------------------
+# Set option OPTION-NAME for macro MACRO-NAME, and if there is a
+# matching handler defined, dispatch to it. Other OPTION-NAMEs are
+# saved as a flag.
+m4_define([_LT_SET_OPTION],
+[m4_define(_LT_MANGLE_OPTION([$1], [$2]))dnl
+m4_ifdef(_LT_MANGLE_DEFUN([$1], [$2]),
+ _LT_MANGLE_DEFUN([$1], [$2]),
+ [m4_warning([Unknown $1 option '$2'])])[]dnl
+])
+
+
+# _LT_IF_OPTION(MACRO-NAME, OPTION-NAME, IF-SET, [IF-NOT-SET])
+# ------------------------------------------------------------
+# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise.
+m4_define([_LT_IF_OPTION],
+[m4_ifdef(_LT_MANGLE_OPTION([$1], [$2]), [$3], [$4])])
+
+
+# _LT_UNLESS_OPTIONS(MACRO-NAME, OPTION-LIST, IF-NOT-SET)
+# -------------------------------------------------------
+# Execute IF-NOT-SET unless all options in OPTION-LIST for MACRO-NAME
+# are set.
+m4_define([_LT_UNLESS_OPTIONS],
+[m4_foreach([_LT_Option], m4_split(m4_normalize([$2])),
+ [m4_ifdef(_LT_MANGLE_OPTION([$1], _LT_Option),
+ [m4_define([$0_found])])])[]dnl
+m4_ifdef([$0_found], [m4_undefine([$0_found])], [$3
+])[]dnl
+])
+
+
+# _LT_SET_OPTIONS(MACRO-NAME, OPTION-LIST)
+# ----------------------------------------
+# OPTION-LIST is a space-separated list of Libtool options associated
+# with MACRO-NAME. If any OPTION has a matching handler declared with
+# LT_OPTION_DEFINE, dispatch to that macro; otherwise complain about
+# the unknown option and exit.
+m4_defun([_LT_SET_OPTIONS],
+[# Set options
+m4_foreach([_LT_Option], m4_split(m4_normalize([$2])),
+ [_LT_SET_OPTION([$1], _LT_Option)])
+
+m4_if([$1],[LT_INIT],[
+ dnl
+ dnl Simply set some default values (i.e off) if boolean options were not
+ dnl specified:
+ _LT_UNLESS_OPTIONS([LT_INIT], [dlopen], [enable_dlopen=no
+ ])
+ _LT_UNLESS_OPTIONS([LT_INIT], [win32-dll], [enable_win32_dll=no
+ ])
+ dnl
+ dnl If no reference was made to various pairs of opposing options, then
+ dnl we run the default mode handler for the pair. For example, if neither
+ dnl 'shared' nor 'disable-shared' was passed, we enable building of shared
+ dnl archives by default:
+ _LT_UNLESS_OPTIONS([LT_INIT], [shared disable-shared], [_LT_ENABLE_SHARED])
+ _LT_UNLESS_OPTIONS([LT_INIT], [static disable-static], [_LT_ENABLE_STATIC])
+ _LT_UNLESS_OPTIONS([LT_INIT], [pic-only no-pic], [_LT_WITH_PIC])
+ _LT_UNLESS_OPTIONS([LT_INIT], [fast-install disable-fast-install],
+ [_LT_ENABLE_FAST_INSTALL])
+ _LT_UNLESS_OPTIONS([LT_INIT], [aix-soname=aix aix-soname=both aix-soname=svr4],
+ [_LT_WITH_AIX_SONAME([aix])])
+ ])
+])# _LT_SET_OPTIONS
+
+
+## --------------------------------- ##
+## Macros to handle LT_INIT options. ##
+## --------------------------------- ##
+
+# _LT_MANGLE_DEFUN(MACRO-NAME, OPTION-NAME)
+# -----------------------------------------
+m4_define([_LT_MANGLE_DEFUN],
+[[_LT_OPTION_DEFUN_]m4_bpatsubst(m4_toupper([$1__$2]), [[^A-Z0-9_]], [_])])
+
+
+# LT_OPTION_DEFINE(MACRO-NAME, OPTION-NAME, CODE)
+# -----------------------------------------------
+m4_define([LT_OPTION_DEFINE],
+[m4_define(_LT_MANGLE_DEFUN([$1], [$2]), [$3])[]dnl
+])# LT_OPTION_DEFINE
+
+
+# dlopen
+# ------
+LT_OPTION_DEFINE([LT_INIT], [dlopen], [enable_dlopen=yes
+])
+
+AU_DEFUN([AC_LIBTOOL_DLOPEN],
+[_LT_SET_OPTION([LT_INIT], [dlopen])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you
+put the 'dlopen' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_DLOPEN], [])
+
+
+# win32-dll
+# ---------
+# Declare package support for building win32 dll's.
+LT_OPTION_DEFINE([LT_INIT], [win32-dll],
+[enable_win32_dll=yes
+
+case $host in
+*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*)
+ AC_CHECK_TOOL(AS, as, false)
+ AC_CHECK_TOOL(DLLTOOL, dlltool, false)
+ AC_CHECK_TOOL(OBJDUMP, objdump, false)
+ ;;
+esac
+
+test -z "$AS" && AS=as
+_LT_DECL([], [AS], [1], [Assembler program])dnl
+
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+_LT_DECL([], [DLLTOOL], [1], [DLL creation program])dnl
+
+test -z "$OBJDUMP" && OBJDUMP=objdump
+_LT_DECL([], [OBJDUMP], [1], [Object dumper program])dnl
+])# win32-dll
+
+AU_DEFUN([AC_LIBTOOL_WIN32_DLL],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+_LT_SET_OPTION([LT_INIT], [win32-dll])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you
+put the 'win32-dll' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_WIN32_DLL], [])
+
+
+# _LT_ENABLE_SHARED([DEFAULT])
+# ----------------------------
+# implement the --enable-shared flag, and supports the 'shared' and
+# 'disable-shared' LT_INIT options.
+# DEFAULT is either 'yes' or 'no'. If omitted, it defaults to 'yes'.
+m4_define([_LT_ENABLE_SHARED],
+[m4_define([_LT_ENABLE_SHARED_DEFAULT], [m4_if($1, no, no, yes)])dnl
+AC_ARG_ENABLE([shared],
+ [AS_HELP_STRING([--enable-shared@<:@=PKGS@:>@],
+ [build shared libraries @<:@default=]_LT_ENABLE_SHARED_DEFAULT[@:>@])],
+ [p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_shared=yes ;;
+ no) enable_shared=no ;;
+ *)
+ enable_shared=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
+ for pkg in $enableval; do
+ IFS=$lt_save_ifs
+ if test "X$pkg" = "X$p"; then
+ enable_shared=yes
+ fi
+ done
+ IFS=$lt_save_ifs
+ ;;
+ esac],
+ [enable_shared=]_LT_ENABLE_SHARED_DEFAULT)
+
+ _LT_DECL([build_libtool_libs], [enable_shared], [0],
+ [Whether or not to build shared libraries])
+])# _LT_ENABLE_SHARED
+
+LT_OPTION_DEFINE([LT_INIT], [shared], [_LT_ENABLE_SHARED([yes])])
+LT_OPTION_DEFINE([LT_INIT], [disable-shared], [_LT_ENABLE_SHARED([no])])
+
+# Old names:
+AC_DEFUN([AC_ENABLE_SHARED],
+[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[shared])
+])
+
+AC_DEFUN([AC_DISABLE_SHARED],
+[_LT_SET_OPTION([LT_INIT], [disable-shared])
+])
+
+AU_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)])
+AU_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_ENABLE_SHARED], [])
+dnl AC_DEFUN([AM_DISABLE_SHARED], [])
+
+
+
+# _LT_ENABLE_STATIC([DEFAULT])
+# ----------------------------
+# implement the --enable-static flag, and support the 'static' and
+# 'disable-static' LT_INIT options.
+# DEFAULT is either 'yes' or 'no'. If omitted, it defaults to 'yes'.
+m4_define([_LT_ENABLE_STATIC],
+[m4_define([_LT_ENABLE_STATIC_DEFAULT], [m4_if($1, no, no, yes)])dnl
+AC_ARG_ENABLE([static],
+ [AS_HELP_STRING([--enable-static@<:@=PKGS@:>@],
+ [build static libraries @<:@default=]_LT_ENABLE_STATIC_DEFAULT[@:>@])],
+ [p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_static=yes ;;
+ no) enable_static=no ;;
+ *)
+ enable_static=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
+ for pkg in $enableval; do
+ IFS=$lt_save_ifs
+ if test "X$pkg" = "X$p"; then
+ enable_static=yes
+ fi
+ done
+ IFS=$lt_save_ifs
+ ;;
+ esac],
+ [enable_static=]_LT_ENABLE_STATIC_DEFAULT)
+
+ _LT_DECL([build_old_libs], [enable_static], [0],
+ [Whether or not to build static libraries])
+])# _LT_ENABLE_STATIC
+
+LT_OPTION_DEFINE([LT_INIT], [static], [_LT_ENABLE_STATIC([yes])])
+LT_OPTION_DEFINE([LT_INIT], [disable-static], [_LT_ENABLE_STATIC([no])])
+
+# Old names:
+AC_DEFUN([AC_ENABLE_STATIC],
+[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[static])
+])
+
+AC_DEFUN([AC_DISABLE_STATIC],
+[_LT_SET_OPTION([LT_INIT], [disable-static])
+])
+
+AU_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)])
+AU_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_ENABLE_STATIC], [])
+dnl AC_DEFUN([AM_DISABLE_STATIC], [])
+
+
+
+# _LT_ENABLE_FAST_INSTALL([DEFAULT])
+# ----------------------------------
+# implement the --enable-fast-install flag, and support the 'fast-install'
+# and 'disable-fast-install' LT_INIT options.
+# DEFAULT is either 'yes' or 'no'. If omitted, it defaults to 'yes'.
+m4_define([_LT_ENABLE_FAST_INSTALL],
+[m4_define([_LT_ENABLE_FAST_INSTALL_DEFAULT], [m4_if($1, no, no, yes)])dnl
+AC_ARG_ENABLE([fast-install],
+ [AS_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@],
+ [optimize for fast installation @<:@default=]_LT_ENABLE_FAST_INSTALL_DEFAULT[@:>@])],
+ [p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_fast_install=yes ;;
+ no) enable_fast_install=no ;;
+ *)
+ enable_fast_install=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
+ for pkg in $enableval; do
+ IFS=$lt_save_ifs
+ if test "X$pkg" = "X$p"; then
+ enable_fast_install=yes
+ fi
+ done
+ IFS=$lt_save_ifs
+ ;;
+ esac],
+ [enable_fast_install=]_LT_ENABLE_FAST_INSTALL_DEFAULT)
+
+_LT_DECL([fast_install], [enable_fast_install], [0],
+ [Whether or not to optimize for fast installation])dnl
+])# _LT_ENABLE_FAST_INSTALL
+
+LT_OPTION_DEFINE([LT_INIT], [fast-install], [_LT_ENABLE_FAST_INSTALL([yes])])
+LT_OPTION_DEFINE([LT_INIT], [disable-fast-install], [_LT_ENABLE_FAST_INSTALL([no])])
+
+# Old names:
+AU_DEFUN([AC_ENABLE_FAST_INSTALL],
+[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[fast-install])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you put
+the 'fast-install' option into LT_INIT's first parameter.])
+])
+
+AU_DEFUN([AC_DISABLE_FAST_INSTALL],
+[_LT_SET_OPTION([LT_INIT], [disable-fast-install])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you put
+the 'disable-fast-install' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_ENABLE_FAST_INSTALL], [])
+dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], [])
+
+
+# _LT_WITH_AIX_SONAME([DEFAULT])
+# ----------------------------------
+# implement the --with-aix-soname flag, and support the `aix-soname=aix'
+# and `aix-soname=both' and `aix-soname=svr4' LT_INIT options. DEFAULT
+# is either `aix', `both' or `svr4'. If omitted, it defaults to `aix'.
+m4_define([_LT_WITH_AIX_SONAME],
+[m4_define([_LT_WITH_AIX_SONAME_DEFAULT], [m4_if($1, svr4, svr4, m4_if($1, both, both, aix))])dnl
+shared_archive_member_spec=
+case $host,$enable_shared in
+power*-*-aix[[5-9]]*,yes)
+ AC_MSG_CHECKING([which variant of shared library versioning to provide])
+ AC_ARG_WITH([aix-soname],
+ [AS_HELP_STRING([--with-aix-soname=aix|svr4|both],
+ [shared library versioning (aka "SONAME") variant to provide on AIX, @<:@default=]_LT_WITH_AIX_SONAME_DEFAULT[@:>@.])],
+ [case $withval in
+ aix|svr4|both)
+ ;;
+ *)
+ AC_MSG_ERROR([Unknown argument to --with-aix-soname])
+ ;;
+ esac
+ lt_cv_with_aix_soname=$with_aix_soname],
+ [AC_CACHE_VAL([lt_cv_with_aix_soname],
+ [lt_cv_with_aix_soname=]_LT_WITH_AIX_SONAME_DEFAULT)
+ with_aix_soname=$lt_cv_with_aix_soname])
+ AC_MSG_RESULT([$with_aix_soname])
+ if test aix != "$with_aix_soname"; then
+ # For the AIX way of multilib, we name the shared archive member
+ # based on the bitwidth used, traditionally 'shr.o' or 'shr_64.o',
+ # and 'shr.imp' or 'shr_64.imp', respectively, for the Import File.
+ # Even when GNU compilers ignore OBJECT_MODE but need '-maix64' flag,
+ # the AIX toolchain works better with OBJECT_MODE set (default 32).
+ if test 64 = "${OBJECT_MODE-32}"; then
+ shared_archive_member_spec=shr_64
+ else
+ shared_archive_member_spec=shr
+ fi
+ fi
+ ;;
+*)
+ with_aix_soname=aix
+ ;;
+esac
+
+_LT_DECL([], [shared_archive_member_spec], [0],
+ [Shared archive member basename, for filename based shared library versioning on AIX])dnl
+])# _LT_WITH_AIX_SONAME
+
+LT_OPTION_DEFINE([LT_INIT], [aix-soname=aix], [_LT_WITH_AIX_SONAME([aix])])
+LT_OPTION_DEFINE([LT_INIT], [aix-soname=both], [_LT_WITH_AIX_SONAME([both])])
+LT_OPTION_DEFINE([LT_INIT], [aix-soname=svr4], [_LT_WITH_AIX_SONAME([svr4])])
+
+
+# _LT_WITH_PIC([MODE])
+# --------------------
+# implement the --with-pic flag, and support the 'pic-only' and 'no-pic'
+# LT_INIT options.
+# MODE is either 'yes' or 'no'. If omitted, it defaults to 'both'.
+m4_define([_LT_WITH_PIC],
+[AC_ARG_WITH([pic],
+ [AS_HELP_STRING([--with-pic@<:@=PKGS@:>@],
+ [try to use only PIC/non-PIC objects @<:@default=use both@:>@])],
+ [lt_p=${PACKAGE-default}
+ case $withval in
+ yes|no) pic_mode=$withval ;;
+ *)
+ pic_mode=default
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
+ for lt_pkg in $withval; do
+ IFS=$lt_save_ifs
+ if test "X$lt_pkg" = "X$lt_p"; then
+ pic_mode=yes
+ fi
+ done
+ IFS=$lt_save_ifs
+ ;;
+ esac],
+ [pic_mode=m4_default([$1], [default])])
+
+_LT_DECL([], [pic_mode], [0], [What type of objects to build])dnl
+])# _LT_WITH_PIC
+
+LT_OPTION_DEFINE([LT_INIT], [pic-only], [_LT_WITH_PIC([yes])])
+LT_OPTION_DEFINE([LT_INIT], [no-pic], [_LT_WITH_PIC([no])])
+
+# Old name:
+AU_DEFUN([AC_LIBTOOL_PICMODE],
+[_LT_SET_OPTION([LT_INIT], [pic-only])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you
+put the 'pic-only' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_PICMODE], [])
+
+## ----------------- ##
+## LTDL_INIT Options ##
+## ----------------- ##
+
+m4_define([_LTDL_MODE], [])
+LT_OPTION_DEFINE([LTDL_INIT], [nonrecursive],
+ [m4_define([_LTDL_MODE], [nonrecursive])])
+LT_OPTION_DEFINE([LTDL_INIT], [recursive],
+ [m4_define([_LTDL_MODE], [recursive])])
+LT_OPTION_DEFINE([LTDL_INIT], [subproject],
+ [m4_define([_LTDL_MODE], [subproject])])
+
+m4_define([_LTDL_TYPE], [])
+LT_OPTION_DEFINE([LTDL_INIT], [installable],
+ [m4_define([_LTDL_TYPE], [installable])])
+LT_OPTION_DEFINE([LTDL_INIT], [convenience],
+ [m4_define([_LTDL_TYPE], [convenience])])
--- /dev/null
+# ltsugar.m4 -- libtool m4 base layer. -*-Autoconf-*-
+#
+# Copyright (C) 2004-2005, 2007-2008, 2011-2019, 2021-2022 Free Software
+# Foundation, Inc.
+# Written by Gary V. Vaughan, 2004
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# serial 6 ltsugar.m4
+
+# This is to help aclocal find these macros, as it can't see m4_define.
+AC_DEFUN([LTSUGAR_VERSION], [m4_if([0.1])])
+
+
+# lt_join(SEP, ARG1, [ARG2...])
+# -----------------------------
+# Produce ARG1SEPARG2...SEPARGn, omitting [] arguments and their
+# associated separator.
+# Needed until we can rely on m4_join from Autoconf 2.62, since all earlier
+# versions in m4sugar had bugs.
+m4_define([lt_join],
+[m4_if([$#], [1], [],
+ [$#], [2], [[$2]],
+ [m4_if([$2], [], [], [[$2]_])$0([$1], m4_shift(m4_shift($@)))])])
+m4_define([_lt_join],
+[m4_if([$#$2], [2], [],
+ [m4_if([$2], [], [], [[$1$2]])$0([$1], m4_shift(m4_shift($@)))])])
+
+
+# lt_car(LIST)
+# lt_cdr(LIST)
+# ------------
+# Manipulate m4 lists.
+# These macros are necessary as long as will still need to support
+# Autoconf-2.59, which quotes differently.
+m4_define([lt_car], [[$1]])
+m4_define([lt_cdr],
+[m4_if([$#], 0, [m4_fatal([$0: cannot be called without arguments])],
+ [$#], 1, [],
+ [m4_dquote(m4_shift($@))])])
+m4_define([lt_unquote], $1)
+
+
+# lt_append(MACRO-NAME, STRING, [SEPARATOR])
+# ------------------------------------------
+# Redefine MACRO-NAME to hold its former content plus 'SEPARATOR''STRING'.
+# Note that neither SEPARATOR nor STRING are expanded; they are appended
+# to MACRO-NAME as is (leaving the expansion for when MACRO-NAME is invoked).
+# No SEPARATOR is output if MACRO-NAME was previously undefined (different
+# than defined and empty).
+#
+# This macro is needed until we can rely on Autoconf 2.62, since earlier
+# versions of m4sugar mistakenly expanded SEPARATOR but not STRING.
+m4_define([lt_append],
+[m4_define([$1],
+ m4_ifdef([$1], [m4_defn([$1])[$3]])[$2])])
+
+
+
+# lt_combine(SEP, PREFIX-LIST, INFIX, SUFFIX1, [SUFFIX2...])
+# ----------------------------------------------------------
+# Produce a SEP delimited list of all paired combinations of elements of
+# PREFIX-LIST with SUFFIX1 through SUFFIXn. Each element of the list
+# has the form PREFIXmINFIXSUFFIXn.
+# Needed until we can rely on m4_combine added in Autoconf 2.62.
+m4_define([lt_combine],
+[m4_if(m4_eval([$# > 3]), [1],
+ [m4_pushdef([_Lt_sep], [m4_define([_Lt_sep], m4_defn([lt_car]))])]]dnl
+[[m4_foreach([_Lt_prefix], [$2],
+ [m4_foreach([_Lt_suffix],
+ ]m4_dquote(m4_dquote(m4_shift(m4_shift(m4_shift($@)))))[,
+ [_Lt_sep([$1])[]m4_defn([_Lt_prefix])[$3]m4_defn([_Lt_suffix])])])])])
+
+
+# lt_if_append_uniq(MACRO-NAME, VARNAME, [SEPARATOR], [UNIQ], [NOT-UNIQ])
+# -----------------------------------------------------------------------
+# Iff MACRO-NAME does not yet contain VARNAME, then append it (delimited
+# by SEPARATOR if supplied) and expand UNIQ, else NOT-UNIQ.
+m4_define([lt_if_append_uniq],
+[m4_ifdef([$1],
+ [m4_if(m4_index([$3]m4_defn([$1])[$3], [$3$2$3]), [-1],
+ [lt_append([$1], [$2], [$3])$4],
+ [$5])],
+ [lt_append([$1], [$2], [$3])$4])])
+
+
+# lt_dict_add(DICT, KEY, VALUE)
+# -----------------------------
+m4_define([lt_dict_add],
+[m4_define([$1($2)], [$3])])
+
+
+# lt_dict_add_subkey(DICT, KEY, SUBKEY, VALUE)
+# --------------------------------------------
+m4_define([lt_dict_add_subkey],
+[m4_define([$1($2:$3)], [$4])])
+
+
+# lt_dict_fetch(DICT, KEY, [SUBKEY])
+# ----------------------------------
+m4_define([lt_dict_fetch],
+[m4_ifval([$3],
+ m4_ifdef([$1($2:$3)], [m4_defn([$1($2:$3)])]),
+ m4_ifdef([$1($2)], [m4_defn([$1($2)])]))])
+
+
+# lt_if_dict_fetch(DICT, KEY, [SUBKEY], VALUE, IF-TRUE, [IF-FALSE])
+# -----------------------------------------------------------------
+m4_define([lt_if_dict_fetch],
+[m4_if(lt_dict_fetch([$1], [$2], [$3]), [$4],
+ [$5],
+ [$6])])
+
+
+# lt_dict_filter(DICT, [SUBKEY], VALUE, [SEPARATOR], KEY, [...])
+# --------------------------------------------------------------
+m4_define([lt_dict_filter],
+[m4_if([$5], [], [],
+ [lt_join(m4_quote(m4_default([$4], [[, ]])),
+ lt_unquote(m4_split(m4_normalize(m4_foreach(_Lt_key, lt_car([m4_shiftn(4, $@)]),
+ [lt_if_dict_fetch([$1], _Lt_key, [$2], [$3], [_Lt_key ])])))))])[]dnl
+])
--- /dev/null
+# ltversion.m4 -- version numbers -*- Autoconf -*-
+#
+# Copyright (C) 2004, 2011-2019, 2021-2022 Free Software Foundation,
+# Inc.
+# Written by Scott James Remnant, 2004
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# @configure_input@
+
+# serial 4245 ltversion.m4
+# This file is part of GNU Libtool
+
+m4_define([LT_PACKAGE_VERSION], [2.4.7])
+m4_define([LT_PACKAGE_REVISION], [2.4.7])
+
+AC_DEFUN([LTVERSION_VERSION],
+[macro_version='2.4.7'
+macro_revision='2.4.7'
+_LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?])
+_LT_DECL(, macro_revision, 0)
+])
--- /dev/null
+# lt~obsolete.m4 -- aclocal satisfying obsolete definitions. -*-Autoconf-*-
+#
+# Copyright (C) 2004-2005, 2007, 2009, 2011-2019, 2021-2022 Free
+# Software Foundation, Inc.
+# Written by Scott James Remnant, 2004.
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# serial 5 lt~obsolete.m4
+
+# These exist entirely to fool aclocal when bootstrapping libtool.
+#
+# In the past libtool.m4 has provided macros via AC_DEFUN (or AU_DEFUN),
+# which have later been changed to m4_define as they aren't part of the
+# exported API, or moved to Autoconf or Automake where they belong.
+#
+# The trouble is, aclocal is a bit thick. It'll see the old AC_DEFUN
+# in /usr/share/aclocal/libtool.m4 and remember it, then when it sees us
+# using a macro with the same name in our local m4/libtool.m4 it'll
+# pull the old libtool.m4 in (it doesn't see our shiny new m4_define
+# and doesn't know about Autoconf macros at all.)
+#
+# So we provide this file, which has a silly filename so it's always
+# included after everything else. This provides aclocal with the
+# AC_DEFUNs it wants, but when m4 processes it, it doesn't do anything
+# because those macros already exist, or will be overwritten later.
+# We use AC_DEFUN over AU_DEFUN for compatibility with aclocal-1.6.
+#
+# Anytime we withdraw an AC_DEFUN or AU_DEFUN, remember to add it here.
+# Yes, that means every name once taken will need to remain here until
+# we give up compatibility with versions before 1.7, at which point
+# we need to keep only those names which we still refer to.
+
+# This is to help aclocal find these macros, as it can't see m4_define.
+AC_DEFUN([LTOBSOLETE_VERSION], [m4_if([1])])
+
+m4_ifndef([AC_LIBTOOL_LINKER_OPTION], [AC_DEFUN([AC_LIBTOOL_LINKER_OPTION])])
+m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP])])
+m4_ifndef([_LT_AC_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH])])
+m4_ifndef([_LT_AC_SHELL_INIT], [AC_DEFUN([_LT_AC_SHELL_INIT])])
+m4_ifndef([_LT_AC_SYS_LIBPATH_AIX], [AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX])])
+m4_ifndef([_LT_PROG_LTMAIN], [AC_DEFUN([_LT_PROG_LTMAIN])])
+m4_ifndef([_LT_AC_TAGVAR], [AC_DEFUN([_LT_AC_TAGVAR])])
+m4_ifndef([AC_LTDL_ENABLE_INSTALL], [AC_DEFUN([AC_LTDL_ENABLE_INSTALL])])
+m4_ifndef([AC_LTDL_PREOPEN], [AC_DEFUN([AC_LTDL_PREOPEN])])
+m4_ifndef([_LT_AC_SYS_COMPILER], [AC_DEFUN([_LT_AC_SYS_COMPILER])])
+m4_ifndef([_LT_AC_LOCK], [AC_DEFUN([_LT_AC_LOCK])])
+m4_ifndef([AC_LIBTOOL_SYS_OLD_ARCHIVE], [AC_DEFUN([AC_LIBTOOL_SYS_OLD_ARCHIVE])])
+m4_ifndef([_LT_AC_TRY_DLOPEN_SELF], [AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF])])
+m4_ifndef([AC_LIBTOOL_PROG_CC_C_O], [AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O])])
+m4_ifndef([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], [AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS])])
+m4_ifndef([AC_LIBTOOL_OBJDIR], [AC_DEFUN([AC_LIBTOOL_OBJDIR])])
+m4_ifndef([AC_LTDL_OBJDIR], [AC_DEFUN([AC_LTDL_OBJDIR])])
+m4_ifndef([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], [AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH])])
+m4_ifndef([AC_LIBTOOL_SYS_LIB_STRIP], [AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP])])
+m4_ifndef([AC_PATH_MAGIC], [AC_DEFUN([AC_PATH_MAGIC])])
+m4_ifndef([AC_PROG_LD_GNU], [AC_DEFUN([AC_PROG_LD_GNU])])
+m4_ifndef([AC_PROG_LD_RELOAD_FLAG], [AC_DEFUN([AC_PROG_LD_RELOAD_FLAG])])
+m4_ifndef([AC_DEPLIBS_CHECK_METHOD], [AC_DEFUN([AC_DEPLIBS_CHECK_METHOD])])
+m4_ifndef([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI])])
+m4_ifndef([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], [AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE])])
+m4_ifndef([AC_LIBTOOL_PROG_COMPILER_PIC], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC])])
+m4_ifndef([AC_LIBTOOL_PROG_LD_SHLIBS], [AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS])])
+m4_ifndef([AC_LIBTOOL_POSTDEP_PREDEP], [AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP])])
+m4_ifndef([LT_AC_PROG_EGREP], [AC_DEFUN([LT_AC_PROG_EGREP])])
+m4_ifndef([LT_AC_PROG_SED], [AC_DEFUN([LT_AC_PROG_SED])])
+m4_ifndef([_LT_CC_BASENAME], [AC_DEFUN([_LT_CC_BASENAME])])
+m4_ifndef([_LT_COMPILER_BOILERPLATE], [AC_DEFUN([_LT_COMPILER_BOILERPLATE])])
+m4_ifndef([_LT_LINKER_BOILERPLATE], [AC_DEFUN([_LT_LINKER_BOILERPLATE])])
+m4_ifndef([_AC_PROG_LIBTOOL], [AC_DEFUN([_AC_PROG_LIBTOOL])])
+m4_ifndef([AC_LIBTOOL_SETUP], [AC_DEFUN([AC_LIBTOOL_SETUP])])
+m4_ifndef([_LT_AC_CHECK_DLFCN], [AC_DEFUN([_LT_AC_CHECK_DLFCN])])
+m4_ifndef([AC_LIBTOOL_SYS_DYNAMIC_LINKER], [AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER])])
+m4_ifndef([_LT_AC_TAGCONFIG], [AC_DEFUN([_LT_AC_TAGCONFIG])])
+m4_ifndef([AC_DISABLE_FAST_INSTALL], [AC_DEFUN([AC_DISABLE_FAST_INSTALL])])
+m4_ifndef([_LT_AC_LANG_CXX], [AC_DEFUN([_LT_AC_LANG_CXX])])
+m4_ifndef([_LT_AC_LANG_F77], [AC_DEFUN([_LT_AC_LANG_F77])])
+m4_ifndef([_LT_AC_LANG_GCJ], [AC_DEFUN([_LT_AC_LANG_GCJ])])
+m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])])
+m4_ifndef([_LT_AC_LANG_C_CONFIG], [AC_DEFUN([_LT_AC_LANG_C_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])])
+m4_ifndef([_LT_AC_LANG_CXX_CONFIG], [AC_DEFUN([_LT_AC_LANG_CXX_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_F77_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG])])
+m4_ifndef([_LT_AC_LANG_F77_CONFIG], [AC_DEFUN([_LT_AC_LANG_F77_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_GCJ_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG])])
+m4_ifndef([_LT_AC_LANG_GCJ_CONFIG], [AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_RC_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG])])
+m4_ifndef([_LT_AC_LANG_RC_CONFIG], [AC_DEFUN([_LT_AC_LANG_RC_CONFIG])])
+m4_ifndef([AC_LIBTOOL_CONFIG], [AC_DEFUN([AC_LIBTOOL_CONFIG])])
+m4_ifndef([_LT_AC_FILE_LTDLL_C], [AC_DEFUN([_LT_AC_FILE_LTDLL_C])])
+m4_ifndef([_LT_REQUIRED_DARWIN_CHECKS], [AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS])])
+m4_ifndef([_LT_AC_PROG_CXXCPP], [AC_DEFUN([_LT_AC_PROG_CXXCPP])])
+m4_ifndef([_LT_PREPARE_SED_QUOTE_VARS], [AC_DEFUN([_LT_PREPARE_SED_QUOTE_VARS])])
+m4_ifndef([_LT_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_PROG_ECHO_BACKSLASH])])
+m4_ifndef([_LT_PROG_F77], [AC_DEFUN([_LT_PROG_F77])])
+m4_ifndef([_LT_PROG_FC], [AC_DEFUN([_LT_PROG_FC])])
+m4_ifndef([_LT_PROG_CXX], [AC_DEFUN([_LT_PROG_CXX])])
)
endif
-$(XMLSEC_PROGRAM):
+$(XMLSEC_PROGRAM):
@cd ../apps;make
$(XMLSEC_CONFIG_PROGRAM):
-
+
clean-local:
( if [ z"$(XMLSEC1_MAN_SRC)" != z"$(XMLSEC1_MAN)" ]; then \
rm -rf $(XMLSEC1_MAN) ; \
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = man
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+man1dir = $(mandir)/man1
+am__installdirs = "$(DESTDIR)$(man1dir)"
+NROFF = nroff
+MANS = $(man_MANS)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+XMLSEC1_MAN = $(builddir)/xmlsec1.1
+XMLSEC1_CONFIG_MAN = $(builddir)/xmlsec1-config.1
+XMLSEC1_MAN_SRC = $(srcdir)/xmlsec1.1
+XMLSEC1_CONFIG_MAN_SRC = $(srcdir)/xmlsec1-config.1
+man_MANS = \
+ $(XMLSEC1_MAN) \
+ $(XMLSEC1_CONFIG_MAN) \
+ $(NULL)
+
+EXTRA_DIST = \
+ $(XMLSEC1_MAN) \
+ $(XMLSEC1_CONFIG_MAN) \
+ $(NULL)
+
+XMLSEC_PROGRAM = $(top_builddir)/apps/xmlsec1
+XMLSEC_CONFIG_PROGRAM = $(top_builddir)/xmlsec1-config
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign man/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign man/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-man1: $(man_MANS)
+ @$(NORMAL_INSTALL)
+ @list1=''; \
+ list2='$(man_MANS)'; \
+ test -n "$(man1dir)" \
+ && test -n "`echo $$list1$$list2`" \
+ || exit 0; \
+ echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \
+ { for i in $$list1; do echo "$$i"; done; \
+ if test -n "$$list2"; then \
+ for i in $$list2; do echo "$$i"; done \
+ | sed -n '/\.1[a-z]*$$/p'; \
+ fi; \
+ } | while read p; do \
+ if test -f $$p; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; echo "$$p"; \
+ done | \
+ sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \
+ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \
+ sed 'N;N;s,\n, ,g' | { \
+ list=; while read file base inst; do \
+ if test "$$base" = "$$inst"; then list="$$list $$file"; else \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \
+ fi; \
+ done; \
+ for i in $$list; do echo "$$i"; done | $(am__base_list) | \
+ while read files; do \
+ test -z "$$files" || { \
+ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \
+ $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \
+ done; }
+
+uninstall-man1:
+ @$(NORMAL_UNINSTALL)
+ @list=''; test -n "$(man1dir)" || exit 0; \
+ files=`{ for i in $$list; do echo "$$i"; done; \
+ l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \
+ sed -n '/\.1[a-z]*$$/p'; \
+ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \
+ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
+ dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir)
+tags TAGS:
+
+ctags CTAGS:
+
+cscope cscopelist:
+
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(MANS)
+installdirs:
+ for dir in "$(DESTDIR)$(man1dir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-local mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-local
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man: install-man1
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-man
+
+uninstall-man: uninstall-man1
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am check check-am clean clean-generic clean-libtool \
+ clean-local cscopelist-am ctags-am distclean distclean-generic \
+ distclean-libtool distclean-local distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-man install-man1 install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \
+ uninstall-am uninstall-man uninstall-man1
+
+.PRECIOUS: Makefile
+
+
+all: $(man_MANS) $(XMLSEC_HTML)
+
+@BUILD_MANPAGES_TRUE@$(XMLSEC1_MAN): $(XMLSEC_PROGRAM)
+@BUILD_MANPAGES_TRUE@ $(HELP2MAN) --help-option=--help-all --no-info \
+@BUILD_MANPAGES_TRUE@ --name="sign, verify, encrypt and decrypt XML documents" \
+@BUILD_MANPAGES_TRUE@ --version-option=--version \
+@BUILD_MANPAGES_TRUE@ --output=$(XMLSEC1_MAN) \
+@BUILD_MANPAGES_TRUE@ $(XMLSEC_PROGRAM)
+@BUILD_MANPAGES_FALSE@$(XMLSEC1_MAN):
+@BUILD_MANPAGES_FALSE@ @( \
+@BUILD_MANPAGES_FALSE@ echo "Copying xmlsec1 manpage ..."; \
+@BUILD_MANPAGES_FALSE@ if [ z"$(XMLSEC1_MAN_SRC)" != z"$(XMLSEC1_MAN)" ]; \
+@BUILD_MANPAGES_FALSE@ then \
+@BUILD_MANPAGES_FALSE@ $(CP) -u $(XMLSEC1_MAN_SRC) $(XMLSEC1_MAN) ; \
+@BUILD_MANPAGES_FALSE@ fi \
+@BUILD_MANPAGES_FALSE@ )
+
+@BUILD_MANPAGES_TRUE@$(XMLSEC1_CONFIG_MAN): $(XMLSEC_CONFIG_PROGRAM)
+@BUILD_MANPAGES_TRUE@ $(HELP2MAN) --help-option=--help --no-info \
+@BUILD_MANPAGES_TRUE@ --name="detail installed version of xmlsec library" \
+@BUILD_MANPAGES_TRUE@ --version-option=--version \
+@BUILD_MANPAGES_TRUE@ --output=$(XMLSEC1_CONFIG_MAN) \
+@BUILD_MANPAGES_TRUE@ $(XMLSEC_CONFIG_PROGRAM)
+@BUILD_MANPAGES_FALSE@$(XMLSEC1_CONFIG_MAN):
+@BUILD_MANPAGES_FALSE@ @( \
+@BUILD_MANPAGES_FALSE@ echo "Copying xmlsec1-config manpage ..."; \
+@BUILD_MANPAGES_FALSE@ if [ z"$(XMLSEC1_CONFIG_MAN_SRC)" != z"$(XMLSEC1_CONFIG_MAN)" ]; then \
+@BUILD_MANPAGES_FALSE@ $(CP) -u $(XMLSEC1_CONFIG_MAN_SRC) $(XMLSEC1_CONFIG_MAN) ; \
+@BUILD_MANPAGES_FALSE@ fi \
+@BUILD_MANPAGES_FALSE@ )
+
+$(XMLSEC_PROGRAM):
+ @cd ../apps;make
+
+$(XMLSEC_CONFIG_PROGRAM):
+
+clean-local:
+ ( if [ z"$(XMLSEC1_MAN_SRC)" != z"$(XMLSEC1_MAN)" ]; then \
+ rm -rf $(XMLSEC1_MAN) ; \
+ fi )
+ ( if [ z"$(XMLSEC1_CONFIG_MAN_SRC)" != z"$(XMLSEC1_CONFIG_MAN)" ]; then \
+ rm -rf $(XMLSEC1_CONFIG_MAN) ; \
+ fi )
+
+distclean-local: clean-local
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
-.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6.
-.TH XMLSEC1-CONFIG "1" "April 2019" "xmlsec1-config 1.2.28" "User Commands"
+.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.3.
+.TH XMLSEC1-CONFIG "1" "December 2023" "xmlsec1-config 1.2.39" "User Commands"
.SH NAME
xmlsec1-config \- detail installed version of xmlsec library
.SH SYNOPSIS
-.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6.
-.TH XMLSEC1 "1" "April 2019" "xmlsec1 1.2.28 (openssl)" "User Commands"
+.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.3.
+.TH XMLSEC1 "1" "December 2023" "xmlsec1 1.2.39 (openssl)" "User Commands"
.SH NAME
xmlsec1 \- sign, verify, encrypt and decrypt XML documents
.SH SYNOPSIS
the local time in "YYYY\-MM\-DD HH:MM:SS" format
used certificates verification
.HP
+\fB\-\-verification\-gmt\-time\fR <time>
+.IP
+the GMT time in "YYYY\-MM\-DD HH:MM:SS" format
+used certificates verification
+.HP
\fB\-\-depth\fR <number>
.IP
maximum certificates chain depth
.IP
do not verify certificates
.HP
+\fB\-\-privkey\-openssl\-engine[\fR:<name>] <openssl\-engine>;<openssl\-key\-id>[,<crtfile>[,<crtfile>[...]]]
+.IP
+load private key by OpenSSL ENGINE interface; specify the name of engine
+(like with \fB\-engine\fR params), the key specs (like with \fB\-inkey\fR or \fB\-key\fR params)
+and optionally certificates that verify this key
+.HP
\fB\-\-crypto\fR <name>
.IP
the name of the crypto engine to use from the following
.SH "REPORTING BUGS"
Report bugs to http://www.aleksey.com/xmlsec/bugs.html
.SH COPYRIGHT
-Copyright \(co 2002\-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved..
+Copyright \(co 2002\-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved..
.br
This is free software: see the source for copying information.
--- /dev/null
+#! /bin/sh
+# Common wrapper for a few potentially missing GNU programs.
+
+scriptversion=2018-03-07.03; # UTC
+
+# Copyright (C) 1996-2021 Free Software Foundation, Inc.
+# Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+if test $# -eq 0; then
+ echo 1>&2 "Try '$0 --help' for more information"
+ exit 1
+fi
+
+case $1 in
+
+ --is-lightweight)
+ # Used by our autoconf macros to check whether the available missing
+ # script is modern enough.
+ exit 0
+ ;;
+
+ --run)
+ # Back-compat with the calling convention used by older automake.
+ shift
+ ;;
+
+ -h|--h|--he|--hel|--help)
+ echo "\
+$0 [OPTION]... PROGRAM [ARGUMENT]...
+
+Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due
+to PROGRAM being missing or too old.
+
+Options:
+ -h, --help display this help and exit
+ -v, --version output version information and exit
+
+Supported PROGRAM values:
+ aclocal autoconf autoheader autom4te automake makeinfo
+ bison yacc flex lex help2man
+
+Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and
+'g' are ignored when checking the name.
+
+Send bug reports to <bug-automake@gnu.org>."
+ exit $?
+ ;;
+
+ -v|--v|--ve|--ver|--vers|--versi|--versio|--version)
+ echo "missing $scriptversion (GNU Automake)"
+ exit $?
+ ;;
+
+ -*)
+ echo 1>&2 "$0: unknown '$1' option"
+ echo 1>&2 "Try '$0 --help' for more information"
+ exit 1
+ ;;
+
+esac
+
+# Run the given program, remember its exit status.
+"$@"; st=$?
+
+# If it succeeded, we are done.
+test $st -eq 0 && exit 0
+
+# Also exit now if we it failed (or wasn't found), and '--version' was
+# passed; such an option is passed most likely to detect whether the
+# program is present and works.
+case $2 in --version|--help) exit $st;; esac
+
+# Exit code 63 means version mismatch. This often happens when the user
+# tries to use an ancient version of a tool on a file that requires a
+# minimum version.
+if test $st -eq 63; then
+ msg="probably too old"
+elif test $st -eq 127; then
+ # Program was missing.
+ msg="missing on your system"
+else
+ # Program was found and executed, but failed. Give up.
+ exit $st
+fi
+
+perl_URL=https://www.perl.org/
+flex_URL=https://github.com/westes/flex
+gnu_software_URL=https://www.gnu.org/software
+
+program_details ()
+{
+ case $1 in
+ aclocal|automake)
+ echo "The '$1' program is part of the GNU Automake package:"
+ echo "<$gnu_software_URL/automake>"
+ echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:"
+ echo "<$gnu_software_URL/autoconf>"
+ echo "<$gnu_software_URL/m4/>"
+ echo "<$perl_URL>"
+ ;;
+ autoconf|autom4te|autoheader)
+ echo "The '$1' program is part of the GNU Autoconf package:"
+ echo "<$gnu_software_URL/autoconf/>"
+ echo "It also requires GNU m4 and Perl in order to run:"
+ echo "<$gnu_software_URL/m4/>"
+ echo "<$perl_URL>"
+ ;;
+ esac
+}
+
+give_advice ()
+{
+ # Normalize program name to check for.
+ normalized_program=`echo "$1" | sed '
+ s/^gnu-//; t
+ s/^gnu//; t
+ s/^g//; t'`
+
+ printf '%s\n' "'$1' is $msg."
+
+ configure_deps="'configure.ac' or m4 files included by 'configure.ac'"
+ case $normalized_program in
+ autoconf*)
+ echo "You should only need it if you modified 'configure.ac',"
+ echo "or m4 files included by it."
+ program_details 'autoconf'
+ ;;
+ autoheader*)
+ echo "You should only need it if you modified 'acconfig.h' or"
+ echo "$configure_deps."
+ program_details 'autoheader'
+ ;;
+ automake*)
+ echo "You should only need it if you modified 'Makefile.am' or"
+ echo "$configure_deps."
+ program_details 'automake'
+ ;;
+ aclocal*)
+ echo "You should only need it if you modified 'acinclude.m4' or"
+ echo "$configure_deps."
+ program_details 'aclocal'
+ ;;
+ autom4te*)
+ echo "You might have modified some maintainer files that require"
+ echo "the 'autom4te' program to be rebuilt."
+ program_details 'autom4te'
+ ;;
+ bison*|yacc*)
+ echo "You should only need it if you modified a '.y' file."
+ echo "You may want to install the GNU Bison package:"
+ echo "<$gnu_software_URL/bison/>"
+ ;;
+ lex*|flex*)
+ echo "You should only need it if you modified a '.l' file."
+ echo "You may want to install the Fast Lexical Analyzer package:"
+ echo "<$flex_URL>"
+ ;;
+ help2man*)
+ echo "You should only need it if you modified a dependency" \
+ "of a man page."
+ echo "You may want to install the GNU Help2man package:"
+ echo "<$gnu_software_URL/help2man/>"
+ ;;
+ makeinfo*)
+ echo "You should only need it if you modified a '.texi' file, or"
+ echo "any other file indirectly affecting the aspect of the manual."
+ echo "You might want to install the Texinfo package:"
+ echo "<$gnu_software_URL/texinfo/>"
+ echo "The spurious makeinfo call might also be the consequence of"
+ echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might"
+ echo "want to install GNU make:"
+ echo "<$gnu_software_URL/make/>"
+ ;;
+ *)
+ echo "You might have modified some files without having the proper"
+ echo "tools for further handling them. Check the 'README' file, it"
+ echo "often tells you about the needed prerequisites for installing"
+ echo "this package. You may also peek at any GNU archive site, in"
+ echo "case some other package contains this missing '$1' program."
+ ;;
+ esac
+}
+
+give_advice "$1" | sed -e '1s/^/WARNING: /' \
+ -e '2,$s/^/ /' >&2
+
+# Propagate the correct exit status (expected to be 127 for a program
+# not found, 63 for a program that failed due to version mismatch).
+exit $st
+
+# Local variables:
+# eval: (add-hook 'before-save-hook 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC0"
+# time-stamp-end: "; # UTC"
+# End:
%define keepstatic 1
Name: xmlsec1
-Version: 1.2.28
+Version: 1.2.39
Release: 0
License: MIT
Summary: Library providing support for "XML Signature" and "XML Encryption" standards
-#!/bin/sh
+#!/bin/sh
-# config
-cov_url="https://scan.coverity.com/builds?project=xmlsec"
-cov_email="aleksey@aleksey.com"
+# input
cov_token=$1
version=$2
-cur_pwd=`pwd`
-today=`date +%F-%H-%M-%S`
-
-git_uri=git@github.com:lsh123/xmlsec.git
-rpm_root=/usr/src/redhat
-build_root="/tmp/xmlsec-build-area-$today"
-tar_file="xmlsec1-$version-$today.tar.gz"
-
-if [ x"$version" = x ]; then
+if [ "x$version" = "x" ]; then
echo "Usage: $0 <token> <version>"
exit 1
fi
-echo "============== Creating build area $build_root for building xmlsec1-$version"
-rm -rf "$build_root"
-mkdir -p "$build_root"
-cd "$build_root"
-
-echo "============== Checking out the module '$git_url'"
-git clone $git_uri
-cd xmlsec
-find . -name ".git" | xargs rm -r
+# config
+cov_url="https://scan.coverity.com/builds?project=xmlsec"
+cov_email="aleksey@aleksey.com"
+cur_pwd=`pwd`
+today=`date +%F-%H-%M-%S`
+tar_file="xmlsec1-$version-$today.tar.gz"
-echo "============== Building xmlsec1-$version with coverity"
-./autogen.sh --prefix=/usr --sysconfdir=/etc
-cov-build --dir cov-int make
+echo "============= Building xmlsec"
+make clean
+rm -rf cov-int/
+cov-build --dir cov-int make -j4
tar czvf "$tar_file" cov-int
echo "============== Uploading to Coverity"
--- /dev/null
+#!/bin/sh
+
+# config
+configure_options=""
+configure_options="$configure_options --enable-static-linking --enable-crypto-dl=no"
+configure_options="$configure_options --enable-manpages-build --enable-docs-build"
+configure_options="$configure_options --enable-md5 --enable-ripemd160"
+cur_pwd=`pwd`
+today=`date +%F-%H-%M-%S`
+
+echo "============= Building xmlsec"
+make distclean
+./autogen.sh $configure_options
+make
+
+echo "============== Cleanup"
+cd "$cur_pwd"
+
-#!/bin/sh
+#!/bin/sh
#
# Usage: build_release.sh <version> [<release-candidate-tag>]
#
sig_file="xmlsec1-$version.sig"
rc_tar_file="xmlsec1-$version-$rc.tar.gz"
rc_sig_file="xmlsec1-$version-$rc.sig"
-git_release_branch="xmlsec-$version-release"
+git_1_2_x_branch="xmlsec-1_2_x"
+git_release_branch=`echo "xmlsec-$version" | sed 's/\./_/g'`
git_version_tag=`echo $version | sed 's/\./_/g'`
if [ x"$version" = x ]; then
if [ x"$rc" != x ]; then
echo "============== Switching to release branch '$git_release_branch' for RC build '$rc'"
git checkout $git_release_branch
+else
+ echo "============== Switching to 1.2.x branch '$git_1_2_x_branch'"
+ git checkout $git_1_2_x_branch
fi
find . -name ".git" | xargs rm -r
echo "RUN MANUALLY: git push --follow-tags"
fi
+echo "======== Publish release to website:"
+if [ x"$rc" = x ]; then
+ echo "RUN MANUALLY: scp $tar_file $sig_file smtp.aleksey.com:"
+ echo "ssh to smtp.aleksey.com, run the ./bin/push-xmlsec-docs.sh $version"
+ echo "then switch symlink for /home/apps/www/aleksey.com/xmlsec/current"
+else
+ echo "RUN MANUALLY: scp $rc_tar_file $rc_sig_file smtp.aleksey.com:"
+ echo "ssh to smtp.aleksey.com, run the ./bin/push-xmlsec-docs.sh $version-$rc"
+ echo "then switch symlink for /home/apps/www/aleksey.com/xmlsec/rc/"
+fi
+
+echo "========= Publish release to github:"
+echo "Download release from website, go to github releases, use newly created tag and "
+echo "tarball to publish release; after that create announcement about the release in the "
+echo "github dicussions"
+
+
echo "============== Cleanup"
#rm -rf "$build_root"
--- /dev/null
+#!/bin/perl
+#
+# Usage:
+# egrep -r -A8 -n 'xmlSec.*Error[0-9]?\(' ./src/ | sed 's/ //g' | perl ./scripts/check-return.pl
+#
+
+my $has_return = 0;
+my $where = "";
+foreach my $line ( <STDIN> ) {
+ chomp( $line );
+ if($line eq "--" || $line eq '}' || $line eq 'continue' || $line eq 'break') {
+ if(not $has_return) {
+ print("FOUND MISSING RETURN: $where\n");
+ }
+ $has_return = 0;
+ $where = "";
+ } elsif($line =~ /.*Error.*/ && $where eq "") {
+ # print("Found error: $line\n");
+ $where = $line
+ } elsif($line =~ /.*goto.*/ || $line =~ /.*return.*/ || $line =~ /.*ignoreerror.*/) {
+ $has_return = 1;
+ }
+}
\ No newline at end of file
--- /dev/null
+#!/bin/sh
+#
+# Usage: parse_log_valgrind.sh <log-file>
+#
+
+
+# config
+log=$1
+
+if [ x"$log" = x ]; then
+ echo "Usage: $0 <log-file>"
+ exit 1
+fi
+
+grep 'ERROR SUMMARY' $log | sed 's/^[=0-9]* *//' | sort -u
+grep 'definitely lost' $log | sed 's/^[=0-9]* *//' | sort -u
+grep 'indirectly lost' $log | sed 's/^[=0-9]* *//' | sort -u
+grep 'possibly lost' $log | sed 's/^[=0-9]* *//' | sort -u
+grep 'still reachable' $log | sed 's/^[=0-9]* *//' | sort -u
+
--- /dev/null
+#!/bin/sh
+
+if [ "`uname`" = "Darwin" ]; then
+ # openssl
+ export PKG_CONFIG_PATH="/usr/local/opt/openssl/lib/pkgconfig:$PKG_CONFIG_PATH"
+
+ # nspr/nss
+ export PATH="/usr/local/opt/nss/bin:$PATH"
+ export PKG_CONFIG_PATH="/usr/local/opt/nss/lib/pkgconfig:$PKG_CONFIG_PATH"
+fi
$(NULL)
EXTRA_DIST = \
+ cast_helpers.h \
errors_helpers.h \
+ keysdata_helpers.h \
+ transform_helpers.h \
globals.h \
kw_aes_des.h \
+ xslt.h \
skeleton \
mscrypto \
$(XMLSEC_CRYPTO_DISABLED_LIST) \
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@XMLSEC_ENABLE_SOAP_TRUE@am__append_1 = soap.c
+subdir = src
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(libdir)"
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+libxmlsec1_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1)
+am__libxmlsec1_la_SOURCES_DIST = app.c base64.c bn.c buffer.c c14n.c \
+ dl.c enveloped.c errors.c io.c keyinfo.c keys.c keysdata.c \
+ keysmngr.c kw_aes_des.c list.c membuf.c nodeset.c parser.c \
+ relationship.c strings.c templates.c transforms.c x509.c \
+ xmldsig.c xmlenc.c xmlsec.c xmltree.c xpath.c xslt.c soap.c
+am__objects_1 =
+@XMLSEC_ENABLE_SOAP_TRUE@am__objects_2 = soap.lo
+am_libxmlsec1_la_OBJECTS = app.lo base64.lo bn.lo buffer.lo c14n.lo \
+ dl.lo enveloped.lo errors.lo io.lo keyinfo.lo keys.lo \
+ keysdata.lo keysmngr.lo kw_aes_des.lo list.lo membuf.lo \
+ nodeset.lo parser.lo relationship.lo strings.lo templates.lo \
+ transforms.lo x509.lo xmldsig.lo xmlenc.lo xmlsec.lo \
+ xmltree.lo xpath.lo xslt.lo $(am__objects_1) $(am__objects_2)
+libxmlsec1_la_OBJECTS = $(am_libxmlsec1_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+libxmlsec1_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(libxmlsec1_la_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/app.Plo ./$(DEPDIR)/base64.Plo \
+ ./$(DEPDIR)/bn.Plo ./$(DEPDIR)/buffer.Plo ./$(DEPDIR)/c14n.Plo \
+ ./$(DEPDIR)/dl.Plo ./$(DEPDIR)/enveloped.Plo \
+ ./$(DEPDIR)/errors.Plo ./$(DEPDIR)/io.Plo \
+ ./$(DEPDIR)/keyinfo.Plo ./$(DEPDIR)/keys.Plo \
+ ./$(DEPDIR)/keysdata.Plo ./$(DEPDIR)/keysmngr.Plo \
+ ./$(DEPDIR)/kw_aes_des.Plo ./$(DEPDIR)/list.Plo \
+ ./$(DEPDIR)/membuf.Plo ./$(DEPDIR)/nodeset.Plo \
+ ./$(DEPDIR)/parser.Plo ./$(DEPDIR)/relationship.Plo \
+ ./$(DEPDIR)/soap.Plo ./$(DEPDIR)/strings.Plo \
+ ./$(DEPDIR)/templates.Plo ./$(DEPDIR)/transforms.Plo \
+ ./$(DEPDIR)/x509.Plo ./$(DEPDIR)/xmldsig.Plo \
+ ./$(DEPDIR)/xmlenc.Plo ./$(DEPDIR)/xmlsec.Plo \
+ ./$(DEPDIR)/xmltree.Plo ./$(DEPDIR)/xpath.Plo \
+ ./$(DEPDIR)/xslt.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(libxmlsec1_la_SOURCES)
+DIST_SOURCES = $(am__libxmlsec1_la_SOURCES_DIST)
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+ ctags-recursive dvi-recursive html-recursive info-recursive \
+ install-data-recursive install-dvi-recursive \
+ install-exec-recursive install-html-recursive \
+ install-info-recursive install-pdf-recursive \
+ install-ps-recursive install-recursive installcheck-recursive \
+ installdirs-recursive pdf-recursive ps-recursive \
+ tags-recursive uninstall-recursive
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
+ distclean-recursive maintainer-clean-recursive
+am__recursive_targets = \
+ $(RECURSIVE_TARGETS) \
+ $(RECURSIVE_CLEAN_TARGETS) \
+ $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
+ distdir distdir-am
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+am__relativize = \
+ dir0=`pwd`; \
+ sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+ sed_rest='s,^[^/]*/*,,'; \
+ sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+ sed_butlast='s,/*[^/]*$$,,'; \
+ while test -n "$$dir1"; do \
+ first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+ if test "$$first" != "."; then \
+ if test "$$first" = ".."; then \
+ dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+ dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+ else \
+ first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+ if test "$$first2" = "$$first"; then \
+ dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+ else \
+ dir2="../$$dir2"; \
+ fi; \
+ dir0="$$dir0"/"$$first"; \
+ fi; \
+ fi; \
+ dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+ done; \
+ reldir="$$dir2"
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+SUBDIRS = . $(XMLSEC_CRYPTO_LIST)
+AM_CFLAGS = \
+ -DPACKAGE=\"@PACKAGE@\" \
+ -DXMLSEC_DEFAULT_CRYPTO=\"@XMLSEC_DEFAULT_CRYPTO@\" \
+ -I../include \
+ -I$(top_srcdir)/include \
+ $(XMLSEC_DEFINES) \
+ $(XMLSEC_DL_INCLUDES) \
+ $(LIBXSLT_CFLAGS) \
+ $(LIBXML_CFLAGS) \
+ $(NULL)
+
+EXTRA_DIST = \
+ cast_helpers.h \
+ errors_helpers.h \
+ keysdata_helpers.h \
+ transform_helpers.h \
+ globals.h \
+ kw_aes_des.h \
+ xslt.h \
+ skeleton \
+ mscrypto \
+ $(XMLSEC_CRYPTO_DISABLED_LIST) \
+ $(NULL)
+
+lib_LTLIBRARIES = \
+ libxmlsec1.la \
+ $(NULL)
+
+libxmlsec1_la_SOURCES = $(LTDL_SOURCE_FILES) app.c base64.c bn.c \
+ buffer.c c14n.c dl.c enveloped.c errors.c io.c keyinfo.c \
+ keys.c keysdata.c keysmngr.c kw_aes_des.c list.c membuf.c \
+ nodeset.c parser.c relationship.c strings.c templates.c \
+ transforms.c x509.c xmldsig.c xmlenc.c xmlsec.c xmltree.c \
+ xpath.c xslt.c $(NULL) $(am__append_1)
+libxmlsec1_la_LIBADD = \
+ $(LIBXSLT_LIBS) \
+ $(LIBXML_LIBS) \
+ $(XMLSEC_DL_LIBS) \
+ $(NULL)
+
+libxmlsec1_la_LDFLAGS = \
+ @XMLSEC_EXTRA_LDFLAGS@ \
+ -version-info @XMLSEC_VERSION_INFO@ \
+ $(NULL)
+
+all: all-recursive
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign src/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+ }
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+
+libxmlsec1.la: $(libxmlsec1_la_OBJECTS) $(libxmlsec1_la_DEPENDENCIES) $(EXTRA_libxmlsec1_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(libxmlsec1_la_LINK) -rpath $(libdir) $(libxmlsec1_la_OBJECTS) $(libxmlsec1_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/app.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/base64.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bn.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/buffer.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/c14n.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dl.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/enveloped.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/errors.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/io.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keyinfo.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keysdata.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keysmngr.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kw_aes_des.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/list.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/membuf.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nodeset.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parser.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/relationship.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/soap.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strings.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/templates.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/transforms.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x509.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmldsig.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmlenc.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmlsec.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmltree.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xpath.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xslt.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+ @$(MKDIR_P) $(@D)
+ @echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+# (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+ @fail=; \
+ if $(am__make_keepgoing); then \
+ failcom='fail=yes'; \
+ else \
+ failcom='exit 1'; \
+ fi; \
+ dot_seen=no; \
+ target=`echo $@ | sed s/-recursive//`; \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ if test "$$subdir" = "."; then \
+ dot_seen=yes; \
+ local_target="$$target-am"; \
+ else \
+ local_target="$$target"; \
+ fi; \
+ ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+ || eval $$failcom; \
+ done; \
+ if test "$$dot_seen" = "no"; then \
+ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+ fi; test -z "$$fail"
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-recursive
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+ include_option=--etags-include; \
+ empty_fix=.; \
+ else \
+ include_option=--include; \
+ empty_fix=; \
+ fi; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ test ! -f $$subdir/TAGS || \
+ set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
+ fi; \
+ done; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-recursive
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-recursive
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+ @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" = .; then :; else \
+ $(am__make_dryrun) \
+ || test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
+ dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+ $(am__relativize); \
+ new_distdir=$$reldir; \
+ dir1=$$subdir; dir2="$(top_distdir)"; \
+ $(am__relativize); \
+ new_top_distdir=$$reldir; \
+ echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
+ echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
+ ($(am__cd) $$subdir && \
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$$new_top_distdir" \
+ distdir="$$new_distdir" \
+ am__remove_distdir=: \
+ am__skip_length_check=: \
+ am__skip_mode_fix=: \
+ distdir) \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-recursive
+all-am: Makefile $(LTLIBRARIES)
+installdirs: installdirs-recursive
+installdirs-am:
+ for dir in "$(DESTDIR)$(libdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-recursive
+ -rm -f ./$(DEPDIR)/app.Plo
+ -rm -f ./$(DEPDIR)/base64.Plo
+ -rm -f ./$(DEPDIR)/bn.Plo
+ -rm -f ./$(DEPDIR)/buffer.Plo
+ -rm -f ./$(DEPDIR)/c14n.Plo
+ -rm -f ./$(DEPDIR)/dl.Plo
+ -rm -f ./$(DEPDIR)/enveloped.Plo
+ -rm -f ./$(DEPDIR)/errors.Plo
+ -rm -f ./$(DEPDIR)/io.Plo
+ -rm -f ./$(DEPDIR)/keyinfo.Plo
+ -rm -f ./$(DEPDIR)/keys.Plo
+ -rm -f ./$(DEPDIR)/keysdata.Plo
+ -rm -f ./$(DEPDIR)/keysmngr.Plo
+ -rm -f ./$(DEPDIR)/kw_aes_des.Plo
+ -rm -f ./$(DEPDIR)/list.Plo
+ -rm -f ./$(DEPDIR)/membuf.Plo
+ -rm -f ./$(DEPDIR)/nodeset.Plo
+ -rm -f ./$(DEPDIR)/parser.Plo
+ -rm -f ./$(DEPDIR)/relationship.Plo
+ -rm -f ./$(DEPDIR)/soap.Plo
+ -rm -f ./$(DEPDIR)/strings.Plo
+ -rm -f ./$(DEPDIR)/templates.Plo
+ -rm -f ./$(DEPDIR)/transforms.Plo
+ -rm -f ./$(DEPDIR)/x509.Plo
+ -rm -f ./$(DEPDIR)/xmldsig.Plo
+ -rm -f ./$(DEPDIR)/xmlenc.Plo
+ -rm -f ./$(DEPDIR)/xmlsec.Plo
+ -rm -f ./$(DEPDIR)/xmltree.Plo
+ -rm -f ./$(DEPDIR)/xpath.Plo
+ -rm -f ./$(DEPDIR)/xslt.Plo
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+html-am:
+
+info: info-recursive
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-recursive
+
+install-dvi-am:
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-recursive
+
+install-html-am:
+
+install-info: install-info-recursive
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-pdf-am:
+
+install-ps: install-ps-recursive
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+ -rm -f ./$(DEPDIR)/app.Plo
+ -rm -f ./$(DEPDIR)/base64.Plo
+ -rm -f ./$(DEPDIR)/bn.Plo
+ -rm -f ./$(DEPDIR)/buffer.Plo
+ -rm -f ./$(DEPDIR)/c14n.Plo
+ -rm -f ./$(DEPDIR)/dl.Plo
+ -rm -f ./$(DEPDIR)/enveloped.Plo
+ -rm -f ./$(DEPDIR)/errors.Plo
+ -rm -f ./$(DEPDIR)/io.Plo
+ -rm -f ./$(DEPDIR)/keyinfo.Plo
+ -rm -f ./$(DEPDIR)/keys.Plo
+ -rm -f ./$(DEPDIR)/keysdata.Plo
+ -rm -f ./$(DEPDIR)/keysmngr.Plo
+ -rm -f ./$(DEPDIR)/kw_aes_des.Plo
+ -rm -f ./$(DEPDIR)/list.Plo
+ -rm -f ./$(DEPDIR)/membuf.Plo
+ -rm -f ./$(DEPDIR)/nodeset.Plo
+ -rm -f ./$(DEPDIR)/parser.Plo
+ -rm -f ./$(DEPDIR)/relationship.Plo
+ -rm -f ./$(DEPDIR)/soap.Plo
+ -rm -f ./$(DEPDIR)/strings.Plo
+ -rm -f ./$(DEPDIR)/templates.Plo
+ -rm -f ./$(DEPDIR)/transforms.Plo
+ -rm -f ./$(DEPDIR)/x509.Plo
+ -rm -f ./$(DEPDIR)/xmldsig.Plo
+ -rm -f ./$(DEPDIR)/xmlenc.Plo
+ -rm -f ./$(DEPDIR)/xmlsec.Plo
+ -rm -f ./$(DEPDIR)/xmltree.Plo
+ -rm -f ./$(DEPDIR)/xpath.Plo
+ -rm -f ./$(DEPDIR)/xslt.Plo
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am: uninstall-libLTLIBRARIES
+
+.MAKE: $(am__recursive_targets) install-am install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \
+ am--depfiles check check-am clean clean-generic \
+ clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \
+ ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs installdirs-am \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
+ uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:app
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:base64
#include <xmlsec/base64.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
/*
* the table to map numbers to base64
*/
#define xmlSecBase64Encode3(b, c) ((((b) << 2) & 0x3c) + (((c) >> 6) & 0x03))
#define xmlSecBase64Encode4(c) ((c) & 0x3F)
-#define xmlSecBase64Decode1(a, b) (((a) << 2) | (((b) & 0x3F) >> 4))
-#define xmlSecBase64Decode2(b, c) (((b) << 4) | (((c) & 0x3F) >> 2))
-#define xmlSecBase64Decode3(c, d) (((c) << 6) | ((d) & 0x3F))
+#define xmlSecBase64Decode1(a, b) ((xmlSecByte)(((a) << 2) | (((b) & 0x3F) >> 4)))
+#define xmlSecBase64Decode2(b, c) ((xmlSecByte)(((b) << 4) | (((c) & 0x3F) >> 2)))
+#define xmlSecBase64Decode3(c, d) ((xmlSecByte)(((c) << 6) | ((d) & 0x3F)))
#define xmlSecIsBase64Char(ch) ((((ch) >= 'A') && ((ch) <= 'Z')) || \
(((ch) >= 'a') && ((ch) <= 'z')) || \
struct _xmlSecBase64Ctx {
int encode;
+ xmlSecSize columns;
int inByte;
- int inPos;
+ xmlSecSize inPos;
xmlSecSize linePos;
- xmlSecSize columns;
int finished;
};
memset(ctx, 0, sizeof(xmlSecBase64Ctx));
- ctx->encode = encode;
- ctx->columns = columns;
+ ctx->encode = encode;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(columns, ctx->columns, return(-1), NULL);
return(0);
}
}
/**
- * xmlSecBase64CtxUpdate:
+ * xmlSecBase64CtxUpdate_ex:
* @ctx: the pointer to #xmlSecBase64Ctx structure
* @in: the input buffer
* @inSize: the input buffer size
* @out: the output buffer
* @outSize: the output buffer size
+ * @outWritten: the pointer to store the number of bytes written into the output
*
* Encodes or decodes the next piece of data from input buffer.
*
- * Returns: the number of bytes written to output buffer or
- * -1 if an error occurs.
+ * Returns: 0 on success and a negative value otherwise.
*/
int
-xmlSecBase64CtxUpdate(xmlSecBase64CtxPtr ctx,
- const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize) {
- xmlSecSize inResSize = 0, outResSize = 0;
+xmlSecBase64CtxUpdate_ex(xmlSecBase64CtxPtr ctx, const xmlSecByte *in, xmlSecSize inSize,
+ xmlSecByte *out, xmlSecSize outSize, xmlSecSize* outWritten) {
+ xmlSecSize inRead = 0;
int ret;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(out != NULL, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
if(ctx->encode != 0) {
- ret = xmlSecBase64CtxEncode(ctx, in, inSize, &inResSize,
- out, outSize, &outResSize);
- if((ret < 0) || (inResSize != inSize)) {
+ ret = xmlSecBase64CtxEncode(ctx, in, inSize, &inRead, out, outSize, outWritten);
+ if((ret < 0) || (inRead != inSize)) {
xmlSecInternalError("xmlSecBase64CtxEncode", NULL);
return(-1);
}
} else {
- ret = xmlSecBase64CtxDecode(ctx, in, inSize, &inResSize,
- out, outSize, &outResSize);
- if((ret < 0) || (inResSize != inSize)) {
+ ret = xmlSecBase64CtxDecode(ctx, in, inSize, &inRead, out, outSize, outWritten);
+ if((ret < 0) || (inRead != inSize)) {
xmlSecInternalError("xmlSecBase64CtxDecode", NULL);
return(-1);
}
}
- return(outResSize);
+ return(0);
}
/**
- * xmlSecBase64CtxFinal:
+ * xmlSecBase64CtxFinal_ex:
* @ctx: the pointer to #xmlSecBase64Ctx structure
* @out: the output buffer
* @outSize: the output buffer size
+ * @outWritten: the pointer to store the number of bytes written into the output
*
* Encodes or decodes the last piece of data stored in the context
* and finalizes the result.
*
- * Returns: the number of bytes written to output buffer or
- * -1 if an error occurs.
+ * Returns: 0 on success and a negative value otherwise.
*/
int
-xmlSecBase64CtxFinal(xmlSecBase64CtxPtr ctx,
- xmlSecByte *out, xmlSecSize outSize) {
- xmlSecSize outResSize = 0;
- int ret;
-
+xmlSecBase64CtxFinal_ex(xmlSecBase64CtxPtr ctx, xmlSecByte *out, xmlSecSize outSize, xmlSecSize* outWritten) {
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize > 0, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
if(ctx->encode != 0) {
- ret = xmlSecBase64CtxEncodeFinal(ctx, out, outSize, &outResSize);
+ int ret;
+
+ ret = xmlSecBase64CtxEncodeFinal(ctx, out, outSize, outWritten);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBase64CtxEncodeFinal", NULL, "outSize=%d", outSize);
+ xmlSecInternalError2("xmlSecBase64CtxEncodeFinal", NULL,
+ "outSize=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
} else {
xmlSecInternalError("xmlSecBase64CtxDecodeIsFinished", NULL);
return(-1);
}
+ (*outWritten) = 0;
}
- /* add \0 */
- if((outResSize + 1) < outSize) {
- out[outResSize] = '\0';
+ /* add \0 just in case (if we can) */
+ if(((*outWritten) + 1) < outSize) {
+ out[(*outWritten)] = '\0';
}
- return(outResSize);
+ return(0);
}
static xmlSecBase64Status
return(xmlSecBase64StatusConsumeAndNext);
}
- xmlSecInvalidIntegerDataError("ctx->inPos", ctx->inPos, "0,1,2,3", NULL);
+ xmlSecInvalidSizeDataError("ctx->inPos", ctx->inPos, "0,1,2,3", NULL);
return(xmlSecBase64StatusFailed);
}
return(xmlSecBase64StatusConsumeAndRepeat);
}
- xmlSecInvalidIntegerDataError("ctx->inPos", ctx->inPos, "0,1,2,3", NULL);
+ xmlSecInvalidSizeDataError("ctx->inPos", ctx->inPos, "0,1,2,3", NULL);
return(xmlSecBase64StatusFailed);
}
ctx->inPos = 0;
return(xmlSecBase64StatusNext);
} else {
- xmlSecInvalidIntegerDataError("ctx->inPos", ctx->inPos, "2,3", NULL);
+ xmlSecInvalidSizeDataError("ctx->inPos", ctx->inPos, "2,3", NULL);
return(xmlSecBase64StatusFailed);
}
} else if(xmlSecIsBase64Space(inByte)) {
/* convert from character to position in base64 array */
if((inByte >= 'A') && (inByte <= 'Z')) {
- inByte = (inByte - 'A');
+ inByte = (xmlSecByte)(inByte - 'A');
} else if((inByte >= 'a') && (inByte <= 'z')) {
- inByte = 26 + (inByte - 'a');
+ inByte = (xmlSecByte)(26 + (inByte - 'a'));
} else if((inByte >= '0') && (inByte <= '9')) {
- inByte = 52 + (inByte - '0');
+ inByte = (xmlSecByte)(52 + (inByte - '0'));
} else if(inByte == '+') {
- inByte = 62;
+ inByte = (xmlSecByte)62;
} else if(inByte == '/') {
- inByte = 63;
+ inByte = (xmlSecByte)63;
}
if(ctx->inPos == 0) {
++ctx->inPos;
return(xmlSecBase64StatusNext);
} else if(ctx->inPos == 1) {
- (*outByte) = (xmlSecByte)xmlSecBase64Decode1(ctx->inByte, inByte);
+ (*outByte) = xmlSecBase64Decode1(ctx->inByte, inByte);
ctx->inByte = inByte;
++ctx->inPos;
return(xmlSecBase64StatusConsumeAndNext);
} else if(ctx->inPos == 2) {
- (*outByte) = (xmlSecByte)xmlSecBase64Decode2(ctx->inByte, inByte);
+ (*outByte) = xmlSecBase64Decode2(ctx->inByte, inByte);
ctx->inByte = inByte;
++ctx->inPos;
return(xmlSecBase64StatusConsumeAndNext);
} else if(ctx->inPos == 3) {
- (*outByte) = (xmlSecByte)xmlSecBase64Decode3(ctx->inByte, inByte);
+ (*outByte) = xmlSecBase64Decode3(ctx->inByte, inByte);
ctx->inByte = 0;
ctx->inPos = 0;
return(xmlSecBase64StatusConsumeAndNext);
}
- xmlSecInvalidIntegerDataError("ctx->inPos", ctx->inPos, "0,1,2,3", NULL);
+ xmlSecInvalidSizeDataError("ctx->inPos", ctx->inPos, "0,1,2,3", NULL);
return(xmlSecBase64StatusFailed);
}
case xmlSecBase64StatusNext:
case xmlSecBase64StatusDone:
case xmlSecBase64StatusFailed:
- xmlSecInternalError2("xmlSecBase64CtxEncodeByte", NULL, "status=%d", status);
+ xmlSecInternalError2("xmlSecBase64CtxEncodeByte", NULL,
+ "status=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(status));
return(-1);
}
}
}
static int
-xmlSecBase64CtxEncodeFinal(xmlSecBase64CtxPtr ctx,
- xmlSecByte* outBuf, xmlSecSize outBufSize, xmlSecSize* outBufResSize) {
+xmlSecBase64CtxEncodeFinal(xmlSecBase64CtxPtr ctx, xmlSecByte* outBuf, xmlSecSize outBufSize,
+ xmlSecSize* outBufResSize) {
+
xmlSecBase64Status status = xmlSecBase64StatusNext;
xmlSecSize outPos;
break;
case xmlSecBase64StatusNext:
case xmlSecBase64StatusFailed:
- xmlSecInternalError2("xmlSecBase64CtxEncodeByteFinal", NULL, "status=%d", status);
+ xmlSecInternalError2("xmlSecBase64CtxEncodeByteFinal", NULL,
+ "status=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(status));
return(-1);
}
}
case xmlSecBase64StatusDone:
break;
case xmlSecBase64StatusFailed:
- xmlSecInternalError2("xmlSecBase64CtxDecodeByte", NULL, "status=%d", status);
+ xmlSecInternalError2("xmlSecBase64CtxDecodeByte", NULL,
+ "status=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(status));
return(-1);
}
}
return((ctx->inPos == 0) ? 1 : 0);
}
+static xmlSecSize
+xmlSecBase64GetEncodeSize(xmlSecBase64CtxPtr ctx, xmlSecSize inLen) {
+ xmlSecSize size;
+
+ xmlSecAssert2(ctx != NULL, 0);
+
+ size = (4 * inLen) / 3 + 4;
+ if(ctx->columns > 0) {
+ size += (size / ctx->columns) + 4;
+ }
+ return(size + 1);
+}
+
/**
* xmlSecBase64Encode:
- * @buf: the input buffer.
- * @len: the input buffer size.
+ * @in: the input buffer.
+ * @inSize: the input buffer size.
* @columns: the output max line length (if 0 then no line breaks
* would be inserted)
*
* or NULL if an error occurs.
*/
xmlChar*
-xmlSecBase64Encode(const xmlSecByte *buf, xmlSecSize len, int columns) {
+xmlSecBase64Encode(const xmlSecByte *in, xmlSecSize inSize, int columns) {
xmlSecBase64Ctx ctx;
- xmlChar *ptr;
- xmlSecSize size;
- int size_update, size_final;
+ int ctx_initialized = 0;
+ xmlSecByte* ptr = NULL;
+ xmlChar* res = NULL;
+ xmlSecSize outSize, outUpdatedSize, outFinalSize;
int ret;
- xmlSecAssert2(buf != NULL, NULL);
+ xmlSecAssert2(in != NULL, NULL);
ret = xmlSecBase64CtxInitialize(&ctx, 1, columns);
if(ret < 0) {
xmlSecInternalError("xmlSecBase64CtxInitialize", NULL);
- return(NULL);
+ goto done;
}
+ ctx_initialized = 1;
/* create result buffer */
- size = (4 * len) / 3 + 4;
- if(columns > 0) {
- size += (size / columns) + 4;
+ outSize = xmlSecBase64GetEncodeSize(&ctx, inSize);
+ if(outSize == 0) {
+ xmlSecInternalError("xmlSecBase64GetEncodeSize", NULL);
+ goto done;
}
- ptr = (xmlChar*) xmlMalloc(size);
+ ptr = (xmlSecByte*)xmlMalloc(outSize);
if(ptr == NULL) {
- xmlSecMallocError(size, NULL);
- xmlSecBase64CtxFinalize(&ctx);
- return(NULL);
+ xmlSecMallocError(outSize, NULL);
+ goto done;
}
- ret = xmlSecBase64CtxUpdate(&ctx, buf, len, (xmlSecByte*)ptr, size);
- if(ret < 0) {
- xmlSecInternalError3("xmlSecBase64CtxUpdate", NULL,
- "len=%lu;size=%lu",
- (unsigned long)len, (unsigned long)size);
- xmlFree(ptr);
- xmlSecBase64CtxFinalize(&ctx);
- return(NULL);
+ ret = xmlSecBase64CtxUpdate_ex(&ctx, in, inSize, ptr, outSize, &outUpdatedSize);
+ if (ret < 0) {
+ xmlSecInternalError3("xmlSecBase64CtxUpdate_ex", NULL,
+ "inSize=" XMLSEC_SIZE_FMT "; outSize=" XMLSEC_SIZE_FMT, inSize, outSize);
+ goto done;
}
- size_update = ret;
- ret = xmlSecBase64CtxFinal(&ctx, ((xmlSecByte*)ptr) + size_update, size - size_update);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64CtxFinal", NULL);
+ ret = xmlSecBase64CtxFinal_ex(&ctx, ptr + outUpdatedSize, outSize - outUpdatedSize,
+ &outFinalSize);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBase64CtxFinal_ex", NULL);
+ goto done;
+ }
+
+ /* success */
+ ptr[outUpdatedSize + outFinalSize] = '\0';
+ res = BAD_CAST(ptr);
+ ptr = NULL;
+
+done:
+ if(ptr != NULL) {
xmlFree(ptr);
+ }
+ if(ctx_initialized != 0) {
xmlSecBase64CtxFinalize(&ctx);
- return(NULL);
}
- size_final = ret;
- ptr[size_update + size_final] = '\0';
-
- xmlSecBase64CtxFinalize(&ctx);
- return(ptr);
+ return(res);
}
/**
- * xmlSecBase64Decode:
+ * xmlSecBase64Decode_ex:
* @str: the input buffer with base64 encoded string
- * @buf: the output buffer
- * @len: the output buffer size
+ * @out: the output buffer
+ * @outSize: the output buffer size
+ * @outWritten: the pointer to store the number of bytes written into the output.
*
* Decodes input base64 encoded string and puts result into
* the output buffer.
*
- * Returns: the number of bytes written to the output buffer or
- * a negative value if an error occurs
+ * Returns: 0 on success and a negative value otherwise.
*/
int
-xmlSecBase64Decode(const xmlChar* str, xmlSecByte *buf, xmlSecSize len) {
+xmlSecBase64Decode_ex(const xmlChar* str, xmlSecByte* out, xmlSecSize outSize, xmlSecSize* outWritten) {
xmlSecBase64Ctx ctx;
- int size_update;
- int size_final;
+ int ctx_initialized = 0;
+ xmlSecSize outUpdateSize, outFinalSize;
int ret;
+ int res = -1;
xmlSecAssert2(str != NULL, -1);
- xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(out != NULL, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
ret = xmlSecBase64CtxInitialize(&ctx, 0, 0);
if(ret < 0) {
xmlSecInternalError("xmlSecBase64CtxInitialize", NULL);
- return(-1);
+ goto done;
}
+ ctx_initialized = 1;
- ret = xmlSecBase64CtxUpdate(&ctx, (const xmlSecByte*)str, xmlStrlen(str), buf, len);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64CtxUpdate", NULL);
+ ret = xmlSecBase64CtxUpdate_ex(&ctx, (const xmlSecByte*)str, xmlSecStrlen(str),
+ out, outSize, &outUpdateSize);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBase64CtxUpdate_ex", NULL);
+ goto done;
+ }
+
+ ret = xmlSecBase64CtxFinal_ex(&ctx, out + outUpdateSize, outSize - outUpdateSize,
+ &outFinalSize);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBase64CtxFinal_ex", NULL);
+ goto done;
+ }
+
+ /* success */
+ (*outWritten) = (outUpdateSize + outFinalSize);
+ res = 0;
+
+done:
+ if(ctx_initialized != 0) {
xmlSecBase64CtxFinalize(&ctx);
+ }
+ return(res);
+}
+
+/**
+ * xmlSecBase64DecodeInPlace:
+ * @str: the input/output buffer
+ * @outWritten: the pointer to store the number of bytes written into the output.
+ *
+ * Decodes input base64 encoded string from @str "in-place" (i.e. puts results into @str buffer).
+ *
+ * Returns: 0 on success and a negative value otherwise.
+ */
+int
+xmlSecBase64DecodeInPlace(xmlChar* str, xmlSecSize* outWritten) {
+ xmlSecAssert2(str != NULL, -1);
+ return(xmlSecBase64Decode_ex(str, (xmlSecByte*)str, xmlSecStrlen(str) + 1,outWritten));
+}
+
+/**************************************************************
+ *
+ * Deprecated functions for backward compatibility
+ *
+ **************************************************************/
+
+/**
+ * xmlSecBase64CtxUpdate:
+ * @ctx: the pointer to #xmlSecBase64Ctx structure
+ * @in: the input buffer
+ * @inSize: the input buffer size
+ * @out: the output buffer
+ * @outSize: the output buffer size
+ *
+ * DEPRECATED. Encodes or decodes the next piece of data from input buffer.
+ *
+ * Returns: the number of bytes written to output buffer or
+ * -1 if an error occurs.
+ */
+int
+xmlSecBase64CtxUpdate(xmlSecBase64CtxPtr ctx, const xmlSecByte* in, xmlSecSize inSize,
+ xmlSecByte* out, xmlSecSize outSize) {
+
+ int ret;
+ xmlSecSize outWritten;
+ int res;
+
+ ret = xmlSecBase64CtxUpdate_ex(ctx, in, inSize, out, outSize, &outWritten);
+ if (ret < 0) {
return(-1);
}
- size_update = ret;
- ret = xmlSecBase64CtxFinal(&ctx, buf + size_update, len - size_update);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64CtxFinal", NULL);
- xmlSecBase64CtxFinalize(&ctx);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(outWritten, res, return(-1), NULL);
+ return(res);
+}
+
+
+/**
+ * xmlSecBase64CtxFinal:
+ * @ctx: the pointer to #xmlSecBase64Ctx structure
+ * @out: the output buffer
+ * @outSize: the output buffer size
+ *
+ * DEPRECATED. Encodes or decodes the last piece of data stored in the context
+ * and finalizes the result.
+ *
+ * Returns: the number of bytes written to output buffer or
+ * -1 if an error occurs.
+ */
+int
+xmlSecBase64CtxFinal(xmlSecBase64CtxPtr ctx, xmlSecByte* out, xmlSecSize outSize) {
+ int ret;
+ xmlSecSize outWritten;
+ int res;
+
+ ret = xmlSecBase64CtxFinal_ex(ctx, out, outSize, &outWritten);
+ if (ret < 0) {
+ return(-1);
+ }
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(outWritten, res, return(-1), NULL);
+ return(res);
+}
+
+ /**
+ * xmlSecBase64Decode:
+ * @str: the input buffer with base64 encoded string
+ * @out: the output buffer
+ * @outSize: the output buffer size
+ *
+ * DEPRECATED. Decodes input base64 encoded string and puts result into
+ * the output buffer.
+ *
+ * Returns: the number of bytes written to the output buffer or
+ * a negative value if an error occurs
+ */
+int
+xmlSecBase64Decode(const xmlChar* str, xmlSecByte* out, xmlSecSize outSize) {
+ int ret;
+ xmlSecSize outWritten;
+ int res;
+
+ ret = xmlSecBase64Decode_ex(str, out, outSize, &outWritten);
+ if (ret < 0) {
return(-1);
}
- size_final = ret;
- xmlSecBase64CtxFinalize(&ctx);
- return(size_update + size_final);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(outWritten, res, return(-1), NULL);
+ return(res);
}
+
/**************************************************************
*
* Base64 Transform
*
- * xmlSecBase64Ctx is located after xmlSecTransform
+ * xmlSecTransform + xmlSecBase64Ctx
*
**************************************************************/
-#define xmlSecBase64Size \
- (sizeof(xmlSecTransform) + sizeof(xmlSecBase64Ctx))
-#define xmlSecBase64GetCtx(transform) \
- ((xmlSecTransformCheckSize((transform), xmlSecBase64Size)) ? \
- (xmlSecBase64CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
- (xmlSecBase64CtxPtr)NULL)
+XMLSEC_TRANSFORM_DECLARE(Base64, xmlSecBase64Ctx)
+#define xmlSecBase64Size XMLSEC_TRANSFORM_SIZE(Base64)
static int xmlSecBase64Initialize (xmlSecTransformPtr transform);
static void xmlSecBase64Finalize (xmlSecTransformPtr transform);
xmlSecBase64Initialize(xmlSecTransformPtr transform) {
xmlSecBase64CtxPtr ctx;
int ret;
+ int columns;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformBase64Id), -1);
ctx = xmlSecBase64GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
+ columns = xmlSecBase64GetDefaultLineSize();
transform->operation = xmlSecTransformOperationDecode;
- ret = xmlSecBase64CtxInitialize(ctx, 0, xmlSecBase64GetDefaultLineSize());
+ ret = xmlSecBase64CtxInitialize(ctx, 0, columns);
if(ret < 0) {
- xmlSecInternalError("xmlSecBase64CtxInitialize",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecBase64CtxInitialize", xmlSecTransformGetName(transform));
return(-1);
}
xmlSecBase64Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
xmlSecBase64CtxPtr ctx;
xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize, outLen;
+ xmlSecSize inSize, outSize, outMaxLen, outLen;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformBase64Id), -1);
outSize = xmlSecBufferGetSize(out);
if(inSize > 0) {
if(ctx->encode != 0) {
- outLen = 4 * inSize / 3 + 8;
+ outMaxLen = 4 * inSize / 3 + 8;
if(ctx->columns > 0) {
- outLen += inSize / ctx->columns + 4;
+ outMaxLen += inSize / ctx->columns + 4;
}
} else {
- outLen = 3 * inSize / 4 + 8;
+ outMaxLen = 3 * inSize / 4 + 8;
}
- ret = xmlSecBufferSetMaxSize(out, outSize + outLen);
+ ret = xmlSecBufferSetMaxSize(out, outSize + outMaxLen);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize + outLen);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, (outSize + outMaxLen));
return(-1);
}
/* encode/decode the next chunk */
- ret = xmlSecBase64CtxUpdate(ctx, xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out) + outSize,
- outLen);
+ ret = xmlSecBase64CtxUpdate_ex(ctx, xmlSecBufferGetData(in), inSize,
+ xmlSecBufferGetData(out) + outSize, outMaxLen, &outLen);
if(ret < 0) {
- xmlSecInternalError("xmlSecBase64CtxUpdate",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecBase64CtxUpdate_ex", xmlSecTransformGetName(transform));
return(-1);
}
- outLen = ret;
/* set correct size */
ret = xmlSecBufferSetSize(out, outSize + outLen);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize + outLen);
+ xmlSecInternalError2("xmlSecBufferSetSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, (outSize + outLen));
return(-1);
}
/* remove chunk from input */
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
}
if(last) {
outSize = xmlSecBufferGetSize(out);
+ outMaxLen = 16; /* last block */
- ret = xmlSecBufferSetMaxSize(out, outSize + 16);
+ ret = xmlSecBufferSetMaxSize(out, outSize + outMaxLen);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize + 16);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, (outSize + outMaxLen));
return(-1);
}
/* add from ctx buffer */
- ret = xmlSecBase64CtxFinal(ctx, xmlSecBufferGetData(out) + outSize, 16);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64CtxFinal",
- xmlSecTransformGetName(transform));
+ ret = xmlSecBase64CtxFinal_ex(ctx, xmlSecBufferGetData(out) + outSize,
+ outMaxLen, &outLen);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBase64CtxFinal_ex", xmlSecTransformGetName(transform));
return(-1);
}
- outLen = ret;
/* set correct size */
ret = xmlSecBufferSetSize(out, outSize + outLen);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize + outLen);
+ xmlSecInternalError2("xmlSecBufferSetSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, (outSize + outLen));
return(-1);
}
transform->status = xmlSecTransformStatusFinished;
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
*/
/**
#include <xmlsec/bn.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
/* table for converting hex digits back to bytes */
static const int xmlSecBnLookupTable[] =
{
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
};
-static const char xmlSecBnRevLookupTable[] =
+#define XMLSEC_BN_REV_MAX 16
+static const xmlChar xmlSecBnRevLookupTable[XMLSEC_BN_REV_MAX] =
{
'0', '1', '2', '3', '4', '5', '6', '7',
'8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
*/
int
xmlSecBnFromString(xmlSecBnPtr bn, const xmlChar* str, xmlSecSize base) {
- xmlSecSize i, len, size;
+ int baseInt, nn;
+ xmlSecSize ii, strSize, size;
xmlSecByte ch;
xmlSecByte* data;
int positive;
- int nn;
int ret;
xmlSecAssert2(bn != NULL, -1);
xmlSecAssert2(str != NULL, -1);
xmlSecAssert2(base > 1, -1);
- xmlSecAssert2(base <= sizeof(xmlSecBnRevLookupTable), -1);
+ xmlSecAssert2(base <= XMLSEC_BN_REV_MAX, -1);
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(base, baseInt, return(-1), NULL);
/* trivial case */
- len = xmlStrlen(str);
- if(len == 0) {
+ strSize = xmlSecStrlen(str);
+ if(strSize <= 0) {
return(0);
}
* buffer size would be increased by Mul/Add functions.
* Finally, we can add one byte for 00 or 10 prefix.
*/
- ret = xmlSecBufferSetMaxSize(bn, xmlSecBufferGetSize(bn) + len / 2 + 1 + 1);
+ size = xmlSecBufferGetSize(bn) + strSize / 2 + 1 + 1;
+ ret = xmlSecBufferSetMaxSize(bn, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL, "size=%d", len / 2 + 1);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, size);
return (-1);
}
/* figure out if it is positive or negative number */
positive = 1; /* no sign, positive by default */
- i = 0;
- while(i < len) {
- ch = str[i++];
+ ii = 0;
+ while(ii < strSize) {
+ ch = str[ii++];
/* skip spaces */
if(isspace(ch)) {
/* otherwise, it must be start of the number, make sure that we will look
* at this character in next loop */
- xmlSecAssert2(i > 0, -1);
- --i;
+ xmlSecAssert2(ii > 0, -1);
+ --ii;
break;
}
/* now parse the number itself */
- while(i < len) {
- ch = str[i++];
+ while(ii < strSize) {
+ ch = str[ii++];
if(isspace(ch)) {
continue;
}
nn = xmlSecBnLookupTable[ch];
- if((nn < 0) || ((xmlSecSize)nn >= base)) {
- xmlSecInvalidIntegerDataError2("char", nn, "base", base, "0 <= char < base", NULL);
+ if((nn < 0) || (nn >= baseInt)) {
+ xmlSecInvalidIntegerDataError2("char", nn, "base", baseInt, "0 <= char < base", NULL);
return (-1);
}
- ret = xmlSecBnMul(bn, base);
+ ret = xmlSecBnMul(bn, baseInt);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBnMul", NULL, "base=%d", base);
+ xmlSecInternalError2("xmlSecBnMul", NULL, "base=" XMLSEC_SIZE_FMT, base);
return (-1);
}
ret = xmlSecBnAdd(bn, nn);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBnAdd", NULL, "base=%d", base);
+ xmlSecInternalError2("xmlSecBnAdd", NULL, "base=" XMLSEC_SIZE_FMT, base);
return (-1);
}
}
ch = 0;
ret = xmlSecBufferPrepend(bn, &ch, 1);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferPrepend", NULL, "base=%d", base);
+ xmlSecInternalError2("xmlSecBufferPrepend", NULL, "base=" XMLSEC_SIZE_FMT, base);
return (-1);
}
}
if(positive == 0) {
data = xmlSecBufferGetData(bn);
size = xmlSecBufferGetSize(bn);
- for(i = 0; i < size; ++i) {
- data[i] ^= 0xFF;
+ for(ii = 0; ii < size; ++ii) {
+ data[ii] ^= 0xFF;
}
ret = xmlSecBnAdd(bn, 1);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBnAdd", NULL, "base=%d", base);
+ xmlSecInternalError2("xmlSecBnAdd", NULL, "base=" XMLSEC_SIZE_FMT, base);
return (-1);
}
}
xmlSecBn bn2;
int positive = 1;
xmlChar* res;
- xmlSecSize i, len, size;
+ xmlSecSize ii, len, size;
xmlSecByte* data;
+ int baseInt;
int ret;
int nn;
xmlChar ch;
xmlSecAssert2(bn != NULL, NULL);
xmlSecAssert2(base > 1, NULL);
- xmlSecAssert2(base <= sizeof(xmlSecBnRevLookupTable), NULL);
+ xmlSecAssert2(base <= XMLSEC_BN_REV_MAX, NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(base, baseInt, return(NULL), NULL);
/* copy bn */
data = xmlSecBufferGetData(bn);
size = xmlSecBufferGetSize(bn);
ret = xmlSecBnInitialize(&bn2, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBnInitialize", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBnInitialize", NULL, "size=" XMLSEC_SIZE_FMT, size);
return (NULL);
}
ret = xmlSecBnSetData(&bn2, data, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBnSetData", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBnSetData", NULL, "size=" XMLSEC_SIZE_FMT, size);
xmlSecBnFinalize(&bn2);
return (NULL);
}
/* subtract 1 and do 2's compliment */
ret = xmlSecBnAdd(&bn2, -1);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBnAdd", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBnAdd", NULL, "size=" XMLSEC_SIZE_FMT, size);
xmlSecBnFinalize(&bn2);
return (NULL);
}
- for(i = 0; i < size; ++i) {
- data[i] ^= 0xFF;
+ for(ii = 0; ii < size; ++ii) {
+ data[ii] ^= 0xFF;
}
positive = 0;
}
memset(res, 0, len + 1);
- for(i = 0; (xmlSecBufferGetSize(&bn2) > 0) && (i < len); i++) {
- if(xmlSecBnDiv(&bn2, base, &nn) < 0) {
- xmlSecInternalError2("xmlSecBnDiv", NULL, "base=%d", base);
+ for(ii = 0; (xmlSecBufferGetSize(&bn2) > 0) && (ii < len); ii++) {
+ if(xmlSecBnDiv(&bn2, baseInt, &nn) < 0) {
+ xmlSecInternalError2("xmlSecBnDiv", NULL, "base=" XMLSEC_SIZE_FMT, base);
xmlFree(res);
xmlSecBnFinalize(&bn2);
return (NULL);
}
- xmlSecAssert2((size_t)nn < sizeof(xmlSecBnRevLookupTable), NULL);
- res[i] = xmlSecBnRevLookupTable[nn];
+ xmlSecAssert2(0 <= nn, NULL);
+ xmlSecAssert2(nn < XMLSEC_BN_REV_MAX, NULL);
+ res[ii] = xmlSecBnRevLookupTable[nn];
}
- xmlSecAssert2(i < len, NULL);
+ xmlSecAssert2(ii < len, NULL);
/* we might have '0' at the beggining, remove it but keep one zero */
- for(len = i; (len > 1) && (res[len - 1] == '0'); len--) {
+ for(len = ii; (len > 1) && (res[len - 1] == '0'); len--) {
}
res[len] = '\0';
}
/* swap the string because we wrote it in reverse order */
- for(i = 0; i < len / 2; i++) {
- ch = res[i];
- res[i] = res[len - i - 1];
- res[len - i - 1] = ch;
+ for(ii = 0; ii < len / 2; ii++) {
+ ch = res[ii];
+ res[ii] = res[len - ii - 1];
+ res[len - ii - 1] = ch;
}
xmlSecBnFinalize(&bn2);
xmlSecBnMul(xmlSecBnPtr bn, int multiplier) {
xmlSecByte* data;
int over;
- xmlSecSize i;
+ xmlSecSize ii;
xmlSecByte ch;
int ret;
}
data = xmlSecBufferGetData(bn);
- i = xmlSecBufferGetSize(bn);
+ ii = xmlSecBufferGetSize(bn);
over = 0;
- while(i > 0) {
+ while(ii > 0) {
xmlSecAssert2(data != NULL, -1);
- over = over + multiplier * data[--i];
- data[i] = over % 256;
- over = over / 256;
+ over = over + multiplier * data[--ii];
+ data[ii] = (xmlSecByte)(over % 256);
+ over = over / 256;
}
while(over > 0) {
- ch = over % 256;
+ ch = (xmlSecByte)(over % 256);
over = over / 256;
ret = xmlSecBufferPrepend(bn, &ch, 1);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferPrepend", NULL, "size=%d", 1);
+ xmlSecInternalError("xmlSecBufferPrepend(1)", NULL);
return (-1);
}
}
int
xmlSecBnDiv(xmlSecBnPtr bn, int divider, int* mod) {
int over;
- xmlSecSize i, size;
+ xmlSecSize ii, size;
xmlSecByte* data;
int ret;
data = xmlSecBufferGetData(bn);
size = xmlSecBufferGetSize(bn);
- for(over = 0, i = 0; i < size; i++) {
+ for(over = 0, ii = 0; ii < size; ii++) {
xmlSecAssert2(data != NULL, -1);
- over = over * 256 + data[i];
- data[i] = (xmlSecByte)(over / divider);
- over = over % divider;
+ over = over * 256 + data[ii];
+ data[ii] = (xmlSecByte)(over / divider);
+ over = over % divider;
}
(*mod) = over;
/* remove leading zeros */
- for(i = 0; i < size; i++) {
+ for(ii = 0; ii < size; ii++) {
xmlSecAssert2(data != NULL, -1);
- if(data[i] != 0) {
+ if(data[ii] != 0) {
break;
}
}
- if(i > 0) {
- ret = xmlSecBufferRemoveHead(bn, i);
+ if(ii > 0) {
+ ret = xmlSecBufferRemoveHead(bn, ii);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", NULL, "size=%d", i);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", NULL,
+ "size=" XMLSEC_SIZE_FMT, ii);
return (-1);
}
}
xmlSecBnAdd(xmlSecBnPtr bn, int delta) {
int over, tmp;
xmlSecByte* data;
- xmlSecSize i;
+ xmlSecSize ii;
xmlSecByte ch;
int ret;
data = xmlSecBufferGetData(bn);
if(delta > 0) {
- for(over = delta, i = xmlSecBufferGetSize(bn); (i > 0) && (over > 0) ;) {
- xmlSecAssert2(data != NULL, -1);
-
- tmp = data[--i];
- over += tmp;
- data[i] = over % 256;
- over = over / 256;
+ for(over = delta, ii = xmlSecBufferGetSize(bn); (ii > 0) && (over > 0) ;) {
+ xmlSecAssert2(data != NULL, -1);
+ tmp = data[--ii];
+ over += tmp;
+ data[ii] = (xmlSecByte)(over % 256);
+ over = over / 256;
}
while(over > 0) {
- ch = over % 256;
- over = over / 256;
-
- ret = xmlSecBufferPrepend(bn, &ch, 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferPrepend", NULL, "size=%d", 1);
- return (-1);
- }
+ ch = (xmlSecByte)(over % 256);
+ over = over / 256;
+
+ ret = xmlSecBufferPrepend(bn, &ch, 1);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferPrepend(1)", NULL);
+ return (-1);
+ }
}
} else {
- for(over = -delta, i = xmlSecBufferGetSize(bn); (i > 0) && (over > 0);) {
- xmlSecAssert2(data != NULL, -1);
-
- tmp = data[--i];
+ for(over = -delta, ii = xmlSecBufferGetSize(bn); (ii > 0) && (over > 0);) {
+ xmlSecAssert2(data != NULL, -1);
+ tmp = data[--ii];
if(tmp < over) {
- data[i] = 0;
+ data[ii] = 0;
over = (over - tmp) / 256;
} else {
- data[i] = (xmlSecByte)(tmp - over);
+ data[ii] = (xmlSecByte)(tmp - over);
over = 0;
}
}
*/
int
xmlSecBnReverse(xmlSecBnPtr bn) {
- xmlSecByte* data;
- xmlSecSize i, j, size;
- xmlSecByte ch;
-
- xmlSecAssert2(bn != NULL, -1);
-
- data = xmlSecBufferGetData(bn);
- size = xmlSecBufferGetSize(bn);
- for(i = 0, j = size - 1; i < size / 2; ++i, --j) {
- xmlSecAssert2(data != NULL, -1);
-
- ch = data[i];
- data[i] = data[j];
- data[j] = ch;
- }
-
- return(0);
+ return(xmlSecBufferReverse(bn));
}
/**
xmlSecBnCompareReverse(xmlSecBnPtr bn, const xmlSecByte* data, xmlSecSize dataSize) {
xmlSecByte* bnData;
xmlSecSize bnSize;
- xmlSecSize i, j;
+ xmlSecSize ii, jj;
xmlSecAssert2(bn != NULL, -1);
xmlSecAssert2(bnData != NULL, -1);
xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(bnSize == dataSize, -1);
- for(i = 0, j = dataSize - 1; i < dataSize; ++i, --j) {
- if(bnData[i] < data[j]) {
+ for(ii = 0, jj = dataSize - 1; ii < dataSize; ++ii, --jj) {
+ if(bnData[ii] < data[jj]) {
return(-1);
- } else if(data[j] < bnData[i]) {
+ } else if(data[jj] < bnData[ii]) {
return(1);
}
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:buffer
#include <xmlsec/buffer.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
/*****************************************************************************
*
* xmlSecBuffer
ret = xmlSecBufferInitialize(buf, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBufferInitialize", NULL, "size=" XMLSEC_SIZE_FMT, size);
xmlSecBufferDestroy(buf);
return(NULL);
}
ret = xmlSecBufferSetMaxSize(buf, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL, "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
ret = xmlSecBufferSetMaxSize(buf, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL, "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
ret = xmlSecBufferSetMaxSize(buf, buf->size + size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL, "size=%d", buf->size + size);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, (buf->size + size));
return(-1);
}
ret = xmlSecBufferSetMaxSize(buf, buf->size + size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL, "size=%d", buf->size + size);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, (buf->size + size));
return(-1);
}
}
/**
+ * xmlSecBufferReverse:
+ * @buf: the pointer to buffer object.
+ *
+ * Reverses order of bytes in the buffer @buf.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecBufferReverse(xmlSecBufferPtr buf) {
+ xmlSecByte* pp;
+ xmlSecByte* qq;
+ xmlSecSize size;
+ xmlSecByte ch;
+
+ xmlSecAssert2(buf != NULL, -1);
+
+ /* trivial case */
+ size = xmlSecBufferGetSize(buf);
+ if (size <= 1) {
+ return(0);
+ }
+
+ pp = xmlSecBufferGetData(buf);
+ xmlSecAssert2(pp != NULL, -1);
+
+ for (qq = pp + size - 1; pp < qq; ++pp, --qq) {
+ ch = *(pp);
+ *(pp) = *(qq);
+ *(qq) = ch;
+ }
+
+ return(0);
+}
+
+
+/**
* xmlSecBufferReadFile:
* @buf: the pointer to buffer object.
* @filename: the filename.
xmlSecBufferReadFile(xmlSecBufferPtr buf, const char* filename) {
xmlSecByte buffer[1024];
FILE* f = NULL;
+ xmlSecSize size;
size_t len;
int ret;
+ int res = -1;
xmlSecAssert2(buf != NULL, -1);
xmlSecAssert2(filename != NULL, -1);
#endif /* _MSC_VER */
if(f == NULL) {
xmlSecIOError("fopen", filename, NULL);
- return(-1);
+ goto done;
}
while(!feof(f)) {
len = fread(buffer, 1, sizeof(buffer), f);
if(ferror(f)) {
xmlSecIOError("fread", filename, NULL);
- fclose(f);
- return(-1);
+ goto done;
}
- ret = xmlSecBufferAppend(buf, buffer, XMLSEC_SIZE_BAD_CAST(len));
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(len, size, goto done, NULL);
+ ret = xmlSecBufferAppend(buf, buffer, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend", NULL, "size=%d", XMLSEC_SIZE_BAD_CAST(len));
- fclose(f);
- return(-1);
+ xmlSecInternalError2("xmlSecBufferAppend", NULL, "size=" XMLSEC_SIZE_T_FMT, len);
+ goto done;
}
}
- fclose(f);
- return(0);
+ /* success */
+ res = 0;
+
+done:
+ if(f != NULL) {
+ fclose(f);
+ }
+ return(res);
}
/**
*/
int
xmlSecBufferBase64NodeContentRead(xmlSecBufferPtr buf, xmlNodePtr node) {
- xmlChar* content;
- xmlSecSize size;
+ xmlChar* content = NULL;
+ xmlSecSize outWritten;
int ret;
+ int res = -1;
xmlSecAssert2(buf != NULL, -1);
xmlSecAssert2(node != NULL, -1);
content = xmlNodeGetContent(node);
if(content == NULL) {
xmlSecInvalidNodeContentError(node, NULL, "empty");
- return(-1);
+ goto done;
}
/* base64 decode size is less than input size */
- ret = xmlSecBufferSetMaxSize(buf, xmlStrlen(content));
+ ret = xmlSecBufferSetMaxSize(buf, xmlSecStrlen(content));
if(ret < 0) {
xmlSecInternalError("xmlSecBufferSetMaxSize", NULL);
- xmlFree(content);
- return(-1);
+ goto done;
}
- ret = xmlSecBase64Decode(content, xmlSecBufferGetData(buf), xmlSecBufferGetMaxSize(buf));
+ ret = xmlSecBase64Decode_ex(content, xmlSecBufferGetData(buf),
+ xmlSecBufferGetMaxSize(buf), &outWritten);
if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- xmlFree(content);
- return(-1);
+ xmlSecInternalError("xmlSecBase64Decode_ex", NULL);
+ goto done;
}
- size = ret;
- ret = xmlSecBufferSetSize(buf, size);
+ ret = xmlSecBufferSetSize(buf, outWritten);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d", size);
- xmlFree(content);
- return(-1);
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, outWritten);
+ goto done;
}
- xmlFree(content);
- return(0);
+ /* success */
+ res = 0;
+
+done:
+ if(content != NULL) {
+ xmlFree(content);
+ }
+ return(res);
}
/**
xmlSecInternalError("xmlSecBase64Encode", NULL);
return(-1);
}
+
xmlNodeAddContent(node, content);
xmlFree(content);
************************************************************************/
static int xmlSecBufferIOWrite (xmlSecBufferPtr buf,
const xmlSecByte *data,
- xmlSecSize size);
+ int len);
static int xmlSecBufferIOClose (xmlSecBufferPtr buf);
/**
}
static int
-xmlSecBufferIOWrite(xmlSecBufferPtr buf, const xmlSecByte *data, xmlSecSize size) {
+xmlSecBufferIOWrite(xmlSecBufferPtr buf, const xmlSecByte *data, int len) {
+ xmlSecSize size;
int ret;
xmlSecAssert2(buf != NULL, -1);
xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(len >= 0, -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(-1), NULL);
ret = xmlSecBufferAppend(buf, data, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBufferAppend", NULL, "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
-
- return(size);
+ /* we appended the whole input buffer */
+ return(len);
}
static int
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:c14n
#include <xmlsec/xmltree.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
/******************************************************************************
*
* C14N transforms
*
- * Inclusive namespaces list for ExclC14N (xmlSecStringList) is located
- * after xmlSecTransform structure
+ * xmlSecTransform + xmlSecStringList (inclusive namespaces list for ExclC14N).
*
*****************************************************************************/
-#define xmlSecTransformC14NSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecPtrList))
-#define xmlSecTransformC14NGetNsList(transform) \
- ((xmlSecTransformCheckSize((transform), xmlSecTransformC14NSize)) ? \
- (xmlSecPtrListPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
- (xmlSecPtrListPtr)NULL)
+XMLSEC_TRANSFORM_DECLARE(C14N, xmlSecPtrList)
+#define xmlSecC14NSize XMLSEC_TRANSFORM_SIZE(C14N)
#define xmlSecTransformC14NCheckId(transform) \
(xmlSecTransformInclC14NCheckId((transform)) || \
xmlSecTransformInclC14N11CheckId((transform)) || \
xmlSecTransformExclC14NCheckId((transform)) || \
xmlSecTransformCheckId((transform), xmlSecTransformRemoveXmlTagsC14NId))
+
#define xmlSecTransformInclC14NCheckId(transform) \
(xmlSecTransformCheckId((transform), xmlSecTransformInclC14NId) || \
xmlSecTransformCheckId((transform), xmlSecTransformInclC14NWithCommentsId))
+
#define xmlSecTransformInclC14N11CheckId(transform) \
(xmlSecTransformCheckId((transform), xmlSecTransformInclC14N11Id) || \
xmlSecTransformCheckId((transform), xmlSecTransformInclC14N11WithCommentsId))
+
#define xmlSecTransformExclC14NCheckId(transform) \
(xmlSecTransformCheckId((transform), xmlSecTransformExclC14NId) || \
xmlSecTransformCheckId((transform), xmlSecTransformExclC14NWithCommentsId) )
xmlSecTransformCtxPtr transformCtx);
static int xmlSecTransformC14NExecute (xmlSecTransformId id,
xmlSecNodeSetPtr nodes,
- xmlChar** nsList,
+ xmlSecPtrListPtr nsList,
xmlOutputBufferPtr buf);
static int
xmlSecTransformC14NInitialize(xmlSecTransformPtr transform) {
xmlSecAssert2(xmlSecTransformC14NCheckId(transform), -1);
- nsList = xmlSecTransformC14NGetNsList(transform);
+ nsList = xmlSecC14NGetCtx(transform);
xmlSecAssert2(nsList != NULL, -1);
ret = xmlSecPtrListInitialize(nsList, xmlSecStringListId);
xmlSecAssert(xmlSecTransformC14NCheckId(transform));
- nsList = xmlSecTransformC14NGetNsList(transform);
+ nsList = xmlSecC14NGetCtx(transform);
xmlSecAssert(xmlSecPtrListCheckId(nsList, xmlSecStringListId));
xmlSecPtrListFinalize(nsList);
xmlSecAssert2(node != NULL, -1);
xmlSecAssert2(transformCtx != NULL, -1);
- nsList = xmlSecTransformC14NGetNsList(transform);
+ nsList = xmlSecC14NGetCtx(transform);
xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
xmlSecAssert2(xmlSecPtrListGetSize(nsList) == 0, -1);
xmlSecTransformC14NPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nodes,
xmlSecTransformCtxPtr transformCtx) {
xmlOutputBufferPtr buf;
- xmlSecPtrListPtr nsList;
int ret;
xmlSecAssert2(xmlSecTransformC14NCheckId(transform), -1);
}
}
- /* we are using a semi-hack here: we know that xmlSecPtrList keeps
- * all pointers in the big array */
- nsList = xmlSecTransformC14NGetNsList(transform);
- xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
-
- ret = xmlSecTransformC14NExecute(transform->id, nodes, (xmlChar**)(nsList->data), buf);
+ ret = xmlSecTransformC14NExecute(transform->id, nodes,
+ xmlSecC14NGetCtx(transform), buf);
if(ret < 0) {
xmlSecInternalError("xmlSecTransformC14NExecute",
xmlSecTransformGetName(transform));
- xmlOutputBufferClose(buf);
+ (void)xmlOutputBufferClose(buf);
return(-1);
}
xmlSecTransformC14NPopBin(xmlSecTransformPtr transform, xmlSecByte* data,
xmlSecSize maxDataSize, xmlSecSize* dataSize,
xmlSecTransformCtxPtr transformCtx) {
- xmlSecPtrListPtr nsList;
xmlSecBufferPtr out;
int ret;
/* we are using a semi-hack here: we know that xmlSecPtrList keeps
* all pointers in the big array */
- nsList = xmlSecTransformC14NGetNsList(transform);
- xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
-
- ret = xmlSecTransformC14NExecute(transform->id, transform->inNodes, (xmlChar**)(nsList->data), buf);
+ ret = xmlSecTransformC14NExecute(transform->id, transform->inNodes,
+ xmlSecC14NGetCtx(transform), buf);
if(ret < 0) {
xmlSecInternalError("xmlSecTransformC14NExecute",
xmlSecTransformGetName(transform));
- xmlOutputBufferClose(buf);
+ (void)xmlOutputBufferClose(buf);
return(-1);
}
ret = xmlOutputBufferClose(buf);
memcpy(data, xmlSecBufferGetData(&(transform->outBuf)), outSize);
ret = xmlSecBufferRemoveHead(&(transform->outBuf), outSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
} else if(xmlSecBufferGetSize(out) == 0) {
}
static int
-xmlSecTransformC14NExecute(xmlSecTransformId id, xmlSecNodeSetPtr nodes, xmlChar** nsList,
+xmlSecTransformC14NExecute(xmlSecTransformId id, xmlSecNodeSetPtr nodes, xmlSecPtrListPtr nsList,
xmlOutputBufferPtr buf) {
int ret;
xmlSecAssert2(id != xmlSecTransformIdUnknown, -1);
xmlSecAssert2(nodes != NULL, -1);
xmlSecAssert2(nodes->doc != NULL, -1);
+ xmlSecAssert2(nsList != NULL, -1);
+ xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
xmlSecAssert2(buf != NULL, -1);
/* execute c14n transform */
(xmlC14NIsVisibleCallback)xmlSecNodeSetContains,
nodes, XML_C14N_1_1, NULL, 1, buf);
} else if(id == xmlSecTransformExclC14NId) {
+ /* we are using a semi-hack here: we know that xmlSecPtrList keeps
+ * all pointers in the big array */
ret = xmlC14NExecute(nodes->doc,
(xmlC14NIsVisibleCallback)xmlSecNodeSetContains,
- nodes, XML_C14N_EXCLUSIVE_1_0, nsList, 0, buf);
+ nodes, XML_C14N_EXCLUSIVE_1_0, (xmlChar**)(nsList->data), 0, buf);
} else if(id == xmlSecTransformExclC14NWithCommentsId) {
+ /* we are using a semi-hack here: we know that xmlSecPtrList keeps
+ * all pointers in the big array */
ret = xmlC14NExecute(nodes->doc,
(xmlC14NIsVisibleCallback)xmlSecNodeSetContains,
- nodes, XML_C14N_EXCLUSIVE_1_0, nsList, 1, buf);
+ nodes, XML_C14N_EXCLUSIVE_1_0, (xmlChar**)(nsList->data), 1, buf);
} else if(id == xmlSecTransformRemoveXmlTagsC14NId) {
ret = xmlSecNodeSetDumpTextNodes(nodes, buf);
} else {
static xmlSecTransformKlass xmlSecTransformInclC14NKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecTransformC14NSize, /* xmlSecSize objSize */
+ xmlSecC14NSize, /* xmlSecSize objSize */
xmlSecNameC14N, /* const xmlChar* name; */
xmlSecHrefC14N, /* const xmlChar* href; */
static xmlSecTransformKlass xmlSecTransformInclC14NWithCommentsKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecTransformC14NSize, /* xmlSecSize objSize */
+ xmlSecC14NSize, /* xmlSecSize objSize */
/* same as xmlSecTransformId */
xmlSecNameC14NWithComments, /* const xmlChar* name; */
static xmlSecTransformKlass xmlSecTransformInclC14N11Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecTransformC14NSize, /* xmlSecSize objSize */
+ xmlSecC14NSize, /* xmlSecSize objSize */
xmlSecNameC14N11, /* const xmlChar* name; */
xmlSecHrefC14N11, /* const xmlChar* href; */
static xmlSecTransformKlass xmlSecTransformInclC14N11WithCommentsKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecTransformC14NSize, /* xmlSecSize objSize */
+ xmlSecC14NSize, /* xmlSecSize objSize */
/* same as xmlSecTransformId */
xmlSecNameC14N11WithComments, /* const xmlChar* name; */
static xmlSecTransformKlass xmlSecTransformExclC14NKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecTransformC14NSize, /* xmlSecSize objSize */
+ xmlSecC14NSize, /* xmlSecSize objSize */
xmlSecNameExcC14N, /* const xmlChar* name; */
xmlSecHrefExcC14N, /* const xmlChar* href; */
static xmlSecTransformKlass xmlSecTransformExclC14NWithCommentsKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecTransformC14NSize, /* xmlSecSize objSize */
+ xmlSecC14NSize, /* xmlSecSize objSize */
xmlSecNameExcC14NWithComments, /* const xmlChar* name; */
xmlSecHrefExcC14NWithComments, /* const xmlChar* href; */
static xmlSecTransformKlass xmlSecTransformRemoveXmlTagsC14NKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecTransformC14NSize, /* xmlSecSize objSize */
+ xmlSecC14NSize, /* xmlSecSize objSize */
BAD_CAST "remove-xml-tags-transform", /* const xmlChar* name; */
NULL, /* const xmlChar* href; */
--- /dev/null
+/*
+ * XML Security Library (http://www.aleksey.com/xmlsec).
+ *
+ * Internal header only used during the compilation,
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ */
+#ifndef __XMLSEC_CAST_HELPERS_H__
+#define __XMLSEC_CAST_HELPERS_H__
+
+
+#ifndef XMLSEC_PRIVATE
+#error "private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
+#endif /* XMLSEC_PRIVATE */
+
+#include <limits.h>
+#include <stdint.h>
+#include "errors_helpers.h"
+
+/**
+ * Helpers for printing out enum values (mostly debugging).
+ */
+#define XMLSEC_ENUM_CAST(val) ((int)(val))
+#define XMLSEC_ENUM_FMT "%d"
+
+ /******************************************************************************
+ *
+ * Main macros to help with casting, we assume that LL and ULL are the largest
+ * possible types. All these macros assume that srcType is "bigger" than dstType.
+ *
+ *****************************************************************************/
+#define XMLSEC_SAFE_CAST_MIN_MAX_CHECK(srcType, srcVal, srcFmt, dstType, dstVal, dstFmt, dstMin, dstMax, errorAction, errorObject) \
+ if(((srcVal) < (srcType)(dstMin)) || ((srcVal) > (srcType)(dstMax))) { \
+ xmlSecImpossibleCastError(srcType, (srcVal), srcFmt, \
+ dstType, dstMin, dstMax, dstFmt, (errorObject)); \
+ errorAction; \
+ } \
+ (dstVal) = (dstType)(srcVal); \
+
+/* we assume that dstType_min <= srcType_min and srcType_max >= dstType_max */
+#define XMLSEC_SAFE_CAST_MAX_CHECK(srcType, srcVal, srcFmt, dstType, dstVal, dstFmt, dstMin, dstMax, errorAction, errorObject) \
+ if((srcVal) > (srcType)(dstMax)) { \
+ xmlSecImpossibleCastError(srcType, (srcVal), srcFmt, \
+ dstType, dstMin, dstMax, dstFmt, (errorObject)); \
+ errorAction; \
+ } \
+ (dstVal) = (dstType)(srcVal); \
+
+
+/* we assume that srcType_min <= dstType_min and dstType_max <= srcType_max */
+#define XMLSEC_SAFE_CAST_MIN_CHECK(srcType, srcVal, srcFmt, dstType, dstVal, dstFmt, dstMin, dstMax, errorAction, errorObject) \
+ if((srcVal) < (srcType)(dstMin)) { \
+ xmlSecImpossibleCastError(srcType, (srcVal), srcFmt, \
+ dstType, dstMin, dstMax, dstFmt, (errorObject)); \
+ errorAction; \
+ } \
+ (dstVal) = (dstType)(srcVal); \
+
+
+/******************************************************************************
+ *
+ * TO_BYTE
+ *
+ *****************************************************************************/
+
+/* Safe cast with limits check: int -> xmlSecByte (assume int >= byte) */
+#define XMLSEC_SAFE_CAST_INT_TO_BYTE(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MIN_MAX_CHECK(int, (srcVal), "%d", \
+ xmlSecByte, (dstVal), "%d", 0, 255, \
+ errorAction, (errorObject))
+
+/* Safe cast with limits check: xmlSecSize -> xmlSecByte (assume xmlSecSize > 0) */
+#define XMLSEC_SAFE_CAST_SIZE_TO_BYTE(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(xmlSecSize, (srcVal), XMLSEC_SIZE_FMT, \
+ xmlSecByte, (dstVal), "%d", 0, 255, \
+ errorAction, (errorObject))
+
+/******************************************************************************
+ *
+ * TO_INT
+ *
+ *****************************************************************************/
+
+/* Safe cast with limits check: unsigned int -> int (assume uint >= 0 and uint_max >= int_max) */
+#define XMLSEC_SAFE_CAST_UINT_TO_INT(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(unsigned int, (srcVal), "%u", \
+ int, (dstVal), "%d", INT_MIN, INT_MAX, \
+ errorAction, (errorObject))
+
+/* Safe cast with limits check: unsigned long -> int (assume ulong >= 0 and ulong_max >= int_max) */
+#define XMLSEC_SAFE_CAST_ULONG_TO_INT(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(unsigned long, (srcVal), "%lu", \
+ int, (dstVal), "%d", INT_MIN, INT_MAX, \
+ errorAction, (errorObject))
+
+/* Safe cast with limits check: long -> int (assume long >= int) */
+#define XMLSEC_SAFE_CAST_LONG_TO_INT(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MIN_MAX_CHECK(long, (srcVal), "%ld", \
+ int, (dstVal), "%d", INT_MIN, INT_MAX, \
+ errorAction, (errorObject))
+
+/* Safe cast with limits check: size_t -> int (assume size_t >= 0) */
+#if (SIZE_MAX > INT_MAX)
+
+#define XMLSEC_SAFE_CAST_SIZE_T_TO_INT(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(size_t, (srcVal), XMLSEC_SIZE_T_FMT, \
+ int, (dstVal), "%d", INT_MIN, INT_MAX, \
+ errorAction, (errorObject))
+
+#else /* (SIZE_MAX > INT_MAX) */
+
+#define XMLSEC_SAFE_CAST_SIZE_T_TO_INT(srcVal, dstVal, errorAction, errorObject) \
+ (dstVal) = (srcVal);
+
+#endif /* (SIZE_MAX > INT_MAX) */
+
+/* Safe cast with limits check: xmlSecSize -> int (assume xmlSecSize >= 0) */
+#if (XMLSEC_SIZE_MAX > INT_MAX)
+
+#define XMLSEC_SAFE_CAST_SIZE_TO_INT(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(xmlSecSize, (srcVal), XMLSEC_SIZE_FMT, \
+ int, (dstVal), "%d", INT_MIN, INT_MAX, \
+ errorAction, (errorObject))
+
+#else /* (XMLSEC_SIZE_MAX > INT_MAX) */
+
+#define XMLSEC_SAFE_CAST_SIZE_TO_INT(srcVal, dstVal, errorAction, errorObject) \
+ (dstVal) = (srcVal);
+
+#endif /* (XMLSEC_SIZE_MAX > INT_MAX) */
+
+ /* Safe cast with limits check: ptrdiff_t -> int. Special case since ptrdiff_t
+ * is platform dependent and there is no good way to print it. Cast to long long
+ * should be good enough and will only affect output in the logs. */
+#define XMLSEC_SAFE_CAST_PTRDIFF_TO_INT(srcVal, dstVal, errorAction, errorObject) \
+ if(((srcVal) < INT_MIN) || ((srcVal) > INT_MAX)) { \
+ xmlSecImpossibleCastError(ptrdiff_t, (long long)(srcVal), "%lld", \
+ int, INT_MIN, INT_MAX, "%d", (errorObject)); \
+ errorAction; \
+ } \
+ (dstVal) = (int)(srcVal); \
+
+
+/******************************************************************************
+ *
+ * TO_UINT
+ *
+ *****************************************************************************/
+
+/* Safe cast with limits check: int -> unsigned int (assume uint >= 0 and uint_max >= int_max) */
+#define XMLSEC_SAFE_CAST_INT_TO_UINT(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MIN_CHECK(int, (srcVal), "%d", \
+ unsigned int, (dstVal), "%u", 0U, UINT_MAX, \
+ errorAction, (errorObject))
+
+/* Safe cast with limits check: size_t -> unsigned int (assume uint >= 0) */
+#if (SIZE_MAX > UINT_MAX)
+
+#define XMLSEC_SAFE_CAST_SIZE_T_TO_UINT(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(size_t, (srcVal), XMLSEC_SIZE_T_FMT, \
+ unsigned int, (dstVal), "%u", 0U, UINT_MAX, \
+ errorAction, (errorObject))
+
+#else /* (SIZE_MAX > UINT_MAX) */
+
+#define XMLSEC_SAFE_CAST_SIZE_T_TO_UINT(srcVal, dstVal, errorAction, errorObject) \
+ (dstVal) = (srcVal);
+
+#endif /* (SIZE_MAX > UINT_MAX) */
+
+/* Safe cast with limits check: xmlSecSize -> unsigned int (assume uint >= 0) */
+#if (XMLSEC_SIZE_MAX > UINT_MAX)
+
+#define XMLSEC_SAFE_CAST_SIZE_TO_UINT(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(xmlSecSize, (srcVal), XMLSEC_SIZE_FMT, \
+ unsigned int, (dstVal), "%u", 0U, UINT_MAX, \
+ errorAction, (errorObject))
+
+#else /* (XMLSEC_SIZE_MAX > UINT_MAX) */
+
+#define XMLSEC_SAFE_CAST_SIZE_TO_UINT(srcVal, dstVal, errorAction, errorObject) \
+ (dstVal) = (srcVal);
+
+#endif /* (XMLSEC_SIZE_MAX > UINT_MAX) */
+
+/******************************************************************************
+ *
+ * TO_LONG
+ *
+ *****************************************************************************/
+
+/* Safe cast with limits check: size_t -> long (assume size_t >= 0) */
+#if (SIZE_MAX > LONG_MAX)
+
+#define XMLSEC_SAFE_CAST_SIZE_T_TO_LONG(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(size_t, (srcVal), XMLSEC_SIZE_T_FMT, \
+ long, (dstVal), "%ld", LONG_MIN, LONG_MAX, \
+ errorAction, (errorObject))
+
+#else /* (SIZE_MAX > LONG_MAX) */
+
+#define XMLSEC_SAFE_CAST_SIZE_T_TO_LONG(srcVal, dstVal, errorAction, errorObject) \
+ (dstVal) = (srcVal);
+
+#endif /* (SIZE_MAX > LONG_MAX) */
+
+
+/* Safe cast with limits check: xmlSecSize -> long (assume xmlSecSize >= 0) */
+#if (XMLSEC_SIZE_MAX > LONG_MAX)
+
+#define XMLSEC_SAFE_CAST_SIZE_TO_LONG(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(xmlSecSize, (srcVal), XMLSEC_SIZE_FMT, \
+ long, (dstVal), "%ld", LONG_MIN, LONG_MAX, \
+ errorAction, (errorObject))
+
+#else /* (XMLSEC_SIZE_MAX > LONG_MAX) */
+
+#define XMLSEC_SAFE_CAST_SIZE_TO_LONG(srcVal, dstVal, errorAction, errorObject) \
+ (dstVal) = (srcVal);
+
+#endif /* (XMLSEC_SIZE_MAX > LONG_MAX) */
+
+/******************************************************************************
+ *
+ * TO_ULONG
+ *
+ *****************************************************************************/
+
+/* Safe cast with limits check: xmlSecSize -> unsigned long (assume ulong >= 0) */
+#if (XMLSEC_SIZE_MAX > ULONG_MAX)
+
+#define XMLSEC_SAFE_CAST_SIZE_TO_ULONG(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(xmlSecSize, (srcVal), XMLSEC_SIZE_FMT, \
+ unsigned long, (dstVal), "%lu", 0UL, ULONG_MAX, \
+ errorAction, (errorObject))
+
+#else /* (XMLSEC_SIZE_MAX > ULONG_MAX) */
+
+#define XMLSEC_SAFE_CAST_SIZE_TO_ULONG(srcVal, dstVal, errorAction, errorObject) \
+ (dstVal) = (srcVal);
+
+#endif /* (XMLSEC_SIZE_MAX > ULONG_MAX) */
+
+/* Safe cast with limits check: int -> unsigned long (assume ulong >= 0) */
+#if (INT_MAX > ULONG_MAX)
+
+#define XMLSEC_SAFE_CAST_INT_TO_ULONG(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MIN_MAX_CHECK(int, (srcVal), "%d", \
+ unsigned long, (dstVal), "%lu", 0UL, ULONG_MAX, \
+ errorAction, (errorObject))
+
+#else /* (INT_MAX > ULONG_MAX) */
+
+#define XMLSEC_SAFE_CAST_INT_TO_ULONG(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MIN_CHECK(int, (srcVal), "%d", \
+ unsigned long, (dstVal), "%lu", 0UL, ULONG_MAX, \
+ errorAction, (errorObject))
+
+#endif /* (INT_MAX > ULONG_MAX) */
+
+/******************************************************************************
+ *
+ * TO_SIZE (to xmlSecSize)
+ *
+ *****************************************************************************/
+
+/* Safe cast with limits check: int -> xmlSecSize (assume xmlSecSize >= 0) */
+#if (INT_MAX > XMLSEC_SIZE_MAX)
+
+#define XMLSEC_SAFE_CAST_INT_TO_SIZE(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MIN_MAX_CHECK(int, (srcVal), "%d", \
+ xmlSecSize, (dstVal), XMLSEC_SIZE_FMT, XMLSEC_SIZE_MIN, XMLSEC_SIZE_MAX, \
+ errorAction, (errorObject))
+
+#else /* (INT_MAX > XMLSEC_SIZE_MAX) */
+
+#define XMLSEC_SAFE_CAST_INT_TO_SIZE(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MIN_CHECK(int, (srcVal), "%d", \
+ xmlSecSize, (dstVal), XMLSEC_SIZE_FMT, XMLSEC_SIZE_MIN, XMLSEC_SIZE_MAX, \
+ errorAction, (errorObject))
+
+#endif /* (INT_MAX > XMLSEC_SIZE_MAX) */
+
+/* Safe cast with limits check: uint -> xmlSecSize (assume xmlSecSize >= 0). */
+#if (UINT_MAX > XMLSEC_SIZE_MAX)
+
+#define XMLSEC_SAFE_CAST_UINT_TO_SIZE(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(unsigned int, (srcVal), "%u", \
+ xmlSecSize, (dstVal), XMLSEC_SIZE_FMT, XMLSEC_SIZE_MIN, XMLSEC_SIZE_MAX, \
+ errorAction, (errorObject))
+
+#else /* (UINT_MAX > XMLSEC_SIZE_MAX) */
+
+#define XMLSEC_SAFE_CAST_UINT_TO_SIZE(srcVal, dstVal, errorAction, errorObject) \
+ (dstVal) = (srcVal);
+
+#endif /* (UINT_MAX > XMLSEC_SIZE_MAX) */
+
+/* Safe cast with limits check: long -> xmlSecSize (assume xmlSecSize >= 0) */
+#if (LONG_MAX > XMLSEC_SIZE_MAX)
+
+#define XMLSEC_SAFE_CAST_LONG_TO_SIZE(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MIN_MAX_CHECK(long, (srcVal), "%ld", \
+ xmlSecSize, (dstVal), XMLSEC_SIZE_FMT, XMLSEC_SIZE_MIN, XMLSEC_SIZE_MAX, \
+ errorAction, (errorObject))
+
+#else /* (LONG_MAX > XMLSEC_SIZE_MAX) */
+
+#define XMLSEC_SAFE_CAST_LONG_TO_SIZE(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MIN_CHECK(long, (srcVal), "%ld", \
+ xmlSecSize, (dstVal), XMLSEC_SIZE_FMT, XMLSEC_SIZE_MIN, XMLSEC_SIZE_MAX, \
+ errorAction, (errorObject))
+
+#endif /* (LONG_MAX > XMLSEC_SIZE_MAX) */
+
+
+/* Safe cast with limits check: unsigned long -> xmlSecSize (assume ulong >= 0) */
+#if (ULONG_MAX > XMLSEC_SIZE_MAX)
+
+#define XMLSEC_SAFE_CAST_ULONG_TO_SIZE(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(unsigned long, (srcVal), "%lu", \
+ xmlSecSize, (dstVal), XMLSEC_SIZE_FMT, XMLSEC_SIZE_MIN, XMLSEC_SIZE_MAX, \
+ errorAction, (errorObject))
+
+#else /* (ULONG_MAX > XMLSEC_SIZE_MAX) */
+
+#define XMLSEC_SAFE_CAST_ULONG_TO_SIZE(srcVal, dstVal, errorAction, errorObject) \
+ (dstVal) = (srcVal);
+
+#endif /* (ULONG_MAX > XMLSEC_SIZE_MAX) */
+
+/* Safe cast with limits check: size_t -> xmlSecSize (assume size_t >= 0) */
+#if (SIZE_MAX > XMLSEC_SIZE_MAX)
+
+#define XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(srcVal, dstVal, errorAction, errorObject) \
+ XMLSEC_SAFE_CAST_MAX_CHECK(size_t, (srcVal), XMLSEC_SIZE_T_FMT, \
+ xmlSecSize, (dstVal), XMLSEC_SIZE_FMT, XMLSEC_SIZE_MIN, XMLSEC_SIZE_MAX, \
+ errorAction, (errorObject))
+
+#else /* (SIZE_MAX > XMLSEC_SIZE_MAX) */
+
+#define XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(srcVal, dstVal, errorAction, errorObject) \
+ (dstVal) = (srcVal);
+
+#endif /* (SIZE_MAX > XMLSEC_SIZE_MAX) */
+
+/******************************************************************************
+ *
+ * Helpers to create child struct with context
+ *
+ *****************************************************************************/
+#define XMLSEC_CHILD_STRUCT_DECLARE(name, postfix, baseType, ctxType, checkSizeFunc) \
+typedef struct _ ## xmlSec ## name ## postfix { \
+ baseType base; \
+ ctxType ctx; \
+} xmlSec ## name ## postfix; \
+ \
+static inline ctxType* xmlSec ## name ## GetCtx(baseType* obj) { \
+ if(checkSizeFunc(obj, sizeof(xmlSec ## name ## postfix))) { \
+ return((ctxType *)(&( ((xmlSec ## name ## postfix *)obj)->ctx ))); \
+ } else { \
+ return(NULL); \
+ } \
+} \
+
+#define XMLSEC_CHILD_STRUCT_SIZE(name, postfix) \
+ (sizeof(xmlSec ## name ## postfix)) \
+
+/******************************************************************************
+ *
+ * Helpers to create transform struct and cast to transform context
+ *
+ *****************************************************************************/
+#define XMLSEC_TRANSFORM_DECLARE(name, ctxType) \
+ XMLSEC_CHILD_STRUCT_DECLARE(name, Transform, xmlSecTransform, ctxType, xmlSecTransformCheckSize)
+#define XMLSEC_TRANSFORM_SIZE(name) \
+ XMLSEC_CHILD_STRUCT_SIZE(name, Transform)
+
+/******************************************************************************
+ *
+ * Helpers to create key data struct and cast to key data context
+ *
+ *****************************************************************************/
+#define XMLSEC_KEY_DATA_DECLARE(name, ctxType) \
+ XMLSEC_CHILD_STRUCT_DECLARE(name, KeyData, xmlSecKeyData, ctxType, xmlSecKeyDataCheckSize)
+#define XMLSEC_KEY_DATA_SIZE(name) \
+ XMLSEC_CHILD_STRUCT_SIZE(name, KeyData)
+
+/******************************************************************************
+ *
+ * Helpers to create key data store struct and cast to key store context
+ *
+ *****************************************************************************/
+#define XMLSEC_KEY_DATA_STORE_DECLARE(name, ctxType) \
+ XMLSEC_CHILD_STRUCT_DECLARE(name, KeyDataStore, xmlSecKeyDataStore, ctxType, xmlSecKeyDataStoreCheckSize)
+#define XMLSEC_KEY_DATA_STORE_SIZE(name) \
+ XMLSEC_CHILD_STRUCT_SIZE(name, KeyDataStore)
+
+/******************************************************************************
+ *
+ * Helpers to create key store struct and cast to key store context
+ *
+ *****************************************************************************/
+#define XMLSEC_KEY_STORE_DECLARE(name, ctxType) \
+ XMLSEC_CHILD_STRUCT_DECLARE(name, KeyStore, xmlSecKeyStore, ctxType, xmlSecKeyStoreCheckSize)
+#define XMLSEC_KEY_STORE_SIZE(name) \
+ XMLSEC_CHILD_STRUCT_SIZE(name, KeyStore)
+
+#endif /* __XMLSEC_CAST_HELPERS_H__ */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:dl
#include <ltdl.h>
#endif /* XMLSEC_DL_LIBLTDL */
-#ifdef XMLSEC_DL_WIN32
+#if defined(XMLSEC_WINDOWS) && defined(XMLSEC_DL_WIN32)
#include <windows.h>
-#endif /* XMLSEC_DL_WIN32 */
+#endif /* defined(XMLSEC_WINDOWS) && defined(XMLSEC_DL_WIN32) */
+
+#include "cast_helpers.h"
/***********************************************************************
*
lt_dlhandle handle;
#endif /* XMLSEC_DL_LIBLTDL */
-#ifdef XMLSEC_DL_WIN32
+#if defined(XMLSEC_WINDOWS) && defined(XMLSEC_DL_WIN32)
HINSTANCE handle;
-#endif /* XMLSEC_DL_WIN32 */
+#endif /* defined(XMLSEC_WINDOWS) && defined(XMLSEC_DL_WIN32) */
};
static xmlSecCryptoDLLibraryPtr xmlSecCryptoDLLibraryCreate (const xmlChar* name);
};
static xmlSecPtrListId xmlSecCryptoDLLibrariesListGetKlass (void);
static int xmlSecCryptoDLLibrariesListFindByName (xmlSecPtrListPtr list,
- const xmlChar* name);
+ const xmlChar* name,
+ xmlSecSize* pos);
typedef xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctionsCallback(void);
}
#endif /* XMLSEC_DL_LIBLTDL */
-#ifdef XMLSEC_DL_WIN32
+#if defined(XMLSEC_WINDOWS) && defined(XMLSEC_DL_WIN32)
+#if !defined(WINAPI_FAMILY) || (WINAPI_FAMILY == WINAPI_FAMILY_DESKTOP_APP)
lib->handle = LoadLibraryA((char*)lib->filename);
+#else
+ LPWSTR wcLibFilename = xmlSecWin32ConvertUtf8ToUnicode(lib->filename);
+ if(wcLibFilename == NULL) {
+ xmlSecIOError("xmlSecWin32ConvertUtf8ToTstr", lib->filename, NULL);
+ xmlSecCryptoDLLibraryDestroy(lib);
+ return(NULL);
+ }
+ lib->handle = LoadPackagedLibrary(wcLibFilename, 0);
+ xmlFree(wcLibFilename);
+#endif
if(lib->handle == NULL) {
xmlSecIOError("LoadLibraryA", lib->filename, NULL);
xmlSecCryptoDLLibraryDestroy(lib);
xmlSecCryptoDLLibraryDestroy(lib);
return(NULL);
}
-#endif /* XMLSEC_DL_WIN32 */
+#endif /* defined(XMLSEC_WINDOWS) && defined(XMLSEC_DL_WIN32) */
if(getFunctions == NULL) {
xmlSecInternalError("invalid configuration: no way to load library", NULL);
ret = lt_dlclose(lib->handle);
if(ret != 0) {
xmlSecIOError("lt_dlclose", NULL, NULL);
+ /* ignore error */
}
}
#endif /* XMLSEC_DL_LIBLTDL */
-#ifdef XMLSEC_DL_WIN32
+#if defined(XMLSEC_WINDOWS) && defined(XMLSEC_DL_WIN32)
if(lib->handle != NULL) {
BOOL res;
res = FreeLibrary(lib->handle);
if(!res) {
xmlSecIOError("FreeLibrary", NULL, NULL);
+ /* ignore error */
}
}
-#endif /* XMLSEC_DL_WIN32*/
+#endif /* defined(XMLSEC_WINDOWS) && defined(XMLSEC_DL_WIN32)*/
memset(lib, 0, sizeof(xmlSecCryptoDLLibrary));
xmlFree(lib);
return(xmlSecCryptoDLLibraryCreate(lib->name));
}
+#define XMLSEC_CRYPTO_DL_LIB_TMPL "lib%s-%s"
static xmlChar*
xmlSecCryptoDLLibraryConstructFilename(const xmlChar* name) {
- static char tmpl[] = "lib%s-%s";
xmlChar* res;
+ xmlSecSize size;
int len;
int ret;
xmlSecAssert2(name != NULL, NULL);
- /* TODO */
- len = xmlStrlen(BAD_CAST PACKAGE) + xmlStrlen(name) + xmlStrlen(BAD_CAST tmpl) + 1;
- res = (xmlChar*)xmlMalloc(len + 1);
+ size = xmlSecStrlen(BAD_CAST PACKAGE) +
+ xmlSecStrlen(name) +
+ xmlSecStrlen(BAD_CAST XMLSEC_CRYPTO_DL_LIB_TMPL) +
+ 1;
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(size, len, return(NULL), NULL);
+
+ res = (xmlChar*)xmlMalloc(size + 1);
if(res == NULL) {
- xmlSecMallocError(len + 1, NULL);
+ xmlSecMallocError(size + 1, NULL);
return(NULL);
}
- ret = xmlStrPrintf(res, len, tmpl, PACKAGE, name);
+ ret = xmlStrPrintf(res, len, XMLSEC_CRYPTO_DL_LIB_TMPL, PACKAGE, name);
if(ret < 0) {
xmlSecXmlError("xmlStrPrintf", NULL);
xmlFree(res);
return(res);
}
+#define XMLSEC_CRYPTO_DL_GET_FUNCTIONS_TMPL "xmlSecCryptoGetFunctions_%s"
+
static xmlChar*
xmlSecCryptoDLLibraryConstructGetFunctionsName(const xmlChar* name) {
- static char tmpl[] = "xmlSecCryptoGetFunctions_%s";
xmlChar* res;
int len;
+ xmlSecSize size;
int ret;
xmlSecAssert2(name != NULL, NULL);
- len = xmlStrlen(name) + xmlStrlen(BAD_CAST tmpl) + 1;
- res = (xmlChar*)xmlMalloc(len + 1);
+ len = xmlStrlen(name) + xmlStrlen(BAD_CAST XMLSEC_CRYPTO_DL_GET_FUNCTIONS_TMPL) + 1;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(NULL), -1);
+
+ res = (xmlChar*)xmlMalloc(size + 1);
if(res == NULL) {
- xmlSecMallocError(len + 1, NULL);
+ xmlSecMallocError(size + 1, NULL);
return(NULL);
}
- ret = xmlStrPrintf(res, len, tmpl, name);
+ ret = xmlStrPrintf(res, len, XMLSEC_CRYPTO_DL_GET_FUNCTIONS_TMPL, name);
if(ret < 0) {
xmlSecXmlError("xmlStrPrintf", NULL);
xmlFree(res);
}
static int
-xmlSecCryptoDLLibrariesListFindByName(xmlSecPtrListPtr list, const xmlChar* name) {
- xmlSecSize i, size;
+xmlSecCryptoDLLibrariesListFindByName(xmlSecPtrListPtr list, const xmlChar* name, xmlSecSize* pos) {
+ xmlSecSize ii, size;
xmlSecCryptoDLLibraryPtr lib;
xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecCryptoDLLibrariesListGetKlass()), -1);
xmlSecAssert2(name != NULL, -1);
+ xmlSecAssert2(pos != NULL, -1);
size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- lib = (xmlSecCryptoDLLibraryPtr)xmlSecPtrListGetItem(list, i);
+ for(ii = 0; ii < size; ++ii) {
+ lib = (xmlSecCryptoDLLibraryPtr)xmlSecPtrListGetItem(list, ii);
if((lib != NULL) && (lib->name != NULL) && (xmlStrcmp(lib->name, name) == 0)) {
- return(i);
+ (*pos) = ii;
+ return(0);
}
}
return(-1);
ret = lt_dlexit ();
if(ret != 0) {
xmlSecIOError("lt_dlexit", NULL, NULL);
+ /* ignore error */
}
#else /* XMLSEC_DL_LIBLTDL */
UNREFERENCED_PARAMETER(ret);
xmlSecCryptoDLFunctionsPtr
xmlSecCryptoDLGetLibraryFunctions(const xmlChar* crypto) {
xmlSecCryptoDLLibraryPtr lib;
- int pos;
+ xmlSecSize pos;
int ret;
xmlSecAssert2(crypto != NULL, NULL);
- pos = xmlSecCryptoDLLibrariesListFindByName(&gXmlSecCryptoDLLibraries, crypto);
- if(pos >= 0) {
+ ret = xmlSecCryptoDLLibrariesListFindByName(&gXmlSecCryptoDLLibraries, crypto, &pos);
+ if(ret >= 0) {
lib = (xmlSecCryptoDLLibraryPtr)xmlSecPtrListGetItem(&gXmlSecCryptoDLLibraries, pos);
xmlSecAssert2(lib != NULL, NULL);
xmlSecAssert2(lib->functions != NULL, NULL);
-
return(lib->functions);
}
lib = xmlSecCryptoDLLibraryCreate(crypto);
if(lib == NULL) {
xmlSecInternalError2("xmlSecCryptoDLLibraryCreate", NULL,
- "crypto=%s", xmlSecErrorsSafeString(crypto));
+ "crypto=%s", xmlSecErrorsSafeString(crypto));
return(NULL);
}
ret = xmlSecPtrListAdd(&gXmlSecCryptoDLLibraries, lib);
if(ret < 0) {
xmlSecInternalError2("xmlSecPtrListAdd", NULL,
- "crypto=%s", xmlSecErrorsSafeString(crypto));
+ "crypto=%s", xmlSecErrorsSafeString(crypto));
xmlSecCryptoDLLibraryDestroy(lib);
return(NULL);
}
int
xmlSecCryptoDLUnloadLibrary(const xmlChar* crypto) {
xmlSecCryptoDLLibraryPtr lib;
- int pos;
+ xmlSecSize pos;
int ret;
xmlSecAssert2(crypto != NULL, -1);
- pos = xmlSecCryptoDLLibrariesListFindByName(&gXmlSecCryptoDLLibraries, crypto);
- if(pos < 0) {
+ ret = xmlSecCryptoDLLibrariesListFindByName(&gXmlSecCryptoDLLibraries, crypto, &pos);
+ if(ret < 0) {
/* todo: is it an error? */
return(0);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:enveloped
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:errors
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_ERROR_HELPERS_H__
(const char*)(errorObject), \
"xmlMalloc", \
XMLSEC_ERRORS_R_MALLOC_FAILED, \
- "size=%lu", (unsigned long)(allocSize) \
+ "size=" XMLSEC_SIZE_T_FMT, (size_t)(allocSize) \
)
/**
(const char*)(errorObject), \
"xmlStrdup", \
XMLSEC_ERRORS_R_STRDUP_FAILED, \
- "size=%lu", (unsigned long)xmlStrlen(str) \
+ "size=%d", xmlStrlen(str) \
)
/**
*/
#define xmlSecXmlError(errorFunction, errorObject) \
{ \
- xmlErrorPtr error = xmlGetLastError(); \
+ const xmlError * error = xmlGetLastError(); \
int code = (error != NULL) ? error->code : 0; \
const char* message = (error != NULL) ? error->message : NULL; \
xmlSecError(XMLSEC_ERRORS_HERE, \
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_XML_FAILED, \
- "xml error: %lu: %s", \
- (unsigned long)code, \
- xmlSecErrorsSafeString(message) \
+ "xml error: %d: %s", \
+ code, xmlSecErrorsSafeString(message) \
); \
}
*/
#define xmlSecXmlError2(errorFunction, errorObject, msg, param) \
{ \
- xmlErrorPtr error = xmlGetLastError(); \
+ const xmlError * error = xmlGetLastError(); \
int code = (error != NULL) ? error->code : 0; \
const char* message = (error != NULL) ? error->message : NULL; \
xmlSecError(XMLSEC_ERRORS_HERE, \
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_XML_FAILED, \
- msg "; xml error: %lu: %s", \
- (param), \
- (unsigned long)code, \
- xmlSecErrorsSafeString(message) \
+ msg "; xml error: %d: %s", \
+ (param), code, xmlSecErrorsSafeString(message) \
); \
}
*/
#define xmlSecXmlParserError(errorFunction, ctxt, errorObject) \
{ \
- xmlErrorPtr error = xmlCtxtGetLastError(ctxt);\
+ const xmlError * error = xmlCtxtGetLastError(ctxt);\
int code = (error != NULL) ? error->code : 0; \
const char* message = (error != NULL) ? error->message : NULL; \
xmlSecError(XMLSEC_ERRORS_HERE, \
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_XML_FAILED, \
- "xml error: %lu: %s", \
- (unsigned long)code, \
- xmlSecErrorsSafeString(message) \
+ "xml error: %d: %s", \
+ code, xmlSecErrorsSafeString(message) \
); \
}
*/
#define xmlSecXmlParserError2(errorFunction, ctxt, errorObject, msg, param) \
{ \
- xmlErrorPtr error = xmlCtxtGetLastError(ctxt);\
+ const xmlError * error = xmlCtxtGetLastError(ctxt);\
int code = (error != NULL) ? error->code : 0; \
const char* message = (error != NULL) ? error->message : NULL; \
xmlSecError(XMLSEC_ERRORS_HERE, \
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_XML_FAILED, \
- msg "; xml error: %lu: %s", \
- (param), \
- (unsigned long)code, \
- xmlSecErrorsSafeString(message) \
+ msg "; xml error: %d: %s", \
+ (param), code, xmlSecErrorsSafeString(message) \
); \
}
*/
#define xmlSecXsltError(errorFunction, ctxt, errorObject) \
{ \
- xmlErrorPtr error = xmlGetLastError(); \
+ const xmlError * error = xmlGetLastError(); \
int code = (error != NULL) ? error->code : 0; \
const char* message = (error != NULL) ? error->message : NULL; \
xmlSecError(XMLSEC_ERRORS_HERE, \
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_XSLT_FAILED, \
- "xslt error: %lu: %s", \
- (unsigned long)code, \
- xmlSecErrorsSafeString(message) \
+ "xslt error: %d: %s", \
+ code, xmlSecErrorsSafeString(message) \
); \
}
(const char*)(errorObject), \
NULL, \
XMLSEC_ERRORS_R_INVALID_SIZE, \
- "invalid size for '%s': actual=%lu is not equal to expected=%lu", \
+ "invalid size for '%s': actual=" XMLSEC_SIZE_FMT " is not equal to expected=" XMLSEC_SIZE_FMT, \
xmlSecErrorsSafeString(name), \
- (unsigned long)(actual), \
- (unsigned long)(expected) \
+ (actual), \
+ (expected) \
)
/**
(const char*)(errorObject), \
NULL, \
XMLSEC_ERRORS_R_INVALID_SIZE, \
- "invalid size for '%s': actual=%lu is less than expected=%lu", \
+ "invalid size for '%s': actual=" XMLSEC_SIZE_FMT " is less than expected=" XMLSEC_SIZE_FMT, \
xmlSecErrorsSafeString(name), \
- (unsigned long)(actual), \
- (unsigned long)(expected) \
+ (actual), \
+ (expected) \
)
/**
(const char*)(errorObject), \
NULL, \
XMLSEC_ERRORS_R_NOT_IMPLEMENTED, \
- "invalid size for '%s': actual=%lu is more than expected=%lu", \
+ "invalid size for '%s': actual=" XMLSEC_SIZE_FMT " is more than expected=" XMLSEC_SIZE_FMT, \
xmlSecErrorsSafeString(name), \
- (unsigned long)(actual), \
- (unsigned long)(expected) \
+ (actual), \
+ (expected) \
)
/**
(const char*)(errorObject), \
NULL, \
XMLSEC_ERRORS_R_NOT_IMPLEMENTED, \
- "invalid size for '%s': actual=%lu is not a multiple of %lu", \
+ "invalid size for '%s': actual=" XMLSEC_SIZE_FMT " is not a multiple of " XMLSEC_SIZE_FMT, \
xmlSecErrorsSafeString(name), \
- (unsigned long)(actual), \
- (unsigned long)(divider) \
+ (actual), \
+ (divider) \
)
/**
/**
* xmlSecInvalidStringDataError:
* @name: the name of the variable, parameter, etc.
- * @actual: the actual value as a string.
+ * @actual: the actual string value.
* @expected: the expected value(s) as a string.
* @errorObject: the error specific error object (e.g. transform, key data, etc).
*
/**
* xmlSecInvalidIntegerDataError:
* @name: the name of the variable, parameter, etc.
- * @actual: the actual value as an integer.
+ * @actual: the actual integer value.
* @expected: the expected value(s) as a string.
* @errorObject: the error specific error object (e.g. transform, key data, etc).
*
(const char*)(errorObject), \
NULL, \
XMLSEC_ERRORS_R_INVALID_DATA, \
- "invalid data for '%s': actual=%ld and expected %s", \
+ "invalid data for '%s': actual=%d and expected %s", \
xmlSecErrorsSafeString(name), \
- (unsigned long)(actual), \
+ (actual), \
(expected) \
)
/**
* xmlSecInvalidIntegerDataError2:
* @name1: the name of the first variable, parameter, etc.
- * @actual1: the actual first value as an integer.
+ * @actual1: the actual first integer value.
* @name2: the name of the second variable, parameter, etc.
- * @actual2: the actual second value as an integer.
+ * @actual2: the actual second integer value.
* @expected: the expected value(s) as a string.
* @errorObject: the error specific error object (e.g. transform, key data, etc).
*
(const char*)(errorObject), \
NULL, \
XMLSEC_ERRORS_R_INVALID_DATA, \
- "invalid data: actual value '%s'=%ld, actual value '%s'=%ld and expected %s", \
+ "invalid data: actual value '%s'=%d, actual value '%s'=%d and expected %s", \
+ xmlSecErrorsSafeString(name1), \
+ (actual1), \
+ xmlSecErrorsSafeString(name2), \
+ (actual2), \
+ (expected) \
+ )
+
+ /**
+ * xmlSecInvalidSizeDataError:
+ * @name: the name of the variable, parameter, etc.
+ * @actual: the actual xmlSecSize value.
+ * @expected: the expected value(s) as a string.
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ *
+ * Macro. The XMLSec library macro for reporting "invalid data" errors for xmlSecSize.
+ */
+#define xmlSecInvalidSizeDataError(name, actual, expected, errorObject) \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ NULL, \
+ XMLSEC_ERRORS_R_INVALID_DATA, \
+ "invalid data for '%s': actual=" XMLSEC_SIZE_FMT " and expected %s", \
+ xmlSecErrorsSafeString(name), \
+ (actual), \
+ (expected) \
+ )
+
+/**
+ * xmlSecInvalidSizeDataError2:
+ * @name1: the name of the first variable, parameter, etc.
+ * @actual1: the actual first xmlSecSize value.
+ * @name2: the name of the second variable, parameter, etc.
+ * @actual2: the actual second xmlSecSize value.
+ * @expected: the expected value(s) as a string.
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ *
+ * Macro. The XMLSec library macro for reporting "invalid data" errors for xmlSecSize.
+ */
+#define xmlSecInvalidSizeDataError2(name1, actual1, name2, actual2, expected, errorObject) \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ NULL, \
+ XMLSEC_ERRORS_R_INVALID_DATA, \
+ "invalid data: actual value '%s'=" XMLSEC_SIZE_FMT ", actual value '%s'=" XMLSEC_SIZE_FMT " and expected %s", \
xmlSecErrorsSafeString(name1), \
- (unsigned long)(actual1), \
+ (actual1), \
xmlSecErrorsSafeString(name2), \
- (unsigned long)(actual2), \
+ (actual2), \
(expected) \
)
/**
* xmlSecInvalidIntegerTypeError:
* @name: the name of the variable, parameter, etc.
- * @actual: the actual value as an integer.
+ * @actual: the actual integer value.
* @expected: the expected value(s) as a string.
* @errorObject: the error specific error object (e.g. transform, key data, etc).
*
(const char*)(errorObject), \
NULL, \
XMLSEC_ERRORS_R_INVALID_TYPE, \
- "invalid type for '%s': actual=%ld and expected %s", \
+ "invalid type for '%s': actual=%d and expected %s", \
xmlSecErrorsSafeString(name), \
- (unsigned long)(actual), \
+ (actual), \
(expected) \
)
/**
* xmlSecInvalidIntegerTypeError2:
* @name1: the name of the first variable, parameter, etc.
- * @actual1: the actual first value as an integer.
+ * @actual1: the actual first integer value.
* @name2: the name of the second variable, parameter, etc.
- * @actual2: the actual second value as an integer.
+ * @actual2: the actual second integer value.
* @expected: the expected value(s) as a string.
* @errorObject: the error specific error object (e.g. transform, key data, etc).
*
(const char*)(errorObject), \
NULL, \
XMLSEC_ERRORS_R_INVALID_TYPE, \
- "invalid type: actual value '%s'=%ld, actual value '%s'=%ld and expected %s", \
+ "invalid type: actual value '%s'=%d, actual value '%s'=%d and expected %s", \
xmlSecErrorsSafeString(name1), \
- (unsigned long)(actual1), \
+ (actual1), \
xmlSecErrorsSafeString(name2), \
- (unsigned long)(actual2), \
+ (actual2), \
(expected) \
)
+
+ /**
+ * xmlSecUnsupportedEnumValueError:
+ * @name: the name of the variable, parameter, etc.
+ * @actual: the actual value.
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ *
+ * Macro. The XMLSec library macro for reporting "unsupported enum type" errors.
+ */
+#define xmlSecUnsupportedEnumValueError(name, actual, errorObject) \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ NULL, \
+ XMLSEC_ERRORS_R_INVALID_TYPE, \
+ "unsupported value for '%s': " XMLSEC_ENUM_FMT, \
+ xmlSecErrorsSafeString(name), \
+ XMLSEC_ENUM_CAST(actual) \
+ )
+
+
/**
* xmlSecInvalidNodeError:
* @actualNode: the actual node.
); \
}
+ /**
+ * xmlSecInvalidNodeContentError2:
+ * @node: the node.
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ * @msg: the extra message.
+ * @param: the extra message param.
+ *
+ * Macro. The XMLSec library macro for reporting an invalid node content errors.
+ */
+#define xmlSecInvalidNodeContentError2(node, errorObject, msg, param) \
+ { \
+ const char* nName = xmlSecNodeGetName(node); \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ NULL, \
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, \
+ msg "; node=%s", \
+ (param), \
+ xmlSecErrorsSafeString(nName) \
+ ); \
+ }
+
+ /**
+ * xmlSecInvalidNodeContentError3:
+ * @node: the node.
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ * @msg: the extra message.
+ * @param1: the extra message param1.
+ * @param2: the extra message param2.
+ *
+ * Macro. The XMLSec library macro for reporting an invalid node content errors.
+ */
+#define xmlSecInvalidNodeContentError3(node, errorObject, msg, param1, param2) \
+ { \
+ const char* nName = xmlSecNodeGetName(node); \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ NULL, \
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, \
+ msg "; node=%s", \
+ (param1), \
+ (param2), \
+ xmlSecErrorsSafeString(nName) \
+ ); \
+ }
+
+
/**
* xmlSecInvalidNodeAttributeError:
* @node: the node.
*
* Macro. The XMLSec library macro for reporting an invalid transform status errors.
*/
-#define xmlSecInvalidTransfromStatusError(transform) \
- { \
- xmlSecError(XMLSEC_ERRORS_HERE, \
+#define xmlSecInvalidTransfromStatusError(transform) \
+ { \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
(const char*)xmlSecTransformGetName(transform), \
- NULL, \
- XMLSEC_ERRORS_R_INVALID_STATUS, \
- "transformStatus=%d", \
- (int)((transform)->status) \
- ); \
+ NULL, \
+ XMLSEC_ERRORS_R_INVALID_STATUS, \
+ "transformStatus=" XMLSEC_ENUM_FMT, \
+ XMLSEC_ENUM_CAST((transform)->status) \
+ ); \
}
/**
(const char*)xmlSecTransformGetName(transform), \
NULL, \
XMLSEC_ERRORS_R_INVALID_STATUS, \
- "transformStatus=%ld, msg=%s", \
- (long int)((transform)->status), \
- msg \
+ "transformStatus=" XMLSEC_ENUM_FMT "; msg=%s", \
+ XMLSEC_ENUM_CAST((transform)->status), \
+ (msg) \
); \
}
(const char*)(errorObject), \
NULL, \
XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, \
- "invalid key data size: actual=%ld and expected=%ld", \
- (unsigned long)(actual), \
- (unsigned long)(expected) \
+ "invalid key data size: actual=" XMLSEC_SIZE_FMT " and expected=" XMLSEC_SIZE_FMT, \
+ (actual), \
+ (expected) \
)
/**
"invalid zero key data size" \
)
+/**
+ * xmlSecImpossibleCastError:
+ *
+ * @srcType: the source value type.
+ * @srcVal: the source value.
+ * @srcFmt: the source type printf format (e.g. "%d").
+ * @dstType: the destination cast type.
+ * @dstMinVal: the destination type min value.
+ * @dstMaxVal: the destination type max value.
+ * @dstFmt: the destination type printf format (e.g. "%lu").
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ *
+ * Macro. The XMLSec library macro for reporting impossible cast errors.
+ */
+#define xmlSecImpossibleCastError(srcType, srcVal, srcFmt, dstType, dstMinVal, dstMaxVal, dstFmt, errorObject) \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ NULL, \
+ XMLSEC_ERROR_R_CAST_IMPOSSIBLE, \
+ "src-type=" #srcType "; src-val=" srcFmt \
+ ";dst-type=" #dstType "; dst-min=" dstFmt \
+ ";dst-max=" dstFmt "", \
+ (srcVal), (dstMinVal), (dstMaxVal) \
+ )
/**
* xmlSecOtherError:
NULL =
EXTRA_DIST = \
- README \
+ README.md \
$(NULL)
lib_LTLIBRARIES = \
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/gcrypt
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(libdir)"
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+am__objects_1 =
+am_libxmlsec1_gcrypt_la_OBJECTS = libxmlsec1_gcrypt_la-app.lo \
+ libxmlsec1_gcrypt_la-asn1.lo libxmlsec1_gcrypt_la-ciphers.lo \
+ libxmlsec1_gcrypt_la-crypto.lo libxmlsec1_gcrypt_la-digests.lo \
+ libxmlsec1_gcrypt_la-hmac.lo libxmlsec1_gcrypt_la-kw_aes.lo \
+ libxmlsec1_gcrypt_la-kw_des.lo libxmlsec1_gcrypt_la-symkeys.lo \
+ libxmlsec1_gcrypt_la-asymkeys.lo \
+ libxmlsec1_gcrypt_la-signatures.lo $(am__objects_1)
+libxmlsec1_gcrypt_la_OBJECTS = $(am_libxmlsec1_gcrypt_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+libxmlsec1_gcrypt_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+ $(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_gcrypt_la_LDFLAGS) \
+ $(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/libxmlsec1_gcrypt_la-app.Plo \
+ ./$(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Plo \
+ ./$(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Plo \
+ ./$(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Plo \
+ ./$(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Plo \
+ ./$(DEPDIR)/libxmlsec1_gcrypt_la-digests.Plo \
+ ./$(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Plo \
+ ./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Plo \
+ ./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Plo \
+ ./$(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Plo \
+ ./$(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(libxmlsec1_gcrypt_la_SOURCES)
+DIST_SOURCES = $(libxmlsec1_gcrypt_la_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \
+ README.md
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+EXTRA_DIST = \
+ README.md \
+ $(NULL)
+
+lib_LTLIBRARIES = \
+ libxmlsec1-gcrypt.la \
+ $(NULL)
+
+libxmlsec1_gcrypt_la_CPPFLAGS = \
+ -DPACKAGE=\"@PACKAGE@\" \
+ -DGCRYPT_MIN_VERSION=\"$(GCRYPT_MIN_VERSION)\" \
+ -I../../include \
+ -I$(top_srcdir)/include \
+ $(XMLSEC_DEFINES) \
+ $(GCRYPT_CFLAGS) \
+ $(LIBXSLT_CFLAGS) \
+ $(LIBXML_CFLAGS) \
+ $(NULL)
+
+libxmlsec1_gcrypt_la_SOURCES = \
+ app.c \
+ asn1.h \
+ asn1.c \
+ ciphers.c \
+ crypto.c \
+ digests.c \
+ hmac.c \
+ kw_aes.c \
+ kw_des.c \
+ symkeys.c \
+ asymkeys.c \
+ signatures.c \
+ globals.h \
+ $(NULL)
+
+libxmlsec1_gcrypt_la_LIBADD = \
+ $(GCRYPT_LIBS) \
+ $(LIBXSLT_LIBS) \
+ $(LIBXML_LIBS) \
+ ../libxmlsec1.la \
+ $(NULL)
+
+libxmlsec1_gcrypt_la_DEPENDENCIES = \
+ $(NULL)
+
+libxmlsec1_gcrypt_la_LDFLAGS = \
+ @XMLSEC_CRYPTO_EXTRA_LDFLAGS@ \
+ -version-info @XMLSEC_VERSION_INFO@ \
+ $(NULL)
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/gcrypt/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign src/gcrypt/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+ }
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+
+libxmlsec1-gcrypt.la: $(libxmlsec1_gcrypt_la_OBJECTS) $(libxmlsec1_gcrypt_la_DEPENDENCIES) $(EXTRA_libxmlsec1_gcrypt_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(libxmlsec1_gcrypt_la_LINK) -rpath $(libdir) $(libxmlsec1_gcrypt_la_OBJECTS) $(libxmlsec1_gcrypt_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-app.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-digests.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+ @$(MKDIR_P) $(@D)
+ @echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+libxmlsec1_gcrypt_la-app.lo: app.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-app.Tpo -c -o libxmlsec1_gcrypt_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-app.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='app.c' object='libxmlsec1_gcrypt_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+
+libxmlsec1_gcrypt_la-asn1.lo: asn1.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-asn1.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Tpo -c -o libxmlsec1_gcrypt_la-asn1.lo `test -f 'asn1.c' || echo '$(srcdir)/'`asn1.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='asn1.c' object='libxmlsec1_gcrypt_la-asn1.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-asn1.lo `test -f 'asn1.c' || echo '$(srcdir)/'`asn1.c
+
+libxmlsec1_gcrypt_la-ciphers.lo: ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Tpo -c -o libxmlsec1_gcrypt_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ciphers.c' object='libxmlsec1_gcrypt_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+
+libxmlsec1_gcrypt_la-crypto.lo: crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Tpo -c -o libxmlsec1_gcrypt_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='crypto.c' object='libxmlsec1_gcrypt_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+
+libxmlsec1_gcrypt_la-digests.lo: digests.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-digests.Tpo -c -o libxmlsec1_gcrypt_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-digests.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='digests.c' object='libxmlsec1_gcrypt_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+
+libxmlsec1_gcrypt_la-hmac.lo: hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Tpo -c -o libxmlsec1_gcrypt_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='hmac.c' object='libxmlsec1_gcrypt_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+
+libxmlsec1_gcrypt_la-kw_aes.lo: kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Tpo -c -o libxmlsec1_gcrypt_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_aes.c' object='libxmlsec1_gcrypt_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+
+libxmlsec1_gcrypt_la-kw_des.lo: kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Tpo -c -o libxmlsec1_gcrypt_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_des.c' object='libxmlsec1_gcrypt_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+
+libxmlsec1_gcrypt_la-symkeys.lo: symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Tpo -c -o libxmlsec1_gcrypt_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='symkeys.c' object='libxmlsec1_gcrypt_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+
+libxmlsec1_gcrypt_la-asymkeys.lo: asymkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-asymkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Tpo -c -o libxmlsec1_gcrypt_la-asymkeys.lo `test -f 'asymkeys.c' || echo '$(srcdir)/'`asymkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='asymkeys.c' object='libxmlsec1_gcrypt_la-asymkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-asymkeys.lo `test -f 'asymkeys.c' || echo '$(srcdir)/'`asymkeys.c
+
+libxmlsec1_gcrypt_la-signatures.lo: signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Tpo -c -o libxmlsec1_gcrypt_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='signatures.c' object='libxmlsec1_gcrypt_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(libdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Plo
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Plo
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-libLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+ clean-generic clean-libLTLIBRARIES clean-libtool cscopelist-am \
+ ctags ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
+++ /dev/null
-The xmlsec-gcrypt implementation is really limited and is not ready
-for production use. The only supported crypto transforms are:
-
- - HMAC
- - Tripple DES
- - AES [128|192|256]
- - SHA1
-
-
--- /dev/null
+# XMLSec Library: XMLSEC-GCRYPT
+
+## What version of GCrypt?
+GCrypt 1.4.0 or later is required.
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:app
#include <xmlsec/gcrypt/crypto.h>
#include "asn1.h"
+#include "../cast_helpers.h"
/**
* xmlSecGCryptAppInit:
/* NOTE configure.in defines GCRYPT_MIN_VERSION */
if (!gcry_check_version (GCRYPT_MIN_VERSION)) {
- xmlSecGCryptError2("gcry_check_version", GPG_ERR_NO_ERROR, NULL,
+ xmlSecGCryptError2("gcry_check_version", (gcry_error_t)GPG_ERR_NO_ERROR, NULL,
"min_version=%s", GCRYPT_MIN_VERSION);
return(-1);
}
err = gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0);
if(err != GPG_ERR_NO_ERROR) {
xmlSecGCryptError("gcry_control(GCRYCTL_INIT_SECMEM)", err, NULL);
- return(-1);
+ /* ignore this error because of libgrcypt bug in allocating memory,
+ see https://github.com/lsh123/xmlsec/issues/415 for more details */
}
/* It is now okay to let Libgcrypt complain when there was/is
#endif /* XMLSEC_NO_X509 */
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(NULL);
}
* Returns: 0 on success or a negative value otherwise.
*/
int
-xmlSecGCryptAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr,
+xmlSecGCryptAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr,
const char *filename,
xmlSecKeyDataFormat format,
xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:asn1
#include <xmlsec/gcrypt/crypto.h>
#include "asn1.h"
+#include "../cast_helpers.h"
/**************************************************************************
*
that the encoded length does not exhaust the length of the provided
buffer. */
static int
-xmlSecGCryptAsn1ParseTag (xmlSecByte const **buffer, xmlSecSize *buflen, struct tag_info *ti)
+xmlSecGCryptAsn1ParseTag (xmlSecByte const **buffer, unsigned long *buflen, struct tag_info *ti)
{
- int c;
+ unsigned long c;
unsigned long tag;
const xmlSecByte *buf;
- xmlSecSize length;
+ unsigned long length;
xmlSecAssert2(buffer != NULL, -1);
xmlSecAssert2((*buffer) != NULL, -1);
if (length <= 0) {
return(-1); /* Premature EOF. */
}
- c = *buf++;
+ c = *buf++;
length--;
ti->nhdr++;
if (length <= 0) {
return(-1); /* Premature EOF. */
}
- c = *buf++;
+ c = *buf++;
length--;
ti->nhdr++;
tag |= (c & 0x7f);
if(length <= 0) {
return -1; /* Premature EOF. */
}
- c = *buf++;
+ c = *buf++;
length--;
ti->nhdr++;
} else if (c == 0xff) {
return -1; /* Forbidden length value. */
} else {
- xmlSecSize len = 0;
+ unsigned long len = 0;
int count = c & 0x7f;
for (; count; count--) {
}
static int
-xmlSecGCryptAsn1ParseIntegerSequence(xmlSecByte const **buffer, xmlSecSize *buflen,
+xmlSecGCryptAsn1ParseIntegerSequence(xmlSecByte const **buffer, xmlSecSize* buflen,
gcry_mpi_t * params, int params_size) {
const xmlSecByte *buf;
- xmlSecSize length;
+ unsigned long length;
struct tag_info ti;
gcry_error_t err;
int idx = 0;
/* initialize */
buf = *buffer;
- length = *buflen;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG((*buflen), length, return(-1), NULL);
/* read SEQUENCE */
memset(&ti, 0, sizeof(ti));
ret = xmlSecGCryptAsn1ParseTag (&buf, &length, &ti);
if((ret != 0) || (ti.tag != TAG_SEQUENCE) || ti.class || !ti.cons || ti.ndef) {
xmlSecInternalError2("xmlSecGCryptAsn1ParseTag", NULL,
- "TAG_SEQUENCE is expected: tag=%d", (int)ti.tag);
+ "TAG_SEQUENCE is expected: tag=%lu", ti.tag);
return(-1);
}
if((ret != 0) || (ti.tag != TAG_INTEGER) || ti.class || ti.cons || ti.ndef)
{
xmlSecInternalError3("xmlSecGCryptAsn1ParseTag", NULL,
- "TAG_INTEGER is expected - index=%d, tag=%d",
- (int)idx, (int)ti.tag);
+ "TAG_INTEGER is expected - index=%d, tag=%lu", idx, ti.tag);
return(-1);
}
/* did we parse everything? */
if(length > 0) {
xmlSecInternalError3("xmlSecGCryptAsn1ParseTag", NULL,
- "too many params - cur=%d, expected=%d",
- (int)(idx - 1), (int)params_size);
+ "too many params - cur=%d, expected=%d", (idx - 1), params_size);
return(-1);
}
/* done */
*buffer = buf;
- *buflen = length;
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(length, (*buflen), return(-1), NULL);
return(idx);
}
gcry_sexp_t s_priv_key = NULL;
gcry_error_t err;
gcry_mpi_t keyparms[20];
- int keyparms_num;
+ xmlSecSize keyparms_num;
unsigned int idx;
int ret;
xmlSecInternalError("xmlSecGCryptAsn1ParseIntegerSequence", NULL);
goto done;
}
- keyparms_num = ret;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, keyparms_num, goto done, NULL);
/* The value of the first integer should be 0. */
if ((keyparms_num < 1) || (gcry_mpi_cmp_ui(keyparms[0], 0) != 0)) {
xmlSecInternalError2("xmlSecGCryptAsn1ParseTag", NULL,
- "num=%d", (int)keyparms_num);
+ "num=" XMLSEC_SIZE_FMT, keyparms_num);
goto done;
}
/* do we need to guess the key type? not robust but the best we can do */
if(type == xmlSecGCryptDerKeyTypeAuto) {
switch(keyparms_num) {
- case 3:
+ case 3U:
/* Public RSA */
type = xmlSecGCryptDerKeyTypePublicRsa;
break;
- case 5:
+ case 5U:
/* Public DSA */
type = xmlSecGCryptDerKeyTypePublicDsa;
break;
- case 6:
+ case 6U:
/* Private DSA */
type = xmlSecGCryptDerKeyTypePrivateDsa;
break;
- case 9:
+ case 9U:
/* Private RSA */
type = xmlSecGCryptDerKeyTypePrivateRsa;
break;
default:
/* unknown */
- xmlSecInvalidIntegerDataError("keyparms_num", keyparms_num,
- "the number of parameters matching key type", NULL);
+ xmlSecInvalidSizeDataError("keyparms_num", keyparms_num,
+ "the number of parameters matching key type", NULL);
goto done;
}
}
-
switch(type) {
#ifndef XMLSEC_NO_DSA
case xmlSecGCryptDerKeyTypePrivateDsa:
/* check we have enough params */
- if(keyparms_num != 6) {
+ if(keyparms_num != 6U) {
xmlSecInvalidSizeError("Private DSA key params",
- keyparms_num, 6, NULL);
+ keyparms_num, (xmlSecSize)6U, NULL);
goto done;
}
case xmlSecGCryptDerKeyTypePublicDsa:
/* check we have enough params */
- if(keyparms_num != 5) {
+ if(keyparms_num != 5U) {
xmlSecInvalidSizeError("Public DSA key params",
- keyparms_num, 5, NULL);
+ keyparms_num, (xmlSecSize)5U, NULL);
goto done;
}
#ifndef XMLSEC_NO_RSA
case xmlSecGCryptDerKeyTypePrivateRsa:
/* check we have enough params */
- if(keyparms_num != 9) {
+ if(keyparms_num != 9U) {
xmlSecInvalidSizeError("Private RSA key params",
- keyparms_num, 9, NULL);
+ (xmlSecSize)keyparms_num, (xmlSecSize)9U, NULL);
goto done;
}
/* Convert from OpenSSL parameter ordering to the OpenPGP order. */
/* (http://gnupg.10057.n7.nabble.com/RSA-PKCS-1-signing-differs-from-OpenSSL-s-td27920.html) */
- /* First check that p < q; if not swap p and q and recompute u. */
+ /* First check that p < q; if not swap p and q and recompute u. */
if (gcry_mpi_cmp (keyparms[4], keyparms[5]) > 0) {
gcry_mpi_swap (keyparms[4], keyparms[5]);
gcry_mpi_invm (keyparms[8], keyparms[4], keyparms[5]);
case xmlSecGCryptDerKeyTypePublicRsa:
/* check we have enough params */
- if(keyparms_num != 3) {
+ if(keyparms_num != 3U) {
xmlSecInvalidSizeError("Public RSA key params",
- keyparms_num, 3, NULL);
+ keyparms_num, (xmlSecSize)3U, NULL);
goto done;
}
#endif /* XMLSEC_NO_RSA */
default:
- xmlSecInvalidIntegerTypeError("key_type", type, "supported key type", NULL);
+ xmlSecUnsupportedEnumValueError("key_type", type, NULL);
goto done;
break;
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GCRYPT_ASN1_H__
#define __XMLSEC_GCRYPT_ASN1_H__
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:asymkeys
#include <gcrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/base64.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/gcrypt/crypto.h>
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+
/**************************************************************************
*
* Helpers
/******************************************************************************
*
- * Asym key (dsa/rsa)
- *
- * xmlSecGCryptAsymKeyDataCtx is located after xmlSecTransform
+ * GCrypt asym key data (dsa/rsa)
*
*****************************************************************************/
-#define xmlSecGCryptAsymKeyDataSize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecGCryptAsymKeyDataCtx))
-#define xmlSecGCryptAsymKeyDataGetCtx(data) \
- ((xmlSecGCryptAsymKeyDataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+XMLSEC_KEY_DATA_DECLARE(GCryptAsymKeyData, xmlSecGCryptAsymKeyDataCtx)
+#define xmlSecGCryptAsymKeyDataSize XMLSEC_KEY_DATA_SIZE(GCryptAsymKeyData)
static int xmlSecGCryptAsymKeyDataInitialize (xmlSecKeyDataPtr data);
static int xmlSecGCryptAsymKeyDataDuplicate (xmlSecKeyDataPtr dst,
ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
xmlSecAssert2(ctx != NULL, -1);
- /* split the key pair, public part should be always present, private might
+ /* split the key pair, public part should be always present, private might
not be present */
pub_key = gcry_sexp_find_token(key_pair, "public-key", 0);
if(pub_key == NULL) {
- xmlSecGCryptError("gcry_sexp_find_token(public-key)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_find_token(public-key)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
priv_key = gcry_sexp_find_token(key_pair, "private-key", 0);
gcry_sexp_t key_spec = NULL;
gcry_sexp_t key_pair = NULL;
gcry_error_t err;
+ int key_len;
int ret;
int res = -1;
ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
xmlSecAssert2(ctx != NULL, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(key_size, key_len, goto done, NULL);
+
err = gcry_sexp_build(&key_spec, NULL,
"(genkey (%s (nbits %d)(transient-key)))",
- alg, (int)key_size);
+ alg, key_len);
if((err != GPG_ERR_NO_ERROR) || (key_spec == NULL)) {
xmlSecGCryptError("gcry_sexp_build(genkey)", err, NULL);
goto done;
size = gcry_sexp_sprint(pKey, GCRYSEXP_FMT_ADVANCED, NULL, 0);
if(size == 0) {
- xmlSecGCryptError("gcry_sexp_sprint", GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_sprint", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
size = gcry_sexp_sprint(pKey, GCRYSEXP_FMT_ADVANCED, buf, size);
if(size == 0) {
- xmlSecGCryptError2("gcry_sexp_sprint", GPG_ERR_NO_ERROR, NULL,
- "size=%lu", (unsigned long)size);
+ xmlSecGCryptError2("gcry_sexp_sprint", (gcry_error_t)GPG_ERR_NO_ERROR, NULL,
+ "size" XMLSEC_SIZE_T_FMT, size);
goto done;
}
}
/**
- * xmlSecGCryptNodeGetMpiValue:
- * @cur: the pointer to an XML node.
- *
- * Converts the node content from CryptoBinary format
- * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
- * to a BIGNUM. If no BIGNUM buffer provided then a new
- * BIGNUM is created (caller is responsible for freeing it).
- *
- * Returns: a pointer to MPI produced from CryptoBinary string
- * or NULL if an error occurs.
- */
-static gcry_mpi_t
-xmlSecGCryptNodeGetMpiValue(const xmlNodePtr cur) {
- xmlSecBuffer buf;
- gcry_mpi_t res = NULL;
- gcry_error_t err;
- int ret;
-
- xmlSecAssert2(cur != NULL, NULL);
-
- ret = xmlSecBufferInitialize(&buf, 128);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize", NULL);
- return(NULL);
- }
-
- ret = xmlSecBufferBase64NodeContentRead(&buf, cur);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferBase64NodeContentRead", NULL);
- xmlSecBufferFinalize(&buf);
- return(NULL);
- }
-
- err = gcry_mpi_scan(&res, GCRYMPI_FMT_USG,
- xmlSecBufferGetData(&buf),
- xmlSecBufferGetSize(&buf),
- NULL);
- if((err != GPG_ERR_NO_ERROR) || (res == NULL)) {
- xmlSecGCryptError("gcry_mpi_scan", err, NULL);
- xmlSecBufferFinalize(&buf);
- return(NULL);
- }
-
- /* done */
- xmlSecBufferFinalize(&buf);
- return(res);
-}
-
-/**
- * xmlSecGCryptNodeSetMpiValue:
- * @cur: the pointer to an XML node.
- * @a: the mpi value
+ * xmlSecGCryptSetSExpTokValue:
+ * @sexp: the sexp
+ * @tok: the token
+ * @buf: the output buffer.
* @addLineBreaks: if the flag is equal to 1 then
* linebreaks will be added before and after
* new buffer content.
*
* Converts MPI to CryptoBinary string
- * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
- * and sets it as the content of the given node. If the
- * addLineBreaks is set then line breaks are added
- * before and after the CryptoBinary string.
+ * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary).
*
* Returns: 0 on success or -1 otherwise.
*/
static int
-xmlSecGCryptNodeSetMpiValue(xmlNodePtr cur, const gcry_mpi_t a, int addLineBreaks) {
- xmlSecBuffer buf;
- gcry_error_t err;
+xmlSecGCryptSetSExpTokValue(const gcry_sexp_t sexp, const char * tok,
+ xmlSecBufferPtr buf)
+{
+ gcry_sexp_t val = NULL;
+ gcry_mpi_t mpi = NULL;
+ xmlSecSize writtenSize;
size_t written = 0;
+ gcry_error_t err;
int ret;
+ int res = -1;
- xmlSecAssert2(a != NULL, -1);
- xmlSecAssert2(cur != NULL, -1);
+ xmlSecAssert2(sexp != NULL, -1);
+ xmlSecAssert2(tok != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
- written = 0;
- err = gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &written, a);
- if((err != GPG_ERR_NO_ERROR) || (written == 0)) {
- xmlSecGCryptError("gcry_mpi_print", err, NULL);
- return(-1);
+ val = gcry_sexp_find_token(sexp, tok, 0);
+ if(val == NULL) {
+ xmlSecGCryptError2("gcry_sexp_find_token", (gcry_error_t)GPG_ERR_NO_ERROR, NULL,
+ "tok=%s", xmlSecErrorsSafeString(tok));
+ goto done;
}
- ret = xmlSecBufferInitialize(&buf, written + 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize", NULL,
- "size=%d", (int)written + 1);
- return(-1);
+ mpi = gcry_sexp_nth_mpi(val, 1, GCRYMPI_FMT_USG);
+ if(mpi == NULL) {
+ xmlSecGCryptError2("gcry_sexp_nth_mpi", (gcry_error_t)GPG_ERR_NO_ERROR, NULL,
+ "tok=%s", xmlSecErrorsSafeString(tok));
+ goto done;
}
+ /* get the estimated size for output buffer */
written = 0;
- err = gcry_mpi_print(GCRYMPI_FMT_USG,
- xmlSecBufferGetData(&buf),
- xmlSecBufferGetMaxSize(&buf),
- &written, a);
+ err = gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &written, mpi);
if((err != GPG_ERR_NO_ERROR) || (written == 0)) {
- xmlSecGCryptError("gcry_mpi_print", err, NULL);
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
-
- ret = xmlSecBufferSetSize(&buf, written);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL,
- "size=%d", (int)written);
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
-
- if(addLineBreaks) {
- xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
- } else {
- xmlNodeSetContent(cur, xmlSecStringEmpty);
+ xmlSecGCryptError2("gcry_mpi_print", err, NULL,
+ "tok=%s", xmlSecErrorsSafeString(tok));
+ goto done;
}
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(written, writtenSize, goto done, NULL);
- ret = xmlSecBufferBase64NodeContentWrite(&buf, cur, xmlSecBase64GetDefaultLineSize());
+ /* allocate the output buffer */
+ ret = xmlSecBufferSetMaxSize(buf, writtenSize + 1);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferBase64NodeContentWrite", NULL);
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
-
- if(addLineBreaks) {
- xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, (writtenSize + 1));
+ goto done;
}
- xmlSecBufferFinalize(&buf);
- return(0);
-}
-
-/**
- * xmlSecGCryptNodeSetSExpTokValue:
- * @cur: the pointer to an XML node.
- * @sexp: the sexp
- * @tok: the token
- * @addLineBreaks: if the flag is equal to 1 then
- * linebreaks will be added before and after
- * new buffer content.
- *
- * Converts MPI to CryptoBinary string
- * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
- * and sets it as the content of the given node. If the
- * addLineBreaks is set then line breaks are added
- * before and after the CryptoBinary string.
- *
- * Returns: 0 on success or -1 otherwise.
- */
-static int
-xmlSecGCryptNodeSetSExpTokValue(xmlNodePtr cur, const gcry_sexp_t sexp,
- const char * tok, int addLineBreaks)
-{
- gcry_sexp_t val = NULL;
- gcry_mpi_t mpi = NULL;
- int res = -1;
-
- xmlSecAssert2(cur != NULL, -1);
- xmlSecAssert2(sexp != NULL, -1);
- xmlSecAssert2(tok != NULL, -1);
-
- val = gcry_sexp_find_token(sexp, tok, 0);
- if(val == NULL) {
- xmlSecGCryptError2("gcry_sexp_find_token", GPG_ERR_NO_ERROR, NULL,
+ /* write to the buffer */
+ written = 0;
+ err = gcry_mpi_print(GCRYMPI_FMT_USG,
+ xmlSecBufferGetData(buf),
+ xmlSecBufferGetMaxSize(buf),
+ &written, mpi);
+ if((err != GPG_ERR_NO_ERROR) || (written == 0)) {
+ xmlSecGCryptError2("gcry_mpi_print", err, NULL,
"tok=%s", xmlSecErrorsSafeString(tok));
goto done;
}
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(written, writtenSize, goto done, NULL);
- mpi = gcry_sexp_nth_mpi(val, 1, GCRYMPI_FMT_USG);
- if(mpi == NULL) {
- xmlSecGCryptError("gcry_sexp_nth_mpi", GPG_ERR_NO_ERROR, NULL);
+ ret = xmlSecBufferSetSize(buf, writtenSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, writtenSize);
goto done;
}
- /* almost done */
- res = xmlSecGCryptNodeSetMpiValue(cur, mpi, addLineBreaks);
+ /* success */
+ res = 0;
done:
if(mpi != NULL) {
static void xmlSecGCryptKeyDataDsaDebugXmlDump (xmlSecKeyDataPtr data,
FILE* output);
+static xmlSecKeyDataPtr xmlSecGCryptKeyDataDsaRead (xmlSecKeyDataId id,
+ xmlSecKeyValueDsaPtr dsaValue);
+static int xmlSecGCryptKeyDataDsaWrite (xmlSecKeyDataId id,
+ xmlSecKeyDataPtr data,
+ xmlSecKeyValueDsaPtr dsaValue,
+ int writePrivateKey);
+
static xmlSecKeyDataKlass xmlSecGCryptKeyDataDsaKlass = {
sizeof(xmlSecKeyDataKlass),
xmlSecGCryptAsymKeyDataSize,
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "=== dsa key: size = %d\n",
+ fprintf(output, "=== dsa key: size = " XMLSEC_SIZE_FMT "\n",
xmlSecGCryptKeyDataDsaGetSize(data));
}
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "<DSAKeyValue size=\"%d\" />\n",
+ fprintf(output, "<DSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
xmlSecGCryptKeyDataDsaGetSize(data));
}
xmlNodePtr node,
xmlSecKeyInfoCtxPtr keyInfoCtx)
{
- xmlNodePtr cur;
+ xmlSecAssert2(id == xmlSecGCryptKeyDataDsaId, -1);
+ return(xmlSecKeyDataDsaXmlRead(id, key, node, keyInfoCtx,
+ xmlSecGCryptKeyDataDsaRead));
+}
+
+static int
+xmlSecGCryptKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecGCryptKeyDataDsaId, -1);
+ return(xmlSecKeyDataDsaXmlWrite(id, key, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecGCryptKeyDataDsaWrite));
+}
+
+static xmlSecKeyDataPtr
+xmlSecGCryptKeyDataDsaRead(xmlSecKeyDataId id, xmlSecKeyValueDsaPtr dsaValue) {
xmlSecKeyDataPtr data = NULL;
+ xmlSecKeyDataPtr res = NULL;
gcry_mpi_t p = NULL;
gcry_mpi_t q = NULL;
gcry_mpi_t g = NULL;
gcry_sexp_t pub_key = NULL;
gcry_sexp_t priv_key = NULL;
gcry_error_t err;
- int res = -1;
int ret;
- xmlSecAssert2(id == xmlSecGCryptKeyDataDsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(xmlSecKeyGetValue(key) != NULL) {
- xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
- xmlSecKeyDataKlassGetName(id),
- "key already has a value");
- goto done;
- }
-
- cur = xmlSecGetNextElementNode(node->children);
+ xmlSecAssert2(id == xmlSecGCryptKeyDataDsaId, NULL);
+ xmlSecAssert2(dsaValue != NULL, NULL);
- /* first is P node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAP, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAP, xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- p = xmlSecGCryptNodeGetMpiValue(cur);
- if(p == NULL) {
- xmlSecInternalError("xmlSecGCryptNodeGetMpiValue(NodeDSAP)",
- xmlSecKeyDataKlassGetName(id));
+ /*** p ***/
+ err = gcry_mpi_scan(&p, GCRYMPI_FMT_USG,
+ xmlSecBufferGetData(&(dsaValue->p)), xmlSecBufferGetSize(&(dsaValue->p)),
+ NULL);
+ if((err != GPG_ERR_NO_ERROR) || (p == NULL)) {
+ xmlSecGCryptError("gcry_mpi_scan(p)", err,
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
- cur = xmlSecGetNextElementNode(cur->next);
- /* next is Q node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAQ, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAQ, xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- q = xmlSecGCryptNodeGetMpiValue(cur);
- if(q == NULL) {
- xmlSecInternalError("xmlSecGCryptNodeGetMpiValue(NodeDSAQ)",
- xmlSecKeyDataKlassGetName(id));
+ /*** q ***/
+ err = gcry_mpi_scan(&q, GCRYMPI_FMT_USG,
+ xmlSecBufferGetData(&(dsaValue->q)), xmlSecBufferGetSize(&(dsaValue->q)),
+ NULL);
+ if((err != GPG_ERR_NO_ERROR) || (q == NULL)) {
+ xmlSecGCryptError("gcry_mpi_scan(q)", err,
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
- cur = xmlSecGetNextElementNode(cur->next);
- /* next is G node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAG, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAG, xmlSecKeyDataKlassGetName(id));
+ /*** g ***/
+ err = gcry_mpi_scan(&g, GCRYMPI_FMT_USG,
+ xmlSecBufferGetData(&(dsaValue->g)), xmlSecBufferGetSize(&(dsaValue->g)),
+ NULL);
+ if((err != GPG_ERR_NO_ERROR) || (g == NULL)) {
+ xmlSecGCryptError("gcry_mpi_scan(g)", err,
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
- g = xmlSecGCryptNodeGetMpiValue(cur);
- if(g == NULL) {
- xmlSecInternalError("xmlSecGCryptNodeGetMpiValue(NodeDSAG)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAX, xmlSecNs))) {
- /* next is X node. It is REQUIRED for private key but
- * we are not sure exactly what do we read */
- x = xmlSecGCryptNodeGetMpiValue(cur);
- if(x == NULL) {
- xmlSecInternalError("xmlSecGCryptNodeGetMpiValue(NodeDSAX)",
- xmlSecKeyDataKlassGetName(id));
+ /*** x (only for private key) ***/
+ if(xmlSecBufferGetSize(&(dsaValue->x)) > 0) {
+ err = gcry_mpi_scan(&x, GCRYMPI_FMT_USG,
+ xmlSecBufferGetData(&(dsaValue->x)), xmlSecBufferGetSize(&(dsaValue->x)),
+ NULL);
+ if((err != GPG_ERR_NO_ERROR) || (x == NULL)) {
+ xmlSecGCryptError("gcry_mpi_scan(x)", err,
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
- cur = xmlSecGetNextElementNode(cur->next);
}
- /* next is Y node. */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAY, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAY, xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- y = xmlSecGCryptNodeGetMpiValue(cur);
- if(y == NULL) {
- xmlSecInternalError("xmlSecGCryptNodeGetMpiValue(NodeDSAY)",
- xmlSecKeyDataKlassGetName(id));
+ /*** y ***/
+ err = gcry_mpi_scan(&y, GCRYMPI_FMT_USG,
+ xmlSecBufferGetData(&(dsaValue->y)), xmlSecBufferGetSize(&(dsaValue->y)),
+ NULL);
+ if((err != GPG_ERR_NO_ERROR) || (y == NULL)) {
+ xmlSecGCryptError("gcry_mpi_scan(y)", err,
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* todo: add support for J */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAJ, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
- /* todo: add support for seed */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSASeed, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* todo: add support for pgencounter */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAPgenCounter, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataKlassGetName(id));
- goto done;
- }
+ /* todo: add support for J , seed, pgencounter */
/* Convert from OpenSSL parameter ordering to the OpenPGP order. */
/* First check that x < y; if not swap x and y */
p, q, g, y);
if((err != GPG_ERR_NO_ERROR) || (pub_key == NULL)) {
xmlSecGCryptError("gcry_sexp_build(public)", err,
- xmlSecKeyDataGetName(data));
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
if(x != NULL) {
p, q, g, x, y);
if((err != GPG_ERR_NO_ERROR) || (priv_key == NULL)) {
xmlSecGCryptError("gcry_sexp_build(private)", err,
- xmlSecKeyDataGetName(data));
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
}
data = xmlSecKeyDataCreate(id);
if(data == NULL ) {
xmlSecInternalError("xmlSecKeyDataCreate",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
ret = xmlSecGCryptKeyDataDsaAdoptKeyPair(data, pub_key, priv_key);
if(ret < 0) {
xmlSecInternalError("xmlSecGCryptKeyDataDsaAdoptKeyPair",
- xmlSecKeyDataGetName(data));
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
pub_key = NULL; /* pub_key is owned by data now */
priv_key = NULL; /* priv_key is owned by data now */
- /* set key */
- ret = xmlSecKeySetValue(key, data);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(data));
- goto done;
- }
- data = NULL; /* data is owned by key now */
-
/* success */
- res = 0;
+ res = data;
+ data = NULL;
done:
/* cleanup */
}
static int
-xmlSecGCryptKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlNodePtr cur;
+xmlSecGCryptKeyDataDsaWrite(xmlSecKeyDataId id, xmlSecKeyDataPtr data,
+ xmlSecKeyValueDsaPtr dsaValue, int writePrivateKey) {
gcry_sexp_t pub_priv_key;
gcry_sexp_t dsa = NULL;
int private = 0;
int ret;
xmlSecAssert2(id == xmlSecGCryptKeyDataDsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecGCryptKeyDataDsaId), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
- /* we can have only private key or public key */
- return(0);
- }
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId), -1);
+ xmlSecAssert2(dsaValue != NULL, -1);
/* find the private or public key */
- pub_priv_key = xmlSecGCryptKeyDataDsaGetPrivateKey(xmlSecKeyGetValue(key));
+ pub_priv_key = xmlSecGCryptKeyDataDsaGetPrivateKey(data);
if(pub_priv_key == NULL) {
- pub_priv_key = xmlSecGCryptKeyDataDsaGetPublicKey(xmlSecKeyGetValue(key));
+ pub_priv_key = xmlSecGCryptKeyDataDsaGetPublicKey(data);
if(pub_priv_key == NULL) {
xmlSecInternalError("xmlSecGCryptKeyDataDsaGetPublicKey()",
xmlSecKeyDataKlassGetName(id));
dsa = gcry_sexp_find_token(pub_priv_key, "dsa", 0);
if(dsa == NULL) {
- xmlSecGCryptError("gcry_sexp_find_token(dsa)", GPG_ERR_NO_ERROR,
+ xmlSecGCryptError("gcry_sexp_find_token(dsa)", (gcry_error_t)GPG_ERR_NO_ERROR,
xmlSecKeyDataKlassGetName(id));
goto done;
}
- /* first is P node */
- cur = xmlSecAddChild(node, xmlSecNodeDSAP, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAP)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- ret = xmlSecGCryptNodeSetSExpTokValue(cur, dsa, "p", 1);
+ /*** p ***/
+ ret = xmlSecGCryptSetSExpTokValue(dsa, "p", &(dsaValue->p));
if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptNodeSetSExpTokValue(NodeDSAP)",
+ xmlSecInternalError("xmlSecGCryptSetSExpTokValue(p)",
xmlSecKeyDataKlassGetName(id));
goto done;
}
- /* next is Q node. */
- cur = xmlSecAddChild(node, xmlSecNodeDSAQ, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAQ)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- ret = xmlSecGCryptNodeSetSExpTokValue(cur, dsa, "q", 1);
+ /*** q ***/
+ ret = xmlSecGCryptSetSExpTokValue(dsa, "q", &(dsaValue->q));
if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptNodeSetSExpTokValue(NodeDSAQ)",
+ xmlSecInternalError("xmlSecGCryptSetSExpTokValue(q)",
xmlSecKeyDataKlassGetName(id));
goto done;
}
- /* next is G node. */
- cur = xmlSecAddChild(node, xmlSecNodeDSAG, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAG)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- ret = xmlSecGCryptNodeSetSExpTokValue(cur, dsa, "g", 1);
+ /*** g ***/
+ ret = xmlSecGCryptSetSExpTokValue(dsa, "g", &(dsaValue->g));
if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptNodeSetSExpTokValue(NodeDSAG)",
+ xmlSecInternalError("xmlSecGCryptSetSExpTokValue(g)",
xmlSecKeyDataKlassGetName(id));
goto done;
}
- /* next is X node: write it ONLY for private keys and ONLY if it is requested */
- if(((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) && (private != 0)) {
- cur = xmlSecAddChild(node, xmlSecNodeDSAX, xmlSecNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAX)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- ret = xmlSecGCryptNodeSetSExpTokValue(cur, dsa, "x", 1);
+ /*** x (only if available and requested) ***/
+ if((writePrivateKey != 0) && (private != 0)) {
+ ret = xmlSecGCryptSetSExpTokValue(dsa, "x", &(dsaValue->x));
if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptNodeSetSExpTokValue(NodeDSAX)",
+ xmlSecInternalError("xmlSecGCryptSetSExpTokValue(x)",
xmlSecKeyDataKlassGetName(id));
goto done;
}
}
- /* next is Y node. */
- cur = xmlSecAddChild(node, xmlSecNodeDSAY, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAY)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- ret = xmlSecGCryptNodeSetSExpTokValue(cur, dsa, "y", 1);
+ /*** y ***/
+ ret = xmlSecGCryptSetSExpTokValue(dsa, "y", &(dsaValue->y));
if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptNodeSetSExpTokValue(NodeDSAY)",
+ xmlSecInternalError("xmlSecGCryptSetSExpTokValue(y)",
xmlSecKeyDataKlassGetName(id));
goto done;
}
if(dsa != NULL) {
gcry_sexp_release(dsa);
}
-
return(res);
}
+
#endif /* XMLSEC_NO_DSA */
xmlSecKeyDataType type);
static xmlSecKeyDataType xmlSecGCryptKeyDataRsaGetType (xmlSecKeyDataPtr data);
-static xmlSecSize xmlSecGCryptKeyDataRsaGetSize (xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecGCryptKeyDataRsaGetSize (xmlSecKeyDataPtr data);
static void xmlSecGCryptKeyDataRsaDebugDump (xmlSecKeyDataPtr data,
FILE* output);
static void xmlSecGCryptKeyDataRsaDebugXmlDump (xmlSecKeyDataPtr data,
FILE* output);
+
+static xmlSecKeyDataPtr xmlSecGCryptKeyDataRsaRead (xmlSecKeyDataId id,
+ xmlSecKeyValueRsaPtr rsaValue);
+static int xmlSecGCryptKeyDataRsaWrite (xmlSecKeyDataId id,
+ xmlSecKeyDataPtr data,
+ xmlSecKeyValueRsaPtr rsaValue,
+ int writePrivateKey);
+
static xmlSecKeyDataKlass xmlSecGCryptKeyDataRsaKlass = {
sizeof(xmlSecKeyDataKlass),
xmlSecGCryptAsymKeyDataSize,
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "=== rsa key: size = %d\n",
+ fprintf(output, "=== rsa key: size = " XMLSEC_SIZE_FMT "\n",
xmlSecGCryptKeyDataRsaGetSize(data));
}
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
+ fprintf(output, "<RSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
xmlSecGCryptKeyDataRsaGetSize(data));
}
static int
xmlSecGCryptKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlNodePtr cur;
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecGCryptKeyDataRsaId, -1);
+ return(xmlSecKeyDataRsaXmlRead(id, key, node, keyInfoCtx, xmlSecGCryptKeyDataRsaRead));
+}
+
+static int
+xmlSecGCryptKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecGCryptKeyDataRsaId, -1);
+ return(xmlSecKeyDataRsaXmlWrite(id, key, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecGCryptKeyDataRsaWrite));
+}
+
+static xmlSecKeyDataPtr
+xmlSecGCryptKeyDataRsaRead(xmlSecKeyDataId id, xmlSecKeyValueRsaPtr rsaValue) {
xmlSecKeyDataPtr data = NULL;
- gcry_mpi_t n = NULL;
- gcry_mpi_t e = NULL;
- gcry_mpi_t d = NULL;
+ xmlSecKeyDataPtr res = NULL;
+ gcry_mpi_t modulus = NULL;
+ gcry_mpi_t publicExponent = NULL;
+ gcry_mpi_t privateExponent = NULL;
gcry_sexp_t pub_key = NULL;
gcry_sexp_t priv_key = NULL;
gcry_error_t err;
- int res = -1;
int ret;
- xmlSecAssert2(id == xmlSecGCryptKeyDataRsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(xmlSecKeyGetValue(key) != NULL) {
- xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
- xmlSecKeyDataKlassGetName(id),
- "key already has a value");
+ xmlSecAssert2(id == xmlSecGCryptKeyDataRsaId, NULL);
+ xmlSecAssert2(rsaValue != NULL, NULL);
+
+ /*** Modulus ***/
+ err = gcry_mpi_scan(&modulus, GCRYMPI_FMT_USG,
+ xmlSecBufferGetData(&(rsaValue->modulus)),
+ xmlSecBufferGetSize(&(rsaValue->modulus)),
+ NULL);
+ if((err != GPG_ERR_NO_ERROR) || (modulus == NULL)) {
+ xmlSecGCryptError("gcry_mpi_scan(Modulus)", err,
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
- cur = xmlSecGetNextElementNode(node->children);
-
- /* first is Modulus node. It is REQUIRED */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAModulus, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeRSAModulus, xmlSecKeyDataKlassGetName(id));
+ /*** Exponent ***/
+ err = gcry_mpi_scan(&publicExponent, GCRYMPI_FMT_USG,
+ xmlSecBufferGetData(&(rsaValue->publicExponent)),
+ xmlSecBufferGetSize(&(rsaValue->publicExponent)),
+ NULL);
+ if((err != GPG_ERR_NO_ERROR) || (publicExponent == NULL)) {
+ xmlSecGCryptError("gcry_mpi_scan(Exponent)", err,
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
- n = xmlSecGCryptNodeGetMpiValue(cur);
- if(n == NULL) {
- xmlSecInternalError("xmlSecGCryptNodeGetMpiValue(NodeRSAModulus)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
- /* next is Exponent node. It is REQUIRED */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAExponent, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeRSAExponent, xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- e = xmlSecGCryptNodeGetMpiValue(cur);
- if(e == NULL) {
- xmlSecInternalError("xmlSecGCryptNodeGetMpiValue(NodeRSAExponent)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeRSAPrivateExponent, xmlSecNs))) {
- /* next is PrivateExponent node. It is REQUIRED for private key */
- d = xmlSecGCryptNodeGetMpiValue(cur);
- if(d == NULL) {
- xmlSecInternalError("xmlSecGCryptNodeGetMpiValue(NodeRSAPrivateExponent)",
- xmlSecKeyDataKlassGetName(id));
+ /*** PrivateExponent (only for private key) ***/
+ if(xmlSecBufferGetSize(&(rsaValue->privateExponent)) > 0) {
+ err = gcry_mpi_scan(&privateExponent, GCRYMPI_FMT_USG,
+ xmlSecBufferGetData(&(rsaValue->privateExponent)),
+ xmlSecBufferGetSize(&(rsaValue->privateExponent)),
+ NULL);
+ if((err != GPG_ERR_NO_ERROR) || (privateExponent == NULL)) {
+ xmlSecGCryptError("gcry_mpi_scan(PrivateExponent)", err,
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataKlassGetName(id));
- goto done;
}
/* construct pub/priv key pairs */
err = gcry_sexp_build(&pub_key, NULL,
"(public-key(rsa(n%m)(e%m)))",
- n, e);
+ modulus, publicExponent);
if((err != GPG_ERR_NO_ERROR) || (pub_key == NULL)) {
xmlSecGCryptError("gcry_sexp_build(public)", err,
xmlSecKeyDataGetName(data));
goto done;
}
- if(d != NULL) {
+ if(privateExponent != NULL) {
err = gcry_sexp_build(&priv_key, NULL,
"(private-key(rsa(n%m)(e%m)(d%m)))",
- n, e, d);
+ modulus, publicExponent, privateExponent);
if((err != GPG_ERR_NO_ERROR) || (priv_key == NULL)) {
xmlSecGCryptError("gcry_sexp_build(private)", err,
xmlSecKeyDataGetName(data));
}
}
-
/* create key data */
data = xmlSecKeyDataCreate(id);
if(data == NULL ) {
pub_key = NULL; /* pub_key is owned by data now */
priv_key = NULL; /* priv_key is owned by data now */
- /* set key */
- ret = xmlSecKeySetValue(key, data);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(data));
- goto done;
- }
- data = NULL; /* data is owned by key now */
-
-
/* success */
- res = 0;
+ res = data;
+ data = NULL;
done:
/* cleanup */
- if(n != NULL) {
- gcry_mpi_release(n);
+ if(modulus != NULL) {
+ gcry_mpi_release(modulus);
}
- if(e != NULL) {
- gcry_mpi_release(e);
+ if(publicExponent != NULL) {
+ gcry_mpi_release(publicExponent);
}
- if(d != NULL) {
- gcry_mpi_release(d);
+ if(privateExponent != NULL) {
+ gcry_mpi_release(privateExponent);
}
if(pub_key != NULL) {
xmlSecKeyDataDestroy(data);
}
return(res);
-
}
static int
-xmlSecGCryptKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlNodePtr cur;
+xmlSecGCryptKeyDataRsaWrite(xmlSecKeyDataId id, xmlSecKeyDataPtr data,
+ xmlSecKeyValueRsaPtr rsaValue, int writePrivateKey) {
gcry_sexp_t pub_priv_key;
gcry_sexp_t rsa = NULL;
int private = 0;
int ret;
xmlSecAssert2(id == xmlSecGCryptKeyDataRsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecGCryptKeyDataRsaId), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
- /* we can have only private key or public key */
- return(0);
- }
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId), -1);
+ xmlSecAssert2(rsaValue != NULL, -1);
/* find the private or public key */
- pub_priv_key = xmlSecGCryptKeyDataRsaGetPrivateKey(xmlSecKeyGetValue(key));
+ pub_priv_key = xmlSecGCryptKeyDataRsaGetPrivateKey(data);
if(pub_priv_key == NULL) {
- pub_priv_key = xmlSecGCryptKeyDataRsaGetPublicKey(xmlSecKeyGetValue(key));
+ pub_priv_key = xmlSecGCryptKeyDataRsaGetPublicKey(data);
if(pub_priv_key == NULL) {
xmlSecInternalError("xmlSecGCryptKeyDataRsaGetPublicKey()",
xmlSecKeyDataKlassGetName(id));
rsa = gcry_sexp_find_token(pub_priv_key, "rsa", 0);
if(rsa == NULL) {
- xmlSecGCryptError("gcry_sexp_find_token(rsa)",
- GPG_ERR_NO_ERROR,
- xmlSecKeyDataKlassGetName(id));
+ xmlSecGCryptError("gcry_sexp_find_token(rsa)", (gcry_error_t)GPG_ERR_NO_ERROR,
+ xmlSecKeyDataKlassGetName(id));
goto done;
}
- /* first is Modulus node */
- cur = xmlSecAddChild(node, xmlSecNodeRSAModulus, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeRSAModulus)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- ret = xmlSecGCryptNodeSetSExpTokValue(cur, rsa, "n", 1);
+ /*** Modulus ***/
+ ret = xmlSecGCryptSetSExpTokValue(rsa, "n", &(rsaValue->modulus));
if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptNodeSetSExpTokValue(NodeRSAModulus)",
+ xmlSecInternalError("xmlSecGCryptSetSExpTokValue(Modulus)",
xmlSecKeyDataKlassGetName(id));
goto done;
}
- /* next is Exponent node. */
- cur = xmlSecAddChild(node, xmlSecNodeRSAExponent, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeRSAExponent)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- ret = xmlSecGCryptNodeSetSExpTokValue(cur, rsa, "e", 1);
+ /*** Exponent ***/
+ ret = xmlSecGCryptSetSExpTokValue(rsa, "e", &(rsaValue->publicExponent));
if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptNodeSetSExpTokValue(NodeRSAExponent)",
+ xmlSecInternalError("xmlSecGCryptSetSExpTokValue(Exponent)",
xmlSecKeyDataKlassGetName(id));
- goto done;
+ goto done;
}
- /* next is PrivateExponent node: write it ONLY for private keys and ONLY if it is requested */
- if(((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) && (private != 0)) {
- cur = xmlSecAddChild(node, xmlSecNodeRSAPrivateExponent, xmlSecNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeRSAPrivateExponent)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- ret = xmlSecGCryptNodeSetSExpTokValue(cur, rsa, "d", 1);
+ /*** PrivateExponent (only if available and requested) ***/
+ if((writePrivateKey != 0) && (private != 0)) {
+ ret = xmlSecGCryptSetSExpTokValue(rsa, "d", &(rsaValue->privateExponent));
if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptNodeSetSExpTokValue(NodeRSAPrivateExponent)",
+ xmlSecInternalError("xmlSecGCryptSetSExpTokValue(PrivateExponent)",
xmlSecKeyDataKlassGetName(id));
- goto done;
+ goto done;
}
}
return(res);
}
-
#endif /* XMLSEC_NO_RSA */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:ciphers
#include <xmlsec/gcrypt/crypto.h>
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+
/**************************************************************************
*
* Internal GCrypt Block cipher CTX
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
gcry_err_code_t err;
- int blockLen;
+ size_t blockLen;
+ xmlSecSize blockSize;
int ret;
xmlSecAssert2(ctx != NULL, -1);
/* iv len == block len */
blockLen = gcry_cipher_get_algo_blklen(ctx->cipher);
xmlSecAssert2(blockLen > 0, -1);
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(blockLen, blockSize, return(-1), cipherName);
if(encrypt) {
xmlSecByte* iv;
/* allocate space for IV */
outSize = xmlSecBufferGetSize(out);
- ret = xmlSecBufferSetSize(out, outSize + blockLen);
+ ret = xmlSecBufferSetSize(out, outSize + blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", outSize + blockLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + blockSize));
return(-1);
}
iv = xmlSecBufferGetData(out) + outSize;
gcry_randomize(iv, blockLen, GCRY_STRONG_RANDOM);
err = gcry_cipher_setiv(ctx->cipherCtx, iv, blockLen);
if(err != GPG_ERR_NO_ERROR) {
- xmlSecGCryptError("gcry_cipher_setiv", err,
- cipherName);
+ xmlSecGCryptError("gcry_cipher_setiv", err, cipherName);
return(-1);
}
} else {
/* if we don't have enough data, exit and hope that
* we'll have iv next time */
- if(xmlSecBufferGetSize(in) < (xmlSecSize)blockLen) {
+ if(xmlSecBufferGetSize(in) < blockSize) {
return(0);
}
xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
/* set iv */
err = gcry_cipher_setiv(ctx->cipherCtx, xmlSecBufferGetData(in), blockLen);
if(err != GPG_ERR_NO_ERROR) {
- xmlSecGCryptError("gcry_cipher_setiv", err,
- cipherName);
+ xmlSecGCryptError("gcry_cipher_setiv", err, cipherName);
return(-1);
}
/* and remove from input */
- ret = xmlSecBufferRemoveHead(in, blockLen);
+ ret = xmlSecBufferRemoveHead(in, blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", blockLen);
+ "size=" XMLSEC_SIZE_FMT, blockSize);
return(-1);
}
}
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
xmlSecSize inSize, inBlocks, outSize;
- int blockLen;
+ size_t blockLen;
+ xmlSecSize blockSize;
xmlSecByte* outBuf;
gcry_err_code_t err;
int ret;
blockLen = gcry_cipher_get_algo_blklen(ctx->cipher);
xmlSecAssert2(blockLen > 0, -1);
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(blockLen, blockSize, return(-1), cipherName);
inSize = xmlSecBufferGetSize(in);
outSize = xmlSecBufferGetSize(out);
- if(inSize < (xmlSecSize)blockLen) {
+ if(inSize < blockSize) {
return(0);
}
if(encrypt) {
- inBlocks = inSize / ((xmlSecSize)blockLen);
+ inBlocks = inSize / blockSize;
} else {
/* we want to have the last block in the input buffer
* for padding check */
- inBlocks = (inSize - 1) / ((xmlSecSize)blockLen);
+ inBlocks = (inSize - 1) / blockSize;
}
- inSize = inBlocks * ((xmlSecSize)blockLen);
+ inSize = inBlocks * blockSize;
/* we write out the input size plus may be one block */
- ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen);
+ ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", outSize + inSize + blockLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + inSize + blockSize));
return(-1);
}
outBuf = xmlSecBufferGetData(out) + outSize;
err = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
if(err != GPG_ERR_NO_ERROR) {
- xmlSecGCryptError("gcry_cipher_encrypt", err,
- cipherName);
+ xmlSecGCryptError("gcry_cipher_encrypt", err, cipherName);
return(-1);
}
} else {
err = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
if(err != GPG_ERR_NO_ERROR) {
- xmlSecGCryptError("gcry_cipher_decrypt", err,
- cipherName);
+ xmlSecGCryptError("gcry_cipher_decrypt", err, cipherName);
return(-1);
}
}
ret = xmlSecBufferSetSize(out, outSize + inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", outSize + inSize);
+ "size=" XMLSEC_SIZE_FMT, (outSize + inSize));
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
return(0);
int encrypt,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
- xmlSecSize inSize, outSize;
- int blockLen, outLen = 0;
+ xmlSecSize inSize, outSize, outSize2, blockSize;
+ size_t blockLen;
xmlSecByte* inBuf;
xmlSecByte* outBuf;
gcry_err_code_t err;
blockLen = gcry_cipher_get_algo_blklen(ctx->cipher);
xmlSecAssert2(blockLen > 0, -1);
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(blockLen, blockSize, return(-1), cipherName);
inSize = xmlSecBufferGetSize(in);
outSize = xmlSecBufferGetSize(out);
if(encrypt != 0) {
- xmlSecAssert2(inSize < (xmlSecSize)blockLen, -1);
+ xmlSecAssert2(inSize < blockSize, -1);
/* create padding */
- ret = xmlSecBufferSetMaxSize(in, blockLen);
+ ret = xmlSecBufferSetMaxSize(in, blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", blockLen);
+ "size=" XMLSEC_SIZE_FMT, blockSize);
return(-1);
}
inBuf = xmlSecBufferGetData(in);
/* create random padding */
- if((xmlSecSize)blockLen > (inSize + 1)) {
- gcry_randomize(inBuf + inSize, blockLen - inSize - 1,
- GCRY_STRONG_RANDOM); /* as usual, we are paranoid */
+ if(blockSize > (inSize + 1)) {
+ gcry_randomize(inBuf + inSize, blockLen - inSize - 1, GCRY_STRONG_RANDOM); /* as usual, we are paranoid */
}
- inBuf[blockLen - 1] = blockLen - inSize;
- inSize = blockLen;
+ XMLSEC_SAFE_CAST_SIZE_TO_BYTE((blockSize - inSize), inBuf[blockSize - 1], return(-1), cipherName);
+ inSize = blockSize;
} else {
- if(inSize != (xmlSecSize)blockLen) {
- xmlSecInvalidSizeError("Input data", inSize, blockLen, cipherName);
+ if(inSize != blockSize) {
+ xmlSecInvalidSizeError("Input data", inSize, blockSize, cipherName);
return(-1);
}
}
/* process last block */
- ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockLen);
+ ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", outSize + 2 * blockLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + 2 * blockSize));
return(-1);
}
outBuf = xmlSecBufferGetData(out) + outSize;
err = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
if(err != GPG_ERR_NO_ERROR) {
- xmlSecGCryptError("gcry_cipher_encrypt", err,
- cipherName);
+ xmlSecGCryptError("gcry_cipher_encrypt", err, cipherName);
return(-1);
}
} else {
err = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
if(err != GPG_ERR_NO_ERROR) {
- xmlSecGCryptError("gcry_cipher_decrypt", err,
- cipherName);
+ xmlSecGCryptError("gcry_cipher_decrypt", err, cipherName);
return(-1);
}
}
if(encrypt == 0) {
/* check padding */
- if(inSize < outBuf[blockLen - 1]) {
+ if(inSize < outBuf[blockSize - 1]) {
xmlSecInvalidSizeLessThanError("Input data padding",
- inSize, outBuf[blockLen - 1], cipherName);
+ inSize, outBuf[blockSize - 1], cipherName);
return(-1);
}
- outLen = inSize - outBuf[blockLen - 1];
+ outSize2 = inSize - outBuf[blockSize - 1];
} else {
- outLen = inSize;
- }
-
- /* set correct output buffer size */
- ret = xmlSecBufferSetSize(out, outSize + outLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", outSize + outLen);
- return(-1);
- }
-
- /* remove the processed block from input */
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", inSize);
- return(-1);
+ outSize2 = inSize;
}
-
/* set correct output buffer size */
- ret = xmlSecBufferSetSize(out, outSize + outLen);
+ ret = xmlSecBufferSetSize(out, outSize + outSize2);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", outSize + outLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + outSize2));
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
+ /* success */
return(0);
}
*
* Block Cipher transforms
*
- * xmlSecGCryptBlockCipherCtx block is located after xmlSecTransform structure
+ * xmlSecTransform + xmlSecGCryptBlockCipherCtx
*
*****************************************************************************/
-#define xmlSecGCryptBlockCipherSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptBlockCipherCtx))
-#define xmlSecGCryptBlockCipherGetCtx(transform) \
- ((xmlSecGCryptBlockCipherCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(GCryptBlockCipher, xmlSecGCryptBlockCipherCtx)
+#define xmlSecGCryptBlockCipherSize XMLSEC_TRANSFORM_SIZE(GCryptBlockCipher)
static int xmlSecGCryptBlockCipherInitialize (xmlSecTransformPtr transform);
static void xmlSecGCryptBlockCipherFinalize (xmlSecTransformPtr transform);
static int
xmlSecGCryptBlockCipherSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecGCryptBlockCipherCtxPtr ctx;
+ size_t keyBitsSize;
xmlSecAssert2(xmlSecGCryptBlockCipherCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
keyReq->keyUsage = xmlSecKeyUsageDecrypt;
}
- keyReq->keyBitsSize = 8 * gcry_cipher_get_algo_keylen(ctx->cipher);
+ keyBitsSize = 8 * gcry_cipher_get_algo_keylen(ctx->cipher);
+ xmlSecAssert2(keyBitsSize > 0, -1);
+
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(keyBitsSize, keyReq->keyBitsSize, return(-1), xmlSecTransformGetName(transform));
return(0);
}
xmlSecGCryptBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecGCryptBlockCipherCtxPtr ctx;
xmlSecBufferPtr buffer;
+ size_t keySizeT;
xmlSecSize keySize;
gcry_err_code_t err;
xmlSecAssert2(ctx->keyId != NULL, -1);
xmlSecAssert2(xmlSecKeyCheckId(key, ctx->keyId), -1);
- keySize = gcry_cipher_get_algo_keylen(ctx->cipher);
- xmlSecAssert2(keySize > 0, -1);
+ keySizeT = gcry_cipher_get_algo_keylen(ctx->cipher);
+ xmlSecAssert2(keySizeT > 0, -1);
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(keySizeT, keySize, return(-1), xmlSecTransformGetName(transform));
buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
xmlSecAssert2(buffer != NULL, -1);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:crypto
ret = xmlSecBufferSetSize(buffer, size);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", NULL,
- "size=%d", size);
+ "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:digests
#include <xmlsec/gcrypt/app.h>
#include <xmlsec/gcrypt/crypto.h>
+#include "../cast_helpers.h"
+
/**************************************************************************
*
* Internal GCRYPT Digest CTX
*
* Digest transforms
*
- * xmlSecGCryptDigestCtx is located after xmlSecTransform
+ * xmlSecTransform + xmlSecGCryptDigestCtx
*
*****************************************************************************/
-#define xmlSecGCryptDigestSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptDigestCtx))
-#define xmlSecGCryptDigestGetCtx(transform) \
- ((xmlSecGCryptDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(GCryptDigest, xmlSecGCryptDigestCtx)
+#define xmlSecGCryptDigestSize XMLSEC_TRANSFORM_SIZE(GCryptDigest)
static int xmlSecGCryptDigestInitialize (xmlSecTransformPtr transform);
static void xmlSecGCryptDigestFinalize (xmlSecTransformPtr transform);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
}
gcry_md_final(ctx->digestCtx);
buf = gcry_md_read(ctx->digestCtx, ctx->digest);
if(buf == NULL) {
- xmlSecGCryptError("gcry_md_read", GPG_ERR_NO_ERROR,
+ xmlSecGCryptError("gcry_md_read", (gcry_error_t)GPG_ERR_NO_ERROR,
xmlSecTransformGetName(transform));
return(-1);
}
if(transform->operation == xmlSecTransformOperationSign) {
ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend",
- xmlSecTransformGetName(transform),
- "size=%d", ctx->dgstSize);
+ xmlSecInternalError2("xmlSecBufferAppend", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, ctx->dgstSize);
return(-1);
}
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
#define __XMLSEC_GLOBALS_H__
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
- "gcrypt error: %ld: %s: %s", \
- (long)(errCode), \
- xmlSecErrorsSafeString(source), \
+ "gcrypt error: %u: %s: %s", \
+ (errCode), \
+ xmlSecErrorsSafeString(source), \
xmlSecErrorsSafeString(message) \
); \
}
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
- msg "; gcrypt error: %ld: %s: %s", \
+ msg "; gcrypt error: %u: %s: %s", \
(param), \
- (long)(errCode), \
+ (errCode), \
xmlSecErrorsSafeString(source), \
xmlSecErrorsSafeString(message) \
); \
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:hmac
#include <gcrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
-#include <xmlsec/keys.h>
-#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/private.h>
#include <xmlsec/gcrypt/app.h>
#include <xmlsec/gcrypt/crypto.h>
-/* sizes in bits */
-#define XMLSEC_GCRYPT_MIN_HMAC_SIZE 80
-#define XMLSEC_GCRYPT_MAX_HMAC_SIZE (128 * 8)
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+#include "../transform_helpers.h"
/**************************************************************************
*
* Configuration
*
*****************************************************************************/
-static int g_xmlsec_gcrypt_hmac_min_length = XMLSEC_GCRYPT_MIN_HMAC_SIZE;
/**
* xmlSecGCryptHmacGetMinOutputLength:
*
+ * DEPRECATED (use @xmlSecTransformHmacGetMinOutputBitsSize instead).
* Gets the value of min HMAC length.
*
* Returns: the min HMAC output length
*/
int xmlSecGCryptHmacGetMinOutputLength(void)
{
- return g_xmlsec_gcrypt_hmac_min_length;
+ xmlSecSize val = xmlSecTransformHmacGetMinOutputBitsSize();
+ int res;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(val, res, return(-1), NULL);
+ return res;
}
/**
* xmlSecGCryptHmacSetMinOutputLength:
* @min_length: the new min length
*
+ * DEPRECATED (use @xmlSecTransformHmacSetMinOutputBitsSize instead).
* Sets the min HMAC output length
*/
void xmlSecGCryptHmacSetMinOutputLength(int min_length)
{
- g_xmlsec_gcrypt_hmac_min_length = min_length;
+ xmlSecSize val;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(min_length, val, return, NULL);
+ xmlSecTransformHmacSetMinOutputBitsSize(val);
}
/**************************************************************************
struct _xmlSecGCryptHmacCtx {
int digest;
gcry_md_hd_t digestCtx;
- xmlSecByte dgst[XMLSEC_GCRYPT_MAX_HMAC_SIZE / 8];
+ xmlSecByte dgst[XMLSEC_TRASNFORM_HMAC_MAX_OUTPUT_SIZE];
xmlSecSize dgstSize; /* dgst size in bits */
};
*
* HMAC transforms
*
- * xmlSecGCryptHmacCtx is located after xmlSecTransform
+ * xmlSecTransform + xmlSecGCryptHmacCtx
*
*****************************************************************************/
-#define xmlSecGCryptHmacGetCtx(transform) \
- ((xmlSecGCryptHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecGCryptHmacSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptHmacCtx))
+XMLSEC_TRANSFORM_DECLARE(GCryptHmac, xmlSecGCryptHmacCtx)
+#define xmlSecGCryptHmacSize XMLSEC_TRANSFORM_SIZE(GCryptHmac)
static int xmlSecGCryptHmacCheckId (xmlSecTransformPtr transform);
static int xmlSecGCryptHmacInitialize (xmlSecTransformPtr transform);
/**
* xmlSecGCryptHmacNodeRead:
- *
- * HMAC (http://www.w3.org/TR/xmldsig-core/#sec-HMAC):
- *
- * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits
- * as a parameter; if the parameter is not specified then all the bits of the
- * hash are output. An example of an HMAC SignatureMethod element:
- * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
- * <HMACOutputLength>128</HMACOutputLength>
- * </SignatureMethod>
- *
- * Schema Definition:
- *
- * <simpleType name="HMACOutputLengthType">
- * <restriction base="integer"/>
- * </simpleType>
- *
- * DTD:
- *
- * <!ELEMENT HMACOutputLength (#PCDATA)>
*/
static int
-xmlSecGCryptHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+xmlSecGCryptHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecGCryptHmacCtxPtr ctx;
- xmlNodePtr cur;
+ int ret;
xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1);
xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecGCryptHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- cur = xmlSecGetNextElementNode(node->children);
- if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
- xmlChar *content;
-
- content = xmlNodeGetContent(cur);
- if(content != NULL) {
- ctx->dgstSize = atoi((char*)content);
- xmlFree(content);
- }
-
- /* Ensure that HMAC length is greater than min specified.
- Otherwise, an attacker can set this length to 0 or very
- small value
- */
- if((int)ctx->dgstSize < xmlSecGCryptHmacGetMinOutputLength()) {
- xmlSecInvalidNodeContentError(cur, xmlSecTransformGetName(transform),
- "HMAC output length is too small");
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform));
+ ret = xmlSecTransformHmacReadOutputBitsSize(node, ctx->dgstSize, &ctx->dgstSize);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformHmacReadOutputBitsSize()",
+ xmlSecTransformGetName(transform));
return(-1);
}
+
return(0);
}
static int
xmlSecGCryptHmacVerify(xmlSecTransformPtr transform,
const xmlSecByte* data, xmlSecSize dataSize,
- xmlSecTransformCtxPtr transformCtx) {
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
static xmlSecByte last_byte_masks[] =
{ 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
xmlSecAssert2(data != NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecGCryptHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
}
gcry_md_final(ctx->digestCtx);
dgst = gcry_md_read(ctx->digestCtx, ctx->digest);
if(dgst == NULL) {
- xmlSecGCryptError("gcry_md_read", GPG_ERR_NO_ERROR,
+ xmlSecGCryptError("gcry_md_read", (gcry_error_t)GPG_ERR_NO_ERROR,
xmlSecTransformGetName(transform));
return(-1);
}
if(ctx->dgstSize == 0) {
ctx->dgstSize = dgstSize * 8; /* no dgst size specified, use all we have */
} else if(ctx->dgstSize <= 8 * dgstSize) {
- dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+ xmlSecSize adjustedDigestSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(adjustedDigestSize, dgstSize, return(-1), xmlSecTransformGetName(transform));
} else {
xmlSecInvalidSizeLessThanError("HMAC digest (bits)",
- 8 * dgstSize, ctx->dgstSize,
- xmlSecTransformGetName(transform));
+ 8 * dgstSize, ctx->dgstSize,
+ xmlSecTransformGetName(transform));
return(-1);
}
if(transform->operation == xmlSecTransformOperationSign) {
ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend",
- xmlSecTransformGetName(transform),
- "size=%d", dgstSize);
+ xmlSecInternalError2("xmlSecBufferAppend", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, dgstSize);
return(-1);
}
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_aes
#include <gcrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
#include <xmlsec/gcrypt/crypto.h>
#include "../kw_aes_des.h"
-
+#include "../cast_helpers.h"
/*********************************************************************
*
* AES KW implementation
*
*********************************************************************/
-static int xmlSecGCryptKWAesBlockEncrypt (const xmlSecByte * in,
+static int xmlSecGCryptKWAesBlockEncrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
+ xmlSecByte * out,
xmlSecSize outSize,
- void * context);
-static int xmlSecGCryptKWAesBlockDecrypt (const xmlSecByte * in,
+ xmlSecSize * outWritten);
+static int xmlSecGCryptKWAesBlockDecrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
+ xmlSecByte * out,
xmlSecSize outSize,
- void * context);
+ xmlSecSize * outWritten);
static xmlSecKWAesKlass xmlSecGCryptKWAesKlass = {
/* callbacks */
xmlSecGCryptKWAesBlockEncrypt, /* xmlSecKWAesBlockEncryptMethod encrypt; */
/*********************************************************************
*
- * AES KW transforms
+ * AES KW transform context
*
********************************************************************/
typedef struct _xmlSecGCryptKWAesCtx xmlSecGCryptKWAesCtx,
*xmlSecGCryptKWAesCtxPtr;
struct _xmlSecGCryptKWAesCtx {
+ xmlSecTransformKWAesCtx parentCtx;
+
int cipher;
int mode;
- int flags;
+ unsigned int flags;
xmlSecSize blockSize;
- xmlSecSize keyExpectedSize;
-
- xmlSecBuffer keyBuffer;
};
-#define xmlSecGCryptKWAesSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptKWAesCtx))
-#define xmlSecGCryptKWAesGetCtx(transform) \
- ((xmlSecGCryptKWAesCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+/******************************************************************************
+ *
+ * AES KW transforms
+ *
+ * xmlSecTransform + xmlSecGCryptKWAesCtx
+ *
+ *****************************************************************************/
+XMLSEC_TRANSFORM_DECLARE(GCryptKWAes, xmlSecGCryptKWAesCtx)
+#define xmlSecGCryptKWAesSize XMLSEC_TRANSFORM_SIZE(GCryptKWAes)
+
#define xmlSecGCryptKWAesCheckId(transform) \
(xmlSecTransformCheckId((transform), xmlSecGCryptTransformKWAes128Id) || \
xmlSecTransformCheckId((transform), xmlSecGCryptTransformKWAes192Id) || \
static int
xmlSecGCryptKWAesInitialize(xmlSecTransformPtr transform) {
xmlSecGCryptKWAesCtxPtr ctx;
+ xmlSecSize keyExpectedSize;
+ size_t blockSize;
int ret;
xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1);
ctx = xmlSecGCryptKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
+ memset(ctx, 0, sizeof(xmlSecGCryptKWAesCtx));
if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWAes128Id)) {
- ctx->cipher = GCRY_CIPHER_AES128;
- ctx->keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE;
+ ctx->cipher = GCRY_CIPHER_AES128;
+ keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE;
} else if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWAes192Id)) {
- ctx->cipher = GCRY_CIPHER_AES192;
- ctx->keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE;
+ ctx->cipher = GCRY_CIPHER_AES192;
+ keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE;
} else if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWAes256Id)) {
- ctx->cipher = GCRY_CIPHER_AES256;
- ctx->keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE;
+ ctx->cipher = GCRY_CIPHER_AES256;
+ keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE;
} else {
xmlSecInvalidTransfromError(transform)
return(-1);
}
- ctx->mode = GCRY_CIPHER_MODE_CBC;
- ctx->flags = GCRY_CIPHER_SECURE; /* we are paranoid */
- ctx->blockSize = gcry_cipher_get_algo_blklen(ctx->cipher);
- xmlSecAssert2(ctx->blockSize > 0, -1);
- ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+ ret = xmlSecTransformKWAesInitialize(transform, &(ctx->parentCtx),
+ &xmlSecGCryptKWAesKlass, xmlSecGCryptKeyDataAesId,
+ keyExpectedSize);
if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptKWAesGetKey",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecTransformKWAesInitialize", xmlSecTransformGetName(transform));
+ xmlSecGCryptKWAesFinalize(transform);
return(-1);
}
+ blockSize = gcry_cipher_get_algo_blklen(ctx->cipher);
+ if(blockSize <= 0) {
+ xmlSecGCryptError("gcry_cipher_get_algo_blklen", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptKWAesFinalize(transform);
+ return(-1);
+ }
+
+ ctx->mode = GCRY_CIPHER_MODE_CBC;
+ ctx->flags = GCRY_CIPHER_SECURE; /* we are paranoid */
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(blockSize, ctx->blockSize, return(-1), NULL);
+
return(0);
}
ctx = xmlSecGCryptKWAesGetCtx(transform);
xmlSecAssert(ctx != NULL);
- xmlSecBufferFinalize(&(ctx->keyBuffer));
+ xmlSecTransformKWAesFinalize(transform, &(ctx->parentCtx));
+ memset(ctx, 0, sizeof(xmlSecGCryptKWAesCtx));
}
static int
xmlSecGCryptKWAesSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecGCryptKWAesCtxPtr ctx;
+ int ret;
xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1);
- xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecGCryptKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keyReq->keyId = xmlSecGCryptKeyDataAesId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage = xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+ ret = xmlSecTransformKWAesSetKeyReq(transform, &(ctx->parentCtx),keyReq);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesSetKeyReq", xmlSecTransformGetName(transform));
+ return(-1);
}
- keyReq->keyBitsSize = 8 * ctx->keyExpectedSize;
-
return(0);
}
static int
xmlSecGCryptKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecGCryptKWAesCtxPtr ctx;
- xmlSecBufferPtr buffer;
- xmlSecSize keySize;
int ret;
xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecGCryptKeyDataAesId), -1);
ctx = xmlSecGCryptKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
-
- buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
- xmlSecAssert2(buffer != NULL, -1);
-
- keySize = xmlSecBufferGetSize(buffer);
- if(keySize < ctx->keyExpectedSize) {
- xmlSecInvalidKeyDataSizeError(keySize, ctx->keyExpectedSize,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- ret = xmlSecBufferSetData(&(ctx->keyBuffer),
- xmlSecBufferGetData(buffer),
- ctx->keyExpectedSize);
+ ret = xmlSecTransformKWAesSetKey(transform, &(ctx->parentCtx), key);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "size=%d", ctx->keyExpectedSize);
+ xmlSecInternalError("xmlSecTransformKWAesSetKey", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
static int
-xmlSecGCryptKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecGCryptKWAesExecute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecGCryptKWAesCtxPtr ctx;
- xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize, keySize;
int ret;
xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecGCryptKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
-
- keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
- xmlSecAssert2(keySize == ctx->keyExpectedSize, -1);
-
- in = &(transform->inBuf);
- out = &(transform->outBuf);
- inSize = xmlSecBufferGetSize(in);
- outSize = xmlSecBufferGetSize(out);
- xmlSecAssert2(outSize == 0, -1);
-
- if(transform->status == xmlSecTransformStatusNone) {
- transform->status = xmlSecTransformStatusWorking;
- }
-
- if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
- /* just do nothing */
- } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- if((inSize % 8) != 0) {
- xmlSecInvalidSizeNotMultipleOfError("Input data", inSize, 8,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
- outSize = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE +
- XMLSEC_KW_AES_BLOCK_SIZE;
- } else {
- outSize = inSize + XMLSEC_KW_AES_BLOCK_SIZE;
- }
-
- ret = xmlSecBufferSetMaxSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "outSize=%d", outSize);
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- ret = xmlSecKWAesEncode(&xmlSecGCryptKWAesKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKWAesEncode",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
- } else {
- ret = xmlSecKWAesDecode(&xmlSecGCryptKWAesKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKWAesEncode",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
- }
-
- ret = xmlSecBufferSetSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "outSize=%d", outSize);
- return(-1);
- }
-
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "inSize%d", inSize);
- return(-1);
- }
-
- transform->status = xmlSecTransformStatusFinished;
- } else if(transform->status == xmlSecTransformStatusFinished) {
- /* the only way we can get here is if there is no input */
- xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
- } else {
- xmlSecInvalidTransfromStatusError(transform);
+ ret = xmlSecTransformKWAesExecute(transform, &(ctx->parentCtx), last);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesExecute", xmlSecTransformGetName(transform));
return(-1);
}
+
return(0);
}
static unsigned char g_zero_iv[XMLSEC_KW_AES_BLOCK_SIZE] =
{ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
static int
-xmlSecGCryptKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
+xmlSecGCryptKWAesBlockEncrypt(xmlSecTransformPtr transform, const xmlSecByte * in, xmlSecSize inSize,
xmlSecByte * out, xmlSecSize outSize,
- void * context) {
- xmlSecGCryptKWAesCtxPtr ctx = (xmlSecGCryptKWAesCtxPtr)context;
+ xmlSecSize * outWritten) {
+ xmlSecGCryptKWAesCtxPtr ctx;
+ xmlSecByte* keyData;
+ xmlSecSize keySize;
gcry_cipher_hd_t cipherCtx;
gcry_error_t err;
- xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1);
xmlSecAssert2(in != NULL, -1);
- xmlSecAssert2(inSize >= ctx->blockSize, -1);
xmlSecAssert2(out != NULL, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecGCryptKWAesGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->blockSize > 0, -1);
+ xmlSecAssert2(inSize >= ctx->blockSize, -1);
xmlSecAssert2(outSize >= ctx->blockSize, -1);
- err = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
+ keyData = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keySize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keyData != NULL, -1);
+ xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(ctx->parentCtx.keyExpectedSize == keySize, -1);
+
+ err = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
if(err != GPG_ERR_NO_ERROR) {
xmlSecGCryptError("gcry_cipher_open", err, NULL);
return(-1);
}
- err = gcry_cipher_setkey(cipherCtx,
- xmlSecBufferGetData(&ctx->keyBuffer),
- xmlSecBufferGetSize(&ctx->keyBuffer));
+ err = gcry_cipher_setkey(cipherCtx, keyData, keySize);
if(err != GPG_ERR_NO_ERROR) {
xmlSecGCryptError("gcry_cipher_setkey", err, NULL);
gcry_cipher_close(cipherCtx);
}
gcry_cipher_close(cipherCtx);
- return(ctx->blockSize);
+ /* success */
+ (*outWritten) = ctx->blockSize;
+ return(0);
}
static int
-xmlSecGCryptKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
+xmlSecGCryptKWAesBlockDecrypt(xmlSecTransformPtr transform, const xmlSecByte * in, xmlSecSize inSize,
xmlSecByte * out, xmlSecSize outSize,
- void * context) {
- xmlSecGCryptKWAesCtxPtr ctx = (xmlSecGCryptKWAesCtxPtr)context;
+ xmlSecSize * outWritten) {
+ xmlSecGCryptKWAesCtxPtr ctx;
+ xmlSecByte* keyData;
+ xmlSecSize keySize;
gcry_cipher_hd_t cipherCtx;
gcry_error_t err;
- xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1);
xmlSecAssert2(in != NULL, -1);
- xmlSecAssert2(inSize >= ctx->blockSize, -1);
xmlSecAssert2(out != NULL, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecGCryptKWAesGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->blockSize > 0, -1);
+ xmlSecAssert2(inSize >= ctx->blockSize, -1);
xmlSecAssert2(outSize >= ctx->blockSize, -1);
+ keyData = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keySize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keyData != NULL, -1);
+ xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(ctx->parentCtx.keyExpectedSize == keySize, -1);
+
err = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
if(err != GPG_ERR_NO_ERROR) {
xmlSecGCryptError("gcry_cipher_open", err, NULL);
return(-1);
}
- err = gcry_cipher_setkey(cipherCtx,
- xmlSecBufferGetData(&ctx->keyBuffer),
- xmlSecBufferGetSize(&ctx->keyBuffer));
+ err = gcry_cipher_setkey(cipherCtx, keyData, keySize);
if(err != GPG_ERR_NO_ERROR) {
xmlSecGCryptError("gcry_cipher_setkey", err, NULL);
gcry_cipher_close(cipherCtx);
}
gcry_cipher_close(cipherCtx);
- return(ctx->blockSize);
+ /* success */
+ (*outWritten) = ctx->blockSize;
+ return(0);
}
#endif /* XMLSEC_NO_AES */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_des
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
#include <xmlsec/gcrypt/crypto.h>
#include "../kw_aes_des.h"
+#include "../cast_helpers.h"
/*********************************************************************
*
* DES KW implementation
*
*********************************************************************/
-static int xmlSecGCryptKWDes3GenerateRandom (void * context,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecGCryptKWDes3Sha1 (void * context,
- const xmlSecByte * in,
- xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecGCryptKWDes3BlockEncrypt (void * context,
- const xmlSecByte * iv,
+static int xmlSecGCryptKWDes3GenerateRandom (xmlSecTransformPtr transform,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecGCryptKWDes3Sha1 (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
+ xmlSecSize inSize,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecGCryptKWDes3BlockEncrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * iv,
xmlSecSize ivSize,
- const xmlSecByte * in,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecGCryptKWDes3BlockDecrypt (void * context,
- const xmlSecByte * iv,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecGCryptKWDes3BlockDecrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * iv,
xmlSecSize ivSize,
- const xmlSecByte * in,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
static xmlSecKWDes3Klass xmlSecGCryptKWDes3ImplKlass = {
/* callbacks */
NULL, /* void* reserved1; */
};
-static int xmlSecGCryptKWDes3Encrypt (const xmlSecByte *key,
+static int xmlSecGCryptKWDes3Encrypt (const xmlSecByte *key,
xmlSecSize keySize,
- const xmlSecByte *iv,
+ const xmlSecByte *iv,
xmlSecSize ivSize,
- const xmlSecByte *in,
+ const xmlSecByte *in,
xmlSecSize inSize,
- xmlSecByte *out,
- xmlSecSize outSize,
+ xmlSecByte *out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten,
int enc);
/*********************************************************************
*
- * Triple DES Key Wrap transform
- *
- * key (xmlSecBuffer) is located after xmlSecTransform structure
+ * Triple DES Key Wrap transform context
*
********************************************************************/
-typedef struct _xmlSecGCryptKWDes3Ctx xmlSecGCryptKWDes3Ctx,
- *xmlSecGCryptKWDes3CtxPtr;
-struct _xmlSecGCryptKWDes3Ctx {
- xmlSecBuffer keyBuffer;
-};
-#define xmlSecGCryptKWDes3Size \
- (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptKWDes3Ctx))
-#define xmlSecGCryptKWDes3GetCtx(transform) \
- ((xmlSecGCryptKWDes3CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+typedef xmlSecTransformKWDes3Ctx xmlSecGCryptKWDes3Ctx,
+ *xmlSecGCryptKWDes3CtxPtr;
+
+/******************************************************************************
+ *
+ * Tripple DES KW transforms
+ *
+ * xmlSecTransform + xmlSecGCryptKWDes3Ctx
+ *
+ *****************************************************************************/
+XMLSEC_TRANSFORM_DECLARE(GCryptKWDes3, xmlSecGCryptKWDes3Ctx)
+#define xmlSecGCryptKWDes3Size XMLSEC_TRANSFORM_SIZE(GCryptKWDes3)
static int xmlSecGCryptKWDes3Initialize (xmlSecTransformPtr transform);
static void xmlSecGCryptKWDes3Finalize (xmlSecTransformPtr transform);
ctx = xmlSecGCryptKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
+ memset(ctx, 0, sizeof(xmlSecGCryptKWDes3Ctx));
- ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+ ret = xmlSecTransformKWDes3Initialize(transform, ctx,
+ &xmlSecGCryptKWDes3ImplKlass, xmlSecGCryptKeyDataDesId);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecTransformKWDes3Initialize", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
ctx = xmlSecGCryptKWDes3GetCtx(transform);
xmlSecAssert(ctx != NULL);
- xmlSecBufferFinalize(&(ctx->keyBuffer));
+ xmlSecTransformKWDes3Finalize(transform, ctx);
+ memset(ctx, 0, sizeof(xmlSecGCryptKWDes3Ctx));
}
static int
xmlSecGCryptKWDes3SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecGCryptKWDes3CtxPtr ctx;
+ int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size), -1);
- xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecGCryptKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keyReq->keyId = xmlSecGCryptKeyDataDesId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage= xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage= xmlSecKeyUsageDecrypt;
+ ret = xmlSecTransformKWDes3SetKeyReq(transform, ctx, keyReq);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3SetKeyReq", xmlSecTransformGetName(transform));
+ return(-1);
}
- keyReq->keyBitsSize = 8 * XMLSEC_KW_DES3_KEY_LENGTH;
return(0);
}
static int
xmlSecGCryptKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecGCryptKWDes3CtxPtr ctx;
- xmlSecBufferPtr buffer;
- xmlSecSize keySize;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecGCryptKeyDataDesId), -1);
ctx = xmlSecGCryptKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
- xmlSecAssert2(buffer != NULL, -1);
-
- keySize = xmlSecBufferGetSize(buffer);
- if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) {
- xmlSecInvalidKeyDataSizeError(keySize, XMLSEC_KW_DES3_KEY_LENGTH,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH);
+ ret = xmlSecTransformKWDes3SetKey(transform, ctx, key);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "size=%d", XMLSEC_KW_DES3_KEY_LENGTH);
+ xmlSecInternalError("xmlSecTransformKWDes3SetKey", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
static int
-xmlSecGCryptKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecGCryptKWDes3Execute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecGCryptKWDes3CtxPtr ctx;
- xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize, keySize;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecGCryptKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
- xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
-
- in = &(transform->inBuf);
- out = &(transform->outBuf);
- inSize = xmlSecBufferGetSize(in);
- outSize = xmlSecBufferGetSize(out);
- xmlSecAssert2(outSize == 0, -1);
-
- if(transform->status == xmlSecTransformStatusNone) {
- transform->status = xmlSecTransformStatusWorking;
- }
-
- if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
- /* just do nothing */
- } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
- xmlSecInvalidSizeNotMultipleOfError("Input data",
- inSize, XMLSEC_KW_DES3_BLOCK_LENGTH,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* the encoded key might be 16 bytes longer plus one block just in case */
- outSize = inSize + XMLSEC_KW_DES3_IV_LENGTH +
- XMLSEC_KW_DES3_BLOCK_LENGTH +
- XMLSEC_KW_DES3_BLOCK_LENGTH;
- } else {
- /* just in case, add a block */
- outSize = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH;
- }
-
- ret = xmlSecBufferSetMaxSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- ret = xmlSecKWDes3Encode(&xmlSecGCryptKWDes3ImplKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError4("xmlSecKWDes3Encode", xmlSecTransformGetName(transform),
- "key=%d,in=%d,out=%d", keySize, inSize, outSize);
- return(-1);
- }
- outSize = ret;
- } else {
- ret = xmlSecKWDes3Decode(&xmlSecGCryptKWDes3ImplKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError4("xmlSecKWDes3Decode", xmlSecTransformGetName(transform),
- "key=%d,in=%d,out=%d", keySize, inSize, outSize);
- return(-1);
- }
- outSize = ret;
- }
-
- ret = xmlSecBufferSetSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
- return(-1);
- }
-
- transform->status = xmlSecTransformStatusFinished;
- } else if(transform->status == xmlSecTransformStatusFinished) {
- /* the only way we can get here is if there is no input */
- xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
- } else {
- xmlSecInvalidTransfromStatusError(transform);
+ ret = xmlSecTransformKWDes3Execute(transform, ctx, last);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3Execute", xmlSecTransformGetName(transform));
return(-1);
}
return(0);
*
*********************************************************************/
static int
-xmlSecGCryptKWDes3Sha1(void * context,
+xmlSecGCryptKWDes3Sha1(xmlSecTransformPtr transform,
const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecGCryptKWDes3CtxPtr ctx = (xmlSecGCryptKWDes3CtxPtr)context;
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ xmlSecGCryptKWDes3CtxPtr ctx;
gcry_md_hd_t digestCtx;
- unsigned char * res;
- unsigned int len;
+ xmlSecByte* outBuf;
+ unsigned int outBufSize;
gcry_error_t err;
- xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size), -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize > 0, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecGCryptKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
- len = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
- xmlSecAssert2(outSize >= len, -1);
+ outBufSize = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
+ xmlSecAssert2(outSize >= outBufSize, -1);
err = gcry_md_open(&digestCtx, GCRY_MD_SHA1, GCRY_MD_FLAG_SECURE); /* we are paranoid */
if(err != GPG_ERR_NO_ERROR) {
return(-1);
}
- res = gcry_md_read(digestCtx, GCRY_MD_SHA1);
- if(res == NULL) {
- xmlSecGCryptError("gcry_md_read", GPG_ERR_NO_ERROR, NULL);
+ outBuf = gcry_md_read(digestCtx, GCRY_MD_SHA1);
+ if(outBuf == NULL) {
+ xmlSecGCryptError("gcry_md_read", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
gcry_md_close(digestCtx);
return(-1);
}
/* done */
- xmlSecAssert2(outSize >= len, -1);
- memcpy(out, res, len);
+ memcpy(out, outBuf, outBufSize);
gcry_md_close(digestCtx);
- return(len);
+ (*outWritten) = outBufSize;
+
+ return(0);
}
static int
-xmlSecGCryptKWDes3GenerateRandom(void * context,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecGCryptKWDes3CtxPtr ctx = (xmlSecGCryptKWDes3CtxPtr)context;
-
- xmlSecAssert2(ctx != NULL, -1);
+xmlSecGCryptKWDes3GenerateRandom(xmlSecTransformPtr transform ATTRIBUTE_UNUSED,
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ UNREFERENCED_PARAMETER(transform);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize > 0, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
gcry_randomize(out, outSize, GCRY_STRONG_RANDOM);
- return((int)outSize);
+ (*outWritten) = outSize;
+ return(0);
}
static int
-xmlSecGCryptKWDes3BlockEncrypt(void * context,
+xmlSecGCryptKWDes3BlockEncrypt(xmlSecTransformPtr transform,
const xmlSecByte * iv, xmlSecSize ivSize,
const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecGCryptKWDes3CtxPtr ctx = (xmlSecGCryptKWDes3CtxPtr)context;
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ xmlSecGCryptKWDes3CtxPtr ctx;
int ret;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size), -1);
xmlSecAssert2(iv != NULL, -1);
xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecGCryptKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
ret = xmlSecGCryptKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)),
XMLSEC_KW_DES3_KEY_LENGTH,
iv, XMLSEC_KW_DES3_IV_LENGTH,
in, inSize,
- out, outSize,
+ out, outSize, outWritten,
1); /* encrypt */
if(ret < 0) {
xmlSecInternalError("xmlSecGCryptKWDes3Encrypt", NULL);
return(-1);
}
-
- return(ret);
+ return(0);
}
static int
-xmlSecGCryptKWDes3BlockDecrypt(void * context,
+xmlSecGCryptKWDes3BlockDecrypt(xmlSecTransformPtr transform,
const xmlSecByte * iv, xmlSecSize ivSize,
const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecGCryptKWDes3CtxPtr ctx = (xmlSecGCryptKWDes3CtxPtr)context;
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ xmlSecGCryptKWDes3CtxPtr ctx;
int ret;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size), -1);
xmlSecAssert2(iv != NULL, -1);
xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecGCryptKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
ret = xmlSecGCryptKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)),
XMLSEC_KW_DES3_KEY_LENGTH,
iv, XMLSEC_KW_DES3_IV_LENGTH,
in, inSize,
- out, outSize,
+ out, outSize, outWritten,
0); /* decrypt */
if(ret < 0) {
xmlSecInternalError("xmlSecGCryptKWDes3Encrypt", NULL);
return(-1);
}
- return(ret);
+ return(0);
}
static int
const xmlSecByte *iv, xmlSecSize ivSize,
const xmlSecByte *in, xmlSecSize inSize,
xmlSecByte *out, xmlSecSize outSize,
+ xmlSecSize * outWritten,
int enc) {
size_t key_len = gcry_cipher_get_algo_keylen(GCRY_CIPHER_3DES);
size_t block_len = gcry_cipher_get_algo_blklen(GCRY_CIPHER_3DES);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
err = gcry_cipher_open(&cipherCtx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_SECURE); /* we are paranoid */
if(err != GPG_ERR_NO_ERROR) {
/* done */
gcry_cipher_close(cipherCtx);
- return((int)inSize); /* out size == in size */
+
+ /* out size == in size */
+ (*outWritten) = inSize;
+ return(0);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:signatures
#include <xmlsec/gcrypt/crypto.h>
+#include "../cast_helpers.h"
/**************************************************************************
*
*
* Pk Signature transforms
*
- * xmlSecGCryptPkSignatureCtx is located after xmlSecTransform
+ * xmlSecTransform + xmlSecGCryptPkSignatureCtx
*
*****************************************************************************/
-#define xmlSecGCryptPkSignatureSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptPkSignatureCtx))
-#define xmlSecGCryptPkSignatureGetCtx(transform) \
- ((xmlSecGCryptPkSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(GCryptPkSignature, xmlSecGCryptPkSignatureCtx)
+#define xmlSecGCryptPkSignatureSize XMLSEC_TRANSFORM_SIZE(GCryptPkSignature)
static int xmlSecGCryptPkSignatureCheckId (xmlSecTransformPtr transform);
static int xmlSecGCryptPkSignatureInitialize (xmlSecTransformPtr transform);
}
/* check result */
- if(ret == 1) {
- transform->status = xmlSecTransformStatusOk;
- } else {
+ if(ret != 1) {
xmlSecOtherError(XMLSEC_ERRORS_R_DATA_NOT_MATCH,
xmlSecTransformGetName(transform),
- "ctx->verify: signature does not verify");
+ "ctx->verify: signature verification failed");
transform->status = xmlSecTransformStatusFail;
+ return(0);
}
- /* done */
+ /* success */
+ transform->status = xmlSecTransformStatusOk;
return(0);
}
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
}
gcry_md_final(ctx->digestCtx);
buf = gcry_md_read(ctx->digestCtx, ctx->digest);
if(buf == NULL) {
- xmlSecGCryptError("gcry_md_read", GPG_ERR_NO_ERROR,
+ xmlSecGCryptError("gcry_md_read", (gcry_error_t)GPG_ERR_NO_ERROR,
xmlSecTransformGetName(transform));
return(-1);
}
xmlSecGCryptAppendMpi(gcry_mpi_t a, xmlSecBufferPtr out, xmlSecSize min_size) {
xmlSecSize outSize;
size_t written;
+ xmlSecSize writtenSize;
gpg_error_t err;
int ret;
xmlSecGCryptError("gcry_mpi_print", err, NULL);
return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(written, writtenSize, return(-1), NULL);
/* add zeros at the beggining (if needed) */
- if((min_size > 0) && (written < min_size)) {
- outSize += (min_size - written);
+ if((min_size > 0) && (writtenSize < min_size)) {
+ outSize += (min_size - writtenSize);
}
/* allocate space */
- ret = xmlSecBufferSetMaxSize(out, outSize + written + 1);
+ ret = xmlSecBufferSetMaxSize(out, outSize + writtenSize + 1);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL,
- "size=%d", (int)(outSize + written + 1));
+ "size=" XMLSEC_SIZE_FMT, (outSize + writtenSize + 1));
return(-1);
}
xmlSecAssert2(xmlSecBufferGetMaxSize(out) > outSize, -1);
/* add zeros at the beggining (if needed) */
- if((min_size > 0) && (written < min_size)) {
+ if((min_size > 0) && (writtenSize < min_size)) {
xmlSecSize ii;
xmlSecByte * p = xmlSecBufferGetData(out);
- for(ii = 0; ii < (min_size - written); ++ii) {
+ for(ii = 0; ii < (min_size - writtenSize); ++ii) {
p[outSize - ii - 1] = 0;
}
}
xmlSecGCryptError("gcry_mpi_print", err, NULL);
return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(written, writtenSize, return(-1), NULL);
/* reset size */
- ret = xmlSecBufferSetSize(out, outSize + written);
+ ret = xmlSecBufferSetSize(out, outSize + writtenSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", NULL,
- "size=%d", (int)(outSize + written));
+ "size=" XMLSEC_SIZE_FMT, (outSize + writtenSize));
return(-1);
}
/* find signature value */
s_tmp = gcry_sexp_find_token(s_sig, "sig-val", 0);
if(s_tmp == NULL) {
- xmlSecGCryptError("gcry_sexp_find_token(sig-val)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_find_token(sig-val)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
gcry_sexp_release(s_sig);
s_tmp = gcry_sexp_find_token(s_sig, "dsa", 0);
if(s_tmp == NULL) {
- xmlSecGCryptError("gcry_sexp_find_token(dsa)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_find_token(dsa)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
gcry_sexp_release(s_sig);
/* r */
s_r = gcry_sexp_find_token(s_sig, "r", 0);
if(s_r == NULL) {
- xmlSecGCryptError("gcry_sexp_find_token(r)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_find_token(r)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
m_r = gcry_sexp_nth_mpi(s_r, 1, GCRYMPI_FMT_USG);
if(m_r == NULL) {
- xmlSecGCryptError("gcry_sexp_nth_mpi(r)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_nth_mpi(r)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
/* s */
s_s = gcry_sexp_find_token(s_sig, "s", 0);
if(s_s == NULL) {
- xmlSecGCryptError("gcry_sexp_find_token(s)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_find_token(s)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
m_s = gcry_sexp_nth_mpi(s_s, 1, GCRYMPI_FMT_USG);
if(m_s == NULL) {
- xmlSecGCryptError("gcry_sexp_nth_mpi(s)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_nth_mpi(s)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
/* write out: r + s */
ret = xmlSecGCryptAppendMpi(m_r, out, 20);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptAppendMpi", NULL);
+ if((ret < 0) || (xmlSecBufferGetSize(out) != 20)) {
+ xmlSecInternalError2("xmlSecGCryptAppendMpi", NULL,
+ "outSize=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(out));
goto done;
}
- xmlSecAssert2(xmlSecBufferGetSize(out) == 20, -1);
+
ret = xmlSecGCryptAppendMpi(m_s, out, 20);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGCryptAppendMpi", NULL);
+ if((ret < 0) || (xmlSecBufferGetSize(out) != (20 + 20))) {
+ xmlSecInternalError2("xmlSecGCryptAppendMpi", NULL,
+ "outSize=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(out));
goto done;
}
- xmlSecAssert2(xmlSecBufferGetSize(out) == (20 + 20), -1);
/* done */
res = 0;
*
* This prefix is included to make it easier to use standard cryptographic
* libraries. The FF octet MUST be repeated the maximum number of times such
- * that the value of the quantity being CRYPTed is one octet shorter than
+ * that the value of the quantity being CRYPTed is one octet shorter than
* the RSA modulus.
*
***************************************************************************/
gcry_sexp_t s_sig = NULL;
gcry_sexp_t s_tmp;
gpg_error_t err;
+ int dgstLen;
int ret;
int res = -1;
xmlSecAssert2(out != NULL, -1);
/* get the current digest */
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(dgstSize, dgstLen, return(-1), xmlSecGCryptKeyDataRsaGetPrivateKey(key_data));
err = gcry_sexp_build (&s_data, NULL,
"(data (flags pkcs1)(hash %s %b))",
gcry_md_algo_name(digest),
- (int)dgstSize, dgst);
+ dgstLen, dgst);
if((err != GPG_ERR_NO_ERROR) || (s_data == NULL)) {
xmlSecGCryptError("gcry_sexp_build(data)", err, NULL);
goto done;
/* find signature value */
s_tmp = gcry_sexp_find_token(s_sig, "sig-val", 0);
if(s_tmp == NULL) {
- xmlSecGCryptError("gcry_sexp_find_token(sig-val)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_find_token(sig-val)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
gcry_sexp_release(s_sig);
s_tmp = gcry_sexp_find_token(s_sig, "rsa", 0);
if(s_tmp == NULL) {
- xmlSecGCryptError("gcry_sexp_find_token(rsa)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_find_token(rsa)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
gcry_sexp_release(s_sig);
s_tmp = gcry_sexp_find_token(s_sig, "s", 0);
if(s_tmp == NULL) {
- xmlSecGCryptError("gcry_sexp_find_token(s)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_find_token(s)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
gcry_sexp_release(s_sig);
m_sig = gcry_sexp_nth_mpi(s_sig, 1, GCRYMPI_FMT_USG);
if(m_sig == NULL) {
- xmlSecGCryptError("gcry_sexp_nth_mpi(1)",
- GPG_ERR_NO_ERROR, NULL);
+ xmlSecGCryptError("gcry_sexp_nth_mpi(1)", (gcry_error_t)GPG_ERR_NO_ERROR, NULL);
goto done;
}
gcry_mpi_t m_sig = NULL;
gcry_sexp_t s_sig = NULL;
gpg_error_t err;
+ int dgstLen;
int res = -1;
xmlSecAssert2(key_data != NULL, -1);
xmlSecAssert2(dataSize > 0, -1);
/* get the current digest */
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(dgstSize, dgstLen, return(-1), NULL);
err = gcry_sexp_build (&s_data, NULL,
"(data (flags pkcs1)(hash %s %b))",
gcry_md_algo_name(digest),
- (int)dgstSize, dgst);
+ dgstLen, dgst);
if((err != GPG_ERR_NO_ERROR) || (s_data == NULL)) {
xmlSecGCryptError("gcry_sexp_build(data)", err, NULL);
goto done;
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:symkeys
#include <string.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
#include <xmlsec/gcrypt/crypto.h>
+#include "../keysdata_helpers.h"
/*****************************************************************************
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
NULL =
EXTRA_DIST = \
- README \
+ README.md \
$(NULL)
lib_LTLIBRARIES = \
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/gnutls
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(libdir)"
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+am__objects_1 =
+am_libxmlsec1_gnutls_la_OBJECTS = libxmlsec1_gnutls_la-app.lo \
+ libxmlsec1_gnutls_la-ciphers.lo libxmlsec1_gnutls_la-crypto.lo \
+ libxmlsec1_gnutls_la-digests.lo libxmlsec1_gnutls_la-hmac.lo \
+ libxmlsec1_gnutls_la-kw_aes.lo libxmlsec1_gnutls_la-kw_des.lo \
+ libxmlsec1_gnutls_la-symkeys.lo \
+ libxmlsec1_gnutls_la-asymkeys.lo \
+ libxmlsec1_gnutls_la-signatures.lo \
+ libxmlsec1_gnutls_la-x509utils.lo libxmlsec1_gnutls_la-x509.lo \
+ libxmlsec1_gnutls_la-x509vfy.lo $(am__objects_1)
+libxmlsec1_gnutls_la_OBJECTS = $(am_libxmlsec1_gnutls_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+libxmlsec1_gnutls_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+ $(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_gnutls_la_LDFLAGS) \
+ $(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/libxmlsec1_gnutls_la-app.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-crypto.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-digests.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-hmac.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-signatures.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-x509.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Plo \
+ ./$(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(libxmlsec1_gnutls_la_SOURCES)
+DIST_SOURCES = $(libxmlsec1_gnutls_la_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \
+ README.md
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+EXTRA_DIST = \
+ README.md \
+ $(NULL)
+
+lib_LTLIBRARIES = \
+ libxmlsec1-gnutls.la \
+ $(NULL)
+
+libxmlsec1_gnutls_la_CPPFLAGS = \
+ -DPACKAGE=\"@PACKAGE@\" \
+ -I../../include \
+ -I$(top_srcdir)/include \
+ $(XMLSEC_DEFINES) \
+ $(GNUTLS_CFLAGS) \
+ $(LIBXSLT_CFLAGS) \
+ $(LIBXML_CFLAGS) \
+ $(NULL)
+
+libxmlsec1_gnutls_la_SOURCES = \
+ app.c \
+ ciphers.c \
+ crypto.c \
+ digests.c \
+ hmac.c \
+ kw_aes.c \
+ kw_des.c \
+ symkeys.c \
+ asymkeys.c \
+ signatures.c \
+ x509utils.h \
+ x509utils.c \
+ x509.c \
+ x509vfy.c \
+ globals.h \
+ $(NULL)
+
+
+# xmlsec-gnutls library requires xmlsec-gcrypt
+libxmlsec1_gnutls_la_LIBADD = \
+ $(GNUTLS_LIBS) \
+ $(LIBXSLT_LIBS) \
+ $(LIBXML_LIBS) \
+ ../libxmlsec1.la \
+ ../gcrypt/libxmlsec1-gcrypt.la \
+ $(NULL)
+
+libxmlsec1_gnutls_la_DEPENDENCIES = \
+ $(NULL)
+
+libxmlsec1_gnutls_la_LDFLAGS = \
+ @XMLSEC_CRYPTO_EXTRA_LDFLAGS@ \
+ -version-info @XMLSEC_VERSION_INFO@ \
+ $(NULL)
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/gnutls/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign src/gnutls/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+ }
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+
+libxmlsec1-gnutls.la: $(libxmlsec1_gnutls_la_OBJECTS) $(libxmlsec1_gnutls_la_DEPENDENCIES) $(EXTRA_libxmlsec1_gnutls_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(libxmlsec1_gnutls_la_LINK) -rpath $(libdir) $(libxmlsec1_gnutls_la_OBJECTS) $(libxmlsec1_gnutls_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-app.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-crypto.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-digests.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-hmac.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-signatures.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-x509.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+ @$(MKDIR_P) $(@D)
+ @echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+libxmlsec1_gnutls_la-app.lo: app.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-app.Tpo -c -o libxmlsec1_gnutls_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-app.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='app.c' object='libxmlsec1_gnutls_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+
+libxmlsec1_gnutls_la-ciphers.lo: ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Tpo -c -o libxmlsec1_gnutls_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ciphers.c' object='libxmlsec1_gnutls_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+
+libxmlsec1_gnutls_la-crypto.lo: crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-crypto.Tpo -c -o libxmlsec1_gnutls_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-crypto.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='crypto.c' object='libxmlsec1_gnutls_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+
+libxmlsec1_gnutls_la-digests.lo: digests.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-digests.Tpo -c -o libxmlsec1_gnutls_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-digests.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='digests.c' object='libxmlsec1_gnutls_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+
+libxmlsec1_gnutls_la-hmac.lo: hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-hmac.Tpo -c -o libxmlsec1_gnutls_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-hmac.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='hmac.c' object='libxmlsec1_gnutls_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+
+libxmlsec1_gnutls_la-kw_aes.lo: kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Tpo -c -o libxmlsec1_gnutls_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_aes.c' object='libxmlsec1_gnutls_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+
+libxmlsec1_gnutls_la-kw_des.lo: kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Tpo -c -o libxmlsec1_gnutls_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_des.c' object='libxmlsec1_gnutls_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+
+libxmlsec1_gnutls_la-symkeys.lo: symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Tpo -c -o libxmlsec1_gnutls_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='symkeys.c' object='libxmlsec1_gnutls_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+
+libxmlsec1_gnutls_la-asymkeys.lo: asymkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-asymkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Tpo -c -o libxmlsec1_gnutls_la-asymkeys.lo `test -f 'asymkeys.c' || echo '$(srcdir)/'`asymkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='asymkeys.c' object='libxmlsec1_gnutls_la-asymkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-asymkeys.lo `test -f 'asymkeys.c' || echo '$(srcdir)/'`asymkeys.c
+
+libxmlsec1_gnutls_la-signatures.lo: signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-signatures.Tpo -c -o libxmlsec1_gnutls_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-signatures.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='signatures.c' object='libxmlsec1_gnutls_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+
+libxmlsec1_gnutls_la-x509utils.lo: x509utils.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-x509utils.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Tpo -c -o libxmlsec1_gnutls_la-x509utils.lo `test -f 'x509utils.c' || echo '$(srcdir)/'`x509utils.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509utils.c' object='libxmlsec1_gnutls_la-x509utils.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-x509utils.lo `test -f 'x509utils.c' || echo '$(srcdir)/'`x509utils.c
+
+libxmlsec1_gnutls_la-x509.lo: x509.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-x509.Tpo -c -o libxmlsec1_gnutls_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-x509.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-x509.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509.c' object='libxmlsec1_gnutls_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+
+libxmlsec1_gnutls_la-x509vfy.lo: x509vfy.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Tpo -c -o libxmlsec1_gnutls_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509vfy.c' object='libxmlsec1_gnutls_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(libdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-x509.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Plo
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-x509.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Plo
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-libLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+ clean-generic clean-libLTLIBRARIES clean-libtool cscopelist-am \
+ ctags ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
+++ /dev/null
-The xmlsec-gnutls uses both libgcrypt and libgnutls because GnuTLS
-does not provide direct access to low-level crypto operations (digests,
-hmac, aes, des, etc.).
-
-
-
--- /dev/null
+# XMLSec Library: XMLSEC-GNUTLS
+
+## What version of GnuTLS?
+GnuTLS 2.8.0 or later is required.
+
+## Dependencies
+The `xmlsec-gnutls` uses both libgcrypt and libgnutls because GnuTLS
+does not provide direct access to low-level crypto operations (digests,
+hmac, aes, des, etc.).
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:app
#include <xmlsec/gnutls/crypto.h>
#include <xmlsec/gnutls/x509.h>
+#include "../cast_helpers.h"
#include "x509utils.h"
/**************************************************************************
*/
int
xmlSecGnuTLSAppKeyCertLoadMemory(xmlSecKeyPtr key,
- const xmlSecByte* data,
- xmlSecSize dataSize,
- xmlSecKeyDataFormat format) {
- gnutls_x509_crt_t cert;
+ const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format)
+{
+ gnutls_x509_crt_t cert = NULL;
+ gnutls_x509_crt_t keyCert = NULL;
xmlSecKeyDataPtr keyData;
int ret;
+ int res = -1;
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(dataSize > 0, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
+ /* read cert and make a copy for the keyCert */
+ cert = xmlSecGnuTLSX509CertRead(data, dataSize, format);
+ if(cert == NULL) {
+ xmlSecInternalError("xmlSecGnuTLSX509CertRead", NULL);
+ goto done;
+ }
+
+ keyCert = xmlSecGnuTLSX509CertDup(cert);
+ if(keyCert == NULL) {
+ xmlSecInternalError("xmlSecGnuTLSX509CertDup", NULL);
+ goto done;
+ }
+
+ /* add both cert and keyCert to the keyData */
keyData = xmlSecKeyEnsureData(key, xmlSecGnuTLSKeyDataX509Id);
if(keyData == NULL) {
xmlSecInternalError("xmlSecKeyEnsureData", NULL);
- return(-1);
+ goto done;
}
- cert = xmlSecGnuTLSX509CertRead(data, dataSize, format);
- if(cert == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertRead", NULL);
- return(-1);
+ ret = xmlSecGnuTLSKeyDataX509AdoptKeyCert(keyData, keyCert);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptKeyCert", NULL);
+ goto done;
}
+ keyCert = NULL; /* owned by keyData now */
ret = xmlSecGnuTLSKeyDataX509AdoptCert(keyData, cert);
if(ret < 0) {
xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert", NULL);
- gnutls_x509_crt_deinit(cert);
- return(-1);
+ goto done;
}
+ cert = NULL; /* owned by key data now */
- return(0);
+ /* success */
+ res = 0;
+
+done:
+ if(cert != NULL) {
+ gnutls_x509_crt_deinit(cert);
+ }
+ if(keyCert != NULL) {
+ gnutls_x509_crt_deinit(keyCert);
+ }
+ return(res);
}
/**
xmlSecKeyDataPtr keyData = NULL;
xmlSecKeyDataPtr x509Data = NULL;
gnutls_x509_crt_t cert = NULL;
+ gnutls_x509_crt_t keyCert = NULL;
xmlSecKeyPtr res = NULL;
int ret;
xmlSecAssert2(dataSize > 0, NULL);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
- /* read cert */
+ /* read cert and make a copy for keyCert */
cert = xmlSecGnuTLSX509CertRead(data, dataSize, format);
if(cert == NULL) {
xmlSecInternalError("xmlSecGnuTLSX509CertRead", NULL);
goto done;
}
+ keyCert = xmlSecGnuTLSX509CertDup(cert);
+ if(keyCert == NULL) {
+ xmlSecInternalError("xmlSecGnuTLSX509CertDup", NULL);
+ goto done;
+ }
+
/* create key */
key = xmlSecKeyCreate();
if(key == NULL) {
xmlSecInternalError("xmlSecKeyEnsureData", NULL);
goto done;
}
- ret = xmlSecGnuTLSKeyDataX509AdoptKeyCert(x509Data, cert);
+
+ /* add cert and key cert */
+ ret = xmlSecGnuTLSKeyDataX509AdoptKeyCert(x509Data, keyCert);
if(ret < 0) {
xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptKeyCert", NULL);
goto done;
}
+ keyCert = NULL; /* owned by x509Data now */
+
+ ret = xmlSecGnuTLSKeyDataX509AdoptCert(x509Data, cert);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert", NULL);
+ goto done;
+ }
cert = NULL; /* owned by x509Data now */
/* success */
if(cert != NULL) {
gnutls_x509_crt_deinit(cert);
}
+ if(keyCert != NULL) {
+ gnutls_x509_crt_deinit(keyCert);
+ }
if(keyData != NULL) {
xmlSecKeyDataDestroy(keyData);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:asymkeys
#include <gnutls/x509.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/base64.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/gnutls/crypto.h>
+#include "../cast_helpers.h"
+
/**************************************************************************
*
* We use xmlsec-gcrypt for all the basic crypto ops
gcry_mpi_t * mpis, xmlSecSize mpisNum) {
xmlSecSize ii;
- int rc;
+ gcry_error_t rc;
xmlSecAssert2(params != NULL, -1);
xmlSecAssert2(mpis != NULL, -1);
gcry_mpi_t mpis[5];
gcry_sexp_t priv_key = NULL;
gcry_sexp_t pub_key = NULL;
- int rc;
+ gcry_error_t rc;
int err;
int ret;
gnutls_datum_t params[4];
gcry_mpi_t mpis[4];
gcry_sexp_t pub_key = NULL;
- int rc;
+ gcry_error_t rc;
int ret;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataDsaId), -1);
gcry_mpi_t mpis[6];
gcry_sexp_t priv_key = NULL;
gcry_sexp_t pub_key = NULL;
- int rc;
+ gcry_error_t rc;
int err;
int ret;
/* Convert from OpenSSL parameter ordering to the OpenPGP order. */
/* (http://gnupg.10057.n7.nabble.com/RSA-PKCS-1-signing-differs-from-OpenSSL-s-td27920.html) */
- /* First check that p < q; if not swap p and q and recompute u. */
+ /* First check that p < q; if not swap p and q and recompute u. */
if (gcry_mpi_cmp(mpis[3], mpis[4]) > 0) {
gcry_mpi_swap(mpis[3], mpis[4]);
gcry_mpi_invm(mpis[5], mpis[3], mpis[4]);
gnutls_datum_t params[2];
gcry_mpi_t mpis[2];
gcry_sexp_t pub_key = NULL;
- int rc;
+ gcry_error_t rc;
int ret;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataRsaId), -1);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:ciphers
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:crypto
ret = xmlSecBufferSetSize(buffer, size);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", NULL,
- "size=%d", size);
+ "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:digests
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
#define __XMLSEC_GLOBALS_H__
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
- "gcrypt error: %ld: %s: %s", \
- (long)(errCode), \
- xmlSecErrorsSafeString(source), \
+ "gcrypt error: %u: %s: %s", \
+ (errCode), \
+ xmlSecErrorsSafeString(source), \
xmlSecErrorsSafeString(message) \
); \
}
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
- "gnutls error: %ld: %s", \
- (long)(errCode), \
- xmlSecErrorsSafeString(message) \
+ "gnutls error: %d: %s", \
+ (errCode), \
+ xmlSecErrorsSafeString(message) \
); \
}
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
- msg "gnutls error: %ld: %s", \
+ msg "gnutls error: %d: %s", \
(param), \
- (long)(errCode), \
+ (errCode), \
xmlSecErrorsSafeString(message) \
); \
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:hmac
#include <string.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/errors.h>
#include <xmlsec/keys.h>
+#include <xmlsec/private.h>
#include <xmlsec/transforms.h>
-#include <xmlsec/errors.h>
#include <xmlsec/gnutls/app.h>
#include <xmlsec/gnutls/crypto.h>
+#include "../cast_helpers.h"
+#include "../transform_helpers.h"
+
+
/**************************************************************************
*
* We use xmlsec-gcrypt for all the basic crypto ops
/**
* xmlSecGnuTLSHmacGetMinOutputLength:
*
+ * DEPRECATED (use @xmlSecTransformHmacGetMinOutputBitsSize instead).
* Gets the value of min HMAC length.
*
* Returns: the min HMAC output length
*/
int xmlSecGnuTLSHmacGetMinOutputLength(void)
{
- return xmlSecGCryptHmacGetMinOutputLength();
+ xmlSecSize val = xmlSecTransformHmacGetMinOutputBitsSize();
+ int res;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(val, res, return(-1), NULL);
+ return res;
}
/**
* xmlSecGnuTLSHmacSetMinOutputLength:
* @min_length: the new min length
*
+ * DEPRECATED (use @xmlSecTransformHmacSetMinOutputBitsSize instead).
* Sets the min HMAC output length
*/
void xmlSecGnuTLSHmacSetMinOutputLength(int min_length)
{
- xmlSecGCryptHmacSetMinOutputLength(min_length);
+ xmlSecSize val;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(min_length, val, return, NULL);
+ xmlSecTransformHmacSetMinOutputBitsSize(val);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_aes
#include <string.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_des
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:signatures
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:symkeys
#include <string.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:x509
#include <errno.h>
#include <time.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/base64.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/keysmngr.h>
#include <xmlsec/gnutls/x509.h>
#include "x509utils.h"
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+
/*************************************************************************
*
* X509 utility functions
*
************************************************************************/
-static int xmlSecGnuTLSX509DataNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecGnuTLSX509CertificateNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecGnuTLSX509CertificateNodeWrite (gnutls_x509_crt_t cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecGnuTLSX509SubjectNameNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecGnuTLSX509SubjectNameNodeWrite (gnutls_x509_crt_t cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecGnuTLSX509IssuerSerialNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecGnuTLSX509IssuerSerialNodeWrite (gnutls_x509_crt_t cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecGnuTLSX509SKINodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecGnuTLSX509SKINodeWrite (gnutls_x509_crt_t cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecGnuTLSX509CRLNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecGnuTLSX509CRLNodeWrite (gnutls_x509_crl_t crl,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
static int xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
xmlSecKeyPtr key,
xmlSecKeyInfoCtxPtr keyInfoCtx);
/**************************************************************************
*
- * <dsig:X509Data> processing
- *
- *
- * The X509Data Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
- *
- * An X509Data element within KeyInfo contains one or more identifiers of keys
- * or X509 certificates (or certificates' identifiers or a revocation list).
- * The content of X509Data is:
- *
- * 1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
- * 2.
- * * The X509IssuerSerial element, which contains an X.509 issuer
- * distinguished name/serial number pair that SHOULD be compliant
- * with RFC2253 [LDAP-DN],
- * * The X509SubjectName element, which contains an X.509 subject
- * distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
- * * The X509SKI element, which contains the base64 encoded plain (i.e.
- * non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
- * * The X509Certificate element, which contains a base64-encoded [X509v3]
- * certificate, and
- * * Elements from an external namespace which accompanies/complements any
- * of the elements above.
- * * The X509CRL element, which contains a base64-encoded certificate
- * revocation list (CRL) [X509v3].
- *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
- * MUST refer to the certificate or certificates containing the validation key.
- * All such elements that refer to a particular individual certificate MUST be
- * grouped inside a single X509Data element and if the certificate to which
- * they refer appears, it MUST also be in that X509Data element.
- *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
- * the same key but different certificates MUST be grouped within a single
- * KeyInfo but MAY occur in multiple X509Data elements.
- *
- * All certificates appearing in an X509Data element MUST relate to the
- * validation key by either containing it or being part of a certification
- * chain that terminates in a certificate containing the validation key.
- *
- * No ordering is implied by the above constraints.
- *
- * Note, there is no direct provision for a PKCS#7 encoded "bag" of
- * certificates or CRLs. However, a set of certificates and CRLs can occur
- * within an X509Data element and multiple X509Data elements can occur in a
- * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
- * least one such certificate must contain the public key which verifies the
- * signature.
- *
- * Schema Definition
- *
- * <element name="X509Data" type="ds:X509DataType"/>
- * <complexType name="X509DataType">
- * <sequence maxOccurs="unbounded">
- * <choice>
- * <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
- * <element name="X509SKI" type="base64Binary"/>
- * <element name="X509SubjectName" type="string"/>
- * <element name="X509Certificate" type="base64Binary"/>
- * <element name="X509CRL" type="base64Binary"/>
- * <any namespace="##other" processContents="lax"/>
- * </choice>
- * </sequence>
- * </complexType>
- * <complexType name="X509IssuerSerialType">
- * <sequence>
- * <element name="X509IssuerName" type="string"/>
- * <element name="X509SerialNumber" type="integer"/>
- * </sequence>
- * </complexType>
- *
- * DTD
- *
- * <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
- * X509Certificate | X509CRL)+ %X509.ANY;)>
- * <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
- * <!ELEMENT X509IssuerName (#PCDATA) >
- * <!ELEMENT X509SubjectName (#PCDATA) >
- * <!ELEMENT X509SerialNumber (#PCDATA) >
- * <!ELEMENT X509SKI (#PCDATA) >
- * <!ELEMENT X509Certificate (#PCDATA) >
- * <!ELEMENT X509CRL (#PCDATA) >
- *
- * -----------------------------------------------------------------------
- *
- * xmlSecGnuTLSX509DataCtx is located after xmlSecTransform
+ * <dsig:X509Data> processing (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
*
*************************************************************************/
-#define xmlSecGnuTLSX509DataSize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecGnuTLSX509DataCtx))
-#define xmlSecGnuTLSX509DataGetCtx(data) \
- ((xmlSecGnuTLSX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+XMLSEC_KEY_DATA_DECLARE(GnuTLSX509Data, xmlSecGnuTLSX509DataCtx)
+#define xmlSecGnuTLSX509DataSize XMLSEC_KEY_DATA_SIZE(GnuTLSX509Data)
static int xmlSecGnuTLSKeyDataX509Initialize (xmlSecKeyDataPtr data);
static int xmlSecGnuTLSKeyDataX509Duplicate (xmlSecKeyDataPtr dst,
FILE* output);
+typedef struct _xmlSecGnuTLSKeyDataX509Context {
+ xmlSecSize crtPos;
+ xmlSecSize crtSize;
+ xmlSecSize crlPos;
+ xmlSecSize crlSize;
+} xmlSecGnuTLSKeyDataX509Context;
+
+static int xmlSecGnuTLSKeyDataX509Read (xmlSecKeyDataPtr data,
+ xmlSecKeyValueX509Ptr x509Value,
+ xmlSecKeysMngrPtr keysMngr,
+ unsigned int flags);
+static int xmlSecGnuTLSKeyDataX509Write (xmlSecKeyDataPtr data,
+ xmlSecKeyValueX509Ptr x509Value,
+ int content,
+ void* context);
+
+static int xmlSecGnuTLSX509CertSKIWrite (gnutls_x509_crt_t cert,
+ xmlSecBufferPtr buf);
static xmlSecKeyDataKlass xmlSecGnuTLSKeyDataX509Klass = {
sizeof(xmlSecKeyDataKlass),
xmlSecAssert2(id == xmlSecGnuTLSKeyDataX509Id, -1);
xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
data = xmlSecKeyEnsureData(key, id);
if(data == NULL) {
xmlSecInternalError("xmlSecKeyEnsureData",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
- ret = xmlSecGnuTLSX509DataNodeRead(data, node, keyInfoCtx);
+ ret = xmlSecKeyDataX509XmlRead(data, node, keyInfoCtx,
+ xmlSecGnuTLSKeyDataX509Read);
if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSX509DataNodeRead",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecInternalError("xmlSecKeyDataX509XmlRead",
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
ret = xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
if(ret < 0) {
xmlSecInternalError("xmlSecGnuTLSKeyDataX509VerifyAndExtractKey",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
return(0);
xmlSecGnuTLSKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
xmlSecKeyDataPtr data;
- gnutls_x509_crt_t cert;
- gnutls_x509_crl_t crl;
- xmlSecSize size, pos;
- int content;
+ xmlSecGnuTLSKeyDataX509Context context;
int ret;
xmlSecAssert2(id == xmlSecGnuTLSKeyDataX509Id, -1);
xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlSecX509DataGetNodeContent (node, keyInfoCtx);
- if (content < 0) {
- xmlSecInternalError2("xmlSecX509DataGetNodeContent",
- xmlSecKeyDataKlassGetName(id),
- "content=%d", content);
- return(-1);
- } else if(content == 0) {
- /* by default we are writing certificates and crls */
- content = XMLSEC_X509DATA_DEFAULT;
- }
/* get x509 data */
data = xmlSecKeyGetData(key, id);
return(0);
}
- /* write certs */
- size = xmlSecGnuTLSKeyDataX509GetCertsSize(data);
- for(pos = 0; pos < size; ++pos) {
- cert = xmlSecGnuTLSKeyDataX509GetCert(data, pos);
- if(cert == NULL) {
- xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCert",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
-
- if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
- ret = xmlSecGnuTLSX509CertificateNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecGnuTLSX509CertificateNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
- ret = xmlSecGnuTLSX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecGnuTLSX509SubjectNameNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
- ret = xmlSecGnuTLSX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecGnuTLSX509IssuerSerialNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
- ret = xmlSecGnuTLSX509SKINodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecGnuTLSX509SKINodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
- }
+ /* setup context */
+ context.crtPos = context.crlPos = 0;
+ context.crtSize = xmlSecGnuTLSKeyDataX509GetCertsSize(data);
+ context.crlSize = xmlSecGnuTLSKeyDataX509GetCrlsSize(data);
- /* write crls if needed */
- if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
- size = xmlSecGnuTLSKeyDataX509GetCrlsSize(data);
- for(pos = 0; pos < size; ++pos) {
- crl = xmlSecGnuTLSKeyDataX509GetCrl(data, pos);
- if(crl == NULL) {
- xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCrl",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
-
- ret = xmlSecGnuTLSX509CRLNodeWrite(crl, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecGnuTLSX509CRLNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
+ ret = xmlSecKeyDataX509XmlWrite(data, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecGnuTLSKeyDataX509Write, &context);
+ if(ret < 0) {
+ xmlSecInternalError3("xmlSecKeyDataX509XmlWrite",
+ xmlSecKeyDataKlassGetName(id),
+ "crtSize=" XMLSEC_SIZE_FMT "; crlSize=" XMLSEC_SIZE_FMT,
+ context.crtSize, context.crlSize);
+ return(-1);
}
- /* done */
+ /* success */
return(0);
}
if(cert == NULL) {
xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCert",
xmlSecKeyDataGetName(data),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return;
}
fprintf(output, "==== Certificate:\n");
if(crl == NULL) {
xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCrl",
xmlSecKeyDataGetName(data),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return;
}
fprintf(output, "==== Crl:\n");
if(cert == NULL) {
xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCert",
xmlSecKeyDataGetName(data),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return;
}
fprintf(output, "<Certificate>\n");
if(crl == NULL) {
xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCrl",
xmlSecKeyDataGetName(data),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return;
}
fprintf(output, "<CRL>\n");
fprintf(output, "</X509Data>\n");
}
-static int
-xmlSecGnuTLSX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- for(cur = xmlSecGetNextElementNode(node->children);
- cur != NULL;
- cur = xmlSecGetNextElementNode(cur->next)) {
-
- ret = 0;
- if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
- ret = xmlSecGnuTLSX509CertificateNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSX509CertificateNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
- ret = xmlSecGnuTLSX509SubjectNameNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSX509SubjectNameNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
- ret = xmlSecGnuTLSX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSX509IssuerSerialNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
- ret = xmlSecGnuTLSX509SKINodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSX509SKINodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
- ret = xmlSecGnuTLSX509CRLNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSX509CRLNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
- /* laxi schema validation: ignore unknown nodes */
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
- return(-1);
- }
- }
- return(0);
-}
-
-static int
-xmlSecGnuTLSX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar *content;
- gnutls_x509_crt_t cert;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlNodeGetContent(node);
- if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
- if(content != NULL) {
- xmlFree(content);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- return(0);
- }
-
- cert = xmlSecGnuTLSX509CertBase64DerRead(content);
- if(cert == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertBase64DerRead",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
- return(-1);
- }
-
- ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- gnutls_x509_crt_deinit(cert);
- xmlFree(content);
- return(-1);
- }
-
- xmlFree(content);
- return(0);
-}
static int
-xmlSecGnuTLSX509CertificateNodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* buf;
- xmlNodePtr cur;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- /* set base64 lines size from context */
- buf = xmlSecGnuTLSX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertBase64DerWrite", NULL);
- return(-1);
- }
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509Certificate)", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- /* todo: add \n around base64 data - from context */
- /* todo: add errors check */
- xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
- xmlNodeSetContent(cur, buf);
- xmlFree(buf);
- return(0);
-}
-
-
-
-#define XMLSEC_GNUTLS_IS_SPACE(ch) \
- (((ch) == ' ') || ((ch) == '\r') || ((ch) == '\n'))
-
-static void
-xmlSecGnuTLSX509Trim(xmlChar * str) {
- xmlChar * p, * q;
-
- xmlSecAssert(str != NULL);
-
- /* skip spaces from the beggining */
- p = str;
- while(XMLSEC_GNUTLS_IS_SPACE(*p) && ((*p) != '\0')) {
- ++p;
- }
- if(p != str) {
- for(q = str; ; ++q, ++p) {
- (*q) = (*p);
- if((*p) == '\0') {
- break;
- }
- }
- }
-
- /* skip spaces from the end */
- for(p = str; (*p) != '\0'; ++p) {
- ;
- }
- while((p > str) && (XMLSEC_GNUTLS_IS_SPACE(*(p - 1)))) {
- *(--p) = '\0';
- }
-}
-
-static int
-xmlSecGnuTLSX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecGnuTLSKeyDataX509Read(xmlSecKeyDataPtr data, xmlSecKeyValueX509Ptr x509Value,
+ xmlSecKeysMngrPtr keysMngr, unsigned int flags) {
xmlSecKeyDataStorePtr x509Store;
- xmlChar* subject;
- gnutls_x509_crt_t cert;
- gnutls_x509_crt_t cert2;
+ int stopOnUnknownCert = 0;
+ gnutls_x509_crt_t storeCert = NULL;
+ gnutls_x509_crt_t cert = NULL;
+ gnutls_x509_crl_t crl = NULL;
int ret;
+ int res = -1;
+ xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(keysMngr != NULL, -1);
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
+ x509Store = xmlSecKeysMngrGetDataStore(keysMngr, xmlSecGnuTLSX509StoreId);
if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
+ xmlSecInternalError("xmlSecKeysMngrGetDataStore", xmlSecKeyDataGetName(data));
+ goto done;
}
- subject = xmlNodeGetContent(node);
- if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
- if(subject != NULL) {
- xmlFree(subject);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- return(0);
+ /* determine what to do */
+ if((flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ stopOnUnknownCert = 1;
}
- xmlSecGnuTLSX509Trim(subject);
- cert = xmlSecGnuTLSX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
- if(cert == NULL){
-
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ if(xmlSecBufferGetSize(&(x509Value->cert)) > 0) {
+ cert = xmlSecGnuTLSX509CertRead(xmlSecBufferGetData(&(x509Value->cert)),
+ xmlSecBufferGetSize(&(x509Value->cert)), xmlSecKeyDataFormatCertDer);
+ if(cert == NULL) {
+ xmlSecInternalError("xmlSecGnuTLSX509CertRead", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ } else if(xmlSecBufferGetSize(&(x509Value->crl)) > 0) {
+ crl = xmlSecGnuTLSX509CrlRead(xmlSecBufferGetData(&(x509Value->crl)),
+ xmlSecBufferGetSize(&(x509Value->crl)), xmlSecKeyDataFormatCertDer);
+ if(crl == NULL) {
+ xmlSecInternalError("xmlSecGnuTLSX509CrlRead", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ } else if(xmlSecBufferGetSize(&(x509Value->ski)) > 0) {
+ storeCert = xmlSecGnuTLSX509StoreFindCert_ex(x509Store, NULL, NULL, NULL,
+ xmlSecBufferGetData(&(x509Value->ski)), xmlSecBufferGetSize(&(x509Value->ski)),
+ NULL /* unused */);
+ if((storeCert == NULL) && (stopOnUnknownCert != 0)) {
xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "subject=%s", xmlSecErrorsSafeString(subject));
- xmlFree(subject);
- return(-1);
+ "skiSize=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(&(x509Value->ski)));
+ goto done;
}
-
- xmlFree(subject);
- return(0);
- }
-
- cert2 = xmlSecGnuTLSX509CertDup(cert);
- if(cert2 == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertDup",
- xmlSecKeyDataGetName(data));
- xmlFree(subject);
- return(-1);
- }
-
- ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert2);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- gnutls_x509_crt_deinit(cert2);
- xmlFree(subject);
- return(-1);
- }
-
- xmlFree(subject);
- return(0);
-}
-
-static int
-xmlSecGnuTLSX509SubjectNameNodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlChar* buf = NULL;
- xmlNodePtr cur = NULL;
- int ret;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* add node */
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SubjectName)", NULL);
- return(-1);
- }
-
- /* get subject */
- buf = xmlSecGnuTLSX509CertGetSubjectDN(cert);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertGetSubjectDN", NULL);
- return(-1);
- }
-
- /* set value */
- ret = xmlSecNodeEncodeAndSetContent(cur, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- /* done */
- xmlFree(buf);
- return(0);
-}
-
-static int
-xmlSecGnuTLSX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr x509Store;
- xmlNodePtr cur;
- xmlChar *issuerName;
- xmlChar *issuerSerial;
- gnutls_x509_crt_t cert;
- gnutls_x509_crt_t cert2;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(node->children);
- if(cur == NULL) {
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecNodeNotFoundError("xmlSecGetNextElementNode", node, NULL,
- xmlSecKeyDataGetName(data));
- return(-1);
+ } else if(x509Value->subject != NULL) {
+ storeCert = xmlSecGnuTLSX509StoreFindCert_ex(x509Store, x509Value->subject,
+ NULL, NULL, NULL, 0, NULL /* unused */);
+ if((storeCert == NULL) && (stopOnUnknownCert != 0)) {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "subject=%s", xmlSecErrorsSafeString(x509Value->subject));
+ goto done;
}
- return(0);
- }
-
- /* the first is required node X509IssuerName */
- if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
- xmlSecInvalidNodeError(cur, xmlSecNodeX509IssuerName, xmlSecKeyDataGetName(data));
- return(-1);
- }
- issuerName = xmlNodeGetContent(cur);
- if(issuerName == NULL) {
- xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* next is required node X509SerialNumber */
- if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
- xmlSecInvalidNodeError(cur, xmlSecNodeX509SerialNumber, xmlSecKeyDataGetName(data));
- xmlFree(issuerName);
- return(-1);
- }
- issuerSerial = xmlNodeGetContent(cur);
- if(issuerSerial == NULL) {
- xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data), "empty");
- xmlFree(issuerName);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
- }
-
- xmlSecGnuTLSX509Trim(issuerName);
- xmlSecGnuTLSX509Trim(issuerSerial);
- cert = xmlSecGnuTLSX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
- if(cert == NULL){
-
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ } else if((x509Value->issuerName != NULL) && (x509Value->issuerSerial != NULL)) {
+ storeCert = xmlSecGnuTLSX509StoreFindCert_ex(x509Store, NULL,
+ x509Value->issuerName, x509Value->issuerSerial,
+ NULL, 0, NULL /* unused */);
+ if((storeCert == NULL) && (stopOnUnknownCert != 0)) {
xmlSecOtherError3(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "issuerName=%s;issuerSerial=%s",
- xmlSecErrorsSafeString(issuerName),
- xmlSecErrorsSafeString(issuerSerial));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
+ "issuerName=%s;issuerSerial=%s",
+ xmlSecErrorsSafeString(x509Value->issuerName),
+ xmlSecErrorsSafeString(x509Value->issuerSerial));
+ goto done;
}
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(0);
- }
-
- cert2 = xmlSecGnuTLSX509CertDup(cert);
- if(cert2 == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertDup",
- xmlSecKeyDataGetName(data));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
- }
-
- ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert2);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- gnutls_x509_crt_deinit(cert2);
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
}
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(0);
-}
-
-static int
-xmlSecGnuTLSX509IssuerSerialNodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlNodePtr cur;
- xmlNodePtr issuerNameNode;
- xmlNodePtr issuerNumberNode;
- xmlChar* buf;
- int ret;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* create xml nodes */
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509IssuerSerial)", NULL);
- return(-1);
- }
-
- issuerNameNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
- if(issuerNameNode == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509IssuerName)", NULL);
- return(-1);
+ /* if we found cert in a store, then duplicate it for key data */
+ if((cert == NULL) && (storeCert != NULL)) {
+ cert = xmlSecGnuTLSX509CertDup(storeCert);
+ if(cert == NULL) {
+ xmlSecInternalError("xmlSecGnuTLSX509CertDup", xmlSecKeyDataGetName(data));
+ goto done;
+ }
}
- issuerNumberNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
- if(issuerNumberNode == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SerialNumber)", NULL);
- return(-1);
+ /* if we found a cert or a crl, then add it to the data */
+ if(cert != NULL) {
+ ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ cert = NULL; /* owned by data now */
}
-
- /* write data */
- buf = xmlSecGnuTLSX509CertGetIssuerDN(cert);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertGetIssuerDN", NULL);
- return(-1);
+ if(crl != NULL) {
+ ret = xmlSecGnuTLSKeyDataX509AdoptCrl(data, crl);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCrl", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ crl = NULL; /* owned by data now */
}
- ret = xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent(issuerNameNode)", NULL);
- xmlFree(buf);
- return(-1);
- }
- xmlFree(buf);
+ /* success */
+ res = 0;
- buf = xmlSecGnuTLSX509CertGetIssuerSerial(cert);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertGetIssuerSerial", NULL);
- return(-1);
+done:
+ /* cleanup */
+ if(cert != NULL) {
+ gnutls_x509_crt_deinit(cert);
}
-
- ret = xmlSecNodeEncodeAndSetContent(issuerNumberNode, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent(issuerNumberNode)", NULL);
- xmlFree(buf);
- return(-1);
+ if(crl != NULL) {
+ gnutls_x509_crl_deinit(crl);
}
-
- /* done */
- xmlFree(buf);
- return(0);
+ return(res);
}
-
static int
-xmlSecGnuTLSX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr x509Store;
- xmlChar* ski;
- gnutls_x509_crt_t cert;
- gnutls_x509_crt_t cert2;
+xmlSecGnuTLSKeyDataX509Write(xmlSecKeyDataPtr data, xmlSecKeyValueX509Ptr x509Value,
+ int content, void* context) {
+ xmlSecGnuTLSKeyDataX509Context* ctx;
int ret;
+ xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(context != NULL, -1);
- ski = xmlNodeGetContent(node);
- if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
- if(ski != NULL) {
- xmlFree(ski);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
+ ctx = (xmlSecGnuTLSKeyDataX509Context*)context;
+ if(ctx->crtPos < ctx->crtSize) {
+ /* write cert */
+ gnutls_x509_crt_t cert = xmlSecGnuTLSKeyDataX509GetCert(data, ctx->crtPos);
+ if(cert == NULL) {
+ xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCert",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
return(-1);
}
- return(0);
- }
-
- xmlSecGnuTLSX509Trim(ski);
- cert = xmlSecGnuTLSX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
- if(cert == NULL){
- xmlFree(ski);
+ if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
+ ret = xmlSecGnuTLSX509CertDerWrite(cert, &(x509Value->cert));
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecGnuTLSX509CertDerWrite",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
+ }
+ if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
+ ret = xmlSecGnuTLSX509CertSKIWrite(cert, &(x509Value->ski));
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecGnuTLSX509SKIWrite",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
+ }
+ if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
+ xmlSecAssert2(x509Value->subject == NULL, -1);
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "ski=%s",
- xmlSecErrorsSafeString(ski));
+ x509Value->subject = xmlSecGnuTLSX509CertGetSubjectDN(cert);
+ if(x509Value->subject == NULL) {
+ xmlSecInternalError2("xmlSecGnuTLSX509CertGetSubjectDN",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
+ }
+ if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
+ xmlSecAssert2(x509Value->issuerName == NULL, -1);
+ xmlSecAssert2(x509Value->issuerSerial == NULL, -1);
+
+ x509Value->issuerName = xmlSecGnuTLSX509CertGetIssuerDN(cert);
+ if(x509Value->issuerName == NULL) {
+ xmlSecInternalError2("xmlSecGnuTLSX509CertGetIssuerDN",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
+ x509Value->issuerSerial = xmlSecGnuTLSX509CertGetIssuerSerial(cert);
+ if(x509Value->issuerSerial == NULL) {
+ xmlSecInternalError2("xmlSecGnuTLSX509CertGetIssuerSerial",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
+ }
+ ++ctx->crtPos;
+ } else if(ctx->crlPos < ctx->crlSize) {
+ /* write crl */
+ gnutls_x509_crl_t crl = xmlSecGnuTLSKeyDataX509GetCrl(data, ctx->crlPos);
+ if(crl == NULL) {
+ xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCrl",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crlPos);
return(-1);
}
- return(0);
- }
-
- cert2 = xmlSecGnuTLSX509CertDup(cert);
- if(cert2 == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertDup",
- xmlSecKeyDataGetName(data));
- xmlFree(ski);
- return(-1);
- }
- ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert2);
- if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- gnutls_x509_crt_deinit(cert2);
- xmlFree(ski);
- return(-1);
+ if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
+ ret = xmlSecGnuTLSX509CrlDerWrite(crl, &(x509Value->crl));
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecGnuTLSX509CrlDerWrite",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crlPos);
+ return(-1);
+ }
+ }
+ ++ctx->crlPos;
+ } else {
+ /* no more certs or crls */
+ return(1);
}
- xmlFree(ski);
+ /* success */
return(0);
}
static int
-xmlSecGnuTLSX509SKINodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlChar *buf = NULL;
- xmlNodePtr cur = NULL;
+xmlSecGnuTLSX509CertSKIWrite(gnutls_x509_crt_t cert, xmlSecBufferPtr buf) {
+ size_t bufSizeT = 0;
+ xmlSecSize bufSize;
+ xmlSecByte * bufData;
+ unsigned int critical = 0;
int ret;
+ int err;
xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* add node */
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SKI)", NULL);
- return(-1);
- }
-
- /* write value */
- buf = xmlSecGnuTLSX509CertGetSKI(cert);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertGetSKI", NULL);
- return(-1);
- }
-
- ret = xmlSecNodeEncodeAndSetContent(cur, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- /* done */
- xmlFree(buf);
- return(0);
-}
-
-static int
-xmlSecGnuTLSX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar *content;
- gnutls_x509_crl_t crl;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlNodeGetContent(node);
- if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
- if(content != NULL) {
- xmlFree(content);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- return(0);
- }
+ xmlSecAssert2(buf != NULL, -1);
- crl = xmlSecGnuTLSX509CrlBase64DerRead(content);
- if(crl == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CrlBase64DerRead",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
+ /* get size */
+ err = gnutls_x509_crt_get_subject_key_id(cert, NULL, &bufSizeT, &critical);
+ if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSizeT <= 0)) {
+ xmlSecGnuTLSError("gnutls_x509_crt_get_subject_key_id", err, NULL);
return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(bufSizeT, bufSize, return(-1), NULL);
- ret = xmlSecGnuTLSKeyDataX509AdoptCrl(data, crl);
+ /* allocate buffer */
+ ret = xmlSecBufferSetSize(buf, bufSize);
if(ret < 0) {
- xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCrl",
- xmlSecKeyDataGetName(data));
- gnutls_x509_crl_deinit(crl);
- xmlFree(content);
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "bufSize=" XMLSEC_SIZE_FMT, bufSize);
return(-1);
}
+ bufData = xmlSecBufferGetData(buf);
+ xmlSecAssert2(bufData != NULL, -1);
- xmlFree(content);
- return(0);
-}
-
-static int
-xmlSecGnuTLSX509CRLNodeWrite(gnutls_x509_crl_t crl, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* buf = NULL;
- xmlNodePtr cur = NULL;
-
- xmlSecAssert2(crl != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- /* set base64 lines size from context */
- buf = xmlSecGnuTLSX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CrlBase64DerWrite", NULL);
- return(-1);
- }
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509CRL)", NULL);
- xmlFree(buf);
+ /* write it out */
+ err = gnutls_x509_crt_get_subject_key_id(cert, bufData, &bufSizeT, &critical);
+ if(err != GNUTLS_E_SUCCESS) {
+ xmlSecGnuTLSError("gnutls_x509_crt_get_subject_key_id", err, NULL);
return(-1);
}
- /* todo: add \n around base64 data - from context */
- /* todo: add errors check */
- xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
- xmlNodeSetContent(cur, buf);
- xmlFree(buf);
+ /* success */
return(0);
}
-
static int
xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
xmlSecKeyInfoCtxPtr keyInfoCtx) {
key->notValidBefore = gnutls_x509_crt_get_activation_time(ctx->keyCert);
if(key->notValidBefore == (time_t)-1) {
xmlSecGnuTLSError2("gnutls_x509_crt_get_activation_time", GNUTLS_E_SUCCESS,
- xmlSecKeyDataGetName(data),
- "cert activation time is invalid: %ld",
- (unsigned long)key->notValidBefore);
+ xmlSecKeyDataGetName(data),
+ "cert activation time is invalid: %.lf",
+ difftime(key->notValidBefore, (time_t)0));
return(-1);
}
key->notValidAfter = gnutls_x509_crt_get_expiration_time(ctx->keyCert);
if(key->notValidAfter == (time_t)-1) {
xmlSecGnuTLSError2("gnutls_x509_crt_get_expiration_time", GNUTLS_E_SUCCESS,
- xmlSecKeyDataGetName(data),
- "cert expiration time is invalid: %ld",
- (unsigned long)key->notValidAfter);
+ xmlSecKeyDataGetName(data),
+ "cert expiration time is invalid: %.lf",
+ difftime(key->notValidAfter, (time_t)0));
return(-1);
}
} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:x509utils
- * @Short_description: X509 certificates support functions for GnuTLS.
+ * @Short_description: X509 certificates support functions for GnuTLS.
* @Stability: Private
*
*/
#include <errno.h>
#include <time.h>
-#include <libxml/tree.h>
-
-
-
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include <gnutls/pkcs12.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/keysmngr.h>
#include <xmlsec/gnutls/x509.h>
#include "x509utils.h"
-
+#include "../cast_helpers.h"
/**************************************************************************
*
*
************************************************************************/
-/* HACK: gnutls doesn't have cert duplicate function, so we simply
+/* HACK: gnutls doesn't have cert duplicate function, so we simply
write cert out and then read it back */
gnutls_x509_crt_t
xmlSecGnuTLSX509CertDup(gnutls_x509_crt_t src) {
- xmlChar * buf = NULL;
+ xmlSecBuffer buf;
gnutls_x509_crt_t res = NULL;
+ int ret;
xmlSecAssert2(src != NULL, NULL);
- buf = xmlSecGnuTLSX509CertBase64DerWrite(src, 0);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertBase64DerWrite", NULL);
+ ret = xmlSecBufferInitialize(&buf, 0);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize", NULL);
return (NULL);
}
- res = xmlSecGnuTLSX509CertBase64DerRead(buf);
+ ret = xmlSecGnuTLSX509CertDerWrite(src, &buf);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSX509CertDerWrite", NULL);
+ xmlSecBufferFinalize(&buf);
+ return (NULL);
+ }
+
+ res = xmlSecGnuTLSX509CertRead(xmlSecBufferGetData(&buf), xmlSecBufferGetSize(&buf),
+ xmlSecKeyDataFormatCertDer);
if(res == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CertBase64DerRead", NULL);
- xmlFree(buf);
+ xmlSecInternalError("xmlSecGnuTLSX509CertRead", NULL);
+ xmlSecBufferFinalize(&buf);
return (NULL);
}
/* done */
- xmlFree(buf);
+ xmlSecBufferFinalize(&buf);
return (res);
}
return(res);
}
-xmlChar *
-xmlSecGnuTLSX509CertGetSKI(gnutls_x509_crt_t cert) {
- xmlChar * res = NULL;
- xmlSecByte* buf = NULL;
- size_t bufSize = 0;
- unsigned int critical = 0;
- int err;
-
- xmlSecAssert2(cert != NULL, NULL);
-
- /* get ski size */
- err = gnutls_x509_crt_get_subject_key_id(cert, NULL, &bufSize, &critical);
- if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSize <= 0)) {
- xmlSecGnuTLSError("gnutls_x509_crt_get_subject_key_id", err, NULL);
- return(NULL);
- }
-
- /* allocate buffer */
- buf = (xmlSecByte *)xmlMalloc(bufSize + 1);
- if(buf == NULL) {
- xmlSecMallocError(bufSize + 1, NULL);
- return(NULL);
- }
-
- /* write it out */
- err = gnutls_x509_crt_get_subject_key_id(cert, buf, &bufSize, &critical);
- if(err != GNUTLS_E_SUCCESS) {
- xmlSecGnuTLSError("gnutls_x509_crt_get_subject_key_id", err, NULL);
- xmlFree(buf);
- return(NULL);
- }
-
- /* convert to string */
- res = xmlSecBase64Encode(buf, bufSize, 0);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- xmlFree(buf);
- return(NULL);
- }
-
- /* done */
- xmlFree(buf);
- return(res);
-}
-
-
-gnutls_x509_crt_t
-xmlSecGnuTLSX509CertBase64DerRead(xmlChar* buf) {
- int ret;
-
- xmlSecAssert2(buf != NULL, NULL);
-
- /* usual trick with base64 decoding "in-place" */
- ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- return(NULL);
- }
-
- return(xmlSecGnuTLSX509CertRead((const xmlSecByte*)buf, ret, xmlSecKeyDataFormatCertDer));
-}
-
gnutls_x509_crt_t
xmlSecGnuTLSX509CertRead(const xmlSecByte* buf, xmlSecSize size, xmlSecKeyDataFormat format) {
gnutls_x509_crt_t cert = NULL;
gnutls_x509_crt_fmt_t fmt;
gnutls_datum_t data;
+ unsigned int bufLen;
int err;
xmlSecAssert2(buf != NULL, NULL);
break;
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(NULL);
}
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(size, bufLen, return(NULL), NULL);
/* read cert */
err = gnutls_x509_crt_init(&cert);
}
data.data = (unsigned char*)buf;
- data.size = size;
+ data.size = bufLen;
+
err = gnutls_x509_crt_import(cert, &data, fmt);
if(err != GNUTLS_E_SUCCESS) {
xmlSecGnuTLSError("gnutls_x509_crt_import", err, NULL);
return(cert);
}
-xmlChar*
-xmlSecGnuTLSX509CertBase64DerWrite(gnutls_x509_crt_t cert, int base64LineWrap) {
- xmlChar * res = NULL;
- xmlSecByte* buf = NULL;
- size_t bufSize = 0;
+int
+xmlSecGnuTLSX509CertDerWrite(gnutls_x509_crt_t cert, xmlSecBufferPtr buf) {
+ size_t bufSizeT = 0;
+ xmlSecSize bufSize;
+ xmlSecByte * bufData;
+ int ret;
int err;
- xmlSecAssert2(cert != NULL, NULL);
+ xmlSecAssert2(cert != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
/* get size */
- err = gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, NULL, &bufSize);
- if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSize <= 0)) {
+ err = gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, NULL, &bufSizeT);
+ if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSizeT <= 0)) {
xmlSecGnuTLSError("gnutls_x509_crt_export(GNUTLS_X509_FMT_DER)", err, NULL);
- return(NULL);
+ return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(bufSizeT, bufSize, return(-1), NULL);
/* allocate buffer */
- buf = (xmlSecByte *)xmlMalloc(bufSize + 1);
- if(buf == NULL) {
- xmlSecMallocError(bufSize + 1, NULL);
- return(NULL);
+ ret = xmlSecBufferSetSize(buf, bufSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "bufSize=" XMLSEC_SIZE_FMT, bufSize);
+ return(-1);
}
+ bufData = xmlSecBufferGetData(buf);
+ xmlSecAssert2(bufData != NULL, -1);
/* write it out */
- err = gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, buf, &bufSize);
+ err = gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, bufData, &bufSizeT);
if(err != GNUTLS_E_SUCCESS) {
xmlSecGnuTLSError("gnutls_x509_crt_export(GNUTLS_X509_FMT_DER)", err, NULL);
- xmlFree(buf);
- return(NULL);
+ return(-1);
}
- /* convert to string */
- res = xmlSecBase64Encode(buf, bufSize, base64LineWrap);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- xmlFree(buf);
- return(NULL);
- }
-
- /* done */
- xmlFree(buf);
- return(res);
+ /* success */
+ return(0);
}
void
*
************************************************************************/
-/* HACK: gnutls doesn't have crl duplicate function, so we simply
+/* HACK: gnutls doesn't have crl duplicate function, so we simply
write crl out and then read it back */
gnutls_x509_crl_t
xmlSecGnuTLSX509CrlDup(gnutls_x509_crl_t src) {
- xmlChar * buf = NULL;
+ xmlSecBuffer buf;
gnutls_x509_crl_t res = NULL;
+ int ret;
xmlSecAssert2(src != NULL, NULL);
- buf = xmlSecGnuTLSX509CrlBase64DerWrite(src, 0);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CrlBase64DerWrite", NULL);
+ ret = xmlSecBufferInitialize(&buf, 0);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize", NULL);
+ return (NULL);
+ }
+
+ ret = xmlSecGnuTLSX509CrlDerWrite(src, &buf);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSX509CrlDerWrite", NULL);
+ xmlSecBufferFinalize(&buf);
return (NULL);
}
- res = xmlSecGnuTLSX509CrlBase64DerRead(buf);
+ res = xmlSecGnuTLSX509CrlRead(xmlSecBufferGetData(&buf), xmlSecBufferGetSize(&buf),
+ xmlSecKeyDataFormatCertDer);
if(res == NULL) {
- xmlSecInternalError("xmlSecGnuTLSX509CrlBase64DerRead", NULL);
- xmlFree(buf);
+ xmlSecInternalError("xmlSecGnuTLSX509CrlRead", NULL);
+ xmlSecBufferFinalize(&buf);
return (NULL);
}
/* done */
- xmlFree(buf);
+ xmlSecBufferFinalize(&buf);
return (res);
}
}
gnutls_x509_crl_t
-xmlSecGnuTLSX509CrlBase64DerRead(xmlChar* buf) {
- int ret;
-
- xmlSecAssert2(buf != NULL, NULL);
-
- /* usual trick with base64 decoding "in-place" */
- ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- return(NULL);
- }
-
- return(xmlSecGnuTLSX509CrlRead((const xmlSecByte*)buf, ret, xmlSecKeyDataFormatCertDer));
-}
-
-gnutls_x509_crl_t
xmlSecGnuTLSX509CrlRead(const xmlSecByte* buf, xmlSecSize size, xmlSecKeyDataFormat format) {
gnutls_x509_crl_t crl = NULL;
gnutls_x509_crt_fmt_t fmt;
gnutls_datum_t data;
+ unsigned int bufLen;
int err;
xmlSecAssert2(buf != NULL, NULL);
break;
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(NULL);
}
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(size, bufLen, return(NULL), NULL);
/* read crl */
err = gnutls_x509_crl_init(&crl);
}
data.data = (unsigned char*)buf;
- data.size = size;
+ data.size = bufLen;
err = gnutls_x509_crl_import(crl, &data, fmt);
if(err != GNUTLS_E_SUCCESS) {
xmlSecGnuTLSError("gnutls_x509_crl_import", err, NULL);
return(crl);
}
-xmlChar*
-xmlSecGnuTLSX509CrlBase64DerWrite(gnutls_x509_crl_t crl, int base64LineWrap) {
- xmlChar * res = NULL;
- xmlSecByte* buf = NULL;
- size_t bufSize = 0;
+int
+xmlSecGnuTLSX509CrlDerWrite(gnutls_x509_crl_t crl, xmlSecBufferPtr buf) {
+ size_t bufSizeT = 0;
+ xmlSecSize bufSize;
+ xmlSecByte * bufData;
+ int ret;
int err;
- xmlSecAssert2(crl != NULL, NULL);
+ xmlSecAssert2(crl != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
/* get size */
- err = gnutls_x509_crl_export(crl, GNUTLS_X509_FMT_DER, NULL, &bufSize);
- if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSize <= 0)) {
- xmlSecGnuTLSError("gnutls_x509_crl_export(GNUTLS_X509_FMT_DER)", err, NULL);
- return(NULL);
+ err = gnutls_x509_crl_export(crl, GNUTLS_X509_FMT_DER, NULL, &bufSizeT);
+ if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSizeT <= 0)) {
+ xmlSecGnuTLSError("ggnutls_x509_crl_export(GNUTLS_X509_FMT_DER)", err, NULL);
+ return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(bufSizeT, bufSize, return(-1), NULL);
/* allocate buffer */
- buf = (xmlSecByte *)xmlMalloc(bufSize + 1);
- if(buf == NULL) {
- xmlSecMallocError(bufSize + 1, NULL);
- return(NULL);
+ ret = xmlSecBufferSetSize(buf, bufSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "bufSize=" XMLSEC_SIZE_FMT, bufSize);
+ return(-1);
}
+ bufData = xmlSecBufferGetData(buf);
+ xmlSecAssert2(bufData != NULL, -1);
/* write it out */
- err = gnutls_x509_crl_export(crl, GNUTLS_X509_FMT_DER, buf, &bufSize);
+ err = gnutls_x509_crl_export(crl,GNUTLS_X509_FMT_DER, bufData, &bufSizeT);
if(err != GNUTLS_E_SUCCESS) {
- xmlSecGnuTLSError("gnutls_x509_crl_export(GNUTLS_X509_FMT_DER)", err, NULL);
- xmlFree(buf);
- return(NULL);
+ xmlSecGnuTLSError("ggnutls_x509_crl_export(GNUTLS_X509_FMT_DER)", err, NULL);
+ return(-1);
}
- /* convert to string */
- res = xmlSecBase64Encode(buf, bufSize, base64LineWrap);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- xmlFree(buf);
- return(NULL);
- }
-
- /* done */
- xmlFree(buf);
- return(res);
+ /* success */
+ return(0);
}
void
* Misc. utils/helpers
*
************************************************************************/
+#define XMLSEC_GNUTLS_INT_TO_STR_MAX_SIZE 64
xmlChar*
xmlSecGnuTLSASN1IntegerWrite(const unsigned char * data, size_t len) {
xmlChar *res = NULL;
- int resLen = 64; /* not more than 64 chars */
unsigned long long int val = 0;
size_t ii = 0;
int shift = 0;
val |= ((unsigned long long)data[ii - 1]) << shift;
}
- res = (xmlChar*)xmlMalloc(resLen + 1);
+ res = (xmlChar*)xmlMalloc(XMLSEC_GNUTLS_INT_TO_STR_MAX_SIZE + 1);
if(res == NULL) {
- xmlSecMallocError(resLen + 1, NULL);
+ xmlSecMallocError(XMLSEC_GNUTLS_INT_TO_STR_MAX_SIZE + 1, NULL);
return(NULL);
}
- ret = xmlStrPrintf(res, resLen, "%llu", val);
+ ret = xmlStrPrintf(res, XMLSEC_GNUTLS_INT_TO_STR_MAX_SIZE, "%llu", val);
if(ret < 0) {
xmlSecXmlError("xmlStrPrintf", NULL);
xmlFree(res);
gnutls_x509_crt_t cert = NULL;
gnutls_datum_t datum;
xmlSecSize certsSize;
+ unsigned int dataLen;
int res = -1;
int idx;
int err;
xmlSecAssert2((*key_cert) == NULL, -1);
xmlSecAssert2(certsList != NULL, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(dataSize, dataLen, return(-1), NULL);
+
/* read pkcs12 in internal structure */
err = gnutls_pkcs12_init(&pkcs12);
if(err != GNUTLS_E_SUCCESS) {
}
datum.data = (unsigned char *)data;
- datum.size = dataSize;
+ datum.size = dataLen;
err = gnutls_pkcs12_import(pkcs12, &datum, GNUTLS_X509_FMT_DER, 0);
if(err != GNUTLS_E_SUCCESS) {
xmlSecGnuTLSError("gnutls_pkcs12_import", err, NULL);
for(idx = 0; ; ++idx) {
int bag_type;
int elements_in_bag;
- int ii;
+ unsigned int num, ii;
err = gnutls_pkcs12_bag_init(&bag);
if(err != GNUTLS_E_SUCCESS) {
xmlSecGnuTLSError("gnutls_pkcs12_bag_get_count", elements_in_bag, NULL);
goto done;
}
- for(ii = 0; ii < elements_in_bag; ++ii) {
+ XMLSEC_SAFE_CAST_INT_TO_UINT(elements_in_bag, num, goto done, NULL);
+ for(ii = 0; ii < num; ++ii) {
bag_type = gnutls_pkcs12_bag_get_type(bag, ii);
if(bag_type < 0) {
xmlSecGnuTLSError("gnutls_pkcs12_bag_get_type", bag_type, NULL);
int
xmlSecGnuTLSDnAttrsEqual(const xmlSecGnuTLSDnAttr * ll, xmlSecSize llSize,
- const xmlSecGnuTLSDnAttr * rr, xmlSecSize rrSize)
+ const xmlSecGnuTLSDnAttr * rr, xmlSecSize rrSize)
{
xmlSecSize llNum = 0;
xmlSecSize rrNum = 0;
/*
Distinguished name syntax
-The formal syntax for a Distinguished Name (DN) is based on RFC 2253.
+The formal syntax for a Distinguished Name (DN) is based on RFC 2253.
The Backus Naur Form (BNF) syntax is defined as follows:
<name> ::= <name-component> ( <spaced-separator> )
semicolon. The white-space characters are ignored, and the semicolon is replaced
with a comma.
-In addition, space (' ' ASCII 32) characters may be present either before or
+In addition, space (' ' ASCII 32) characters may be present either before or
after a '+' or '='. These space characters are ignored when parsing.
*/
enum xmlSecGnuTLSDnParseState {
xmlChar ch;
enum xmlSecGnuTLSDnParseState state;
int slash;
- xmlSecSize pos;
+ xmlSecSize size, pos;
int res = -1;
xmlSecAssert2(dn != NULL, -1);
xmlSecAssert2(attrsSize > 0, -1);
/* allocate buffer, we don't need more than string */
- tmp = (xmlChar *)xmlMalloc(xmlStrlen(dn) + 1);
+ size = xmlSecStrlen(dn);
+ tmp = (xmlChar *)xmlMalloc(size + 1);
if(tmp == NULL) {
- xmlSecMallocError(xmlStrlen(dn) + 1, NULL);
+ xmlSecMallocError(size + 1, NULL);
goto done;
}
if(ch != '\"') {
state = xmlSecGnuTLSDnParseState_String;
slash = 0;
- --dn; /* small hack, so we can look at the same char
+ --dn; /* small hack, so we can look at the same char
again with the correct state */
} else {
state = xmlSecGnuTLSDnParseState_QuotedString;
} else if(ch == '\\') {
slash = 1;
} else if(ch == '\"') {
- *(p) = '\0';
+ *(p) = '\0';
/* don't remove spaces for quoted string */
attrs[pos].value = xmlStrdup(tmp);
/* check end state */
if(state != xmlSecGnuTLSDnParseState_BeforeNameComponent) {
- xmlSecInvalidIntegerDataError("state", state, "xmlSecGnuTLSDnParseState_BeforeNameComponent", NULL);
+ xmlSecUnsupportedEnumValueError("state", state, NULL);
goto done;
}
- /* debug
- {
- xmlSecSize ii;
- for(ii = 0; ii < attrsSize; ++ii) {
- if(attrs[ii].key != NULL) {
- printf("DEBUG: attrs - %s=>%s\n", attrs[ii].key, attrs[ii].value);
- }
- }
- }
- */
-
/* done */
res = 0;
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GNUTLS_X509UTILS_H__
#define __XMLSEC_GNUTLS_X509UTILS_H__
xmlChar * xmlSecGnuTLSX509CertGetIssuerDN (gnutls_x509_crt_t cert);
xmlChar * xmlSecGnuTLSX509CertGetIssuerSerial (gnutls_x509_crt_t cert);
xmlChar * xmlSecGnuTLSX509CertGetSKI (gnutls_x509_crt_t cert);
+
+
gnutls_x509_crt_t xmlSecGnuTLSX509CertRead (const xmlSecByte* buf,
xmlSecSize size,
xmlSecKeyDataFormat format);
-gnutls_x509_crt_t xmlSecGnuTLSX509CertBase64DerRead (xmlChar* buf);
-xmlChar* xmlSecGnuTLSX509CertBase64DerWrite (gnutls_x509_crt_t cert,
- int base64LineWrap);
+int xmlSecGnuTLSX509CertDerWrite (gnutls_x509_crt_t cert,
+ xmlSecBufferPtr buf);
void xmlSecGnuTLSX509CertDebugDump (gnutls_x509_crt_t cert,
FILE* output);
void xmlSecGnuTLSX509CertDebugXmlDump (gnutls_x509_crt_t cert,
gnutls_x509_crl_t xmlSecGnuTLSX509CrlRead (const xmlSecByte* buf,
xmlSecSize size,
xmlSecKeyDataFormat format);
-gnutls_x509_crl_t xmlSecGnuTLSX509CrlBase64DerRead (xmlChar* buf);
-xmlChar* xmlSecGnuTLSX509CrlBase64DerWrite (gnutls_x509_crl_t crl,
- int base64LineWrap);
+int xmlSecGnuTLSX509CrlDerWrite (gnutls_x509_crl_t crl,
+ xmlSecBufferPtr buf);
void xmlSecGnuTLSX509CrlDebugDump (gnutls_x509_crl_t crl,
FILE* output);
void xmlSecGnuTLSX509CrlDebugXmlDump (gnutls_x509_crl_t crl,
* Misc. utils/helpers
*
************************************************************************/
-xmlChar* xmlSecGnuTLSASN1IntegerWrite (const unsigned char * data,
+xmlChar* xmlSecGnuTLSASN1IntegerWrite (const unsigned char * data,
size_t len);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:x509vfy
#include <ctype.h>
#include <errno.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/keysmngr.h>
#include <xmlsec/base64.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
#include <xmlsec/gnutls/crypto.h>
#include <xmlsec/gnutls/x509.h>
#include "x509utils.h"
+#include "../cast_helpers.h"
/**************************************************************************
*
*
* xmlSecGnuTLSKeyDataStoreX509Id:
*
- * xmlSecGnuTLSX509StoreCtx is located after xmlSecTransform
- *
***************************************************************************/
-#define xmlSecGnuTLSX509StoreGetCtx(store) \
- ((xmlSecGnuTLSX509StoreCtxPtr)(((xmlSecByte*)(store)) + \
- sizeof(xmlSecKeyDataStoreKlass)))
-#define xmlSecGnuTLSX509StoreSize \
- (sizeof(xmlSecKeyDataStoreKlass) + sizeof(xmlSecGnuTLSX509StoreCtx))
+XMLSEC_KEY_DATA_STORE_DECLARE(GnuTLSX509Store, xmlSecGnuTLSX509StoreCtx)
+#define xmlSecGnuTLSX509StoreSize XMLSEC_KEY_DATA_STORE_SIZE(GnuTLSX509Store)
static int xmlSecGnuTLSX509StoreInitialize (xmlSecKeyDataStorePtr store);
static void xmlSecGnuTLSX509StoreFinalize (xmlSecKeyDataStorePtr store);
const xmlChar *subjectName,
const xmlChar *issuerName,
const xmlChar *issuerSerial,
- const xmlChar *ski);
+ const xmlSecByte * ski,
+ xmlSecSize skiSize);
static gnutls_x509_crt_t xmlSecGnuTLSX509FindSignedCert (xmlSecPtrListPtr certs,
gnutls_x509_crt_t cert);
static gnutls_x509_crt_t xmlSecGnuTLSX509FindSignerCert (xmlSecPtrListPtr certs,
gnutls_x509_crt_t cert);
+static int xmlSecGnuTLSX509CertCompareSKI (gnutls_x509_crt_t cert,
+ const xmlSecByte * ski,
+ xmlSecSize skiSize);
/**
* xmlSecGnuTLSX509StoreGetKlass:
*
* or an error occurs.
*/
gnutls_x509_crt_t
-xmlSecGnuTLSX509StoreFindCert(xmlSecKeyDataStorePtr store,
- const xmlChar *subjectName,
- const xmlChar *issuerName,
- const xmlChar *issuerSerial,
- const xmlChar *ski,
- const xmlSecKeyInfoCtx* keyInfoCtx) {
+xmlSecGnuTLSX509StoreFindCert(const xmlSecKeyDataStorePtr store, const xmlChar *subjectName,
+ const xmlChar *issuerName, const xmlChar *issuerSerial,
+ const xmlChar *ski, const xmlSecKeyInfoCtx* keyInfoCtx ) {
+ if(ski != NULL) {
+ gnutls_x509_crt_t res;
+ xmlChar* skiDup;
+ xmlSecSize skiDecodedSize = 0;
+ int ret;
+
+ skiDup = xmlStrdup(ski);
+ if(skiDup == NULL) {
+ xmlSecStrdupError(ski, NULL);
+ return(NULL);
+ }
+
+ /* our usual trick with base64 decode */
+ ret = xmlSecBase64DecodeInPlace(skiDup, &skiDecodedSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBase64DecodeInPlace", NULL,
+ "ski=%s", xmlSecErrorsSafeString(skiDup));
+ xmlFree(skiDup);
+ return(NULL);
+ }
+
+ res = xmlSecGnuTLSX509StoreFindCert_ex(store, subjectName, issuerName, issuerSerial,
+ (xmlSecByte*)skiDup, skiDecodedSize, keyInfoCtx);
+ xmlFree(skiDup);
+ return(res);
+ } else {
+ return(xmlSecGnuTLSX509StoreFindCert_ex(store, subjectName, issuerName, issuerSerial,
+ NULL, 0, keyInfoCtx));
+
+ }
+}
+
+/**
+ * xmlSecGnuTLSX509StoreFindCert_ex:
+ * @store: the pointer to X509 key data store klass.
+ * @subjectName: the desired certificate name.
+ * @issuerName: the desired certificate issuer name.
+ * @issuerSerial: the desired certificate issuer serial number.
+ * @ski: the desired certificate SKI.
+ * @skiSize: the desired certificate SKI size.
+ * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context.
+ *
+ * Searches @store for a certificate that matches given criteria.
+ *
+ * Returns: pointer to found certificate or NULL if certificate is not found
+ * or an error occurs.
+ */
+gnutls_x509_crt_t
+xmlSecGnuTLSX509StoreFindCert_ex(const xmlSecKeyDataStorePtr store, const xmlChar *subjectName,
+ const xmlChar *issuerName, const xmlChar *issuerSerial,
+ const xmlSecByte * ski, xmlSecSize skiSize,
+ const xmlSecKeyInfoCtx* keyInfoCtx ATTRIBUTE_UNUSED) {
xmlSecGnuTLSX509StoreCtxPtr ctx;
gnutls_x509_crt_t res = NULL;
xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecGnuTLSX509StoreId), NULL);
- xmlSecAssert2(keyInfoCtx != NULL, NULL);
+ UNREFERENCED_PARAMETER(keyInfoCtx);
ctx = xmlSecGnuTLSX509StoreGetCtx(store);
xmlSecAssert2(ctx != NULL, NULL);
if(res == NULL) {
- res = xmlSecGnuTLSX509FindCert(&(ctx->certsTrusted), subjectName, issuerName, issuerSerial, ski);
+ res = xmlSecGnuTLSX509FindCert(&(ctx->certsTrusted), subjectName,
+ issuerName, issuerSerial,
+ ski, skiSize);
}
if(res == NULL) {
- res = xmlSecGnuTLSX509FindCert(&(ctx->certsUntrusted), subjectName, issuerName, issuerSerial, ski);
+ res = xmlSecGnuTLSX509FindCert(&(ctx->certsUntrusted), subjectName,
+ issuerName, issuerSerial,
+ ski, skiSize);
}
return(res);
}
static int
xmlSecGnuTLSX509CheckTime(const gnutls_x509_crt_t * cert_list,
- xmlSecSize cert_list_length,
+ xmlSecSize cert_list_size,
time_t ts)
{
time_t notValidBefore, notValidAfter;
xmlSecAssert2(cert_list != NULL, -1);
- for(ii = 0; ii < cert_list_length; ++ii) {
+ for(ii = 0; ii < cert_list_size; ++ii) {
const gnutls_x509_crt_t cert = cert_list[ii];
if(cert == NULL) {
continue;
notValidBefore = gnutls_x509_crt_get_activation_time(cert);
if(notValidBefore == (time_t)-1) {
xmlSecGnuTLSError2("gnutls_x509_crt_get_activation_time", GNUTLS_E_SUCCESS,
- NULL,
- "cert activation time is invalid: %ld",
- (unsigned long)notValidBefore);
+ NULL,
+ "cert activation time is invalid: %.lf",
+ difftime(notValidBefore, (time_t)0));
return(-1);
}
notValidAfter = gnutls_x509_crt_get_expiration_time(cert);
if(notValidAfter == (time_t)-1) {
xmlSecGnuTLSError2("gnutls_x509_crt_get_expiration_time", GNUTLS_E_SUCCESS,
- NULL,
- "cert expiration time is invalid: %ld",
- (unsigned long)notValidAfter);
+ NULL,
+ "cert expiration time is invalid: %.lf",
+ difftime(notValidAfter, (time_t)0));
return(-1);
}
gnutls_x509_crt_t res = NULL;
xmlSecSize certs_size = 0;
gnutls_x509_crt_t * cert_list = NULL;
- xmlSecSize cert_list_length;
+ xmlSecSize cert_list_size;
gnutls_x509_crl_t * crl_list = NULL;
- xmlSecSize crl_list_length;
+ xmlSecSize crl_list_size;
gnutls_x509_crt_t * ca_list = NULL;
- xmlSecSize ca_list_length;
+ xmlSecSize ca_list_size;
time_t verification_time;
unsigned int flags = 0;
xmlSecSize ii;
xmlSecAssert2(ctx != NULL, NULL);
/* Prepare */
- cert_list_length = certs_size + xmlSecPtrListGetSize(&(ctx->certsUntrusted));
- if(cert_list_length > 0) {
- cert_list = (gnutls_x509_crt_t *)xmlMalloc(sizeof(gnutls_x509_crt_t) * cert_list_length);
+ cert_list_size = certs_size + xmlSecPtrListGetSize(&(ctx->certsUntrusted));
+ if(cert_list_size > 0) {
+ cert_list = (gnutls_x509_crt_t *)xmlMalloc(sizeof(gnutls_x509_crt_t) * cert_list_size);
if(cert_list == NULL) {
- xmlSecMallocError(sizeof(gnutls_x509_crt_t) * cert_list_length,
+ xmlSecMallocError(sizeof(gnutls_x509_crt_t) * cert_list_size,
xmlSecKeyDataStoreGetName(store));
goto done;
}
}
- crl_list_length = xmlSecPtrListGetSize(crls);
- if(crl_list_length > 0) {
- crl_list = (gnutls_x509_crl_t *)xmlMalloc(sizeof(gnutls_x509_crl_t) * crl_list_length);
+ crl_list_size = xmlSecPtrListGetSize(crls);
+ if(crl_list_size > 0) {
+ crl_list = (gnutls_x509_crl_t *)xmlMalloc(sizeof(gnutls_x509_crl_t) * crl_list_size);
if(crl_list == NULL) {
- xmlSecMallocError(sizeof(gnutls_x509_crl_t) * crl_list_length,
+ xmlSecMallocError(sizeof(gnutls_x509_crl_t) * crl_list_size,
xmlSecKeyDataStoreGetName(store));
goto done;
}
- for(ii = 0; ii < crl_list_length; ++ii) {
+ for(ii = 0; ii < crl_list_size; ++ii) {
crl_list[ii] = xmlSecPtrListGetItem(crls, ii);
if(crl_list[ii] == NULL) {
xmlSecInternalError("xmlSecPtrListGetItem(crls)",
}
}
- ca_list_length = xmlSecPtrListGetSize(&(ctx->certsTrusted));
- if(ca_list_length > 0) {
- ca_list = (gnutls_x509_crt_t *)xmlMalloc(sizeof(gnutls_x509_crt_t) * ca_list_length);
+ ca_list_size = xmlSecPtrListGetSize(&(ctx->certsTrusted));
+ if(ca_list_size > 0) {
+ ca_list = (gnutls_x509_crt_t *)xmlMalloc(sizeof(gnutls_x509_crt_t) * ca_list_size);
if(ca_list == NULL) {
- xmlSecMallocError(sizeof(gnutls_x509_crt_t) * ca_list_length,
+ xmlSecMallocError(sizeof(gnutls_x509_crt_t) * ca_list_size,
xmlSecKeyDataStoreGetName(store));
goto done;
}
- for(ii = 0; ii < ca_list_length; ++ii) {
+ for(ii = 0; ii < ca_list_size; ++ii) {
ca_list[ii] = xmlSecPtrListGetItem(&(ctx->certsTrusted), ii);
if(ca_list[ii] == NULL) {
xmlSecInternalError("xmlSecPtrListGetItem(certsTrusted)",
/* We are going to build all possible cert chains and try to verify them */
for(ii = 0; (ii < certs_size) && (res == NULL); ++ii) {
gnutls_x509_crt_t cert, cert2;
- xmlSecSize cert_list_cur_length = 0;
+ xmlSecSize cert_list_cur_size = 0;
unsigned int verify = 0;
cert = xmlSecPtrListGetItem(certs, ii);
}
/* build the chain */
- for(cert2 = cert, cert_list_cur_length = 0;
- (cert2 != NULL) && (cert_list_cur_length < cert_list_length);
- ++cert_list_cur_length)
+ for(cert2 = cert, cert_list_cur_size = 0;
+ (cert2 != NULL) && (cert_list_cur_size < cert_list_size);
+ ++cert_list_cur_size)
{
gnutls_x509_crt_t tmp;
/* store */
- cert_list[cert_list_cur_length] = cert2;
+ cert_list[cert_list_cur_size] = cert2;
/* find next */
tmp = xmlSecGnuTLSX509FindSignerCert(certs, cert2);
}
/* try to verify */
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
+ unsigned int cert_list_cur_len, ca_list_len, crl_list_len;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(cert_list_cur_size, cert_list_cur_len, goto done, NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(ca_list_size, ca_list_len, goto done, NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(crl_list_size, crl_list_len, goto done, NULL);
+
err = gnutls_x509_crt_list_verify(
- cert_list, (int)cert_list_cur_length, /* certs chain */
- ca_list, (int)ca_list_length, /* trusted cas */
- crl_list, (int)crl_list_length, /* crls */
+ cert_list, cert_list_cur_len, /* certs chain */
+ ca_list, ca_list_len, /* trusted cas */
+ crl_list, crl_list_len, /* crls */
flags, /* flags */
&verify);
} else {
}
if(err != GNUTLS_E_SUCCESS) {
xmlSecGnuTLSError("gnutls_x509_crt_list_verify", err, NULL);
- /* don't stop, continue! */
+ /* ignore error, don't stop, continue! */
continue;
} else if(verify != 0) {
xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_VERIFY_FAILED, NULL,
- "gnutls_x509_crt_list_verify: verification failed: status=%du",
- verify);
- /* don't stop, continue! */
+ "gnutls_x509_crt_list_verify: verification failed: status=%u", verify);
+ /* ignore error, don't stop, continue! */
continue;
}
/* gnutls doesn't allow to specify "verification" timestamp so
we have to do it ourselves */
- ret = xmlSecGnuTLSX509CheckTime(cert_list, cert_list_cur_length, verification_time);
+ ret = xmlSecGnuTLSX509CheckTime(cert_list, cert_list_cur_size, verification_time);
if(ret != 1) {
xmlSecInternalError("xmlSecGnuTLSX509CheckTime", NULL);
- /* don't stop, continue! */
+ /* ignore error, don't stop, continue! */
continue;
}
return(res);
}
+
+/**
+ * xmlSecGnuTLSX509CertCompareSKI:
+ *
+ * Returns 0 if SKI matches, 1 if SKI doesn't match and a negative value if an error occurs.
+ */
+static int
+xmlSecGnuTLSX509CertCompareSKI(gnutls_x509_crt_t cert, const xmlSecByte * ski, xmlSecSize skiSize) {
+ xmlSecByte* buf = NULL;
+ size_t bufSizeT = 0;
+ xmlSecSize bufSize;
+ unsigned int critical = 0;
+ int err;
+ int res = -1;
+
+ xmlSecAssert2(cert != NULL, -1);
+ xmlSecAssert2(ski != NULL, -1);
+ xmlSecAssert2(skiSize > 0, -1);
+
+ /* get ski size */
+ err = gnutls_x509_crt_get_subject_key_id(cert, NULL, &bufSizeT, &critical);
+ if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSizeT <= 0)) {
+ xmlSecGnuTLSError("gnutls_x509_crt_get_subject_key_id", err, NULL);
+ goto done;
+ }
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(bufSizeT, bufSize, goto done, NULL);
+
+ if(skiSize != bufSize) {
+ /* doesn't match */
+ res = 1;
+ goto done;
+ }
+
+ /* allocate buffer */
+ buf = (xmlSecByte *)xmlMalloc(bufSizeT + 1);
+ if(buf == NULL) {
+ xmlSecMallocError(bufSizeT + 1, NULL);
+ goto done;
+ }
+
+ /* write ski out */
+ err = gnutls_x509_crt_get_subject_key_id(cert, buf, &bufSizeT, &critical);
+ if(err != GNUTLS_E_SUCCESS) {
+ xmlSecGnuTLSError("gnutls_x509_crt_get_subject_key_id", err, NULL);
+ goto done;
+ }
+
+ /* compare */
+ if(memcmp(ski, buf, bufSize) != 0) {
+ /* doesn't match */
+ res = 1;
+ goto done;
+ }
+
+ /* match! */
+ res = 0;
+
+done:
+ /* cleanup */
+ if(buf != NULL) {
+ xmlFree(buf);
+ }
+ return(res);
+}
+
static gnutls_x509_crt_t
-xmlSecGnuTLSX509FindCert(xmlSecPtrListPtr certs,
- const xmlChar *subjectName,
- const xmlChar *issuerName,
- const xmlChar *issuerSerial,
- const xmlChar *ski) {
+xmlSecGnuTLSX509FindCert(xmlSecPtrListPtr certs, const xmlChar *subjectName,
+ const xmlChar *issuerName, const xmlChar *issuerSerial,
+ const xmlSecByte * ski, xmlSecSize skiSize) {
xmlSecSize ii, sz;
xmlSecAssert2(certs != NULL, NULL);
gnutls_x509_crt_t cert = xmlSecPtrListGetItem(certs, ii);
if(cert == NULL) {
xmlSecInternalError2("xmlSecPtrListGetItem", NULL,
- "pos=%i", (int)ii);
+ "pos=" XMLSEC_SIZE_FMT, ii);
return(NULL);
}
+ /* check subject name */
if(subjectName != NULL) {
xmlChar * tmp;
tmp = xmlSecGnuTLSX509CertGetSubjectDN(cert);
if(tmp == NULL) {
xmlSecInternalError2("xmlSecGnuTLSX509CertGetSubjectDN", NULL,
- "pos=%i", (int)ii);
+ "pos=" XMLSEC_SIZE_FMT, ii);
return(NULL);
}
return(cert);
}
xmlFree(tmp);
- } else if((issuerName != NULL) && (issuerSerial != NULL)) {
+ }
+
+ /* check issuer name + serial */
+ if((issuerName != NULL) && (issuerSerial != NULL)) {
xmlChar * tmp1;
xmlChar * tmp2;
tmp1 = xmlSecGnuTLSX509CertGetIssuerDN(cert);
if(tmp1 == NULL) {
xmlSecInternalError2("xmlSecGnuTLSX509CertGetIssuerDN", NULL,
- "pos=%i", (int)ii);
+ "pos=" XMLSEC_SIZE_FMT, ii);
return(NULL);
}
tmp2 = xmlSecGnuTLSX509CertGetIssuerSerial(cert);
if(tmp2 == NULL) {
xmlSecInternalError2("xmlSecGnuTLSX509CertGetIssuerSerial", NULL,
- "pos=%i", (int)ii);
+ "pos=" XMLSEC_SIZE_FMT, ii);
xmlFree(tmp1);
return(NULL);
}
}
xmlFree(tmp1);
xmlFree(tmp2);
- } else if(ski != NULL) {
- xmlChar * tmp;
+ }
- tmp = xmlSecGnuTLSX509CertGetSKI(cert);
- if(tmp == NULL) {
- xmlSecInternalError2("xmlSecGnuTLSX509CertGetSKI", NULL,
- "pos=%i", (int)ii);
+ /* check subject ski */
+ if((ski != NULL) && (skiSize > 0)) {
+ int ret;
+
+ ret = xmlSecGnuTLSX509CertCompareSKI(cert, ski, skiSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecGnuTLSX509CertCompareSKI", NULL,
+ "pos=" XMLSEC_SIZE_FMT, ii);
return(NULL);
}
-
- if(xmlStrEqual(ski, tmp)) {
- xmlFree(tmp);
+ if(ret == 0) {
return(cert);
}
- xmlFree(tmp);
}
}
tmp = xmlSecPtrListGetItem(certs, ii);
if(tmp == NULL) {
xmlSecInternalError2("xmlSecPtrListGetItem", NULL,
- "pos=%i", (int)ii);
+ "pos=" XMLSEC_SIZE_FMT, ii);
goto done;
}
issuer = xmlSecGnuTLSX509CertGetIssuerDN(tmp);
if(issuer == NULL) {
xmlSecInternalError2("xmlSecGnuTLSX509CertGetIssuerDN", NULL,
- "pos=%i", (int)ii);
+ "pos=" XMLSEC_SIZE_FMT, ii);
goto done;
}
tmp = xmlSecPtrListGetItem(certs, ii);
if(tmp == NULL) {
xmlSecInternalError2("xmlSecPtrListGetItem", NULL,
- "pos=%i", (int)ii);
+ "pos=" XMLSEC_SIZE_FMT, ii);
goto done;
}
subject = xmlSecGnuTLSX509CertGetSubjectDN(tmp);
if(subject == NULL) {
xmlSecInternalError2("xmlSecGnuTLSX509CertGetSubjectDN", NULL,
- "pos=%i", (int)ii);
+ "pos=" XMLSEC_SIZE_FMT, ii);
goto done;
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:io
#include <libxml/tree.h>
#include <libxml/xmlIO.h>
-#ifdef LIBXML_HTTP_ENABLED
-#include <libxml/nanohttp.h>
+/* check if we want HTTP and FTP support */
+#ifndef LIBXML_HTTP_ENABLED
+#define XMLSEC_NO_HTTP 1
#endif /* LIBXML_HTTP_ENABLED */
-#ifdef LIBXML_FTP_ENABLED
-#include <libxml/nanoftp.h>
+#ifndef LIBXML_FTP_ENABLED
+#define XMLSEC_NO_FTP 1
#endif /* LIBXML_FTP_ENABLED */
+#ifndef XMLSEC_NO_HTTP
+#include <libxml/nanohttp.h>
+#endif /* XMLSEC_NO_HTTP */
+
+#ifndef XMLSEC_NO_FTP
+#include <libxml/nanoftp.h>
+#endif /* XMLSEC_NO_FTP */
+
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/io.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
/*******************************************************************
*
return(-1);
}
-#ifdef LIBXML_FTP_ENABLED
+#ifndef XMLSEC_NO_FTP
xmlNanoFTPInit();
-#endif /* LIBXML_FTP_ENABLED */
+#endif /* XMLSEC_NO_FTP */
-#ifdef LIBXML_HTTP_ENABLED
+#ifndef XMLSEC_NO_HTTP
xmlNanoHTTPInit();
-#endif /* LIBXML_HTTP_ENABLED */
+#endif /* #ifndef XMLSEC_NO_HTTP
+ */
ret = xmlSecIORegisterDefaultCallbacks();
if(ret < 0) {
void
xmlSecIOShutdown(void) {
-#ifdef LIBXML_HTTP_ENABLED
+#ifndef XMLSEC_NO_HTTP
xmlNanoHTTPCleanup();
-#endif /* LIBXML_HTTP_ENABLED */
+#endif /* XMLSEC_NO_HTTP */
-#ifdef LIBXML_FTP_ENABLED
+#ifndef XMLSEC_NO_FTP
xmlNanoFTPCleanup();
-#endif /* LIBXML_FTP_ENABLED */
+#endif /* XMLSEC_NO_FTP */
xmlSecPtrListFinalize(&xmlSecAllIOCallbacks);
}
xmlSecIORegisterDefaultCallbacks(void) {
int ret;
+#ifndef XMLSEC_NO_FILES
/* Callbacks added later are picked up first */
ret = xmlSecIORegisterCallbacks(xmlFileMatch, xmlFileOpen,
xmlFileRead, xmlFileClose);
xmlSecInternalError("xmlSecIORegisterCallbacks(file)", NULL);
return(-1);
}
+#endif /* XMLSEC_NO_FILES */
-#ifdef LIBXML_HTTP_ENABLED
+#ifndef XMLSEC_NO_HTTP
ret = xmlSecIORegisterCallbacks(xmlIOHTTPMatch, xmlIOHTTPOpen,
xmlIOHTTPRead, xmlIOHTTPClose);
if(ret < 0) {
xmlSecInternalError("xmlSecIORegisterCallbacks(http)", NULL);
return(-1);
}
-#endif /* LIBXML_HTTP_ENABLED */
+#endif /* XMLSEC_NO_HTTP */
-#ifdef LIBXML_FTP_ENABLED
+#ifndef XMLSEC_NO_FTP
ret = xmlSecIORegisterCallbacks(xmlIOFTPMatch, xmlIOFTPOpen,
xmlIOFTPRead, xmlIOFTPClose);
if(ret < 0) {
xmlSecInternalError("xmlSecIORegisterCallbacks(ftp)", NULL);
return(-1);
}
-#endif /* LIBXML_FTP_ENABLED */
+#endif /* XMLSEC_NO_FTP */
/* done */
return(0);
}
-
-
-
/**************************************************************
*
* Input URI Transform
*
- * xmlSecInputURICtx is located after xmlSecTransform
+ * xmlSecTransform + xmlSecInputURICtx
*
**************************************************************/
typedef struct _xmlSecInputURICtx xmlSecInputURICtx,
xmlSecIOCallbackPtr clbks;
void* clbksCtx;
};
-#define xmlSecTransformInputUriSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecInputURICtx))
-#define xmlSecTransformInputUriGetCtx(transform) \
- ((xmlSecTransformCheckSize((transform), xmlSecTransformInputUriSize)) ? \
- (xmlSecInputURICtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
- (xmlSecInputURICtxPtr)NULL)
+
+XMLSEC_TRANSFORM_DECLARE(InputUri, xmlSecInputURICtx)
+#define xmlSecInputUriSize XMLSEC_TRANSFORM_SIZE(InputUri)
static int xmlSecTransformInputURIInitialize (xmlSecTransformPtr transform);
static void xmlSecTransformInputURIFinalize (xmlSecTransformPtr transform);
static xmlSecTransformKlass xmlSecTransformInputURIKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecTransformInputUriSize, /* xmlSecSize objSize */
+ xmlSecInputUriSize, /* xmlSecSize objSize */
BAD_CAST "input-uri", /* const xmlChar* name; */
NULL, /* const xmlChar* href; */
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformInputURIId), -1);
xmlSecAssert2(uri != NULL, -1);
- ctx = xmlSecTransformInputUriGetCtx(transform);
+ ctx = xmlSecInputUriGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->clbks == NULL, -1);
xmlSecAssert2(ctx->clbksCtx == NULL, -1);
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformInputURIId), -1);
- ctx = xmlSecTransformInputUriGetCtx(transform);
+ ctx = xmlSecInputUriGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
/* close if still open and mark as closed */
if((ctx->clbksCtx != NULL) && (ctx->clbks != NULL) && (ctx->clbks->closecallback != NULL)) {
- (ctx->clbks->closecallback)(ctx->clbksCtx);
- ctx->clbksCtx = NULL;
- ctx->clbks = NULL;
+ (ctx->clbks->closecallback)(ctx->clbksCtx);
+ ctx->clbksCtx = NULL;
+ ctx->clbks = NULL;
}
/* done */
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformInputURIId), -1);
- ctx = xmlSecTransformInputUriGetCtx(transform);
+ ctx = xmlSecInputUriGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
memset(ctx, 0, sizeof(xmlSecInputURICtx));
static void
xmlSecTransformInputURIFinalize(xmlSecTransformPtr transform) {
- xmlSecInputURICtxPtr ctx;
- int ret;
+ xmlSecInputURICtxPtr ctx;
+ int ret;
xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecTransformInputURIId));
- ctx = xmlSecTransformInputUriGetCtx(transform);
+ ctx = xmlSecInputUriGetCtx(transform);
xmlSecAssert(ctx != NULL);
ret = xmlSecTransformInputURIClose(transform);
xmlSecInternalError2("xmlSecTransformInputURIClose",
xmlSecTransformGetName(transform),
"ret=%d", ret);
- /* ignore the error */
- /* return; */
- }
+ /* ignore the error */
+ /* return; */
+ }
memset(ctx, 0, sizeof(xmlSecInputURICtx));
return;
xmlSecSize maxDataSize, xmlSecSize* dataSize,
xmlSecTransformCtxPtr transformCtx) {
xmlSecInputURICtxPtr ctx;
-
+ int maxDataLen;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformInputURIId), -1);
xmlSecAssert2(dataSize != NULL, -1);
xmlSecAssert2(transformCtx != NULL, -1);
- ctx = xmlSecTransformInputUriGetCtx(transform);
+ ctx = xmlSecInputUriGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
if((ctx->clbksCtx != NULL) && (ctx->clbks != NULL) && (ctx->clbks->readcallback != NULL)) {
- ret = (ctx->clbks->readcallback)(ctx->clbksCtx, (char*)data, (int)maxDataSize);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(maxDataSize, maxDataLen, return(-1), xmlSecTransformGetName(transform));
+ ret = (ctx->clbks->readcallback)(ctx->clbksCtx, (char*)data, maxDataLen);
if(ret < 0) {
xmlSecInternalError("ctx->clbks->readcallback", xmlSecTransformGetName(transform));
return(-1);
}
- (*dataSize) = ret;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, (*dataSize), return(-1), NULL);
} else {
(*dataSize) = 0;
}
return(0);
}
-
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:keyinfo
* @Stability: Stable
*
*
- * [KeyInfo](https://www.w3.org/TR/xmldsig-core/#sec-KeyInfo) is an
+ * [KeyInfo](https://www.w3.org/TR/xmldsig-core/#sec-KeyInfo) is an
* optional element that enables the recipient(s) to obtain
* the key needed to validate the signature. KeyInfo may contain keys,
* names, certificates and other public key management information, such as
#include <xmlsec/keysmngr.h>
#include <xmlsec/transforms.h>
#include <xmlsec/xmlenc.h>
+#include <xmlsec/parser.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
/**************************************************************************
*
fprintf(output, "== enabled key data: all\n");
}
fprintf(output, "== RetrievalMethod level (cur/max): %d/%d\n",
- keyInfoCtx->curRetrievalMethodLevel,
- keyInfoCtx->maxRetrievalMethodLevel);
+ keyInfoCtx->curRetrievalMethodLevel, keyInfoCtx->maxRetrievalMethodLevel);
xmlSecTransformCtxDebugDump(&(keyInfoCtx->retrievalMethodCtx), output);
#ifndef XMLSEC_NO_XMLENC
fprintf(output, "== EncryptedKey level (cur/max): %d/%d\n",
- keyInfoCtx->curEncryptedKeyLevel,
- keyInfoCtx->maxEncryptedKeyLevel);
+ keyInfoCtx->curEncryptedKeyLevel, keyInfoCtx->maxEncryptedKeyLevel);
if(keyInfoCtx->encCtx != NULL) {
xmlSecEncCtxDebugDump(keyInfoCtx->encCtx, output);
}
}
fprintf(output, "<RetrievalMethodLevel cur=\"%d\" max=\"%d\" />\n",
- keyInfoCtx->curRetrievalMethodLevel,
- keyInfoCtx->maxRetrievalMethodLevel);
+ keyInfoCtx->curEncryptedKeyLevel, keyInfoCtx->maxEncryptedKeyLevel);
xmlSecTransformCtxDebugXmlDump(&(keyInfoCtx->retrievalMethodCtx), output);
#ifndef XMLSEC_NO_XMLENC
fprintf(output, "<EncryptedKeyLevel cur=\"%d\" max=\"%d\" />\n",
- keyInfoCtx->curEncryptedKeyLevel,
- keyInfoCtx->maxEncryptedKeyLevel);
+ keyInfoCtx->curEncryptedKeyLevel, keyInfoCtx->maxEncryptedKeyLevel);
if(keyInfoCtx->encCtx != NULL) {
xmlSecEncCtxDebugXmlDump(keyInfoCtx->encCtx, output);
}
if(ret < 0) {
xmlSecInternalError("xmlSecKeySetName",
xmlSecKeyDataKlassGetName(id));
- xmlFree(newName);
+ xmlFree(newName);
return(-1);
- }
+ }
}
/* TODO: record the key names we tried */
} else {
/* check retrieval level */
if(keyInfoCtx->curRetrievalMethodLevel >= keyInfoCtx->maxRetrievalMethodLevel) {
- xmlSecOtherError3(XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL,
- xmlSecKeyDataKlassGetName(id),
- "cur=%d;max=%d",
- keyInfoCtx->curRetrievalMethodLevel,
- keyInfoCtx->maxRetrievalMethodLevel);
+ xmlSecOtherError3(XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL, xmlSecKeyDataKlassGetName(id),
+ "cur=%d;max=%d",keyInfoCtx->curEncryptedKeyLevel, keyInfoCtx->maxEncryptedKeyLevel);
goto done;
}
++keyInfoCtx->curRetrievalMethodLevel;
/* laxi schema validation but application can disable it */
if(dataId == xmlSecKeyDataIdUnknown) {
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF) != 0) {
- xmlSecInvalidNodeAttributeError(node, xmlSecAttrType,
- xmlSecKeyDataKlassGetName(id),
- "retrieval type is unknown");
- } else {
- res = 0;
+ xmlSecInvalidNodeAttributeError(node, xmlSecAttrType, xmlSecKeyDataKlassGetName(id),
+ "retrieval type is unknown");
+ goto done;
}
+
+ res = 0;
goto done;
}
const xmlChar* nodeName;
const xmlChar* nodeNs;
xmlSecKeyDataId dataId;
+ int bufferLen;
int ret;
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(keyInfoCtx != NULL, -1);
xmlSecAssert2(keyInfoCtx->mode == xmlSecKeyInfoModeRead, -1);
- doc = xmlRecoverMemory((const char*)buffer, bufferSize);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(bufferSize, bufferLen, return(-1), NULL);
+ doc = xmlReadMemory((const char*)buffer, bufferLen, NULL, NULL, xmlSecParserGetDefaultOptions() | XML_PARSE_RECOVER);
if(doc == NULL) {
- xmlSecXmlError("xmlRecoverMemory", xmlSecKeyDataKlassGetName(typeId));
+ xmlSecXmlError("xmlReadMemory", xmlSecKeyDataKlassGetName(typeId));
return(-1);
}
/* check the enc level */
if(keyInfoCtx->curEncryptedKeyLevel >= keyInfoCtx->maxEncryptedKeyLevel) {
- xmlSecOtherError3(XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL,
- xmlSecKeyDataKlassGetName(id),
- "cur=%d;max=%d",
- (int)keyInfoCtx->curEncryptedKeyLevel,
- (int)keyInfoCtx->maxEncryptedKeyLevel);
+ xmlSecOtherError3(XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL, xmlSecKeyDataKlassGetName(id),
+ "cur=%d;max=%d", keyInfoCtx->curEncryptedKeyLevel, keyInfoCtx->maxEncryptedKeyLevel);
return(-1);
}
++keyInfoCtx->curEncryptedKeyLevel;
} else {
ret = xmlSecKeyInfoCtxCreateEncCtx(keyInfoCtx);
if(ret < 0) {
- xmlSecInternalError("xmlSecKeyInfoCtxCreateEncCtx",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecInternalError("xmlSecKeyInfoCtxCreateEncCtx", xmlSecKeyDataKlassGetName(id));
+ --keyInfoCtx->curEncryptedKeyLevel;
return(-1);
}
}
* correct enc key.
*/
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION) != 0) {
- xmlSecInternalError("xmlSecEncCtxDecryptToBuffer",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecInternalError("xmlSecEncCtxDecryptToBuffer", xmlSecKeyDataKlassGetName(id));
+ --keyInfoCtx->curEncryptedKeyLevel;
return(-1);
}
+ --keyInfoCtx->curEncryptedKeyLevel;
return(0);
}
if(ret < 0) {
xmlSecInternalError("xmlSecKeyDataBinRead",
xmlSecKeyDataKlassGetName(id));
+ --keyInfoCtx->curEncryptedKeyLevel;
return(-1);
}
--keyInfoCtx->curEncryptedKeyLevel;
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:keys
#include <xmlsec/keyinfo.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
/**************************************************************************
*
BAD_CAST "NULL");
fprintf(output, "==== keyType: 0x%08x\n", keyReq->keyType);
fprintf(output, "==== keyUsage: 0x%08x\n", keyReq->keyUsage);
- fprintf(output, "==== keyBitsSize: %d\n", keyReq->keyBitsSize);
+ fprintf(output, "==== keyBitsSize: " XMLSEC_SIZE_FMT "\n", keyReq->keyBitsSize);
xmlSecPtrListDebugDump(&(keyReq->keyUseWithList), output);
}
fprintf(output, "<KeyType>0x%08x</KeyType>\n", keyReq->keyType);
fprintf(output, "<KeyUsage>0x%08x</KeyUsage>\n", keyReq->keyUsage);
- fprintf(output, "<KeyBitsSize>%d</KeyBitsSize>\n", keyReq->keyBitsSize);
+ fprintf(output, "<KeyBitsSize>" XMLSEC_SIZE_FMT "</KeyBitsSize>\n", keyReq->keyBitsSize);
xmlSecPtrListDebugXmlDump(&(keyReq->keyUseWithList), output);
fprintf(output, "</KeyReq>\n");
}
if(key->name != NULL) {
fprintf(output, "=== key name: %s\n", key->name);
}
- fprintf(output, "=== key usage: %d\n", key->usage);
+ fprintf(output, "=== key usage: %u\n", key->usage);
if(key->notValidBefore < key->notValidAfter) {
- fprintf(output, "=== key not valid before: %ld\n", (unsigned long)key->notValidBefore);
- fprintf(output, "=== key not valid after: %ld\n", (unsigned long)key->notValidAfter);
+ fprintf(output, "=== key not valid before: %.lf\n",
+ difftime(key->notValidBefore, (time_t)0));
+ fprintf(output, "=== key not valid after: %.lf\n",
+ difftime(key->notValidAfter, (time_t)0));
}
if(key->value != NULL) {
xmlSecKeyDataDebugDump(key->value, output);
fprintf(output, "</KeyName>\n");
if(key->notValidBefore < key->notValidAfter) {
- fprintf(output, "<KeyValidity notValidBefore=\"%ld\" notValidAfter=\"%ld\"/>\n",
- (unsigned long)key->notValidBefore,
- (unsigned long)key->notValidAfter);
+ fprintf(output, "<KeyValidity notValidBefore=\"%.lf\" notValidAfter=\"%.lf\"/>\n",
+ difftime(key->notValidBefore, (time_t)0),
+ difftime(key->notValidAfter, (time_t)0));
}
if(key->value != NULL) {
if(ret < 0) {
xmlSecInternalError3("xmlSecKeyDataGenerate",
xmlSecKeyDataKlassGetName(dataId),
- "size=%d;type=%d", sizeBits, type);
+ "size=" XMLSEC_SIZE_FMT ";type=%u", sizeBits, type);
xmlSecKeyDataDestroy(data);
return(NULL);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:keysdata
#include <stdlib.h>
#include <string.h>
+#include <ctype.h>
#include <libxml/tree.h>
#include <xmlsec/base64.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/errors.h>
+#include <xmlsec/x509.h>
+
+#include "cast_helpers.h"
+#include "keysdata_helpers.h"
/**************************************************************************
*
/* write data */
ret = data->id->generate(data, sizeBits, type);
if(ret < 0) {
- xmlSecInternalError2("id->generate",
- xmlSecKeyDataGetName(data),
- "size=%d", sizeBits);
+ xmlSecInternalError2("id->generate", xmlSecKeyDataGetName(data),
+ "size=" XMLSEC_SIZE_FMT, sizeBits);
return(-1);
}
return(0);
*
* xmlSecKeyDataBinary methods
*
- * key (xmlSecBuffer) is located after xmlSecKeyData structure
- *
*************************************************************************/
+
/**
* xmlSecKeyDataBinaryValueInitialize:
* @data: the pointer to binary key data.
*
- * Initializes key data.
+ * Initializes binary key data.
*
* Returns: 0 on success or a negative value otherwise.
*/
int
xmlSecKeyDataBinaryValueXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* str;
- xmlSecSize len;
- xmlSecKeyDataPtr data;
+ xmlChar* str = NULL;
+ xmlSecKeyDataPtr data = NULL;
+ xmlSecSize decodedSize;
int ret;
+ int res = -1;
xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1);
xmlSecAssert2(key != NULL, -1);
str = xmlNodeGetContent(node);
if(str == NULL) {
xmlSecInvalidNodeContentError(node, xmlSecKeyDataKlassGetName(id), "empty");
- return(-1);
+ goto done;
}
/* usual trick: decode into the same buffer */
- ret = xmlSecBase64Decode(str, (xmlSecByte*)str, xmlStrlen(str));
+ decodedSize = 0;
+ ret = xmlSecBase64DecodeInPlace(str, &decodedSize);
if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode",
- xmlSecKeyDataKlassGetName(id));
- xmlFree(str);
- return(-1);
+ xmlSecInternalError("xmlSecBase64Decode_ex", xmlSecKeyDataKlassGetName(id));
+ goto done;
}
- len = ret;
/* check do we have a key already */
data = xmlSecKeyGetValue(key);
xmlSecBufferPtr buffer;
if(!xmlSecKeyDataCheckId(data, id)) {
- xmlSecOtherError2(XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
- xmlSecKeyDataGetName(data),
- "id=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)));
- xmlFree(str);
- return(-1);
+ xmlSecOtherError2(XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST, xmlSecKeyDataGetName(data),
+ "id=%s", xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)));
+ goto done;
}
buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
- if((buffer != NULL) && (xmlSecBufferGetSize(buffer) != len)) {
- xmlSecOtherError3(XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
- xmlSecKeyDataGetName(data),
- "cur-data-size=%lu;new-data-size=%lu",
- (unsigned long)xmlSecBufferGetSize(buffer),
- (unsigned long)len);
- xmlFree(str);
- return(-1);
- }
- if((buffer != NULL) && (len > 0) && (memcmp(xmlSecBufferGetData(buffer), str, len) != 0)) {
- xmlSecOtherError(XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
- xmlSecKeyDataGetName(data),
- "key already has a different value");
- xmlFree(str);
- return(-1);
- }
if(buffer != NULL) {
+ if(xmlSecBufferGetSize(buffer) != decodedSize) {
+ xmlSecOtherError3(XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
+ xmlSecKeyDataGetName(data),
+ "cur-data-size=" XMLSEC_SIZE_FMT "; new-data-size=" XMLSEC_SIZE_FMT,
+ xmlSecBufferGetSize(buffer), decodedSize);
+ goto done;
+ }
+ if((decodedSize > 0) && (memcmp(xmlSecBufferGetData(buffer), str, decodedSize) != 0)) {
+ xmlSecOtherError(XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
+ xmlSecKeyDataGetName(data),
+ "key already has a different value");
+ goto done;
+ }
+
/* we already have exactly the same key */
- xmlFree(str);
- return(0);
+ res = 0;
+ goto done;
}
/* we have binary key value with empty buffer */
data = xmlSecKeyDataCreate(id);
if(data == NULL ) {
- xmlSecInternalError("xmlSecKeyDataCreate",
- xmlSecKeyDataKlassGetName(id));
- xmlFree(str);
- return(-1);
+ xmlSecInternalError("xmlSecKeyDataCreate", xmlSecKeyDataKlassGetName(id));
+ goto done;
}
- ret = xmlSecKeyDataBinaryValueSetBuffer(data, (xmlSecByte*)str, len);
+ ret = xmlSecKeyDataBinaryValueSetBuffer(data, (xmlSecByte*)str, decodedSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecKeyDataBinaryValueSetBuffer",
- xmlSecKeyDataKlassGetName(id),
- "size=%d", len);
- xmlSecKeyDataDestroy(data);
- xmlFree(str);
- return(-1);
+ xmlSecKeyDataKlassGetName(id),
+ "size=" XMLSEC_SIZE_FMT, decodedSize);
+ goto done;
}
- xmlFree(str);
if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), data) != 1) {
- xmlSecInternalError("xmlSecKeyReqMatchKeyValue",
- xmlSecKeyDataKlassGetName(id));
- xmlSecKeyDataDestroy(data);
- return(0);
+ xmlSecInternalError("xmlSecKeyReqMatchKeyValue", xmlSecKeyDataKlassGetName(id));
+ goto done;
}
ret = xmlSecKeySetValue(key, data);
if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataKlassGetName(id));
- xmlSecKeyDataDestroy(data);
- return(-1);
+ xmlSecInternalError("xmlSecKeySetValue", xmlSecKeyDataKlassGetName(id));
+ goto done;
}
+ data = NULL; /* data is owned by key */
- return(0);
+ /* success */
+ res = 0;
+
+done:
+ if(data != NULL) {
+ xmlSecKeyDataDestroy(data);
+ }
+ if(str != NULL) {
+ xmlFree(str);
+ }
+ return(res);
}
/**
}
buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
- if((buffer != NULL) && (xmlSecBufferGetSize(buffer) != bufSize)) {
- xmlSecOtherError3(XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
- xmlSecKeyDataGetName(data),
- "cur-data-size=%lu;new-data-size=%lu",
- (unsigned long)xmlSecBufferGetSize(buffer),
- (unsigned long)bufSize);
- return(-1);
- }
- if((buffer != NULL) && (bufSize > 0) && (memcmp(xmlSecBufferGetData(buffer), buf, bufSize) != 0)) {
- xmlSecOtherError(XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
- xmlSecKeyDataGetName(data),
- "key already has a different value");
- return(-1);
- }
if(buffer != NULL) {
+ if(xmlSecBufferGetSize(buffer) != bufSize) {
+ xmlSecOtherError3(XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
+ xmlSecKeyDataGetName(data),
+ "cur-data-size=" XMLSEC_SIZE_FMT "; new-data-size=" XMLSEC_SIZE_FMT,
+ xmlSecBufferGetSize(buffer), bufSize);
+ return(-1);
+ }
+ if((bufSize > 0) && (memcmp(xmlSecBufferGetData(buffer), buf, bufSize) != 0)) {
+ xmlSecOtherError(XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
+ xmlSecKeyDataGetName(data),
+ "key already has a different value");
+ return(-1);
+ }
+
/* we already have exactly the same key */
return(0);
}
data = xmlSecKeyDataCreate(id);
if(data == NULL ) {
- xmlSecInternalError("xmlSecKeyDataCreate",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecInternalError("xmlSecKeyDataCreate", xmlSecKeyDataKlassGetName(id));
return(-1);
}
ret = xmlSecKeyDataBinaryValueSetBuffer(data, buf, bufSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecKeyDataBinaryValueSetBuffer",
- xmlSecKeyDataKlassGetName(id),
- "size=%d", bufSize);
+ xmlSecKeyDataKlassGetName(id),
+ "size=" XMLSEC_SIZE_FMT, bufSize);
xmlSecKeyDataDestroy(data);
return(-1);
}
if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), data) != 1) {
xmlSecInternalError("xmlSecKeyReqMatchKeyValue",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecKeyDataKlassGetName(id));
xmlSecKeyDataDestroy(data);
return(0);
}
ret = xmlSecKeySetValue(key, data);
if(ret < 0) {
xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecKeyDataKlassGetName(id));
xmlSecKeyDataDestroy(data);
return(-1);
}
xmlSecAssert(buffer != NULL);
/* print only size, everything else is sensitive */
- fprintf(output, "=== %s: size=%d\n", data->id->dataNodeName,
- xmlSecKeyDataGetSize(data));
+ fprintf(output, "=== %s: size=" XMLSEC_SIZE_FMT "\n",
+ data->id->dataNodeName, xmlSecKeyDataGetSize(data));
}
/**
xmlSecAssert(buffer != NULL);
/* print only size, everything else is sensitive */
- fprintf(output, "<%s size=\"%d\" />\n", data->id->dataNodeName,
- xmlSecKeyDataGetSize(data));
+ fprintf(output, "<%s size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ data->id->dataNodeName, xmlSecKeyDataGetSize(data));
}
/**
xmlSecAssert2(xmlSecKeyDataIsValid(data), NULL);
xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecKeyDataBinarySize), NULL);
- /* key (xmlSecBuffer) is located after xmlSecKeyData structure */
- return((xmlSecBufferPtr)(((xmlSecByte*)data) + sizeof(xmlSecKeyData)));
+ return(&(((xmlSecKeyDataBinary *)data)->buffer));
}
/**
return(xmlSecBufferSetData(buffer, buf, bufSize));
}
-/***********************************************************************
- *
- * Keys Data list
- *
- **********************************************************************/
-static xmlSecPtrListKlass xmlSecKeyDataListKlass = {
- BAD_CAST "key-data-list",
- (xmlSecPtrDuplicateItemMethod)xmlSecKeyDataDuplicate, /* xmlSecPtrDuplicateItemMethod duplicateItem; */
- (xmlSecPtrDestroyItemMethod)xmlSecKeyDataDestroy, /* xmlSecPtrDestroyItemMethod destroyItem; */
- (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDataDebugDump, /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
- (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDataDebugXmlDump, /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
-};
-
-/**
- * xmlSecKeyDataListGetKlass:
- *
- * The key data list klass.
- *
- * Returns: pointer to the key data list klass.
- */
-xmlSecPtrListId
-xmlSecKeyDataListGetKlass(void) {
- return(&xmlSecKeyDataListKlass);
-}
-
-
-/***********************************************************************
- *
- * Keys Data Ids list
- *
- **********************************************************************/
-static xmlSecPtrListKlass xmlSecKeyDataIdListKlass = {
- BAD_CAST "key-data-ids-list",
- NULL, /* xmlSecPtrDuplicateItemMethod duplicateItem; */
- NULL, /* xmlSecPtrDestroyItemMethod destroyItem; */
- NULL, /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
- NULL, /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
-};
-
-/**
- * xmlSecKeyDataIdListGetKlass:
+#if !defined(XMLSEC_NO_DSA)
+/**************************************************************************
*
- * The key data id list klass.
+ * Helper functions to read/write DSA keys
*
- * Returns: pointer to the key data id list klass.
- */
-xmlSecPtrListId
-xmlSecKeyDataIdListGetKlass(void) {
- return(&xmlSecKeyDataIdListKlass);
-}
+ *************************************************************************/
+#define XMLSEC_KEY_DATA_DSA_INIT_BUF_SIZE 512
+
+static int xmlSecKeyValueDsaInitialize (xmlSecKeyValueDsaPtr data);
+static void xmlSecKeyValueDsaFinalize (xmlSecKeyValueDsaPtr data);
+static int xmlSecKeyValueDsaXmlRead (xmlSecKeyValueDsaPtr data,
+ xmlNodePtr node);
+static int xmlSecKeyValueDsaXmlWrite (xmlSecKeyValueDsaPtr data,
+ xmlNodePtr node,
+ int writePrivateKey,
+ int base64LineSize,
+ int addLineBreaks);
/**
- * xmlSecKeyDataIdListFind:
- * @list: the pointer to key data ids list.
- * @dataId: the key data klass.
+ * xmlSecKeyDataDsaXmlRead:
+ * @id: the data id.
+ * @key: the key.
+ * @node: the pointer to data's value XML node.
+ * @keyInfoCtx: the <dsig:KeyInfo/> node processing context.
+ * @readFunc: the pointer to the function that converts
+ * @xmlSecKeyValueDsa to @xmlSecKeyData.
*
- * Lookups @dataId in @list.
+ * DSA Key data method for reading XML node.
*
- * Returns: 1 if @dataId is found in the @list, 0 if not and a negative
- * value if an error occurs.
+ * Returns: 0 on success or a negative value if an error occurs.
*/
int
-xmlSecKeyDataIdListFind(xmlSecPtrListPtr list, xmlSecKeyDataId dataId) {
- xmlSecSize i, size;
+xmlSecKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx,
+ xmlSecKeyDataDsaRead readFunc) {
+ xmlSecKeyDataPtr data = NULL;
+ xmlSecKeyValueDsa dsaValue;
+ int dsaDataInitialized = 0;
+ int res = -1;
+ int ret;
- xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), 0);
- xmlSecAssert2(dataId != NULL, 0);
+ xmlSecAssert2(id != NULL, -1);
+ xmlSecAssert2(key != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(readFunc != NULL, -1);
- size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- if((xmlSecKeyDataId)xmlSecPtrListGetItem(list, i) == dataId) {
- return(1);
- }
+ if(xmlSecKeyGetValue(key) != NULL) {
+ xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+ xmlSecKeyDataKlassGetName(id), "key already has a value");
+ goto done;
}
- return(0);
-}
-/**
- * xmlSecKeyDataIdListFindByNode:
- * @list: the pointer to key data ids list.
- * @nodeName: the desired key data klass XML node name.
- * @nodeNs: the desired key data klass XML node namespace.
- * @usage: the desired key data usage.
- *
- * Lookups data klass in the list with given @nodeName, @nodeNs and
- * @usage in the @list.
- *
- * Returns: key data klass is found and NULL otherwise.
- */
-xmlSecKeyDataId
-xmlSecKeyDataIdListFindByNode(xmlSecPtrListPtr list, const xmlChar* nodeName,
- const xmlChar* nodeNs, xmlSecKeyDataUsage usage) {
- xmlSecKeyDataId dataId;
- xmlSecSize i, size;
+ ret = xmlSecKeyValueDsaInitialize(&dsaValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueDsaInitialize",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ dsaDataInitialized = 1;
- xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), xmlSecKeyDataIdUnknown);
- xmlSecAssert2(nodeName != NULL, xmlSecKeyDataIdUnknown);
+ ret = xmlSecKeyValueDsaXmlRead(&dsaValue, node);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueDsaXmlRead",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
- size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
- xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
+ data = readFunc(id, &dsaValue);
+ if(data == NULL) {
+ xmlSecInternalError("xmlSecKeyDataDsaRead",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
- if(((usage & dataId->usage) != 0) &&
- xmlStrEqual(nodeName, dataId->dataNodeName) &&
- xmlStrEqual(nodeNs, dataId->dataNodeNs)) {
+ /* set key value */
+ ret = xmlSecKeySetValue(key, data);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeySetValue",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ data = NULL; /* data is owned by key now */
- return(dataId);
- }
+ /* success */
+ res = 0;
+
+done:
+ /* cleanup */
+ if(dsaDataInitialized != 0) {
+ xmlSecKeyValueDsaFinalize(&dsaValue);
}
- return(xmlSecKeyDataIdUnknown);
+ if(data != NULL) {
+ xmlSecKeyDataDestroy(data);
+ }
+ return(res);
}
/**
- * xmlSecKeyDataIdListFindByHref:
- * @list: the pointer to key data ids list.
- * @href: the desired key data klass href.
- * @usage: the desired key data usage.
+ * xmlSecKeyDataDsaXmlWrite:
+ * @id: the data id.
+ * @key: the key.
+ * @node: the pointer to data's value XML node.
+ * @keyInfoCtx: the <dsig:KeyInfo> node processing context.
+ * @base64LineSize: the base64 max line size.
+ * @addLineBreaks: the flag indicating if we need to add line breaks around base64 output.
+ * @writeFunc: the pointer to the function that converts
+ * @xmlSecKeyData to @xmlSecKeyValueDsa.
*
- * Lookups data klass in the list with given @href and @usage in @list.
+ * DSA Key data method for writing XML node.
*
- * Returns: key data klass is found and NULL otherwise.
+ * Returns: 0 on success or a negative value if an error occurs.
*/
-xmlSecKeyDataId
-xmlSecKeyDataIdListFindByHref(xmlSecPtrListPtr list, const xmlChar* href,
- xmlSecKeyDataUsage usage) {
- xmlSecKeyDataId dataId;
- xmlSecSize i, size;
-
- xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), xmlSecKeyDataIdUnknown);
- xmlSecAssert2(href != NULL, xmlSecKeyDataIdUnknown);
+int
+xmlSecKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx,
+ int base64LineSize, int addLineBreaks,
+ xmlSecKeyDataDsaWrite writeFunc) {
+ xmlSecKeyDataPtr data;
+ xmlSecKeyValueDsa dsaValue;
+ int dsaDataInitialized = 0;
+ int writePrivateKey = 0;
+ int res = -1;
+ int ret;
- size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
- xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
+ xmlSecAssert2(id != NULL, -1);
+ xmlSecAssert2(key != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(writeFunc != NULL, -1);
+ xmlSecAssert2(base64LineSize > 0, -1);
- if(((usage & dataId->usage) != 0) && (dataId->href != NULL) &&
- xmlStrEqual(href, dataId->href)) {
+ if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
+ /* we can have only private key or public key */
+ return(0);
+ }
+ if((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) {
+ writePrivateKey = 1;
+ }
- return(dataId);
- }
+ data = xmlSecKeyGetValue(key);
+ if(data == NULL) {
+ xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+ xmlSecKeyDataKlassGetName(id), "key has no value");
+ goto done;
}
- return(xmlSecKeyDataIdUnknown);
-}
-/**
- * xmlSecKeyDataIdListFindByName:
- * @list: the pointer to key data ids list.
- * @name: the desired key data klass name.
- * @usage: the desired key data usage.
- *
- * Lookups data klass in the list with given @name and @usage in @list.
- *
- * Returns: key data klass is found and NULL otherwise.
- */
-xmlSecKeyDataId
-xmlSecKeyDataIdListFindByName(xmlSecPtrListPtr list, const xmlChar* name,
- xmlSecKeyDataUsage usage) {
- xmlSecKeyDataId dataId;
- xmlSecSize i, size;
+ ret = xmlSecKeyValueDsaInitialize(&dsaValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueDsaInitialize",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ dsaDataInitialized = 1;
- xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), xmlSecKeyDataIdUnknown);
- xmlSecAssert2(name != NULL, xmlSecKeyDataIdUnknown);
+ ret = writeFunc(id, data, &dsaValue, writePrivateKey);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyDataDsaWrite",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
- size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
- xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
+ ret = xmlSecKeyValueDsaXmlWrite(&dsaValue, node, writePrivateKey,
+ base64LineSize, addLineBreaks);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueDsaXmlWrite",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
- if(((usage & dataId->usage) != 0) && (dataId->name != NULL) &&
- xmlStrEqual(name, BAD_CAST dataId->name)) {
+ /* success */
+ res = 0;
- return(dataId);
- }
+done:
+ /* cleanup */
+ if(dsaDataInitialized != 0) {
+ xmlSecKeyValueDsaFinalize(&dsaValue);
}
- return(xmlSecKeyDataIdUnknown);
+ return(res);
}
-/**
- * xmlSecKeyDataIdListDebugDump:
- * @list: the pointer to key data ids list.
- * @output: the pointer to output FILE.
- *
- * Prints binary key data debug information to @output.
- */
-void
-xmlSecKeyDataIdListDebugDump(xmlSecPtrListPtr list, FILE* output) {
- xmlSecKeyDataId dataId;
- xmlSecSize i, size;
+static int
+xmlSecKeyValueDsaInitialize(xmlSecKeyValueDsaPtr data) {
+ int ret;
- xmlSecAssert(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId));
+ xmlSecAssert2(data != NULL, -1);
+ memset(data, 0, sizeof(xmlSecKeyValueDsa));
+
+ ret = xmlSecBufferInitialize(&(data->p), XMLSEC_KEY_DATA_DSA_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(p)", NULL);
+ xmlSecKeyValueDsaFinalize(data);
+ return(-1);
+ }
+ ret = xmlSecBufferInitialize(&(data->q), XMLSEC_KEY_DATA_DSA_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(q)", NULL);
+ xmlSecKeyValueDsaFinalize(data);
+ return(-1);
+ }
+ ret = xmlSecBufferInitialize(&(data->g), XMLSEC_KEY_DATA_DSA_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(g)", NULL);
+ xmlSecKeyValueDsaFinalize(data);
+ return(-1);
+ }
+ ret = xmlSecBufferInitialize(&(data->x), XMLSEC_KEY_DATA_DSA_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(x)", NULL);
+ xmlSecKeyValueDsaFinalize(data);
+ return(-1);
+ }
+ ret = xmlSecBufferInitialize(&(data->y), XMLSEC_KEY_DATA_DSA_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(y)", NULL);
+ xmlSecKeyValueDsaFinalize(data);
+ return(-1);
+ }
+
+ return(0);
+}
+
+static void
+xmlSecKeyValueDsaFinalize(xmlSecKeyValueDsaPtr data) {
+ xmlSecAssert(data != NULL);
+
+ xmlSecBufferFinalize(&(data->p));
+ xmlSecBufferFinalize(&(data->q));
+ xmlSecBufferFinalize(&(data->g));
+ xmlSecBufferFinalize(&(data->x));
+ xmlSecBufferFinalize(&(data->y));
+ memset(data, 0, sizeof(xmlSecKeyValueDsa));
+}
+
+static int
+xmlSecKeyValueDsaXmlRead(xmlSecKeyValueDsaPtr data, xmlNodePtr node) {
+ xmlNodePtr cur;
+ int ret;
+
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+
+ cur = xmlSecGetNextElementNode(node->children);
+
+ /* first is P node. It is REQUIRED because we do not support Seed and PgenCounter*/
+ if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAP, xmlSecDSigNs))) {
+ xmlSecInvalidNodeError(cur, xmlSecNodeDSAP, NULL);
+ return(-1);
+ }
+ ret = xmlSecBufferBase64NodeContentRead(&(data->p), cur);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentRead(p)", NULL);
+ return(-1);
+ }
+ cur = xmlSecGetNextElementNode(cur->next);
+
+ /* next is Q node. It is REQUIRED because we do not support Seed and PgenCounter*/
+ if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAQ, xmlSecDSigNs))) {
+ xmlSecInvalidNodeError(cur, xmlSecNodeDSAQ, NULL);
+ return(-1);
+ }
+ ret = xmlSecBufferBase64NodeContentRead(&(data->q), cur);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentRead(q)", NULL);
+ return(-1);
+ }
+ cur = xmlSecGetNextElementNode(cur->next);
+
+ /* next is G node. It is REQUIRED because we do not support Seed and PgenCounter*/
+ if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAG, xmlSecDSigNs))) {
+ xmlSecInvalidNodeError(cur, xmlSecNodeDSAG, NULL);
+ return(-1);
+ }
+ ret = xmlSecBufferBase64NodeContentRead(&(data->g), cur);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentRead(g)", NULL);
+ return(-1);
+ }
+ cur = xmlSecGetNextElementNode(cur->next);
+
+ if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAX, xmlSecNs))) {
+ /* next is X node. It is REQUIRED for private key but
+ * we are not sure exactly what do we read */
+ ret = xmlSecBufferBase64NodeContentRead(&(data->x), cur);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentRead(x)", NULL);
+ return(-1);
+ }
+ cur = xmlSecGetNextElementNode(cur->next);
+ } else {
+ /* make sure it's empty */
+ ret = xmlSecBufferSetSize(&(data->x), 0);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferSetSize(0)", NULL);
+ return(-1);
+ }
+ }
+
+ /* next is Y node. */
+ if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAY, xmlSecDSigNs))) {
+ xmlSecInvalidNodeError(cur, xmlSecNodeDSAY, NULL);
+ return(-1);
+ }
+ ret = xmlSecBufferBase64NodeContentRead(&(data->y), cur);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentRead(y)", NULL);
+ return(-1);
+ }
+ cur = xmlSecGetNextElementNode(cur->next);
+
+ /* todo: add support for J */
+ if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAJ, xmlSecDSigNs))) {
+ cur = xmlSecGetNextElementNode(cur->next);
+ }
+
+ /* todo: add support for seed */
+ if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSASeed, xmlSecDSigNs))) {
+ cur = xmlSecGetNextElementNode(cur->next);
+ }
+
+ /* todo: add support for pgencounter */
+ if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAPgenCounter, xmlSecDSigNs))) {
+ cur = xmlSecGetNextElementNode(cur->next);
+ }
+
+ if(cur != NULL) {
+ xmlSecUnexpectedNodeError(cur, NULL);
+ return(-1);
+ }
+
+ /* success */
+ return(0);
+}
+
+static int
+xmlSecKeyValueDsaXmlWrite(xmlSecKeyValueDsaPtr data, xmlNodePtr node,
+ int writePrivateKey, int base64LineSize, int addLineBreaks) {
+ xmlNodePtr cur;
+ int ret;
+
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+
+ /* first is P node */
+ cur = xmlSecAddChild(node, xmlSecNodeDSAP, xmlSecDSigNs);
+ if(cur == NULL) {
+ xmlSecInternalError("xmlSecAddChild(NodeDSAP)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
+ } else {
+ xmlNodeSetContent(cur, xmlSecStringEmpty);
+ }
+ ret = xmlSecBufferBase64NodeContentWrite(&(data->p), cur, base64LineSize);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentWrite(p)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ }
+
+ /* next is Q node. */
+ cur = xmlSecAddChild(node, xmlSecNodeDSAQ, xmlSecDSigNs);
+ if(cur == NULL) {
+ xmlSecInternalError("xmlSecAddChild(NodeDSAQ)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
+ } else {
+ xmlNodeSetContent(cur, xmlSecStringEmpty);
+ }
+ ret = xmlSecBufferBase64NodeContentWrite(&(data->q), cur, base64LineSize);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentWrite(q)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ }
+
+ /* next is G node. */
+ cur = xmlSecAddChild(node, xmlSecNodeDSAG, xmlSecDSigNs);
+ if(cur == NULL) {
+ xmlSecInternalError("xmlSecAddChild(NodeDSAG)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
+ } else {
+ xmlNodeSetContent(cur, xmlSecStringEmpty);
+ }
+ ret = xmlSecBufferBase64NodeContentWrite(&(data->g), cur, base64LineSize);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentWrite(g)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ }
+
+ /* next is X node: write it ONLY for private keys and ONLY if it is requested */
+ if((writePrivateKey != 0) && (xmlSecBufferGetSize(&(data->x)) > 0)) {
+ cur = xmlSecAddChild(node, xmlSecNodeDSAX, xmlSecNs);
+ if(cur == NULL) {
+ xmlSecInternalError("xmlSecAddChild(NodeDSAX)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
+ } else {
+ xmlNodeSetContent(cur, xmlSecStringEmpty);
+ }
+ ret = xmlSecBufferBase64NodeContentWrite(&(data->x), cur, base64LineSize);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentWrite(x)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ }
+ }
+
+ /* next is Y node. */
+ cur = xmlSecAddChild(node, xmlSecNodeDSAY, xmlSecDSigNs);
+ if(cur == NULL) {
+ xmlSecInternalError("xmlSecAddChild(NodeDSAY)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
+ } else {
+ xmlNodeSetContent(cur, xmlSecStringEmpty);
+ }
+ ret = xmlSecBufferBase64NodeContentWrite(&(data->y), cur, base64LineSize);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentWrite(y)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ }
+
+ return(0);
+}
+#endif /* !defined(XMLSEC_NO_DSA) */
+
+
+#if !defined(XMLSEC_NO_RSA)
+/**************************************************************************
+ *
+ * Helper functions to read/write RSA keys
+ *
+ *************************************************************************/
+#define XMLSEC_KEY_DATA_RSA_INIT_BUF_SIZE 512
+
+static int xmlSecKeyValueRsaInitialize (xmlSecKeyValueRsaPtr data);
+static void xmlSecKeyValueRsaFinalize (xmlSecKeyValueRsaPtr data);
+static int xmlSecKeyValueRsaXmlRead (xmlSecKeyValueRsaPtr data,
+ xmlNodePtr node);
+static int xmlSecKeyValueRsaXmlWrite (xmlSecKeyValueRsaPtr data,
+ xmlNodePtr node,
+ int writePrivateKey,
+ int base64LineSize,
+ int addLineBreaks);
+
+/**
+ * xmlSecKeyDataRsaXmlRead:
+ * @id: the data id.
+ * @key: the key.
+ * @node: the pointer to data's value XML node.
+ * @keyInfoCtx: the <dsig:KeyInfo/> node processing context.
+ * @readFunc: the pointer to the function that converts
+ * @xmlSecKeyValueRsa to @xmlSecKeyData.
+ *
+ * DSA Key data method for reading XML node.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx,
+ xmlSecKeyDataRsaRead readFunc) {
+ xmlSecKeyDataPtr data = NULL;
+ xmlSecKeyValueRsa rsaValue;
+ int rsaDataInitialized = 0;
+ int res = -1;
+ int ret;
+
+ xmlSecAssert2(id != NULL, -1);
+ xmlSecAssert2(key != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(readFunc != NULL, -1);
+
+ if(xmlSecKeyGetValue(key) != NULL) {
+ xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+ xmlSecKeyDataKlassGetName(id), "key already has a value");
+ goto done;
+ }
+
+ ret = xmlSecKeyValueRsaInitialize(&rsaValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueRsaInitialize",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ rsaDataInitialized = 1;
+
+ ret = xmlSecKeyValueRsaXmlRead(&rsaValue, node);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueRsaXmlRead",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ data = readFunc(id, &rsaValue);
+ if(data == NULL) {
+ xmlSecInternalError("xmlSecKeyDataRsaRead",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /* set key value */
+ ret = xmlSecKeySetValue(key, data);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeySetValue",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ data = NULL; /* data is owned by key now */
+
+ /* success */
+ res = 0;
+
+done:
+ /* cleanup */
+ if(rsaDataInitialized != 0) {
+ xmlSecKeyValueRsaFinalize(&rsaValue);
+ }
+ if(data != NULL) {
+ xmlSecKeyDataDestroy(data);
+ }
+ return(res);
+}
+
+/**
+ * xmlSecKeyDataRsaXmlWrite:
+ * @id: the data id.
+ * @key: the key.
+ * @node: the pointer to data's value XML node.
+ * @keyInfoCtx: the <dsig:KeyInfo> node processing context.
+ * @base64LineSize: the base64 max line size.
+ * @addLineBreaks: the flag indicating if we need to add line breaks around base64 output.
+ * @writeFunc: the pointer to the function that converts
+ * @xmlSecKeyData to @xmlSecKeyValueRsa.
+ *
+ * DSA Key data method for writing XML node.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx,
+ int base64LineSize, int addLineBreaks,
+ xmlSecKeyDataRsaWrite writeFunc) {
+ xmlSecKeyDataPtr data;
+ xmlSecKeyValueRsa rsaValue;
+ int rsaDataInitialized = 0;
+ int writePrivateKey = 0;
+ int res = -1;
+ int ret;
+
+ xmlSecAssert2(id != NULL, -1);
+ xmlSecAssert2(key != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(writeFunc != NULL, -1);
+ xmlSecAssert2(base64LineSize > 0, -1);
+
+ if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
+ /* we can only write private key or public key */
+ return(0);
+ }
+ if((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) {
+ writePrivateKey = 1;
+ }
+
+ data = xmlSecKeyGetValue(key);
+ if(data == NULL) {
+ xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+ xmlSecKeyDataKlassGetName(id), "key has no value");
+ goto done;
+ }
+
+ ret = xmlSecKeyValueRsaInitialize(&rsaValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueRsaInitialize",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ rsaDataInitialized = 1;
+
+ ret = writeFunc(id, data, &rsaValue, writePrivateKey);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyDataRsaWrite",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ ret = xmlSecKeyValueRsaXmlWrite(&rsaValue, node, writePrivateKey,
+ base64LineSize, addLineBreaks);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueRsaXmlWrite",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ /* cleanup */
+ if(rsaDataInitialized != 0) {
+ xmlSecKeyValueRsaFinalize(&rsaValue);
+ }
+ return(res);
+}
+
+static int
+xmlSecKeyValueRsaInitialize(xmlSecKeyValueRsaPtr data) {
+ int ret;
+
+ xmlSecAssert2(data != NULL, -1);
+ memset(data, 0, sizeof(xmlSecKeyValueRsa));
+
+ ret = xmlSecBufferInitialize(&(data->modulus), XMLSEC_KEY_DATA_RSA_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(modulus)", NULL);
+ xmlSecKeyValueRsaFinalize(data);
+ return(-1);
+ }
+ ret = xmlSecBufferInitialize(&(data->publicExponent), XMLSEC_KEY_DATA_RSA_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(q)", NULL);
+ xmlSecKeyValueRsaFinalize(data);
+ return(-1);
+ }
+ ret = xmlSecBufferInitialize(&(data->privateExponent), XMLSEC_KEY_DATA_RSA_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(g)", NULL);
+ xmlSecKeyValueRsaFinalize(data);
+ return(-1);
+ }
+ return(0);
+}
+
+static void
+xmlSecKeyValueRsaFinalize(xmlSecKeyValueRsaPtr data) {
+ xmlSecAssert(data != NULL);
+
+ xmlSecBufferFinalize(&(data->modulus));
+ xmlSecBufferFinalize(&(data->publicExponent));
+ xmlSecBufferFinalize(&(data->privateExponent));
+ memset(data, 0, sizeof(xmlSecKeyValueRsa));
+}
+
+static int
+xmlSecKeyValueRsaXmlRead(xmlSecKeyValueRsaPtr data, xmlNodePtr node) {
+ xmlNodePtr cur;
+ int ret;
+
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+
+ cur = xmlSecGetNextElementNode(node->children);
+
+ /* first is REQUIRED Modulus node. */
+ if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAModulus, xmlSecDSigNs))) {
+ xmlSecInvalidNodeError(cur, xmlSecNodeDSAP, NULL);
+ return(-1);
+ }
+ ret = xmlSecBufferBase64NodeContentRead(&(data->modulus), cur);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentRead(p)", NULL);
+ return(-1);
+ }
+ cur = xmlSecGetNextElementNode(cur->next);
+
+ /* next is REQUIRED Exponent node. */
+ if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAExponent, xmlSecDSigNs))) {
+ xmlSecInvalidNodeError(cur, xmlSecNodeDSAQ, NULL);
+ return(-1);
+ }
+ ret = xmlSecBufferBase64NodeContentRead(&(data->publicExponent), cur);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentRead(q)", NULL);
+ return(-1);
+ }
+ cur = xmlSecGetNextElementNode(cur->next);
+
+ /* next is PrivateExponent node. It is REQUIRED for private key but
+ * we are not sure exactly what are we reading */
+ if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeRSAPrivateExponent, xmlSecNs))) {
+ ret = xmlSecBufferBase64NodeContentRead(&(data->privateExponent), cur);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentRead(x)", NULL);
+ return(-1);
+ }
+ cur = xmlSecGetNextElementNode(cur->next);
+ } else {
+ /* make sure it's empty */
+ ret = xmlSecBufferSetSize(&(data->privateExponent), 0);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferSetSize(0)", NULL);
+ return(-1);
+ }
+ }
+
+ if(cur != NULL) {
+ xmlSecUnexpectedNodeError(cur, NULL);
+ return(-1);
+ }
+
+ /* success */
+ return(0);
+}
+
+static int
+xmlSecKeyValueRsaXmlWrite(xmlSecKeyValueRsaPtr data, xmlNodePtr node,
+ int writePrivateKey, int base64LineSize, int addLineBreaks) {
+ xmlNodePtr cur;
+ int ret;
+
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+
+ /* first is Modulus node */
+ cur = xmlSecAddChild(node, xmlSecNodeRSAModulus, xmlSecDSigNs);
+ if(cur == NULL) {
+ xmlSecInternalError("xmlSecAddChild(Modulus)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
+ } else {
+ xmlNodeSetContent(cur, xmlSecStringEmpty);
+ }
+ ret = xmlSecBufferBase64NodeContentWrite(&(data->modulus), cur, base64LineSize);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentWrite(modulus)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ }
+
+ /* next is Exponent node. */
+ cur = xmlSecAddChild(node, xmlSecNodeRSAExponent, xmlSecDSigNs);
+ if(cur == NULL) {
+ xmlSecInternalError("xmlSecAddChild(Exponent)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
+ } else {
+ xmlNodeSetContent(cur, xmlSecStringEmpty);
+ }
+ ret = xmlSecBufferBase64NodeContentWrite(&(data->publicExponent), cur, base64LineSize);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentWrite(exponent)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ }
+
+ /* next is PrivateExponent node: write it ONLY for private keys and ONLY if it is requested */
+ if((writePrivateKey != 0) && (xmlSecBufferGetSize(&(data->privateExponent)) > 0)) {
+ cur = xmlSecAddChild(node, xmlSecNodeRSAPrivateExponent, xmlSecNs);
+ if(cur == NULL) {
+ xmlSecInternalError("xmlSecAddChild(PrivateExponent)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
+ } else {
+ xmlNodeSetContent(cur, xmlSecStringEmpty);
+ }
+ ret = xmlSecBufferBase64NodeContentWrite(&(data->privateExponent), cur, base64LineSize);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentWrite(privateExponent)", NULL);
+ return(-1);
+ }
+ if(addLineBreaks) {
+ xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ }
+ }
+
+ return(0);
+}
+#endif /* !defined(XMLSEC_NO_RSA) */
+
+
+#if !defined(XMLSEC_NO_X509)
+/**************************************************************************
+ *
+ * Helper functions to read/write <dsig:X509Data>
+ *
+ *
+ * The X509Data Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
+ *
+ * An X509Data element within KeyInfo contains one or more identifiers of keys
+ * or X509 certificates (or certificates' identifiers or a revocation list).
+ * The content of X509Data is:
+ *
+ * 1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
+ * 2.
+ * * The X509IssuerSerial element, which contains an X.509 issuer
+ * distinguished name/serial number pair that SHOULD be compliant
+ * with RFC2253 [LDAP-DN],
+ * * The X509SubjectName element, which contains an X.509 subject
+ * distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
+ * * The X509SKI element, which contains the base64 encoded plain (i.e.
+ * non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
+ * * The X509Certificate element, which contains a base64-encoded [X509v3]
+ * certificate, and
+ * * Elements from an external namespace which accompanies/complements any
+ * of the elements above.
+ * * The X509CRL element, which contains a base64-encoded certificate
+ * revocation list (CRL) [X509v3].
+ *
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
+ * MUST refer to the certificate or certificates containing the validation key.
+ * All such elements that refer to a particular individual certificate MUST be
+ * grouped inside a single X509Data element and if the certificate to which
+ * they refer appears, it MUST also be in that X509Data element.
+ *
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
+ * the same key but different certificates MUST be grouped within a single
+ * KeyInfo but MAY occur in multiple X509Data elements.
+ *
+ * All certificates appearing in an X509Data element MUST relate to the
+ * validation key by either containing it or being part of a certification
+ * chain that terminates in a certificate containing the validation key.
+ *
+ * No ordering is implied by the above constraints.
+ *
+ * Note, there is no direct provision for a PKCS#7 encoded "bag" of
+ * certificates or CRLs. However, a set of certificates and CRLs can occur
+ * within an X509Data element and multiple X509Data elements can occur in a
+ * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
+ * least one such certificate must contain the public key which verifies the
+ * signature.
+ *
+ * Schema Definition
+ *
+ * <element name="X509Data" type="ds:X509DataType"/>
+ * <complexType name="X509DataType">
+ * <sequence maxOccurs="unbounded">
+ * <choice>
+ * <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
+ * <element name="X509SKI" type="base64Binary"/>
+ * <element name="X509SubjectName" type="string"/>
+ * <element name="X509Certificate" type="base64Binary"/>
+ * <element name="X509CRL" type="base64Binary"/>
+ * <any namespace="##other" processContents="lax"/>
+ * </choice>
+ * </sequence>
+ * </complexType>
+ * <complexType name="X509IssuerSerialType">
+ * <sequence>
+ * <element name="X509IssuerName" type="string"/>
+ * <element name="X509SerialNumber" type="integer"/>
+ * </sequence>
+ * </complexType>
+ *
+ * DTD
+ *
+ * <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
+ * X509Certificate | X509CRL)+ %X509.ANY;)>
+ * <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
+ * <!ELEMENT X509IssuerName (#PCDATA) >
+ * <!ELEMENT X509SubjectName (#PCDATA) >
+ * <!ELEMENT X509SerialNumber (#PCDATA) >
+ * <!ELEMENT X509SKI (#PCDATA) >
+ * <!ELEMENT X509Certificate (#PCDATA) >
+ * <!ELEMENT X509CRL (#PCDATA) >
+ *
+ *************************************************************************/
+#define XMLSEC_KEY_DATA_X509_INIT_BUF_SIZE 512
+
+static int xmlSecKeyValueX509Initialize (xmlSecKeyValueX509Ptr x509Value);
+static void xmlSecKeyValueX509Finalize (xmlSecKeyValueX509Ptr x509Value);
+static void xmlSecKeyValueX509Reset (xmlSecKeyValueX509Ptr x509Value);
+static int xmlSecKeyValueX509XmlRead (xmlSecKeyValueX509Ptr x509Value,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int xmlSecKeyValueX509XmlWrite (xmlSecKeyValueX509Ptr x509Value,
+ xmlNodePtr node,
+ int base64LineSize,
+ int addLineBreaks);
+
+/**
+ * xmlSecKeyDataX509XmlRead:
+ * @data: the x509 key data.
+ * @node: the pointer to data's value XML node.
+ * @keyInfoCtx: the <dsig:KeyInfo/> node processing context.
+ * @readFunc: the pointer to the function that converts
+ * @xmlSecKeyValueX509 to @xmlSecKeyData.
+ *
+ * X509 Key data method for reading XML node.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecKeyDataX509XmlRead(xmlSecKeyDataPtr data, xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx,
+ xmlSecKeyDataX509Read readFunc) {
+ xmlSecKeyValueX509 x509Value;
+ int x509ValueInitialized = 0;
+ xmlNodePtr cur;
+ int res = -1;
+ int ret;
+
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
+ xmlSecAssert2(readFunc != NULL, -1);
+
+ ret = xmlSecKeyValueX509Initialize(&x509Value);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509Initialize",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ x509ValueInitialized = 1;
+
+ for(cur = xmlSecGetNextElementNode(node->children); cur != NULL; cur = xmlSecGetNextElementNode(cur->next)) {
+ ret = xmlSecKeyValueX509XmlRead(&x509Value, cur, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509XmlRead",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ ret = readFunc(data, &x509Value, keyInfoCtx->keysMngr, keyInfoCtx->flags);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyDataX509Read",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ /* cleanup for the next node */
+ xmlSecKeyValueX509Reset(&x509Value);
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ /* cleanup */
+ if(x509ValueInitialized != 0) {
+ xmlSecKeyValueX509Finalize(&x509Value);
+ }
+
+ return(res);
+}
+
+/**
+ * xmlSecKeyDataDsaXmlWrite:
+ * @data: the x509 key data.
+ * @x509ObjNum: the number of X509 objects in @data.
+ * @node: the pointer to data's value XML node.
+ * @keyInfoCtx: the <dsig:KeyInfo> node processing context.
+ * @base64LineSize: the base64 max line size.
+ * @addLineBreaks: the flag indicating if we need to add line breaks around base64 output.
+ * @writeFunc: the pointer to the function that converts
+ * @xmlSecKeyData to @xmlSecKeyValueDsa.
+ *
+ * DSA Key data method for writing XML node.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecKeyDataX509XmlWrite(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx,
+ int base64LineSize, int addLineBreaks,
+ xmlSecKeyDataX509Write writeFunc, void* writeFuncContext) {
+ xmlSecKeyValueX509 x509Value;
+ int x509ValueInitialized = 0;
+ int content;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(base64LineSize > 0, -1);
+ xmlSecAssert2(writeFunc != NULL, -1);
+
+ if(((xmlSecKeyDataTypePublic) & keyInfoCtx->keyReq.keyType) == 0) {
+ /* we can only write public key */
+ return(0);
+ }
+
+ content = xmlSecX509DataGetNodeContent(node, keyInfoCtx);
+ if (content < 0) {
+ xmlSecInternalError2("xmlSecX509DataGetNodeContent",
+ xmlSecKeyDataGetName(data), "content=%d", content);
+ goto done;
+ } else if(content == 0) {
+ /* by default we are writing certificates and crls */
+ content = XMLSEC_X509DATA_DEFAULT;
+ }
+
+ ret = xmlSecKeyValueX509Initialize(&x509Value);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509Initialize",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ x509ValueInitialized = 1;
+
+ while(1) {
+ ret = writeFunc(data, &x509Value, content, writeFuncContext);
+ if(ret < 0) {
+ xmlSecInternalError("writeFunc",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ } else if (ret == 1) {
+ break;
+ }
+
+ ret = xmlSecKeyValueX509XmlWrite(&x509Value, node, base64LineSize, addLineBreaks);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509XmlWrite",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ /* cleanup for the next obj */
+ xmlSecKeyValueX509Reset(&x509Value);
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ /* cleanup */
+ if(x509ValueInitialized != 0) {
+ xmlSecKeyValueX509Finalize(&x509Value);
+ }
+
+ return(res);
+}
+
+static int
+xmlSecKeyValueX509Initialize(xmlSecKeyValueX509Ptr x509Value) {
+ int ret;
+
+ xmlSecAssert2(x509Value != NULL, -1);
+ memset(x509Value, 0, sizeof(xmlSecKeyValueX509));
+
+ ret = xmlSecBufferInitialize(&(x509Value->cert), XMLSEC_KEY_DATA_X509_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(cert)", NULL);
+ xmlSecKeyValueX509Finalize(x509Value);
+ return(-1);
+ }
+ ret = xmlSecBufferInitialize(&(x509Value->crl), XMLSEC_KEY_DATA_X509_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(crl)", NULL);
+ xmlSecKeyValueX509Finalize(x509Value);
+ return(-1);
+ }
+ ret = xmlSecBufferInitialize(&(x509Value->ski), XMLSEC_KEY_DATA_X509_INIT_BUF_SIZE);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize(ski)", NULL);
+ xmlSecKeyValueX509Finalize(x509Value);
+ return(-1);
+ }
+ return(0);
+}
+
+static void
+xmlSecKeyValueX509Finalize(xmlSecKeyValueX509Ptr x509Value) {
+ xmlSecAssert(x509Value != NULL);
+
+ xmlSecBufferFinalize(&(x509Value->cert));
+ xmlSecBufferFinalize(&(x509Value->crl));
+ xmlSecBufferFinalize(&(x509Value->ski));
+ if(x509Value->subject != NULL) {
+ xmlFree(x509Value->subject);
+ }
+ if(x509Value->issuerName != NULL) {
+ xmlFree(x509Value->issuerName);
+ }
+ if(x509Value->issuerSerial != NULL) {
+ xmlFree(x509Value->issuerSerial);
+ }
+ memset(x509Value, 0, sizeof(xmlSecKeyValueX509));
+}
+
+static void
+xmlSecKeyValueX509Reset(xmlSecKeyValueX509Ptr x509Value) {
+ xmlSecAssert(x509Value != NULL);
+
+ xmlSecBufferEmpty(&(x509Value->cert));
+ xmlSecBufferEmpty(&(x509Value->crl));
+ xmlSecBufferEmpty(&(x509Value->ski));
+ if(x509Value->subject != NULL) {
+ xmlFree(x509Value->subject);
+ x509Value->subject = NULL;
+ }
+ if(x509Value->issuerName != NULL) {
+ xmlFree(x509Value->issuerName);
+ x509Value->issuerName = NULL;
+ }
+ if(x509Value->issuerSerial != NULL) {
+ xmlFree(x509Value->issuerSerial);
+ x509Value->issuerSerial = NULL;
+ }
+}
+
+static int
+xmlSecKeyValueX509XmlReadBase64Blob(xmlSecBufferPtr buf, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlChar *content;
+ xmlSecSize decodedSize;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+ content = xmlNodeGetContent(node);
+ if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+ xmlSecInvalidNodeContentError(node, NULL, "empty");
+ goto done;
+ }
+
+ /* success */
+ res = 0;
+ goto done;
+ }
+
+ /* usual trick with base64 decoding "in-place" */
+ decodedSize = 0;
+ ret = xmlSecBase64DecodeInPlace(content, &decodedSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBase64DecodeInPlace", NULL,
+ "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+ goto done;
+ }
+
+ ret = xmlSecBufferSetData(buf, (xmlSecByte*)content, decodedSize);
+ if(ret < 0) {
+ xmlSecInternalError3("xmlSecBufferSetData", NULL,
+ "node=%s; size=" XMLSEC_SIZE_FMT,
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+ decodedSize);
+ goto done;
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ /* cleanup */
+ if(content != NULL) {
+ xmlFree(content);
+ }
+ return(res);
+}
+
+static void
+xmlSecKeyValueX509Trim(xmlChar * str) {
+ xmlChar * p, * q;
+ int len;
+
+ xmlSecAssert(str != NULL);
+
+ len = xmlStrlen(str);
+ if(len <= 0) {
+ return;
+ }
+
+ /* skip spaces from the beggining */
+ p = str;
+ q = str + len - 1;
+ while(isspace(*p) && (p != q)) {
+ ++p;
+ }
+ while(isspace(*q) && (p != q)) {
+ --q;
+ }
+
+ /* all the cases */
+ if((p == q) && isspace(*p)) {
+ (*str) = '\0';
+ return;
+ } else if(p == str) {
+ *(q + 1) = '\0';
+ } else {
+ xmlSecAssert(q >= p);
+
+ len = (int)(q - p + 1);
+ memmove(str, p, (size_t)len);
+ str[len] = '\0';
+ }
+}
+
+static int
+xmlSecKeyValueX509XmlReadString(xmlChar **str, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlChar *content;
+ int res = -1;
+
+ xmlSecAssert2(str != NULL, -1);
+ xmlSecAssert2((*str) == NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+ content = xmlNodeGetContent(node);
+ if(content != NULL) {
+ xmlSecKeyValueX509Trim(content);
+ }
+ if((content == NULL) || (xmlStrlen(content) <= 0)) {
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+ xmlSecInvalidNodeContentError(node, NULL, "empty");
+ goto done;
+ }
+
+ /* success */
+ res = 0;
+ goto done;
+ }
+
+ /* success */
+ (*str) = content;
+ content = NULL;
+ res = 0;
+
+done:
+ /* cleanup */
+ if(content != NULL) {
+ xmlFree(content);
+ }
+ return(res);
+}
+
+static int
+xmlSecKeyValueX509XmlReadIssuerSerial(xmlSecKeyValueX509Ptr x509Value, xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlNodePtr cur;
+
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(x509Value->issuerName == NULL, -1);
+ xmlSecAssert2(x509Value->issuerSerial == NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+ cur = xmlSecGetNextElementNode(node->children);
+ if(cur == NULL) {
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+ xmlSecNodeNotFoundError("xmlSecGetNextElementNode", node, NULL, NULL);
+ return(-1);
+ }
+ return(0);
+ }
+
+ /* the first is required node X509IssuerName */
+ if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
+ xmlSecInvalidNodeError(cur, xmlSecNodeX509IssuerName, NULL);
+ return(-1);
+ }
+ x509Value->issuerName = xmlNodeGetContent(cur);
+ if((x509Value->issuerName == NULL) || (xmlSecIsEmptyString(x509Value->issuerName) == 1)) {
+ xmlSecInvalidNodeContentError(cur, NULL, "empty");
+ return(-1);
+ }
+ cur = xmlSecGetNextElementNode(cur->next);
+
+ /* next is required node X509SerialNumber */
+ if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
+ xmlSecInvalidNodeError(cur, xmlSecNodeX509SerialNumber, NULL);
+ return(-1);
+ }
+ x509Value->issuerSerial = xmlNodeGetContent(cur);
+ if((x509Value->issuerSerial == NULL) || (xmlSecIsEmptyString(x509Value->issuerSerial) == 1)) {
+ xmlSecInvalidNodeContentError(cur, NULL, "empty");
+ return(-1);
+ }
+ cur = xmlSecGetNextElementNode(cur->next);
+
+ /* nothing else is expected */
+ if(cur != NULL) {
+ xmlSecUnexpectedNodeError(cur, NULL);
+ return(-1);
+ }
+
+ /* success */
+ return(0);
+}
+
+static int
+xmlSecKeyValueX509XmlRead(xmlSecKeyValueX509Ptr x509Value, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ int ret;
+
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+ if(xmlSecCheckNodeName(node, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
+ ret = xmlSecKeyValueX509XmlReadBase64Blob(&(x509Value->cert), node, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509XmlReadBase64Blob(cert)", NULL);
+ return(-1);
+ }
+ } else if(xmlSecCheckNodeName(node, xmlSecNodeX509CRL, xmlSecDSigNs)) {
+ ret = xmlSecKeyValueX509XmlReadBase64Blob(&(x509Value->crl), node, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509XmlReadBase64Blob(crl)", NULL);
+ return(-1);
+ }
+ } else if(xmlSecCheckNodeName(node, xmlSecNodeX509SKI, xmlSecDSigNs)) {
+ ret = xmlSecKeyValueX509XmlReadBase64Blob(&(x509Value->ski), node, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509XmlReadBase64Blob(ski)", NULL);
+ return(-1);
+ }
+ } else if(xmlSecCheckNodeName(node, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
+ ret = xmlSecKeyValueX509XmlReadString(&(x509Value->subject), node, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509XmlReadString(subject)", NULL);
+ return(-1);
+ }
+ } else if(xmlSecCheckNodeName(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
+ ret = xmlSecKeyValueX509XmlReadIssuerSerial(x509Value, node, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509XmlReadIssuerSerial", NULL);
+ return(-1);
+ }
+ } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
+ /* laxi schema validation: ignore unknown nodes */
+ xmlSecUnexpectedNodeError(node, NULL);
+ return(-1);
+ }
+
+ /* done */
+ return(0);
+}
+
+static int
+xmlSecKeyValueX509XmlWriteBase64Blob(xmlSecBufferPtr buf, xmlNodePtr node,
+ const xmlChar* nodeName, const xmlChar* nodeNs,
+ int base64LineSize, int addLineBreaks) {
+ xmlNodePtr cur;
+ xmlChar *content;
+ int res = -1;
+
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(nodeName != NULL, -1);
+
+ content = xmlSecBase64Encode(xmlSecBufferGetData(buf), xmlSecBufferGetSize(buf),
+ base64LineSize);
+ if(content == NULL) {
+ xmlSecInternalError("xmlSecBase64Encode", NULL);
+ goto done;
+ }
+
+ cur = xmlSecEnsureEmptyChild(node, nodeName, nodeNs);
+ if(cur == NULL) {
+ xmlSecInternalError2("xmlSecEnsureEmptyChild()", NULL,
+ "nodeName=%s", xmlSecErrorsSafeString(nodeName));
+ goto done;
+ }
+
+ if(addLineBreaks) {
+ xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ }
+
+ xmlNodeSetContent(cur, content);
+
+ if(addLineBreaks) {
+ xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ /* cleanup */
+ if(content != NULL) {
+ xmlFree(content);
+ }
+ return(res);
+}
+
+
+static int
+xmlSecKeyValueX509XmlWriteString(const xmlChar* content, xmlNodePtr node,
+ const xmlChar* nodeName, const xmlChar* nodeNs) {
+ xmlNodePtr cur;
+
+ xmlSecAssert2(content != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(nodeName != NULL, -1);
+
+ cur = xmlSecEnsureEmptyChild(node, nodeName, nodeNs);
+ if(cur == NULL) {
+ xmlSecInternalError2("xmlSecEnsureEmptyChild()", NULL,
+ "nodeName=%s", xmlSecErrorsSafeString(nodeName));
+ return(-1);
+ }
+
+ xmlNodeSetContent(cur, content);
+
+ /* success */
+ return(0);
+}
+
+static int
+xmlSecKeyValueX509XmlWrite(xmlSecKeyValueX509Ptr x509Value, xmlNodePtr node,
+ int base64LineSize, int addLineBreaks) {
+ int ret;
+
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(node != NULL, -1);
+
+ if(xmlSecBufferGetSize(&(x509Value->cert)) > 0) {
+ ret = xmlSecKeyValueX509XmlWriteBase64Blob(&(x509Value->cert), node,
+ xmlSecNodeX509Certificate, xmlSecDSigNs,
+ base64LineSize, addLineBreaks);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509XmlWriteBase64Blob(cert)", NULL);
+ return(-1);
+ }
+ }
+ if(xmlSecBufferGetSize(&(x509Value->crl)) > 0) {
+ ret = xmlSecKeyValueX509XmlWriteBase64Blob(&(x509Value->crl), node,
+ xmlSecNodeX509CRL, xmlSecDSigNs,
+ base64LineSize, addLineBreaks);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509XmlWriteBase64Blob(cert)", NULL);
+ return(-1);
+ }
+ }
+ if(xmlSecBufferGetSize(&(x509Value->ski)) > 0) {
+ ret = xmlSecKeyValueX509XmlWriteBase64Blob(&(x509Value->ski), node,
+ xmlSecNodeX509SKI, xmlSecDSigNs,
+ base64LineSize, addLineBreaks);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeyValueX509XmlWriteBase64Blob(ski)", NULL);
+ return(-1);
+ }
+ }
+ if(x509Value->subject != NULL) {
+ ret = xmlSecKeyValueX509XmlWriteString(x509Value->subject, node,
+ xmlSecNodeX509SubjectName, xmlSecDSigNs);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecKeyValueX509XmlWriteString", NULL,
+ "subject=%s", xmlSecErrorsSafeString(x509Value->subject));
+ return(-1);
+ }
+ }
+ if((x509Value->issuerName != NULL) && (x509Value->issuerSerial != NULL)) {
+ xmlNodePtr issuerSerial;
+
+ issuerSerial = xmlSecEnsureEmptyChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
+ if(issuerSerial == NULL) {
+ xmlSecInternalError("xmlSecEnsureEmptyChild(xmlSecNodeX509IssuerSerial)", NULL);
+ return(-1);
+ }
+ ret = xmlSecKeyValueX509XmlWriteString(x509Value->issuerName, issuerSerial,
+ xmlSecNodeX509IssuerName, xmlSecDSigNs);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecKeyValueX509XmlWriteString", NULL,
+ "issuerName=%s", xmlSecErrorsSafeString(x509Value->issuerName));
+ return(-1);
+ }
+
+ ret = xmlSecKeyValueX509XmlWriteString(x509Value->issuerSerial, issuerSerial,
+ xmlSecNodeX509SerialNumber, xmlSecDSigNs);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecKeyValueX509XmlWriteString", NULL,
+ "issuerSerial=%s", xmlSecErrorsSafeString(x509Value->issuerSerial));
+ return(-1);
+ }
+ }
+ return(0);
+}
+
+
+#endif /* !defined(XMLSEC_NO_X509) */
+
+/***********************************************************************
+ *
+ * Keys Data list
+ *
+ **********************************************************************/
+static xmlSecPtrListKlass xmlSecKeyDataListKlass = {
+ BAD_CAST "key-data-list",
+ (xmlSecPtrDuplicateItemMethod)xmlSecKeyDataDuplicate, /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+ (xmlSecPtrDestroyItemMethod)xmlSecKeyDataDestroy, /* xmlSecPtrDestroyItemMethod destroyItem; */
+ (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDataDebugDump, /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+ (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDataDebugXmlDump, /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+};
+
+/**
+ * xmlSecKeyDataListGetKlass:
+ *
+ * The key data list klass.
+ *
+ * Returns: pointer to the key data list klass.
+ */
+xmlSecPtrListId
+xmlSecKeyDataListGetKlass(void) {
+ return(&xmlSecKeyDataListKlass);
+}
+
+
+/***********************************************************************
+ *
+ * Keys Data Ids list
+ *
+ **********************************************************************/
+static xmlSecPtrListKlass xmlSecKeyDataIdListKlass = {
+ BAD_CAST "key-data-ids-list",
+ NULL, /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+ NULL, /* xmlSecPtrDestroyItemMethod destroyItem; */
+ NULL, /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+ NULL, /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+};
+
+/**
+ * xmlSecKeyDataIdListGetKlass:
+ *
+ * The key data id list klass.
+ *
+ * Returns: pointer to the key data id list klass.
+ */
+xmlSecPtrListId
+xmlSecKeyDataIdListGetKlass(void) {
+ return(&xmlSecKeyDataIdListKlass);
+}
+
+/**
+ * xmlSecKeyDataIdListFind:
+ * @list: the pointer to key data ids list.
+ * @dataId: the key data klass.
+ *
+ * Lookups @dataId in @list.
+ *
+ * Returns: 1 if @dataId is found in the @list, 0 if not and a negative
+ * value if an error occurs.
+ */
+int
+xmlSecKeyDataIdListFind(xmlSecPtrListPtr list, xmlSecKeyDataId dataId) {
+ xmlSecSize i, size;
+
+ xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), 0);
+ xmlSecAssert2(dataId != NULL, 0);
+
+ size = xmlSecPtrListGetSize(list);
+ for(i = 0; i < size; ++i) {
+ if((xmlSecKeyDataId)xmlSecPtrListGetItem(list, i) == dataId) {
+ return(1);
+ }
+ }
+ return(0);
+}
+
+/**
+ * xmlSecKeyDataIdListFindByNode:
+ * @list: the pointer to key data ids list.
+ * @nodeName: the desired key data klass XML node name.
+ * @nodeNs: the desired key data klass XML node namespace.
+ * @usage: the desired key data usage.
+ *
+ * Lookups data klass in the list with given @nodeName, @nodeNs and
+ * @usage in the @list.
+ *
+ * Returns: key data klass is found and NULL otherwise.
+ */
+xmlSecKeyDataId
+xmlSecKeyDataIdListFindByNode(xmlSecPtrListPtr list, const xmlChar* nodeName,
+ const xmlChar* nodeNs, xmlSecKeyDataUsage usage) {
+ xmlSecKeyDataId dataId;
+ xmlSecSize i, size;
+
+ xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), xmlSecKeyDataIdUnknown);
+ xmlSecAssert2(nodeName != NULL, xmlSecKeyDataIdUnknown);
+
+ size = xmlSecPtrListGetSize(list);
+ for(i = 0; i < size; ++i) {
+ dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
+ xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
+
+ if(((usage & dataId->usage) != 0) &&
+ xmlStrEqual(nodeName, dataId->dataNodeName) &&
+ xmlStrEqual(nodeNs, dataId->dataNodeNs)) {
+
+ return(dataId);
+ }
+ }
+ return(xmlSecKeyDataIdUnknown);
+}
+
+/**
+ * xmlSecKeyDataIdListFindByHref:
+ * @list: the pointer to key data ids list.
+ * @href: the desired key data klass href.
+ * @usage: the desired key data usage.
+ *
+ * Lookups data klass in the list with given @href and @usage in @list.
+ *
+ * Returns: key data klass is found and NULL otherwise.
+ */
+xmlSecKeyDataId
+xmlSecKeyDataIdListFindByHref(xmlSecPtrListPtr list, const xmlChar* href,
+ xmlSecKeyDataUsage usage) {
+ xmlSecKeyDataId dataId;
+ xmlSecSize i, size;
+
+ xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), xmlSecKeyDataIdUnknown);
+ xmlSecAssert2(href != NULL, xmlSecKeyDataIdUnknown);
+
+ size = xmlSecPtrListGetSize(list);
+ for(i = 0; i < size; ++i) {
+ dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
+ xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
+
+ if(((usage & dataId->usage) != 0) && (dataId->href != NULL) &&
+ xmlStrEqual(href, dataId->href)) {
+
+ return(dataId);
+ }
+ }
+ return(xmlSecKeyDataIdUnknown);
+}
+
+/**
+ * xmlSecKeyDataIdListFindByName:
+ * @list: the pointer to key data ids list.
+ * @name: the desired key data klass name.
+ * @usage: the desired key data usage.
+ *
+ * Lookups data klass in the list with given @name and @usage in @list.
+ *
+ * Returns: key data klass is found and NULL otherwise.
+ */
+xmlSecKeyDataId
+xmlSecKeyDataIdListFindByName(xmlSecPtrListPtr list, const xmlChar* name,
+ xmlSecKeyDataUsage usage) {
+ xmlSecKeyDataId dataId;
+ xmlSecSize i, size;
+
+ xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), xmlSecKeyDataIdUnknown);
+ xmlSecAssert2(name != NULL, xmlSecKeyDataIdUnknown);
+
+ size = xmlSecPtrListGetSize(list);
+ for(i = 0; i < size; ++i) {
+ dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
+ xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
+
+ if(((usage & dataId->usage) != 0) && (dataId->name != NULL) &&
+ xmlStrEqual(name, BAD_CAST dataId->name)) {
+
+ return(dataId);
+ }
+ }
+ return(xmlSecKeyDataIdUnknown);
+}
+
+/**
+ * xmlSecKeyDataIdListDebugDump:
+ * @list: the pointer to key data ids list.
+ * @output: the pointer to output FILE.
+ *
+ * Prints binary key data debug information to @output.
+ */
+void
+xmlSecKeyDataIdListDebugDump(xmlSecPtrListPtr list, FILE* output) {
+ xmlSecKeyDataId dataId;
+ xmlSecSize i, size;
+
+ xmlSecAssert(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId));
xmlSecAssert(output != NULL);
size = xmlSecPtrListGetSize(list);
return(&xmlSecKeyDataStorePtrListKlass);
}
+/**
+ * xmlSecImportSetPersistKey:
+ *
+ * Sets global flag to import keys to persistent storage (MSCrypto and MSCNG).
+ * Also see PKCS12_NO_PERSIST_KEY.
+ *
+ */
void xmlSecImportSetPersistKey(void) {
xmlSecImportPersistKey = 1;
}
+/**
+ * xmlSecImportGetPersistKey:
+ *
+ * Gets global flag to import keys to persistent storage (MSCrypto and MSCNG).
+ * Also see PKCS12_NO_PERSIST_KEY.
+ *
+ * Returns: 1 if keys should be imported into persistent storage and 0 otherwise.
+ */
int xmlSecImportGetPersistKey(void) {
return xmlSecImportPersistKey;
}
-
--- /dev/null
+/*
+ * XML Security Library (http://www.aleksey.com/xmlsec).
+ *
+ * Internal header only used during the compilation,
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ */
+#ifndef __XMLSEC_KEYSDATA_HELPERS_H__
+#define __XMLSEC_KEYSDATA_HELPERS_H__
+
+
+#ifndef XMLSEC_PRIVATE
+#error "private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
+#endif /* XMLSEC_PRIVATE */
+
+#include <xmlsec/keysdata.h>
+
+/**************************************************************************
+ *
+ * xmlSecKeyDataBinary (for HMAC, AES, DES, ...)
+ *
+ * xmlSecKeyData + xmlSecBuffer (key)
+ *
+ *************************************************************************/
+
+/**
+ * xmlSecKeyDataiBinary:
+ * @keyData: the key data (#xmlSecKeyData).
+ * @buffer: the key's binary (#xmlSecBuffer).
+ *
+ * The binary key data (e.g. HMAC key).
+ */
+typedef struct _xmlSecKeyDataBinary {
+ xmlSecKeyData keyData;
+ xmlSecBuffer buffer;
+} xmlSecKeyDataBinary;
+
+/**
+ * xmlSecKeyDataBinarySize:
+ *
+ * The binary key data object size.
+ */
+#define xmlSecKeyDataBinarySize (sizeof(xmlSecKeyDataBinary))
+
+XMLSEC_EXPORT int xmlSecKeyDataBinaryValueInitialize (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT int xmlSecKeyDataBinaryValueDuplicate (xmlSecKeyDataPtr dst,
+ xmlSecKeyDataPtr src);
+XMLSEC_EXPORT void xmlSecKeyDataBinaryValueFinalize (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT int xmlSecKeyDataBinaryValueXmlRead (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int xmlSecKeyDataBinaryValueXmlWrite (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int xmlSecKeyDataBinaryValueBinRead (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ const xmlSecByte* buf,
+ xmlSecSize bufSize,
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int xmlSecKeyDataBinaryValueBinWrite (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlSecByte** buf,
+ xmlSecSize* bufSize,
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT void xmlSecKeyDataBinaryValueDebugDump (xmlSecKeyDataPtr data,
+ FILE* output);
+XMLSEC_EXPORT void xmlSecKeyDataBinaryValueDebugXmlDump (xmlSecKeyDataPtr data,
+ FILE* output);
+
+
+#if !defined(XMLSEC_NO_DSA)
+/**************************************************************************
+ *
+ * Helper functions to read/write DSA keys
+ *
+ *************************************************************************/
+typedef struct _xmlSecKeyValueDsa {
+ xmlSecBuffer p;
+ xmlSecBuffer q;
+ xmlSecBuffer g;
+ xmlSecBuffer x;
+ xmlSecBuffer y;
+} xmlSecKeyValueDsa, *xmlSecKeyValueDsaPtr;
+
+/**
+ * xmlSecKeyDataDsaRead:
+ * @id: the key data data.
+ * @dsaValue: the pointer to input @xmlSecKeyValueDsa.
+ *
+ * Creates xmlSecKeyData from @dsaValue
+ *
+ * Returns: the poitner to xmlSecKeyData or NULL if an error occurs.
+ */
+typedef xmlSecKeyDataPtr (*xmlSecKeyDataDsaRead) (xmlSecKeyDataId id,
+ xmlSecKeyValueDsaPtr dsaValue);
+
+/**
+ * xmlSecKeyDataDsaWrite:
+ * @id: the key data data.
+ * @data: the pointer to input @xmlSecKeyData.
+ * @dsaValue: the pointer to input @xmlSecKeyValueDsa.
+ * @writePrivateKey: the flag indicating if private key component should be output or not.
+ *
+ * Writes @xmlSecKeyData to @xmlSecKeyValueDsa.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+typedef int (*xmlSecKeyDataDsaWrite) (xmlSecKeyDataId id,
+ xmlSecKeyDataPtr data,
+ xmlSecKeyValueDsaPtr dsaValue,
+ int writePrivateKey);
+
+XMLSEC_EXPORT int xmlSecKeyDataDsaXmlRead (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx,
+ xmlSecKeyDataDsaRead readFunc);
+XMLSEC_EXPORT int xmlSecKeyDataDsaXmlWrite (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx,
+ int base64LineSize,
+ int addLineBreaks,
+ xmlSecKeyDataDsaWrite writeFunc);
+#endif /* !defined(XMLSEC_NO_DSA) */
+
+#if !defined(XMLSEC_NO_RSA)
+/**************************************************************************
+ *
+ * Helper functions to read/write RSA keys
+ *
+ *************************************************************************/
+typedef struct _xmlSecKeyValueRsa {
+ xmlSecBuffer modulus;
+ xmlSecBuffer publicExponent;
+ xmlSecBuffer privateExponent;
+} xmlSecKeyValueRsa, *xmlSecKeyValueRsaPtr;
+
+/**
+ * xmlSecKeyDataRsaRead:
+ * @id: the key data data.
+ * @dsaValue: the pointer to input @xmlSecKeyValueRsa.
+ *
+ * Creates xmlSecKeyData from @dsaValue
+ *
+ * Returns: the poitner to xmlSecKeyData or NULL if an error occurs.
+ */
+typedef xmlSecKeyDataPtr (*xmlSecKeyDataRsaRead) (xmlSecKeyDataId id,
+ xmlSecKeyValueRsaPtr rsaValue);
+
+/**
+ * xmlSecKeyDataRsaWrite:
+ * @id: the key data data.
+ * @data: the pointer to input @xmlSecKeyData.
+ * @dsaValue: the pointer to input @xmlSecKeyValueRsa.
+ * @writePrivateKey: the flag indicating if private key component should be output or not.
+ *
+ * Writes @xmlSecKeyData to @xmlSecKeyValueRsa.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+typedef int (*xmlSecKeyDataRsaWrite) (xmlSecKeyDataId id,
+ xmlSecKeyDataPtr data,
+ xmlSecKeyValueRsaPtr rsaValue,
+ int writePrivateKey);
+
+
+XMLSEC_EXPORT int xmlSecKeyDataRsaXmlRead (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx,
+ xmlSecKeyDataRsaRead readFunc);
+XMLSEC_EXPORT int xmlSecKeyDataRsaXmlWrite (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx,
+ int base64LineSize,
+ int addLineBreaks,
+ xmlSecKeyDataRsaWrite writeFunc);
+#endif /* !defined(XMLSEC_NO_RSA) */
+
+#if !defined(XMLSEC_NO_X509)
+/**************************************************************************
+ *
+ * Helper functions to read/write X509 Keys
+ *
+ *************************************************************************/
+typedef struct _xmlSecKeyValueX509 {
+ xmlSecBuffer cert;
+ xmlSecBuffer crl;
+ xmlSecBuffer ski;
+ xmlChar* subject;
+ xmlChar* issuerName;
+ xmlChar* issuerSerial;
+} xmlSecKeyValueX509, *xmlSecKeyValueX509Ptr;
+
+/**
+ * xmlSecKeyDataX509Read:
+ * @data: the pointer to result @xmlSecKeyData.
+ * @x509Value: the pointer to input @xmlSecKeyValueX509.
+ * @keysMngr: the pointer to @xmlSecKeysMngr.
+ * @flags: the flags for certs processing.
+ *
+ * Creates xmlSecKeyData from @dsaValue
+ *
+ * Returns: the poitner to xmlSecKeyData or NULL if an error occurs.
+ */
+typedef int (*xmlSecKeyDataX509Read) (xmlSecKeyDataPtr data,
+ xmlSecKeyValueX509Ptr x509Value,
+ xmlSecKeysMngrPtr keysMngr,
+ unsigned int flags);
+
+/**
+ * xmlSecKeyDataX509Write:
+ * @data: the pointer to result @xmlSecKeyData.
+ * @x509Value: the pointer to result @xmlSecKeyValueX509.
+ * @content: the bitmask of what should be output to @x509Value.
+ * @context: the writer function context.
+ *
+ * If available, writes the next X509 object (cert or crl) into @x509Value.
+ *
+ * Returns: 0 on success, 1 if no more certs/crls are available, or a negative'
+ * value if an error occurs.
+ */
+typedef int (*xmlSecKeyDataX509Write) (xmlSecKeyDataPtr data,
+ xmlSecKeyValueX509Ptr x509Value,
+ int content,
+ void* context);
+
+XMLSEC_EXPORT int xmlSecKeyDataX509XmlRead (xmlSecKeyDataPtr data,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx,
+ xmlSecKeyDataX509Read readFunc);
+XMLSEC_EXPORT int xmlSecKeyDataX509XmlWrite (xmlSecKeyDataPtr data,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx,
+ int base64LineSize,
+ int addLineBreaks,
+ xmlSecKeyDataX509Write writeFunc,
+ void* writeFuncContext);
+#endif /* !defined(XMLSEC_NO_X509) */
+
+#endif /* __XMLSEC_KEYSDATA_HELPERS_H__ */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:keysmngr
#include <xmlsec/errors.h>
#include <xmlsec/private.h>
+#include "cast_helpers.h"
/****************************************************************************
*
*
* Simple Keys Store
*
- * keys list (xmlSecPtrList) is located after xmlSecKeyStore
+ * xmlSecKeyStore + xmlSecPtrList (keys list)
*
***************************************************************************/
-#define xmlSecSimpleKeysStoreSize \
- (sizeof(xmlSecKeyStore) + sizeof(xmlSecPtrList))
-#define xmlSecSimpleKeysStoreGetList(store) \
- ((xmlSecKeyStoreCheckSize((store), xmlSecSimpleKeysStoreSize)) ? \
- (xmlSecPtrListPtr)(((xmlSecByte*)(store)) + sizeof(xmlSecKeyStore)) : \
- (xmlSecPtrListPtr)NULL)
+XMLSEC_KEY_STORE_DECLARE(SimpleKeysStore, xmlSecPtrList)
+#define xmlSecSimpleKeysStoreSize XMLSEC_KEY_STORE_SIZE(SimpleKeysStore)
static int xmlSecSimpleKeysStoreInitialize (xmlSecKeyStorePtr store);
static void xmlSecSimpleKeysStoreFinalize (xmlSecKeyStorePtr store);
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId), -1);
xmlSecAssert2(key != NULL, -1);
- list = xmlSecSimpleKeysStoreGetList(store);
+ list = xmlSecSimpleKeysStoreGetCtx(store);
xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyPtrListId), -1);
ret = xmlSecPtrListAdd(list, key);
*/
int
xmlSecSimpleKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
- xmlSecKeysMngrPtr keysMngr ATTRIBUTE_UNUSED) {
+ xmlSecKeysMngrPtr keysMngr) {
+ xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId), -1);
+
+ return(xmlSecSimpleKeysStoreLoad_ex(store, uri, keysMngr,
+ xmlSecSimpleKeysStoreAdoptKey));
+}
+
+/**
+ * xmlSecSimpleKeysStoreLoad_ex:
+ * @store: the pointer to simple keys store.
+ * @uri: the filename.
+ * @keysMngr: the pointer to associated keys manager.
+ * @adoptKeyFunc: the callback to add the key to keys manager.
+ *
+ * Reads keys from an XML file.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecSimpleKeysStoreLoad_ex(xmlSecKeyStorePtr store, const char *uri,
+ xmlSecKeysMngrPtr keysMngr ATTRIBUTE_UNUSED,
+ xmlSecSimpleKeysStoreAdoptKeyFunc adoptKeyFunc) {
xmlDocPtr doc;
xmlNodePtr root;
xmlNodePtr cur;
xmlSecKeyInfoCtx keyInfoCtx;
int ret;
- xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId), -1);
+ /* don't check store ID here because it might not be simple store ID;
+ * we will check for the correct store ID in the adoptKeyFunc instead */
+ xmlSecAssert2(store != NULL, -1);
xmlSecAssert2(uri != NULL, -1);
+ xmlSecAssert2(adoptKeyFunc != NULL, -1);
UNREFERENCED_PARAMETER(keysMngr);
doc = xmlParseFile(uri);
root = xmlDocGetRootElement(doc);
if(!xmlSecCheckNodeName(root, BAD_CAST "Keys", xmlSecNs)) {
xmlSecInvalidNodeError(root, BAD_CAST "Keys",
- xmlSecKeyStoreGetName(store));
+ xmlSecKeyStoreGetName(store));
xmlFreeDoc(doc);
return(-1);
}
key = xmlSecKeyCreate();
if(key == NULL) {
xmlSecInternalError("xmlSecKeyCreate",
- xmlSecKeyStoreGetName(store));
+ xmlSecKeyStoreGetName(store));
xmlFreeDoc(doc);
return(-1);
}
ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
if(ret < 0) {
xmlSecInternalError("xmlSecKeyInfoCtxInitialize",
- xmlSecKeyStoreGetName(store));
+ xmlSecKeyStoreGetName(store));
xmlSecKeyDestroy(key);
xmlFreeDoc(doc);
return(-1);
ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
if(ret < 0) {
xmlSecInternalError("xmlSecKeyInfoNodeRead",
- xmlSecKeyStoreGetName(store));
+ xmlSecKeyStoreGetName(store));
xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
xmlSecKeyDestroy(key);
xmlFreeDoc(doc);
xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
if(xmlSecKeyIsValid(key)) {
- ret = xmlSecSimpleKeysStoreAdoptKey(store, key);
+ ret = adoptKeyFunc(store, key);
if(ret < 0) {
- xmlSecInternalError("xmlSecSimpleKeysStoreAdoptKey",
- xmlSecKeyStoreGetName(store));
+ xmlSecInternalError("adoptKeyFunc",
+ xmlSecKeyStoreGetName(store));
xmlSecKeyDestroy(key);
xmlFreeDoc(doc);
return(-1);
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId), -1);
xmlSecAssert2(filename != NULL, -1);
- list = xmlSecSimpleKeysStoreGetList(store);
+ list = xmlSecSimpleKeysStoreGetCtx(store);
xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyPtrListId), -1);
/* create doc */
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId), NULL);
- list = xmlSecSimpleKeysStoreGetList(store);
+ list = xmlSecSimpleKeysStoreGetCtx(store);
xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyPtrListId), NULL);
return list;
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId), -1);
- list = xmlSecSimpleKeysStoreGetList(store);
+ list = xmlSecSimpleKeysStoreGetCtx(store);
xmlSecAssert2(list != NULL, -1);
ret = xmlSecPtrListInitialize(list, xmlSecKeyPtrListId);
xmlSecAssert(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId));
- list = xmlSecSimpleKeysStoreGetList(store);
+ list = xmlSecSimpleKeysStoreGetCtx(store);
xmlSecAssert(list != NULL);
xmlSecPtrListFinalize(list);
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId), NULL);
xmlSecAssert2(keyInfoCtx != NULL, NULL);
- list = xmlSecSimpleKeysStoreGetList(store);
+ list = xmlSecSimpleKeysStoreGetCtx(store);
xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyPtrListId), NULL);
size = xmlSecPtrListGetSize(list);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_aes_des
#include <xmlsec/errors.h>
#include "kw_aes_des.h"
+#include "cast_helpers.h"
+#include "keysdata_helpers.h"
#ifndef XMLSEC_NO_DES
-static int xmlSecKWDes3BufferReverse (xmlSecByte *buf,
+
+/*********************************************************************
+*
+* Triple DES helper functions
+*
+********************************************************************/
+static int xmlSecKWDes3Encode (xmlSecKWDes3Id kwDes3Id,
+ xmlSecTransformPtr transform,
+ const xmlSecByte* in,
+ xmlSecSize inSize,
+ xmlSecByte* out,
+ xmlSecSize outSize,
+ xmlSecSize* outWritten);
+static int xmlSecKWDes3Decode (xmlSecKWDes3Id kwDes3Id,
+ xmlSecTransformPtr transform,
+ const xmlSecByte* in,
+ xmlSecSize inSize,
+ xmlSecByte* out,
+ xmlSecSize outSize,
+ xmlSecSize* outWritten);
+static int xmlSecKWDes3BufferReverse (xmlSecByte *buf,
xmlSecSize size);
+/*********************************************************************
+ *
+ * Triple DES Key Wrap transform
+ *
+ ********************************************************************/
+int
+xmlSecTransformKWDes3Initialize(xmlSecTransformPtr transform, xmlSecTransformKWDes3CtxPtr ctx,
+ xmlSecKWDes3Id kwDes3Id, xmlSecKeyDataId keyId) {
+ int ret;
+
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(kwDes3Id != NULL, -1);
+ xmlSecAssert2(keyId != NULL, -1);
+
+ ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize", xmlSecTransformGetName(transform));
+ return(-1);
+ }
+ ctx->kwDes3Id = kwDes3Id;
+ ctx->keyId = keyId;
+
+ return(0);
+}
+
+void
+xmlSecTransformKWDes3Finalize(xmlSecTransformPtr transform, xmlSecTransformKWDes3CtxPtr ctx) {
+ xmlSecAssert(transform != NULL);
+ xmlSecAssert(ctx != NULL);
+
+ xmlSecBufferFinalize(&(ctx->keyBuffer));
+}
+
+int
+xmlSecTransformKWDes3SetKeyReq(xmlSecTransformPtr transform, xmlSecTransformKWDes3CtxPtr ctx,
+ xmlSecKeyReqPtr keyReq) {
+ keyReq->keyId = ctx->keyId;
+ keyReq->keyType = xmlSecKeyDataTypeSymmetric;
+ if(transform->operation == xmlSecTransformOperationEncrypt) {
+ keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+ } else {
+ keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+ }
+ keyReq->keyBitsSize = 8 * XMLSEC_KW_DES3_KEY_LENGTH;
+ return(0);
+}
+
+int
+xmlSecTransformKWDes3SetKey(xmlSecTransformPtr transform, xmlSecTransformKWDes3CtxPtr ctx,
+ xmlSecKeyPtr key) {
+ xmlSecBufferPtr buffer;
+ xmlSecSize keySize;
+ int ret;
+
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->keyId != NULL, -1);
+ xmlSecAssert2(key != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), ctx->keyId), -1);
+
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
+ xmlSecAssert2(buffer != NULL, -1);
+
+ keySize = xmlSecBufferGetSize(buffer);
+ if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) {
+ xmlSecInvalidKeyDataSizeError(keySize, XMLSEC_KW_DES3_KEY_LENGTH,
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
+
+ ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferSetData(XMLSEC_KW_DES3_KEY_LENGTH)",
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
+
+ return(0);
+}
+
+int
+xmlSecTransformKWDes3Execute(xmlSecTransformPtr transform, xmlSecTransformKWDes3CtxPtr ctx, int last) {
+ xmlSecBufferPtr in, out;
+ xmlSecSize inSize, outSize, keySize;
+ int ret;
+
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->kwDes3Id != NULL, -1);
+
+ keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
+ xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
+
+ in = &(transform->inBuf);
+ out = &(transform->outBuf);
+ inSize = xmlSecBufferGetSize(in);
+ outSize = xmlSecBufferGetSize(out);
+ xmlSecAssert2(outSize == 0, -1);
+
+ if(transform->status == xmlSecTransformStatusNone) {
+ transform->status = xmlSecTransformStatusWorking;
+ }
+
+ if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
+ /* just do nothing */
+ } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
+ if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
+ xmlSecInvalidSizeNotMultipleOfError("Input data",
+ inSize, XMLSEC_KW_DES3_BLOCK_LENGTH,
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
+
+ if(transform->operation == xmlSecTransformOperationEncrypt) {
+ /* the encoded key might be 16 bytes longer plus one block just in case */
+ outSize = inSize + XMLSEC_KW_DES3_IV_LENGTH +
+ XMLSEC_KW_DES3_BLOCK_LENGTH +
+ XMLSEC_KW_DES3_BLOCK_LENGTH;
+ } else {
+ /* just in case, add a block */
+ outSize = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH;
+ }
+
+ ret = xmlSecBufferSetMaxSize(out, outSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetMaxSize",
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
+ return(-1);
+ }
+
+ if(transform->operation == xmlSecTransformOperationEncrypt) {
+ ret = xmlSecKWDes3Encode(ctx->kwDes3Id, transform, xmlSecBufferGetData(in), inSize,
+ xmlSecBufferGetData(out), outSize, &outSize);
+ if(ret < 0) {
+ xmlSecInternalError4("xmlSecKWDes3Encode", xmlSecTransformGetName(transform),
+ "keySize=" XMLSEC_SIZE_FMT "; inSize=" XMLSEC_SIZE_FMT "; outSize=" XMLSEC_SIZE_FMT,
+ keySize, inSize, outSize);
+
+ return(-1);
+ }
+ } else {
+ ret = xmlSecKWDes3Decode(ctx->kwDes3Id, transform, xmlSecBufferGetData(in), inSize,
+ xmlSecBufferGetData(out), outSize, &outSize);
+ if(ret < 0) {
+ xmlSecInternalError4("xmlSecKWDes3Decode", xmlSecTransformGetName(transform),
+ "keySize=" XMLSEC_SIZE_FMT "; inSize=" XMLSEC_SIZE_FMT "; outSize=" XMLSEC_SIZE_FMT,
+ keySize, inSize, outSize);
+
+ return(-1);
+ }
+ }
+
+ ret = xmlSecBufferSetSize(out, outSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
+ return(-1);
+ }
+
+ ret = xmlSecBufferRemoveHead(in, inSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferRemoveHead",
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
+ return(-1);
+ }
+
+ transform->status = xmlSecTransformStatusFinished;
+ } else if(transform->status == xmlSecTransformStatusFinished) {
+ /* the only way we can get here is if there is no input */
+ xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+ } else {
+ xmlSecInvalidTransfromStatusError(transform);
+ return(-1);
+ }
+
+ return(0);
+}
+
+
+
+
/********************************************************************
*
* CMS Triple DES Key Wrap
};
int
-xmlSecKWDes3Encode(xmlSecKWDes3Id kwDes3Id, void *context,
+xmlSecKWDes3Encode(xmlSecKWDes3Id kwDes3Id, xmlSecTransformPtr transform,
const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize) {
+ xmlSecByte *out, xmlSecSize outSize,
+ xmlSecSize* outWritten) {
xmlSecByte sha1[XMLSEC_KW_DES3_SHA_DIGEST_LENGTH];
xmlSecByte iv[XMLSEC_KW_DES3_IV_LENGTH];
- xmlSecSize s;
+ xmlSecSize tmpSize, outWritten2;
int ret;
xmlSecAssert2(xmlSecKWDes3CheckId(kwDes3Id), -1);
- xmlSecAssert2(context != NULL, -1);
+ xmlSecAssert2(transform != NULL, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize + XMLSEC_KW_DES3_BLOCK_LENGTH + XMLSEC_KW_DES3_IV_LENGTH, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
/* step 2: calculate sha1 and CMS */
- ret = kwDes3Id->sha1(context, in, inSize, sha1, sizeof(sha1));
- if((ret < 0) || (ret != sizeof(sha1))) {
- xmlSecInternalError("kwDes3Id->sha1", NULL);
+ outWritten2 = 0;
+ ret = kwDes3Id->sha1(transform, in, inSize, sha1, sizeof(sha1), &outWritten2);
+ if((ret < 0) || (outWritten2 != sizeof(sha1))) {
+ xmlSecInternalError2("kwDes3Id->sha1", NULL,
+ "outWritten2=" XMLSEC_SIZE_FMT, outWritten2);
return(-1);
}
memcpy(out + inSize, sha1, XMLSEC_KW_DES3_BLOCK_LENGTH);
/* step 4: generate random iv */
- ret = kwDes3Id->generateRandom(context, iv, sizeof(iv));
- if((ret < 0) || (ret != sizeof(iv))) {
- xmlSecInternalError("kwDes3Id->generateRandom", NULL);
+ outWritten2 = 0;
+ ret = kwDes3Id->generateRandom(transform, iv, sizeof(iv), &outWritten2);
+ if((ret < 0) || (outWritten2 != sizeof(iv))) {
+ xmlSecInternalError2("kwDes3Id->generateRandom", NULL,
+ "outWritten2=" XMLSEC_SIZE_FMT, outWritten2);
return(-1);
}
/* step 5: first encryption, result is TEMP1 */
- ret = kwDes3Id->encrypt(context,
- iv, sizeof(iv),
- out, inSize + XMLSEC_KW_DES3_BLOCK_LENGTH,
- out, outSize);
- if((ret < 0) || ((xmlSecSize)ret != inSize + XMLSEC_KW_DES3_BLOCK_LENGTH)) {
+ outWritten2 = 0;
+ ret = kwDes3Id->encrypt(transform, iv, sizeof(iv),
+ out, inSize + XMLSEC_KW_DES3_BLOCK_LENGTH,
+ out, outSize, &outWritten2);
+ if(ret < 0) {
xmlSecInternalError("kwDes3Id->encrypt", NULL);
return(-1);
}
+ if((inSize + XMLSEC_KW_DES3_BLOCK_LENGTH) != outWritten2) {
+ xmlSecInvalidSizeError("kwDes3Id->encrypt",
+ outWritten2, (inSize + XMLSEC_KW_DES3_BLOCK_LENGTH), NULL);
+ return(-1);
+ }
/* step 6: construct TEMP2=IV || TEMP1 */
- memmove(out + XMLSEC_KW_DES3_IV_LENGTH, out, inSize + XMLSEC_KW_DES3_BLOCK_LENGTH);
+ memmove(out + XMLSEC_KW_DES3_IV_LENGTH, out, outWritten2);
memcpy(out, iv, XMLSEC_KW_DES3_IV_LENGTH);
- s = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH + XMLSEC_KW_DES3_IV_LENGTH;
+ tmpSize = XMLSEC_KW_DES3_IV_LENGTH + outWritten2;
/* step 7: reverse octets order, result is TEMP3 */
- ret = xmlSecKWDes3BufferReverse(out, s);
+ ret = xmlSecKWDes3BufferReverse(out, tmpSize);
if(ret < 0) {
xmlSecInternalError("xmlSecKWDes3BufferReverse", NULL);
return(-1);
}
/* step 8: second encryption with static IV */
- ret = kwDes3Id->encrypt(context,
- xmlSecKWDes3Iv, sizeof(xmlSecKWDes3Iv),
- out, s,
- out, outSize);
- if((ret < 0) || ((xmlSecSize)ret != s)) {
+ outWritten2 = 0;
+ ret = kwDes3Id->encrypt(transform, xmlSecKWDes3Iv, sizeof(xmlSecKWDes3Iv),
+ out, tmpSize, out, outSize, &outWritten2);
+ if(ret < 0) {
xmlSecInternalError("kwDes3Id->encrypt", NULL);
return(-1);
}
+ if(tmpSize != outWritten2) {
+ xmlSecInvalidSizeError("kwDes3Id->encrypt", tmpSize, outWritten2, NULL);
+ return(-1);
+ }
+ (*outWritten) = outWritten2;
- s = ret;
- return(s);
+ /* done */
+ return(0);
}
int
-xmlSecKWDes3Decode(xmlSecKWDes3Id kwDes3Id, void *context,
+xmlSecKWDes3Decode(xmlSecKWDes3Id kwDes3Id, xmlSecTransformPtr transform,
const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize)
+ xmlSecByte *out, xmlSecSize outSize,
+ xmlSecSize* outWritten)
{
xmlSecByte sha1[XMLSEC_KW_DES3_SHA_DIGEST_LENGTH];
- xmlSecBufferPtr tmp;
- xmlSecSize s;
+ xmlSecBufferPtr tmp = NULL;
+ xmlSecByte* tmpBuf;
+ xmlSecSize tmpSize, outSz, outWritten2;
int ret;
+ int res = -1;
xmlSecAssert2(xmlSecKWDes3CheckId(kwDes3Id), -1);
- xmlSecAssert2(context != NULL, -1);
+ xmlSecAssert2(transform != NULL, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
-
+ xmlSecAssert2(outWritten != NULL, -1);
/* step 2: first decryption with static IV, result is TEMP3 */
tmp = xmlSecBufferCreate(inSize);
if(tmp == NULL) {
- xmlSecInternalError2("xmlSecBufferCreate", NULL, "inSize=%d", (int)inSize);
- return(-1);
+ xmlSecInternalError2("xmlSecBufferCreate", NULL,
+ "inSize=" XMLSEC_SIZE_FMT, inSize);
+ goto done;
}
-
- ret = kwDes3Id->decrypt(context,
- xmlSecKWDes3Iv, sizeof(xmlSecKWDes3Iv),
- in, inSize,
- xmlSecBufferGetData(tmp), xmlSecBufferGetMaxSize(tmp));
- if((ret < 0) || (ret < XMLSEC_KW_DES3_IV_LENGTH)) {
+ tmpBuf = xmlSecBufferGetData(tmp);
+ tmpSize = xmlSecBufferGetMaxSize(tmp);
+
+ outWritten2 = 0;
+ ret = kwDes3Id->decrypt(transform, xmlSecKWDes3Iv, sizeof(xmlSecKWDes3Iv),
+ in, inSize, tmpBuf, tmpSize, &outWritten2);
+ if(ret < 0) {
xmlSecInternalError("kwDes3Id->decrypt", NULL);
- xmlSecBufferDestroy(tmp);
- return(-1);
+ goto done;
+ }
+ if (outWritten2 < XMLSEC_KW_DES3_IV_LENGTH) {
+ xmlSecInvalidSizeLessThanError("kwDes3Id->decrypt(iv)",
+ outWritten2, XMLSEC_KW_DES3_IV_LENGTH, NULL);
+ goto done;
}
- s = ret;
+ tmpSize = outWritten2;
/* step 3: reverse octets order in TEMP3, result is TEMP2 */
- ret = xmlSecKWDes3BufferReverse(xmlSecBufferGetData(tmp), s);
+ ret = xmlSecKWDes3BufferReverse(xmlSecBufferGetData(tmp), tmpSize);
if(ret < 0) {
xmlSecInternalError("xmlSecKWDes3BufferReverse", NULL);
- xmlSecBufferDestroy(tmp);
- return(-1);
+ goto done;
}
/* steps 4 and 5: get IV and decrypt second time, result is WKCKS */
- ret = kwDes3Id->decrypt(context,
- xmlSecBufferGetData(tmp), XMLSEC_KW_DES3_IV_LENGTH,
- xmlSecBufferGetData(tmp) + XMLSEC_KW_DES3_IV_LENGTH, s - XMLSEC_KW_DES3_IV_LENGTH,
- out, outSize);
- if((ret < 0) || (ret < XMLSEC_KW_DES3_BLOCK_LENGTH)) {
+ outWritten2 = 0;
+ ret = kwDes3Id->decrypt(transform,
+ tmpBuf, XMLSEC_KW_DES3_IV_LENGTH,
+ tmpBuf + XMLSEC_KW_DES3_IV_LENGTH,
+ tmpSize - XMLSEC_KW_DES3_IV_LENGTH,
+ out, outSize, &outWritten2);
+ if(ret < 0) {
xmlSecInternalError("kwDes3Id->decrypt", NULL);
- xmlSecBufferDestroy(tmp);
- return(-1);
+ goto done;
}
- s = ret - XMLSEC_KW_DES3_BLOCK_LENGTH;
+ if (outWritten2 < XMLSEC_KW_DES3_BLOCK_LENGTH) {
+ xmlSecInvalidSizeLessThanError("kwDes3Id->decrypt(block)",
+ outWritten2, XMLSEC_KW_DES3_BLOCK_LENGTH, NULL);
+ goto done;
+ }
+ outSz = outWritten2 - XMLSEC_KW_DES3_BLOCK_LENGTH;
/* steps 6 and 7: calculate SHA1 and validate it */
- ret = kwDes3Id->sha1(context,
- out, s,
- sha1, sizeof(sha1));
- if((ret < 0) || (ret != sizeof(sha1))) {
- xmlSecInternalError("kwDes3Id->sha1", NULL);
- xmlSecBufferDestroy(tmp);
- return(-1);
+ outWritten2 = 0;
+ ret = kwDes3Id->sha1(transform, out, outSz, sha1, sizeof(sha1), &outWritten2);
+ if((ret < 0) || (outWritten2 != sizeof(sha1))) {
+ xmlSecInternalError2("kwDes3Id->sha1", NULL, "outWritten2=" XMLSEC_SIZE_FMT, outWritten2);
+ goto done;
}
/* check sha1 */
xmlSecAssert2(XMLSEC_KW_DES3_BLOCK_LENGTH <= sizeof(sha1), -1);
- if(memcmp(sha1, out + s, XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
+ if(memcmp(sha1, out + outSz, XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
xmlSecInvalidDataError("SHA1 does not match", NULL);
- xmlSecBufferDestroy(tmp);
- return(-1);
+ goto done;
}
- /* done */
- xmlSecBufferDestroy(tmp);
- return(s);
+ /* success */
+ (*outWritten) = outSz;
+ res = 0;
+
+done:
+ if(tmp != NULL) {
+ xmlSecBufferDestroy(tmp);
+ }
+ return(res);
}
static int
-xmlSecKWDes3BufferReverse(xmlSecByte *buf, xmlSecSize size)
+xmlSecKWDes3BufferReverse(xmlSecByte *buf, xmlSecSize size)
{
- xmlSecByte * p;\r
- xmlSecByte ch;\r
-\r
- xmlSecAssert2(buf != NULL, -1);\r
- xmlSecAssert2(size > 0, -1);\r
-\r
- for(p = buf + size - 1; p >= buf; ++buf, --p) {\r
- ch = (*p);\r
- (*p) = (*buf);\r
- (*buf) = ch;\r
- }\r
- return (0);\r
-}
+ xmlSecByte * p;
+ xmlSecByte ch;
-#endif /* XMLSEC_NO_DES */
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(size > 0, -1);
+ for(p = buf + size - 1; p >= buf; ++buf, --p) {
+ ch = (*p);
+ (*p) = (*buf);
+ (*buf) = ch;
+ }
+ return (0);
+}
+#endif /* XMLSEC_NO_DES */
#ifndef XMLSEC_NO_AES
+static int xmlSecKWAesEncode (xmlSecKWAesId kwAesId,
+ xmlSecTransformPtr transform,
+ const xmlSecByte* in,
+ xmlSecSize inSize,
+ xmlSecByte* out,
+ xmlSecSize outSize,
+ xmlSecSize* outWritten);
+
+static int xmlSecKWAesDecode (xmlSecKWAesId kwAesId,
+ xmlSecTransformPtr transform,
+ const xmlSecByte* in,
+ xmlSecSize inSize,
+ xmlSecByte* out,
+ xmlSecSize outSize,
+ xmlSecSize* outWritten);
+
+int
+xmlSecTransformKWAesInitialize(xmlSecTransformPtr transform, xmlSecTransformKWAesCtxPtr ctx,
+ xmlSecKWAesId kwAesId, xmlSecKeyDataId keyId,
+ xmlSecSize keyExpectedSize) {
+ int ret;
+
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(kwAesId != NULL, -1);
+ xmlSecAssert2(keyId != NULL, -1);
+ xmlSecAssert2(keyExpectedSize > 0, -1);
+
+ ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize", xmlSecTransformGetName(transform));
+ return(-1);
+ }
+ ctx->kwAesId = kwAesId;
+ ctx->keyId = keyId;
+ ctx->keyExpectedSize = keyExpectedSize;
+
+ return(0);
+}
+
+void
+xmlSecTransformKWAesFinalize(xmlSecTransformPtr transform, xmlSecTransformKWAesCtxPtr ctx) {
+ xmlSecAssert(transform != NULL);
+ xmlSecAssert(ctx != NULL);
+
+ xmlSecBufferFinalize(&(ctx->keyBuffer));
+}
+
+int
+xmlSecTransformKWAesSetKeyReq(xmlSecTransformPtr transform, xmlSecTransformKWAesCtxPtr ctx,
+ xmlSecKeyReqPtr keyReq) {
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->keyId != NULL, -1);
+ xmlSecAssert2(keyReq != NULL, -1);
+
+ keyReq->keyId = ctx->keyId;;
+ keyReq->keyType = xmlSecKeyDataTypeSymmetric;
+ if(transform->operation == xmlSecTransformOperationEncrypt) {
+ keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+ } else {
+ keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+ }
+ keyReq->keyBitsSize = 8 * ctx->keyExpectedSize;
+ return(0);
+}
+
+int
+xmlSecTransformKWAesSetKey(xmlSecTransformPtr transform, xmlSecTransformKWAesCtxPtr ctx,
+ xmlSecKeyPtr key) {
+ xmlSecBufferPtr buffer;
+ xmlSecSize keySize;
+ int ret;
+
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->keyId != NULL, -1);
+ xmlSecAssert2(key != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), ctx->keyId), -1);
+
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
+ xmlSecAssert2(buffer != NULL, -1);
+
+ keySize = xmlSecBufferGetSize(buffer);
+ if(keySize < ctx->keyExpectedSize) {
+ xmlSecInvalidKeyDataSizeError(keySize, ctx->keyExpectedSize,
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
+
+ ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer),
+ ctx->keyExpectedSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData", xmlSecTransformGetName(transform),
+ "expected-size=" XMLSEC_SIZE_FMT, ctx->keyExpectedSize);
+ return(-1);
+ }
+
+ return(0);
+}
+
+int
+xmlSecTransformKWAesExecute(xmlSecTransformPtr transform, xmlSecTransformKWAesCtxPtr ctx, int last) {
+ xmlSecBufferPtr in, out;
+ xmlSecSize inSize, outSize, keySize;
+ int ret;
+
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->kwAesId != NULL, -1);
+
+ keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
+ xmlSecAssert2(keySize == ctx->keyExpectedSize, -1);
+
+ in = &(transform->inBuf);
+ out = &(transform->outBuf);
+ inSize = xmlSecBufferGetSize(in);
+ outSize = xmlSecBufferGetSize(out);
+ xmlSecAssert2(outSize == 0, -1);
+
+ if(transform->status == xmlSecTransformStatusNone) {
+ transform->status = xmlSecTransformStatusWorking;
+ }
+
+ if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
+ /* just do nothing */
+ } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
+ if((inSize % XMLSEC_KW_AES_IN_SIZE_MULTIPLY) != 0) {
+ xmlSecInvalidSizeNotMultipleOfError("Input data",
+ inSize, XMLSEC_KW_AES_IN_SIZE_MULTIPLY,
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
+
+ if(transform->operation == xmlSecTransformOperationEncrypt) {
+ /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
+ outSize = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE +
+ XMLSEC_KW_AES_BLOCK_SIZE;
+ } else {
+ outSize = inSize + XMLSEC_KW_AES_BLOCK_SIZE;
+ }
+
+ ret = xmlSecBufferSetMaxSize(out, outSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetMaxSize",
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
+ return(-1);
+ }
+
+ if(transform->operation == xmlSecTransformOperationEncrypt) {
+ ret = xmlSecKWAesEncode(ctx->kwAesId, transform,
+ xmlSecBufferGetData(in), inSize,
+ xmlSecBufferGetData(out), outSize,
+ &outSize);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKWAesEncode", xmlSecTransformGetName(transform));
+ return(-1);
+ }
+ } else {
+ ret = xmlSecKWAesDecode(ctx->kwAesId, transform,
+ xmlSecBufferGetData(in), inSize,
+ xmlSecBufferGetData(out), outSize,
+ &outSize);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKWAesDecode", xmlSecTransformGetName(transform));
+ return(-1);
+ }
+ }
+
+ ret = xmlSecBufferSetSize(out, outSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize",
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
+ return(-1);
+ }
+
+ ret = xmlSecBufferRemoveHead(in, inSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferRemoveHead",
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
+ return(-1);
+ }
+
+ transform->status = xmlSecTransformStatusFinished;
+ } else if(transform->status == xmlSecTransformStatusFinished) {
+ /* the only way we can get here is if there is no input */
+ xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+ } else {
+ xmlSecInvalidTransfromStatusError(transform);
+ return(-1);
+ }
+ return(0);
+}
+
+
/********************************************************************
*
* KT AES
};
int
-xmlSecKWAesEncode(xmlSecKWAesId kwAesId, void *context,
+xmlSecKWAesEncode(xmlSecKWAesId kwAesId, xmlSecTransformPtr transform,
const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize) {
+ xmlSecByte *out, xmlSecSize outSize,
+ xmlSecSize* outWritten) {
xmlSecByte block[XMLSEC_KW_AES_BLOCK_SIZE];
xmlSecByte *p;
- int N, i, j, t;
+ xmlSecSize NN, ii, jj, tt, outWritten2;
int ret;
xmlSecAssert2(kwAesId != NULL, -1);
xmlSecAssert2(kwAesId->encrypt != NULL, -1);
xmlSecAssert2(kwAesId->decrypt != NULL, -1);
- xmlSecAssert2(context != NULL, -1);
+ xmlSecAssert2(transform != NULL, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
/* prepend magic block */
if(in != out) {
}
memcpy(out, xmlSecKWAesMagicBlock, XMLSEC_KW_AES_MAGIC_BLOCK_SIZE);
- N = (inSize / 8);
- if(N == 1) {
- ret = kwAesId->encrypt(out, inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE, out, outSize, context);
- if(ret < 0) {
- xmlSecInternalError("kwAesId->encrypt", NULL);
+ NN = (inSize / 8);
+ if(NN == 1) {
+ outWritten2 = 0;
+ ret = kwAesId->encrypt(transform, out, inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE,
+ out, outSize, &outWritten2);
+ if((ret < 0) || (outWritten2 != XMLSEC_KW_AES_BLOCK_SIZE)) {
+ xmlSecInternalError2("kwAesId->encrypt", NULL,
+ "outWritten2=" XMLSEC_SIZE_FMT, outWritten2);
return(-1);
}
} else {
- for(j = 0; j <= 5; ++j) {
- for(i = 1; i <= N; ++i) {
- t = i + (j * N);
- p = out + i * 8;
+ for(jj = 0; jj <= 5; ++jj) {
+ for(ii = 1; ii <= NN; ++ii) {
+ tt = ii + (jj * NN);
+ p = out + ii * 8;
memcpy(block, out, 8);
memcpy(block + 8, p, 8);
- ret = kwAesId->encrypt(block, sizeof(block), block, sizeof(block), context);
- if(ret < 0) {
- xmlSecInternalError("kwAesId->encrypt", NULL);
+ outWritten2 = 0;
+ ret = kwAesId->encrypt(transform, block, sizeof(block),
+ block, sizeof(block), &outWritten2);
+ if((ret < 0) || (outWritten2 != XMLSEC_KW_AES_BLOCK_SIZE)) {
+ xmlSecInternalError2("kwAesId->encrypt", NULL,
+ "outWritten2=" XMLSEC_SIZE_FMT, outWritten2);
return(-1);
}
- block[7] ^= t;
+ block[7] ^= (xmlSecByte)tt;
memcpy(out, block, 8);
memcpy(p, block + 8, 8);
}
}
}
-
- return(inSize + 8);
+ /* don't forget the magic block */
+ (*outWritten) = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE;
+ return(0);
}
int
-xmlSecKWAesDecode(xmlSecKWAesId kwAesId, void *context,
+xmlSecKWAesDecode(xmlSecKWAesId kwAesId, xmlSecTransformPtr transform,
const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize) {
+ xmlSecByte *out, xmlSecSize outSize,
+ xmlSecSize* outWritten) {
xmlSecByte block[XMLSEC_KW_AES_BLOCK_SIZE];
xmlSecByte *p;
- int N, i, j, t;
+ xmlSecSize NN, ii, jj, tt, outWritten2;
int ret;
xmlSecAssert2(kwAesId != NULL, -1);
xmlSecAssert2(kwAesId->encrypt != NULL, -1);
xmlSecAssert2(kwAesId->decrypt != NULL, -1);
- xmlSecAssert2(context != NULL, -1);
+ xmlSecAssert2(transform != NULL, -1);
xmlSecAssert2(in != NULL, -1);
- xmlSecAssert2(inSize > 0, -1);
+ xmlSecAssert2(inSize >= XMLSEC_KW_AES_MAGIC_BLOCK_SIZE, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
/* copy input */
if(in != out) {
memcpy(out, in, inSize);
}
- N = (inSize / 8) - 1;
- if(N == 1) {
- ret = kwAesId->decrypt(out, inSize, out, outSize, context);
- if(ret < 0) {
- xmlSecInternalError("kwAesId->decrypt", NULL);
+ NN = (inSize / 8) - 1;
+ if(NN == 1) {
+ outWritten2 = 0;
+ ret = kwAesId->decrypt(transform, out, inSize,
+ out, outSize, &outWritten2);
+ if((ret < 0) || (outWritten2 != XMLSEC_KW_AES_BLOCK_SIZE)) {
+ xmlSecInternalError2("kwAesId->decrypt", NULL,
+ "outWritten2=" XMLSEC_SIZE_FMT, outWritten2);
return(-1);
}
} else {
- for(j = 5; j >= 0; --j) {
- for(i = N; i > 0; --i) {
- t = i + (j * N);
- p = out + i * 8;
+ for(jj = 6; jj > 0; --jj) {
+ for(ii = NN; ii > 0; --ii) {
+ tt = ii + ((jj - 1) * NN);
+ p = out + ii * 8;
memcpy(block, out, 8);
memcpy(block + 8, p, 8);
- block[7] ^= t;
-
- ret = kwAesId->decrypt(block, sizeof(block), block, sizeof(block), context);
- if(ret < 0) {
- xmlSecInternalError("kwAesId->decrypt", NULL);
+ block[7] ^= (xmlSecByte)tt;
+
+ outWritten2 = 0;
+ ret = kwAesId->decrypt(transform, block, sizeof(block),
+ block, sizeof(block), &outWritten2);
+ if((ret < 0) || (outWritten2 != XMLSEC_KW_AES_BLOCK_SIZE)) {
+ xmlSecInternalError2("kwAesId->decrypt", NULL,
+ "outWritten2=" XMLSEC_SIZE_FMT, outWritten2);
return(-1);
}
memcpy(out, block, 8);
/* get rid of magic block */
memmove(out, out + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE, inSize - XMLSEC_KW_AES_MAGIC_BLOCK_SIZE);
- return(inSize - XMLSEC_KW_AES_MAGIC_BLOCK_SIZE);
+ (*outWritten) = inSize - XMLSEC_KW_AES_MAGIC_BLOCK_SIZE;
+ return(0);
}
#endif /* XMLSEC_NO_AES */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_KT_AES_DES_H__
#define __XMLSEC_KT_AES_DES_H__
#ifndef XMLSEC_PRIVATE
-#error "private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
+#error "this file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
#endif /* XMLSEC_PRIVATE */
+#include <xmlsec/exports.h>
+#include <xmlsec/transforms.h>
+
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
* KT DES
*
********************************************************************/
-#define XMLSEC_KW_DES3_KEY_LENGTH 24
-#define XMLSEC_KW_DES3_IV_LENGTH 8
-#define XMLSEC_KW_DES3_BLOCK_LENGTH 8
-#define XMLSEC_KW_DES3_SHA_DIGEST_LENGTH 20
+#define XMLSEC_KW_DES3_KEY_LENGTH ((xmlSecSize)24)
+#define XMLSEC_KW_DES3_IV_LENGTH ((xmlSecSize)8)
+#define XMLSEC_KW_DES3_BLOCK_LENGTH ((xmlSecSize)8)
+#define XMLSEC_KW_DES3_SHA_DIGEST_LENGTH ((xmlSecSize)20)
-typedef int (*xmlSecKWDes3Sha1Method) (void * context,
+typedef int (*xmlSecKWDes3Sha1Method) (xmlSecTransformPtr transform,
const xmlSecByte * in,
xmlSecSize inSize,
xmlSecByte * out,
- xmlSecSize outSize);
-typedef int (*xmlSecKWDes3GenerateRandomMethod) (void * context,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+typedef int (*xmlSecKWDes3GenerateRandomMethod) (xmlSecTransformPtr transform,
xmlSecByte * out,
- xmlSecSize outSize);
-typedef int (*xmlSecKWDes3BlockEncryptMethod) (void * context,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+typedef int (*xmlSecKWDes3BlockEncryptMethod) (xmlSecTransformPtr transform,
const xmlSecByte * iv,
xmlSecSize ivSize,
const xmlSecByte * in,
xmlSecSize inSize,
xmlSecByte * out,
- xmlSecSize outSize);
-typedef int (*xmlSecKWDes3BlockDecryptMethod) (void * context,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+typedef int (*xmlSecKWDes3BlockDecryptMethod) (xmlSecTransformPtr transform,
const xmlSecByte * iv,
xmlSecSize ivSize,
const xmlSecByte * in,
xmlSecSize inSize,
xmlSecByte * out,
- xmlSecSize outSize);
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
struct _xmlSecKWDes3Klass {
/* for the future */
void* reserved0;
void* reserved1;
-};
+};
typedef const struct _xmlSecKWDes3Klass xmlSecKWDes3Klass,
*xmlSecKWDes3Id;
((id)->decrypt != NULL) \
)
-XMLSEC_EXPORT int
-xmlSecKWDes3Encode(xmlSecKWDes3Id kwDes3Id, void *context,
- const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize);
-XMLSEC_EXPORT int
-xmlSecKWDes3Decode(xmlSecKWDes3Id kwDes3Id, void *context,
- const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize);
+/*********************************************************************
+ *
+ * Triple DES Key Wrap transform
+ *
+ ********************************************************************/
+typedef struct _xmlSecTransformKWDes3Ctx xmlSecTransformKWDes3Ctx,
+ *xmlSecTransformKWDes3CtxPtr;
+struct _xmlSecTransformKWDes3Ctx {
+ xmlSecKWDes3Id kwDes3Id;
+ xmlSecKeyDataId keyId;
+ xmlSecBuffer keyBuffer;
+};
+
+XMLSEC_EXPORT int xmlSecTransformKWDes3Initialize (xmlSecTransformPtr transform,
+ xmlSecTransformKWDes3CtxPtr ctx,
+ xmlSecKWDes3Id kwDes3Id,
+ xmlSecKeyDataId keyId);
+XMLSEC_EXPORT void xmlSecTransformKWDes3Finalize (xmlSecTransformPtr transform,
+ xmlSecTransformKWDes3CtxPtr ctx);
+XMLSEC_EXPORT int xmlSecTransformKWDes3SetKeyReq (xmlSecTransformPtr transform,
+ xmlSecTransformKWDes3CtxPtr ctx,
+ xmlSecKeyReqPtr keyReq);
+XMLSEC_EXPORT int xmlSecTransformKWDes3SetKey (xmlSecTransformPtr transform,
+ xmlSecTransformKWDes3CtxPtr ctx,
+ xmlSecKeyPtr key);
+XMLSEC_EXPORT int xmlSecTransformKWDes3Execute (xmlSecTransformPtr transform,
+ xmlSecTransformKWDes3CtxPtr ctx,
+ int last);
#endif /* XMLSEC_NO_DES */
#ifndef XMLSEC_NO_AES
* KT AES
*
********************************************************************/
-#define XMLSEC_KW_AES_MAGIC_BLOCK_SIZE 8
-#define XMLSEC_KW_AES_BLOCK_SIZE 16
-#define XMLSEC_KW_AES128_KEY_SIZE 16
-#define XMLSEC_KW_AES192_KEY_SIZE 24
-#define XMLSEC_KW_AES256_KEY_SIZE 32
-
-typedef int (*xmlSecKWAesBlockEncryptMethod) (const xmlSecByte * in,
+#define XMLSEC_KW_AES_IN_SIZE_MULTIPLY ((xmlSecSize)8)
+#define XMLSEC_KW_AES_MAGIC_BLOCK_SIZE ((xmlSecSize)8)
+#define XMLSEC_KW_AES_BLOCK_SIZE ((xmlSecSize)16)
+#define XMLSEC_KW_AES128_KEY_SIZE ((xmlSecSize)16)
+#define XMLSEC_KW_AES192_KEY_SIZE ((xmlSecSize)24)
+#define XMLSEC_KW_AES256_KEY_SIZE ((xmlSecSize)32)
+
+typedef int (*xmlSecKWAesBlockEncryptMethod) (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
xmlSecSize inSize,
xmlSecByte * out,
xmlSecSize outSize,
- void * context);
-typedef int (*xmlSecKWAesBlockDecryptMethod) (const xmlSecByte * in,
+ xmlSecSize * outWritten);
+typedef int (*xmlSecKWAesBlockDecryptMethod) (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
xmlSecSize inSize,
xmlSecByte * out,
xmlSecSize outSize,
- void * context);
+ xmlSecSize * outWritten);
struct _xmlSecKWAesKlass {
/* for the future */
void* reserved0;
void* reserved1;
-};
+};
typedef const struct _xmlSecKWAesKlass xmlSecKWAesKlass,
*xmlSecKWAesId;
-XMLSEC_EXPORT int
-xmlSecKWAesEncode(xmlSecKWAesId kwAesId, void *context,
- const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize);
-
-XMLSEC_EXPORT int
-xmlSecKWAesDecode(xmlSecKWAesId kwAesId, void *context,
- const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize);
+/*********************************************************************
+ *
+ * AES KW transforms context
+ *
+ ********************************************************************/
+typedef struct _xmlSecTransformKWAesCtx xmlSecTransformKWAesCtx,
+ *xmlSecTransformKWAesCtxPtr;
+struct _xmlSecTransformKWAesCtx {
+ xmlSecKWAesId kwAesId;
+ xmlSecKeyDataId keyId;
+ xmlSecBuffer keyBuffer;
+ xmlSecSize keyExpectedSize;
+};
+
+
+XMLSEC_EXPORT int xmlSecTransformKWAesInitialize (xmlSecTransformPtr transform,
+ xmlSecTransformKWAesCtxPtr ctx,
+ xmlSecKWAesId kwAesId,
+ xmlSecKeyDataId keyId,
+ xmlSecSize keyExpectedSize);
+XMLSEC_EXPORT void xmlSecTransformKWAesFinalize (xmlSecTransformPtr transform,
+ xmlSecTransformKWAesCtxPtr ctx);
+XMLSEC_EXPORT int xmlSecTransformKWAesSetKeyReq (xmlSecTransformPtr transform,
+ xmlSecTransformKWAesCtxPtr ctx,
+ xmlSecKeyReqPtr keyReq);
+XMLSEC_EXPORT int xmlSecTransformKWAesSetKey (xmlSecTransformPtr transform,
+ xmlSecTransformKWAesCtxPtr ctx,
+ xmlSecKeyPtr key);
+XMLSEC_EXPORT int xmlSecTransformKWAesExecute (xmlSecTransformPtr transform,
+ xmlSecTransformKWAesCtxPtr ctx,
+ int last);
#endif /* XMLSEC_NO_AES */
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:list
#include <xmlsec/list.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
static int xmlSecPtrListEnsureSize (xmlSecPtrListPtr list,
xmlSecSize size);
/* allocate memory */
ret = xmlSecPtrListEnsureSize(dst, dst->use + src->use);
if(ret < 0) {
- xmlSecInternalError2("xmlSecPtrListEnsureSize",
- xmlSecPtrListGetName(src),
- "size=%d", src->use);
+ xmlSecInternalError2("xmlSecPtrListEnsureSize", xmlSecPtrListGetName(src),
+ "size=" XMLSEC_SIZE_FMT, src->use);
return(-1);
}
if((dst->id->duplicateItem != NULL) && (src->data[i] != NULL)) {
dst->data[dst->use] = dst->id->duplicateItem(src->data[i]);
if(dst->data[dst->use] == NULL) {
- xmlSecInternalError("duplicateItem",
- xmlSecPtrListGetName(src));
+ xmlSecInternalError("duplicateItem", xmlSecPtrListGetName(src));
return(-1);
}
} else {
ret = xmlSecPtrListEnsureSize(list, list->use + 1);
if(ret < 0) {
- xmlSecInternalError2("xmlSecPtrListEnsureSize",
- xmlSecPtrListGetName(list),
- "size=%d", list->use + 1);
+ xmlSecInternalError2("xmlSecPtrListEnsureSize", xmlSecPtrListGetName(list),
+ "size=" XMLSEC_SIZE_FMT, list->use + 1);
return(-1);
}
xmlSecAssert(xmlSecPtrListIsValid(list));
xmlSecAssert(output != NULL);
- fprintf(output, "=== list size: %d\n", list->use);
+ fprintf(output, "=== list size: " XMLSEC_SIZE_FMT "\n", list->use);
if(list->id->debugDumpItem != NULL) {
xmlSecSize pos;
xmlSecAssert(xmlSecPtrListIsValid(list));
xmlSecAssert(output != NULL);
- fprintf(output, "<List size=\"%d\">\n", list->use);
+ fprintf(output, "<List size=\"" XMLSEC_SIZE_FMT "\">\n", list->use);
if(list->id->debugXmlDumpItem != NULL) {
xmlSecSize pos;
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:membuf
#include <xmlsec/membuf.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
/*****************************************************************************
*
* Memory Buffer Transform
*
- * xmlSecBuffer is located after xmlSecTransform
+ * xmlSecTransform + xmlSecBuffer
*
****************************************************************************/
-#define xmlSecTransformMemBufSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecBuffer))
-#define xmlSecTransformMemBufGetBuf(transform) \
- ((xmlSecTransformCheckSize((transform), xmlSecTransformMemBufSize)) ? \
- (xmlSecBufferPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
- (xmlSecBufferPtr)NULL)
+XMLSEC_TRANSFORM_DECLARE(MemBuf, xmlSecBuffer)
+#define xmlSecMemBufSize XMLSEC_TRANSFORM_SIZE(MemBuf)
static int xmlSecTransformMemBufInitialize (xmlSecTransformPtr transform);
static void xmlSecTransformMemBufFinalize (xmlSecTransformPtr transform);
static xmlSecTransformKlass xmlSecTransformMemBufKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecTransformMemBufSize, /* xmlSecSize objSize */
+ xmlSecMemBufSize, /* xmlSecSize objSize */
xmlSecNameMemBuf, /* const xmlChar* name; */
NULL, /* const xmlChar* href; */
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformMemBufId), NULL);
- buffer = xmlSecTransformMemBufGetBuf(transform);
+ buffer = xmlSecMemBufGetCtx(transform);
xmlSecAssert2(buffer != NULL, NULL);
return(buffer);
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformMemBufId), -1);
- buffer = xmlSecTransformMemBufGetBuf(transform);
+ buffer = xmlSecMemBufGetCtx(transform);
xmlSecAssert2(buffer != NULL, -1);
ret = xmlSecBufferInitialize(buffer, 0);
xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecTransformMemBufId));
- buffer = xmlSecTransformMemBufGetBuf(transform);
+ buffer = xmlSecMemBufGetCtx(transform);
xmlSecAssert(buffer != NULL);
- xmlSecBufferFinalize(xmlSecTransformMemBufGetBuf(transform));
+ xmlSecBufferFinalize(xmlSecMemBufGetCtx(transform));
}
static int
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformMemBufId), -1);
xmlSecAssert2(transformCtx != NULL, -1);
- buffer = xmlSecTransformMemBufGetBuf(transform);
+ buffer = xmlSecMemBufGetCtx(transform);
xmlSecAssert2(buffer != NULL, -1);
in = &(transform->inBuf);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferAppend",
xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferAppend",
xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
NULL =
EXTRA_DIST = \
- README \
+ README.md \
$(NULL)
lib_LTLIBRARIES = \
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/mscng
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(libdir)"
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+libxmlsec1_mscng_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) ../libxmlsec1.la \
+ $(am__DEPENDENCIES_1)
+am__objects_1 =
+am_libxmlsec1_mscng_la_OBJECTS = libxmlsec1_mscng_la-app.lo \
+ libxmlsec1_mscng_la-certkeys.lo libxmlsec1_mscng_la-ciphers.lo \
+ libxmlsec1_mscng_la-crypto.lo libxmlsec1_mscng_la-digests.lo \
+ libxmlsec1_mscng_la-hmac.lo libxmlsec1_mscng_la-keysstore.lo \
+ libxmlsec1_mscng_la-kt_rsa.lo libxmlsec1_mscng_la-kw_aes.lo \
+ libxmlsec1_mscng_la-kw_des.lo \
+ libxmlsec1_mscng_la-signatures.lo \
+ libxmlsec1_mscng_la-symkeys.lo libxmlsec1_mscng_la-x509.lo \
+ libxmlsec1_mscng_la-x509vfy.lo $(am__objects_1)
+libxmlsec1_mscng_la_OBJECTS = $(am_libxmlsec1_mscng_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+libxmlsec1_mscng_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+ $(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_mscng_la_LDFLAGS) \
+ $(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/libxmlsec1_mscng_la-app.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-certkeys.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-ciphers.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-crypto.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-digests.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-hmac.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-keysstore.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-kt_rsa.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-kw_aes.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-kw_des.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-signatures.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-symkeys.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-x509.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscng_la-x509vfy.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(libxmlsec1_mscng_la_SOURCES)
+DIST_SOURCES = $(libxmlsec1_mscng_la_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \
+ README.md
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+EXTRA_DIST = \
+ README.md \
+ $(NULL)
+
+lib_LTLIBRARIES = \
+ libxmlsec1-mscng.la \
+ $(NULL)
+
+libxmlsec1_mscng_la_CPPFLAGS = \
+ -DPACKAGE=\"@PACKAGE@\" \
+ -I../../include \
+ -I$(top_srcdir)/include \
+ $(XMLSEC_DEFINES) \
+ $(MSCNG_CFLAGS) \
+ $(LIBXSLT_CFLAGS) \
+ $(LIBXML_CFLAGS) \
+ $(NULL)
+
+libxmlsec1_mscng_la_SOURCES = \
+ app.c \
+ certkeys.c \
+ ciphers.c \
+ crypto.c \
+ digests.c \
+ globals.h \
+ hmac.c \
+ keysstore.c \
+ kt_rsa.c \
+ kw_aes.c \
+ kw_des.c \
+ signatures.c \
+ symkeys.c \
+ x509.c \
+ x509vfy.c \
+ $(NULL)
+
+libxmlsec1_mscng_la_LIBADD = \
+ $(MSCNG_LIBS) \
+ $(LIBXSLT_LIBS) \
+ $(LIBXML_LIBS) \
+ ../libxmlsec1.la \
+ $(NULL)
+
+libxmlsec1_mscng_la_LDFLAGS = \
+ @XMLSEC_CRYPTO_EXTRA_LDFLAGS@ \
+ -version-info @XMLSEC_VERSION_INFO@ \
+ $(NULL)
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/mscng/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign src/mscng/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+ }
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+
+libxmlsec1-mscng.la: $(libxmlsec1_mscng_la_OBJECTS) $(libxmlsec1_mscng_la_DEPENDENCIES) $(EXTRA_libxmlsec1_mscng_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(libxmlsec1_mscng_la_LINK) -rpath $(libdir) $(libxmlsec1_mscng_la_OBJECTS) $(libxmlsec1_mscng_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-app.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-certkeys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-ciphers.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-crypto.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-digests.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-hmac.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-keysstore.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-kt_rsa.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-kw_aes.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-kw_des.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-signatures.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-symkeys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-x509.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscng_la-x509vfy.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+ @$(MKDIR_P) $(@D)
+ @echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+libxmlsec1_mscng_la-app.lo: app.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-app.Tpo -c -o libxmlsec1_mscng_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-app.Tpo $(DEPDIR)/libxmlsec1_mscng_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='app.c' object='libxmlsec1_mscng_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+
+libxmlsec1_mscng_la-certkeys.lo: certkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-certkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-certkeys.Tpo -c -o libxmlsec1_mscng_la-certkeys.lo `test -f 'certkeys.c' || echo '$(srcdir)/'`certkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-certkeys.Tpo $(DEPDIR)/libxmlsec1_mscng_la-certkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='certkeys.c' object='libxmlsec1_mscng_la-certkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-certkeys.lo `test -f 'certkeys.c' || echo '$(srcdir)/'`certkeys.c
+
+libxmlsec1_mscng_la-ciphers.lo: ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-ciphers.Tpo -c -o libxmlsec1_mscng_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_mscng_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ciphers.c' object='libxmlsec1_mscng_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+
+libxmlsec1_mscng_la-crypto.lo: crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-crypto.Tpo -c -o libxmlsec1_mscng_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-crypto.Tpo $(DEPDIR)/libxmlsec1_mscng_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='crypto.c' object='libxmlsec1_mscng_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+
+libxmlsec1_mscng_la-digests.lo: digests.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-digests.Tpo -c -o libxmlsec1_mscng_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-digests.Tpo $(DEPDIR)/libxmlsec1_mscng_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='digests.c' object='libxmlsec1_mscng_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+
+libxmlsec1_mscng_la-hmac.lo: hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-hmac.Tpo -c -o libxmlsec1_mscng_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-hmac.Tpo $(DEPDIR)/libxmlsec1_mscng_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='hmac.c' object='libxmlsec1_mscng_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+
+libxmlsec1_mscng_la-keysstore.lo: keysstore.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-keysstore.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-keysstore.Tpo -c -o libxmlsec1_mscng_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-keysstore.Tpo $(DEPDIR)/libxmlsec1_mscng_la-keysstore.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='keysstore.c' object='libxmlsec1_mscng_la-keysstore.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+
+libxmlsec1_mscng_la-kt_rsa.lo: kt_rsa.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-kt_rsa.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-kt_rsa.Tpo -c -o libxmlsec1_mscng_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-kt_rsa.Tpo $(DEPDIR)/libxmlsec1_mscng_la-kt_rsa.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kt_rsa.c' object='libxmlsec1_mscng_la-kt_rsa.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
+
+libxmlsec1_mscng_la-kw_aes.lo: kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-kw_aes.Tpo -c -o libxmlsec1_mscng_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_mscng_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_aes.c' object='libxmlsec1_mscng_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+
+libxmlsec1_mscng_la-kw_des.lo: kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-kw_des.Tpo -c -o libxmlsec1_mscng_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_mscng_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_des.c' object='libxmlsec1_mscng_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+
+libxmlsec1_mscng_la-signatures.lo: signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-signatures.Tpo -c -o libxmlsec1_mscng_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-signatures.Tpo $(DEPDIR)/libxmlsec1_mscng_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='signatures.c' object='libxmlsec1_mscng_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+
+libxmlsec1_mscng_la-symkeys.lo: symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-symkeys.Tpo -c -o libxmlsec1_mscng_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_mscng_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='symkeys.c' object='libxmlsec1_mscng_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+
+libxmlsec1_mscng_la-x509.lo: x509.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-x509.Tpo -c -o libxmlsec1_mscng_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-x509.Tpo $(DEPDIR)/libxmlsec1_mscng_la-x509.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509.c' object='libxmlsec1_mscng_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+
+libxmlsec1_mscng_la-x509vfy.lo: x509vfy.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscng_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscng_la-x509vfy.Tpo -c -o libxmlsec1_mscng_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscng_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_mscng_la-x509vfy.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509vfy.c' object='libxmlsec1_mscng_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscng_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscng_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(libdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-certkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-keysstore.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-kt_rsa.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-symkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-x509.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-x509vfy.Plo
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-certkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-keysstore.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-kt_rsa.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-symkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-x509.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscng_la-x509vfy.Plo
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-libLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+ clean-generic clean-libLTLIBRARIES clean-libtool cscopelist-am \
+ ctags ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
+++ /dev/null
-What version of Windows?
-------------------------------------------------------------------------
-
-The Microsoft CNG API is a set of BCrypt* and NCrypt* functions. Taking
-BCryptOpenAlgorithmProvider() as a representative example, the minimum
-supported client is Windows Vista and the minimum supported server is Windows
-Server 2008.
-
-Keys manager with MS Certificate store support.
-------------------------------------------------------------------------
-
-Similarly to the nss and mscrypto backends, the xmlsec-mscng keys manager is
-based on the simple keys store from xmlsec core. If keys are not found in the
-simple keys store, then the MS Certificate store (the "MY" store by default,
-visible as Personal -> Certificates in certmgr.msc) is used to look up keys.
-The certificate store from the OS is a read-only store.
--- /dev/null
+# XMLSec Library: XMLSEC-MSCNG
+
+## What version of MS Windows?
+The Microsoft CNG API is a set of BCrypt* and NCrypt* functions. Taking
+`BCryptOpenAlgorithmProvider()` as a representative example, the minimum
+supported client is Windows Vista and the minimum supported server is Windows
+Server 2008.
+
+## Keys manager with MS Certificate store support.
+Similarly to the xmlsec-nss and xmlsec-mscrypto backends, the xmlsec-mscng
+keys manager is based on the XMLSEC Simple Keys Store. If keys are not found
+in the XMLSEC Simple Keys Store, then the MS Certificate store (the `MY` store
+by default, visible as `Personal -> Certificates` in `certmgr.msc`) is used
+to look up keys. The certificate store from the OS is a read-only store.
#include <xmlsec/mscng/certkeys.h>
#include <xmlsec/mscng/keysstore.h>
+#include "../cast_helpers.h"
+
/* config info for the mscng keysstore */
static LPTSTR gXmlSecMSCngAppCertStoreName = NULL;
ret = xmlSecBufferReadFile(&buffer, filename);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferReadFile", NULL,
- "filename=%s", xmlSecErrorsSafeString(filename));
+ "filename=%s", xmlSecErrorsSafeString(filename));
xmlSecBufferFinalize(&buffer);
return (NULL);
}
xmlSecBufferFinalize(&buffer);
break;
default:
- xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL, "format=%d",
- (int)format);
+ xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(NULL);
break;
}
xmlSecMSCngAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format,
const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
PCCERT_CONTEXT pCert = NULL;
- PCCERT_CONTEXT tmpcert = NULL;
+ PCCERT_CONTEXT pCertChain = NULL;
+ PCCERT_CONTEXT pKeyCert = NULL;
xmlSecKeyDataPtr x509Data = NULL;
xmlSecKeyDataPtr keyData = NULL;
xmlSecKeyPtr key = NULL;
xmlSecKeyPtr res = NULL;
+ DWORD dwDataSize;
int ret;
xmlSecAssert2(data != NULL, NULL);
UNREFERENCED_PARAMETER(pwdCallback);
UNREFERENCED_PARAMETER(pwdCallbackCtx);
- pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dataSize);
+ /* read cert and make a copy for cert chain and keyCert */
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize, dwDataSize, goto done, NULL);
+ pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dwDataSize);
if(pCert == NULL) {
xmlSecMSCngLastError("CertCreateCertificateContext", NULL);
goto done;
}
- x509Data = xmlSecKeyDataCreate(xmlSecMSCngKeyDataX509Id);
- if(x509Data == NULL) {
- xmlSecInternalError("xmlSecKeyDataCreate", NULL);
+ pCertChain = CertDuplicateCertificateContext(pCert);
+ if(pCertChain == NULL) {
+ xmlSecMSCngLastError("CertDuplicateCertificateContext", NULL);
goto done;
}
- tmpcert = CertDuplicateCertificateContext(pCert);
- if(tmpcert == NULL) {
- xmlSecMSCngLastError("CertDuplicateCertificateContext",
- xmlSecKeyDataGetName(x509Data));
+ pKeyCert = CertDuplicateCertificateContext(pCert);
+ if(pKeyCert == NULL) {
+ xmlSecMSCngLastError("CertDuplicateCertificateContext", NULL);
goto done;
}
- ret = xmlSecMSCngKeyDataX509AdoptKeyCert(x509Data, tmpcert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptKeyCert",
+ /* create key */
+ key = xmlSecKeyCreate();
+ if(key == NULL) {
+ xmlSecInternalError("xmlSecKeyCreate",
xmlSecKeyDataGetName(x509Data));
goto done;
}
- tmpcert = NULL;
keyData = xmlSecMSCngCertAdopt(pCert, xmlSecKeyDataTypePublic);
if(keyData == NULL) {
- xmlSecInternalError("xmlSecMSCngCertAdopt",
- xmlSecKeyDataGetName(x509Data));
+ xmlSecInternalError("xmlSecMSCngCertAdopt", NULL);
goto done;
}
- pCert = NULL;
+ pCert = NULL; /* owned by keyData now */
- key = xmlSecKeyCreate();
- if(key == NULL) {
- xmlSecInternalError("xmlSecKeyCreate",
- xmlSecKeyDataGetName(x509Data));
+ ret = xmlSecKeySetValue(key, keyData);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeySetValue", NULL);
goto done;
}
+ keyData = NULL;
- ret = xmlSecKeySetValue(key, keyData);
+ /* add cert and keyCert to x509 data and add it to the key */
+ x509Data = xmlSecKeyDataCreate(xmlSecMSCngKeyDataX509Id);
+ if(x509Data == NULL) {
+ xmlSecInternalError("xmlSecKeyDataCreate", NULL);
+ goto done;
+ }
+
+ ret = xmlSecMSCngKeyDataX509AdoptKeyCert(x509Data, pKeyCert);
if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(x509Data));
+ xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptKeyCert", NULL);
goto done;
}
- keyData = NULL;
+ pKeyCert = NULL; /* owned by x509Data data now */
+
+ ret = xmlSecMSCngKeyDataX509AdoptCert(x509Data, pCertChain);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptCert", NULL);
+ goto done;
+ }
+ pCertChain = NULL; /* owned by x509Data data now */
ret = xmlSecKeyAdoptData(key, x509Data);
if(ret < 0) {
- xmlSecInternalError("xmlSecKeyAdoptData",
- xmlSecKeyDataGetName(x509Data));
+ xmlSecInternalError("xmlSecKeyAdoptData", NULL);
goto done;
}
x509Data = NULL;
/* success */
res = key;
key = NULL;
+
done:
if(pCert != NULL) {
CertFreeCertificateContext(pCert);
}
- if(tmpcert != NULL) {
- CertFreeCertificateContext(tmpcert);
+ if(pCertChain != NULL) {
+ CertFreeCertificateContext(pCertChain);
+ }
+ if(pKeyCert != NULL) {
+ CertFreeCertificateContext(pKeyCert);
}
if(x509Data != NULL) {
xmlSecKeyDataDestroy(x509Data);
memset(&pfx, 0, sizeof(pfx));
pfx.pbData = (BYTE *)data;
- pfx.cbData = dataSize;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize, pfx.cbData, return(NULL), NULL);
+
ret = PFXIsPFXBlob(&pfx);
if(ret == FALSE) {
xmlSecMSCngLastError("PFXIsPFXBlob", NULL);
/* enumerate over certifiates in the store */
while((cert = CertEnumCertificatesInStore(certStore, cert)) != NULL) {
DWORD dwData = 0;
- DWORD dwDataLen = sizeof(DWORD);
+ DWORD dwDataLen = sizeof(dwData);
ret = CertGetCertificateContextProperty(cert, CERT_KEY_SPEC_PROP_ID,
&dwData, &dwDataLen);
/* at this point we should have a private key */
if(privKeyData == NULL) {
- xmlSecInternalError2("xmlSecMSCngAppPkcs12LoadMemory",
- xmlSecKeyDataGetName(keyData), "privKeyData is NULL", NULL);
+ xmlSecInternalError("privKeyData is NULL", NULL);
goto cleanup;
}
xmlSecKeyDataType type) {
xmlSecKeyDataStorePtr x509Store;
PCCERT_CONTEXT pCert = NULL;
+ DWORD dwDataSize;
int ret;
xmlSecAssert2(mngr != NULL, -1);
return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize,dwDataSize, return(-1), NULL);
+
switch (format) {
case xmlSecKeyDataFormatDer:
pCert = CertCreateCertificateContext(
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
data,
- dataSize);
+ dwDataSize);
if(pCert == NULL) {
xmlSecMSCngLastError("CertCreateCertificateContext", NULL)
return(-1);
break;
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(-1);
- break;
}
xmlSecAssert2(pCert != NULL, -1);
#include <ncrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/base64.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/bn.h>
#include <xmlsec/mscng/crypto.h>
+#include <xmlsec/mscng/certkeys.h>
+
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
typedef struct _xmlSecMSCngKeyDataCtx xmlSecMSCngKeyDataCtx,
*xmlSecMSCngKeyDataCtxPtr;
BCRYPT_KEY_HANDLE pubkey;
};
-#define xmlSecMSCngKeyDataSize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecMSCngKeyDataCtx))
-#define xmlSecMSCngKeyDataGetCtx(data) \
- ((xmlSecMSCngKeyDataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+XMLSEC_KEY_DATA_DECLARE(MSCngKeyData, xmlSecMSCngKeyDataCtx)
+#define xmlSecMSCngKeyDataSize XMLSEC_KEY_DATA_SIZE(MSCngKeyData)
-static int xmlSecMSCngKeyDataGetSize(xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecMSCngKeyDataGetSize(xmlSecKeyDataPtr data);
static int
xmlSecMSCngKeyDataCertGetPubkey(PCCERT_CONTEXT cert, BCRYPT_KEY_HANDLE* key) {
status = NCryptFreeObject(ctx->privkey);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptDestroyKey", NULL, status);
+ /* ignore error */
}
}
status = BCryptDestroyKey(ctx->pubkey);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptDestroyKey", NULL, status);
+ /* ignore error */
}
}
return(-1);
}
- status = BCryptImportKeyPair(hAlg, NULL, BCRYPT_PUBLIC_KEY_BLOB, &dstCtx->pubkey, pbBlob,
- cbBlob, 0);
+ status = BCryptImportKeyPair(
+ hAlg,
+ NULL,
+ BCRYPT_PUBLIC_KEY_BLOB,
+ &dstCtx->pubkey,
+ pbBlob,
+ cbBlob,
+ 0);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptImportKeyPair",
NULL, status);
}
#ifndef XMLSEC_NO_DSA
-static int
-xmlSecMSCngKeyDataDsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
- xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecMSCngKeyDataDsaId), -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecMSCngKeyDataDsaId), -1);
-
- return(xmlSecMSCngKeyDataDuplicate(dst, src));
-}
-
-static xmlSecKeyDataType
-xmlSecMSCngKeyDataDsaGetType(xmlSecKeyDataPtr data) {
- xmlSecMSCngKeyDataCtxPtr ctx;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataDsaId), xmlSecKeyDataTypeUnknown);
-
- ctx = xmlSecMSCngKeyDataGetCtx(data);
- xmlSecAssert2(ctx != NULL, xmlSecKeyDataTypeUnknown);
-
- if(ctx->privkey != 0) {
- return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
- }
-
- return(xmlSecKeyDataTypePublic);
-}
-
-static xmlSecSize
-xmlSecMSCngKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataDsaId), 0);
- return(xmlSecMSCngKeyDataGetSize(data));
-}
+#define XMLSEC_MSCNG_DSA_MAX_Q_SIZE (20U)
-static int
-xmlSecMSCngKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecBn p;
- xmlSecBn q;
- xmlSecBn g;
- xmlSecBn y;
+static xmlSecKeyDataPtr
+xmlSecMSCngKeyDataDsaRead(xmlSecKeyDataId id, xmlSecKeyValueDsaPtr dsaValue) {
+ xmlSecKeyDataPtr data = NULL;
+ xmlSecKeyDataPtr res = NULL;
xmlSecBuffer blob;
- xmlNodePtr cur;
- xmlSecSize length;
- xmlSecSize offset;
- xmlSecSize blobLen;
- unsigned char* blobData;
+ int blobInitialized = 0;
+ xmlSecByte* blobData;
+ xmlSecSize pSize, qSize, gSize, ySize;
+ xmlSecSize offset, blobSize;
+ DWORD dwBlobSize;
BCRYPT_DSA_KEY_BLOB* dsakey;
- LPCWSTR lpszBlobType;
BCRYPT_KEY_HANDLE hKey = NULL;
NTSTATUS status;
BCRYPT_ALG_HANDLE hAlg = NULL;
- xmlSecKeyDataPtr keyData = NULL;
- int res = -1;
int ret;
- xmlSecAssert2(id == xmlSecMSCngKeyDataDsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(xmlSecKeyGetValue(key) != NULL) {
- xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
- xmlSecKeyDataKlassGetName(id), "key already has a value");
- return(-1);
- }
-
- /* initialize buffers */
- ret = xmlSecBnInitialize(&p, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize(p)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
-
- ret = xmlSecBnInitialize(&q, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize(q)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&p);
- return(-1);
- }
-
- ret = xmlSecBnInitialize(&g, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize(g)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&p);
- xmlSecBnFinalize(&q);
- return(-1);
- }
-
- ret = xmlSecBnInitialize(&y, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize(g)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&p);
- xmlSecBnFinalize(&q);
- xmlSecBnFinalize(&g);
- return(-1);
- }
-
- ret = xmlSecBufferInitialize(&blob, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&p);
- xmlSecBnFinalize(&q);
- xmlSecBnFinalize(&g);
- xmlSecBnFinalize(&y);
- return(-1);
- }
-
- /* read xml */
- cur = xmlSecGetNextElementNode(node->children);
-
- /* P node */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAP, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAP,
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
-
- /* 0 as both the XML and CNG works with big-endian */
- ret = xmlSecBnGetNodeValue(&p, cur, xmlSecBnBase64, 0);
- if((ret < 0) || (xmlSecBnGetSize(&p) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue(p)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* Q node */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAQ, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAQ,
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
-
- ret = xmlSecBnGetNodeValue(&q, cur, xmlSecBnBase64, 0);
- if((ret < 0) || (xmlSecBnGetSize(&q) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue(q)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* G node */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAG, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAG,
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
-
- ret = xmlSecBnGetNodeValue(&g, cur, xmlSecBnBase64, 0);
- if((ret < 0) || (xmlSecBnGetSize(&q) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue(g)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* TODO X node */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAX, xmlSecNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* Y node */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAY, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAY,
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
-
- ret = xmlSecBnGetNodeValue(&y, cur, xmlSecBnBase64, 0);
- if((ret < 0) || (xmlSecBnGetSize(&y) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue(y)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* TODO J node */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAJ, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* TODO Seed node */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSASeed, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* TODO PgenCounter node */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAPgenCounter, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataKlassGetName(id));
- goto done;
- }
+ xmlSecAssert2(id == xmlSecMSCngKeyDataDsaId, NULL);
+ xmlSecAssert2(dsaValue != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(dsaValue->p)) != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(dsaValue->q)) != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(dsaValue->g)) != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(dsaValue->y)) != NULL, NULL);
+
+ /* dont reverse blobs as both the XML and CNG works with big-endian */
+ pSize = xmlSecBufferGetSize(&(dsaValue->p));
+ qSize = xmlSecBufferGetSize(&(dsaValue->q));
+ gSize = xmlSecBufferGetSize(&(dsaValue->g));
+ ySize = xmlSecBufferGetSize(&(dsaValue->y));
+ xmlSecAssert2(pSize > 0, NULL);
+ xmlSecAssert2(qSize > 0, NULL);
+ xmlSecAssert2(gSize > 0, NULL);
+ xmlSecAssert2(ySize > 0, NULL);
/* turn the read data into a public key blob, as documented at
* <https://msdn.microsoft.com/library/windows/desktop/aa833126.aspx>: Q is
- * part of the struct, need to write P, G, Y after it */
- length = xmlSecBnGetSize(&p);
+ * part of the struct, need to write P, G, Y after it
+ * we assume that:
+ * sizeof(q) <= XMLSEC_MSCNG_DSA_MAX_Q_SIZE,
+ * sizeof(g) <= sizeof(p)
+ * sizeof(y) <= sizeof(p)
+ */
+ xmlSecAssert2(qSize <= XMLSEC_MSCNG_DSA_MAX_Q_SIZE, NULL);
+ xmlSecAssert2(gSize <= pSize, NULL);
+ xmlSecAssert2(ySize <= pSize, NULL);
offset = sizeof(BCRYPT_DSA_KEY_BLOB);
- blobLen = offset + length * 3;
+ blobSize = offset + pSize * 3;
- ret = xmlSecBufferSetSize(&blob, blobLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d", blobLen);
+ ret = xmlSecBufferInitialize(&blob, blobSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, blobSize);
goto done;
}
+ blobInitialized = 1;
- blobData = xmlSecBufferGetData(&blob);
- dsakey = (BCRYPT_DSA_KEY_BLOB *)blobData;
- dsakey->cbKey = length;
-
- memset(dsakey->Count, -1, sizeof(dsakey->Count));
- memset(dsakey->Seed, -1, sizeof(dsakey->Seed));
-
- if(xmlSecBnGetSize(&q) != 20) {
- xmlSecInternalError("assumed sizeof(q) == 20", xmlSecKeyDataKlassGetName(id));
+ ret = xmlSecBufferSetSize(&blob, blobSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", xmlSecKeyDataKlassGetName(id),
+ "size=" XMLSEC_SIZE_FMT, blobSize);
goto done;
}
+ memset(xmlSecBufferGetData(&blob), 0, blobSize); // ensure all padding with 0s work
- memcpy(dsakey->q, xmlSecBnGetData(&q), 20);
-
- memcpy(blobData + offset, xmlSecBnGetData(&p), length);
- offset += length;
+ blobData = xmlSecBufferGetData(&blob);
+ dsakey = (BCRYPT_DSA_KEY_BLOB*)blobData;
+ dsakey->dwMagic = BCRYPT_DSA_PUBLIC_MAGIC;
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(pSize, dsakey->cbKey, goto done, xmlSecKeyDataKlassGetName(id));
- if(xmlSecBnGetSize(&g) != xmlSecBnGetSize(&p)) {
- xmlSecInternalError("assumed sizeof(g) == sizeof(p)", xmlSecKeyDataKlassGetName(id));
- goto done;
- }
+ /* todo: add support for J, seed, pgencounter */
+ memset(dsakey->Count, -1, sizeof(dsakey->Count));
+ memset(dsakey->Seed, -1, sizeof(dsakey->Seed));
- memcpy(blobData + offset, xmlSecBnGetData(&g), length);
- offset += length;
+ /*** q ***/
+ xmlSecAssert2(sizeof(dsakey->q) == XMLSEC_MSCNG_DSA_MAX_Q_SIZE, NULL);
+ memcpy(dsakey->q, xmlSecBufferGetData(&(dsaValue->q)), qSize); /* should be equal to XMLSEC_MSCNG_DSA_MAX_Q_SIZE */
- if(xmlSecBnGetSize(&y) != xmlSecBnGetSize(&p)) {
- xmlSecInternalError("assumed sizeof(y) == sizeof(p)", xmlSecKeyDataKlassGetName(id));
- goto done;
- }
+ /*** p ***/
+ memcpy(blobData + offset, xmlSecBufferGetData(&(dsaValue->p)), pSize);
+ offset += pSize;
- memcpy(blobData + offset, xmlSecBnGetData(&y), length);
+ /*** g ***/
+ memcpy(blobData + offset, xmlSecBufferGetData(&(dsaValue->g)), gSize);
+ offset += pSize; /* gSize <= pSize */
- lpszBlobType = BCRYPT_DSA_PUBLIC_BLOB;
- dsakey->dwMagic = BCRYPT_DSA_PUBLIC_MAGIC;
+ /*** y ***/
+ memcpy(blobData + offset, xmlSecBufferGetData(&(dsaValue->y)), ySize);
+ offset += pSize; /* gSize <= ySize */
+ /* import the key blob */
status = BCryptOpenAlgorithmProvider(
&hAlg,
BCRYPT_DSA_ALGORITHM,
NULL,
0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptOpenAlgorithmProvider",
- xmlSecKeyDataKlassGetName(id), status);
- goto done;
- }
-
- status = BCryptImportKeyPair(hAlg, NULL, lpszBlobType, &hKey, blobData,
- blobLen, 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptImportKeyPair",
- xmlSecKeyDataKlassGetName(id), status);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptOpenAlgorithmProvider", xmlSecKeyDataKlassGetName(id), status);
goto done;
}
- keyData = xmlSecKeyDataCreate(id);
- if(keyData == NULL) {
- xmlSecInternalError("xmlSecKeyDataCreate",
- xmlSecKeyDataKlassGetName(id));
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(blobSize, dwBlobSize, goto done, xmlSecKeyDataKlassGetName(id));
+ status = BCryptImportKeyPair(
+ hAlg,
+ NULL,
+ BCRYPT_DSA_PUBLIC_BLOB,
+ &hKey,
+ blobData,
+ dwBlobSize,
+ 0);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptImportKeyPair", xmlSecKeyDataKlassGetName(id), status);
goto done;
}
- ret = xmlSecMSCngKeyDataAdoptKey(keyData, hKey);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataAdoptKey",
- xmlSecKeyDataGetName(keyData));
+ data = xmlSecKeyDataCreate(id);
+ if (data == NULL) {
+ xmlSecInternalError("xmlSecKeyDataCreate", xmlSecKeyDataKlassGetName(id));
goto done;
}
- hKey = 0;
- ret = xmlSecKeySetValue(key, keyData);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(keyData));
+ ret = xmlSecMSCngKeyDataAdoptKey(data, hKey);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCngKeyDataAdoptKey", xmlSecKeyDataGetName(data));
goto done;
}
+ hKey = 0; /* now owned by data */
- keyData = NULL;
- res = 0;
+ /* success */
+ res = data;
+ data = NULL;
done:
- xmlSecBnFinalize(&p);
- xmlSecBnFinalize(&q);
- xmlSecBnFinalize(&g);
- xmlSecBnFinalize(&y);
- xmlSecBufferFinalize(&blob);
-
- if(hAlg != 0) {
+ if (data != NULL) {
+ xmlSecKeyDataDestroy(data);
+ }
+ if (hAlg != 0) {
BCryptCloseAlgorithmProvider(hAlg, 0);
}
-
- if(hKey != 0) {
+ if (hKey != 0) {
BCryptDestroyKey(hKey);
}
-
+ if (blobInitialized != 0) {
+ xmlSecBufferFinalize(&blob);
+ }
return(res);
}
static int
-xmlSecMSCngKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecMSCngKeyDataDsaWrite(xmlSecKeyDataId id, xmlSecKeyDataPtr data,
+ xmlSecKeyValueDsaPtr dsaValue,
+ int writePrivateKey ATTRIBUTE_UNUSED) {
xmlSecMSCngKeyDataCtxPtr ctx;
NTSTATUS status;
xmlSecBuffer buf;
+ int bufInitialized = 0;
xmlSecByte* bufData;
- DWORD bufLen;
+ DWORD bufLen = 0;
BCRYPT_DSA_KEY_BLOB* dsakey;
- xmlNodePtr cur;
int ret;
+ int res = -1;
xmlSecAssert2(id == xmlSecMSCngKeyDataDsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key),
- xmlSecMSCngKeyDataDsaId), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataDsaId), -1);
+ xmlSecAssert2(dsaValue != NULL, -1);
+ UNREFERENCED_PARAMETER(writePrivateKey);
- ctx = xmlSecMSCngKeyDataGetCtx(xmlSecKeyGetValue(key));
+ ctx = xmlSecMSCngKeyDataGetCtx(data);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->pubkey, -1);
0,
&bufLen,
0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptExportKey", xmlSecKeyDataKlassGetName(id),
- status);
- return(-1);
+ if ((status != STATUS_SUCCESS) || (bufLen <= 0)) {
+ xmlSecMSCngNtError2("BCryptExportKey", xmlSecKeyDataKlassGetName(id),
+ status, "bufLen=%lu", bufLen);
+ goto done;
}
ret = xmlSecBufferInitialize(&buf, bufLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize",
- xmlSecKeyDataKlassGetName(id), "size=%ld", bufLen);
- return(-1);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferInitialize", xmlSecKeyDataKlassGetName(id),
+ "size=%lu", bufLen);
+ goto done;
}
+ bufInitialized = 1;
bufData = xmlSecBufferGetData(&buf);
- dsakey = (BCRYPT_DSA_KEY_BLOB*)bufData;
+ xmlSecAssert2(bufData != NULL, -1);
status = BCryptExportKey(ctx->pubkey,
NULL,
BCRYPT_DSA_PUBLIC_BLOB,
- (PUCHAR)dsakey,
+ bufData,
bufLen,
&bufLen,
0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptExportKey", xmlSecKeyDataKlassGetName(id),
- status);
- xmlSecBufferFinalize(&buf);
- return(-1);
+ if ((status != STATUS_SUCCESS) || (bufLen <= 0)) {
+ xmlSecMSCngNtError2("BCryptExportKey", xmlSecKeyDataKlassGetName(id),
+ status, "bufLen=%lu", bufLen);
+ goto done;
}
- /* write dsaykey in XML format, see xmlSecMSCngKeyDataDsaXmlRead() on the
- * memory layout of bufData: the struct contains Q, and P, G, Y follows it */
-
- /* P node */
- cur = xmlSecAddChild(node, xmlSecNodeDSAP, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(p)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /* check BCRYPT_DSA_KEY_BLOB */
+ if (bufLen < sizeof(BCRYPT_DSA_KEY_BLOB)) {
+ xmlSecMSCngNtError2("BCRYPT_DSA_KEY_BLOB", xmlSecKeyDataKlassGetName(id),
+ STATUS_SUCCESS, "dwBlobLen=%lu", bufLen);
+ goto done;
}
+ dsakey = (BCRYPT_DSA_KEY_BLOB*)bufData;
- /* reverse is 0, both CNG and XML is big-endian */
- bufData += sizeof(BCRYPT_DSA_KEY_BLOB);
- ret = xmlSecBnBlobSetNodeValue(bufData, dsakey->cbKey, cur, xmlSecBnBase64, 0, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue(p)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
+ /* we assume that sizeof(q) < XMLSEC_MSCNG_DSA_MAX_Q_SIZE, sizeof(g) <= sizeof(p) and sizeof(y) <= sizeof(p) */
+ if (bufLen < (sizeof(BCRYPT_DSA_KEY_BLOB) + 3 * dsakey->cbKey)) {
+ xmlSecMSCngNtError3("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ STATUS_SUCCESS, "dwBlobLen: %lu; keyLen: %lu", bufLen, dsakey->cbKey);
+ goto done;
- /* Q node */
- cur = xmlSecAddChild(node, xmlSecNodeDSAQ, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(q)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
}
+ bufData += sizeof(BCRYPT_DSA_KEY_BLOB);
- /* 20 is the documented size of BCRYPT_DSA_KEY_BLOB.q */
- ret = xmlSecBnBlobSetNodeValue((xmlSecByte*)dsakey->q, 20, cur, xmlSecBnBase64, 0, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue(q)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /*** p ***/
+ ret = xmlSecBufferSetData(&(dsaValue->p), bufData, dsakey->cbKey);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(p)", xmlSecKeyDataKlassGetName(id),
+ "keyLen=%lu", dsakey->cbKey);
+ goto done;
}
+ bufData += dsakey->cbKey;
- /* G node */
- cur = xmlSecAddChild(node, xmlSecNodeDSAG, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(g)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /*** q ***/
+ xmlSecAssert2(sizeof(dsakey->q) <= XMLSEC_MSCNG_DSA_MAX_Q_SIZE, -1);
+ ret = xmlSecBufferSetData(&(dsaValue->q), (xmlSecByte*)dsakey->q, sizeof(dsakey->q));
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(q)", xmlSecKeyDataKlassGetName(id),
+ "keyLen=%lu", dsakey->cbKey);
+ goto done;
}
+ /*** g ***/
+ ret = xmlSecBufferSetData(&(dsaValue->g), bufData, dsakey->cbKey);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(g)", xmlSecKeyDataKlassGetName(id),
+ "keyLen=%lu", dsakey->cbKey);
+ goto done;
+ }
bufData += dsakey->cbKey;
- ret = xmlSecBnBlobSetNodeValue(bufData, dsakey->cbKey, cur, xmlSecBnBase64, 0, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue(g)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+
+ /* X is REQUIRED for private key but MSCng does not support it,
+ * so we just ignore it */
+
+ /*** y ***/
+ ret = xmlSecBufferSetData(&(dsaValue->y), bufData, dsakey->cbKey);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(y)", xmlSecKeyDataKlassGetName(id),
+ "keyLen=%lu", dsakey->cbKey);
+ goto done;
}
+ bufData += dsakey->cbKey;
+
+ /* dont reverse blobs as both the XML and CNG works with big-endian */
+
+ /* success */
+ res = 0;
- /* Y node */
- cur = xmlSecAddChild(node, xmlSecNodeDSAY, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(y)",
- xmlSecKeyDataKlassGetName(id));
+done:
+ if (bufInitialized != 0) {
xmlSecBufferFinalize(&buf);
- return(-1);
}
+ return(res);
+}
- bufData += dsakey->cbKey;
- ret = xmlSecBnBlobSetNodeValue(bufData, dsakey->cbKey, cur, xmlSecBnBase64, 0, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue(y)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+static int
+xmlSecMSCngKeyDataDsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecMSCngKeyDataDsaId), -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecMSCngKeyDataDsaId), -1);
+
+ return(xmlSecMSCngKeyDataDuplicate(dst, src));
+}
+
+static xmlSecKeyDataType
+xmlSecMSCngKeyDataDsaGetType(xmlSecKeyDataPtr data) {
+ xmlSecMSCngKeyDataCtxPtr ctx;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataDsaId), xmlSecKeyDataTypeUnknown);
+
+ ctx = xmlSecMSCngKeyDataGetCtx(data);
+ xmlSecAssert2(ctx != NULL, xmlSecKeyDataTypeUnknown);
+
+ if(ctx->privkey != 0) {
+ return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
}
- xmlSecBufferFinalize(&buf);
+ return(xmlSecKeyDataTypePublic);
+}
- return(0);
+static xmlSecSize
+xmlSecMSCngKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataDsaId), 0);
+
+ return(xmlSecMSCngKeyDataGetSize(data));
+}
+
+static int
+xmlSecMSCngKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecMSCngKeyDataDsaId, -1);
+ return(xmlSecKeyDataDsaXmlRead(id, key, node, keyInfoCtx,
+ xmlSecMSCngKeyDataDsaRead));
+}
+
+static int
+xmlSecMSCngKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecMSCngKeyDataDsaId, -1);
+ return(xmlSecKeyDataDsaXmlWrite(id, key, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecMSCngKeyDataDsaWrite));
}
static void
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataDsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "=== rsa key: size = %d\n",
- (int)xmlSecMSCngKeyDataDsaGetSize(data));
+ fprintf(output, "=== rsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecMSCngKeyDataDsaGetSize(data));
}
static void xmlSecMSCngKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataDsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "<DSAKeyValue size=\"%d\" />\n",
- (int)xmlSecMSCngKeyDataDsaGetSize(data));
+ fprintf(output, "<DSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecMSCngKeyDataDsaGetSize(data));
}
static int
xmlSecMSCngKeyDataCtxPtr ctx;
BCRYPT_ALG_HANDLE hAlg = 0;
BCRYPT_KEY_HANDLE hKey = 0;
- int res = -1;
NTSTATUS status;
+ DWORD dwSizeBits;
int ret;
+ int res = -1;
xmlSecAssert2(xmlSecKeyDataIsValid(data), xmlSecKeyDataTypeUnknown);
xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCngKeyDataSize), xmlSecKeyDataTypeUnknown);
ctx = xmlSecMSCngKeyDataGetCtx(data);
xmlSecAssert2(ctx != NULL, -1);
- status = BCryptOpenAlgorithmProvider(
- &hAlg,
- BCRYPT_DSA_ALGORITHM,
- NULL,
- 0);
+ status = BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_DSA_ALGORITHM, NULL, 0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptOpenAlgorithmProvider",
- xmlSecKeyDataGetName(data), status);
+ xmlSecMSCngNtError("BCryptOpenAlgorithmProvider", xmlSecKeyDataGetName(data), status);
goto done;
}
- status = BCryptGenerateKeyPair(
- hAlg,
- &hKey,
- sizeBits,
- 0);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(sizeBits, dwSizeBits, goto done, xmlSecKeyDataGetName(data));
+ status = BCryptGenerateKeyPair(hAlg, &hKey, dwSizeBits, 0);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptGenerateKeyPair", xmlSecKeyDataGetName(data),
status);
#endif /* XMLSEC_NO_DSA */
#ifndef XMLSEC_NO_RSA
-static int
-xmlSecMSCngKeyDataRsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
- xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecMSCngKeyDataRsaId), -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecMSCngKeyDataRsaId), -1);
-
- return(xmlSecMSCngKeyDataDuplicate(dst, src));
-}
-
-static xmlSecKeyDataType
-xmlSecMSCngKeyDataRsaGetType(xmlSecKeyDataPtr data) {
- xmlSecMSCngKeyDataCtxPtr ctx;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataRsaId), xmlSecKeyDataTypeUnknown);
-
- ctx = xmlSecMSCngKeyDataGetCtx(data);
- xmlSecAssert2(ctx != NULL, xmlSecKeyDataTypeUnknown);
-
- if(ctx->privkey != 0) {
- return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
- }
-
- return(xmlSecKeyDataTypePublic);
-}
-
-static int
-xmlSecMSCngKeyDataGetSize(xmlSecKeyDataPtr data) {
- NTSTATUS status;
- xmlSecMSCngKeyDataCtxPtr ctx;
-
- xmlSecAssert2(xmlSecKeyDataIsValid(data), 0);
- xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCngKeyDataSize), 0);
-
- ctx = xmlSecMSCngKeyDataGetCtx(data);
- xmlSecAssert2(ctx != NULL, 0);
-
- if(ctx->cert != NULL) {
- xmlSecAssert2(ctx->cert->pCertInfo != NULL, 0);
- return(CertGetPublicKeyLength(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
- &ctx->cert->pCertInfo->SubjectPublicKeyInfo));
- } else if(ctx->pubkey != 0) {
- DWORD length = 0;
- DWORD lenlen = sizeof(DWORD);
-
- status = BCryptGetProperty(ctx->pubkey,
- BCRYPT_KEY_STRENGTH,
- (PUCHAR)&length,
- lenlen,
- &lenlen,
- 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptGetproperty", NULL, status);
- return(0);
- }
-
- return(length);
- } else if(ctx->privkey != 0) {
- xmlSecNotImplementedError(NULL);
- return(0);
- }
-
- return(0);
-}
-
-static xmlSecSize
-xmlSecMSCngKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataRsaId), 0);
-
- return(xmlSecMSCngKeyDataGetSize(data));
-}
-
-
-static void
-xmlSecMSCngKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataRsaId));
- xmlSecAssert(output != NULL);
-
- fprintf(output, "=== rsa key: size = %d\n",
- (int)xmlSecMSCngKeyDataRsaGetSize(data));
-}
-
-static void xmlSecMSCngKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataRsaId));
- xmlSecAssert(output != NULL);
-
- fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
- (int)xmlSecMSCngKeyDataRsaGetSize(data));
-}
-
-static int
-xmlSecMSCngKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecBn modulus, exponent;
+static xmlSecKeyDataPtr
+xmlSecMSCngKeyDataRsaRead(xmlSecKeyDataId id, xmlSecKeyValueRsaPtr rsaValue) {
+ xmlSecKeyDataPtr data = NULL;
+ xmlSecKeyDataPtr res = NULL;
xmlSecBuffer blob;
- xmlSecSize blobBufferLen;
- xmlSecSize offset;
+ int blobInitialized = 0;
+ xmlSecSize blobBufferSize, offset;
+ xmlSecSize mSize, peSize;
+ xmlSecByte* blobData;
+ DWORD dwSize;
BCRYPT_RSAKEY_BLOB* rsakey;
- LPCWSTR lpszBlobType;
BCRYPT_ALG_HANDLE hAlg = NULL;
- xmlSecKeyDataPtr keyData = NULL;
BCRYPT_KEY_HANDLE hKey = 0;
- xmlNodePtr cur;
- int res = -1;
+ size_t size;
NTSTATUS status;
int ret;
- xmlSecAssert2(id == xmlSecMSCngKeyDataRsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(xmlSecKeyGetValue(key) != NULL) {
- xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
- xmlSecKeyDataKlassGetName(id),
- "key already has a value");
- return(-1);
- }
-
- /* initialize buffers */
- ret = xmlSecBnInitialize(&modulus, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
-
- ret = xmlSecBnInitialize(&exponent, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&modulus);
- return(-1);
- }
-
- ret = xmlSecBufferInitialize(&blob, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&modulus);
- xmlSecBnFinalize(&exponent);
- return(-1);
- }
-
- /* read xml */
- cur = xmlSecGetNextElementNode(node->children);
-
- /* first is Modulus node, it is required because we do not support Seed and PgenCounter */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAModulus, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeRSAModulus,
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
-
- /* 0 as both the XML and CNG works with big-endian */
- ret = xmlSecBnGetNodeValue(&modulus, cur, xmlSecBnBase64, 0);
- if((ret < 0) || (xmlSecBnGetSize(&modulus) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* next is Exponent node, it is required because we do not support Seed and PgenCounter */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAExponent, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeRSAExponent, xmlSecKeyDataKlassGetName(id));
- goto done;
- }
+ xmlSecAssert2(id == xmlSecMSCngKeyDataRsaId, NULL);
+ xmlSecAssert2(rsaValue != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(rsaValue->modulus)) != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(rsaValue->publicExponent)) != NULL, NULL);
- ret = xmlSecBnGetNodeValue(&exponent, cur, xmlSecBnBase64, 0);
- if((ret < 0) || (xmlSecBnGetSize(&exponent) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
+ /* dont reverse blobs as both the XML and CNG works with big-endian */
+ mSize = xmlSecBufferGetSize(&(rsaValue->modulus));
+ peSize = xmlSecBufferGetSize(&(rsaValue->publicExponent));
+ xmlSecAssert2(mSize > 0, NULL);
+ xmlSecAssert2(peSize > 0, NULL);
- /* TODO X node */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeRSAPrivateExponent, xmlSecNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
+ /* turn the read data into a public key blob, as documented at
+ * <https://msdn.microsoft.com/en-us/library/windows/desktop/aa375531(v=vs.85).aspx>:
+ * need to write exponent and modulus after the struct */
+ size = sizeof(BCRYPT_RSAKEY_BLOB) + mSize + peSize;
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(size, blobBufferSize, goto done, xmlSecKeyDataKlassGetName(id));
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataKlassGetName(id));
+ ret = xmlSecBufferInitialize(&blob, blobBufferSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferInitialize", xmlSecKeyDataKlassGetName(id),
+ "size=" XMLSEC_SIZE_FMT, blobBufferSize);
goto done;
}
+ blobInitialized = 1;
- /* turn the read data into a public key blob, as documented at
- * <https://msdn.microsoft.com/en-us/library/windows/desktop/aa375531(v=vs.85).aspx>:
- * need to write exponent and modulus after the struct */
- blobBufferLen = sizeof(BCRYPT_RSAKEY_BLOB) + xmlSecBnGetSize(&exponent) +
- xmlSecBnGetSize(&modulus);
- ret = xmlSecBufferSetSize(&blob, blobBufferLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecKeyDataKlassGetName(id), "size=%d", blobBufferLen);
+ ret = xmlSecBufferSetSize(&blob, blobBufferSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, blobBufferSize);
goto done;
}
+ blobData = xmlSecBufferGetData(&blob);
+ xmlSecAssert2(blobData != NULL, NULL);
+ memset(blobData, 0, blobBufferSize); // ensure all padding with 0s work
- rsakey = (BCRYPT_RSAKEY_BLOB *)xmlSecBufferGetData(&blob);
+ rsakey = (BCRYPT_RSAKEY_BLOB*)blobData;
rsakey->Magic = BCRYPT_RSAPUBLIC_MAGIC;
- rsakey->BitLength = xmlSecBnGetSize(&modulus) * 8;
- rsakey->cbPublicExp = xmlSecBnGetSize(&exponent);
- rsakey->cbModulus = xmlSecBnGetSize(&modulus);
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG((mSize * 8), rsakey->BitLength, goto done, xmlSecKeyDataKlassGetName(id));
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(peSize, rsakey->cbPublicExp, goto done, xmlSecKeyDataKlassGetName(id));
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(mSize, rsakey->cbModulus, goto done, xmlSecKeyDataKlassGetName(id));
offset = sizeof(BCRYPT_RSAKEY_BLOB);
- memcpy(xmlSecBufferGetData(&blob) + offset, xmlSecBnGetData(&exponent),
- xmlSecBnGetSize(&exponent));
- offset += xmlSecBnGetSize(&exponent);
+ /*** public exponent ***/
+ memcpy(blobData + offset, xmlSecBufferGetData(&(rsaValue->publicExponent)), peSize);
+ offset += peSize;
- memcpy(xmlSecBufferGetData(&blob) + offset, xmlSecBnGetData(&modulus),
- xmlSecBnGetSize(&modulus));
+ /*** modulus ***/
+ memcpy(blobData + offset, xmlSecBufferGetData(&(rsaValue->modulus)), mSize);
+ offset += mSize;
- lpszBlobType = BCRYPT_RSAPUBLIC_BLOB;
+ /* PrivateExponent is REQUIRED for private key but MSCng does not support it,
+ * so we just ignore it */
+ /* Now that we have the blob, import */
status = BCryptOpenAlgorithmProvider(
&hAlg,
BCRYPT_RSA_ALGORITHM,
NULL,
0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptOpenAlgorithmProvider",
- xmlSecKeyDataKlassGetName(id), status);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptOpenAlgorithmProvider", xmlSecKeyDataKlassGetName(id), status);
goto done;
}
- status = BCryptImportKeyPair(hAlg, NULL, lpszBlobType, &hKey,
- xmlSecBufferGetData(&blob), xmlSecBufferGetSize(&blob), 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptImportKeyPair",
- xmlSecKeyDataKlassGetName(id), status);
- goto done;
- }
-
- keyData = xmlSecKeyDataCreate(id);
- if(keyData == NULL) {
- xmlSecInternalError("xmlSecKeyDataCreate",
- xmlSecKeyDataKlassGetName(id));
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(blobBufferSize, dwSize, goto done, xmlSecKeyDataKlassGetName(id));
+ status = BCryptImportKeyPair(
+ hAlg,
+ NULL,
+ BCRYPT_RSAPUBLIC_BLOB,
+ &hKey,
+ blobData,
+ dwSize,
+ 0);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError2("BCryptImportKeyPair", xmlSecKeyDataKlassGetName(id),
+ status, "dwSize=%lu", dwSize);
goto done;
}
- ret = xmlSecMSCngKeyDataAdoptKey(keyData, hKey);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataAdoptKey",
- xmlSecKeyDataGetName(keyData));
+ data = xmlSecKeyDataCreate(id);
+ if (data == NULL) {
+ xmlSecInternalError("xmlSecKeyDataCreate", xmlSecKeyDataKlassGetName(id));
goto done;
}
- hKey = 0;
- ret = xmlSecKeySetValue(key, keyData);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(keyData));
+ ret = xmlSecMSCngKeyDataAdoptKey(data, hKey);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCngKeyDataAdoptKey", xmlSecKeyDataGetName(data));
goto done;
}
+ hKey = 0; /* now owned by data */
- keyData = NULL;
- res = 0;
+ /* success */
+ res = data;
+ data = NULL;
done:
- xmlSecBnFinalize(&exponent);
- xmlSecBnFinalize(&modulus);
- xmlSecBufferFinalize(&blob);
-
- if(hKey != 0) {
+ if (data != NULL) {
+ xmlSecKeyDataDestroy(data);
+ }
+ if (hKey != 0) {
BCryptDestroyKey(hKey);
}
-
- if(hAlg != 0) {
+ if (hAlg != 0) {
BCryptCloseAlgorithmProvider(hAlg, 0);
}
-
+ if (blobInitialized != 0) {
+ xmlSecBufferFinalize(&blob);
+ }
return(res);
}
static int
-xmlSecMSCngKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecMSCngKeyDataRsaWrite(xmlSecKeyDataId id, xmlSecKeyDataPtr data,
+ xmlSecKeyValueRsaPtr rsaValue,
+ int writePrivateKey ATTRIBUTE_UNUSED) {
xmlSecMSCngKeyDataCtxPtr ctx;
NTSTATUS status;
xmlSecBuffer buf;
+ int bufInitialized = 0;
xmlSecByte* bufData;
- DWORD bufLen;
+ DWORD bufLen = 0;
BCRYPT_RSAKEY_BLOB* rsakey;
- xmlNodePtr cur;
int ret;
+ int res = -1;
xmlSecAssert2(id == xmlSecMSCngKeyDataRsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key),
- xmlSecMSCngKeyDataRsaId), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataRsaId), -1);
+ xmlSecAssert2(rsaValue != NULL, -1);
+ UNREFERENCED_PARAMETER(writePrivateKey);
- ctx = xmlSecMSCngKeyDataGetCtx(xmlSecKeyGetValue(key));
+ ctx = xmlSecMSCngKeyDataGetCtx(data);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->pubkey, -1);
0,
&bufLen,
0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptExportKey", xmlSecKeyDataKlassGetName(id),
- status);
- return(-1);
+ if ((status != STATUS_SUCCESS) || (bufLen <= 0)) {
+ xmlSecMSCngNtError2("BCryptExportKey", xmlSecKeyDataKlassGetName(id),
+ status, "bufLen=%lu", bufLen);
+ goto done;
}
ret = xmlSecBufferInitialize(&buf, bufLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize",
- xmlSecKeyDataKlassGetName(id), "size=%ld", bufLen);
- return(-1);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferInitialize", xmlSecKeyDataKlassGetName(id),
+ "size=%lu", bufLen);
+ goto done;
}
+ bufInitialized = 1;
bufData = xmlSecBufferGetData(&buf);
- rsakey = (BCRYPT_RSAKEY_BLOB*)bufData;
+ xmlSecAssert2(bufData != NULL, -1);
status = BCryptExportKey(ctx->pubkey,
NULL,
BCRYPT_RSAPUBLIC_BLOB,
- (PUCHAR)rsakey,
+ bufData,
bufLen,
&bufLen,
0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptExportKey", xmlSecKeyDataKlassGetName(id),
- status);
- xmlSecBufferFinalize(&buf);
- return(-1);
+ if ((status != STATUS_SUCCESS) || (bufLen <= 0)) {
+ xmlSecMSCngNtError2("BCryptExportKey", xmlSecKeyDataKlassGetName(id),
+ status, "bufLen=%lu", bufLen);
+ goto done;
}
- /* write rsaykey in XML format, see xmlSecMSCngKeyDataRsaXmlRead() on the
- * memory layout of bufData: the struct is followed by Exponent and Modulus */
+ ret = xmlSecBufferSetSize(&buf, bufLen);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", xmlSecKeyDataKlassGetName(id),
+ "size=%lu", bufLen);
+ goto done;
+ }
- /* Modulus node */
- cur = xmlSecAddChild(node, xmlSecNodeRSAModulus, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /* check BCRYPT_RSAKEY_BLOB */
+ if (bufLen < sizeof(BCRYPT_RSAKEY_BLOB)) {
+ xmlSecMSCngNtError2("BCRYPT_RSAKEY_BLOB", xmlSecKeyDataKlassGetName(id),
+ STATUS_SUCCESS, "dwBlobLen=%lu", bufLen);
+ goto done;
}
+ rsakey = (BCRYPT_RSAKEY_BLOB*)bufData;
+
+ /* check sizes */
+ if (bufLen < (sizeof(BCRYPT_RSAKEY_BLOB) + rsakey->cbPublicExp + rsakey->cbModulus)) {
+ xmlSecMSCngNtError3("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ STATUS_SUCCESS, "dwBlobLen: %lu; keyLen: %lu", bufLen, rsakey->cbPublicExp);
+ goto done;
- bufData += sizeof(BCRYPT_RSAKEY_BLOB) + rsakey->cbPublicExp;
- ret = xmlSecBnBlobSetNodeValue(bufData, rsakey->cbModulus, cur, xmlSecBnBase64, 0, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
}
+ bufData += sizeof(BCRYPT_RSAKEY_BLOB);
- /* Exponent node */
- cur = xmlSecAddChild(node, xmlSecNodeRSAExponent, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /*** public exponent ***/
+ ret = xmlSecBufferSetData(&(rsaValue->publicExponent), bufData, rsakey->cbPublicExp);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(publicExponent)", xmlSecKeyDataKlassGetName(id),
+ "cbPublicExp=%lu", rsakey->cbPublicExp);
+ goto done;
}
+ bufData += rsakey->cbPublicExp;
- bufData = xmlSecBufferGetData(&buf);
- bufData += sizeof(BCRYPT_RSAKEY_BLOB);
- ret = xmlSecBnBlobSetNodeValue(bufData, rsakey->cbPublicExp, cur, xmlSecBnBase64, 0, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue",
- xmlSecKeyDataKlassGetName(id));
+ /*** modulus ***/
+ ret = xmlSecBufferSetData(&(rsaValue->modulus), bufData, rsakey->cbModulus);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(modulus)", xmlSecKeyDataKlassGetName(id),
+ "cbModulus=%lu", rsakey->cbModulus);
+ goto done;
+ }
+ bufData += rsakey->cbModulus;
+
+ /* next is PrivateExponent node: not supported in MSCrypto */
+
+ /* dont reverse blobs as both the XML and CNG works with big-endian */
+ /* success */
+ res = 0;
+
+done:
+ if (bufInitialized != 0) {
xmlSecBufferFinalize(&buf);
- return(-1);
}
+ return(res);
+}
- xmlSecBufferFinalize(&buf);
+static int
+xmlSecMSCngKeyDataRsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecMSCngKeyDataRsaId), -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecMSCngKeyDataRsaId), -1);
- return(0);
+ return(xmlSecMSCngKeyDataDuplicate(dst, src));
+}
+
+static xmlSecKeyDataType
+xmlSecMSCngKeyDataRsaGetType(xmlSecKeyDataPtr data) {
+ xmlSecMSCngKeyDataCtxPtr ctx;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataRsaId), xmlSecKeyDataTypeUnknown);
+
+ ctx = xmlSecMSCngKeyDataGetCtx(data);
+ xmlSecAssert2(ctx != NULL, xmlSecKeyDataTypeUnknown);
+
+ if(ctx->privkey != 0) {
+ return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
+ }
+
+ return(xmlSecKeyDataTypePublic);
+}
+
+static xmlSecSize
+xmlSecMSCngKeyDataGetSize(xmlSecKeyDataPtr data) {
+ NTSTATUS status;
+ xmlSecMSCngKeyDataCtxPtr ctx;
+ DWORD length = 0;
+ xmlSecSize res;
+
+ xmlSecAssert2(xmlSecKeyDataIsValid(data), 0);
+ xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCngKeyDataSize), 0);
+
+ ctx = xmlSecMSCngKeyDataGetCtx(data);
+ xmlSecAssert2(ctx != NULL, 0);
+
+ if(ctx->cert != NULL) {
+ xmlSecAssert2(ctx->cert->pCertInfo != NULL, 0);
+ length = CertGetPublicKeyLength(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+ &ctx->cert->pCertInfo->SubjectPublicKeyInfo);
+ } else if(ctx->pubkey != 0) {
+ DWORD lenlen = sizeof(length);
+ status = BCryptGetProperty(ctx->pubkey,
+ BCRYPT_KEY_STRENGTH,
+ (PUCHAR)&length,
+ lenlen,
+ &lenlen,
+ 0);
+ if(status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptGetproperty", NULL, status);
+ return(0);
+ }
+ xmlSecAssert2(lenlen == sizeof(length), 0);
+ } else if(ctx->privkey != 0) {
+ xmlSecNotImplementedError(NULL);
+ return(0);
+ }
+
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(length, res, return(0), NULL);
+ return(res);
+}
+
+static xmlSecSize
+xmlSecMSCngKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataRsaId), 0);
+
+ return(xmlSecMSCngKeyDataGetSize(data));
+}
+
+
+static void
+xmlSecMSCngKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataRsaId));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "=== rsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecMSCngKeyDataRsaGetSize(data));
+}
+
+static void xmlSecMSCngKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataRsaId));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "<RSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecMSCngKeyDataRsaGetSize(data));
+}
+
+static int
+xmlSecMSCngKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecMSCngKeyDataRsaId, -1);
+ return(xmlSecKeyDataRsaXmlRead(id, key, node, keyInfoCtx,
+ xmlSecMSCngKeyDataRsaRead));
+}
+
+static int
+xmlSecMSCngKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecMSCngKeyDataRsaId, -1);
+ return(xmlSecKeyDataRsaXmlWrite(id, key, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecMSCngKeyDataRsaWrite));
}
static int
xmlSecMSCngKeyDataCtxPtr ctx;
BCRYPT_ALG_HANDLE hAlg = 0;
BCRYPT_KEY_HANDLE hKey = 0;
- int res = -1;
+ DWORD dwSizeBits;
NTSTATUS status;
int ret;
+ int res = -1;
xmlSecAssert2(xmlSecKeyDataIsValid(data), xmlSecKeyDataTypeUnknown);
xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCngKeyDataSize), xmlSecKeyDataTypeUnknown);
NULL,
0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptOpenAlgorithmProvider",
- xmlSecKeyDataGetName(data), status);
+ xmlSecMSCngNtError("BCryptOpenAlgorithmProvider", xmlSecKeyDataGetName(data), status);
goto done;
}
- status = BCryptGenerateKeyPair(
- hAlg,
- &hKey,
- sizeBits,
- 0);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(sizeBits, dwSizeBits, goto done, xmlSecKeyDataGetName(data));
+ status = BCryptGenerateKeyPair(hAlg, &hKey, dwSizeBits, 0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptGenerateKeyPair", xmlSecKeyDataGetName(data),
- status);
+ xmlSecMSCngNtError("BCryptGenerateKeyPair", xmlSecKeyDataGetName(data), status);
goto done;
}
/* need to finalize the key before it can be used */
status = BCryptFinalizeKeyPair(hKey, 0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptFinalizeKeyPair", xmlSecKeyDataGetName(data),
- status);
+ xmlSecMSCngNtError("BCryptFinalizeKeyPair", xmlSecKeyDataGetName(data), status);
goto done;
}
ret = xmlSecMSCngKeyDataAdoptKey(data, hKey);
if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataAdoptKey",
- xmlSecKeyDataGetName(data));
+ xmlSecInternalError("xmlSecMSCngKeyDataAdoptKey", xmlSecKeyDataGetName(data));
goto done;
}
+ /* hKey is owned by data now */
hKey = 0;
/* success */
if (hKey != 0) {
BCryptDestroyKey(hKey);
}
-
if (hAlg != 0) {
BCryptCloseAlgorithmProvider(hAlg, 0);
}
-
return(res);
}
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataEcdsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "=== rsa key: size = %d\n",
- (int)xmlSecMSCngKeyDataEcdsaGetSize(data));
+ fprintf(output, "=== rsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecMSCngKeyDataEcdsaGetSize(data));
}
static void xmlSecMSCngKeyDataEcdsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataEcdsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "<ECDSAKeyValue size=\"%d\" />\n",
- (int)xmlSecMSCngKeyDataEcdsaGetSize(data));
+ fprintf(output, "<ECDSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecMSCngKeyDataEcdsaGetSize(data));
}
static xmlSecKeyDataKlass xmlSecMSCngKeyDataEcdsaKlass = {
#include <ncrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/mscng/crypto.h>
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+
/**************************************************************************
*
* Internal MSCng Block cipher CTX
int ctxInitialized;
};
-#define xmlSecMSCngBlockCipherSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCngBlockCipherCtx))
-#define xmlSecMSCngBlockCipherGetCtx(transform) \
- ((xmlSecMSCngBlockCipherCtxPtr)(((unsigned char*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(MSCngBlockCipher, xmlSecMSCngBlockCipherCtx)
+#define xmlSecMSCngBlockCipherSize XMLSEC_TRANSFORM_SIZE(MSCngBlockCipher)
#define xmlSecMSCngAesGcmNonceLengthInBytes 12
#define xmlSecMSCngAesGcmTagLengthInBytes 16
xmlSecMSCngBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecMSCngBlockCipherCtxPtr ctx;
xmlSecBufferPtr buffer;
+ int bufInitialized = 0;
xmlSecBuffer blob;
BCRYPT_KEY_DATA_BLOB_HEADER* blobHeader;
- xmlSecSize blobHeaderLen;
- BYTE* bufData;
- DWORD dwKeyObjectLength, bytesWritten;
+ xmlSecByte* bufData;
+ xmlSecByte* blobData;
+ xmlSecSize bufDataSize, blobSize;
+ DWORD dwKeyObjectLength, dwBytesWritten, dwBlobSize;
NTSTATUS status;
int ret;
+ int res = -1;
xmlSecAssert2(xmlSecMSCngBlockCipherCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
xmlSecAssert2(buffer != NULL, -1);
- if(xmlSecBufferGetSize(buffer) < ctx->keySize) {
- xmlSecInvalidKeyDataSizeError(xmlSecBufferGetSize(buffer), ctx->keySize,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
bufData = xmlSecBufferGetData(buffer);
xmlSecAssert2(bufData != NULL, -1);
+ bufDataSize = xmlSecBufferGetSize(buffer);
+ if(bufDataSize < ctx->keySize) {
+ xmlSecInvalidKeyDataSizeError(bufDataSize, ctx->keySize, xmlSecTransformGetName(transform));
+ goto done;
+ }
+ bufDataSize = ctx->keySize;
+
/* allocate the key object */
- dwKeyObjectLength = 0;
+ dwKeyObjectLength = dwBytesWritten = 0;
status = BCryptGetProperty(ctx->hAlg,
BCRYPT_OBJECT_LENGTH,
(PUCHAR)&dwKeyObjectLength,
- (ULONG)sizeof(DWORD),
- &bytesWritten, 0);
+ sizeof(dwKeyObjectLength),
+ &dwBytesWritten, 0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptGetProperty",
- xmlSecTransformGetName(transform), status);
- return(-1);
+ xmlSecMSCngNtError("BCryptGetProperty", xmlSecTransformGetName(transform), status);
+ goto done;
}
+ xmlSecAssert2(dwBytesWritten == sizeof(dwKeyObjectLength), -1);
ctx->pbKeyObject = xmlMalloc(dwKeyObjectLength);
if(ctx->pbKeyObject == NULL) {
xmlSecMallocError(dwKeyObjectLength, xmlSecTransformGetName(transform));
- return(-1);
+ goto done;
}
/* prefix the key with a BCRYPT_KEY_DATA_BLOB_HEADER */
- blobHeaderLen = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + xmlSecBufferGetSize(buffer);
- ret = xmlSecBufferInitialize(&blob, blobHeaderLen);
+ blobSize = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + bufDataSize;
+ ret = xmlSecBufferInitialize(&blob, blobSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform), "size=%d", blobHeaderLen);
- return(-1);
+ xmlSecInternalError2("xmlSecBufferInitialize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, blobSize);
+ goto done;
}
+ bufInitialized = 1;
- blobHeader = (BCRYPT_KEY_DATA_BLOB_HEADER*)xmlSecBufferGetData(&blob);
+ xmlSecBufferSetSize(&blob, blobSize);
+ blobData = xmlSecBufferGetData(&blob);
+
+ blobHeader = (BCRYPT_KEY_DATA_BLOB_HEADER*)blobData;
blobHeader->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
blobHeader->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
- blobHeader->cbKeyData = (ULONG)xmlSecBufferGetSize(buffer);
- memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
- bufData, xmlSecBufferGetSize(buffer));
- xmlSecBufferSetSize(&blob, blobHeaderLen);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(bufDataSize, blobHeader->cbKeyData, goto done, xmlSecTransformGetName(transform));
+ memcpy(blobData + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER), bufData, bufDataSize);
/* perform the actual import */
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(blobSize, dwBlobSize, goto done, xmlSecTransformGetName(transform));
status = BCryptImportKey(ctx->hAlg,
NULL,
BCRYPT_KEY_DATA_BLOB,
&ctx->hKey,
ctx->pbKeyObject,
dwKeyObjectLength,
- xmlSecBufferGetData(&blob),
- (ULONG)xmlSecBufferGetSize(&blob),
+ blobData,
+ dwBlobSize,
0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptImportKey",
- xmlSecTransformGetName(transform), status);
- xmlSecBufferFinalize(&blob);
- return(-1);
+ xmlSecMSCngNtError("BCryptImportKey", xmlSecTransformGetName(transform), status);
+ goto done;
}
- xmlSecBufferFinalize(&blob);
+ /* success */
+ res = 0;
- return(0);
+done:
+ /* cleanup */
+ if (bufInitialized != 0) {
+ xmlSecBufferFinalize(&blob);
+ }
+ return(res);
}
static int xmlSecMSCngCBCBlockCipherCtxInit(xmlSecMSCngBlockCipherCtxPtr ctx,
xmlSecBufferPtr in, xmlSecBufferPtr out, int encrypt,
const xmlChar* cipherName, xmlSecTransformCtxPtr transformCtx) {
-
+ xmlSecSize blockSize;
NTSTATUS status;
int ret;
/* iv len == block len */
ctx->cbIV = ctx->dwBlockLen;
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(ctx->dwBlockLen, blockSize, return(-1), cipherName);
if(encrypt) {
unsigned char* iv;
/* allocate space for IV */
outSize = xmlSecBufferGetSize(out);
- ret = xmlSecBufferSetSize(out, outSize + ctx->dwBlockLen);
+ ret = xmlSecBufferSetSize(out, outSize + blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", outSize + ctx->dwBlockLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + blockSize));
return(-1);
}
iv = xmlSecBufferGetData(out) + outSize;
}
if(ctx->pbIV == NULL) {
- ctx->pbIV = xmlMalloc(ctx->dwBlockLen);
+ ctx->pbIV = xmlMalloc(blockSize);
}
if(ctx->pbIV == NULL) {
- xmlSecMallocError(ctx->dwBlockLen, cipherName);
+ xmlSecMallocError(blockSize, cipherName);
return(-1);
}
- memcpy(ctx->pbIV, iv, ctx->dwBlockLen);
+ memcpy(ctx->pbIV, iv, blockSize);
} else {
/* if we don't have enough data, exit and hope that
* we'll have iv next time */
- if(xmlSecBufferGetSize(in) < XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen)) {
+ if(xmlSecBufferGetSize(in) < blockSize) {
return(0);
}
xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
/* set iv */
- ctx->pbIV = xmlMalloc(ctx->dwBlockLen);
+ if (ctx->pbIV == NULL) {
+ ctx->pbIV = xmlMalloc(blockSize);
+ }
if(ctx->pbIV == NULL) {
- xmlSecMallocError(ctx->dwBlockLen, cipherName);
+ xmlSecMallocError(blockSize, cipherName);
return(-1);
}
- memcpy(ctx->pbIV, xmlSecBufferGetData(in), ctx->dwBlockLen);
+ memcpy(ctx->pbIV, xmlSecBufferGetData(in), blockSize);
/* and remove from input */
- ret = xmlSecBufferRemoveHead(in, ctx->dwBlockLen);
+ ret = xmlSecBufferRemoveHead(in, blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", ctx->dwBlockLen);
+ "size=" XMLSEC_SIZE_FMT, blockSize);
return(-1);
}
int ret;
xmlSecByte *bufferPtr;
xmlSecSize bufferSize;
+ xmlSecSize blockSize;
DWORD bytesRead;
BCRYPT_AUTH_TAG_LENGTHS_STRUCT authTagLengths;
memset(ctx->authInfo.pbTag, 0, xmlSecMSCngAesGcmTagLengthInBytes);
ctx->authInfo.cbTag = xmlSecMSCngAesGcmTagLengthInBytes;
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(ctx->dwBlockLen, blockSize, return(-1), cipherName);
if(last == 0) {
/* Need some working buffers */
/* iv len == block len */
if(ctx->pbIV == NULL) {
- ctx->pbIV = xmlMalloc(ctx->dwBlockLen);
+ ctx->pbIV = xmlMalloc(blockSize);
if(ctx->pbIV == NULL) {
- xmlSecMallocError(ctx->dwBlockLen, cipherName);
+ xmlSecMallocError(blockSize, cipherName);
return(-1);
}
}
ctx->cbIV = ctx->dwBlockLen;
- memset(ctx->pbIV, 0, ctx->dwBlockLen);
+ memset(ctx->pbIV, 0, blockSize);
/* Setup an empty MAC context if we're chaining calls */
status = BCryptGetProperty(ctx->hAlg,
BCRYPT_AUTH_TAG_LENGTH,
(PUCHAR)&authTagLengths,
- (ULONG)sizeof(authTagLengths),
+ sizeof(authTagLengths),
&bytesRead,
0);
if(status != STATUS_SUCCESS) {
ret = xmlSecBufferSetSize(out, bufferSize + xmlSecMSCngAesGcmNonceLengthInBytes);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", bufferSize + xmlSecMSCngAesGcmNonceLengthInBytes);
+ "size=" XMLSEC_SIZE_FMT, (bufferSize + xmlSecMSCngAesGcmNonceLengthInBytes));
return(-1);
}
bufferPtr = xmlSecBufferGetData(out) + bufferSize;
/* remove nonce from input */
ret = xmlSecBufferRemoveHead(in, xmlSecMSCngAesGcmNonceLengthInBytes);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", xmlSecMSCngAesGcmNonceLengthInBytes);
+ xmlSecInternalError("xmlSecBufferRemoveHead(xmlSecMSCngAesGcmNonceLengthInBytes)", cipherName);
return(-1);
}
}
xmlSecAssert2(ctx->ctxInitialized == 0, -1);
/* Get the cipher block length */
- dwBlockLenLen = sizeof(DWORD);
+ dwBlockLenLen = sizeof(ctx->dwBlockLen);
status = BCryptGetProperty(ctx->hAlg,
BCRYPT_BLOCK_LENGTH,
(PUCHAR)&ctx->dwBlockLen,
xmlSecMSCngNtError("BCryptGetProperty", cipherName, status);
return(-1);
}
-
+ xmlSecAssert2(dwBlockLenLen == sizeof(ctx->dwBlockLen), -1);
xmlSecAssert2(ctx->dwBlockLen > 0, -1);
if(ctx->cbcMode) {
xmlSecMSCngCBCBlockCipherCtxUpdate(xmlSecMSCngBlockCipherCtxPtr ctx,
xmlSecBufferPtr in, xmlSecBufferPtr out, int encrypt,
const xmlChar* cipherName, xmlSecTransformCtxPtr transformCtx) {
- xmlSecSize inSize, inBlocks, outSize;
+ xmlSecSize blockSize, inSize, inBlocks, outSize;
unsigned char* outBuf;
unsigned char* inBuf;
- DWORD dwCLen;
+ DWORD dwInSize, dwOutSize, dwCLen;
NTSTATUS status;
int ret;
inSize = xmlSecBufferGetSize(in);
outSize = xmlSecBufferGetSize(out);
- if(inSize < XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen)) {
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(ctx->dwBlockLen, blockSize, return(-1), cipherName);
+ if(inSize < blockSize) {
return(0);
}
if(encrypt) {
- inBlocks = inSize / XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen);
+ inBlocks = inSize / blockSize;
} else {
/* we want to have the last block in the input buffer
* for padding check */
- inBlocks = (inSize - 1) / XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen);
+ inBlocks = (inSize - 1) / blockSize;
}
- inSize = inBlocks * XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen);
+ inSize = inBlocks * blockSize;
/* we write out the input size plus maybe one block */
- ret = xmlSecBufferSetMaxSize(out, outSize + inSize + ctx->dwBlockLen);
+ ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", outSize + inSize + ctx->dwBlockLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + inSize + blockSize));
return(-1);
}
outBuf = xmlSecBufferGetData(out) + outSize;
inBuf = xmlSecBufferGetData(in);
xmlSecAssert2(inBuf != NULL, -1);
- dwCLen = (DWORD)inSize;
+ dwCLen = 0;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, return(-1), cipherName);
+ dwOutSize = dwInSize;
if(encrypt) {
status = BCryptEncrypt(ctx->hKey,
inBuf,
- (ULONG)inSize,
+ dwInSize,
NULL,
ctx->pbIV,
ctx->cbIV,
outBuf,
- (ULONG)inSize,
+ dwOutSize,
&dwCLen,
0);
if(status != STATUS_SUCCESS) {
/* check if we really have encrypted the numbers of bytes that we
* requested */
- if(dwCLen != inSize) {
- xmlSecInternalError2("BCryptEncrypt", cipherName, "size=%ld",
- dwCLen);
+ if(dwCLen != dwInSize) {
+ xmlSecInternalError3("BCryptEncrypt", cipherName,
+ "inLen=%lu; outLen=%lu", dwInSize, dwCLen);
return(-1);
}
} else {
status = BCryptDecrypt(ctx->hKey,
inBuf,
- (ULONG)inSize,
+ dwInSize,
NULL,
ctx->pbIV,
ctx->cbIV,
outBuf,
- (ULONG)inSize,
+ dwOutSize,
&dwCLen,
0);
if(status != STATUS_SUCCESS) {
/* check if we really have decrypted the numbers of bytes that we
* requested */
- if(dwCLen != inSize) {
- xmlSecInternalError2("BCryptDecrypt", cipherName, "size=%ld",
- dwCLen);
+ if(dwCLen != dwInSize) {
+ xmlSecInternalError3("BCryptDecrypt", cipherName,
+ "inLen=%lu; outLen=%lu", dwInSize, dwCLen);
return(-1);
}
}
/* set correct output buffer size */
ret = xmlSecBufferSetSize(out, outSize + inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", cipherName, "size=%d",
- outSize + inSize);
+ xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
+ "size=" XMLSEC_SIZE_FMT, (outSize + inSize));
return(-1);
}
/* remove the processed block from input */
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d",
- inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
const xmlChar* cipherName, xmlSecTransformCtxPtr transformCtx) {
NTSTATUS status;
- xmlSecSize inSize, outSize;
+ xmlSecSize inSize, outSize, outSize2, blockSize;
xmlSecByte *inBuf, *outBuf;
- DWORD dwCLen;
+ DWORD inLen, outLen;
int ret;
/* unreferenced parameter */
inBuf = xmlSecBufferGetData(in);
xmlSecAssert2(inBuf != NULL, -1);
- if(xmlSecBufferGetSize(in) < ctx->dwBlockLen) {
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(ctx->dwBlockLen, blockSize, return(-1), cipherName);
+ if(xmlSecBufferGetSize(in) < blockSize) {
return 0;
}
if(encrypt) {
/* Round to the block size. We will finalize this later */
- inSize = (xmlSecBufferGetSize(in) / XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen)) * XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen);
+ inSize = (xmlSecBufferGetSize(in) / blockSize) * blockSize;
} else {
/* If we've been called here, we know there is more data
* to come, but we don't know how much. The spec tells us that
* the tag is the last 16 bytes of the data when decrypting, so to make sure
* we don't try to decrypt it, we leave at least 16 bytes in the buffer
* until we know we're processing the last one */
- inSize = ((xmlSecBufferGetSize(in) - xmlSecMSCngAesGcmTagLengthInBytes) / XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen)) * XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen);
- if (inSize < ctx->dwBlockLen) {
+ inSize = ((xmlSecBufferGetSize(in) - xmlSecMSCngAesGcmTagLengthInBytes) / blockSize) * blockSize;
+ if (inSize < blockSize) {
return 0;
}
}
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, inLen, return(-1), cipherName);
outSize = xmlSecBufferGetSize(out);
ret = xmlSecBufferSetMaxSize(out, outSize + inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", outSize + inSize);
+ "size=" XMLSEC_SIZE_FMT, (outSize + inSize));
return(-1);
}
outBuf = xmlSecBufferGetData(out) + outSize;
-
- dwCLen = 0;
+ outLen = 0;
if(encrypt) {
status = BCryptEncrypt(ctx->hKey,
inBuf,
- (ULONG)inSize,
+ inLen,
&ctx->authInfo,
ctx->pbIV,
ctx->cbIV,
outBuf,
- (ULONG)inSize,
- &dwCLen,
+ inLen,
+ &outLen,
0);
if(status != STATUS_SUCCESS) {
/* check if we really have encrypted the numbers of bytes that we
* requested */
- if(dwCLen != inSize) {
- xmlSecInternalError2("BCryptEncrypt", cipherName, "size=%ld",
- dwCLen);
+ if(outLen != inLen) {
+ xmlSecInternalError3("BCryptEncrypt", cipherName,
+ "inLen=%lu; outLen=%lu", inLen, outLen);
return(-1);
}
} else {
status = BCryptDecrypt(ctx->hKey,
inBuf,
- (ULONG)inSize,
+ inLen,
&ctx->authInfo,
ctx->pbIV,
ctx->cbIV,
outBuf,
- (ULONG)inSize,
- &dwCLen,
+ inLen,
+ &outLen,
0);
if(status != STATUS_SUCCESS) {
/* check if we really have decrypted the numbers of bytes that we
* requested */
- if(dwCLen != inSize) {
- xmlSecInternalError2("BCryptDecrypt", cipherName, "size=%ld",
- dwCLen);
+ if(outLen != inLen) {
+ xmlSecInternalError3("BCryptDecrypt", cipherName,
+ "inLen=%lu; outLen=%lu", inLen, outLen);
return(-1);
}
}
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(outLen, outSize2, return(-1), cipherName);
/* set correct output buffer size */
- ret = xmlSecBufferSetSize(out, outSize + dwCLen);
+ ret = xmlSecBufferSetSize(out, outSize + outSize2);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", cipherName, "size=%d",
- outSize + dwCLen);
+ xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
+ "size=" XMLSEC_SIZE_FMT, (outSize + outSize2));
return(-1);
}
/* remove the processed data from input */
- ret = xmlSecBufferRemoveHead(in, dwCLen);
+ ret = xmlSecBufferRemoveHead(in, outSize2);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d",
- dwCLen);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
+ "size=" XMLSEC_SIZE_FMT, outSize2);
return(-1);
}
xmlSecMSCngCBCBlockCipherCtxFinal(xmlSecMSCngBlockCipherCtxPtr ctx,
xmlSecBufferPtr in, xmlSecBufferPtr out, int encrypt,
const xmlChar* cipherName, xmlSecTransformCtxPtr transformCtx) {
- xmlSecSize inSize, outSize;
- int outLen;
+ xmlSecSize blockSize, inSize, outSize;
unsigned char* inBuf;
unsigned char* outBuf;
- DWORD dwCLen;
+ DWORD dwInSize, dwOutSize, dwCLen;
NTSTATUS status;
int ret;
inSize = xmlSecBufferGetSize(in);
outSize = xmlSecBufferGetSize(out);
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(ctx->dwBlockLen, blockSize, return(-1), cipherName);
if(encrypt != 0) {
- xmlSecAssert2(inSize < XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen), -1);
+ xmlSecSize paddingSize;
+
+ xmlSecAssert2(inSize < blockSize, -1);
+ paddingSize = blockSize - inSize;
/* create padding */
- ret = xmlSecBufferSetMaxSize(in, ctx->dwBlockLen);
+ ret = xmlSecBufferSetMaxSize(in, blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", ctx->dwBlockLen);
+ "size=" XMLSEC_SIZE_FMT, blockSize);
return(-1);
}
inBuf = xmlSecBufferGetData(in);
/* create random padding */
- if(XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen) > (inSize + 1)) {
+ if(paddingSize > 1) {
+ DWORD dwSize;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG((paddingSize - 1), dwSize, return(-1), cipherName);
status = BCryptGenRandom(NULL,
(PBYTE) inBuf + inSize,
- (ULONG)(ctx->dwBlockLen - inSize - 1),
+ dwSize,
BCRYPT_USE_SYSTEM_PREFERRED_RNG);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptGetProperty", cipherName, status);
return(-1);
}
}
- inBuf[ctx->dwBlockLen - 1] = (unsigned char)(ctx->dwBlockLen - inSize);
- inSize = ctx->dwBlockLen;
+ /* fill in last block byte with padding size */
+ XMLSEC_SAFE_CAST_SIZE_TO_BYTE(paddingSize, inBuf[blockSize - 1], return(-1), cipherName);
+ inSize = blockSize;
} else {
- if(inSize != XMLSEC_SIZE_BAD_CAST(ctx->dwBlockLen)) {
- xmlSecInvalidSizeError("Input data", inSize, ctx->dwBlockLen, cipherName);
+ if(inSize != blockSize) {
+ xmlSecInvalidSizeError("Input data", inSize, blockSize, cipherName);
return(-1);
}
inBuf = xmlSecBufferGetData(in);
}
/* process last block */
- ret = xmlSecBufferSetMaxSize(out, outSize + 2 * ctx->dwBlockLen);
+ ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName, "size=%d",
- outSize + 2 * ctx->dwBlockLen);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
+ "size=" XMLSEC_SIZE_FMT, (outSize + 2 * blockSize));
return(-1);
}
outBuf = xmlSecBufferGetData(out) + outSize;
- dwCLen = (ULONG)inSize;
+ dwCLen = 0;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, return(-1), cipherName);
if(encrypt) {
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG((inSize + blockSize), dwOutSize, return(-1), cipherName);
status = BCryptEncrypt(ctx->hKey,
inBuf,
- (ULONG)inSize,
+ dwInSize,
NULL,
ctx->pbIV,
ctx->cbIV,
outBuf,
- (ULONG)(inSize + ctx->dwBlockLen),
+ dwOutSize,
&dwCLen,
0);
if(status != STATUS_SUCCESS) {
/* check if we really have encrypted the numbers of bytes that we
* requested */
if(dwCLen != inSize) {
- xmlSecInternalError2("BCryptEncrypt", cipherName, "size=%ld",
- dwCLen);
+ xmlSecInternalError2("BCryptEncrypt", cipherName, "size=%lu", dwCLen);
return(-1);
}
} else {
+ dwOutSize = dwInSize;
status = BCryptDecrypt(ctx->hKey,
inBuf,
- (ULONG)inSize,
+ dwInSize,
NULL,
ctx->pbIV,
ctx->cbIV,
outBuf,
- (ULONG)inSize,
+ dwOutSize,
&dwCLen,
0);
if(status != STATUS_SUCCESS) {
/* check if we really have decrypted the numbers of bytes that we
* requested */
if(dwCLen != inSize) {
- xmlSecInternalError2("BCryptDecrypt", cipherName, "size=%ld",
- dwCLen);
+ xmlSecInternalError2("BCryptDecrypt", cipherName, "size=%lu", dwCLen);
return(-1);
}
}
if(encrypt == 0) {
/* check padding */
- if(inSize < outBuf[ctx->dwBlockLen - 1]) {
- xmlSecInvalidSizeLessThanError("Input data padding", inSize,
- outBuf[ctx->dwBlockLen - 1], cipherName);
+ if(inSize < outBuf[blockSize - 1]) {
+ xmlSecInvalidSizeLessThanError("Input data padding", inSize, outBuf[blockSize - 1], cipherName);
return(-1);
}
- outLen = (int)(inSize - outBuf[ctx->dwBlockLen - 1]);
+ outSize += (inSize - outBuf[blockSize - 1]);
} else {
- outLen = (int)inSize;
+ outSize += inSize;
}
/* set correct output buffer size */
- ret = xmlSecBufferSetSize(out, outSize + outLen);
+ ret = xmlSecBufferSetSize(out, outSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", cipherName, "size=%d",
- outSize + outLen);
+ xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
/* remove the processed block from input */
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d",
- inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
const xmlChar* cipherName, xmlSecTransformCtxPtr transformCtx)
{
xmlSecByte *inBuf, *outBuf;
- xmlSecSize inBufSize, outBufSize, outLen;
- DWORD dwCLen;
+ xmlSecSize inBufSize, outBufSize, outSize;
+ DWORD dwInSize, dwOutSize, dwCLen;
int ret;
NTSTATUS status;
/* unreferenced parameter */
(void)transformCtx;
- ctx->authInfo.dwFlags &= ~BCRYPT_AUTH_MODE_CHAIN_CALLS_FLAG; /* clear chaining flag */
+ ctx->authInfo.dwFlags &= ~((DWORD)BCRYPT_AUTH_MODE_CHAIN_CALLS_FLAG); /* clear chaining flag */
outBufSize = xmlSecBufferGetSize(out);
inBufSize = xmlSecBufferGetSize(in);
inBuf = xmlSecBufferGetData(in);
if(encrypt) {
- ret = xmlSecBufferSetMaxSize(out,
- outBufSize + inBufSize + xmlSecMSCngAesGcmTagLengthInBytes); /* add space for the tag */
+ xmlSecSize outMaxSize;
+
+ /* new out buf size: old out buf size + same as in buf size + space for the tag */
+ outMaxSize = outBufSize + inBufSize + xmlSecMSCngAesGcmTagLengthInBytes;
+ ret = xmlSecBufferSetMaxSize(out, outMaxSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", outBufSize + inBufSize + xmlSecMSCngAesGcmTagLengthInBytes);
+ "size=" XMLSEC_SIZE_FMT, outMaxSize);
return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inBufSize, dwInSize, return(-1), cipherName);
outBuf = xmlSecBufferGetData(out) + outBufSize;
+ dwOutSize = dwInSize;
status = BCryptEncrypt(ctx->hKey,
inBuf,
- (ULONG)inBufSize,
+ dwInSize,
&ctx->authInfo,
ctx->pbIV,
ctx->cbIV,
outBuf,
- (ULONG)inBufSize,
+ dwOutSize,
&dwCLen,
0);
/* check if we really have encrypted the numbers of bytes that we
* requested */
- if(dwCLen != inBufSize) {
- xmlSecInternalError2("BCryptEncrypt", cipherName, "size=%ld",
- dwCLen);
+ if(dwCLen != dwInSize) {
+ xmlSecInternalError3("BCryptEncrypt", cipherName,
+ "in-size=%lu; out-size=%lu", dwInSize, dwCLen);
return(-1);
}
/* Now add the tag at the end of the buffer */
memcpy(outBuf + inBufSize, ctx->authInfo.pbTag, xmlSecMSCngAesGcmTagLengthInBytes);
- outLen = inBufSize + xmlSecMSCngAesGcmTagLengthInBytes;
-
+ outSize = inBufSize + xmlSecMSCngAesGcmTagLengthInBytes;
} else {
+ xmlSecSize outMaxSize;
+
+ xmlSecAssert2(inBufSize >= xmlSecMSCngAesGcmTagLengthInBytes, -1);
+
/* Get the tag */
memcpy(ctx->authInfo.pbTag, inBuf + inBufSize - xmlSecMSCngAesGcmTagLengthInBytes,
xmlSecMSCngAesGcmTagLengthInBytes);
/* remove the tag from the buffer */
ret = xmlSecBufferRemoveTail(in, xmlSecMSCngAesGcmTagLengthInBytes);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveTail", cipherName,
- "size=%d", xmlSecMSCngAesGcmTagLengthInBytes);
+ xmlSecInternalError("xmlSecBufferRemoveTail(xmlSecMSCngAesGcmTagLengthInBytes)", cipherName);
return(-1);
}
-
inBuf = xmlSecBufferGetData(in);
inBufSize = xmlSecBufferGetSize(in);
- ret = xmlSecBufferSetMaxSize(out, outBufSize + inBufSize);
+ /* new out max size = old out size + in size (w/o tag) */
+ outMaxSize = outBufSize + inBufSize;
+ ret = xmlSecBufferSetMaxSize(out, outMaxSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", outBufSize + inBufSize);
+ "size=" XMLSEC_SIZE_FMT, outMaxSize);
return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inBufSize, dwInSize, return(-1), cipherName);
outBuf = xmlSecBufferGetData(out) + outBufSize;
+ dwOutSize = dwInSize;
status = BCryptDecrypt(ctx->hKey,
inBuf,
- (ULONG)inBufSize,
+ dwInSize,
&ctx->authInfo,
ctx->pbIV,
ctx->cbIV,
outBuf,
- (ULONG)inBufSize,
+ dwOutSize,
&dwCLen,
0);
/* check if we really have decrypted the numbers of bytes that we
* requested */
- if(dwCLen != inBufSize) {
- xmlSecInternalError2("BCryptDecrypt", cipherName, "size=%ld",
- dwCLen);
+ if(dwCLen != dwInSize) {
+ xmlSecInternalError3("BCryptEncrypt", cipherName,
+ "in-size=%lu; out-size=%lu", dwInSize, dwCLen);
return(-1);
}
- outLen = inBufSize;
+ outSize = inBufSize;
}
/* set correct output buffer size */
- ret = xmlSecBufferSetSize(out, outBufSize + outLen);
+ ret = xmlSecBufferSetSize(out, outBufSize + outSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", cipherName, "size=%d",
- outBufSize + outLen);
+ xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
+ "size=" XMLSEC_SIZE_FMT, (outBufSize + outSize));
return(-1);
}
/* remove the processed block from input */
ret = xmlSecBufferRemoveHead(in, inBufSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d",
- inBufSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
+ "size=" XMLSEC_SIZE_FMT, inBufSize);
return(-1);
}
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
#include <xmlsec/dl.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/private.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/mscng/app.h>
#include <xmlsec/mscng/crypto.h>
#include <xmlsec/mscng/x509.h>
+#include "../cast_helpers.h"
+
static xmlSecCryptoDLFunctionsPtr gXmlSecMSCngFunctions = NULL;
/**
int
xmlSecMSCngGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) {
NTSTATUS status;
+ DWORD dwSize;
int ret;
xmlSecAssert2(buffer != NULL, -1);
ret = xmlSecBufferSetSize(buffer, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(size, dwSize, return(-1), NULL);
status = BCryptGenRandom(
NULL,
(PBYTE)xmlSecBufferGetData(buffer),
- (ULONG)size,
+ dwSize,
BCRYPT_USE_SYSTEM_PREFERRED_RNG);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptGenRandom", NULL, status);
#include <xmlsec/mscng/crypto.h>
+#include "../cast_helpers.h"
+
typedef struct _xmlSecMSCngDigestCtx xmlSecMSCngDigestCtx, *xmlSecMSCngDigestCtxPtr;
struct _xmlSecMSCngDigestCtx {
LPCWSTR pszAlgId;
*
* MSCng Digest transforms
*
- * xmlSecMSCngDigestCtx is located after xmlSecTransform
- *
*****************************************************************************/
-#define xmlSecMSCngDigestSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCngDigestCtx))
-#define xmlSecMSCngDigestGetCtx(transform) \
- ((xmlSecMSCngDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-
+XMLSEC_TRANSFORM_DECLARE(MSCngDigest, xmlSecMSCngDigestCtx)
+#define xmlSecMSCngDigestSize XMLSEC_TRANSFORM_SIZE(MSCngDigest)
static int xmlSecMSCngDigestInitialize (xmlSecTransformPtr transform);
static void xmlSecMSCngDigestFinalize (xmlSecTransformPtr transform);
xmlSecSize dataSize,
xmlSecTransformCtxPtr transformCtx) {
xmlSecMSCngDigestCtxPtr ctx;
+ xmlSecSize hashSize;
xmlSecAssert2(xmlSecMSCngDigestCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngDigestSize), -1);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->cbHash > 0, -1);
- if(dataSize != ctx->cbHash) {
- xmlSecInvalidSizeError("Digest", dataSize, ctx->cbHash,
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(ctx->cbHash, hashSize, return(-1), xmlSecTransformGetName(transform));
+ if(dataSize != hashSize) {
+ xmlSecInvalidSizeError("Digest", dataSize, hashSize,
xmlSecTransformGetName(transform));
transform->status = xmlSecTransformStatusFail;
return(0);
}
- if(memcmp(ctx->pbHash, data, ctx->cbHash) != 0) {
+ if(memcmp(ctx->pbHash, data, hashSize) != 0) {
xmlSecInvalidDataError("data and digest do not match",
xmlSecTransformGetName(transform));
transform->status = xmlSecTransformStatusFail;
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
+ DWORD dwInSize;
+
/* hash some data */
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, return(-1), xmlSecTransformGetName(transform));
status = BCryptHashData(
ctx->hHash,
(PBYTE)xmlSecBufferGetData(in),
- inSize,
+ dwInSize,
0);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptHashData", xmlSecTransformGetName(transform), status);
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform));
return(-1);
}
}
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
"MSCng last error: 0x%08lx", \
- (long int)dwError \
+ (dwError) \
); \
}
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
"MSCng NTSTATUS: 0x%08lx", \
- (long int)(status) \
+ (unsigned long)(status) \
+ ); \
+ }
+
+ /**
+ * xmlSecMSCngNtError2:
+ * @errorFunction: the failed function name.
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ * @msg: the extra message.
+ * @param: the extra message param.
+ *
+ * Macro. The XMLSec library macro for reporting crypro errors from NTSTATUS.
+ * See e.g. <http://errorco.de/win32/ntstatus-h/> to look up the matching define.
+ */
+#define xmlSecMSCngNtError2(errorFunction, errorObject, status, msg, param) \
+ { \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ (errorFunction), \
+ XMLSEC_ERRORS_R_CRYPTO_FAILED, \
+ msg "; MSCng NTSTATUS: 0x%08lx", \
+ (param), \
+ (unsigned long)(status) \
+ ); \
+ }
+
+ /**
+ * xmlSecMSCngNtError3:
+ * @errorFunction: the failed function name.
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ * @msg: the extra message.
+ * @param1: the extra message param1.
+ * @param2: the extra message param2.
+ *
+ * Macro. The XMLSec library macro for reporting crypro errors from NTSTATUS.
+ * See e.g. <http://errorco.de/win32/ntstatus-h/> to look up the matching define.
+ */
+#define xmlSecMSCngNtError3(errorFunction, errorObject, status, msg, param1, param2) \
+ { \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ (errorFunction), \
+ XMLSEC_ERRORS_R_CRYPTO_FAILED, \
+ msg "; MSCng NTSTATUS: 0x%08lx", \
+ (param1), \
+ (param2), \
+ (unsigned long)(status) \
); \
}
#include <ncrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/errors.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
+#include <xmlsec/private.h>
#include <xmlsec/transforms.h>
-#include <xmlsec/errors.h>
-#include <xmlsec/bn.h>
#include <xmlsec/mscng/crypto.h>
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+#include "../transform_helpers.h"
+
typedef struct _xmlSecMSCngHmacCtx xmlSecMSCngHmacCtx, *xmlSecMSCngHmacCtxPtr;
struct _xmlSecMSCngHmacCtx {
PBYTE hash;
DWORD hashLength;
/* truncation length in bits */
- DWORD truncationLength;
+ xmlSecSize dgstSize;
BCRYPT_HASH_HANDLE hHash;
};
-#define xmlSecMSCngHmacGetCtx(data) \
- ((xmlSecMSCngHmacCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecTransform)))
-#define xmlSecMSCngHmacSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCngHmacCtx))
+XMLSEC_TRANSFORM_DECLARE(MSCngHmac, xmlSecMSCngHmacCtx)
+#define xmlSecMSCngHmacSize XMLSEC_TRANSFORM_SIZE(MSCngHmac)
+
+/* 80 is a minimum value from: https://www.w3.org/TR/xmldsig-core1/#sec-SignatureMethod */
+#define XMLSEC_MSCNG_HMAC_MIN_LENGTH 80
static int
xmlSecMSCngHmacCheckId(xmlSecTransformPtr transform) {
}
static int
-xmlSecMSCngHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCngHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCngHmacCtxPtr ctx;
- xmlNodePtr cur;
+ int ret;
xmlSecAssert2(xmlSecMSCngHmacCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngHmacSize), -1);
xmlSecAssert2(node!= NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCngHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- cur = xmlSecGetNextElementNode(node->children);
- if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
- xmlChar *content;
-
- content = xmlNodeGetContent(cur);
- if(content != NULL) {
- ctx->truncationLength = atoi((char*)content);
- xmlFree(content);
- }
-
- /* 80 is a minimum value from
- * <https://www.w3.org/TR/xmldsig-core1/#sec-SignatureMethod> */
- if((int)ctx->truncationLength < 80) {
- xmlSecInvalidNodeContentError(cur, xmlSecTransformGetName(transform),
- "HMAC output length is too small");
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform));
+ ret = xmlSecTransformHmacReadOutputBitsSize(node, ctx->dgstSize, &ctx->dgstSize);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformHmacReadOutputBitsSize()",
+ xmlSecTransformGetName(transform));
return(-1);
}
xmlSecMSCngHmacCtxPtr ctx;
xmlSecKeyDataPtr value;
xmlSecBufferPtr buffer;
- DWORD resultLength = 0;
+ xmlSecSize bufSize;
+ DWORD dwBufSize, resultLength = 0;
NTSTATUS status;
xmlSecAssert2(xmlSecMSCngHmacCheckId(transform), -1);
NULL,
BCRYPT_ALG_HANDLE_HMAC_FLAG);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptOpenAlgorithmProvider",
- xmlSecTransformGetName(transform), status);
+ xmlSecMSCngNtError("BCryptOpenAlgorithmProvider", xmlSecTransformGetName(transform), status);
return(-1);
}
&resultLength,
0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptGetProperty",
- xmlSecTransformGetName(transform), status);
+ xmlSecMSCngNtError("BCryptGetProperty", xmlSecTransformGetName(transform), status);
return(-1);
}
return(-1);
}
+ bufSize = xmlSecBufferGetSize(buffer);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(bufSize, dwBufSize, return(-1), xmlSecTransformGetName(transform));
status = BCryptCreateHash(ctx->hAlg,
&ctx->hHash,
NULL,
0,
(PBYTE)xmlSecBufferGetData(buffer),
- xmlSecBufferGetSize(buffer),
+ dwBufSize,
0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptCreateHash",
- xmlSecTransformGetName(transform), status);
+ xmlSecMSCngNtError("BCryptCreateHash", xmlSecTransformGetName(transform), status);
return(-1);
}
- if (ctx->truncationLength == 0) {
+ if (ctx->dgstSize == 0) {
/* no custom value is requested, then default to the full length */
- ctx->truncationLength = ctx->hashLength * 8;
+ ctx->dgstSize = ctx->hashLength * 8;
}
ctx->initialized = 1;
static int
xmlSecMSCngHmacVerify(xmlSecTransformPtr transform, const xmlSecByte* data,
- xmlSecSize dataSize, xmlSecTransformCtxPtr transformCtx) {
+ xmlSecSize dataSize, xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCngHmacCtxPtr ctx;
xmlSecSize truncationBytes;
static xmlSecByte lastByteMasks[] = { 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8,
xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(dataSize > 0, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCngHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->truncationLength > 0, -1);
+ xmlSecAssert2(ctx->dgstSize > 0, -1);
/* round up */
- truncationBytes = (ctx->truncationLength + 7) / 8;
+ truncationBytes = (ctx->dgstSize + 7) / 8;
/* compare the digest size in bytes */
if(dataSize != truncationBytes) {
/* we check the last byte separately as possibly not all bits should be
* compared */
- mask = lastByteMasks[ctx->truncationLength % 8];
+ mask = lastByteMasks[ctx->dgstSize % 8];
if((ctx->hash[dataSize - 1] & mask) != (data[dataSize - 1] & mask)) {
xmlSecOtherError(XMLSEC_ERRORS_R_DATA_NOT_MATCH,
xmlSecTransformGetName(transform),
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
+ DWORD dwInSize;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, return(-1), xmlSecTransformGetName(transform));
status = BCryptHashData(ctx->hHash,
xmlSecBufferGetData(in),
- inSize,
+ dwInSize,
0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptHashData",
- xmlSecTransformGetName(transform), status);
+ xmlSecMSCngNtError("BCryptHashData", xmlSecTransformGetName(transform), status);
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform), "size=%d", inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
}
ctx->hashLength,
0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptFinishHash",
- xmlSecTransformGetName(transform), status);
+ xmlSecMSCngNtError("BCryptFinishHash", xmlSecTransformGetName(transform), status);
return(-1);
}
/* copy result to output */
if(transform->operation == xmlSecTransformOperationSign) {
/* round up */
- xmlSecSize truncationBytes = (ctx->truncationLength + 7) / 8;
+ xmlSecSize truncationBytes = (ctx->dgstSize + 7) / 8;
ret = xmlSecBufferAppend(out, ctx->hash, truncationBytes);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend",
- xmlSecTransformGetName(transform),
- "size=%d", truncationBytes);
+ xmlSecInternalError2("xmlSecBufferAppend", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, truncationBytes);
return(-1);
}
}
#include <ncrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/bn.h>
+#include <xmlsec/errors.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
-#include <xmlsec/errors.h>
-#include <xmlsec/bn.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/mscng/app.h>
#include <xmlsec/mscng/crypto.h>
#include <xmlsec/mscng/keysstore.h>
-#include <xmlsec/mscng/x509.h>
#include <xmlsec/mscng/certkeys.h>
+#include <xmlsec/mscng/x509.h>
+
+#include "../cast_helpers.h"
#define XMLSEC_MSCNG_APP_DEFAULT_CERT_STORE_NAME TEXT("MY")
*
* MSCng Keys Store. Uses Simple Keys Store under the hood
*
- * Simple Keys Store ptr is located after xmlSecKeyStore
- *
***************************************************************************/
-#define xmlSecMSCngKeysStoreSize (sizeof(xmlSecKeyStore) + sizeof(xmlSecKeyStorePtr))
-
-#define xmlSecMSCngKeysStoreGetSS(store) \
- ((xmlSecKeyStoreCheckSize((store), xmlSecMSCngKeysStoreSize)) ? \
- (xmlSecKeyStorePtr*)(((xmlSecByte*)(store)) + sizeof(xmlSecKeyStore)) : \
- (xmlSecKeyStorePtr*)NULL)
+XMLSEC_KEY_STORE_DECLARE(MSCngKeysStore, xmlSecKeyStorePtr)
+#define xmlSecMSCngKeysStoreSize XMLSEC_KEY_STORE_SIZE(MSCngKeysStore)
static int
xmlSecMSCngKeysStoreInitialize(xmlSecKeyStorePtr store) {
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCngKeysStoreId), -1);
- ss = xmlSecMSCngKeysStoreGetSS(store);
+ ss = xmlSecMSCngKeysStoreGetCtx(store);
xmlSecAssert2(*ss == NULL, -1);
*ss = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
xmlSecAssert(xmlSecKeyStoreCheckId(store, xmlSecMSCngKeysStoreId));
- ss = xmlSecMSCngKeysStoreGetSS(store);
+ ss = xmlSecMSCngKeysStoreGetCtx(store);
xmlSecAssert((ss != NULL) && (*ss != NULL));
xmlSecKeyStoreDestroy(*ss);
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCngKeysStoreId), NULL);
xmlSecAssert2(keyInfoCtx != NULL, NULL);
- ss = xmlSecMSCngKeysStoreGetSS(store);
+ ss = xmlSecMSCngKeysStoreGetCtx(store);
xmlSecAssert2(((ss != NULL) && (*ss != NULL)), NULL);
/* look for the key in the simple store */
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCngKeysStoreId), -1);
xmlSecAssert2((key != NULL), -1);
- ss = xmlSecMSCngKeysStoreGetSS(store);
+ ss = xmlSecMSCngKeysStoreGetCtx(store);
xmlSecAssert2(ss != NULL, -1);
xmlSecAssert2(*ss != NULL, -1);
xmlSecAssert2(xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId), -1);
int
xmlSecMSCngKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
xmlSecKeysMngrPtr keysMngr) {
- xmlDocPtr doc;
- xmlNodePtr root;
- xmlNodePtr cur;
- xmlSecKeyPtr key;
- xmlSecKeyInfoCtx keyInfoCtx;
- int ret;
-
- xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCngKeysStoreId), -1);
- xmlSecAssert2((uri != NULL), -1);
- UNREFERENCED_PARAMETER(keysMngr);
-
- doc = xmlParseFile(uri);
- if(doc == NULL) {
- xmlSecXmlError2("xmlParseFile", xmlSecKeyStoreGetName(store), "uri=%s",
- xmlSecErrorsSafeString(uri));
- return(-1);
- }
-
- root = xmlDocGetRootElement(doc);
- if(!xmlSecCheckNodeName(root, BAD_CAST "Keys", xmlSecNs)) {
- xmlSecInvalidNodeError(root, BAD_CAST "Keys", xmlSecKeyStoreGetName(store));
- xmlFreeDoc(doc);
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(root->children);
- while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {
- key = xmlSecKeyCreate();
- if(key == NULL) {
- xmlSecInternalError("xmlSecKeyCreate",
- xmlSecKeyStoreGetName(store));
- xmlFreeDoc(doc);
- return(-1);
- }
-
- ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeyInfoCtxInitialize",
- xmlSecKeyStoreGetName(store));
- xmlSecKeyDestroy(key);
- xmlFreeDoc(doc);
- return(-1);
- }
-
- keyInfoCtx.mode = xmlSecKeyInfoModeRead;
- keyInfoCtx.keysMngr = NULL;
- keyInfoCtx.flags = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND |
- XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
- keyInfoCtx.keyReq.keyId = xmlSecKeyDataIdUnknown;
- keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny;
- keyInfoCtx.keyReq.keyUsage= xmlSecKeyDataUsageAny;
-
- ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeyInfoNodeRead",
- xmlSecKeyStoreGetName(store));
- xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
- xmlSecKeyDestroy(key);
- xmlFreeDoc(doc);
- return(-1);
- }
- xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-
- if(xmlSecKeyIsValid(key)) {
- ret = xmlSecMSCngKeysStoreAdoptKey(store, key);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngKeysStoreAdoptKey",
- xmlSecKeyStoreGetName(store));
- xmlSecKeyDestroy(key);
- xmlFreeDoc(doc);
- return(-1);
- }
- } else {
- /* we have an unknown key in our file, just ignore it */
- xmlSecKeyDestroy(key);
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyStoreGetName(store));
- xmlFreeDoc(doc);
- return(-1);
- }
-
- xmlFreeDoc(doc);
- return(0);
+ return(xmlSecSimpleKeysStoreLoad_ex(store, uri, keysMngr,
+ xmlSecMSCngKeysStoreAdoptKey));
}
/**
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCngKeysStoreId), -1);
xmlSecAssert2((filename != NULL), -1);
- ss = xmlSecMSCngKeysStoreGetSS(store);
+ ss = xmlSecMSCngKeysStoreGetCtx(store);
xmlSecAssert2(ss != NULL, -1);
xmlSecAssert2(*ss != NULL, -1);
xmlSecAssert2(xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId), -1);
#include <ncrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/errors.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
+#include <xmlsec/private.h>
#include <xmlsec/transforms.h>
-#include <xmlsec/errors.h>
-#include <xmlsec/bn.h>
#include <xmlsec/mscng/crypto.h>
#include <xmlsec/mscng/certkeys.h>
+#include "../cast_helpers.h"
+#include "../transform_helpers.h"
+
/**************************************************************************
*
* Internal MSCNG RSA PKCS1 CTX
*
* RSA PKCS1 key transport transform
*
- * xmlSecMSCngRsaPkcs1OaepCtx is located after xmlSecTransform
- *
********************************************************************/
-#define xmlSecMSCngRsaPkcs1OaepCtx \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCngRsaPkcs1OaepCtx))
-#define xmlSecMSCngRsaPkcs1OaepGetCtx(transform) \
- ((xmlSecMSCngRsaPkcs1OaepCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(MSCngRsaPkcs1Oaep, xmlSecMSCngRsaPkcs1OaepCtx)
+#define xmlSeccMSCngRsaPkcs1OaepSize XMLSEC_TRANSFORM_SIZE(MSCngRsaPkcs1Oaep)
static int
xmlSecMSCngRsaPkcs1OaepCheckId(xmlSecTransformPtr transform) {
int ret;
xmlSecAssert2(xmlSecMSCngRsaPkcs1OaepCheckId(transform), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngRsaPkcs1OaepCtx), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSeccMSCngRsaPkcs1OaepSize), -1);
ctx = xmlSecMSCngRsaPkcs1OaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecMSCngRsaPkcs1OaepCtxPtr ctx;
xmlSecAssert(xmlSecMSCngRsaPkcs1OaepCheckId(transform));
- xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCngRsaPkcs1OaepCtx));
+ xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSeccMSCngRsaPkcs1OaepSize));
ctx = xmlSecMSCngRsaPkcs1OaepGetCtx(transform);
xmlSecAssert(ctx != NULL);
xmlSecAssert2(xmlSecMSCngRsaPkcs1OaepCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngRsaPkcs1OaepCtx), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSeccMSCngRsaPkcs1OaepSize), -1);
xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecMSCngRsaPkcs1OaepGetCtx(transform);
xmlSecAssert2(xmlSecMSCngRsaPkcs1OaepCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngRsaPkcs1OaepCtx), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSeccMSCngRsaPkcs1OaepSize), -1);
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCngKeyDataRsaId), -1);
}
static int
-xmlSecMSCngRsaPkcs1OaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCngRsaPkcs1OaepProcess(xmlSecTransformPtr transform) {
xmlSecMSCngRsaPkcs1OaepCtxPtr ctx;
xmlSecBufferPtr in, out;
xmlSecSize inSize, outSize;
xmlSecSize keySize;
BCRYPT_KEY_HANDLE hPubKey;
NCRYPT_KEY_HANDLE hPrivKey;
- DWORD dwInLen;
- DWORD dwOutLen;
+ DWORD dwInSize, dwOutSize, dwOutLen;
xmlSecByte * outBuf;
xmlSecByte * inBuf;
SECURITY_STATUS securityStatus;
xmlSecAssert2(xmlSecMSCngRsaPkcs1OaepCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngRsaPkcs1OaepCtx), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSeccMSCngRsaPkcs1OaepSize), -1);
ctx = xmlSecMSCngRsaPkcs1OaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
outSize = keySize;
ret = xmlSecBufferSetMaxSize(out, outSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform), "size=%d", outSize);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
+ /* get everything ready */
+ inBuf = xmlSecBufferGetData(in);
+ outBuf = xmlSecBufferGetData(out);
+ dwOutLen = 0;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, return(-1), xmlSecTransformGetName(transform));
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(outSize, dwOutSize, return(-1), xmlSecTransformGetName(transform));
+
if(transform->operation == xmlSecTransformOperationEncrypt) {
- if(inSize > outSize) {
+ /* this should be true since we checked above, but let's double check */
+ if(inSize >= outSize) {
xmlSecInvalidSizeLessThanError("Output data", outSize, inSize,
xmlSecTransformGetName(transform));
return(-1);
}
- dwInLen = inSize;
-
- inBuf = xmlSecBufferGetData(in);
- outBuf = xmlSecBufferGetData(out);
+ /* get key */
hPubKey = xmlSecMSCngKeyDataGetPubKey(ctx->data);
if (hPubKey == 0) {
xmlSecInternalError("xmlSecMSCngKeyDataGetPubKey",
if(xmlSecTransformCheckId(transform, xmlSecMSCngTransformRsaPkcs1Id)) {
status = BCryptEncrypt(hPubKey,
inBuf,
- inSize,
+ dwInSize,
NULL,
NULL,
0,
outBuf,
- outSize,
+ dwOutSize,
&dwOutLen,
BCRYPT_PAD_PKCS1);
if(status != STATUS_SUCCESS) {
}
} else if(xmlSecTransformCheckId(transform, xmlSecMSCngTransformRsaOaepId)) {
BCRYPT_OAEP_PADDING_INFO paddingInfo;
+ xmlSecSize oaepParamsSize;
+
+
paddingInfo.pszAlgId = BCRYPT_SHA1_ALGORITHM;
paddingInfo.pbLabel = xmlSecBufferGetData(&(ctx->oaepParams));
- paddingInfo.cbLabel = xmlSecBufferGetSize(&(ctx->oaepParams));
+
+ oaepParamsSize = xmlSecBufferGetSize(&(ctx->oaepParams));
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(oaepParamsSize, paddingInfo.cbLabel, return(-1), xmlSecTransformGetName(transform));
+
status = BCryptEncrypt(hPubKey,
inBuf,
- inSize,
+ dwInSize,
&paddingInfo,
NULL,
0,
outBuf,
- outSize,
+ dwOutSize,
&dwOutLen,
BCRYPT_PAD_OAEP);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptEncrypt",
- xmlSecTransformGetName(transform), status);
+ xmlSecMSCngNtError("BCryptEncrypt", xmlSecTransformGetName(transform), status);
return(-1);
}
} else {
return(-1);
}
} else {
- dwOutLen = inSize;
-
- ret = xmlSecBufferSetSize(out, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform), "size=%d", inSize);
+ /* this should be true since we checked above, but let's double check */
+ if (inSize != outSize) {
+ xmlSecInvalidSizeError("Output data", outSize, inSize,
+ xmlSecTransformGetName(transform));
return(-1);
}
- inBuf = xmlSecBufferGetData(in);
- outBuf = xmlSecBufferGetData(out);
-
+ /* get key */
hPrivKey = xmlSecMSCngKeyDataGetPrivKey(ctx->data);
if (hPrivKey == 0) {
xmlSecInternalError("xmlSecMSCngKeyDataGetPrivKey",
if(xmlSecTransformCheckId(transform, xmlSecMSCngTransformRsaPkcs1Id)) {
securityStatus = NCryptDecrypt(hPrivKey,
inBuf,
- inSize,
+ dwInSize,
NULL,
outBuf,
- inSize,
+ dwOutSize,
&dwOutLen,
NCRYPT_PAD_PKCS1_FLAG);
if(securityStatus != ERROR_SUCCESS) {
}
} else if(xmlSecTransformCheckId(transform, xmlSecMSCngTransformRsaOaepId)) {
BCRYPT_OAEP_PADDING_INFO paddingInfo;
+ xmlSecSize oaepParamsSize;
+
paddingInfo.pszAlgId = BCRYPT_SHA1_ALGORITHM;
paddingInfo.pbLabel = xmlSecBufferGetData(&(ctx->oaepParams));
- paddingInfo.cbLabel = xmlSecBufferGetSize(&(ctx->oaepParams));
+
+ oaepParamsSize = xmlSecBufferGetSize(&(ctx->oaepParams));
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(oaepParamsSize, paddingInfo.cbLabel, return(-1), xmlSecTransformGetName(transform));
securityStatus = NCryptDecrypt(hPrivKey,
inBuf,
- inSize,
+ dwInSize,
&paddingInfo,
outBuf,
- inSize,
+ dwOutSize,
&dwOutLen,
NCRYPT_PAD_OAEP_FLAG);
if(securityStatus != ERROR_SUCCESS) {
ret = xmlSecBufferSetSize(out, outSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform), "size=%d", outSize);
+ xmlSecTransformGetName(transform), "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform), "size=%d", inSize);
+ xmlSecTransformGetName(transform), "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
}
static int
-xmlSecMSCngRsaPkcs1OaepExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCngRsaPkcs1OaepExecute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCngRsaPkcs1OaepCtxPtr ctx;
int ret;
xmlSecAssert2(xmlSecMSCngRsaPkcs1OaepCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngRsaPkcs1OaepCtx), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSeccMSCngRsaPkcs1OaepSize), -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCngRsaPkcs1OaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
/* just do nothing */
} else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- ret = xmlSecMSCngRsaPkcs1OaepProcess(transform, transformCtx);
+ ret = xmlSecMSCngRsaPkcs1OaepProcess(transform);
if(ret < 0) {
xmlSecInternalError("xmlSecMSCngRsaPkcs1OaepProcess",
xmlSecTransformGetName(transform));
static xmlSecTransformKlass xmlSecMSCngRsaPkcs1Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecMSCngRsaPkcs1OaepCtx, /* xmlSecSize objSize */
+ xmlSeccMSCngRsaPkcs1OaepSize, /* xmlSecSize objSize */
xmlSecNameRsaPkcs1, /* const xmlChar* name; */
xmlSecHrefRsaPkcs1, /* const xmlChar* href; */
static int
xmlSecMSCngRsaOaepNodeRead(xmlSecTransformPtr transform, xmlNodePtr node,
- xmlSecTransformCtxPtr transformCtx) {
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCngRsaPkcs1OaepCtxPtr ctx;
- xmlNodePtr cur;
+ xmlChar* algorithm = NULL;
int ret;
xmlSecAssert2(xmlSecMSCngRsaPkcs1OaepCheckId(transform), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngRsaPkcs1OaepCtx), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSeccMSCngRsaPkcs1OaepSize), -1);
xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCngRsaPkcs1OaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- cur = xmlSecGetNextElementNode(node->children);
- while(cur != NULL) {
- if(xmlSecCheckNodeName(cur, xmlSecNodeRsaOAEPparams, xmlSecEncNs)) {
- ret = xmlSecBufferBase64NodeContentRead(&(ctx->oaepParams), cur);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferBase64NodeContentRead",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeDigestMethod, xmlSecDSigNs)) {
- xmlChar* algorithm;
-
- /* Algorithm attribute is required */
- algorithm = xmlGetProp(cur, xmlSecAttrAlgorithm);
- if(algorithm == NULL) {
- xmlSecInvalidNodeAttributeError(cur, xmlSecAttrAlgorithm,
- xmlSecTransformGetName(transform),
- "empty");
- return(-1);
- }
-
- /* for now we support only sha1 */
- if(xmlStrcmp(algorithm, xmlSecHrefSha1) != 0) {
- xmlSecInvalidTransfromError2(transform,
- "digest algorithm=\"%s\" is not supported for rsa/oaep",
- xmlSecErrorsSafeString(algorithm));
- xmlFree(algorithm);
- return(-1);
- }
- xmlFree(algorithm);
- } else {
- /* node not recognized */
- xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform));
- return(-1);
- }
+ ret = xmlSecTransformRsaOaepReadParams(node, &(ctx->oaepParams), &algorithm);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformRsaOaepReadParams",
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
- /* next node */
- cur = xmlSecGetNextElementNode(cur->next);
+ /* for now we support only sha1 */
+ if ((algorithm != NULL) && (xmlStrcmp(algorithm, xmlSecHrefSha1) != 0)) {
+ xmlSecInvalidTransfromError2(transform,
+ "digest algorithm=\"%s\" is not supported for rsa/oaep",
+ xmlSecErrorsSafeString(algorithm));
+ xmlFree(algorithm);
+ return(-1);
}
+ xmlFree(algorithm);
+ /* done */
return(0);
}
static xmlSecTransformKlass xmlSecMSCngRsaOaepKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecMSCngRsaPkcs1OaepCtx, /* xmlSecSize objSize */
+ xmlSeccMSCngRsaPkcs1OaepSize, /* xmlSecSize objSize */
xmlSecNameRsaOaep, /* const xmlChar* name; */
xmlSecHrefRsaOaep, /* const xmlChar* href; */
#include <ncrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
#include <xmlsec/bn.h>
+#include <xmlsec/private.h>
#include <xmlsec/mscng/crypto.h>
#include "../kw_aes_des.h"
+#include "../cast_helpers.h"
+
+ /*********************************************************************
+ *
+ * AES KW implementation
+ *
+ *********************************************************************/
+static int xmlSecMSCngKWAesBlockEncrypt (xmlSecTransformPtr transform,
+ const xmlSecByte* in,
+ xmlSecSize inSize,
+ xmlSecByte* out,
+ xmlSecSize outSize,
+ xmlSecSize* outWritten);
+static int xmlSecMSCngKWAesBlockDecrypt (xmlSecTransformPtr transform,
+ const xmlSecByte* in,
+ xmlSecSize inSize,
+ xmlSecByte* out,
+ xmlSecSize outSize,
+ xmlSecSize* outWritten);
/**************************************************************************
*
*****************************************************************************/
typedef struct _xmlSecMSCngKWAesCtx xmlSecMSCngKWAesCtx, *xmlSecMSCngKWAesCtxPtr;
struct _xmlSecMSCngKWAesCtx {
+ xmlSecTransformKWAesCtx parentCtx;
+
LPCWSTR pszAlgId;
- xmlSecKeyDataId keyId;
- xmlSecSize keySize;
- xmlSecBuffer keyBuffer;
};
/******************************************************************************
*
* KW AES transforms
*
- * xmlSecMSCngKWAesCtx block is located after xmlSecTransform structure
- *
*****************************************************************************/
-#define xmlSecMSCngKWAesSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCngKWAesCtx))
-#define xmlSecMSCngKWAesGetCtx(transform) \
- ((xmlSecMSCngKWAesCtxPtr)(((unsigned char*)(transform)) + sizeof(xmlSecTransform)))
-
-/*********************************************************************
- *
- * AES KW implementation
- *
- ********************************************************************/
-static int
-xmlSecMSCngKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize, void * context) {
- xmlSecMSCngKWAesCtxPtr ctx = (xmlSecMSCngKWAesCtxPtr)context;
- BCRYPT_ALG_HANDLE hAlg = NULL;
- BCRYPT_KEY_HANDLE hKey = NULL;
- DWORD cbData;
- PBYTE pbKeyObject = NULL;
- DWORD cbKeyObject;
- xmlSecBuffer blob;
- BCRYPT_KEY_DATA_BLOB_HEADER* blobHeader;
- xmlSecSize blobHeaderLen;
- int res = -1;
- NTSTATUS status;
- int ret;
-
- xmlSecAssert2(in != NULL, -1);
- xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
- xmlSecAssert2(out != NULL, -1);
- xmlSecAssert2(outSize >= inSize, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&ctx->keyBuffer) == ctx->keySize, -1);
-
- ret = xmlSecBufferInitialize(&blob, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize", NULL);
- goto done;
- }
-
- status = BCryptOpenAlgorithmProvider(
- &hAlg,
- BCRYPT_AES_ALGORITHM,
- NULL,
- 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptOpenAlgorithmProvider", NULL, status);
- goto done;
- }
-
- /* allocate the key object */
- status = BCryptGetProperty(hAlg,
- BCRYPT_OBJECT_LENGTH,
- (PBYTE)&cbKeyObject,
- sizeof(DWORD),
- &cbData,
- 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptGetProperty", NULL, status);
- goto done;
- }
-
- pbKeyObject = xmlMalloc(cbKeyObject);
- if(pbKeyObject == NULL) {
- xmlSecMallocError(cbKeyObject, NULL);
- goto done;
- }
-
- /* prefix the key with a BCRYPT_KEY_DATA_BLOB_HEADER */
- blobHeaderLen = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + xmlSecBufferGetSize(&ctx->keyBuffer);
- ret = xmlSecBufferSetSize(&blob, blobHeaderLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d",
- blobHeaderLen);
- goto done;
- }
-
- blobHeader = (BCRYPT_KEY_DATA_BLOB_HEADER*)xmlSecBufferGetData(&blob);
- blobHeader->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
- blobHeader->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
- blobHeader->cbKeyData = xmlSecBufferGetSize(&ctx->keyBuffer);
- memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
- xmlSecBufferGetData(&ctx->keyBuffer),
- xmlSecBufferGetSize(&ctx->keyBuffer));
-
- /* perform the actual import */
- status = BCryptImportKey(hAlg,
- NULL,
- BCRYPT_KEY_DATA_BLOB,
- &hKey,
- pbKeyObject,
- cbKeyObject,
- xmlSecBufferGetData(&blob),
- xmlSecBufferGetSize(&blob),
- 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptImportKey", NULL, status);
- goto done;
- }
-
- /* handle padding ourselves */
- if(out != in) {
- memcpy(out, in, inSize);
- }
-
- cbData = inSize;
- status = BCryptEncrypt(hKey,
- (PUCHAR)in,
- inSize,
- NULL,
- NULL,
- 0,
- out,
- inSize,
- &cbData,
- 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptEncrypt", NULL, status);
- goto done;
- }
-
- res = cbData;
-
-done:
- if (hKey != NULL) {
- BCryptDestroyKey(hKey);
- }
-
- xmlSecBufferFinalize(&blob);
-
- if (pbKeyObject != NULL) {
- xmlFree(pbKeyObject);
- }
-
- if(hAlg != NULL) {
- BCryptCloseAlgorithmProvider(hAlg, 0);
- }
-
- return(res);
-}
-
-static int
-xmlSecMSCngKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize, void * context) {
- xmlSecMSCngKWAesCtxPtr ctx = (xmlSecMSCngKWAesCtxPtr)context;
- BCRYPT_ALG_HANDLE hAlg = NULL;
- BCRYPT_KEY_HANDLE hKey = NULL;
- DWORD cbData;
- PBYTE pbKeyObject = NULL;
- DWORD cbKeyObject;
- xmlSecBuffer blob;
- BCRYPT_KEY_DATA_BLOB_HEADER* blobHeader;
- xmlSecSize blobHeaderLen;
- int res = -1;
- NTSTATUS status;
- int ret;
-
- xmlSecAssert2(in != NULL, -1);
- xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
- xmlSecAssert2(out != NULL, -1);
- xmlSecAssert2(outSize >= inSize, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&ctx->keyBuffer) == ctx->keySize, -1);
-
- ret = xmlSecBufferInitialize(&blob, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize", NULL);
- goto done;
- }
-
- status = BCryptOpenAlgorithmProvider(
- &hAlg,
- BCRYPT_AES_ALGORITHM,
- NULL,
- 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptOpenAlgorithmProvider", NULL, status);
- goto done;
- }
-
- /* allocate the key object */
- status = BCryptGetProperty(hAlg,
- BCRYPT_OBJECT_LENGTH,
- (PBYTE)&cbKeyObject,
- sizeof(DWORD),
- &cbData,
- 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptGetProperty", NULL, status);
- goto done;
- }
-
- pbKeyObject = xmlMalloc(cbKeyObject);
- if(pbKeyObject == NULL) {
- xmlSecMallocError(cbKeyObject, NULL);
- goto done;
- }
-
- /* prefix the key with a BCRYPT_KEY_DATA_BLOB_HEADER */
- blobHeaderLen = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + xmlSecBufferGetSize(&ctx->keyBuffer);
- ret = xmlSecBufferSetSize(&blob, blobHeaderLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d",
- blobHeaderLen);
- goto done;
- }
-
- blobHeader = (BCRYPT_KEY_DATA_BLOB_HEADER*)xmlSecBufferGetData(&blob);
- blobHeader->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
- blobHeader->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
- blobHeader->cbKeyData = xmlSecBufferGetSize(&ctx->keyBuffer);
- memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
- xmlSecBufferGetData(&ctx->keyBuffer),
- xmlSecBufferGetSize(&ctx->keyBuffer));
-
- /* perform the actual import */
- status = BCryptImportKey(hAlg,
- NULL,
- BCRYPT_KEY_DATA_BLOB,
- &hKey,
- pbKeyObject,
- cbKeyObject,
- xmlSecBufferGetData(&blob),
- xmlSecBufferGetSize(&blob),
- 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptImportKey", NULL, status);
- goto done;
- }
-
- /* handle padding ourselves */
- if(out != in) {
- memcpy(out, in, inSize);
- }
-
- cbData = inSize;
- status = BCryptDecrypt(hKey,
- (PUCHAR)in,
- inSize,
- NULL,
- NULL,
- 0,
- out,
- inSize,
- &cbData,
- 0);
- if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptDecrypt", NULL, status);
- goto done;
- }
-
- res = cbData;
-
-done:
- if (hKey != NULL) {
- BCryptDestroyKey(hKey);
- }
-
- xmlSecBufferFinalize(&blob);
-
- if (pbKeyObject != NULL) {
- xmlFree(pbKeyObject);
- }
-
- if(hAlg != NULL) {
- BCryptCloseAlgorithmProvider(hAlg, 0);
- }
-
- return(res);
-}
+XMLSEC_TRANSFORM_DECLARE(MSCngKWAes, xmlSecMSCngKWAesCtx)
+#define xmlSecMSCngKWAesSize XMLSEC_TRANSFORM_SIZE(MSCngKWAes)
+
+static int xmlSecMSCngKWAesInitialize (xmlSecTransformPtr transform);
+static void xmlSecMSCngKWAesFinalize (xmlSecTransformPtr transform);
+static int xmlSecMSCngKWAesSetKeyReq (xmlSecTransformPtr transform,
+ xmlSecKeyReqPtr keyReq);
+static int xmlSecMSCngKWAesSetKey (xmlSecTransformPtr transform,
+ xmlSecKeyPtr key);
+static int xmlSecMSCngKWAesExecute (xmlSecTransformPtr transform,
+ int last,
+ xmlSecTransformCtxPtr transformCtx);
+static int xmlSecMSCngKWAesCheckId (xmlSecTransformPtr transform);
/* klass for KW AES operation */
static xmlSecKWAesKlass xmlSecMSCngKWAesKlass = {
static int
xmlSecMSCngKWAesInitialize(xmlSecTransformPtr transform) {
xmlSecMSCngKWAesCtxPtr ctx;
+ xmlSecSize keyExpectedSize;
int ret;
xmlSecAssert2(xmlSecMSCngKWAesCheckId(transform), -1);
ctx = xmlSecMSCngKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
-
memset(ctx, 0, sizeof(xmlSecMSCngKWAesCtx));
- ctx->pszAlgId = BCRYPT_AES_ALGORITHM;
- ctx->keyId = xmlSecMSCngKeyDataAesId;
if(transform->id == xmlSecMSCngTransformKWAes128Id) {
- ctx->keySize = XMLSEC_KW_AES128_KEY_SIZE;
+ keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE;
} else if(transform->id == xmlSecMSCngTransformKWAes192Id) {
- ctx->keySize = XMLSEC_KW_AES192_KEY_SIZE;
+ keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE;
} else if(transform->id == xmlSecMSCngTransformKWAes256Id) {
- ctx->keySize = XMLSEC_KW_AES256_KEY_SIZE;
+ keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE;
} else {
xmlSecInvalidTransfromError(transform)
return(-1);
}
- ret = xmlSecBufferInitialize(&ctx->keyBuffer, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform));
+ ret = xmlSecTransformKWAesInitialize(transform, &(ctx->parentCtx),
+ &xmlSecMSCngKWAesKlass, xmlSecMSCngKeyDataAesId,
+ keyExpectedSize);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesInitialize", xmlSecTransformGetName(transform));
+ xmlSecMSCngKWAesFinalize(transform);
return(-1);
}
+ ctx->pszAlgId = BCRYPT_AES_ALGORITHM;
return(0);
}
ctx = xmlSecMSCngKWAesGetCtx(transform);
xmlSecAssert(ctx != NULL);
- xmlSecBufferFinalize(&ctx->keyBuffer);
-
+ xmlSecTransformKWAesFinalize(transform, &(ctx->parentCtx));
memset(ctx, 0, sizeof(xmlSecMSCngKWAesCtx));
}
static int
xmlSecMSCngKWAesSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecMSCngKWAesCtxPtr ctx;
+ int ret;
xmlSecAssert2(xmlSecMSCngKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) ||
- (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWAesSize), -1);
- xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecMSCngKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keyReq->keyId = ctx->keyId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage = xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+ ret = xmlSecTransformKWAesSetKeyReq(transform, &(ctx->parentCtx), keyReq);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesSetKeyReq", xmlSecTransformGetName(transform));
+ return(-1);
}
- keyReq->keyBitsSize = ctx->keySize * 8;
return(0);
}
static int
xmlSecMSCngKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecMSCngKWAesCtxPtr ctx;
- xmlSecBufferPtr buffer;
- xmlSecSize keySize;
int ret;
xmlSecAssert2(xmlSecMSCngKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) ||
- (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWAesSize), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key),
- xmlSecMSCngKeyDataAesId), -1);
ctx = xmlSecMSCngKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
- xmlSecAssert2(buffer != NULL, -1);
-
- keySize = xmlSecBufferGetSize(buffer);
- if(keySize < ctx->keySize) {
- xmlSecInvalidKeyDataSizeError(keySize, ctx->keySize,
- xmlSecTransformGetName(transform));
+ ret = xmlSecTransformKWAesSetKey(transform, &(ctx->parentCtx), key);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesSetKey", xmlSecTransformGetName(transform));
return(-1);
}
-
- ret = xmlSecBufferSetData(&ctx->keyBuffer, xmlSecBufferGetData(buffer),
- ctx->keySize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform), "size=%d", ctx->keySize);
- return(-1);
- }
-
return(0);
}
static int
-xmlSecMSCngKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCngKWAesExecute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCngKWAesCtxPtr ctx;
- xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize;
int ret;
xmlSecAssert2(xmlSecMSCngKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) ||
- (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWAesSize), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCngKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- in = &transform->inBuf;
- out = &transform->outBuf;
- inSize = xmlSecBufferGetSize(in);
- outSize = xmlSecBufferGetSize(out);
- xmlSecAssert2(outSize == 0, -1);
-
- if(transform->status == xmlSecTransformStatusNone) {
- transform->status = xmlSecTransformStatusWorking;
- }
-
- if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
- /* just do nothing */
- } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- if((inSize % 8) != 0) {
- xmlSecInvalidSizeNotMultipleOfError("transform->inBuf", inSize, 8,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* the encoded key might be 8 bytes longer plus 8 bytes just in
- * case */
- outSize = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE +
- XMLSEC_KW_AES_BLOCK_SIZE;
- } else {
- outSize = inSize + XMLSEC_KW_AES_BLOCK_SIZE;
- }
-
- ret = xmlSecBufferSetMaxSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform), "size=%d", outSize);
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- ret = xmlSecKWAesEncode(&xmlSecMSCngKWAesKlass, ctx,
- xmlSecBufferGetData(in), inSize, xmlSecBufferGetData(out),
- outSize);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKWAesEncode",
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- outSize = ret;
- } else {
- ret = xmlSecKWAesDecode(&xmlSecMSCngKWAesKlass, ctx,
- xmlSecBufferGetData(in), inSize, xmlSecBufferGetData(out),
- outSize);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKWAesEncode",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
- }
-
- ret = xmlSecBufferSetSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform), "size=%d", outSize);
- return(-1);
- }
-
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform), "size=%d", inSize);
- return(-1);
- }
-
- transform->status = xmlSecTransformStatusFinished;
- } else if(transform->status == xmlSecTransformStatusFinished) {
- /* the only way we can get here is if there is no input */
- xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
- } else {
- xmlSecInvalidTransfromStatusError(transform);
+ ret = xmlSecTransformKWAesExecute(transform, &(ctx->parentCtx), last);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesExecute", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
+
}
/*
return(&xmlSecMSCngKWAes256Klass);
}
+
+/*********************************************************************
+ *
+ * AES KW implementation
+ *
+ ********************************************************************/
+static int
+xmlSecMSCngKWAesBlockEncrypt(xmlSecTransformPtr transform, const xmlSecByte* in, xmlSecSize inSize,
+ xmlSecByte* out, xmlSecSize outSize,
+ xmlSecSize* outWritten) {
+ xmlSecMSCngKWAesCtxPtr ctx;
+ BCRYPT_ALG_HANDLE hAlg = NULL;
+ BCRYPT_KEY_HANDLE hKey = NULL;
+ DWORD cbData;
+ PBYTE pbKeyObject = NULL;
+ DWORD cbKeyObject;
+ xmlSecBuffer blob;
+ int blob_initialized = 0;
+ BCRYPT_KEY_DATA_BLOB_HEADER* blobHeader;
+ xmlSecSize blobHeaderSize, blobSize;
+ xmlSecByte* keyData;
+ xmlSecSize keySize;
+ DWORD dwBlobSize, dwInSize;
+ int res = -1;
+ NTSTATUS status;
+ int ret;
+
+ xmlSecAssert2(xmlSecMSCngKWAesCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWAesSize), -1);
+ xmlSecAssert2(in != NULL, -1);
+ xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
+ xmlSecAssert2(out != NULL, -1);
+ xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecMSCngKWAesGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ keyData = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keySize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keyData != NULL, -1);
+ xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(keySize == ctx->parentCtx.keyExpectedSize, -1);
+
+ ret = xmlSecBufferInitialize(&blob, 0);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize", NULL);
+ goto done;
+ }
+ blob_initialized = 1;
+
+ status = BCryptOpenAlgorithmProvider(
+ &hAlg,
+ BCRYPT_AES_ALGORITHM,
+ NULL,
+ 0);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptOpenAlgorithmProvider", NULL, status);
+ goto done;
+ }
+
+ /* allocate the key object */
+ status = BCryptGetProperty(hAlg,
+ BCRYPT_OBJECT_LENGTH,
+ (PBYTE)&cbKeyObject,
+ sizeof(DWORD),
+ &cbData,
+ 0);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptGetProperty", NULL, status);
+ goto done;
+ }
+
+ pbKeyObject = xmlMalloc(cbKeyObject);
+ if (pbKeyObject == NULL) {
+ xmlSecMallocError(cbKeyObject, NULL);
+ goto done;
+ }
+
+ /* prefix the key with a BCRYPT_KEY_DATA_BLOB_HEADER */
+ blobHeaderSize = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + keySize;
+ ret = xmlSecBufferSetSize(&blob, blobHeaderSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, blobHeaderSize);
+ goto done;
+ }
+
+ blobHeader = (BCRYPT_KEY_DATA_BLOB_HEADER*)xmlSecBufferGetData(&blob);
+ blobHeader->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
+ blobHeader->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(keySize, blobHeader->cbKeyData, goto done, NULL);
+
+ memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
+ keyData, keySize);
+
+ blobSize = xmlSecBufferGetSize(&blob);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(blobSize, dwBlobSize, goto done, NULL);
+
+ /* perform the actual import */
+ status = BCryptImportKey(hAlg,
+ NULL,
+ BCRYPT_KEY_DATA_BLOB,
+ &hKey,
+ pbKeyObject,
+ cbKeyObject,
+ xmlSecBufferGetData(&blob),
+ dwBlobSize,
+ 0);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptImportKey", NULL, status);
+ goto done;
+ }
+
+ /* handle padding ourselves */
+ if (out != in) {
+ memcpy(out, in, inSize);
+ }
+
+ cbData = 0;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, goto done, NULL);
+ status = BCryptEncrypt(hKey,
+ (PUCHAR)in,
+ dwInSize,
+ NULL,
+ NULL,
+ 0,
+ out,
+ dwInSize,
+ &cbData,
+ 0);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptEncrypt", NULL, status);
+ goto done;
+ }
+
+ /* success */
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(cbData, (*outWritten), goto done, NULL);
+ res = 0;
+
+done:
+ if (hKey != NULL) {
+ BCryptDestroyKey(hKey);
+ }
+ if (pbKeyObject != NULL) {
+ xmlFree(pbKeyObject);
+ }
+ if (hAlg != NULL) {
+ BCryptCloseAlgorithmProvider(hAlg, 0);
+ }
+ if (blob_initialized != 0) {
+ xmlSecBufferFinalize(&blob);
+ }
+ return(res);
+}
+
+static int
+xmlSecMSCngKWAesBlockDecrypt(xmlSecTransformPtr transform, const xmlSecByte* in, xmlSecSize inSize,
+ xmlSecByte* out, xmlSecSize outSize,
+ xmlSecSize* outWritten) {
+ xmlSecMSCngKWAesCtxPtr ctx;
+ BCRYPT_ALG_HANDLE hAlg = NULL;
+ BCRYPT_KEY_HANDLE hKey = NULL;
+ DWORD cbData;
+ PBYTE pbKeyObject = NULL;
+ DWORD cbKeyObject;
+ xmlSecBuffer blob;
+ int blob_initialized = 0;
+ BCRYPT_KEY_DATA_BLOB_HEADER* blobHeader;
+ xmlSecSize blobHeaderSize, blobSize;
+ xmlSecByte* keyData;
+ xmlSecSize keySize;
+ DWORD dwBlobSize, dwInSize;
+ int res = -1;
+ NTSTATUS status;
+ int ret;
+
+ xmlSecAssert2(xmlSecMSCngKWAesCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWAesSize), -1);
+ xmlSecAssert2(in != NULL, -1);
+ xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
+ xmlSecAssert2(out != NULL, -1);
+ xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecMSCngKWAesGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ keyData = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keySize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keyData != NULL, -1);
+ xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(keySize == ctx->parentCtx.keyExpectedSize, -1);
+
+ ret = xmlSecBufferInitialize(&blob, 0);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBufferInitialize", NULL);
+ goto done;
+ }
+ blob_initialized = 1;
+
+ status = BCryptOpenAlgorithmProvider(
+ &hAlg,
+ BCRYPT_AES_ALGORITHM,
+ NULL,
+ 0);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptOpenAlgorithmProvider", NULL, status);
+ goto done;
+ }
+
+ /* allocate the key object */
+ status = BCryptGetProperty(hAlg,
+ BCRYPT_OBJECT_LENGTH,
+ (PBYTE)&cbKeyObject,
+ sizeof(DWORD),
+ &cbData,
+ 0);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptGetProperty", NULL, status);
+ goto done;
+ }
+
+ pbKeyObject = xmlMalloc(cbKeyObject);
+ if (pbKeyObject == NULL) {
+ xmlSecMallocError(cbKeyObject, NULL);
+ goto done;
+ }
+
+ /* prefix the key with a BCRYPT_KEY_DATA_BLOB_HEADER */
+ blobHeaderSize = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + keySize;
+ ret = xmlSecBufferSetSize(&blob, blobHeaderSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, blobHeaderSize);
+ goto done;
+ }
+
+ blobHeader = (BCRYPT_KEY_DATA_BLOB_HEADER*)xmlSecBufferGetData(&blob);
+ blobHeader->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
+ blobHeader->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(keySize, blobHeader->cbKeyData, goto done, NULL);
+
+ memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
+ keyData, keySize);
+
+ blobSize = xmlSecBufferGetSize(&blob);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(blobSize, dwBlobSize, goto done, NULL);
+
+ /* perform the actual import */
+ status = BCryptImportKey(hAlg,
+ NULL,
+ BCRYPT_KEY_DATA_BLOB,
+ &hKey,
+ pbKeyObject,
+ cbKeyObject,
+ xmlSecBufferGetData(&blob),
+ dwBlobSize,
+ 0);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptImportKey", NULL, status);
+ goto done;
+ }
+
+ /* handle padding ourselves */
+ if (out != in) {
+ memcpy(out, in, inSize);
+ }
+
+ cbData = 0;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, goto done, NULL);
+ status = BCryptDecrypt(hKey,
+ (PUCHAR)in,
+ dwInSize,
+ NULL,
+ NULL,
+ 0,
+ out,
+ dwInSize,
+ &cbData,
+ 0);
+ if (status != STATUS_SUCCESS) {
+ xmlSecMSCngNtError("BCryptDecrypt", NULL, status);
+ goto done;
+ }
+
+ /* success */
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(cbData, (*outWritten), goto done, NULL);
+ res = 0;
+
+done:
+ if (hKey != NULL) {
+ BCryptDestroyKey(hKey);
+ }
+ if (pbKeyObject != NULL) {
+ xmlFree(pbKeyObject);
+ }
+ if (hAlg != NULL) {
+ BCryptCloseAlgorithmProvider(hAlg, 0);
+ }
+ if (blob_initialized != 0) {
+ xmlSecBufferFinalize(&blob);
+ }
+ return(res);
+}
+
#endif /* XMLSEC_NO_AES */
#include <ncrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
#include <xmlsec/bn.h>
+#include <xmlsec/private.h>
#include <xmlsec/mscng/crypto.h>
#include "../kw_aes_des.h"
+#include "../cast_helpers.h"
/*********************************************************************
*
- * Triple DES Key Wrap transform
- *
- * key (xmlSecBuffer) is located after xmlSecTransform structure
+ * Triple DES Key Wrap transform context
*
********************************************************************/
-typedef struct _xmlSecMSCngKWDes3Ctx xmlSecMSCngKWDes3Ctx, *xmlSecMSCngKWDes3CtxPtr;
+typedef xmlSecTransformKWDes3Ctx xmlSecMSCngKWDes3Ctx,
+ *xmlSecMSCngKWDes3CtxPtr;
-struct _xmlSecMSCngKWDes3Ctx {
- LPCWSTR pszAlgId;
- xmlSecKeyDataId keyId;
- xmlSecSize keySize;
- xmlSecBuffer keyBuffer;
-};
-
-#define xmlSecMSCngKWDes3Size \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCngKWDes3Ctx))
-#define xmlSecMSCngKWDes3GetCtx(transform) \
- ((xmlSecMSCngKWDes3CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+/*********************************************************************
+ *
+ * Triple DES Key Wrap transform
+ *
+ ********************************************************************/
+XMLSEC_TRANSFORM_DECLARE(MSCngKWDes3, xmlSecMSCngKWDes3Ctx)
+#define xmlSecMSCngKWDes3Size XMLSEC_TRANSFORM_SIZE(MSCngKWDes3)
static int
-xmlSecMSCngKWDes3GenerateRandom(void * context, xmlSecByte * out,
- xmlSecSize outSize)
+xmlSecMSCngKWDes3GenerateRandom(xmlSecTransformPtr transform ATTRIBUTE_UNUSED, xmlSecByte * out,
+ xmlSecSize outSize, xmlSecSize* outWritten)
{
NTSTATUS status;
+ DWORD dwOutSize;
- UNREFERENCED_PARAMETER(context);
+ UNREFERENCED_PARAMETER(transform);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize > 0, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(outSize, dwOutSize, return(-1), NULL);
status = BCryptGenRandom(
NULL,
(PBYTE)out,
- outSize,
+ dwOutSize,
BCRYPT_USE_SYSTEM_PREFERRED_RNG);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptGenRandom", NULL, status);
return(-1);
}
-
- return((int)outSize);
+ (*outWritten) = outSize;
+ return(0);
}
static int
-xmlSecMSCngKWDes3Sha1(void * context, const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecMSCngKWDes3CtxPtr ctx = (xmlSecMSCngKWDes3CtxPtr)context;
+xmlSecMSCngKWDes3Sha1(xmlSecTransformPtr transform, const xmlSecByte * in, xmlSecSize inSize,
+ xmlSecByte * out, xmlSecSize outSize, xmlSecSize* outWritten) {
+ xmlSecMSCngKWDes3CtxPtr ctx;
BCRYPT_ALG_HANDLE hAlg = NULL;
BCRYPT_HASH_HANDLE hHash = NULL;
PBYTE pbHashObject = NULL;
PBYTE pbHash = NULL;
DWORD cbHash;
DWORD cbData;
+ DWORD dwInSize;
int res = -1;
NTSTATUS status;
- xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCngTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWDes3Size), -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize > 0, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecMSCngKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
/* create */
status = BCryptOpenAlgorithmProvider(&hAlg,
}
/* hash */
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, goto done, NULL);
status = BCryptHashData(hHash,
(PBYTE)in,
- inSize,
+ dwInSize,
0);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptHashData", NULL, status);
goto done;
}
memcpy(out, pbHash, outSize);
- res = cbHash;
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(cbHash, (*outWritten), goto done, NULL);
+ res = 0;
done:
-
if(hHash != NULL) {
BCryptDestroyHash(hHash);
}
}
static int
-xmlSecMSCngKWDes3BlockEncrypt(void * context, const xmlSecByte * iv,
+xmlSecMSCngKWDes3BlockEncrypt(xmlSecTransformPtr transform, const xmlSecByte * iv,
xmlSecSize ivSize, const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecMSCngKWDes3CtxPtr ctx = (xmlSecMSCngKWDes3CtxPtr)context;
+ xmlSecByte * out, xmlSecSize outSize, xmlSecSize* outWritten) {
+ xmlSecMSCngKWDes3CtxPtr ctx;
BCRYPT_ALG_HANDLE hAlg = NULL;
BCRYPT_KEY_HANDLE hKey = NULL;
DWORD cbData;
DWORD cbKeyObject;
xmlSecBuffer blob;
BCRYPT_KEY_DATA_BLOB_HEADER* blobHeader;
- xmlSecSize blobHeaderLen;
- int res = -1;
+ xmlSecSize blobHeaderSize, blobSizeInBits;
NTSTATUS status;
+ xmlSecSize keySize, blobSize;
+ DWORD dwBlobSize, dwInSize, dwIvSize, dwOutSize;
DWORD dwBlockLen, dwBlockLenLen;
xmlSecBuffer ivCopy;
int ret;
+ int res = -1;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCngTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWDes3Size), -1);
xmlSecAssert2(iv != NULL, -1);
xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecMSCngKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
ret = xmlSecBufferInitialize(&blob, 0);
if(ret < 0) {
}
/* prefix the key with a BCRYPT_KEY_DATA_BLOB_HEADER */
- blobHeaderLen = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + xmlSecBufferGetSize(&ctx->keyBuffer);
- ret = xmlSecBufferSetSize(&blob, blobHeaderLen);
+ blobHeaderSize = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + xmlSecBufferGetSize(&ctx->keyBuffer);
+ ret = xmlSecBufferSetSize(&blob, blobHeaderSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d",
- blobHeaderLen);
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, blobHeaderSize);
goto done;
}
blobHeader = (BCRYPT_KEY_DATA_BLOB_HEADER*)xmlSecBufferGetData(&blob);
blobHeader->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
blobHeader->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
- blobHeader->cbKeyData = xmlSecBufferGetSize(&ctx->keyBuffer);
+
+ keySize = xmlSecBufferGetSize(&ctx->keyBuffer);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(keySize, blobHeader->cbKeyData, goto done, NULL);
+
memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
- xmlSecBufferGetData(&ctx->keyBuffer),
- xmlSecBufferGetSize(&ctx->keyBuffer));
+ xmlSecBufferGetData(&ctx->keyBuffer), keySize);
+
+ blobSize = xmlSecBufferGetSize(&blob);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(blobSize, dwBlobSize, goto done, NULL);
/* perform the actual import */
status = BCryptImportKey(hAlg,
pbKeyObject,
cbKeyObject,
xmlSecBufferGetData(&blob),
- xmlSecBufferGetSize(&blob),
+ dwBlobSize,
0);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptImportKey", NULL, status);
}
/* iv len == block len */
- dwBlockLenLen = sizeof(DWORD);
+ dwBlockLenLen = sizeof(dwBlockLen);
status = BCryptGetProperty(hAlg,
BCRYPT_BLOCK_LENGTH,
(PUCHAR)&dwBlockLen,
xmlSecMSCngNtError("BCryptGetProperty", NULL, status);
goto done;
}
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwBlockLen, blobSizeInBits, goto done, NULL);
- if(ivSize < dwBlockLen / 8) {
- xmlSecInvalidSizeLessThanError("ivSize", ivSize, dwBlockLen / 8, NULL);
+ if(ivSize < blobSizeInBits / 8) {
+ xmlSecInvalidSizeLessThanError("ivSize", ivSize, blobSizeInBits / 8, NULL);
goto done;
}
/* caller handles iv manually, so let CNG work on a copy */
ret = xmlSecBufferInitialize(&ivCopy, ivSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize", NULL, "size=%d",
- ivSize);
+ xmlSecInternalError2("xmlSecBufferInitialize", NULL,
+ "size=" XMLSEC_SIZE_FMT, ivSize);
goto done;
}
memcpy(xmlSecBufferGetData(&ivCopy), iv, ivSize);
- cbData = inSize;
+ cbData = 0;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, goto done, NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(ivSize, dwIvSize, goto done, NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(outSize, dwOutSize, goto done, NULL);
status = BCryptEncrypt(hKey,
(PUCHAR)in,
- inSize,
+ dwInSize,
NULL,
xmlSecBufferGetData(&ivCopy),
- ivSize,
+ dwIvSize,
out,
- outSize,
+ dwOutSize,
&cbData,
0);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptEncrypt", NULL, status);
goto done;
}
-
- res = cbData;
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(cbData, (*outWritten), goto done, NULL);
+ res = 0;
done:
xmlSecBufferFinalize(&ivCopy);
}
static int
-xmlSecMSCngKWDes3BlockDecrypt(void * context, const xmlSecByte * iv,
+xmlSecMSCngKWDes3BlockDecrypt(xmlSecTransformPtr transform, const xmlSecByte * iv,
xmlSecSize ivSize, const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecMSCngKWDes3CtxPtr ctx = (xmlSecMSCngKWDes3CtxPtr)context;
+ xmlSecByte * out, xmlSecSize outSize, xmlSecSize* outWritten) {
+ xmlSecMSCngKWDes3CtxPtr ctx;
BCRYPT_ALG_HANDLE hAlg = NULL;
BCRYPT_KEY_HANDLE hKey = NULL;
DWORD cbData;
DWORD cbKeyObject;
xmlSecBuffer blob;
BCRYPT_KEY_DATA_BLOB_HEADER* blobHeader;
- xmlSecSize blobHeaderLen;
- int res = -1;
+ xmlSecSize blobHeaderSize, blobSizeInBits;
+ xmlSecSize keySize, blobSize;
+ DWORD dwBlobSize, dwInSize, dwIvSize, dwOutSize;
NTSTATUS status;
DWORD dwBlockLen, dwBlockLenLen;
int ret;
+ int res = -1;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCngTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWDes3Size), -1);
xmlSecAssert2(iv != NULL, -1);
xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecMSCngKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
ret = xmlSecBufferInitialize(&blob, 0);
if(ret < 0) {
}
/* prefix the key with a BCRYPT_KEY_DATA_BLOB_HEADER */
- blobHeaderLen = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + xmlSecBufferGetSize(&ctx->keyBuffer);
- ret = xmlSecBufferSetSize(&blob, blobHeaderLen);
+ blobHeaderSize = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + xmlSecBufferGetSize(&ctx->keyBuffer);
+ ret = xmlSecBufferSetSize(&blob, blobHeaderSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d",
- blobHeaderLen);
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, blobHeaderSize);
goto done;
}
blobHeader = (BCRYPT_KEY_DATA_BLOB_HEADER*)xmlSecBufferGetData(&blob);
blobHeader->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
blobHeader->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
- blobHeader->cbKeyData = xmlSecBufferGetSize(&ctx->keyBuffer);
+
+ keySize = xmlSecBufferGetSize(&ctx->keyBuffer);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(keySize, blobHeader->cbKeyData, goto done, NULL);
+
memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
- xmlSecBufferGetData(&ctx->keyBuffer),
- xmlSecBufferGetSize(&ctx->keyBuffer));
+ xmlSecBufferGetData(&ctx->keyBuffer), keySize);
+
+ blobSize = xmlSecBufferGetSize(&blob);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(blobSize, dwBlobSize, goto done, NULL);
/* perform the actual import */
status = BCryptImportKey(hAlg,
pbKeyObject,
cbKeyObject,
xmlSecBufferGetData(&blob),
- xmlSecBufferGetSize(&blob),
+ dwBlobSize,
0);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptImportKey", NULL, status);
}
/* iv len == block len */
- dwBlockLenLen = sizeof(DWORD);
+ dwBlockLenLen = sizeof(dwBlockLen);
status = BCryptGetProperty(hAlg,
BCRYPT_BLOCK_LENGTH,
(PUCHAR)&dwBlockLen,
xmlSecMSCngNtError("BCryptGetProperty", NULL, status);
goto done;
}
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwBlockLen, blobSizeInBits, goto done, NULL);
- if(ivSize < dwBlockLen / 8) {
- xmlSecInvalidSizeLessThanError("ivSize", ivSize, dwBlockLen / 8, NULL);
+ if(ivSize < blobSizeInBits / 8) {
+ xmlSecInvalidSizeLessThanError("ivSize", ivSize, blobSizeInBits / 8, NULL);
goto done;
}
memcpy(out, in, inSize);
}
- cbData = inSize;
+ cbData = 0;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, goto done, NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(ivSize, dwIvSize, goto done, NULL);
+ dwOutSize = dwInSize;
+
status = BCryptDecrypt(hKey,
(PUCHAR)in,
- inSize,
+ dwInSize,
NULL,
(PUCHAR)iv,
- ivSize,
+ dwIvSize,
out,
- inSize,
+ dwOutSize,
&cbData,
0);
if(status != STATUS_SUCCESS) {
xmlSecMSCngNtError("BCryptDecrypt", NULL, status);
goto done;
}
-
- res = cbData;
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(cbData, (*outWritten), goto done, NULL);
+ res = 0;
done:
if (hKey != NULL) {
ctx = xmlSecMSCngKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
-
memset(ctx, 0, sizeof(xmlSecMSCngKWDes3Ctx));
- if(transform->id == xmlSecMSCngTransformKWDes3Id) {
- ctx->pszAlgId = BCRYPT_DES_ALGORITHM;
- ctx->keyId = xmlSecMSCngKeyDataDesId;
- ctx->keySize = XMLSEC_KW_DES3_KEY_LENGTH;
- } else {
- xmlSecInvalidTransfromError(transform)
- return(-1);
- }
-
- ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform));
+ ret = xmlSecTransformKWDes3Initialize(transform, ctx, &xmlSecMSCngKWDesKlass,
+ xmlSecMSCngKeyDataDesId);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3Initialize", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
ctx = xmlSecMSCngKWDes3GetCtx(transform);
xmlSecAssert(ctx != NULL);
- xmlSecBufferFinalize(&ctx->keyBuffer);
-
+ xmlSecTransformKWDes3Finalize(transform, ctx);
memset(ctx, 0, sizeof(xmlSecMSCngKWDes3Ctx));
}
static int
xmlSecMSCngKWDes3SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecMSCngKWDes3CtxPtr ctx;
+ int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCngTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) ||
- (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWDes3Size), -1);
- xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecMSCngKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keyReq->keyId = ctx->keyId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage = xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+ ret = xmlSecTransformKWDes3SetKeyReq(transform, ctx, keyReq);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3SetKeyReq", xmlSecTransformGetName(transform));
+ return(-1);
}
- keyReq->keyBitsSize = ctx->keySize * 8;
return(0);
}
static int
xmlSecMSCngKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecMSCngKWDes3CtxPtr ctx;
- xmlSecBufferPtr buffer;
- xmlSecSize keySize;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCngTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) ||
- (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWDes3Size), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key),
- xmlSecMSCngKeyDataDesId), -1);
ctx = xmlSecMSCngKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
- xmlSecAssert2(buffer != NULL, -1);
-
- keySize = xmlSecBufferGetSize(buffer);
- if(keySize < ctx->keySize) {
- xmlSecInvalidKeyDataSizeError(keySize, ctx->keySize,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- ret = xmlSecBufferSetData(&ctx->keyBuffer, xmlSecBufferGetData(buffer),
- ctx->keySize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform), "size=%d", ctx->keySize);
+ ret = xmlSecTransformKWDes3SetKey(transform, ctx, key);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3SetKey", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
static int
-xmlSecMSCngKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCngKWDes3Execute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCngKWDes3CtxPtr ctx;
- xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize, keySize;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCngTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) ||
- (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngKWDes3Size), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCngKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
-
- keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
- xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
-
- in = &(transform->inBuf);
- out = &(transform->outBuf);
- inSize = xmlSecBufferGetSize(in);
- outSize = xmlSecBufferGetSize(out);
- xmlSecAssert2(outSize == 0, -1);
-
- if(transform->status == xmlSecTransformStatusNone) {
- transform->status = xmlSecTransformStatusWorking;
- }
-
- if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
- /* just do nothing */
- } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
- xmlSecInvalidSizeNotMultipleOfError("Input data", inSize,
- XMLSEC_KW_DES3_BLOCK_LENGTH,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* the encoded key might be 16 bytes longer plus one block just in case */
- outSize = inSize + XMLSEC_KW_DES3_IV_LENGTH +
- XMLSEC_KW_DES3_BLOCK_LENGTH + XMLSEC_KW_DES3_BLOCK_LENGTH;
- } else {
- /* just in case, add a block */
- outSize = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH;
- }
-
- ret = xmlSecBufferSetMaxSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform), "size=%d", outSize);
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- ret = xmlSecKWDes3Encode(&xmlSecMSCngKWDesKlass, ctx,
- xmlSecBufferGetData(in), inSize, xmlSecBufferGetData(out),
- outSize);
- if(ret < 0) {
- xmlSecInternalError4("xmlSecKWDes3Encode",
- xmlSecTransformGetName(transform), "key=%d,in=%d,out=%d",
- keySize, inSize, outSize);
- return(-1);
- }
-
- outSize = ret;
- } else {
- ret = xmlSecKWDes3Decode(&xmlSecMSCngKWDesKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError4("xmlSecKWDes3Decode", xmlSecTransformGetName(transform),
- "key=%d,in=%d,out=%d", keySize, inSize, outSize);
- return(-1);
- }
- outSize = ret;
- }
-
- ret = xmlSecBufferSetSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform), "size=%d", outSize);
- return(-1);
- }
-
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform), "size=%d", inSize);
- return(-1);
- }
-
- transform->status = xmlSecTransformStatusFinished;
- } else if(transform->status == xmlSecTransformStatusFinished) {
- /* the only way we can get here is if there is no input */
- xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
- } else {
- xmlSecInvalidTransfromStatusError(transform);
+ ret = xmlSecTransformKWDes3Execute(transform, ctx, last);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3Execute", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
#include <xmlsec/mscng/crypto.h>
#include <xmlsec/mscng/certkeys.h>
+#include "../cast_helpers.h"
+
/**************************************************************************
*
* Internal MSCng signatures ctx
*
* Signature transforms
*
- * xmlSecMSCngSignatureCtx is located after xmlSecTransform
- *
*****************************************************************************/
-#define xmlSecMSCngSignatureSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCngSignatureCtx))
-#define xmlSecMSCngSignatureGetCtx(transform) \
- ((xmlSecMSCngSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(MSCngSignature, xmlSecMSCngSignatureCtx)
+#define xmlSecMSCngSignatureSize XMLSEC_TRANSFORM_SIZE(MSCngSignature)
static int xmlSecMSCngSignatureCheckId (xmlSecTransformPtr transform);
static int xmlSecMSCngSignatureInitialize (xmlSecTransformPtr transform);
NTSTATUS status;
BCRYPT_PKCS1_PADDING_INFO info;
BCRYPT_PKCS1_PADDING_INFO* pInfo = NULL;
- DWORD infoFlags = 0;
+ DWORD dwDataSize, infoFlags = 0;
xmlSecAssert2(xmlSecMSCngSignatureCheckId(transform), -1);
xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
pubkey = xmlSecMSCngKeyDataGetPubKey(ctx->data);
if(pubkey == 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataGetPubKey",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecMSCngKeyDataGetPubKey", xmlSecTransformGetName(transform));
return(-1);
}
infoFlags = BCRYPT_PAD_PKCS1;
}
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize, dwDataSize, return(-1), xmlSecTransformGetName(transform));
status = BCryptVerifySignature(
pubkey,
pInfo,
ctx->pbHash,
ctx->cbHash,
(PBYTE)data,
- dataSize,
+ dwDataSize,
infoFlags);
if(status != STATUS_SUCCESS) {
if(status == STATUS_INVALID_SIGNATURE) {
if(transform->status == xmlSecTransformStatusWorking) {
if(inSize > 0) {
+ DWORD dwInSize;
+
xmlSecAssert2(outSize == 0, -1);
/* hash some data */
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, return(-1), xmlSecTransformGetName(transform));
status = BCryptHashData(
ctx->hHash,
(PBYTE)xmlSecBufferGetData(&transform->inBuf),
- inSize,
+ dwInSize,
0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("BCryptHashData",
- xmlSecTransformGetName(transform), status);
+ xmlSecMSCngNtError("BCryptHashData", xmlSecTransformGetName(transform), status);
return(-1);
}
ret = xmlSecBufferRemoveHead(&transform->inBuf, inSize);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform));
return(-1);
}
}
privkey = xmlSecMSCngKeyDataGetPrivKey(ctx->data);
if(privkey == 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataGetPrivKey",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecMSCngKeyDataGetPrivKey", xmlSecTransformGetName(transform));
return(-1);
}
&cbSignature,
0);
if(status != STATUS_SUCCESS) {
- xmlSecMSCngNtError("NCryptSignHash",
- xmlSecTransformGetName(transform), status);
+ xmlSecMSCngNtError("NCryptSignHash", xmlSecTransformGetName(transform), status);
return(-1);
}
- outSize = (xmlSecSize)cbSignature;
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(cbSignature, outSize, return(-1), xmlSecTransformGetName(transform));
/* allocate the signature buffer on the heap */
ret = xmlSecBufferSetSize(&transform->outBuf, outSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform), "size=%d", outSize);
+ xmlSecInternalError2("xmlSecBufferSetSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
/* sign the hash */
- if(ctx->keyId == xmlSecMSCngKeyDataRsaId) {
+ if(ctx->keyId == xmlSecMSCngKeyDataRsaId) {
info.pszAlgId = ctx->pszHashAlgId;
pInfo = &info;
infoFlags = BCRYPT_PAD_PKCS1;
- }
+ }
status = NCryptSignHash(
privkey,
pInfo,
#include <ncrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/mscng/crypto.h>
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+
#define xmlSecMSCngSymKeyDataCheckId(data) \
(xmlSecKeyDataIsValid((data)) && \
xmlSecMSCngSymKeyDataKlassCheck((data)->id))
*/
/**
* SECTION:x509
- * @Short_description: X509 certificates implementation for Microsoft Cryptography API: Next Generation (CNG).
+ * @Short_description: X509 certificates implementation for Microsoft Cryptography API: Next Generation (CNG).
* @Stability: Stable
*
*/
#include <windows.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/base64.h>
+#include <xmlsec/bn.h>
+#include <xmlsec/errors.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/keysmngr.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/x509.h>
-#include <xmlsec/base64.h>
-#include <xmlsec/bn.h>
-#include <xmlsec/errors.h>
+#include <xmlsec/mscng/certkeys.h>
#include <xmlsec/mscng/crypto.h>
#include <xmlsec/mscng/x509.h>
-#include <xmlsec/mscng/certkeys.h>
+
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
typedef struct _xmlSecMSCngX509DataCtx xmlSecMSCngX509DataCtx,
*xmlSecMSCngX509DataCtxPtr;
PCCERT_CONTEXT cert;
};
-#define xmlSecMSCngX509DataSize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecMSCngX509DataCtx))
-#define xmlSecMSCngX509DataGetCtx(data) \
- ((xmlSecMSCngX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+XMLSEC_KEY_DATA_DECLARE(MSCngX509Data, xmlSecMSCngX509DataCtx)
+#define xmlSecMSCngX509DataSize XMLSEC_KEY_DATA_SIZE(MSCngX509Data)
static int
xmlSecMSCngKeyDataX509Initialize(xmlSecKeyDataPtr data) {
if(ctx->cert != NULL) {
if(!CertFreeCertificateContext(ctx->cert)) {
xmlSecMSCngLastError("CertFreeCertificateContext", NULL);
+ /* ignore error */
}
}
if(ctx->hMemStore != 0) {
if(!CertCloseStore(ctx->hMemStore, 0)) {
xmlSecMSCngLastError("CertCloseStore", NULL);
+ /* ignore error */
}
}
static PCCERT_CONTEXT
xmlSecMSCngX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
PCCERT_CONTEXT cert;
+ DWORD dwSize;
xmlSecAssert2(buf != NULL, NULL);
xmlSecAssert2(size > 0, NULL);
- cert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, size);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(size, dwSize, return(NULL), NULL);
+ cert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, dwSize);
if(cert == NULL) {
xmlSecMSCngLastError("CertCreateCertificateContext", NULL);
return(NULL);
return(cert);
}
-/**
- * xmlSecMSCngX509CertBase64DerRead:
- *
- * The MSCng reader for the <X509Certificate> XML content.
- */
-static PCCERT_CONTEXT
-xmlSecMSCngX509CertBase64DerRead(xmlChar* buf) {
- int size;
-
- xmlSecAssert2(buf != NULL, NULL);
-
- /* in-place decoding */
- size = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
- if(size < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- return(NULL);
- }
-
- return(xmlSecMSCngX509CertDerRead((xmlSecByte*)buf, size));
-}
-
-
int
xmlSecMSCngKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT cert) {
xmlSecMSCngX509DataCtxPtr ctx;
return(0);
}
-/**
- * xmlSecMSCngX509SubjectNameNodeRead:
- *
- * The MSCng reader for the <X509SubjectName> XML element.
- */
-static int
-xmlSecMSCngX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr store;
- xmlChar* subject;
- PCCERT_CONTEXT cert;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCngX509StoreId);
- if(store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- subject = xmlNodeGetContent(node);
- if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
- if(subject != NULL) {
- xmlFree(subject);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data),
- "empty");
- return(-1);
- }
-
- return(0);
- }
-
- cert = xmlSecMSCngX509StoreFindCert(store, subject, NULL, NULL, NULL, keyInfoCtx);
- if(cert == NULL) {
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND,
- xmlSecKeyDataGetName(data), "subject=%s",
- xmlSecErrorsSafeString(subject));
- xmlFree(subject);
- return(-1);
- }
-
- xmlFree(subject);
- return(0);
- }
-
- ret = xmlSecMSCngKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CertFreeCertificateContext(cert);
- xmlFree(subject);
- return(-1);
- }
-
- xmlFree(subject);
- return(0);
-}
-/**
- * xmlSecMSCngX509CertificateNodeRead:
- *
- * The MSCng reader for the <X509Certificate> XML element.
- */
-static int
-xmlSecMSCngX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* content;
- PCCERT_CONTEXT cert;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlNodeGetContent(node);
- if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
- if(content != NULL) {
- xmlFree(content);
- }
-
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data),
- "content is an empty string");
- return(-1);
- }
-
- return(0);
- }
-
- cert = xmlSecMSCngX509CertBase64DerRead(content);
- if(cert == NULL) {
- xmlSecInternalError("xmlSecMSCngX509CertBase64DerRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- ret = xmlSecMSCngKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- return(-1);
-
- }
-
- xmlFree(content);
- return(0);
-}
-
-/**
- * xmlSecMSCngX509IssuerSerialNodeRead:
- *
- * The MSCng reader for the <X509IssuerSerial> XML element.
- */
-static int
-xmlSecMSCngX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr store;
- xmlNodePtr cur;
- xmlChar* issuerName;
- xmlChar* issuerSerial;
- PCCERT_CONTEXT cert;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCngX509StoreId);
- if(store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(node->children);
- if(cur == NULL) {
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecNodeNotFoundError("xmlSecGetNextElementNode", node, NULL,
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- return(0);
- }
-
- /* handle X509IssuerName */
- if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
- xmlSecInvalidNodeError(cur, xmlSecNodeX509IssuerName,
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- issuerName = xmlNodeGetContent(cur);
- if(issuerName == NULL) {
- xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data),
- "empty");
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
- if(cur == NULL) {
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecNodeNotFoundError("xmlSecGetNextElementNode", node, NULL,
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- return(0);
- }
-
- /* handle X509SerialNumber */
- if(!xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
- xmlSecInvalidNodeError(cur, xmlSecNodeX509SerialNumber,
- xmlSecKeyDataGetName(data));
- xmlFree(issuerName);
- return(-1);
- }
-
- issuerSerial = xmlNodeGetContent(cur);
- if(issuerSerial == NULL) {
- xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data),
- "empty");
- xmlFree(issuerSerial);
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
- }
-
- cert = xmlSecMSCngX509StoreFindCert(store, NULL, issuerName, issuerSerial,
- NULL, keyInfoCtx);
- if(cert == NULL) {
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecOtherError3(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "issuerName=%s;issuerSerial=%s",
- xmlSecErrorsSafeString(issuerName),
- xmlSecErrorsSafeString(issuerSerial));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
- }
-
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(0);
- }
-
- ret = xmlSecMSCngKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CertFreeCertificateContext(cert);
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
- }
-
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(0);
-}
-
-/**
- * xmlSecMSCngX509SKINodeRead:
- *
- * The MSCng reader for the <X509SKI> XML element.
- */
-static int
-xmlSecMSCngX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr store;
- xmlChar* ski;
- PCCERT_CONTEXT cert;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCngX509StoreId);
- if(store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- ski = xmlNodeGetContent(node);
- if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
- if(ski != NULL) {
- xmlFree(ski);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data),
- "empty");
- return(-1);
- }
- return(0);
- }
-
- cert = xmlSecMSCngX509StoreFindCert(store, NULL, NULL, NULL, ski, keyInfoCtx);
- if(cert == NULL){
- xmlFree(ski);
-
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "ski=%s", xmlSecErrorsSafeString(ski));
- return(-1);
- }
- return(0);
- }
-
- ret = xmlSecMSCngKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CertFreeCertificateContext(cert);
- xmlFree(ski);
- return(-1);
- }
-
- xmlFree(ski);
- return(0);
-}
static PCCRL_CONTEXT
-xmlSecMSCngX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecMSCngX509CrlDerRead(xmlSecByte* buf, xmlSecSize size) {
PCCRL_CONTEXT crl = NULL;
+ DWORD dwSize;
xmlSecAssert2(buf != NULL, NULL);
- xmlSecAssert2(keyInfoCtx != NULL, NULL);
xmlSecAssert2(size > 0, NULL);
- crl = CertCreateCRLContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, size);
-
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(size, dwSize, return(NULL), NULL);
+ crl = CertCreateCRLContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, dwSize);
if(crl == NULL) {
xmlSecMSCngLastError("CertCreateCRLContext", NULL);
return(NULL);
return(crl);
}
-static PCCRL_CONTEXT
-xmlSecMSCngX509CrlBase64DerRead(xmlChar* buf, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- int ret;
-
- xmlSecAssert2(buf != NULL, NULL);
-
- /* usual trick with base64 decoding in-place */
- ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- return(NULL);
- }
-
- return(xmlSecMSCngX509CrlDerRead((xmlSecByte*)buf, ret, keyInfoCtx));
-}
-
-static int
-xmlSecMSCngX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar *content;
- PCCRL_CONTEXT crl;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlNodeGetContent(node);
- if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
- if(content != NULL) {
- xmlFree(content);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- return(0);
- }
-
- crl = xmlSecMSCngX509CrlBase64DerRead(content, keyInfoCtx);
- if(crl == NULL) {
- xmlSecInternalError("xmlSecMSCngX509CrlBase64DerRead",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
- return(-1);
- }
-
- ret = xmlSecMSCngKeyDataX509AdoptCrl(data, crl);
- if (ret < 0) {
- xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptCrl",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
- CertFreeCRLContext(crl);
- return(-1);
- }
-
- xmlFree(content);
- return(0);
-}
-
-/**
- * xmlSecMSCngX509DataNodeRead:
- *
- * The MSCng reader for the <X509Data> XML element.
- */
-static int
-xmlSecMSCngX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- for(cur = xmlSecGetNextElementNode(node->children);
- cur != NULL;
- cur = xmlSecGetNextElementNode(cur->next)) {
- if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
- ret = xmlSecMSCngX509CertificateNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngX509CertificateNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
- ret = xmlSecMSCngX509SubjectNameNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngX509SubjectNameNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
- ret = xmlSecMSCngX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngX509IssuerSerialNodeRead", NULL);
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
- ret = xmlSecMSCngX509SKINodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngX509SKINodeRead", NULL);
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
- ret = xmlSecMSCngX509CRLNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngX509CRLNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
- return(-1);
- }
- }
- return(0);
-}
-
/**
* xmlSecMSCngX509CertGetTime:
*
}
static int
+xmlSecMSCngKeyDataX509Read(xmlSecKeyDataPtr data, xmlSecKeyValueX509Ptr x509Value,
+ xmlSecKeysMngrPtr keysMngr, unsigned int flags) {
+ xmlSecKeyDataStorePtr x509Store;
+ int stopOnUnknownCert = 0;
+ PCCERT_CONTEXT cert = NULL;
+ PCCRL_CONTEXT crl = NULL;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataX509Id), -1);
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(keysMngr != NULL, -1);
+
+ x509Store = xmlSecKeysMngrGetDataStore(keysMngr, xmlSecMSCngX509StoreId);
+ if (x509Store == NULL) {
+ xmlSecInternalError("xmlSecKeysMngrGetDataStore", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ /* determine what to do */
+ if ((flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ stopOnUnknownCert = 1;
+ }
+
+ if (xmlSecBufferGetSize(&(x509Value->cert)) > 0) {
+ cert = xmlSecMSCngX509CertDerRead(xmlSecBufferGetData(&(x509Value->cert)),
+ xmlSecBufferGetSize(&(x509Value->cert)));
+ if (cert == NULL) {
+ xmlSecInternalError("xmlSecMSCngX509CertDerRead", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ }
+ else if (xmlSecBufferGetSize(&(x509Value->crl)) > 0) {
+ crl = xmlSecMSCngX509CrlDerRead(xmlSecBufferGetData(&(x509Value->crl)),
+ xmlSecBufferGetSize(&(x509Value->crl)));
+ if (crl == NULL) {
+ xmlSecInternalError("xmlSecMSCngX509CertDerRead", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ }
+ else if (xmlSecBufferGetSize(&(x509Value->ski)) > 0) {
+ cert = xmlSecMSCngX509StoreFindCert_ex(x509Store, NULL, NULL, NULL,
+ xmlSecBufferGetData(&(x509Value->ski)), xmlSecBufferGetSize(&(x509Value->ski)),
+ NULL /* unused */);
+ if ((cert == NULL) && (stopOnUnknownCert != 0)) {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "skiSize=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(&(x509Value->ski)));
+ goto done;
+ }
+ }
+ else if (x509Value->subject != NULL) {
+ cert = xmlSecMSCngX509StoreFindCert_ex(x509Store, x509Value->subject,
+ NULL, NULL, NULL, 0, NULL /* unused */);
+ if ((cert == NULL) && (stopOnUnknownCert != 0)) {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "subject=%s", xmlSecErrorsSafeString(x509Value->subject));
+ goto done;
+ }
+ }
+ else if ((x509Value->issuerName != NULL) && (x509Value->issuerSerial != NULL)) {
+ cert = xmlSecMSCngX509StoreFindCert_ex(x509Store, NULL,
+ x509Value->issuerName, x509Value->issuerSerial,
+ NULL, 0, NULL /* unused */);
+ if ((cert == NULL) && (stopOnUnknownCert != 0)) {
+ xmlSecOtherError3(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "issuerName=%s;issuerSerial=%s",
+ xmlSecErrorsSafeString(x509Value->issuerName),
+ xmlSecErrorsSafeString(x509Value->issuerSerial));
+ goto done;
+ }
+ }
+
+ /* if we found a cert or a crl, then add it to the data */
+ if (cert != NULL) {
+ ret = xmlSecMSCngKeyDataX509AdoptCert(data, cert);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptCert", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ cert = NULL; /* owned by data now */
+ }
+ if (crl != NULL) {
+ ret = xmlSecMSCngKeyDataX509AdoptCrl(data, crl);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptCrl", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ crl = NULL; /* owned by data now */
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ /* cleanup */
+ if (cert != NULL) {
+ CertFreeCertificateContext(cert);
+ }
+ if (crl != NULL) {
+ CertFreeCRLContext(crl);
+ }
+ return(res);
+}
+
+static int
xmlSecMSCngKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
xmlSecKeyDataPtr data;
xmlSecAssert2(id == xmlSecMSCngKeyDataX509Id, -1);
xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
data = xmlSecKeyEnsureData(key, id);
- if(data == NULL) {
+ if (data == NULL) {
xmlSecInternalError("xmlSecKeyEnsureData",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
- ret = xmlSecMSCngX509DataNodeRead(data, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngX509DataNodeRead",
+ ret = xmlSecKeyDataX509XmlRead(data, node, keyInfoCtx,
+ xmlSecMSCngKeyDataX509Read);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecKeyDataX509XmlRead",
xmlSecKeyDataKlassGetName(id));
return(-1);
}
ret = xmlSecMSCngKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
- if(ret < 0) {
+ if (ret < 0) {
xmlSecInternalError("xmlSecMSCngKeyDataX509VerifyAndExtractKey",
xmlSecKeyDataKlassGetName(id));
return(-1);
}
-
- return(0);
-}
-
-static int
-xmlSecMSCngX509CertificateNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* buf;
- xmlNodePtr child;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(cert->pbCertEncoded != NULL, -1);
- xmlSecAssert2(cert->cbCertEncoded > 0, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- buf = xmlSecBase64Encode(cert->pbCertEncoded, cert->cbCertEncoded,
- keyInfoCtx->base64LineSize);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- return(-1);
- }
-
- child = xmlSecEnsureEmptyChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
- if(child == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- xmlNodeSetContent(child, buf);
- xmlFree(buf);
-
return(0);
}
return(res);
}
-static int
-xmlSecMSCngX509SubjectNameNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node) {
- xmlChar* buf = NULL;
- xmlNodePtr cur = NULL;
- int ret;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- buf = xmlSecMSCngX509NameWrite(&(cert->pCertInfo->Subject));
- if(buf == NULL) {
- xmlSecInternalError("xmlSecMSCngX509NameWrite", NULL);
- return(-1);
- }
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- ret = xmlSecNodeEncodeAndSetContent(cur, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- /* done */
- xmlFree(buf);
- return(0);
-}
-
-static int
-xmlSecMSCngASN1IntegerWrite(xmlNodePtr node, PCRYPT_INTEGER_BLOB num) {
+static xmlChar*
+xmlSecMSCngASN1IntegerWrite(PCRYPT_INTEGER_BLOB num) {
xmlSecBn bn;
+ xmlChar* res;
int ret;
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(num != NULL, -1);
+ xmlSecAssert2(num != NULL, NULL);
ret = xmlSecBnInitialize(&bn, num->cbData + 1);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBnInitialize", NULL, "size=%ld",
- num->cbData + 1);
- return(-1);
+ xmlSecInternalError2("xmlSecBnInitialize", NULL, "size=%lu", num->cbData + 1);
+ return(NULL);
}
ret = xmlSecBnSetData(&bn, num->pbData, num->cbData);
if(ret < 0) {
xmlSecInternalError("xmlSecBnSetData", NULL);
xmlSecBnFinalize(&bn);
- return(-1);
+ return(NULL);
}
/* SerialNumber is little-endian, see <https://msdn.microsoft.com/en-us/library/windows/desktop/aa377200(v=vs.85).aspx>.
- * xmldsig wants big-endian, so enable reversing */
- ret = xmlSecBnSetNodeValue(&bn, node, xmlSecBnDec, 1, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnSetNodeValue", NULL);
+ * xmldsig wants big-endian, so reverse */
+ ret = xmlSecBnReverse(&bn);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse", NULL);
xmlSecBnFinalize(&bn);
- return(-1);
+ return(NULL);
}
+ res = xmlSecBnToDecString(&bn);
+ if (res == NULL) {
+ xmlSecInternalError("xmlSecBnToDecString", NULL);
+ xmlSecBnFinalize(&bn);
+ return(NULL);
+ }
+
+ /* done */
xmlSecBnFinalize(&bn);
- return(0);
+ return(res);
}
static int
-xmlSecMSCngX509IssuerSerialNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node) {
- xmlNodePtr cur;
- xmlNodePtr issuerNameNode;
- xmlNodePtr issuerNumberNode;
- xmlChar* buf;
+xmlSecMSCngX509SKIWrite(PCCERT_CONTEXT cert, xmlSecBufferPtr buf) {
+ PCERT_EXTENSION pCertExt;
+ DWORD dwSize;
+ BOOL rv;
int ret;
xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* create xml nodes */
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild", NULL);
- return(-1);
- }
-
- issuerNameNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
- if(issuerNameNode == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild", NULL);
- return(-1);
- }
-
- issuerNumberNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
- if(issuerNumberNode == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild", NULL);
- return(-1);
- }
-
- /* write data */
- buf = xmlSecMSCngX509NameWrite(&(cert->pCertInfo->Issuer));
- if(buf == NULL) {
- xmlSecInternalError("xmlSecMSCngX509NameWrite", NULL);
- return(-1);
- }
-
- ret = xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- xmlFree(buf);
-
- ret = xmlSecMSCngASN1IntegerWrite(issuerNumberNode, &(cert->pCertInfo->SerialNumber));
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngASN1IntegerWrite", NULL);
- return(-1);
- }
- return(0);
-}
-
-static xmlChar*
-xmlSecMSCngX509SKIWrite(PCCERT_CONTEXT cert) {
- xmlChar *res = NULL;
- DWORD dwSize;
- BYTE *bSKI = NULL;
- PCERT_EXTENSION pCertExt;
-
- xmlSecAssert2(cert != NULL, NULL);
+ xmlSecAssert2(buf != NULL, -1);
/* First check if the SKI extension actually exists, otherwise we get a SHA1 hash of the cert */
pCertExt = CertFindExtension(szOID_SUBJECT_KEY_IDENTIFIER, cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension);
if (pCertExt == NULL) {
xmlSecMSCngLastError("CertFindExtension", NULL);
- return (NULL);
- }
-
- if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, NULL, &dwSize) || dwSize < 1) {
- xmlSecMSCngLastError("CertGetCertificateContextProperty", NULL);
- return (NULL);
- }
- bSKI = xmlMalloc(dwSize);
- if (bSKI == NULL) {
- xmlSecMallocError(dwSize, NULL);
- return (NULL);
+ return (0);
}
- if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, bSKI, &dwSize)) {
+ rv = CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, NULL, &dwSize);
+ if (!rv || dwSize <= 0) {
xmlSecMSCngLastError("CertGetCertificateContextProperty", NULL);
- xmlFree(bSKI);
- return (NULL);
- }
-
- if (bSKI == NULL) {
- return(NULL);
- }
-
- res = xmlSecBase64Encode(bSKI, dwSize, 0);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- xmlFree(bSKI);
- return(NULL);
+ return(-1);
}
- xmlFree(bSKI);
-
- return(res);
-}
-static int
-xmlSecMSCngX509SKINodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node) {
- xmlChar *buf = NULL;
- xmlNodePtr cur = NULL;
- int ret;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- buf = xmlSecMSCngX509SKIWrite(cert);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecMSCngX509SKIWrite", NULL);
+ ret = xmlSecBufferSetMaxSize(buf, dwSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL,
+ "size=%lu", dwSize);
return(-1);
}
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild", NULL);
- xmlFree(buf);
+ if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, xmlSecBufferGetData(buf), &dwSize)) {
+ xmlSecMSCngLastError("CertGetCertificateContextProperty", NULL);
return(-1);
}
- ret = xmlSecNodeEncodeAndSetContent(cur, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
+ ret = xmlSecBufferSetSize(buf, dwSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=%lu", dwSize);
return(-1);
}
-
- xmlFree(buf);
return(0);
}
+typedef struct _xmlSecMSCngKeyDataX5099WriteContext {
+ HCERTSTORE store;
+ PCCERT_CONTEXT crt;
+ PCCRL_CONTEXT crl;
+ int doneCrts;
+ int doneCrls;
+} xmlSecMSCngKeyDataX5099WriteContext;
+
static int
-xmlSecMSCngX509CRLNodeWrite(PCCRL_CONTEXT crl, xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecAssert2(crl != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+xmlSecMSCngKeyDataX509Write(xmlSecKeyDataPtr data, xmlSecKeyValueX509Ptr x509Value,
+ int content, void* context) {
+ xmlSecMSCngKeyDataX5099WriteContext* ctx;
+ int ret;
- xmlSecNotImplementedError(NULL);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCngKeyDataX509Id), -1);
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(context != NULL, -1);
+
+ ctx = (xmlSecMSCngKeyDataX5099WriteContext*)context;
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->store != NULL, -1);
+
+ /* try to get and write the next cert if availablle */
+ if (ctx->doneCrts == 0) {
+ ctx->crt = CertEnumCertificatesInStore(ctx->store, ctx->crt);
+ if (ctx->crt != NULL) {
+ if ((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
+ xmlSecAssert2(ctx->crt->pbCertEncoded != NULL, -1);
+ xmlSecAssert2(ctx->crt->cbCertEncoded > 0, -1);
+
+ ret = xmlSecBufferSetData(&(x509Value->cert), ctx->crt->pbCertEncoded, ctx->crt->cbCertEncoded);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBufferSetData", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ }
+ if ((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
+ ret = xmlSecMSCngX509SKIWrite(ctx->crt, &(x509Value->ski));
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCngX509SKIWrite", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ }
+ if ((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
+ xmlSecAssert2(x509Value->subject == NULL, -1);
+ xmlSecAssert2(ctx->crt->pCertInfo != NULL, -1);
+
+ x509Value->subject = xmlSecMSCngX509NameWrite(&(ctx->crt->pCertInfo->Subject));
+ if (x509Value->subject == NULL) {
+ xmlSecInternalError("xmlSecMSCngX509NameWrite(subject)", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ }
+ if ((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
+ xmlSecAssert2(x509Value->issuerName == NULL, -1);
+ xmlSecAssert2(x509Value->issuerSerial == NULL, -1);
+ xmlSecAssert2(ctx->crt->pCertInfo != NULL, -1);
+
+ x509Value->issuerName = xmlSecMSCngX509NameWrite(&(ctx->crt->pCertInfo->Issuer));
+ if (x509Value->issuerName == NULL) {
+ xmlSecInternalError("xmlSecMSCngX509NameWrite(issuer name)", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ x509Value->issuerSerial = xmlSecMSCngASN1IntegerWrite(&(ctx->crt->pCertInfo->SerialNumber));
+ if (x509Value->issuerSerial == NULL) {
+ xmlSecInternalError("xmlSecMSCngASN1IntegerWrite(issuer serial))", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ }
+ /* done */
+ return(0);
+ } else {
+ ctx->doneCrts = 1;
+ }
+ }
+
+ /* try to get and write the next crl if availablle */
+ if (ctx->doneCrls == 0) {
+ ctx->crl = CertEnumCRLsInStore(ctx->store, ctx->crl);
+ if (ctx->crl != NULL) {
+ if ((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
+ xmlSecAssert2(ctx->crl->pbCrlEncoded != NULL, -1);
+ xmlSecAssert2(ctx->crl->cbCrlEncoded > 0, -1);
+
+ ret = xmlSecBufferSetData(&(x509Value->crl), ctx->crl->pbCrlEncoded, ctx->crl->cbCrlEncoded);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBufferSetData", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ }
+ /* done */
+ return(0);
+ } else {
+ ctx->doneCrls = 1;
+ }
+ }
- return(-1);
+ /* no more certs or crls */
+ xmlSecAssert2(ctx->doneCrts != 0, -1);
+ xmlSecAssert2(ctx->doneCrls != 0, -1);
+ return(1);
}
static int
xmlSecMSCngKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- int content;
- xmlSecKeyDataPtr keyData;
+ xmlSecMSCngKeyDataX5099WriteContext context;
xmlSecMSCngX509DataCtxPtr x509DataCtx;
- PCCERT_CONTEXT cert = NULL;
- HCERTSTORE certs;
- PCCRL_CONTEXT crlCtx = NULL;
+ xmlSecKeyDataPtr data;
int ret;
xmlSecAssert2(id == xmlSecMSCngKeyDataX509Id, -1);
xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlSecX509DataGetNodeContent(node, keyInfoCtx);
- if(content < 0) {
- xmlSecInternalError("xmlSecX509DataGetNodeContent",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- if(content == 0) {
- /* no content -> writer the default */
- content = XMLSEC_X509DATA_DEFAULT;
- }
- keyData = xmlSecKeyGetData(key, id);
- if(keyData == NULL) {
- /* nothing to do */
+ /* get x509 data */
+ data = xmlSecKeyGetData(key, id);
+ if (data == NULL) {
+ /* no x509 data in the key */
return(0);
}
+ x509DataCtx = xmlSecMSCngX509DataGetCtx(data);
+ xmlSecAssert2(x509DataCtx != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(keyData, xmlSecMSCngKeyDataX509Id), -1);
- x509DataCtx = xmlSecMSCngX509DataGetCtx(keyData);
- certs = x509DataCtx->hMemStore;
-
- /* write certificates */
- while((cert = CertEnumCertificatesInStore(certs, cert)) != NULL) {
- if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
- ret = xmlSecMSCngX509CertificateNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngX509CertificateNodeWrite",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
- ret = xmlSecMSCngX509SubjectNameNodeWrite(cert, node);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngX509SubjectNameNodeWrite",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
- ret = xmlSecMSCngX509IssuerSerialNodeWrite(cert, node);
- if(ret< 0) {
- xmlSecInternalError("xmlSecMSCngX509IssuerSerialNodeWrite",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- }
+ /* setup context */
+ context.store = x509DataCtx->hMemStore;
+ context.crt = NULL;
+ context.crl = NULL;
+ context.doneCrts = context.doneCrls = 0;
- if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
- ret = xmlSecMSCngX509SKINodeWrite(cert, node);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngX509SKINodeWrite",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- }
- }
-
- /* write CRLs */
- while((crlCtx = CertEnumCRLsInStore(certs, crlCtx)) != NULL) {
- ret = xmlSecMSCngX509CRLNodeWrite(crlCtx, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCngX509CRLNodeWrite",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
+ ret = xmlSecKeyDataX509XmlWrite(data, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecMSCngKeyDataX509Write, &context);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecKeyDataX509XmlWrite",
+ xmlSecKeyDataKlassGetName(id));
+ return(-1);
}
+ /* success */
return(0);
}
xmlSecAssert(output != NULL);
xmlSecNotImplementedError(NULL);
+ /* ignore error */
}
static void
xmlSecAssert(output != NULL);
xmlSecNotImplementedError(NULL);
+ /* ignore error */
}
static xmlSecKeyDataKlass xmlSecMSCngKeyDataX509Klass = {
*/
/**
* SECTION:x509vfy
- * @Short_description: X509 certificates verification support functions for Microsoft Cryptography API: Next Generation (CNG).
+ * @Short_description: X509 certificates verification support functions for Microsoft Cryptography API: Next Generation (CNG).
* @Stability: Private
*
*/
#include <windows.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
-#include <xmlsec/keys.h>
-#include <xmlsec/keyinfo.h>
-#include <xmlsec/keysmngr.h>
#include <xmlsec/base64.h>
#include <xmlsec/bn.h>
#include <xmlsec/errors.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/keyinfo.h>
+#include <xmlsec/keysmngr.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/mscng/crypto.h>
#include <xmlsec/mscng/x509.h>
+#include "../cast_helpers.h"
+
typedef struct _xmlSecMSCngX509StoreCtx xmlSecMSCngX509StoreCtx,
*xmlSecMSCngX509StoreCtxPtr;
struct _xmlSecMSCngX509StoreCtx {
HCERTSTORE untrustedMemStore;
};
-#define xmlSecMSCngX509StoreGetCtx(store) \
- ((xmlSecMSCngX509StoreCtxPtr)(((xmlSecByte*)(store)) + \
- sizeof(xmlSecKeyDataStoreKlass)))
-#define xmlSecMSCngX509StoreSize \
- (sizeof(xmlSecKeyDataStoreKlass) + sizeof(xmlSecMSCngX509StoreCtx))
+XMLSEC_KEY_DATA_STORE_DECLARE(MSCngX509Store, xmlSecMSCngX509StoreCtx)
+#define xmlSecMSCngX509StoreSize XMLSEC_KEY_DATA_STORE_SIZE(MSCngX509Store)
+
+static PCCERT_CONTEXT xmlSecMSCngX509FindCertByIssuerNameAndSerial (HCERTSTORE store,
+ const xmlChar* issuerName,
+ const xmlChar* issuerSerial);
static void
xmlSecMSCngX509StoreFinalize(xmlSecKeyDataStorePtr store) {
ret = CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_CHECK_FLAG);
if(ret == FALSE) {
xmlSecMSCngLastError("CertCloseStore", xmlSecKeyDataStoreGetName(store));
+ /* ignore error */
}
}
ret = CertCloseStore(ctx->trustedMemStore, CERT_CLOSE_STORE_CHECK_FLAG);
if(ret == FALSE) {
xmlSecMSCngLastError("CertCloseStore", xmlSecKeyDataStoreGetName(store));
+ /* ignore error */
}
}
ret = CertCloseStore(ctx->untrusted, CERT_CLOSE_STORE_CHECK_FLAG);
if(ret == FALSE) {
xmlSecMSCngLastError("CertCloseStore", xmlSecKeyDataStoreGetName(store));
+ /* ignore error */
}
}
ret = CertCloseStore(ctx->untrustedMemStore, CERT_CLOSE_STORE_CHECK_FLAG);
if(ret == FALSE) {
xmlSecMSCngLastError("CertCloseStore", xmlSecKeyDataStoreGetName(store));
- }
+ /* ignore error */
+ }
}
memset(ctx, 0, sizeof(xmlSecMSCngX509StoreCtx));
ret = CertAddStoreToCollection(ctx->trusted, keyStore, CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 2);
if(ret != TRUE) {
- xmlSecMSCngLastError("CertAddStoreToCollection",
+ xmlSecMSCngLastError("CertAddStoreToCollection",
xmlSecKeyDataStoreGetName(store));
return(-1);
}
/* seconds -> 100 nanoseconds */
/* 1970-01-01 epoch -> 1601-01-01 epoch */
ll = Int32x32To64(in, 10000000) + 116444736000000000;
- out->dwLowDateTime = (DWORD)ll;
- out->dwHighDateTime = ll >> 32;
+ out->dwLowDateTime = (DWORD)ll;
+ out->dwHighDateTime = (DWORD)(ll >> 32);
return(0);
}
}
static PCCERT_CONTEXT
-xmlSecMSCngX509FindCertByIssuer(HCERTSTORE store, LPTSTR wcIssuer,
- xmlSecBnPtr issuerSerialBn, DWORD dwCertEncodingType) {
- xmlSecAssert2(store != NULL, NULL);
- xmlSecAssert2(wcIssuer != NULL, NULL);
- xmlSecAssert2(issuerSerialBn != NULL, NULL);
-
+xmlSecMSCngX509FindCertByIssuerNameAndSerial(HCERTSTORE store, const xmlChar* issuerName, const xmlChar* issuerSerial) {
PCCERT_CONTEXT res = NULL;
+ xmlSecBn issuerSerialBn;
+ int issuerSerialBnInitialized = 0;
+ LPTSTR wcIssuerName = NULL;
+ DWORD dwCertEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
CERT_INFO certInfo;
- BYTE* bdata;
+ BYTE* bdata = NULL;
+ xmlSecSize issuerSerialSize;
DWORD len;
+ int ret;
+ xmlSecAssert2(store != 0, NULL);
+ xmlSecAssert2(issuerName != NULL, NULL);
+ xmlSecAssert2(issuerSerial != NULL, NULL);
- xmlSecAssert2(store != NULL, NULL);
- xmlSecAssert2(wcIssuer != NULL, NULL);
- xmlSecAssert2(issuerSerialBn != NULL, NULL);
+ ret = xmlSecBnInitialize(&issuerSerialBn, 0);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnInitialize", NULL);
+ goto done;
+ }
+ issuerSerialBnInitialized = 1;
+
+ ret = xmlSecBnFromDecString(&issuerSerialBn, issuerSerial);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnFromDecString", NULL);
+ goto done;
+ }
+
+ /* MS Windows wants this in the opposite order */
+ ret = xmlSecBnReverse(&issuerSerialBn);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse", NULL);
+ goto done;
+ }
- certInfo.SerialNumber.cbData = xmlSecBnGetSize(issuerSerialBn);
- certInfo.SerialNumber.pbData = xmlSecBnGetData(issuerSerialBn);
+ certInfo.SerialNumber.pbData = xmlSecBnGetData(&issuerSerialBn);
+ issuerSerialSize = xmlSecBnGetSize(&issuerSerialBn);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(issuerSerialSize, certInfo.SerialNumber.cbData, goto done, NULL);
+ wcIssuerName = xmlSecMSCngX509GetCertName(issuerName);
+ if (wcIssuerName == NULL) {
+ xmlSecInternalError("xmlSecMSCngX509GetCertName", NULL);
+ goto done;
+ }
/* CASE 1: UTF8, DN */
if (NULL == res) {
bdata = xmlSecMSCngCertStrToName(dwCertEncodingType,
- wcIssuer,
- CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR,
- &len);
- if(bdata != NULL) {
+ wcIssuerName,
+ CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR,
+ &len);
+ if (bdata != NULL) {
certInfo.Issuer.cbData = len;
certInfo.Issuer.pbData = bdata;
res = CertFindCertificateInStore(store,
- dwCertEncodingType,
- 0,
- CERT_FIND_SUBJECT_CERT,
- &certInfo,
- NULL);
+ dwCertEncodingType,
+ 0,
+ CERT_FIND_SUBJECT_CERT,
+ &certInfo,
+ NULL);
xmlFree(bdata);
+ bdata = NULL;
}
}
/* CASE 2: UTF8, REVERSE DN */
if (NULL == res) {
bdata = xmlSecMSCngCertStrToName(dwCertEncodingType,
- wcIssuer,
- CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
- &len);
- if(bdata != NULL) {
+ wcIssuerName,
+ CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
+ &len);
+ if (bdata != NULL) {
certInfo.Issuer.cbData = len;
certInfo.Issuer.pbData = bdata;
res = CertFindCertificateInStore(store,
- dwCertEncodingType,
- 0,
- CERT_FIND_SUBJECT_CERT,
- &certInfo,
- NULL);
+ dwCertEncodingType,
+ 0,
+ CERT_FIND_SUBJECT_CERT,
+ &certInfo,
+ NULL);
xmlFree(bdata);
+ bdata = NULL;
}
}
/* CASE 3: UNICODE, DN */
if (NULL == res) {
bdata = xmlSecMSCngCertStrToName(dwCertEncodingType,
- wcIssuer,
- CERT_OID_NAME_STR,
- &len);
- if(bdata != NULL) {
+ wcIssuerName,
+ CERT_OID_NAME_STR,
+ &len);
+ if (bdata != NULL) {
certInfo.Issuer.cbData = len;
certInfo.Issuer.pbData = bdata;
res = CertFindCertificateInStore(store,
- dwCertEncodingType,
- 0,
- CERT_FIND_SUBJECT_CERT,
- &certInfo,
- NULL);
+ dwCertEncodingType,
+ 0,
+ CERT_FIND_SUBJECT_CERT,
+ &certInfo,
+ NULL);
xmlFree(bdata);
+ bdata = NULL;
}
}
/* CASE 4: UNICODE, REVERSE DN */
if (NULL == res) {
bdata = xmlSecMSCngCertStrToName(dwCertEncodingType,
- wcIssuer,
- CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
- &len);
- if(bdata != NULL) {
+ wcIssuerName,
+ CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
+ &len);
+ if (bdata != NULL) {
certInfo.Issuer.cbData = len;
certInfo.Issuer.pbData = bdata;
res = CertFindCertificateInStore(store,
- dwCertEncodingType,
- 0,
- CERT_FIND_SUBJECT_CERT,
- &certInfo,
- NULL);
+ dwCertEncodingType,
+ 0,
+ CERT_FIND_SUBJECT_CERT,
+ &certInfo,
+ NULL);
xmlFree(bdata);
+ bdata = NULL;
}
}
- return (res);
+done:
+ if (bdata != NULL) {
+ xmlFree(bdata);
+ }
+ if (wcIssuerName != NULL) {
+ xmlFree(wcIssuerName);
+ }
+ if (issuerSerialBnInitialized) {
+ xmlSecBnFinalize(&issuerSerialBn);
+ }
+ return(res);
+}
+
+static PCCERT_CONTEXT
+xmlSecMSCngX509FindCertBySki(HCERTSTORE store, xmlSecByte* ski, xmlSecSize skiSize) {
+ CRYPT_HASH_BLOB blob;
+
+ xmlSecAssert2(store != 0, NULL);
+ xmlSecAssert2(ski != NULL, NULL);
+ xmlSecAssert2(skiSize > 0, NULL);
+
+ blob.pbData = ski;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(skiSize, blob.cbData, return(NULL), NULL);
+
+ return(CertFindCertificateInStore(store,
+ PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
+ 0,
+ CERT_FIND_KEY_IDENTIFIER,
+ &blob,
+ NULL));
}
static PCCERT_CONTEXT
xmlSecMSCngX509FindCert(HCERTSTORE store, xmlChar* subjectName,
- xmlChar* issuerName, xmlChar* issuerSerial, xmlChar* ski) {
- PCCERT_CONTEXT cert;
- int ret;
+ xmlChar* issuerName, xmlChar* issuerSerial,
+ xmlSecByte* ski, xmlSecSize skiSize) {
+ PCCERT_CONTEXT cert = NULL;
xmlSecAssert2(store != 0, NULL);
cert = xmlSecMSCngX509FindCertBySubject(store, wcSubjectName,
PKCS_7_ASN_ENCODING | X509_ASN_ENCODING);
xmlFree(wcSubjectName);
-
- return(cert);
}
if(issuerName != NULL && issuerSerial != NULL) {
- xmlSecBn issuerSerialBn;
- LPTSTR wcIssuerName = NULL;
-
- ret = xmlSecBnInitialize(&issuerSerialBn, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize", NULL);
- return(NULL);
- }
-
- ret = xmlSecBnFromDecString(&issuerSerialBn, issuerSerial);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnFromDecString", NULL);
- xmlSecBnFinalize(&issuerSerialBn);
- return(NULL);
- }
-
- /* xmlSecMSCngX509FindCertByIssuer() wants this in the opposite order */
- ret = xmlSecBnReverse(&issuerSerialBn);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnReverse", NULL);
- xmlSecBnFinalize(&issuerSerialBn);
- return(NULL);
- }
-
- wcIssuerName = xmlSecMSCngX509GetCertName(issuerName);
- if(wcIssuerName == NULL) {
- xmlSecInternalError("xmlSecMSCngX509GetCertName", NULL);
- xmlSecBnFinalize(&issuerSerialBn);
- return(NULL);
- }
-
- cert = xmlSecMSCngX509FindCertByIssuer(store, wcIssuerName,
- &issuerSerialBn, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING);
- xmlFree(wcIssuerName);
- xmlSecBnFinalize(&issuerSerialBn);
-
- return(cert);
+ cert = xmlSecMSCngX509FindCertByIssuerNameAndSerial(store, issuerName, issuerSerial);
}
- if(ski != NULL) {
- CRYPT_HASH_BLOB blob;
- xmlChar* binSki;
- int binSkiLen;
+ if((ski != NULL) && (skiSize > 0)) {
+ cert = xmlSecMSCngX509FindCertBySki(store, ski, skiSize);
+ }
- binSki = xmlStrdup(ski);
- if(binSki == NULL) {
- xmlSecStrdupError(ski, NULL);
- return (NULL);
- }
+ return(cert);
+}
- /* base64 decode "in place" */
- binSkiLen = xmlSecBase64Decode(binSki, (xmlSecByte*)binSki, xmlStrlen(binSki));
- if(binSkiLen < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- xmlFree(binSki);
+/**
+ * xmlSecMSCngX509StoreFindCert:
+ * @store: the pointer to X509 key data store klass.
+ * @subjectName: the desired certificate name.
+ * @issuerName: the desired certificate issuer name.
+ * @issuerSerial: the desired certificate issuer serial number.
+ * @ski: the desired certificate SKI.
+ * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context.
+ *
+ * Searches @store for a certificate that matches given criteria.
+ *
+ * Returns: pointer to found certificate or NULL if certificate is not found
+ * or an error occurs.
+ */
+PCCERT_CONTEXT
+xmlSecMSCngX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectName,
+ xmlChar* issuerName, xmlChar* issuerSerial, xmlChar* ski,
+ xmlSecKeyInfoCtx* keyInfoCtx) {
+ if (ski != NULL) {
+ xmlSecSize skiDecodedSize = 0;
+ int ret;
+
+ /* our usual trick with base64 decode */
+ ret = xmlSecBase64DecodeInPlace(ski, &skiDecodedSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBase64DecodeInPlace", NULL,
+ "ski=%s", xmlSecErrorsSafeString(ski));
return(NULL);
}
- blob.pbData = binSki;
- blob.cbData = binSkiLen;
- cert = CertFindCertificateInStore(store,
- PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
- 0,
- CERT_FIND_KEY_IDENTIFIER,
- &blob,
- NULL);
- xmlFree(binSki);
+ return(xmlSecMSCngX509StoreFindCert_ex(store, subjectName, issuerName, issuerSerial,
+ (xmlSecByte*)ski, skiDecodedSize, keyInfoCtx));
+ } else {
+ return(xmlSecMSCngX509StoreFindCert_ex(store, subjectName, issuerName, issuerSerial,
+ NULL, 0, keyInfoCtx));
- return(cert);
}
-
- return(NULL);
}
/**
- * xmlSecMSCngX509StoreFindCert:
+ * xmlSecMSCngX509StoreFindCert_ex:
* @store: the pointer to X509 key data store klass.
* @subjectName: the desired certificate name.
* @issuerName: the desired certificate issuer name.
* @issuerSerial: the desired certificate issuer serial number.
* @ski: the desired certificate SKI.
+ * @skiSize: the desired certificate SKI size.
* @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context.
*
* Searches @store for a certificate that matches given criteria.
* or an error occurs.
*/
PCCERT_CONTEXT
-xmlSecMSCngX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectName,
- xmlChar *issuerName, xmlChar *issuerSerial, xmlChar *ski,
- xmlSecKeyInfoCtx* keyInfoCtx) {
+xmlSecMSCngX509StoreFindCert_ex(xmlSecKeyDataStorePtr store, xmlChar* subjectName,
+ xmlChar* issuerName, xmlChar* issuerSerial,
+ xmlSecByte* ski, xmlSecSize skiSize,
+ xmlSecKeyInfoCtx* keyInfoCtx ATTRIBUTE_UNUSED) {
xmlSecMSCngX509StoreCtxPtr ctx;
PCCERT_CONTEXT cert = NULL;
xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCngX509StoreId), NULL);
- xmlSecAssert2(keyInfoCtx != NULL, NULL);
+ UNREFERENCED_PARAMETER(keyInfoCtx);
ctx = xmlSecMSCngX509StoreGetCtx(store);
xmlSecAssert2(ctx != NULL, NULL);
/* search untrusted certs store */
- if(ctx->untrusted != NULL) {
+ if (ctx->untrusted != NULL) {
cert = xmlSecMSCngX509FindCert(ctx->untrusted, subjectName,
- issuerName, issuerSerial, ski);
+ issuerName, issuerSerial, ski, skiSize);
}
/* search trusted certs store */
- if(cert == NULL && ctx->trusted != NULL) {
+ if (cert == NULL && ctx->trusted != NULL) {
cert = xmlSecMSCngX509FindCert(ctx->trusted, subjectName,
- issuerName, issuerSerial, ski);
+ issuerName, issuerSerial, ski, skiSize);
}
return(cert);
EXTRA_DIST = \
mingw-crypt32.def \
- README \
+ README.md \
$(NULL)
lib_LTLIBRARIES = \
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/mscrypto
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(libdir)"
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+am__objects_1 =
+am_libxmlsec1_mscrypto_la_OBJECTS = libxmlsec1_mscrypto_la-app.lo \
+ libxmlsec1_mscrypto_la-certkeys.lo \
+ libxmlsec1_mscrypto_la-ciphers.lo \
+ libxmlsec1_mscrypto_la-crypto.lo \
+ libxmlsec1_mscrypto_la-digests.lo \
+ libxmlsec1_mscrypto_la-hmac.lo \
+ libxmlsec1_mscrypto_la-keysstore.lo \
+ libxmlsec1_mscrypto_la-kw_aes.lo \
+ libxmlsec1_mscrypto_la-kw_des.lo \
+ libxmlsec1_mscrypto_la-kt_rsa.lo \
+ libxmlsec1_mscrypto_la-signatures.lo \
+ libxmlsec1_mscrypto_la-symkeys.lo \
+ libxmlsec1_mscrypto_la-x509.lo \
+ libxmlsec1_mscrypto_la-x509vfy.lo $(am__objects_1)
+libxmlsec1_mscrypto_la_OBJECTS = $(am_libxmlsec1_mscrypto_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+libxmlsec1_mscrypto_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+ $(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_mscrypto_la_LDFLAGS) \
+ $(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/libxmlsec1_mscrypto_la-app.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-digests.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-x509.Plo \
+ ./$(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(libxmlsec1_mscrypto_la_SOURCES)
+DIST_SOURCES = $(libxmlsec1_mscrypto_la_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \
+ README.md
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+EXTRA_DIST = \
+ mingw-crypt32.def \
+ README.md \
+ $(NULL)
+
+lib_LTLIBRARIES = \
+ libxmlsec1-mscrypto.la \
+ $(NULL)
+
+libxmlsec1_mscrypto_la_CPPFLAGS = \
+ -DPACKAGE=\"@PACKAGE@\" \
+ -I../../include \
+ -I$(top_srcdir)/include \
+ $(XMLSEC_DEFINES) \
+ $(MSCRYPTO_CFLAGS) \
+ $(LIBXSLT_CFLAGS) \
+ $(LIBXML_CFLAGS) \
+ $(NULL)
+
+libxmlsec1_mscrypto_la_SOURCES = \
+ globals.h \
+ private.h \
+ app.c \
+ certkeys.c \
+ ciphers.c \
+ crypto.c \
+ digests.c \
+ hmac.c \
+ keysstore.c \
+ kw_aes.c \
+ kw_des.c \
+ kt_rsa.c \
+ signatures.c \
+ symkeys.c \
+ x509.c \
+ x509vfy.c \
+ csp_calg.h \
+ csp_oid.h \
+ xmlsec-mingw.h \
+ $(NULL)
+
+libxmlsec1_mscrypto_la_LIBADD = \
+ $(MSCRYPTO_LIBS) \
+ $(LIBXSLT_LIBS) \
+ $(LIBXML_LIBS) \
+ ../libxmlsec1.la \
+ $(NULL)
+
+libxmlsec1_mscrypto_la_DEPENDENCIES = \
+ mingw-crypt32.def \
+ $(NULL)
+
+libxmlsec1_mscrypto_la_LDFLAGS = \
+ @XMLSEC_CRYPTO_EXTRA_LDFLAGS@ \
+ -version-info @XMLSEC_VERSION_INFO@ \
+ $(NULL)
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/mscrypto/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign src/mscrypto/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+ }
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+
+libxmlsec1-mscrypto.la: $(libxmlsec1_mscrypto_la_OBJECTS) $(libxmlsec1_mscrypto_la_DEPENDENCIES) $(EXTRA_libxmlsec1_mscrypto_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(libxmlsec1_mscrypto_la_LINK) -rpath $(libdir) $(libxmlsec1_mscrypto_la_OBJECTS) $(libxmlsec1_mscrypto_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-app.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-digests.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-x509.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+ @$(MKDIR_P) $(@D)
+ @echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+libxmlsec1_mscrypto_la-app.lo: app.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-app.Tpo -c -o libxmlsec1_mscrypto_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-app.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='app.c' object='libxmlsec1_mscrypto_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+
+libxmlsec1_mscrypto_la-certkeys.lo: certkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-certkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Tpo -c -o libxmlsec1_mscrypto_la-certkeys.lo `test -f 'certkeys.c' || echo '$(srcdir)/'`certkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='certkeys.c' object='libxmlsec1_mscrypto_la-certkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-certkeys.lo `test -f 'certkeys.c' || echo '$(srcdir)/'`certkeys.c
+
+libxmlsec1_mscrypto_la-ciphers.lo: ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Tpo -c -o libxmlsec1_mscrypto_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ciphers.c' object='libxmlsec1_mscrypto_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+
+libxmlsec1_mscrypto_la-crypto.lo: crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Tpo -c -o libxmlsec1_mscrypto_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='crypto.c' object='libxmlsec1_mscrypto_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+
+libxmlsec1_mscrypto_la-digests.lo: digests.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-digests.Tpo -c -o libxmlsec1_mscrypto_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-digests.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='digests.c' object='libxmlsec1_mscrypto_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+
+libxmlsec1_mscrypto_la-hmac.lo: hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Tpo -c -o libxmlsec1_mscrypto_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='hmac.c' object='libxmlsec1_mscrypto_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+
+libxmlsec1_mscrypto_la-keysstore.lo: keysstore.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-keysstore.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Tpo -c -o libxmlsec1_mscrypto_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='keysstore.c' object='libxmlsec1_mscrypto_la-keysstore.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+
+libxmlsec1_mscrypto_la-kw_aes.lo: kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Tpo -c -o libxmlsec1_mscrypto_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_aes.c' object='libxmlsec1_mscrypto_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+
+libxmlsec1_mscrypto_la-kw_des.lo: kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Tpo -c -o libxmlsec1_mscrypto_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_des.c' object='libxmlsec1_mscrypto_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+
+libxmlsec1_mscrypto_la-kt_rsa.lo: kt_rsa.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-kt_rsa.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Tpo -c -o libxmlsec1_mscrypto_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kt_rsa.c' object='libxmlsec1_mscrypto_la-kt_rsa.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
+
+libxmlsec1_mscrypto_la-signatures.lo: signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Tpo -c -o libxmlsec1_mscrypto_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='signatures.c' object='libxmlsec1_mscrypto_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+
+libxmlsec1_mscrypto_la-symkeys.lo: symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Tpo -c -o libxmlsec1_mscrypto_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='symkeys.c' object='libxmlsec1_mscrypto_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+
+libxmlsec1_mscrypto_la-x509.lo: x509.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-x509.Tpo -c -o libxmlsec1_mscrypto_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-x509.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-x509.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509.c' object='libxmlsec1_mscrypto_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+
+libxmlsec1_mscrypto_la-x509vfy.lo: x509vfy.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Tpo -c -o libxmlsec1_mscrypto_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509vfy.c' object='libxmlsec1_mscrypto_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(libdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-x509.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Plo
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-x509.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Plo
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-libLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+ clean-generic clean-libLTLIBRARIES clean-libtool cscopelist-am \
+ ctags ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
+++ /dev/null
-WHAT VERSION OF WINDOWS?
-------------------------------------------------------------------------
-
-The xmlsec-mscrypto lib is developed on a windows XP machine with MS Visual
-Studio (6 and .NET). The MS Crypto API has been evolving a lot with the
-new releases of windows and internet explorer. MS CryptoAPI libraries
-are distributed with ie and with the windows OS. Full functionality will
-only be achieved on windows XP. AES is for example not supported on pre
-XP versions of Windows (workarounds for this are possible, I believe).
-Direct RSA de/encryption, used by xmlsec-mscrypto, is only possible from
-Win 2000 (possibly also with a newer version of ie, with strong encryption
-patch installed). It's very likely more of these issues are lying around, a
-nd until it is tested on older windows systems it is uncertain what will work.
-
-KEYS MANAGER with MS Certificate store support.
-------------------------------------------------------------------------
-
-The default xmlsec-mscrypto keys manager is based upon the simple keys
-store, found in the xmlsec core library. If keys are not found in the
-simple keys store, than MS Certificate store is used to lookup keys.
-The certificate store is only used on a READONLY base, so it is not possible
-to store keys via the keys store into the MS certificate store. There are enough
-other tools that can do that for you.
-
-When the xmlsec application is started, with the config parameter the name of
-the (system) keystore can be given. That keystore will be used for certificates
-and keys lookup. With the keyname now two types of values can be given:
- - simple name (called friendly name with MS);
- - full subject name (recommended) of the key's certificate.
-
-KNOWN ISSUES.
-------------------------------------------------------------------------
-1) Default keys manager don't use trusted certs in MS Crypto Store
-(http://bugzilla.gnome.org/show_bug.cgi?id=123668).
-
-2) The only supported file formats are PKCS#12 and DER certificates
-(http://bugzilla.gnome.org/show_bug.cgi?id=123675).
-
-
--- /dev/null
+# XMLSec Library: XMLSEC-MSCRYPTO
+
+## What version of MS Windows?
+
+The MS Crypto API has been evolving a lot with the new releases of MS Windows.
+Full functionality will only be achieved on MS Windows XP or greater (e.g. AES is
+not supported on pre Windows XP versions of Windows).
+
+## Keys Manager with MS Certificate store support.
+The default xmlsec-mscrypto keys manager is based upon the XMLSEC Simple Keys
+Store,. If keys are not found in the XMLSEC Simple Keys Store, than MS Certificate store is
+used to lookup keys. The certificate store is only used on a READONLY base, so it is
+not possible to store keys via the keys store into the MS certificate store.
+
+When the xmlsec application is started, with the config parameter the name of
+the (system) keystore can be given. That keystore will be used for certificates
+and keys lookup. With the keyname now two types of values can be given:
+- simple name (called friendly name with MS);
+- full subject name (recommended) of the key's certificate.
+
+
+## Known issues / limitations
+
+1) Default keys manager don't use trusted certs in MS Crypto Store (also see
+[xmlsec bug](https://github.com/lsh123/xmlsec/issues/7)).
+
+2) The only supported file formats are PKCS#12 and DER certificates (also see
+[xmlsec bug](https://github.com/lsh123/xmlsec/issues/9)).
+
+
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 200
3-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 200
2-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:app
#include <xmlsec/mscrypto/certkeys.h>
#include <xmlsec/mscrypto/keysstore.h>
#include <xmlsec/mscrypto/x509.h>
+
+#include "../cast_helpers.h"
#include "private.h"
#ifndef PKCS12_NO_PERSIST_KEY
/* Windows Server 2003 and Windows XP: This value is not supported. */
-# define PKCS12_NO_PERSIST_KEY 0x00008000
+# define PKCS12_NO_PERSIST_KEY 0x00008000
#endif
/* I don't see any other way then to use a global var to get the
default:
/* Any other format like PEM keys is currently not supported */
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(NULL);
}
xmlSecKeyDataPtr keyData = NULL;
xmlSecKeyPtr key = NULL;
xmlSecKeyPtr res = NULL;
+ DWORD dwDataSize;
int ret;
xmlSecAssert2(data != NULL, NULL);
UNREFERENCED_PARAMETER(pwdCallback);
UNREFERENCED_PARAMETER(pwdCallbackCtx);
- pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dataSize);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize, dwDataSize, goto done, NULL);
+ pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dwDataSize);
if (NULL == pCert) {
xmlSecMSCryptoError("CertCreateCertificateContext", NULL);
goto done;
int
xmlSecMSCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize,
xmlSecKeyDataFormat format) {
- PCCERT_CONTEXT pCert;
+ PCCERT_CONTEXT pCert, pKeyCert;
xmlSecKeyDataPtr kdata;
+ DWORD dwDataSize;
int ret;
xmlSecAssert2(key != NULL, -1);
switch(format) {
case xmlSecKeyDataFormatDer:
case xmlSecKeyDataFormatCertDer:
- pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dataSize);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize, dwDataSize, return(-1), NULL);
+
+ /* read cert and make a copy for key cert */
+ pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dwDataSize);
if (NULL == pCert) {
- xmlSecInternalError2("CertCreateCertificateContext", NULL,
- "format=%d", format);
+ xmlSecInternalError2("CertCreateCertificateContext", xmlSecKeyDataGetName(kdata),
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
+ return(-1);
+ }
+ pKeyCert = CertDuplicateCertificateContext(pCert);
+ if(pKeyCert == NULL) {
+ xmlSecMSCryptoError("CertDuplicateCertificateContext", xmlSecKeyDataGetName(kdata));
+ CertFreeCertificateContext(pCert);
return(-1);
}
+ /* add cert and key cert */
ret = xmlSecMSCryptoKeyDataX509AdoptCert(kdata, pCert);
if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(kdata));
+ xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCert", xmlSecKeyDataGetName(kdata));
CertFreeCertificateContext(pCert);
+ CertFreeCertificateContext(pKeyCert);
+ return(-1);
+ }
+ pCert = NULL; /* owned by kdata */
+
+ ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(kdata, pKeyCert);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptKeyCert", xmlSecKeyDataGetName(kdata));
+ CertFreeCertificateContext(pKeyCert);
return(-1);
}
+ pKeyCert = NULL; /* owned by kdata */
+
break;
default:
- xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
+ xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, xmlSecKeyDataGetName(kdata),
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(-1);
}
memset(&pfx, 0, sizeof(pfx));
pfx.pbData = (BYTE *)data;
- pfx.cbData = dataSize;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize, pfx.cbData, return(NULL), NULL);
if(FALSE == PFXIsPFXBlob(&pfx)) {
- xmlSecMSCryptoError2("PFXIsPFXBlob", NULL,
- "size=%ld", (long int)pfx.cbData);
+ xmlSecMSCryptoError2("PFXIsPFXBlob", NULL, "size=%lu", pfx.cbData);
goto done;
}
if(pCert == NULL) {
break;
}
- dwDataLen = sizeof(DWORD);
+ dwDataLen = sizeof(dwData);
dwData = 0;
/* Find the certificate that has the private key */
if((TRUE == CertGetCertificateContextProperty(pCert, CERT_KEY_SPEC_PROP_ID, &dwData, &dwDataLen)) && (dwData > 0)) {
tmpcert = CertDuplicateCertificateContext(pCert);
if(tmpcert == NULL) {
xmlSecMSCryptoError("CertDuplicateCertificateContext",
- xmlSecKeyDataGetName(x509Data));
+ xmlSecKeyDataGetName(x509Data));
goto done;
}
ret = xmlSecMSCryptoKeyDataX509AdoptCert(x509Data, tmpcert);
if(ret < 0) {
xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(x509Data));
+ xmlSecKeyDataGetName(x509Data));
goto done;
}
tmpcert = NULL;
if (keyData == NULL) {
/* private key not found in PKCS12 file */
- xmlSecInternalError2("xmlSecMSCryptoAppPkcs12Load",
- xmlSecKeyDataGetName(x509Data),
- "private key not found in PKCS12 file", NULL);
+ xmlSecInternalError2("xmlSecMSCryptoAppPkcs12Load", xmlSecKeyDataGetName(x509Data),
+ "private key not found in PKCS12 file, size = %lu", pfx.cbData);
goto done;
}
key = xmlSecKeyCreate();
if(key == NULL) {
- xmlSecInternalError("xmlSecKeyCreate",
- xmlSecKeyDataGetName(x509Data));
+ xmlSecInternalError("xmlSecKeyCreate", xmlSecKeyDataGetName(x509Data));
goto done;
}
ret = xmlSecKeySetValue(key, keyData);
if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(x509Data));
+ xmlSecInternalError("xmlSecKeySetValue", xmlSecKeyDataGetName(x509Data));
xmlSecKeyDestroy(key);
key = NULL;
goto done;
ret = xmlSecKeyAdoptData(key, x509Data);
if(ret < 0) {
- xmlSecInternalError("xmlSecKeyAdoptData",
- xmlSecKeyDataGetName(x509Data));
+ xmlSecInternalError("xmlSecKeyAdoptData", xmlSecKeyDataGetName(x509Data));
xmlSecKeyDestroy(key);
key = NULL;
goto done;
xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
xmlSecKeyDataStorePtr x509Store;
PCCERT_CONTEXT pCert = NULL;
+ DWORD dwDataSize;
int ret;
xmlSecAssert2(mngr != NULL, -1);
switch (format) {
case xmlSecKeyDataFormatDer:
case xmlSecKeyDataFormatCertDer:
- pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
- data, dataSize);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize, dwDataSize, return(-1), NULL);
+ pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dwDataSize);
if (NULL == pCert) {
xmlSecMSCryptoError("CertCreateCertificateContext", NULL);
return (-1);
break;
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(-1);
}
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 200
3-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 200
2-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:certkeys
#endif
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/base64.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/mscrypto/x509.h>
#include "private.h"
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+
// GOST CSP don't support keys duplicating, so we use NT4 analogs for these...
#ifndef XMLSEC_NO_GOST
#ifndef XMLSEC_MSCRYPTO_NT4
#endif
#endif
+#define XMLSEC_MSCRYPTO_DSA_MAX_Q_SIZE ((xmlSecSize)0x14U)
/**************************************************************************
*
*/
struct _mscrypt_prov {
HCRYPTPROV hProv ;
- BOOL fCallerFreeProv ;
+ BOOL fCallerFreeProv ;
volatile LONG refcnt ;
} ;
#endif /* XMLSEC_MSCRYPTO_NT4 */
/******************************************************************************
*
- * xmlSecMSCryptoKeyDataCtx is located after xmlSecTransform
+ * xmlSecMSCryptoKeyData
*
*****************************************************************************/
-#define xmlSecMSCryptoKeyDataSize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecMSCryptoKeyDataCtx))
-#define xmlSecMSCryptoKeyDataGetCtx(data) \
- ((xmlSecMSCryptoKeyDataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+XMLSEC_KEY_DATA_DECLARE(MSCryptoKeyData, xmlSecMSCryptoKeyDataCtx)
+#define xmlSecMSCryptoKeyDataSize XMLSEC_KEY_DATA_SIZE(MSCryptoKeyData)
-static int xmlSecMSCryptoKeyDataDuplicate (xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src);
-static void xmlSecMSCryptoKeyDataFinalize (xmlSecKeyDataPtr data);
-static int xmlSecMSCryptoKeyDataGetSize (xmlSecKeyDataPtr data);
+static int xmlSecMSCryptoKeyDataDuplicate (xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src);
+static void xmlSecMSCryptoKeyDataFinalize (xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecMSCryptoKeyDataGetSize (xmlSecKeyDataPtr data);
/**
* xmlSecMSCryptoKeyDataAdoptCert:
}
ctx->dwKeySpec = 0;
} else {
- xmlSecInvalidIntegerTypeError("keytype", type, "supported keytype", NULL);
+ xmlSecUnsupportedEnumValueError("key data type", type, NULL);
return(-1);
}
memset(ctx, 0, sizeof(xmlSecMSCryptoKeyDataCtx));
}
-static int
+static xmlSecSize
xmlSecMSCryptoKeyDataGetSize(xmlSecKeyDataPtr data) {
xmlSecMSCryptoKeyDataCtxPtr ctx;
+ DWORD length = 0;
+ xmlSecSize res;
xmlSecAssert2(xmlSecKeyDataIsValid(data), 0);
xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize), 0);
xmlSecAssert2(ctx != NULL, 0);
if(xmlSecMSCryptoKeyDataCtxGetCert(ctx) != NULL) {
- xmlSecAssert2(xmlSecMSCryptoKeyDataCtxGetCert(ctx)->pCertInfo != NULL, 0);
- return (CertGetPublicKeyLength(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
- &(xmlSecMSCryptoKeyDataCtxGetCert(ctx)->pCertInfo->SubjectPublicKeyInfo)));
+ PCCERT_CONTEXT pCertCtx = xmlSecMSCryptoKeyDataCtxGetCert(ctx);
+
+ xmlSecAssert2(pCertCtx->pCertInfo != NULL, 0);
+ length = CertGetPublicKeyLength(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+ &(pCertCtx->pCertInfo->SubjectPublicKeyInfo));
} else if (xmlSecMSCryptoKeyDataCtxGetKey(ctx) != 0) {
- DWORD length = 0;
- DWORD lenlen = sizeof(DWORD);
+ HCRYPTKEY cryptKey = xmlSecMSCryptoKeyDataCtxGetKey(ctx);
+ DWORD lenlen = sizeof(length);
- if (!CryptGetKeyParam(xmlSecMSCryptoKeyDataCtxGetKey(ctx), KP_KEYLEN, (BYTE *)&length, &lenlen, 0)) {
+ if (!CryptGetKeyParam(cryptKey, KP_KEYLEN, (BYTE *)&length, &lenlen, 0)) {
xmlSecMSCryptoError("CertDuplicateCertificateContext", NULL);
return(0);
}
- return(length);
+ xmlSecAssert2(lenlen == sizeof(length), 0);
}
- return (0);
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(length, res, return(0), NULL);
+ return(res);
}
static xmlSecKeyDataType
*
*************************************************************************/
-static int xmlSecMSCryptoKeyDataRsaInitialize(xmlSecKeyDataPtr data);
-static int xmlSecMSCryptoKeyDataRsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src);
-static void xmlSecMSCryptoKeyDataRsaFinalize(xmlSecKeyDataPtr data);
-static int xmlSecMSCryptoKeyDataRsaXmlRead(xmlSecKeyDataId id,
- xmlSecKeyPtr key,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoKeyDataRsaXmlWrite(xmlSecKeyDataId id,
- xmlSecKeyPtr key,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoKeyDataRsaGenerate(xmlSecKeyDataPtr data,
- xmlSecSize sizeBits,
- xmlSecKeyDataType type);
-
-static xmlSecKeyDataType xmlSecMSCryptoKeyDataRsaGetType(xmlSecKeyDataPtr data);
-static xmlSecSize xmlSecMSCryptoKeyDataRsaGetSize(xmlSecKeyDataPtr data);
-static void xmlSecMSCryptoKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output);
-static void xmlSecMSCryptoKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output);
+static int xmlSecMSCryptoKeyDataRsaInitialize (xmlSecKeyDataPtr data);
+static int xmlSecMSCryptoKeyDataRsaDuplicate (xmlSecKeyDataPtr dst,
+ xmlSecKeyDataPtr src);
+static void xmlSecMSCryptoKeyDataRsaFinalize (xmlSecKeyDataPtr data);
+static int xmlSecMSCryptoKeyDataRsaXmlRead (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int xmlSecMSCryptoKeyDataRsaXmlWrite (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int xmlSecMSCryptoKeyDataRsaGenerate (xmlSecKeyDataPtr data,
+ xmlSecSize sizeBits,
+ xmlSecKeyDataType type);
+static xmlSecKeyDataType xmlSecMSCryptoKeyDataRsaGetType (xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecMSCryptoKeyDataRsaGetSize (xmlSecKeyDataPtr data);
+static void xmlSecMSCryptoKeyDataRsaDebugDump (xmlSecKeyDataPtr data, FILE* output);
+static void xmlSecMSCryptoKeyDataRsaDebugXmlDump (xmlSecKeyDataPtr data, FILE* output);
+
+static xmlSecKeyDataPtr xmlSecMSCryptoKeyDataRsaRead (xmlSecKeyDataId id,
+ xmlSecKeyValueRsaPtr rsaValue);
+static int xmlSecMSCryptoKeyDataRsaWrite (xmlSecKeyDataId id,
+ xmlSecKeyDataPtr data,
+ xmlSecKeyValueRsaPtr rsaValue,
+ int writePrivateKey);
static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataRsaKlass = {
sizeof(xmlSecKeyDataKlass),
static int
xmlSecMSCryptoKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecBn modulus, exponent;
- xmlSecBuffer blob;
- unsigned int blobBufferLen;
- PUBLICKEYSTRUC* pubKeyStruc = NULL;
- RSAPUBKEY* pubKey = NULL;
- xmlSecByte* modulusBlob = NULL;
- xmlSecKeyDataPtr data = NULL;
+ xmlSecAssert2(id == xmlSecMSCryptoKeyDataRsaId, -1);
+ return(xmlSecKeyDataRsaXmlRead(id, key, node, keyInfoCtx,
+ xmlSecMSCryptoKeyDataRsaRead));
+}
+
+static int
+xmlSecMSCryptoKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecMSCryptoKeyDataRsaId, -1);
+ return(xmlSecKeyDataRsaXmlWrite(id, key, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecMSCryptoKeyDataRsaWrite));
+}
+
+static int
+xmlSecMSCryptoKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits,
+ xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+ xmlSecMSCryptoKeyDataCtxPtr ctx;
HCRYPTPROV hProv = 0;
HCRYPTKEY hKey = 0;
- xmlNodePtr cur;
+ DWORD dwKeySpec;
+ DWORD dwSize;
int res = -1;
int ret;
- xmlSecAssert2(id == xmlSecMSCryptoKeyDataRsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(xmlSecKeyGetValue(key) != NULL) {
- xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
- xmlSecKeyDataKlassGetName(id),
- "key already has a value");
- return(-1);
- }
+ xmlSecAssert2(xmlSecKeyDataIsValid(data), xmlSecKeyDataTypeUnknown);
+ xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize), xmlSecKeyDataTypeUnknown);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId), -1);
+ xmlSecAssert2(sizeBits > 0, -1);
+ UNREFERENCED_PARAMETER(type);
- /* initialize buffers */
- ret = xmlSecBnInitialize(&modulus, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize(modulus)",
- xmlSecKeyDataKlassGetName(id));;
- return(-1);
+ ctx = xmlSecMSCryptoKeyDataGetCtx(data);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ /* get provider */
+ hProv = xmlSecMSCryptoFindProvider(ctx->providers, NULL,
+ CRYPT_VERIFYCONTEXT, TRUE);
+ if(hProv == 0) {
+ xmlSecInternalError("xmlSecMSCryptoFindProvider", xmlSecKeyDataGetName(data));
+ goto done;
}
- ret = xmlSecBnInitialize(&exponent, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize(exponent)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&modulus);
- return(-1);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(sizeBits, dwSize, goto done, xmlSecKeyDataGetName(data));
+ dwKeySpec = AT_KEYEXCHANGE | AT_SIGNATURE;
+ dwSize = ((dwSize << 16) | CRYPT_EXPORTABLE);
+ if (!CryptGenKey(hProv, CALG_RSA_SIGN, dwSize, &hKey)) {
+ xmlSecMSCryptoError("CryptGenKey", xmlSecKeyDataGetName(data));
+ goto done;
}
- ret = xmlSecBufferInitialize(&blob, 0);
+ ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey,
+ dwKeySpec, xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize(blob)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&modulus);
- xmlSecBnFinalize(&exponent);
- return(-1);
+ xmlSecInternalError("xmlSecMSCryptoKeyDataAdoptKey", xmlSecKeyDataGetName(data));
+ goto done;
}
+ hProv = 0;
+ hKey = 0;
- /* read xml */
- cur = xmlSecGetNextElementNode(node->children);
+ /* success */
+ res = 0;
- /* first is Modulus node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAModulus, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeRSAModulus,
- xmlSecKeyDataKlassGetName(id));
- goto done;
+done:
+ if (hProv != 0) {
+ CryptReleaseContext(hProv, 0);
}
- ret = xmlSecBnGetNodeValue(&modulus, cur, xmlSecBnBase64, 1);
- if((ret < 0) || (xmlSecBnGetSize(&modulus) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue(modulus)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
+ if (hKey != 0) {
+ CryptDestroyKey(hKey);
}
- cur = xmlSecGetNextElementNode(cur->next);
- /* next is Exponent node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAExponent, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeRSAExponent, xmlSecKeyDataKlassGetName(id));
- goto done;
+ return(res);
+}
+
+static xmlSecKeyDataType
+xmlSecMSCryptoKeyDataRsaGetType(xmlSecKeyDataPtr data) {
+ return(xmlSecMSCryptoKeyDataGetType(data));
+}
+
+static xmlSecSize
+xmlSecMSCryptoKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId), 0);
+
+ return (xmlSecMSCryptoKeyDataGetSize(data));
+}
+
+static void
+xmlSecMSCryptoKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "=== rsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecMSCryptoKeyDataRsaGetSize(data));
+}
+
+static void xmlSecMSCryptoKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "<RSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecMSCryptoKeyDataRsaGetSize(data));
+}
+
+
+static int
+xmlSecMSCryptoKeyValueRsaReverse(xmlSecKeyValueRsaPtr rsaValue) {
+ int ret;
+
+ xmlSecAssert2(rsaValue != NULL, -1);
+
+ ret = xmlSecBufferReverse(&(rsaValue->modulus));
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse(modulus)", NULL);
+ return(-1);
}
- ret = xmlSecBnGetNodeValue(&exponent, cur, xmlSecBnBase64, 1);
- if((ret < 0) || (xmlSecBnGetSize(&exponent) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue(exponent)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
+ ret = xmlSecBufferReverse(&(rsaValue->publicExponent));
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse(publicExponent)", NULL);
+ return(-1);
}
- cur = xmlSecGetNextElementNode(cur->next);
-
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeRSAPrivateExponent, xmlSecNs))) {
- /* next is X node. It is REQUIRED for private key but
- * MSCrypto does not support it. We just ignore it */
- cur = xmlSecGetNextElementNode(cur->next);
+ ret = xmlSecBufferReverse(&(rsaValue->privateExponent));
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse(g)", NULL);
+ return(-1);
}
+ return(0);
+}
+
+static xmlSecKeyDataPtr
+xmlSecMSCryptoKeyDataRsaRead(xmlSecKeyDataId id, xmlSecKeyValueRsaPtr rsaValue) {
+ xmlSecKeyDataPtr data = NULL;
+ xmlSecKeyDataPtr res = NULL;
+ xmlSecBuffer blob;
+ int blobInitialized = 0;
+ xmlSecSize blobBufferSize, pubExpSize, modulusBitSize;
+ PUBLICKEYSTRUC* pubKeyStruc = NULL;
+ RSAPUBKEY* pubKey = NULL;
+ xmlSecByte* modulusBlob = NULL;
+ xmlSecSize mSize, peSize;
+ HCRYPTPROV hProv = 0;
+ HCRYPTKEY hKey = 0;
+ DWORD dwBlobSize;
+ int ret;
+
+ xmlSecAssert2(id == xmlSecMSCryptoKeyDataRsaId, NULL);
+ xmlSecAssert2(rsaValue != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(rsaValue->modulus)) != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(rsaValue->publicExponent)) != NULL, NULL);
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataKlassGetName(id));
+ /* reverse all */
+ ret = xmlSecMSCryptoKeyValueRsaReverse(rsaValue);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCryptoKeyValueRsaReverse()", NULL);
+ goto done;
+ }
+ mSize = xmlSecBufferGetSize(&(rsaValue->modulus));
+ peSize = xmlSecBufferGetSize(&(rsaValue->publicExponent));
+ xmlSecAssert2(mSize > 0, NULL);
+ xmlSecAssert2(peSize > 0, NULL);
+
+ /* Now try to prepare buffer for key */
+ blobBufferSize = sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + mSize;
+ ret = xmlSecBufferInitialize(&blob, blobBufferSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferInitialize", xmlSecKeyDataKlassGetName(id),
+ "size=" XMLSEC_SIZE_FMT, blobBufferSize);
goto done;
}
+ blobInitialized = 1;
- /* Now try to create the key */
- blobBufferLen = sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + xmlSecBnGetSize(&modulus);
- ret = xmlSecBufferSetSize(&blob, blobBufferLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecKeyDataKlassGetName(id),
- "size=%d", blobBufferLen);
+ ret = xmlSecBufferSetSize(&blob, blobBufferSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, blobBufferSize);
goto done;
}
+ memset(xmlSecBufferGetData(&blob), 0, blobBufferSize); // ensure all padding with 0s work
/* Set the PUBLICKEYSTRUC */
- pubKeyStruc = (PUBLICKEYSTRUC *)xmlSecBufferGetData(&blob);
- pubKeyStruc->bType = PUBLICKEYBLOB;
- pubKeyStruc->bVersion = 0x02;
- pubKeyStruc->reserved = 0;
- pubKeyStruc->aiKeyAlg = CALG_RSA_KEYX | CALG_RSA_SIGN;
+ pubKeyStruc = (PUBLICKEYSTRUC*)xmlSecBufferGetData(&blob);
+ pubKeyStruc->bType = PUBLICKEYBLOB;
+ pubKeyStruc->bVersion = 0x02;
+ pubKeyStruc->reserved = 0;
+ pubKeyStruc->aiKeyAlg = CALG_RSA_KEYX | CALG_RSA_SIGN;
/* Set the public key header */
- pubKey = (RSAPUBKEY*) (xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC));
- pubKey->magic = 0x31415352; /* == RSA1 public */
- pubKey->bitlen = xmlSecBnGetSize(&modulus) * 8; /* Number of bits in prime modulus */
- pubKey->pubexp = 0;
- if(sizeof(pubKey->pubexp) < xmlSecBnGetSize(&exponent)) {
- xmlSecInvalidSizeLessThanError("exponent size",
- sizeof(pubKey->pubexp), xmlSecBnGetSize(&exponent),
- NULL);
+ pubKey = (RSAPUBKEY*)(xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC));
+ pubKey->magic = 0x31415352; /* == RSA1 public */
+ pubKey->pubexp = 0;
+
+ modulusBitSize = mSize * 8; /* Number of bits in prime modulus */
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(modulusBitSize, pubKey->bitlen, goto done, NULL);
+
+ /* modulus */
+ modulusBlob = (xmlSecByte*)(xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY));
+ memcpy(modulusBlob, xmlSecBufferGetData(&(rsaValue->modulus)), mSize);
+
+ /* public exponent */
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(sizeof(pubKey->pubexp), pubExpSize, goto done, NULL);
+ if (pubExpSize < peSize) {
+ xmlSecInvalidSizeLessThanError("exponent size", pubExpSize, peSize, NULL);
goto done;
}
- xmlSecAssert2(xmlSecBnGetData(&exponent) != NULL, -1);
- memcpy(&(pubKey->pubexp), xmlSecBnGetData(&exponent), xmlSecBnGetSize(&exponent));
+ memcpy(&(pubKey->pubexp), xmlSecBufferGetData(&(rsaValue->publicExponent)), peSize);
- modulusBlob = (xmlSecByte*) (xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY));
- xmlSecAssert2(xmlSecBnGetData(&modulus) != NULL, -1);
- memcpy(modulusBlob, xmlSecBnGetData(&modulus), xmlSecBnGetSize(&modulus));
+ /* PrivateExponent is REQUIRED for private key but MSCrypto does not support it,
+ * so we just ignore it */
/* Now that we have the blob, import */
hProv = xmlSecMSCryptoFindProvider(xmlSecMSCryptoProviderInfo_Rsa, NULL, CRYPT_VERIFYCONTEXT, TRUE);
- if(hProv == 0) {
- xmlSecInternalError("xmlSecMSCryptoFindProvider",
- xmlSecKeyDataKlassGetName(id));
+ if (hProv == 0) {
+ xmlSecInternalError("xmlSecMSCryptoFindProvider", xmlSecKeyDataKlassGetName(id));
goto done;
}
- if (!CryptImportKey(hProv, xmlSecBufferGetData(&blob), xmlSecBufferGetSize(&blob), 0, 0, &hKey)) {
- xmlSecMSCryptoError("CryptImportKey",
- xmlSecKeyDataKlassGetName(id));
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(blobBufferSize, dwBlobSize, goto done, xmlSecKeyDataKlassGetName(id));
+ if (!CryptImportKey(hProv, xmlSecBufferGetData(&blob), dwBlobSize, 0, 0, &hKey)) {
+ xmlSecMSCryptoError("CryptImportKey", xmlSecKeyDataKlassGetName(id));
goto done;
}
data = xmlSecKeyDataCreate(id);
- if(data == NULL ) {
- xmlSecInternalError("xmlSecKeyDataCreate",
- xmlSecKeyDataKlassGetName(id));
+ if (data == NULL) {
+ xmlSecInternalError("xmlSecKeyDataCreate", xmlSecKeyDataKlassGetName(id));
goto done;
}
ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, 0, xmlSecKeyDataTypePublic);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataAdoptKey",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- hProv = 0;
- hKey = 0;
-
- ret = xmlSecKeySetValue(key, data);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataKlassGetName(id));
- xmlSecKeyDataDestroy(data);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCryptoKeyDataAdoptKey", xmlSecKeyDataKlassGetName(id));
goto done;
}
- data = NULL;
+ hProv = 0; /* now owned by data */
+ hKey = 0; /* now owned by data */
/* success */
- res = 0;
+ res = data;
+ data = NULL;
done:
if (hProv == 0) {
if (data != 0) {
xmlSecKeyDataDestroy(data);
}
-
- xmlSecBnFinalize(&modulus);
- xmlSecBnFinalize(&exponent);
- xmlSecBufferFinalize(&blob);
+ if (blobInitialized != 0) {
+ xmlSecBufferFinalize(&blob);
+ }
return(res);
}
static int
-xmlSecMSCryptoKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecMSCryptoKeyDataRsaWrite(xmlSecKeyDataId id, xmlSecKeyDataPtr data,
+ xmlSecKeyValueRsaPtr rsaValue, int writePrivateKey ATTRIBUTE_UNUSED) {
+
xmlSecMSCryptoKeyDataCtxPtr ctx;
xmlSecBuffer buf;
- DWORD dwBlobLen;
+ int bufInitialized = 0;
+ DWORD dwBlobLen, modulusLen, exponentLen;
+ xmlSecSize blobSize;
xmlSecByte* blob;
PUBLICKEYSTRUC* pubKeyStruc;
- RSAPUBKEY *pubKey;
- xmlSecSize modulusLen, exponentLen;
- xmlNodePtr cur;
+ RSAPUBKEY* pubKey;
int ret;
+ int res = -1;
xmlSecAssert2(id == xmlSecMSCryptoKeyDataRsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataRsaId), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId), -1);
+ xmlSecAssert2(rsaValue != NULL, -1);
+ UNREFERENCED_PARAMETER(writePrivateKey);
- ctx = xmlSecMSCryptoKeyDataGetCtx(xmlSecKeyGetValue(key));
+ ctx = xmlSecMSCryptoKeyDataGetCtx(data);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(xmlSecMSCryptoKeyDataCtxGetKey(ctx) != 0, -1);
+ /* get size */
if (!CryptExportKey(xmlSecMSCryptoKeyDataCtxGetKey(ctx), 0, PUBLICKEYBLOB, 0, NULL, &dwBlobLen)) {
- xmlSecMSCryptoError("CryptExportKey",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
+ xmlSecMSCryptoError("CryptExportKey", xmlSecKeyDataKlassGetName(id));
+ goto done;
}
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwBlobLen, blobSize, goto done, NULL);
- ret = xmlSecBufferInitialize(&buf, dwBlobLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize",
- xmlSecKeyDataKlassGetName(id),
- "size=%ld", dwBlobLen);
- return(-1);
+ /* allocate buffer */
+ ret = xmlSecBufferInitialize(&buf, blobSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferInitialize", xmlSecKeyDataKlassGetName(id),
+ "size=" XMLSEC_SIZE_FMT, blobSize);
+ goto done;
}
+ bufInitialized = 1;
+ /* get data */
blob = xmlSecBufferGetData(&buf);
if (!CryptExportKey(xmlSecMSCryptoKeyDataCtxGetKey(ctx), 0, PUBLICKEYBLOB, 0, blob, &dwBlobLen)) {
- xmlSecMSCryptoError("CryptExportKey",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
- if (dwBlobLen < sizeof(PUBLICKEYSTRUC)) {
- xmlSecInvalidSizeLessThanError("Key blob", dwBlobLen, sizeof(PUBLICKEYSTRUC),
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ xmlSecMSCryptoError("CryptExportKey", xmlSecKeyDataKlassGetName(id));
+ goto done;
}
/* check PUBLICKEYSTRUC */
+ if (dwBlobLen < sizeof(PUBLICKEYSTRUC)) {
+ xmlSecMSCryptoError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "dwBlobLen: %lu", dwBlobLen);
+ goto done;
+ }
pubKeyStruc = (PUBLICKEYSTRUC*)blob;
- if(pubKeyStruc->bVersion != 0x02) {
- xmlSecMSCryptoError2("CryptExportKey",
- xmlSecKeyDataKlassGetName(id),
- "pubKeyStruc->bVersion=%ld",
- (long int)pubKeyStruc->bVersion);
- xmlSecBufferFinalize(&buf);
- return(-1);
+ if (pubKeyStruc->bVersion != 0x02) {
+ xmlSecMSCryptoError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "pubKeyStruc->bVersion=%d", (int)(pubKeyStruc->bVersion));
+ goto done;
}
- if(pubKeyStruc->bType != PUBLICKEYBLOB) {
- xmlSecMSCryptoError2("CryptExportKey",
- xmlSecKeyDataKlassGetName(id),
- "pubKeyStruc->bType=%ld",
- (long int)pubKeyStruc->bType);
- xmlSecBufferFinalize(&buf);
- return(-1);
+ if (pubKeyStruc->bType != PUBLICKEYBLOB) {
+ xmlSecMSCryptoError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "pubKeyStruc->bType=%d", (int)(pubKeyStruc->bType));
+ goto done;
}
/* check RSAPUBKEY */
- pubKey = (RSAPUBKEY *)(blob + sizeof(PUBLICKEYSTRUC));
- if(pubKey->magic != 0x31415352) { /* RSA public key magic */
- xmlSecMSCryptoError2("CryptExportKey",
- xmlSecKeyDataKlassGetName(id),
- "pubKey->magic=0x%08lx",
- (long int)pubKey->magic);
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
- modulusLen = pubKey->bitlen / 8;
-
- if (dwBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + modulusLen) {
- xmlSecInvalidSizeLessThanError("Key blob",
- dwBlobLen, sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + modulusLen,
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ if (dwBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY)) {
+ xmlSecMSCryptoError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "dwBlobLen=%lu", dwBlobLen);
+ goto done;
}
- blob += sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY);
-
- /* first is Modulus node */
- cur = xmlSecAddChild(node, xmlSecNodeRSAModulus, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeRSAModulus)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ pubKey = (RSAPUBKEY*)(blob + sizeof(PUBLICKEYSTRUC));
+ if (pubKey->magic != 0x31415352) { /* RSA public key magic */
+ xmlSecMSCryptoError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "pubKey->magic=0x%08lx", pubKey->magic);
+ goto done;
}
+ modulusLen = pubKey->bitlen / 8;
- ret = xmlSecBnBlobSetNodeValue(blob, modulusLen, cur, xmlSecBnBase64, 1, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue(NodeRSAModulus)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /* get the data */
+ if (dwBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + modulusLen) {
+ xmlSecMSCryptoError3("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "dwBlobLen: %lu; modulusLen: %lu", dwBlobLen, modulusLen);
+ goto done;
}
+ blob += sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY);
- /* next is Exponent node. */
- cur = xmlSecAddChild(node, xmlSecNodeRSAExponent, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeRSAExponent)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /*** Modulus ***/
+ ret = xmlSecBufferSetData(&(rsaValue->modulus), blob, modulusLen);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(modulus)", xmlSecKeyDataKlassGetName(id),
+ "modulusLen=%lu", modulusLen);
+ goto done;
}
- /* Remove leading zero's (from least significant end) */
- blob = (xmlSecByte*)(&(pubKey->pubexp));
+ /*** Exponent: Remove leading zero's (from least significant end) ***/
+ blob = (xmlSecByte*)(&(pubKey->pubexp));
exponentLen = sizeof(pubKey->pubexp);
while (exponentLen > 0 && blob[exponentLen - 1] == 0) {
exponentLen--;
}
-
- ret = xmlSecBnBlobSetNodeValue(blob, exponentLen, cur, xmlSecBnBase64, 1, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue(NodeRSAExponent)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
-
- /* next is PrivateExponent node: not supported in MSCrypto */
-
- /* done */
- xmlSecBufferFinalize(&buf);
- return(0);
-}
-
-static int
-xmlSecMSCryptoKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits,
- xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
- xmlSecMSCryptoKeyDataCtxPtr ctx;
- HCRYPTPROV hProv = 0;
- HCRYPTKEY hKey = 0;
- DWORD dwKeySpec;
- DWORD dwSize;
- int res = -1;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataIsValid(data), xmlSecKeyDataTypeUnknown);
- xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize), xmlSecKeyDataTypeUnknown);
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId), -1);
- xmlSecAssert2(sizeBits > 0, -1);
- UNREFERENCED_PARAMETER(type);
-
- ctx = xmlSecMSCryptoKeyDataGetCtx(data);
- xmlSecAssert2(ctx != NULL, -1);
-
- /* get provider */
- hProv = xmlSecMSCryptoFindProvider(ctx->providers, NULL, CRYPT_VERIFYCONTEXT, TRUE);
- if(hProv == 0) {
- xmlSecInternalError("xmlSecMSCryptoFindProvider",
- xmlSecKeyDataGetName(data));
+ ret = xmlSecBufferSetData(&(rsaValue->publicExponent), blob, exponentLen);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(modulus)", xmlSecKeyDataKlassGetName(id),
+ "exponentLen=%lu", exponentLen);
goto done;
}
- dwKeySpec = AT_KEYEXCHANGE | AT_SIGNATURE;
- dwSize = ((sizeBits << 16) | CRYPT_EXPORTABLE);
- if (!CryptGenKey(hProv, CALG_RSA_SIGN, dwSize, &hKey)) {
- xmlSecMSCryptoError("CryptGenKey",
- xmlSecKeyDataGetName(data));
- goto done;
- }
+ /* next is PrivateExponent node: not supported in MSCrypto */
- ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, dwKeySpec,
- xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataAdoptKey",
- xmlSecKeyDataGetName(data));
+ /* reverse all */
+ ret = xmlSecMSCryptoKeyValueRsaReverse(rsaValue);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCryptoKeyValueRsaReverse()", NULL);
goto done;
}
- hProv = 0;
- hKey = 0;
/* success */
res = 0;
done:
- if (hProv != 0) {
- CryptReleaseContext(hProv, 0);
- }
-
- if (hKey != 0) {
- CryptDestroyKey(hKey);
+ if (bufInitialized != 0) {
+ xmlSecBufferFinalize(&buf);
}
-
return(res);
}
-static xmlSecKeyDataType
-xmlSecMSCryptoKeyDataRsaGetType(xmlSecKeyDataPtr data) {
- return(xmlSecMSCryptoKeyDataGetType(data));
-}
-
-static xmlSecSize
-xmlSecMSCryptoKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId), 0);
-
- return (xmlSecMSCryptoKeyDataGetSize(data));
-}
-
-static void
-xmlSecMSCryptoKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId));
- xmlSecAssert(output != NULL);
-
- fprintf(output, "=== rsa key: size = %d\n",
- xmlSecMSCryptoKeyDataRsaGetSize(data));
-}
-
-static void xmlSecMSCryptoKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId));
- xmlSecAssert(output != NULL);
-
- fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
- xmlSecMSCryptoKeyDataRsaGetSize(data));
-}
#endif /* XMLSEC_NO_RSA */
* by this the P, Q and G are *required*!
*
*************************************************************************/
-static int xmlSecMSCryptoKeyDataDsaInitialize(xmlSecKeyDataPtr data);
-static int xmlSecMSCryptoKeyDataDsaDuplicate(xmlSecKeyDataPtr dst,
- xmlSecKeyDataPtr src);
-static void xmlSecMSCryptoKeyDataDsaFinalize(xmlSecKeyDataPtr data);
-static int xmlSecMSCryptoKeyDataDsaXmlRead (xmlSecKeyDataId id,
- xmlSecKeyPtr key,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id,
- xmlSecKeyPtr key,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoKeyDataDsaGenerate(xmlSecKeyDataPtr data,
- xmlSecSize sizeBits,
- xmlSecKeyDataType type);
-
-static xmlSecKeyDataType xmlSecMSCryptoKeyDataDsaGetType(xmlSecKeyDataPtr data);
-static xmlSecSize xmlSecMSCryptoKeyDataDsaGetSize(xmlSecKeyDataPtr data);
-static void xmlSecMSCryptoKeyDataDsaDebugDump(xmlSecKeyDataPtr data,
- FILE* output);
-static void xmlSecMSCryptoKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data,
- FILE* output);
+static int xmlSecMSCryptoKeyDataDsaInitialize (xmlSecKeyDataPtr data);
+static int xmlSecMSCryptoKeyDataDsaDuplicate (xmlSecKeyDataPtr dst,
+ xmlSecKeyDataPtr src);
+static void xmlSecMSCryptoKeyDataDsaFinalize (xmlSecKeyDataPtr data);
+static int xmlSecMSCryptoKeyDataDsaXmlRead (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int xmlSecMSCryptoKeyDataDsaXmlWrite (xmlSecKeyDataId id,
+ xmlSecKeyPtr key,
+ xmlNodePtr node,
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int xmlSecMSCryptoKeyDataDsaGenerate (xmlSecKeyDataPtr data,
+ xmlSecSize sizeBits,
+ xmlSecKeyDataType type);
+
+static xmlSecKeyDataType xmlSecMSCryptoKeyDataDsaGetType (xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecMSCryptoKeyDataDsaGetSize (xmlSecKeyDataPtr data);
+static void xmlSecMSCryptoKeyDataDsaDebugDump (xmlSecKeyDataPtr data,
+ FILE* output);
+static void xmlSecMSCryptoKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data,
+ FILE* output);
+
+
+static xmlSecKeyDataPtr xmlSecMSCryptoKeyDataDsaRead (xmlSecKeyDataId id,
+ xmlSecKeyValueDsaPtr dsaValue);
+static int xmlSecMSCryptoKeyDataDsaWrite (xmlSecKeyDataId id,
+ xmlSecKeyDataPtr data,
+ xmlSecKeyValueDsaPtr dsaValue,
+ int writePrivateKey);
static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataDsaKlass = {
sizeof(xmlSecKeyDataKlass),
static int
xmlSecMSCryptoKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataPtr data = NULL;
- xmlNodePtr cur;
- xmlSecBn p, q, g, y;
- xmlSecBuffer blob;
- unsigned int blobBufferLen;
- PUBLICKEYSTRUC *pubKeyStruc = NULL;
- DSSPUBKEY *pubKey = NULL;
- DSSSEED* seed = NULL;
- BYTE *buf = NULL;
+ xmlSecAssert2(id == xmlSecMSCryptoKeyDataDsaId, -1);
+ return(xmlSecKeyDataDsaXmlRead(id, key, node, keyInfoCtx,
+ xmlSecMSCryptoKeyDataDsaRead));
+}
+
+static int
+xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecMSCryptoKeyDataDsaId, -1);
+ return(xmlSecKeyDataDsaXmlWrite(id, key, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecMSCryptoKeyDataDsaWrite));
+}
+
+static int
+xmlSecMSCryptoKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+ xmlSecMSCryptoKeyDataCtxPtr ctx;
HCRYPTPROV hProv = 0;
HCRYPTKEY hKey = 0;
- xmlSecSize i;
+ DWORD dwKeySpec;
+ DWORD dwSize;
int res = -1;
int ret;
- xmlSecAssert2(id == xmlSecMSCryptoKeyDataDsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(xmlSecKeyGetValue(key) != NULL) {
- xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
- xmlSecKeyDataKlassGetName(id),
- "key already has a value");
- return(-1);
- }
+ xmlSecAssert2(xmlSecKeyDataIsValid(data), xmlSecKeyDataTypeUnknown);
+ xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize), xmlSecKeyDataTypeUnknown);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId), -1);
+ xmlSecAssert2(sizeBits > 0, -1);
+ UNREFERENCED_PARAMETER(type);
- /* initialize buffers */
- ret = xmlSecBnInitialize(&p, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize(p)",
- xmlSecKeyDataKlassGetName(id));
+ ctx = xmlSecMSCryptoKeyDataGetCtx(data);
+
+ hProv = xmlSecMSCryptoFindProvider(ctx->providers, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+ if(hProv == 0) {
+ xmlSecInternalError("xmlSecMSCryptoFindProvider", xmlSecKeyDataGetName(data));
return(-1);
}
- ret = xmlSecBnInitialize(&q, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize(q)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&p);
- return(-1);
+ dwKeySpec = AT_SIGNATURE;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(sizeBits, dwSize, return(-1), xmlSecKeyDataGetName(data));
+ dwSize = ((dwSize << 16) | CRYPT_EXPORTABLE);
+ if (!CryptGenKey(hProv, CALG_DSS_SIGN, dwSize, &hKey)) {
+ xmlSecMSCryptoError("CryptGenKey", xmlSecKeyDataGetName(data));
+ goto done;
}
- ret = xmlSecBnInitialize(&g, 0);
+ ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, dwKeySpec,
+ xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize(g)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&p);
- xmlSecBnFinalize(&q);
- return(-1);
+ xmlSecInternalError("xmlSecMSCryptoKeyDataAdoptKey", xmlSecKeyDataGetName(data));
+ goto done;
}
+ hProv = 0;
+ hKey = 0;
- ret = xmlSecBnInitialize(&y, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnInitialize(y)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&p);
- xmlSecBnFinalize(&q);
- xmlSecBnFinalize(&g);
- return(-1);
+ /* success */
+ res = 0;
+
+done:
+ if (hProv != 0) {
+ CryptReleaseContext(hProv, 0);
}
- ret = xmlSecBufferInitialize(&blob, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize(blob)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBnFinalize(&p);
- xmlSecBnFinalize(&q);
- xmlSecBnFinalize(&g);
- xmlSecBnFinalize(&y);
- return(-1);
+ if (hKey != 0) {
+ CryptDestroyKey(hKey);
}
- /* read xml */
- cur = xmlSecGetNextElementNode(node->children);
+ return(res);
+}
- /* first is P node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAP, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAP, xmlSecKeyDataKlassGetName(id));
- goto done;
- }
+static xmlSecKeyDataType
+xmlSecMSCryptoKeyDataDsaGetType(xmlSecKeyDataPtr data) {
+ return(xmlSecMSCryptoKeyDataGetType(data));
+}
- ret = xmlSecBnGetNodeValue(&p, cur, xmlSecBnBase64, 1);
- if((ret < 0) || (xmlSecBnGetSize(&p) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue(p)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
+static xmlSecSize
+xmlSecMSCryptoKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId), 0);
- /* next is Q node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAQ, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAQ, xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- ret = xmlSecBnGetNodeValue(&q, cur, xmlSecBnBase64, 1);
- if((ret < 0) || (xmlSecBnGetSize(&q) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue(q)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
+ return xmlSecMSCryptoKeyDataGetSize(data);
+}
- /* next is G node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAG, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAG, xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- ret = xmlSecBnGetNodeValue(&g, cur, xmlSecBnBase64, 1);
- if((ret < 0) || (xmlSecBnGetSize(&q) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue(g)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
+static void
+xmlSecMSCryptoKeyDataDsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId));
+ xmlSecAssert(output != NULL);
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAX, xmlSecNs))) {
- /* next is X node. It is REQUIRED for private key but
- * MSCrypto does not support it, we just ignore it */
+ fprintf(output, "=== dsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecMSCryptoKeyDataDsaGetSize(data));
+}
- cur = xmlSecGetNextElementNode(cur->next);
- }
+static void
+xmlSecMSCryptoKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId));
+ xmlSecAssert(output != NULL);
- /* next is Y node. */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAY, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAY, xmlSecKeyDataKlassGetName(id));
- goto done;
+ fprintf(output, "<DSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecMSCryptoKeyDataDsaGetSize(data));
+}
+
+static int
+xmlSecMSCryptoKeyValueDsaReverse(xmlSecKeyValueDsaPtr dsaValue) {
+ int ret;
+
+ xmlSecAssert2(dsaValue != NULL, -1);
+
+ ret = xmlSecBufferReverse(&(dsaValue->p));
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse(p)", NULL);
+ return(-1);
}
- ret = xmlSecBnGetNodeValue(&y, cur, xmlSecBnBase64, 1);
- if((ret < 0) || (xmlSecBnGetSize(&y) == 0)) {
- xmlSecInternalError("xmlSecBnGetNodeValue(y)",
- xmlSecKeyDataKlassGetName(id));
- goto done;
+ ret = xmlSecBufferReverse(&(dsaValue->q));
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse(q)", NULL);
+ return(-1);
}
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* todo: add support for J */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAJ, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
+ ret = xmlSecBufferReverse(&(dsaValue->g));
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse(g)", NULL);
+ return(-1);
}
-
- /* todo: add support for seed */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSASeed, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
+ ret = xmlSecBufferReverse(&(dsaValue->x));
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse(x)", NULL);
+ return(-1);
}
+ ret = xmlSecBufferReverse(&(dsaValue->y));
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse(y)", NULL);
+ return(-1);
+ }
+ return(0);
+}
+
+static xmlSecKeyDataPtr
+xmlSecMSCryptoKeyDataDsaRead(xmlSecKeyDataId id, xmlSecKeyValueDsaPtr dsaValue) {
+ xmlSecKeyDataPtr data = NULL;
+ xmlSecKeyDataPtr res = NULL;
+ xmlSecBuffer blob;
+ int blobInitialized = 0;
+ xmlSecSize blobBufferSize, pBitsSize;
+ DWORD dwBlobSize;
+ PUBLICKEYSTRUC* pubKeyStruc = NULL;
+ DSSPUBKEY* pubKey = NULL;
+ DSSSEED* seed = NULL;
+ BYTE* buf = NULL;
+ HCRYPTPROV hProv = 0;
+ HCRYPTKEY hKey = 0;
+ xmlSecSize pSize, qSize, gSize, ySize;
+ int ret;
- /* todo: add support for pgencounter */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAPgenCounter, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
+ xmlSecAssert2(id == xmlSecMSCryptoKeyDataDsaId, NULL);
+ xmlSecAssert2(dsaValue != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(dsaValue->p)) != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(dsaValue->q)) != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(dsaValue->g)) != NULL, NULL);
+ xmlSecAssert2(xmlSecBufferGetData(&(dsaValue->y)) != NULL, NULL);
+
+ /* reverse all */
+ ret = xmlSecMSCryptoKeyValueDsaReverse(dsaValue);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCryptoKeyValueDsaReverse()", NULL);
+ goto done;
}
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataKlassGetName(id))
+ /** we assume that:
+ * sizeof(q) <= XMLSEC_MSCRYPTO_DSA_MAX_Q_SIZE,
+ * sizeof(g) <= sizeof(p)
+ * sizeof(y) <= sizeof(p)
+ */
+ pSize = xmlSecBufferGetSize(&(dsaValue->p));
+ qSize = xmlSecBufferGetSize(&(dsaValue->q));
+ gSize = xmlSecBufferGetSize(&(dsaValue->g));
+ ySize = xmlSecBufferGetSize(&(dsaValue->y));
+ xmlSecAssert2(pSize > 0, NULL);
+ xmlSecAssert2(qSize > 0, NULL);
+ xmlSecAssert2(gSize > 0, NULL);
+ xmlSecAssert2(ySize > 0, NULL);
+ xmlSecAssert2(qSize <= XMLSEC_MSCRYPTO_DSA_MAX_Q_SIZE, NULL);
+ xmlSecAssert2(gSize <= pSize, NULL);
+ xmlSecAssert2(ySize <= pSize, NULL);
+
+ /* Now try to prepare buffer for key */
+ blobBufferSize = sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY) +
+ 3 * pSize +
+ XMLSEC_MSCRYPTO_DSA_MAX_Q_SIZE +
+ sizeof(DSSSEED);
+ ret = xmlSecBufferInitialize(&blob, blobBufferSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, blobBufferSize);
goto done;
}
+ blobInitialized = 1;
- /* we assume that sizeof(q) < 0x14, sizeof(g) <= sizeof(p) and sizeof(y) <= sizeof(p) */
- blobBufferLen = sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY) + 3 * xmlSecBnGetSize(&p) + 0x14 + sizeof(DSSSEED);
- ret = xmlSecBufferSetSize(&blob, blobBufferLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d", blobBufferLen);
+ ret = xmlSecBufferSetSize(&blob, blobBufferSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, blobBufferSize);
goto done;
}
+ memset(xmlSecBufferGetData(&blob), 0, blobBufferSize); // ensure all padding with 0s work
/* Set PUBLICKEYSTRUC */
- pubKeyStruc = (PUBLICKEYSTRUC *)xmlSecBufferGetData(&blob);
- pubKeyStruc->bType = PUBLICKEYBLOB;
- pubKeyStruc->bVersion = 0x02;
- pubKeyStruc->reserved = 0;
- pubKeyStruc->aiKeyAlg = CALG_DSS_SIGN;
+ pubKeyStruc = (PUBLICKEYSTRUC*)xmlSecBufferGetData(&blob);
+ pubKeyStruc->bType = PUBLICKEYBLOB;
+ pubKeyStruc->bVersion = 0x02;
+ pubKeyStruc->reserved = 0;
+ pubKeyStruc->aiKeyAlg = CALG_DSS_SIGN;
/* Set the public key header */
- pubKey = (DSSPUBKEY *) (xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC));
- pubKey->magic = 0x31535344; /* == DSS1 pub key */
- pubKey->bitlen = xmlSecBnGetSize(&p) * 8; /* Number of bits in prime modulus */
+ pubKey = (DSSPUBKEY*)(xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC));
+ pubKey->magic = 0x31535344; /* == DSS1 pub key */
+ pBitsSize = pSize * 8; /* Number of bits in prime modulus */
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(pBitsSize, pubKey->bitlen, goto done, NULL);
/* copy the key data */
- buf = (BYTE*) (xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY));
+ buf = (BYTE*)(xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY));
/* set p */
- xmlSecAssert2(xmlSecBnGetData(&p) != NULL, -1);
- memcpy(buf, xmlSecBnGetData(&p), xmlSecBnGetSize(&p));
- buf += xmlSecBnGetSize(&p);
-
- /* set q */
- if(xmlSecBnGetSize(&q) > 0x14) {
- xmlSecInvalidSizeLessThanError("DSA key q",
- xmlSecBnGetSize(&q), 0x14, NULL);
- goto done;
- }
- xmlSecAssert2(xmlSecBnGetData(&q) != NULL, -1);
- memcpy(buf, xmlSecBnGetData(&q), xmlSecBnGetSize(&q));
- buf += xmlSecBnGetSize(&q);
+ memcpy(buf, xmlSecBufferGetData(&(dsaValue->p)), pSize);
+ buf += pSize;
- /* Pad with zeros */
- for(i = xmlSecBnGetSize(&q); i < 0x14; ++i) {
- *(buf++) = 0;
- }
+ /* set q and pad with zeros */
+ memcpy(buf, xmlSecBufferGetData(&(dsaValue->q)), qSize);
+ buf += XMLSEC_MSCRYPTO_DSA_MAX_Q_SIZE;
- /* set generator */
- if(xmlSecBnGetSize(&g) > xmlSecBnGetSize(&p)) {
- xmlSecInvalidSizeMoreThanError("DSA key g",
- xmlSecBnGetSize(&g),
- xmlSecBnGetSize(&p),
- NULL);
- goto done;
- }
- xmlSecAssert2(xmlSecBnGetData(&g) != NULL, -1);
- memcpy(buf, xmlSecBnGetData(&g), xmlSecBnGetSize(&g));
- buf += xmlSecBnGetSize(&g);
- /* Pad with zeros */
- for(i = xmlSecBnGetSize(&g); i < xmlSecBnGetSize(&p); ++i) {
- *(buf++) = 0;
- }
+ /* set generator and pad with zeros */
+ memcpy(buf, xmlSecBufferGetData(&(dsaValue->g)), gSize);
+ buf += pSize; /* gSize <= pSize */
- /* Public key */
- if(xmlSecBnGetSize(&y) > xmlSecBnGetSize(&p)) {
- xmlSecInvalidSizeMoreThanError("DSA key y",
- xmlSecBnGetSize(&y),
- xmlSecBnGetSize(&p),
- NULL);
- goto done;
- }
- xmlSecAssert2(xmlSecBnGetData(&y) != NULL, -1);
- memcpy(buf, xmlSecBnGetData(&y), xmlSecBnGetSize(&y));
- buf += xmlSecBnGetSize(&y);
- /* Pad with zeros */
- for(i = xmlSecBnGetSize(&y); i < xmlSecBnGetSize(&p); ++i) {
- *(buf++) = 0;
- }
+ /* X is REQUIRED for private key but MSCrypto does not support it,
+ * so we just ignore it */
+
+ /* set public key and pad with zeros */
+ memcpy(buf, xmlSecBufferGetData(&(dsaValue->y)), ySize);
+ buf += pSize; /* ySize <= pSize */
+
+ /* todo: add support for J, seed, pgencounter */
/* Set seed to 0xFFFFFFFFF */
seed = (DSSSEED*)buf;
seed->counter = 0xFFFFFFFF; /* SEED Counter set to 0xFFFFFFFF will cause seed to be ignored */
hProv = xmlSecMSCryptoFindProvider(xmlSecMSCryptoProviderInfo_Dss, NULL, CRYPT_VERIFYCONTEXT, TRUE);
- if(hProv == 0) {
- xmlSecInternalError("xmlSecMSCryptoFindProvider",
- xmlSecKeyDataKlassGetName(id));
+ if (hProv == 0) {
+ xmlSecInternalError("xmlSecMSCryptoFindProvider", xmlSecKeyDataKlassGetName(id));
goto done;
}
/* import the key blob */
- if (!CryptImportKey(hProv, xmlSecBufferGetData(&blob), xmlSecBufferGetSize(&blob), 0, 0, &hKey)) {
- xmlSecMSCryptoError("CryptImportKey",
- xmlSecKeyDataKlassGetName(id));
+ blobBufferSize = xmlSecBufferGetSize(&blob);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(blobBufferSize, dwBlobSize, goto done, xmlSecKeyDataKlassGetName(id));
+ if (!CryptImportKey(hProv, xmlSecBufferGetData(&blob), dwBlobSize, 0, 0, &hKey)) {
+ xmlSecMSCryptoError("CryptImportKey", xmlSecKeyDataKlassGetName(id));
goto done;
}
data = xmlSecKeyDataCreate(id);
- if(data == NULL ) {
- xmlSecInternalError("xmlSecKeyDataCreate",
- xmlSecKeyDataKlassGetName(id));
+ if (data == NULL) {
+ xmlSecInternalError("xmlSecKeyDataCreate", xmlSecKeyDataKlassGetName(id));
goto done;
}
ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, 0, xmlSecKeyDataTypePublic);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataAdoptKey",
- xmlSecKeyDataGetName(data));
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCryptoKeyDataAdoptKey", xmlSecKeyDataGetName(data));
goto done;
}
- hProv = 0;
- hKey = 0;
-
- ret = xmlSecKeySetValue(key, data);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(data));
- goto done;
- }
- data = NULL;
+ hProv = 0; /* now owned by data */
+ hKey = 0; /* now owned by data */
/* success */
- res = 0;
+ res = data;
+ data = NULL;
done:
if (hKey != 0) {
if (data != NULL) {
xmlSecKeyDataDestroy(data);
}
-
- xmlSecBufferFinalize(&blob);
- xmlSecBnFinalize(&p);
- xmlSecBnFinalize(&q);
- xmlSecBnFinalize(&g);
- xmlSecBnFinalize(&y);
-
+ if (blobInitialized != 0) {
+ xmlSecBufferFinalize(&blob);
+ }
return(res);
}
static int
-xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecMSCryptoKeyDataDsaWrite(xmlSecKeyDataId id, xmlSecKeyDataPtr data,
+ xmlSecKeyValueDsaPtr dsaValue,
+ int writePrivateKey ATTRIBUTE_UNUSED) {
xmlSecMSCryptoKeyDataCtxPtr ctx;
xmlSecBuffer buf;
- DWORD dwBlobLen;
+ int bufInitialized = 0;
+ DWORD dwBlobLen = 0;
xmlSecByte* blob;
PUBLICKEYSTRUC* pubKeyStruc;
- DSSPUBKEY *pubKey;
+ DSSPUBKEY* pubKey;
xmlSecSize keyLen, len;
- xmlNodePtr cur;
+ BOOL status;
int ret;
-
+ int res = -1;
xmlSecAssert2(id == xmlSecMSCryptoKeyDataDsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataDsaId), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId), -1);
+ xmlSecAssert2(dsaValue != NULL, -1);
+ UNREFERENCED_PARAMETER(writePrivateKey);
- ctx = xmlSecMSCryptoKeyDataGetCtx(xmlSecKeyGetValue(key));
+ ctx = xmlSecMSCryptoKeyDataGetCtx(data);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(xmlSecMSCryptoKeyDataCtxGetKey(ctx) != 0, -1);
- if (!CryptExportKey(xmlSecMSCryptoKeyDataCtxGetKey(ctx), 0, PUBLICKEYBLOB, 0, NULL, &dwBlobLen)) {
- xmlSecInternalError("CryptExportKey",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
+ /* get size */
+ status = CryptExportKey(
+ xmlSecMSCryptoKeyDataCtxGetKey(ctx),
+ 0,
+ PUBLICKEYBLOB,
+ 0,
+ NULL,
+ &dwBlobLen);
+ if((status != TRUE) || (dwBlobLen <= 0)) {
+ xmlSecInternalError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "dwBlobLen=%lu", dwBlobLen);
+ goto done;
}
+ /* allocate buffer */
ret = xmlSecBufferInitialize(&buf, dwBlobLen);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize",
- xmlSecKeyDataKlassGetName(id),
- "size=%ld", dwBlobLen);
- return(-1);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferInitialize", xmlSecKeyDataKlassGetName(id), "size=%lu", dwBlobLen);
+ goto done;
}
+ bufInitialized = 1;
+ /* get data */
blob = xmlSecBufferGetData(&buf);
- if (!CryptExportKey(xmlSecMSCryptoKeyDataCtxGetKey(ctx), 0, PUBLICKEYBLOB, 0, blob, &dwBlobLen)) {
- xmlSecMSCryptoError("CryptExportKey",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
- if (dwBlobLen < sizeof(PUBLICKEYSTRUC)) {
- xmlSecInvalidSizeLessThanError("Key blob", dwBlobLen, sizeof(PUBLICKEYSTRUC),
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ xmlSecAssert2(blob != NULL, -1);
+
+ status = CryptExportKey(
+ xmlSecMSCryptoKeyDataCtxGetKey(ctx),
+ 0,
+ PUBLICKEYBLOB,
+ 0,
+ blob,
+ &dwBlobLen);
+ if ((status != TRUE) || (dwBlobLen <= 0)) {
+ xmlSecInternalError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "dwBlobLen=%lu", dwBlobLen);
+ goto done;
}
/* check PUBLICKEYSTRUC */
- pubKeyStruc = (PUBLICKEYSTRUC*)blob;
- if(pubKeyStruc->bVersion != 0x02) {
- xmlSecMSCryptoError2("CryptExportKey",
- xmlSecKeyDataKlassGetName(id),
- "pubKeyStruc->bVersion=%ld",
- (long int)pubKeyStruc->bVersion);
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
- if(pubKeyStruc->bType != PUBLICKEYBLOB) {
- xmlSecMSCryptoError2("CryptExportKey",
- xmlSecKeyDataKlassGetName(id),
- "pubKeyStruc->bType=%ld",
- (long int)pubKeyStruc->bType);
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
-
- /* check DSSPUBKEY */
- pubKey = (DSSPUBKEY*)(blob + sizeof(PUBLICKEYSTRUC));
- if(pubKey->magic != 0x31535344) { /* DSS key magic */
- xmlSecMSCryptoError2("CryptExportKey",
- xmlSecKeyDataKlassGetName(id),
- "pubKey->magic=0x%08lx",
- (long int)pubKey->magic);
- xmlSecBufferFinalize(&buf);
- return(-1);
+ if (dwBlobLen < sizeof(PUBLICKEYSTRUC)) {
+ xmlSecMSCryptoError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "dwBlobLen=%lu", dwBlobLen);
+ goto done;
}
- keyLen = pubKey->bitlen / 8;
-
- /* we assume that sizeof(q) < 0x14, sizeof(g) <= sizeof(p) and sizeof(y) <= sizeof(p) */
- if (dwBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY) + 3 * keyLen + 0x14 + sizeof(DSSSEED)) {
- xmlSecInvalidSizeLessThanError("Key blob",
- dwBlobLen, sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY) + 3 * keyLen + 0x14 + sizeof(DSSSEED),
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ pubKeyStruc = (PUBLICKEYSTRUC*)blob;
+ if (pubKeyStruc->bVersion != 0x02) {
+ xmlSecMSCryptoError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "pubKeyStruc->bVersion=%d", (int)(pubKeyStruc->bVersion));
+ goto done;
}
- blob += sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY);
-
- /* first is P node */
- cur = xmlSecAddChild(node, xmlSecNodeDSAP, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAP)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ if (pubKeyStruc->bType != PUBLICKEYBLOB) {
+ xmlSecMSCryptoError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "pubKeyStruc->bType=%d", (int)(pubKeyStruc->bType));
+ goto done;
}
- ret = xmlSecBnBlobSetNodeValue(blob, keyLen, cur, xmlSecBnBase64, 1, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue(NodeDSAP)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /* check DSSPUBKEY */
+ if (dwBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY)) {
+ xmlSecMSCryptoError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "dwBlobLen=%lu", dwBlobLen);
+ goto done;
}
- blob += keyLen;
+ pubKey = (DSSPUBKEY*)(blob + sizeof(PUBLICKEYSTRUC));
+ if (pubKey->magic != 0x31535344) { /* DSS key magic */
+ xmlSecMSCryptoError2("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "pubKey->magic=0x%08lx", pubKey->magic);
+ goto done;
- /* next is Q node. */
- cur = xmlSecAddChild(node, xmlSecNodeDSAQ, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAQ)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
}
+ keyLen = pubKey->bitlen / 8;
- /* we think that the size of q is 0x14, skip trailing zeros */
- for(len = 0x14; len > 0 && blob[len - 1] == 0; --len);
-
- ret = xmlSecBnBlobSetNodeValue(blob, len, cur, xmlSecBnBase64, 1, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue(NodeDSAQ)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
- }
- blob += 0x14;
+ /* we assume that sizeof(q) < XMLSEC_MSCRYPTO_DSA_MAX_Q_SIZE, sizeof(g) <= sizeof(p) and sizeof(y) <= sizeof(p) */
+ if (dwBlobLen < (sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY) + 3 * keyLen + XMLSEC_MSCRYPTO_DSA_MAX_Q_SIZE + sizeof(DSSSEED))) {
+ xmlSecMSCryptoError3("CryptExportKey", xmlSecKeyDataKlassGetName(id),
+ "dwBlobLen: %lu; keyLen: " XMLSEC_SIZE_FMT, dwBlobLen, keyLen);
+ goto done;
- /* next is G node. */
- cur = xmlSecAddChild(node, xmlSecNodeDSAG, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAG)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
}
+ blob += sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY);
- /* skip trailing zeros */
- for(len = keyLen; len > 0 && blob[len - 1] == 0; --len);
-
- ret = xmlSecBnBlobSetNodeValue(blob, len, cur, xmlSecBnBase64, 1, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue(NodeDSAG)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /*** p ***/
+ ret = xmlSecBufferSetData(&(dsaValue->p), blob, keyLen);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(p)", xmlSecKeyDataKlassGetName(id),
+ "keyLen=" XMLSEC_SIZE_FMT, keyLen);
+ goto done;
}
blob += keyLen;
- /* next is X node: not supported in MSCrypto */
-
- /* next is Y node. */
- cur = xmlSecAddChild(node, xmlSecNodeDSAY, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAY)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /*** q (we assume that the size of q is XMLSEC_MSCRYPTO_DSA_MAX_Q_SIZE, skip trailing zeros) ***/
+ for (len = XMLSEC_MSCRYPTO_DSA_MAX_Q_SIZE; len > 0 && blob[len - 1] == 0; --len);
+ ret = xmlSecBufferSetData(&(dsaValue->q), blob, len);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(q)", xmlSecKeyDataKlassGetName(id),
+ "keyLen=" XMLSEC_SIZE_FMT, keyLen);
+ goto done;
}
+ blob += XMLSEC_MSCRYPTO_DSA_MAX_Q_SIZE;
- /* skip trailing zeros */
- for(len = keyLen; len > 0 && blob[len - 1] == 0; --len);
-
- ret = xmlSecBnBlobSetNodeValue(blob, len, cur, xmlSecBnBase64, 1, 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnBlobSetNodeValue(NodeDSAY)",
- xmlSecKeyDataKlassGetName(id));
- xmlSecBufferFinalize(&buf);
- return(-1);
+ /*** g ***/
+ for (len = keyLen; len > 0 && blob[len - 1] == 0; --len);
+ ret = xmlSecBufferSetData(&(dsaValue->g), blob, keyLen);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(g)", xmlSecKeyDataKlassGetName(id),
+ "keyLen=" XMLSEC_SIZE_FMT, keyLen);
+ goto done;
}
blob += keyLen;
- xmlSecBufferFinalize(&buf);
- return(0);
-}
+ /* X is REQUIRED for private key but MSCrypto does not support it,
+ * so we just ignore it */
-static int
-xmlSecMSCryptoKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
- xmlSecMSCryptoKeyDataCtxPtr ctx;
- HCRYPTPROV hProv = 0;
- HCRYPTKEY hKey = 0;
- DWORD dwKeySpec;
- DWORD dwSize;
- int res = -1;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataIsValid(data), xmlSecKeyDataTypeUnknown);
- xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize), xmlSecKeyDataTypeUnknown);
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId), -1);
- xmlSecAssert2(sizeBits > 0, -1);
- UNREFERENCED_PARAMETER(type);
-
- ctx = xmlSecMSCryptoKeyDataGetCtx(data);
-
- hProv = xmlSecMSCryptoFindProvider(ctx->providers, NULL, CRYPT_VERIFYCONTEXT, TRUE);
- if(hProv == 0) {
- xmlSecInternalError("xmlSecMSCryptoFindProvider",
- xmlSecKeyDataGetName(data));
- return(-1);
+ /*** y ***/
+ for (len = keyLen; len > 0 && blob[len - 1] == 0; --len);
+ ret = xmlSecBufferSetData(&(dsaValue->y), blob, keyLen);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData(y)", xmlSecKeyDataKlassGetName(id),
+ "keyLen=" XMLSEC_SIZE_FMT, keyLen);
+ goto done;
}
+ blob += keyLen;
- dwKeySpec = AT_SIGNATURE;
- dwSize = ((sizeBits << 16) | CRYPT_EXPORTABLE);
- if (!CryptGenKey(hProv, CALG_DSS_SIGN, dwSize, &hKey)) {
- xmlSecMSCryptoError("CryptGenKey",
- xmlSecKeyDataGetName(data));
- goto done;
+ /* reverse all */
+ ret = xmlSecMSCryptoKeyValueDsaReverse(dsaValue);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCryptoKeyValueDsaReverse()", NULL);
+ goto done;
}
- ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, dwKeySpec,
- xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataAdoptKey",
- xmlSecKeyDataGetName(data));
- goto done;
- }
- hProv = 0;
- hKey = 0;
-
/* success */
res = 0;
done:
- if (hProv != 0) {
- CryptReleaseContext(hProv, 0);
- }
-
- if (hKey != 0) {
- CryptDestroyKey(hKey);
+ if (bufInitialized != 0) {
+ xmlSecBufferFinalize(&buf);
}
-
return(res);
}
-static xmlSecKeyDataType
-xmlSecMSCryptoKeyDataDsaGetType(xmlSecKeyDataPtr data) {
- return(xmlSecMSCryptoKeyDataGetType(data));
-}
-
-static xmlSecSize
-xmlSecMSCryptoKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId), 0);
-
- return xmlSecMSCryptoKeyDataGetSize(data);
-}
-
-static void
-xmlSecMSCryptoKeyDataDsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId));
- xmlSecAssert(output != NULL);
-
- fprintf(output, "=== dsa key: size = %d\n",
- xmlSecMSCryptoKeyDataDsaGetSize(data));
-}
-
-static void
-xmlSecMSCryptoKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId));
- xmlSecAssert(output != NULL);
-
- fprintf(output, "<DSAKeyValue size=\"%d\" />\n",
- xmlSecMSCryptoKeyDataDsaGetSize(data));
-}
-
#endif /* XMLSEC_NO_DSA */
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2001Id));
xmlSecAssert(output != NULL);
- fprintf(output, "=== dsa key: size = %d\n",
- xmlSecMSCryptoKeyDataGost2001GetSize(data));
+ fprintf(output, "=== dsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecMSCryptoKeyDataGost2001GetSize(data));
}
static void
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2001Id));
xmlSecAssert(output != NULL);
- fprintf(output, "<GOST2001KeyValue size=\"%d\" />\n",
- xmlSecMSCryptoKeyDataGost2001GetSize(data));
+ fprintf(output, "<GOST2001KeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecMSCryptoKeyDataGost2001GetSize(data));
}
#endif /* XMLSEC_NO_GOST */
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2012_256Id));
xmlSecAssert(output != NULL);
- fprintf(output, "=== dsa key: size = %d\n",
- xmlSecMSCryptoKeyDataGost2012_256GetSize(data));
+ fprintf(output, "=== dsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecMSCryptoKeyDataGost2012_256GetSize(data));
}
static void
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2012_256Id));
xmlSecAssert(output != NULL);
- fprintf(output, "<GOST2012_256KeyValue size=\"%d\" />\n",
- xmlSecMSCryptoKeyDataGost2012_256GetSize(data));
+ fprintf(output, "<GOST2012_256KeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecMSCryptoKeyDataGost2012_256GetSize(data));
}
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2012_512Id));
xmlSecAssert(output != NULL);
- fprintf(output, "=== dsa key: size = %d\n",
- xmlSecMSCryptoKeyDataGost2012_512GetSize(data));
+ fprintf(output, "=== dsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecMSCryptoKeyDataGost2012_512GetSize(data));
}
static void
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2012_512Id));
xmlSecAssert(output != NULL);
- fprintf(output, "<GOST2012_512KeyValue size=\"%d\" />\n",
- xmlSecMSCryptoKeyDataGost2012_512GetSize(data));
+ fprintf(output, "<GOST2012_512KeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecMSCryptoKeyDataGost2012_512GetSize(data));
}
#endif /* XMLSEC_NO_GOST2012 */
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 200
3-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 200
2-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:ciphers
#include <xmlsec/mscrypto/crypto.h>
#include "private.h"
-
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
/**************************************************************************
*
int encrypt,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
- int blockLen;
int ret;
- DWORD dwBlockLen, dwBlockLenLen;
+ DWORD dwBlockLen, dwBlockLenBits, dwBlockLenBitsLen;
+ xmlSecSize blockSize, inSize, outSize;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->cryptKey != 0, -1);
xmlSecAssert2(transformCtx != NULL, -1);
/* iv len == block len */
- dwBlockLenLen = sizeof(DWORD);
- if (!CryptGetKeyParam(ctx->cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwBlockLenLen, 0)) {
+ dwBlockLenBitsLen = sizeof(dwBlockLenBits);
+ if (!CryptGetKeyParam(ctx->cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLenBits, &dwBlockLenBitsLen, 0)) {
xmlSecMSCryptoError("CryptGetKeyParam", cipherName);
return(-1);
}
- blockLen = dwBlockLen / 8;
- xmlSecAssert2(blockLen > 0, -1);
+ dwBlockLen = dwBlockLenBits / 8;
+ xmlSecAssert2(dwBlockLen > 0, -1);
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwBlockLen, blockSize, return(-1), cipherName);
+
+ inSize = xmlSecBufferGetSize(in);
+ outSize = xmlSecBufferGetSize(out);
+
if(encrypt) {
unsigned char* iv;
- xmlSecSize outSize;
/* allocate space for IV */
- outSize = xmlSecBufferGetSize(out);
- ret = xmlSecBufferSetSize(out, outSize + blockLen);
+ ret = xmlSecBufferSetSize(out, outSize + blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", outSize + blockLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + blockSize));
return(-1);
}
iv = xmlSecBufferGetData(out) + outSize;
/* generate and use random iv */
- if(!CryptGenRandom(ctx->cryptProvider, blockLen, iv)) {
- xmlSecMSCryptoError2("CryptGenRandom", cipherName,
- "len=%d", blockLen);
+ if(!CryptGenRandom(ctx->cryptProvider, dwBlockLen, iv)) {
+ xmlSecMSCryptoError2("CryptGenRandom", cipherName, "len=%lu", dwBlockLen);
return(-1);
}
} else {
/* if we don't have enough data, exit and hope that
* we'll have iv next time */
- if(xmlSecBufferGetSize(in) < XMLSEC_SIZE_BAD_CAST(blockLen)) {
+ if(inSize < blockSize) {
return(0);
}
xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
}
/* and remove from input */
- ret = xmlSecBufferRemoveHead(in, blockLen);
+ ret = xmlSecBufferRemoveHead(in, blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", blockLen);
+ "size=" XMLSEC_SIZE_FMT, blockSize);
return(-1);
}
int encrypt,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
- xmlSecSize inSize, inBlocks, outSize;
- int blockLen;
+ DWORD dwBlockLen, dwBlockLenBits, dwBlockLenBitsLen, dwCLen;
+ xmlSecSize blockSize, inSize, inBlocks, outSize;
unsigned char* outBuf;
unsigned char* inBuf;
int ret;
- DWORD dwBlockLen, dwBlockLenLen, dwCLen;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->ctxInitialized != 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(transformCtx != NULL, -1);
- dwBlockLenLen = sizeof(DWORD);
- if (!CryptGetKeyParam(ctx->cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwBlockLenLen, 0)) {
+ dwBlockLenBitsLen = sizeof(dwBlockLenBits);
+ if (!CryptGetKeyParam(ctx->cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLenBits, &dwBlockLenBitsLen, 0)) {
xmlSecMSCryptoError("CryptSetKeyParam", cipherName);
return(-1);
}
- blockLen = dwBlockLen / 8;
- xmlSecAssert2(blockLen > 0, -1);
+ dwBlockLen = dwBlockLenBits / 8;
+ xmlSecAssert2(dwBlockLen > 0, -1);
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwBlockLen, blockSize, return(-1), cipherName);
inSize = xmlSecBufferGetSize(in);
outSize = xmlSecBufferGetSize(out);
- if(inSize < XMLSEC_SIZE_BAD_CAST(blockLen)) {
+ if(inSize < blockSize) {
return(0);
}
if(encrypt) {
- inBlocks = inSize / XMLSEC_SIZE_BAD_CAST(blockLen);
+ inBlocks = inSize / blockSize;
} else {
/* we want to have the last block in the input buffer
* for padding check */
- inBlocks = (inSize - 1) / XMLSEC_SIZE_BAD_CAST(blockLen);
+ inBlocks = (inSize - 1) / blockSize;
}
- inSize = inBlocks * XMLSEC_SIZE_BAD_CAST(blockLen);
+ inSize = inBlocks * blockSize;
/* we write out the input size plus may be one block */
- ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen);
+ ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", outSize + inSize + blockLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + inSize + blockSize));
return(-1);
}
outBuf = xmlSecBufferGetData(out) + outSize;
xmlSecAssert2(inBuf != NULL, -1);
memcpy(outBuf, inBuf, inSize);
- dwCLen = inSize;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwCLen, return(-1), cipherName);
if(encrypt) {
- if(!CryptEncrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen, inSize + blockLen)) {
+ DWORD dwBufLen;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG((inSize + blockSize), dwBufLen, return(-1), cipherName);
+ if(!CryptEncrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen, dwBufLen)) {
xmlSecMSCryptoError("CryptEncrypt", cipherName);
return(-1);
}
}
/* Check if we really have de/encrypted the numbers of bytes that we requested */
if (dwCLen != inSize) {
- xmlSecInternalError2("CryptEn/Decrypt", cipherName,
- "size=%ld", dwCLen);
+ xmlSecInternalError2("CryptEn/Decrypt", cipherName, "size=%lu", dwCLen);
return(-1);
}
ret = xmlSecBufferSetSize(out, outSize + inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", outSize + inSize);
+ "size=" XMLSEC_SIZE_FMT, (outSize + inSize));
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
return(0);
int encrypt,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
- xmlSecSize inSize, outSize;
- int blockLen, outLen = 0;
+ DWORD dwBlockLen, dwBlockLenBits, dwBlockLenBitsLen, dwCLen;
+ xmlSecSize blockSize, inSize, outSize;
unsigned char* inBuf;
unsigned char* outBuf;
int ret;
- DWORD dwBlockLen, dwBlockLenLen, dwCLen;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->ctxInitialized != 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(transformCtx != NULL, -1);
- dwBlockLenLen = sizeof(DWORD);
- if (!CryptGetKeyParam(ctx->cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwBlockLenLen, 0)) {
+ dwBlockLenBitsLen = sizeof(dwBlockLenBits);
+ if (!CryptGetKeyParam(ctx->cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLenBits, &dwBlockLenBitsLen, 0)) {
xmlSecMSCryptoError("CryptGetKeyParam", cipherName);
return(-1);
}
- blockLen = dwBlockLen / 8;
- xmlSecAssert2(blockLen > 0, -1);
+ dwBlockLen = dwBlockLenBits / 8;
+ xmlSecAssert2(dwBlockLen > 0, -1);
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwBlockLen, blockSize, return(-1), cipherName);
inSize = xmlSecBufferGetSize(in);
outSize = xmlSecBufferGetSize(out);
if(encrypt != 0) {
- xmlSecAssert2(inSize < XMLSEC_SIZE_BAD_CAST(blockLen), -1);
+ xmlSecAssert2(inSize < blockSize, -1);
/* create padding */
- ret = xmlSecBufferSetMaxSize(in, blockLen);
+ ret = xmlSecBufferSetMaxSize(in, blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", blockLen);
+ "size=" XMLSEC_SIZE_FMT, blockSize);
return(-1);
}
inBuf = xmlSecBufferGetData(in);
/* create random padding */
- if(XMLSEC_SIZE_BAD_CAST(blockLen) > (inSize + 1)) {
- if (!CryptGenRandom(ctx->cryptProvider, blockLen - inSize - 1, inBuf + inSize)) {
+ if(blockSize > (inSize + 1)) {
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG((blockSize - inSize - 1), dwCLen, return(-1), cipherName);
+ if (!CryptGenRandom(ctx->cryptProvider, dwCLen, inBuf + inSize)) {
xmlSecMSCryptoError("CryptGenRandom", cipherName);
return(-1);
}
}
- inBuf[blockLen - 1] = (unsigned char)(blockLen - inSize);
- inSize = blockLen;
+ XMLSEC_SAFE_CAST_SIZE_TO_BYTE((blockSize - inSize), inBuf[blockSize - 1], return(-1), cipherName);
+ inSize = blockSize;
} else {
- if(inSize != XMLSEC_SIZE_BAD_CAST(blockLen)) {
- xmlSecInvalidSizeError("Input data", inSize, blockLen, cipherName);
+ if(inSize != blockSize) {
+ xmlSecInvalidSizeError("Input data", inSize, blockSize, cipherName);
return(-1);
}
inBuf = xmlSecBufferGetData(in);
}
/* process last block */
- ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockLen);
+ ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", outSize + 2 * blockLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + 2 * blockSize));
return(-1);
}
outBuf = xmlSecBufferGetData(out) + outSize;
memcpy(outBuf, inBuf, inSize);
- dwCLen = inSize;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwCLen, return(-1), cipherName);
if(encrypt) {
+ DWORD dwBufLen;
+
/* Set process last block to false, since we handle padding ourselves, and MSCrypto padding
* can be skipped. I hope this will work .... */
- if(!CryptEncrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen, inSize + blockLen)) {
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG((inSize + blockSize), dwBufLen, return(-1), cipherName);
+ if(!CryptEncrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen, dwBufLen)) {
xmlSecMSCryptoError("CryptEncrypt", cipherName);
return(-1);
}
/* Check if we really have de/encrypted the numbers of bytes that we requested */
if (dwCLen != inSize) {
- xmlSecInternalError2("CryptEn/Decrypt", cipherName,
- "size=%ld", dwCLen);
+ xmlSecInternalError2("CryptEn/Decrypt", cipherName, "size=%lu", dwCLen);
return(-1);
}
if(encrypt == 0) {
/* check padding */
- if(inSize < outBuf[blockLen - 1]) {
+ if(inSize < outBuf[blockSize - 1]) {
xmlSecInvalidSizeLessThanError("Input data padding",
- inSize, outBuf[blockLen - 1], cipherName);
+ inSize, outBuf[blockSize - 1], cipherName);
return(-1);
}
- outLen = inSize - outBuf[blockLen - 1];
+ outSize += inSize - outBuf[blockSize - 1];
} else {
- outLen = inSize;
+ outSize += inSize;
}
/* set correct output buffer size */
- ret = xmlSecBufferSetSize(out, outSize + outLen);
+ ret = xmlSecBufferSetSize(out, outSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", outSize + outLen);
+ xmlSecInternalError2("xmlSecBufferSetSize", cipherName, "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
/* remove the processed block from input */
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
*
* Block Cipher transforms
*
- * xmlSecMSCryptoBlockCipherCtx block is located after xmlSecTransform structure
- *
*****************************************************************************/
-#define xmlSecMSCryptoBlockCipherSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoBlockCipherCtx))
-#define xmlSecMSCryptoBlockCipherGetCtx(transform) \
- ((xmlSecMSCryptoBlockCipherCtxPtr)(((unsigned char*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(MSCryptoBlockCipher, xmlSecMSCryptoBlockCipherCtx)
+#define xmlSecMSCryptoBlockCipherSize XMLSEC_TRANSFORM_SIZE(MSCryptoBlockCipher)
static int xmlSecMSCryptoBlockCipherInitialize (xmlSecTransformPtr transform);
static void xmlSecMSCryptoBlockCipherFinalize (xmlSecTransformPtr transform);
ctx->keyId = xmlSecMSCryptoKeyDataAesId;
ctx->providers = xmlSecMSCryptoProviderInfo_Aes;
ctx->keySize = 32;
- } else
+ } else
#endif /* XMLSEC_NO_AES */
{
if (ctx->cryptProvider) {
CryptReleaseContext(ctx->cryptProvider, 0);
}
-
+
memset(ctx, 0, sizeof(xmlSecMSCryptoBlockCipherCtx));
}
xmlSecMSCryptoBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecMSCryptoBlockCipherCtxPtr ctx;
xmlSecBufferPtr buffer;
+ DWORD dwKeyLen;
BYTE* bufData;
xmlSecAssert2(xmlSecMSCryptoBlockCipherCheckId(transform), -1);
xmlSecAssert2(bufData != NULL, -1);
/* Import this key and get an HCRYPTKEY handle */
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(ctx->keySize, dwKeyLen, return(-1), xmlSecTransformGetName(transform));
if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->cryptProvider,
ctx->pubPrivKey,
ctx->algorithmIdentifier,
bufData,
- ctx->keySize,
+ dwKeyLen,
TRUE,
&(ctx->cryptKey))) {
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 200
3-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 200
2-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
*/
/**
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
#include <xmlsec/dl.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/private.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/mscrypto/app.h>
#include <xmlsec/mscrypto/crypto.h>
#include <xmlsec/mscrypto/x509.h>
-#include "private.h"
+#include "private.h"
+#include "../cast_helpers.h"
#define XMLSEC_CONTAINER_NAME_A "xmlsec-key-container"
#define XMLSEC_CONTAINER_NAME_W L"xmlsec-key-container"
int
xmlSecMSCryptoGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) {
HCRYPTPROV hProv = 0;
+ DWORD dwSize;
int ret;
+ int res = -1;
xmlSecAssert2(buffer != NULL, -1);
xmlSecAssert2(size > 0, -1);
ret = xmlSecBufferSetSize(buffer, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL,
- "size=%d", size);
- return(-1);
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=" XMLSEC_SIZE_FMT, size);
+ goto done;
}
-
hProv = xmlSecMSCryptoFindProvider(xmlSecMSCryptoProviderInfo_Random, NULL, CRYPT_VERIFYCONTEXT, FALSE);
if (0 == hProv) {
xmlSecInternalError("xmlSecMSCryptoFindProvider", NULL);
- return(-1);
+ goto done;
}
- if (FALSE == CryptGenRandom(hProv, (DWORD)size, xmlSecBufferGetData(buffer))) {
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(size, dwSize, goto done, NULL);
+ if (FALSE == CryptGenRandom(hProv, dwSize, xmlSecBufferGetData(buffer))) {
xmlSecMSCryptoError("CryptGenRandom", NULL);
- CryptReleaseContext(hProv,0);
- return(-1);
+ goto done;
}
- CryptReleaseContext(hProv, 0);
- return(0);
+ /* success */
+ res = 0;
+
+done:
+ /* cleanup */
+ if (hProv != 0) {
+ CryptReleaseContext(hProv, 0);
+ }
+ return(res);
}
/**
* Returns the system error message for the give error code.
*/
void
-xmlSecMSCryptoGetErrorMessage(DWORD dwError, xmlChar * out, xmlSecSize outSize) {
- LPTSTR errorText = NULL;
- DWORD ret;
+xmlSecMSCryptoGetErrorMessage(DWORD dwError, xmlChar * out, int outLen) {
#ifndef UNICODE
WCHAR errorTextW[XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE];
#endif /* UNICODE */
+ LPTSTR errorText = NULL;
+ DWORD dwRet;
+ int ret;
xmlSecAssert(out != NULL);
- xmlSecAssert(outSize > 0);
+ xmlSecAssert(outLen > 0);
+ out[0] = '\0';
/* Use system message tables to retrieve error text, allocate buffer on local
heap for error text, don't use any inserts/parameters */
- ret = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM
+ dwRet = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM
| FORMAT_MESSAGE_ALLOCATE_BUFFER
| FORMAT_MESSAGE_IGNORE_INSERTS,
NULL,
(LPTSTR)&errorText,
0,
NULL);
- if((ret <= 0) || (errorText == NULL)) {
- out[0] = '\0';
+ if((dwRet <= 0) || (errorText == NULL)) {
goto done;
}
#ifdef UNICODE
- ret = WideCharToMultiByte(CP_UTF8, 0, errorText, -1, (LPSTR)out, outSize, NULL, NULL);
+ ret = WideCharToMultiByte(CP_UTF8, 0, errorText, -1, (LPSTR)out, outLen, NULL, NULL);
if(ret <= 0) {
- out[0] = '\0';
goto done;
}
#else /* UNICODE */
ret = MultiByteToWideChar(CP_ACP, 0, errorText, -1, errorTextW, XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE);
if(ret <= 0) {
- out[0] = '\0';
goto done;
}
- ret = WideCharToMultiByte(CP_UTF8, 0, errorTextW, -1, (LPSTR)out, outSize, NULL, NULL);
+ ret = WideCharToMultiByte(CP_UTF8, 0, errorTextW, -1, (LPSTR)out, outLen, NULL, NULL);
if(ret <= 0) {
- out[0] = '\0';
goto done;
}
#endif /* UNICODE */
*
* Returns: a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.
*/
-xmlChar*
+xmlChar*
xmlSecMSCryptoConvertLocaleToUtf8(const char * str) {
return(xmlSecWin32ConvertLocaleToUtf8(str));
}
*
* Returns: a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.
*/
-char *
+char *
xmlSecMSCryptoConvertUtf8ToLocale(const xmlChar* str) {
return(xmlSecWin32ConvertUtf8ToLocale(str));
}
*
* Returns: a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.
*/
-xmlChar*
+xmlChar*
xmlSecMSCryptoConvertTstrToUtf8(LPCTSTR str) {
return(xmlSecWin32ConvertTstrToUtf8(str));
}
/* check errors */
dwLastError = GetLastError();
- switch(dwLastError) {
+ switch(HRESULT_FROM_WIN32(dwLastError)) {
case NTE_BAD_KEYSET:
/* This error can indicate that a newly installed provider
* does not have a usable key container yet. It needs to be
#define ALG_SID_GR3411 30
#define ALG_SID_G28147 30
-#define ALG_SID_GR3411_2012_256 33
-#define ALG_SID_GR3411_2012_512 34
+#define ALG_SID_GR3411_2012_256 33
+#define ALG_SID_GR3411_2012_512 34
#define ALG_SID_GR3410 30
#define ALG_SID_DH_EX_SF 30
#define CALG_MAGPRO_HASH_28147_89 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MAGPRO_28147_89)
-#define CALG_GR3411_2012_256 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_GR3411_2012_256)
-#define CALG_GR3411_2012_512 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_GR3411_2012_512)
+#define CALG_GR3411_2012_256 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_GR3411_2012_256)
+#define CALG_GR3411_2012_512 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_GR3411_2012_512)
#define CALG_MAGPRO_ENCR_28147_89 (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_G28147)
#include <xmlsec/errors.h>
#include <xmlsec/mscrypto/crypto.h>
+
#include "private.h"
+#include "../cast_helpers.h"
#define MSCRYPTO_MAX_HASH_SIZE 256
*
* MSCrypto Digest transforms
*
- * xmlSecMSCryptoDigestCtx is located after xmlSecTransform
- *
*****************************************************************************/
-#define xmlSecMSCryptoDigestSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoDigestCtx))
-#define xmlSecMSCryptoDigestGetCtx(transform) \
- ((xmlSecMSCryptoDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-
+XMLSEC_TRANSFORM_DECLARE(MSCryptoDigest, xmlSecMSCryptoDigestCtx)
+#define xmlSecMSCryptoDigestSize XMLSEC_TRANSFORM_SIZE(MSCryptoDigest)
static int xmlSecMSCryptoDigestInitialize (xmlSecTransformPtr transform);
static void xmlSecMSCryptoDigestFinalize (xmlSecTransformPtr transform);
{ NULL, 0 }
};
+#ifndef XMLSEC_NO_MD5
static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Md5[] = {
{ MS_STRONG_PROV, PROV_RSA_FULL },
{ MS_ENHANCED_PROV, PROV_RSA_FULL },
{ MS_DEF_PROV, PROV_RSA_FULL },
{ NULL, 0 }
};
+#endif /* XMLSEC_NO_MD5 */
#ifndef XMLSEC_NO_GOST
static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Gost[] = {
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
- ret = CryptHashData(ctx->mscHash,
- xmlSecBufferGetData(in),
- inSize,
- 0);
+ DWORD dwInSize;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, return(-1), xmlSecTransformGetName(transform));
+ ret = CryptHashData(ctx->mscHash, xmlSecBufferGetData(in), dwInSize, 0);
if(ret == 0) {
- xmlSecMSCryptoError2("CryptHashData",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecMSCryptoError2("CryptHashData", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
}
if(last) {
- /* TODO: make a MSCrypto compatible assert here */
- /* xmlSecAssert2((xmlSecSize)EVP_MD_size(ctx->digest) <= sizeof(ctx->dgst), -1); */
- DWORD retLen;
- retLen = MSCRYPTO_MAX_HASH_SIZE;
-
+ DWORD retLen = MSCRYPTO_MAX_HASH_SIZE;
ret = CryptGetHashParam(ctx->mscHash,
HP_HASHVAL,
ctx->dgst,
&retLen,
0);
if (ret == 0) {
- xmlSecMSCryptoError2("CryptGetHashParam(HP_HASHVAL)",
- xmlSecTransformGetName(transform),
- "size=%d", MSCRYPTO_MAX_HASH_SIZE);
+ xmlSecMSCryptoError("CryptGetHashParam(HP_HASHVAL)", xmlSecTransformGetName(transform));
return(-1);
}
-
- ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(retLen);
-
- xmlSecAssert2(ctx->dgstSize > 0, -1);
+ xmlSecAssert2(retLen > 0, -1);
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(retLen, ctx->dgstSize, return(-1), xmlSecTransformGetName(transform));
/* copy result to output */
if(transform->operation == xmlSecTransformOperationSign) {
ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend",
- xmlSecTransformGetName(transform),
- "size=%d", ctx->dgstSize);
+ xmlSecInternalError2("xmlSecBufferAppend", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, ctx->dgstSize);
return(-1);
}
}
/* Include common error helper macros. */
#include "../errors_helpers.h"
+#include "../cast_helpers.h"
#define XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE 4096
void xmlSecMSCryptoGetErrorMessage (DWORD dwError,
xmlChar * out,
- xmlSecSize outSize);
+ int outLen);
/**
*
* Macro. The XMLSec library macro for reporting MSCrypto crypro errors.
*/
-#define xmlSecMSCryptoError(errorFunction, errorObject) \
- { \
- DWORD dwLastError = GetLastError(); \
- xmlChar errBuf[XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE]; \
+#define xmlSecMSCryptoError(errorFunction, errorObject) \
+ { \
+ DWORD dwLastError = GetLastError(); \
+ xmlChar errBuf[XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE]; \
xmlSecMSCryptoGetErrorMessage(dwLastError, errBuf, sizeof(errBuf)); \
- xmlSecError(XMLSEC_ERRORS_HERE, \
- (const char*)(errorObject), \
- (errorFunction), \
- XMLSEC_ERRORS_R_CRYPTO_FAILED, \
- "MSCrypto error: %ld: 0x%08lx: %s", \
- (long int)dwLastError, (long int)dwLastError, errBuf \
- ); \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ (errorFunction), \
+ XMLSEC_ERRORS_R_CRYPTO_FAILED, \
+ "MSCrypto error: %lu (0x%08lx): %s", \
+ (dwLastError), \
+ (dwLastError), \
+ errBuf \
+ ); \
}
/**
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
- msg "MSCrypto error: %ld: 0x%08lx: %s", \
+ msg "; MSCrypto error: %lu (0x%08lx): %s", \
(param), \
- (long int)dwLastError, (long int)dwLastError, errBuf \
+ (dwLastError), \
+ (dwLastError), \
+ errBuf \
+ ); \
+ }
+
+ /**
+ * xmlSecMSCryptoError3:
+ * @errorFunction: the failed function name.
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ * @msg: the extra message.
+ * @param1: the extra message param1.
+ * @param2: the extra message param2.
+ *
+ * Macro. The XMLSec library macro for reporting MSCrypto crypro errors.
+ */
+#define xmlSecMSCryptoError3(errorFunction, errorObject, msg, param1, param2) \
+ { \
+ DWORD dwLastError = GetLastError(); \
+ xmlChar errBuf[XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE]; \
+ xmlSecMSCryptoGetErrorMessage(dwLastError, errBuf, sizeof(errBuf)); \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ (errorFunction), \
+ XMLSEC_ERRORS_R_CRYPTO_FAILED, \
+ msg "; MSCrypto error: %lu (0x%08lx): %s", \
+ (param1), \
+ (param2), \
+ (dwLastError), \
+ (dwLastError), \
+ errBuf \
); \
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:hmac
#include <wincrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/base64.h>
+#include <xmlsec/errors.h>
#include <xmlsec/keys.h>
+#include <xmlsec/private.h>
#include <xmlsec/transforms.h>
-#include <xmlsec/errors.h>
#include <xmlsec/mscrypto/crypto.h>
+
#include "private.h"
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+#include "../transform_helpers.h"
-/* sizes in bits */
-#define XMLSEC_MSCRYPTO_MIN_HMAC_SIZE 80
-#define XMLSEC_MSCRYPTO_MAX_HMAC_SIZE 256
/**************************************************************************
*
* Configuration
*
*****************************************************************************/
-static int g_xmlsec_mscrypto_hmac_min_length = XMLSEC_MSCRYPTO_MIN_HMAC_SIZE;
/**
* xmlSecMSCryptoHmacGetMinOutputLength:
*
+ * DEPRECATED (use @xmlSecTransformHmacGetMinOutputBitsSize instead).
* Gets the value of min HMAC length.
*
* Returns: the min HMAC output length
*/
int xmlSecMSCryptoHmacGetMinOutputLength(void)
{
- return g_xmlsec_mscrypto_hmac_min_length;
+ xmlSecSize val = xmlSecTransformHmacGetMinOutputBitsSize();
+ int res;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(val, res, return(-1), NULL);
+ return res;
}
/**
* xmlSecMSCryptoHmacSetMinOutputLength:
* @min_length: the new min length
*
+ * DEPRECATED (use @xmlSecTransformHmacSetMinOutputBitsSize instead).
* Sets the min HMAC output length
*/
void xmlSecMSCryptoHmacSetMinOutputLength(int min_length)
{
- g_xmlsec_mscrypto_hmac_min_length = min_length;
+ xmlSecSize val;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(min_length, val, return, NULL);
+ xmlSecTransformHmacSetMinOutputBitsSize(val);
}
/******************************************************************************
ALG_ID alg_id;
const xmlSecMSCryptoProviderInfo * providers;
HCRYPTHASH mscHash;
- unsigned char dgst[XMLSEC_MSCRYPTO_MAX_HMAC_SIZE];
+ unsigned char dgst[XMLSEC_TRASNFORM_HMAC_MAX_OUTPUT_SIZE];
xmlSecSize dgstSize; /* dgst size in bytes */
int ctxInitialized;
};
*
* HMAC transforms
*
- * xmlSecMSCryptoHmacCtx is located after xmlSecTransform
- *
*****************************************************************************/
-#define xmlSecMSCryptoHmacGetCtx(transform) \
- ((xmlSecMSCryptoHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecMSCryptoHmacSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoHmacCtx))
+XMLSEC_TRANSFORM_DECLARE(MSCryptoHmac, xmlSecMSCryptoHmacCtx)
+#define xmlSecMSCryptoHmacSize XMLSEC_TRANSFORM_SIZE(MSCryptoHmac)
static int xmlSecMSCryptoHmacCheckId (xmlSecTransformPtr transform);
static int xmlSecMSCryptoHmacInitialize (xmlSecTransformPtr transform);
}
static int
-xmlSecMSCryptoHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCryptoHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCryptoHmacCtxPtr ctx;
- xmlNodePtr cur;
+ int ret;
xmlSecAssert2(xmlSecMSCryptoHmacCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoHmacSize), -1);
xmlSecAssert2(node!= NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCryptoHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- cur = xmlSecGetNextElementNode(node->children);
- if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
- xmlChar *content;
-
- content = xmlNodeGetContent(cur);
- if(content != NULL) {
- ctx->dgstSize = atoi((char*)content);
- xmlFree(content);
- }
-
- /* Ensure that HMAC length is greater than min specified.
- Otherwise, an attacker can set this length to 0 or very
- small value
- */
- if((int)ctx->dgstSize < xmlSecMSCryptoHmacGetMinOutputLength()) {
- xmlSecInvalidNodeContentError(cur, xmlSecTransformGetName(transform),
- "HMAC output length is too small");
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform));
+ ret = xmlSecTransformHmacReadOutputBitsSize(node, ctx->dgstSize, &ctx->dgstSize);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformHmacReadOutputBitsSize()",
+ xmlSecTransformGetName(transform));
return(-1);
}
+
return(0);
}
xmlSecKeyDataPtr value;
xmlSecBufferPtr buffer;
HMAC_INFO hmacInfo;
+ xmlSecByte* bufPtr;
+ xmlSecSize bufSize;
+ DWORD dwBufSize;
int ret;
xmlSecAssert2(xmlSecMSCryptoHmacCheckId(transform), -1);
buffer = xmlSecKeyDataBinaryValueGetBuffer(value);
xmlSecAssert2(buffer != NULL, -1);
- if(xmlSecBufferGetSize(buffer) == 0) {
+ bufPtr = xmlSecBufferGetData(buffer);
+ bufSize = xmlSecBufferGetSize(buffer);
+ if((bufPtr == NULL) || (bufSize == 0)) {
xmlSecInvalidZeroKeyDataSizeError(xmlSecTransformGetName(transform));
return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(bufSize, dwBufSize, return(-1), xmlSecTransformGetName(transform));
- xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
-
- /* Import this key and get an HCRYPTKEY handle.
- *
- * HACK!!! HACK!!! HACK!!!
- *
+ /* Import this key and get an HCRYPTKEY handle.
+ *
+ * HACK!!! HACK!!! HACK!!!
+ *
* Using CALG_RC2 instead of CALG_HMAC for the key algorithm so we don't want to check key length
*/
if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->provider,
ctx->pubPrivKey,
CALG_RC2,
- xmlSecBufferGetData(buffer),
- xmlSecBufferGetSize(buffer),
+ bufPtr,
+ dwBufSize,
FALSE,
&(ctx->cryptKey)
) || (ctx->cryptKey == 0)) {
xmlSecInternalError("xmlSecMSCryptoImportPlainSessionBlob",
xmlSecTransformGetName(transform));
return(-1);
- }
+ }
/* create hash */
ret = CryptCreateHash(ctx->provider,
static int
xmlSecMSCryptoHmacVerify(xmlSecTransformPtr transform,
const xmlSecByte* data, xmlSecSize dataSize,
- xmlSecTransformCtxPtr transformCtx) {
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
static xmlSecByte last_byte_masks[] =
{ 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
xmlSecAssert2(data != NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCryptoHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
+ DWORD dwInSize;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, return(-1), xmlSecTransformGetName(transform));
ret = CryptHashData(ctx->mscHash,
xmlSecBufferGetData(in),
- inSize,
+ dwInSize,
0);
if(ret == 0) {
- xmlSecMSCryptoError2("CryptHashData",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecMSCryptoError2("CryptHashData", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
}
if(last) {
- /* TODO: make a MSCrypto compatible assert here */
- /* xmlSecAssert2((xmlSecSize)EVP_MD_size(ctx->digest) <= sizeof(ctx->dgst), -1); */
- DWORD retLen;
- retLen = XMLSEC_MSCRYPTO_MAX_HMAC_SIZE;
+ DWORD retLen = XMLSEC_TRASNFORM_HMAC_MAX_OUTPUT_SIZE;
+ xmlSecSize hashSize;
ret = CryptGetHashParam(ctx->mscHash,
HP_HASHVAL,
0);
if (ret == 0) {
- xmlSecInternalError2("CryptGetHashParam",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecInternalError2("CryptGetHashParam", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
xmlSecAssert2(retLen > 0, -1);
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(retLen, hashSize, return(-1), xmlSecTransformGetName(transform));
/* check/set the result digest size */
if(ctx->dgstSize == 0) {
- ctx->dgstSize = retLen * 8; /* no dgst size specified, use all we have */
- } else if(ctx->dgstSize <= 8 * retLen) {
- retLen = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+ ctx->dgstSize = hashSize * 8; /* no dgst size specified, use all we have */
+ } else if(ctx->dgstSize <= 8 * hashSize) {
+ hashSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
} else {
xmlSecInvalidSizeLessThanError("HMAC digest (bits)",
- 8 * retLen, ctx->dgstSize,
- xmlSecTransformGetName(transform));
+ 8 * hashSize, ctx->dgstSize,
+ xmlSecTransformGetName(transform));
return(-1);
}
/* copy result to output */
if(transform->operation == xmlSecTransformOperationSign) {
- ret = xmlSecBufferAppend(out, ctx->dgst, retLen);
+ ret = xmlSecBufferAppend(out, ctx->dgst, hashSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend",
- xmlSecTransformGetName(transform),
- "size=%d", ctx->dgstSize);
+ xmlSecInternalError2("xmlSecBufferAppend", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, hashSize);
return(-1);
}
}
* distribution for precise wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 200
3-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 200
2-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:keysstore
#include <windows.h>
#include <wincrypt.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
#include <xmlsec/base64.h>
#include <xmlsec/errors.h>
-#include <xmlsec/xmltree.h>
-
#include <xmlsec/keysmngr.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/mscrypto/app.h>
#include <xmlsec/mscrypto/crypto.h>
#include <xmlsec/mscrypto/keysstore.h>
#include <xmlsec/mscrypto/x509.h>
#include <xmlsec/mscrypto/certkeys.h>
+
#include "private.h"
+#include "../cast_helpers.h"
#define XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME_A "MY"
#define XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME_W L"MY"
*
* MSCrypto Keys Store. Uses Simple Keys Store under the hood
*
- * Simple Keys Store ptr is located after xmlSecKeyStore
- *
***************************************************************************/
-#define xmlSecMSCryptoKeysStoreSize \
- (sizeof(xmlSecKeyStore) + sizeof(xmlSecKeyStorePtr))
-
-#define xmlSecMSCryptoKeysStoreGetSS(store) \
- ((xmlSecKeyStoreCheckSize((store), xmlSecMSCryptoKeysStoreSize)) ? \
- (xmlSecKeyStorePtr*)(((xmlSecByte*)(store)) + sizeof(xmlSecKeyStore)) : \
- (xmlSecKeyStorePtr*)NULL)
+XMLSEC_KEY_STORE_DECLARE(MSCryptoKeysStore, xmlSecKeyStorePtr)
+#define xmlSecMSCryptoKeysStoreSize XMLSEC_KEY_STORE_SIZE(MSCryptoKeysStore)
static int xmlSecMSCryptoKeysStoreInitialize (xmlSecKeyStorePtr store);
static void xmlSecMSCryptoKeysStoreFinalize (xmlSecKeyStorePtr store);
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId), -1);
xmlSecAssert2((key != NULL), -1);
- ss = xmlSecMSCryptoKeysStoreGetSS(store);
+ ss = xmlSecMSCryptoKeysStoreGetCtx(store);
xmlSecAssert2(((ss != NULL) && (*ss != NULL) &&
(xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
int
xmlSecMSCryptoKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
xmlSecKeysMngrPtr keysMngr) {
- xmlDocPtr doc;
- xmlNodePtr root;
- xmlNodePtr cur;
- xmlSecKeyPtr key;
- xmlSecKeyInfoCtx keyInfoCtx;
- int ret;
-
- xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId), -1);
- xmlSecAssert2((uri != NULL), -1);
- UNREFERENCED_PARAMETER(keysMngr);
-
- doc = xmlParseFile(uri);
- if(doc == NULL) {
- xmlSecXmlError2("xmlParseFile", xmlSecKeyStoreGetName(store),
- "uri=%s", xmlSecErrorsSafeString(uri));
- return(-1);
- }
-
- root = xmlDocGetRootElement(doc);
- if(!xmlSecCheckNodeName(root, BAD_CAST "Keys", xmlSecNs)) {
- xmlSecInvalidNodeError(root, BAD_CAST "Keys", xmlSecKeyStoreGetName(store));
- xmlFreeDoc(doc);
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(root->children);
- while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {
- key = xmlSecKeyCreate();
- if(key == NULL) {
- xmlSecInternalError("xmlSecKeyCreate",
- xmlSecKeyStoreGetName(store));
- xmlFreeDoc(doc);
- return(-1);
- }
-
- ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeyInfoCtxInitialize",
- xmlSecKeyStoreGetName(store));
- xmlSecKeyDestroy(key);
- xmlFreeDoc(doc);
- return(-1);
- }
-
- keyInfoCtx.mode = xmlSecKeyInfoModeRead;
- keyInfoCtx.keysMngr = NULL;
- keyInfoCtx.flags = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND |
- XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
- keyInfoCtx.keyReq.keyId = xmlSecKeyDataIdUnknown;
- keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny;
- keyInfoCtx.keyReq.keyUsage= xmlSecKeyDataUsageAny;
-
- ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeyInfoNodeRead",
- xmlSecKeyStoreGetName(store));
- xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
- xmlSecKeyDestroy(key);
- xmlFreeDoc(doc);
- return(-1);
- }
- xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-
- if(xmlSecKeyIsValid(key)) {
- ret = xmlSecMSCryptoKeysStoreAdoptKey(store, key);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoKeysStoreAdoptKey",
- xmlSecKeyStoreGetName(store));
- xmlSecKeyDestroy(key);
- xmlFreeDoc(doc);
- return(-1);
- }
- } else {
- /* we have an unknown key in our file, just ignore it */
- xmlSecKeyDestroy(key);
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyStoreGetName(store));
- xmlFreeDoc(doc);
- return(-1);
- }
-
- xmlFreeDoc(doc);
- return(0);
+ return(xmlSecSimpleKeysStoreLoad_ex(store, uri, keysMngr,
+ xmlSecMSCryptoKeysStoreAdoptKey));
}
/**
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId), -1);
xmlSecAssert2((filename != NULL), -1);
- ss = xmlSecMSCryptoKeysStoreGetSS(store);
+ ss = xmlSecMSCryptoKeysStoreGetCtx(store);
xmlSecAssert2(((ss != NULL) && (*ss != NULL) &&
(xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId), -1);
- ss = xmlSecMSCryptoKeysStoreGetSS(store);
+ ss = xmlSecMSCryptoKeysStoreGetCtx(store);
xmlSecAssert2((*ss == NULL), -1);
*ss = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
xmlSecAssert(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId));
- ss = xmlSecMSCryptoKeysStoreGetSS(store);
+ ss = xmlSecMSCryptoKeysStoreGetCtx(store);
xmlSecAssert((ss != NULL) && (*ss != NULL));
xmlSecKeyStoreDestroy(*ss);
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId), NULL);
xmlSecAssert2(keyInfoCtx != NULL, NULL);
- ss = xmlSecMSCryptoKeysStoreGetSS(store);
+ ss = xmlSecMSCryptoKeysStoreGetCtx(store);
xmlSecAssert2(((ss != NULL) && (*ss != NULL)), NULL);
/* first try to find key in the simple keys store */
#include <stdlib.h>
#include <string.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
-#include <xmlsec/xmltree.h>
-#include <xmlsec/keys.h>
-#include <xmlsec/transforms.h>
-#include <xmlsec/strings.h>
#include <xmlsec/errors.h>
#include <xmlsec/keyinfo.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/strings.h>
+#include <xmlsec/private.h>
+#include <xmlsec/transforms.h>
#include <xmlsec/mscrypto/crypto.h>
#include <xmlsec/mscrypto/certkeys.h>
+
#include "private.h"
+#include "../cast_helpers.h"
+#include "../transform_helpers.h"
/**************************************************************************
*
*
* RSA PKCS1 key transport transform
*
- * xmlSecMSCryptoRsaPkcs1OaepCtx is located after xmlSecTransform
- *
********************************************************************/
-#define xmlSecMSCryptoRsaPkcs1OaepCtx \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoRsaPkcs1OaepCtx))
-#define xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform) \
- ((xmlSecMSCryptoRsaPkcs1OaepCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(MSCryptoRsaPkcs1Oaep, xmlSecMSCryptoRsaPkcs1OaepCtx)
+#define xmlSecMSCryptoRsaPkcs1OaepSize XMLSEC_TRANSFORM_SIZE(MSCryptoRsaPkcs1Oaep)
static int xmlSecMSCryptoRsaPkcs1OaepCheckId (xmlSecTransformPtr transform);
static int xmlSecMSCryptoRsaPkcs1OaepInitialize (xmlSecTransformPtr transform);
static int xmlSecMSCryptoRsaPkcs1OaepExecute (xmlSecTransformPtr transform,
int last,
xmlSecTransformCtxPtr transformCtx);
-static int xmlSecMSCryptoRsaPkcs1OaepProcess (xmlSecTransformPtr transform,
- xmlSecTransformCtxPtr transformCtx);
+static int xmlSecMSCryptoRsaPkcs1OaepProcess (xmlSecTransformPtr transform);
static int
int ret;
xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepSize), -1);
ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
xmlSecAssert(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform));
- xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx));
+ xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepSize));
ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
xmlSecAssert(ctx != NULL);
xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepSize), -1);
xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepSize), -1);
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataRsaId), -1);
}
static int
-xmlSecMSCryptoRsaPkcs1OaepExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCryptoRsaPkcs1OaepExecute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
int ret;
xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepSize), -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
/* just do nothing */
} else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- ret = xmlSecMSCryptoRsaPkcs1OaepProcess(transform, transformCtx);
+ ret = xmlSecMSCryptoRsaPkcs1OaepProcess(transform);
if(ret < 0) {
xmlSecInternalError("xmlSecMSCryptoRsaPkcs1OaepProcess",
xmlSecTransformGetName(transform));
}
static int
-xmlSecMSCryptoRsaPkcs1OaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCryptoRsaPkcs1OaepProcess(xmlSecTransformPtr transform) {
xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
xmlSecBufferPtr in, out;
xmlSecSize inSize, outSize;
xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepSize), -1);
ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
* process more than that */
if((transform->operation == xmlSecTransformOperationEncrypt) && (inSize >= keySize)) {
xmlSecInvalidSizeLessThanError("Input data", inSize, keySize,
- xmlSecTransformGetName(transform));
+ xmlSecTransformGetName(transform));
return(-1);
} else if((transform->operation == xmlSecTransformOperationDecrypt) && (inSize != keySize)) {
xmlSecInvalidSizeError("Input data", inSize, keySize,
- xmlSecTransformGetName(transform));
+ xmlSecTransformGetName(transform));
return(-1);
}
outSize = keySize;
ret = xmlSecBufferSetMaxSize(out, outSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
if(transform->operation == xmlSecTransformOperationEncrypt) {
if(inSize > outSize) {
xmlSecInvalidSizeLessThanError("Output data", outSize, inSize,
- xmlSecTransformGetName(transform));
+ xmlSecTransformGetName(transform));
return(-1);
}
ret = xmlSecBufferSetData(out, xmlSecBufferGetData(in), inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecInternalError2("xmlSecBufferSetData", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
- dwInLen = inSize;
- dwBufLen = outSize;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInLen, return(-1), xmlSecTransformGetName(transform));
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(outSize, dwBufLen, return(-1), xmlSecTransformGetName(transform));
if (0 == (hKey = xmlSecMSCryptoKeyDataGetKey(ctx->data, xmlSecKeyDataTypePublic))) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataGetKey",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecMSCryptoKeyDataGetKey", xmlSecTransformGetName(transform));
return (-1);
}
outBuf = xmlSecBufferGetData(out);
xmlSecAssert2(outBuf != NULL, -1);
- /* set OAEP parameter for the key
+ /* set OAEP parameter for the key
*
* aleksey: I don't understand how this would work in multi-threaded
* environment or when key can be re-used multiple times
*/
if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaOaepId) && xmlSecBufferGetSize(&(ctx->oaepParams)) > 0) {
+ xmlSecSize oaepParamsSize;
CRYPT_DATA_BLOB oaepParams;
memset(&oaepParams, 0, sizeof(oaepParams));
oaepParams.pbData = xmlSecBufferGetData(&(ctx->oaepParams));
- oaepParams.cbData = xmlSecBufferGetSize(&(ctx->oaepParams));
+ oaepParamsSize = xmlSecBufferGetSize(&(ctx->oaepParams));
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(oaepParamsSize, oaepParams.cbData, return(-1), xmlSecTransformGetName(transform));
if (!CryptSetKeyParam(hKey, KP_OAEP_PARAMS, (const BYTE*)&oaepParams, 0)) {
- xmlSecMSCryptoError("CryptSetKeyParam",
- xmlSecTransformGetName(transform));
+ xmlSecMSCryptoError("CryptSetKeyParam", xmlSecTransformGetName(transform));
return (-1);
}
}
/* encrypt */
if (!CryptEncrypt(hKey, 0, TRUE, ctx->dwFlags, outBuf, &dwInLen, dwBufLen)) {
- xmlSecMSCryptoError("CryptEncrypt",
- xmlSecTransformGetName(transform));
+ xmlSecMSCryptoError("CryptEncrypt", xmlSecTransformGetName(transform));
return (-1);
}
*/
ConvertEndianInPlace(outBuf, outSize);
} else {
- dwOutLen = inSize;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwOutLen, return(-1), xmlSecTransformGetName(transform));
/* The input of CryptDecrypt is expected to be little-endian,
* so we have to convert from big-endian to little endian.
hKey = xmlSecMSCryptoKeyDataGetDecryptKey(ctx->data);
if (0 == hKey) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataGetKey",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecMSCryptoKeyDataGetKey", xmlSecTransformGetName(transform));
return (-1);
}
- /* set OAEP parameter for the key
+ /* set OAEP parameter for the key
*
* aleksey: I don't understand how this would work in multi-threaded
* environment or when key can be re-used multiple times
*/
if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaOaepId) && xmlSecBufferGetSize(&(ctx->oaepParams)) > 0) {
+ xmlSecSize oaepParamsSize;
CRYPT_DATA_BLOB oaepParams;
memset(&oaepParams, 0, sizeof(oaepParams));
oaepParams.pbData = xmlSecBufferGetData(&(ctx->oaepParams));
- oaepParams.cbData = xmlSecBufferGetSize(&(ctx->oaepParams));
+ oaepParamsSize = xmlSecBufferGetSize(&(ctx->oaepParams));
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(oaepParamsSize, oaepParams.cbData, return(-1), xmlSecTransformGetName(transform));
if (!CryptSetKeyParam(hKey, KP_OAEP_PARAMS, (const BYTE*)&oaepParams, 0)) {
- xmlSecMSCryptoError("CryptSetKeyParam",
- xmlSecTransformGetName(transform));
+ xmlSecMSCryptoError("CryptSetKeyParam", xmlSecTransformGetName(transform));
return (-1);
}
}
/* decrypt */
if (!CryptDecrypt(hKey, 0, TRUE, ctx->dwFlags, outBuf, &dwOutLen)) {
- xmlSecMSCryptoError("CryptDecrypt",
- xmlSecTransformGetName(transform));
+ xmlSecMSCryptoError("CryptDecrypt", xmlSecTransformGetName(transform));
return(-1);
}
ret = xmlSecBufferSetSize(out, outSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ xmlSecInternalError2("xmlSecBufferSetSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
static xmlSecTransformKlass xmlSecMSCryptoRsaPkcs1Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecMSCryptoRsaPkcs1OaepCtx, /* xmlSecSize objSize */
+ xmlSecMSCryptoRsaPkcs1OaepSize, /* xmlSecSize objSize */
xmlSecNameRsaPkcs1, /* const xmlChar* name; */
xmlSecHrefRsaPkcs1, /* const xmlChar* href; */
xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */
- xmlSecMSCryptoRsaPkcs1OaepInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecMSCryptoRsaPkcs1OaepFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecMSCryptoRsaPkcs1OaepInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecMSCryptoRsaPkcs1OaepFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecMSCryptoRsaPkcs1OaepSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
- xmlSecMSCryptoRsaPkcs1OaepSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecMSCryptoRsaPkcs1OaepSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
+ xmlSecMSCryptoRsaPkcs1OaepSetKey, /* xmlSecTransformSetKeyMethod setKey; */
NULL, /* xmlSecTransformValidateMethod validate; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecMSCryptoRsaPkcs1OaepExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecMSCryptoRsaPkcs1OaepExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
* RSA/OAEP transform
*
**********************************************************************/
-static int xmlSecMSCryptoRsaOaepNodeRead (xmlSecTransformPtr transform,
- xmlNodePtr node,
+static int xmlSecMSCryptoRsaOaepNodeRead (xmlSecTransformPtr transform,
+ xmlNodePtr node,
xmlSecTransformCtxPtr transformCtx);
static xmlSecTransformKlass xmlSecMSCryptoRsaOaepKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecMSCryptoRsaPkcs1OaepCtx, /* xmlSecSize objSize */
+ xmlSecMSCryptoRsaPkcs1OaepSize, /* xmlSecSize objSize */
xmlSecNameRsaOaep, /* const xmlChar* name; */
xmlSecHrefRsaOaep, /* const xmlChar* href; */
xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */
- xmlSecMSCryptoRsaPkcs1OaepInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecMSCryptoRsaPkcs1OaepFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecMSCryptoRsaPkcs1OaepInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecMSCryptoRsaPkcs1OaepFinalize, /* xmlSecTransformFinalizeMethod finalize; */
xmlSecMSCryptoRsaOaepNodeRead, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecMSCryptoRsaPkcs1OaepSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
- xmlSecMSCryptoRsaPkcs1OaepSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecMSCryptoRsaPkcs1OaepSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
+ xmlSecMSCryptoRsaPkcs1OaepSetKey, /* xmlSecTransformSetKeyMethod setKey; */
NULL, /* xmlSecTransformValidateMethod validate; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecMSCryptoRsaPkcs1OaepExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecMSCryptoRsaPkcs1OaepExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
}
static int
-xmlSecMSCryptoRsaOaepNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCryptoRsaOaepNodeRead(xmlSecTransformPtr transform, xmlNodePtr node,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
- xmlNodePtr cur;
+ xmlChar* algorithm = NULL;
int ret;
xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepSize), -1);
xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(xmlSecBufferGetSize(&(ctx->oaepParams)) == 0, -1);
- cur = xmlSecGetNextElementNode(node->children);
- while(cur != NULL) {
- if(xmlSecCheckNodeName(cur, xmlSecNodeRsaOAEPparams, xmlSecEncNs)) {
- ret = xmlSecBufferBase64NodeContentRead(&(ctx->oaepParams), cur);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferBase64NodeContentRead",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeDigestMethod, xmlSecDSigNs)) {
- xmlChar* algorithm;
-
- /* Algorithm attribute is required */
- algorithm = xmlGetProp(cur, xmlSecAttrAlgorithm);
- if(algorithm == NULL) {
- xmlSecInvalidNodeAttributeError(cur, xmlSecAttrAlgorithm,
- xmlSecTransformGetName(transform),
- "empty");
- return(-1);
- }
-
- /* for now we support only sha1 */
- if(xmlStrcmp(algorithm, xmlSecHrefSha1) != 0) {
- xmlSecInvalidTransfromError2(transform,
- "digest algorithm=\"%s\" is not supported for rsa/oaep",
- xmlSecErrorsSafeString(algorithm));
- xmlFree(algorithm);
- return(-1);
- }
- xmlFree(algorithm);
- } else {
- /* node not recognized */
- xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform));
- return(-1);
- }
+ ret = xmlSecTransformRsaOaepReadParams(node, &(ctx->oaepParams), &algorithm);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformRsaOaepReadParams",
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
- /* next node */
- cur = xmlSecGetNextElementNode(cur->next);
+ /* for now we support only sha1 */
+ if ((algorithm != NULL) && (xmlStrcmp(algorithm, xmlSecHrefSha1) != 0)) {
+ xmlSecInvalidTransfromError2(transform,
+ "digest algorithm=\"%s\" is not supported for rsa/oaep",
+ xmlSecErrorsSafeString(algorithm));
+ xmlFree(algorithm);
+ return(-1);
}
-
+ xmlFree(algorithm);
+
+ /* done */
return(0);
}
#endif /* XMLSEC_NO_RSA */
-
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 200
3-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 200
2-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_aes
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
#include <xmlsec/mscrypto/crypto.h>
-#include "../kw_aes_des.h"
#include "private.h"
+#include "../kw_aes_des.h"
+#include "../cast_helpers.h"
+
#ifndef XMLSEC_NO_AES
* AES KW implementation
*
*********************************************************************/
-static int xmlSecMSCryptoKWAesBlockEncrypt (const xmlSecByte * in,
+static int xmlSecMSCryptoKWAesBlockEncrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
+ xmlSecByte * out,
xmlSecSize outSize,
- void * cb_ctx);
-static int xmlSecMSCryptoKWAesBlockDecrypt (const xmlSecByte * in,
+ xmlSecSize* outWritten);
+static int xmlSecMSCryptoKWAesBlockDecrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
+ xmlSecByte * out,
xmlSecSize outSize,
- void * cb_ctx);
+ xmlSecSize* outWritten);
/* klass for KW AES operation */
static xmlSecKWAesKlass xmlSecMSCryptoKWAesKlass = {
typedef struct _xmlSecMSCryptoKWAesCtx xmlSecMSCryptoKWAesCtx,
*xmlSecMSCryptoKWAesCtxPtr;
struct _xmlSecMSCryptoKWAesCtx {
+ xmlSecTransformKWAesCtx parentCtx;
+
ALG_ID algorithmIdentifier;
const xmlSecMSCryptoProviderInfo * providers;
- xmlSecKeyDataId keyId;
- xmlSecSize keySize;
-
HCRYPTPROV cryptProvider;
HCRYPTKEY pubPrivKey;
- xmlSecBuffer keyBuffer;
};
/******************************************************************************
*
* KW AES transforms
*
- * xmlSecMSCryptoKWAesCtx block is located after xmlSecTransform structure
- *
*****************************************************************************/
-#define xmlSecMSCryptoKWAesSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoKWAesCtx))
-#define xmlSecMSCryptoKWAesGetCtx(transform) \
- ((xmlSecMSCryptoKWAesCtxPtr)(((unsigned char*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(MSCryptoKWAes, xmlSecMSCryptoKWAesCtx)
+#define xmlSecMSCryptoKWAesSize XMLSEC_TRANSFORM_SIZE(MSCryptoKWAes)
static int xmlSecMSCryptoKWAesInitialize (xmlSecTransformPtr transform);
static void xmlSecMSCryptoKWAesFinalize (xmlSecTransformPtr transform);
static int
xmlSecMSCryptoKWAesInitialize(xmlSecTransformPtr transform) {
xmlSecMSCryptoKWAesCtxPtr ctx;
+ xmlSecSize keyExpectedSize;
int ret;
xmlSecAssert2(xmlSecMSCryptoKWAesCheckId(transform), -1);
ctx = xmlSecMSCryptoKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
-
memset(ctx, 0, sizeof(xmlSecMSCryptoKWAesCtx));
if(transform->id == xmlSecMSCryptoTransformKWAes128Id) {
ctx->algorithmIdentifier = CALG_AES_128;
- ctx->keyId = xmlSecMSCryptoKeyDataAesId;
ctx->providers = xmlSecMSCryptoProviderInfo_Aes;
- ctx->keySize = XMLSEC_KW_AES128_KEY_SIZE;
+ keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE;
} else if(transform->id == xmlSecMSCryptoTransformKWAes192Id) {
ctx->algorithmIdentifier = CALG_AES_192;
- ctx->keyId = xmlSecMSCryptoKeyDataAesId;
ctx->providers = xmlSecMSCryptoProviderInfo_Aes;
- ctx->keySize = XMLSEC_KW_AES192_KEY_SIZE;
+ keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE;
} else if(transform->id == xmlSecMSCryptoTransformKWAes256Id) {
ctx->algorithmIdentifier = CALG_AES_256;
- ctx->keyId = xmlSecMSCryptoKeyDataAesId;
ctx->providers = xmlSecMSCryptoProviderInfo_Aes;
- ctx->keySize = XMLSEC_KW_AES256_KEY_SIZE;
+ keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE;
} else {
xmlSecInvalidTransfromError(transform)
return(-1);
}
- ret = xmlSecBufferInitialize(&ctx->keyBuffer, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform));
+ ret = xmlSecTransformKWAesInitialize(transform, &(ctx->parentCtx),
+ &xmlSecMSCryptoKWAesKlass, xmlSecMSCryptoKeyDataAesId,
+ keyExpectedSize);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesInitialize", xmlSecTransformGetName(transform));
+ xmlSecMSCryptoKWAesFinalize(transform);
return(-1);
}
if(ctx->cryptProvider == 0) {
xmlSecInternalError("xmlSecMSCryptoFindProvider",
xmlSecTransformGetName(transform));
+ xmlSecMSCryptoKWAesFinalize(transform);
return(-1);
}
if (!xmlSecMSCryptoCreatePrivateExponentOneKey(ctx->cryptProvider, &(ctx->pubPrivKey))) {
xmlSecInternalError("xmlSecMSCryptoCreatePrivateExponentOneKey",
xmlSecTransformGetName(transform));
+ xmlSecMSCryptoKWAesFinalize(transform);
return(-1);
}
if (ctx->cryptProvider) {
CryptReleaseContext(ctx->cryptProvider, 0);
}
-
- xmlSecBufferFinalize(&ctx->keyBuffer);
+ xmlSecTransformKWAesFinalize(transform, &(ctx->parentCtx));
memset(ctx, 0, sizeof(xmlSecMSCryptoKWAesCtx));
}
static int
xmlSecMSCryptoKWAesSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecMSCryptoKWAesCtxPtr ctx;
+ int ret;
xmlSecAssert2(xmlSecMSCryptoKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize), -1);
- xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecMSCryptoKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->cryptProvider != 0, -1);
- keyReq->keyId = ctx->keyId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage = xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+ ret = xmlSecTransformKWAesSetKeyReq(transform, &(ctx->parentCtx), keyReq);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesSetKeyReq", xmlSecTransformGetName(transform));
+ return(-1);
}
-
- keyReq->keyBitsSize = 8 * ctx->keySize;
return(0);
}
-
-
static int
xmlSecMSCryptoKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecMSCryptoKWAesCtxPtr ctx;
- xmlSecBufferPtr buffer;
- xmlSecSize keySize;
int ret;
xmlSecAssert2(xmlSecMSCryptoKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataAesId), -1);
ctx = xmlSecMSCryptoKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
- xmlSecAssert2(buffer != NULL, -1);
-
- keySize = xmlSecBufferGetSize(buffer);
- if(keySize < ctx->keySize) {
- xmlSecInvalidKeyDataSizeError(keySize, ctx->keySize,
- xmlSecTransformGetName(transform));
+ ret = xmlSecTransformKWAesSetKey(transform, &(ctx->parentCtx), key);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesSetKey", xmlSecTransformGetName(transform));
return(-1);
}
-
- ret = xmlSecBufferSetData(&(ctx->keyBuffer),
- xmlSecBufferGetData(buffer),
- ctx->keySize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "size=%d", ctx->keySize);
- return(-1);
- }
-
return(0);
}
static int
-xmlSecMSCryptoKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCryptoKWAesExecute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCryptoKWAesCtxPtr ctx;
- xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize;
int ret;
xmlSecAssert2(xmlSecMSCryptoKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCryptoKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- in = &(transform->inBuf);
- out = &(transform->outBuf);
- inSize = xmlSecBufferGetSize(in);
- outSize = xmlSecBufferGetSize(out);
- xmlSecAssert2(outSize == 0, -1);
-
- if(transform->status == xmlSecTransformStatusNone) {
- transform->status = xmlSecTransformStatusWorking;
- }
-
- if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
- /* just do nothing */
- } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- if((inSize % 8) != 0) {
- xmlSecInvalidSizeNotMultipleOfError("Input data", inSize, 8,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
- outSize = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE +
- XMLSEC_KW_AES_BLOCK_SIZE;
- } else {
- outSize = inSize + XMLSEC_KW_AES_BLOCK_SIZE;
- }
-
- ret = xmlSecBufferSetMaxSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- ret = xmlSecKWAesEncode(&xmlSecMSCryptoKWAesKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKWAesEncode",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
- } else {
- ret = xmlSecKWAesDecode(&xmlSecMSCryptoKWAesKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKWAesEncode",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
- }
-
- ret = xmlSecBufferSetSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
- return(-1);
- }
-
- transform->status = xmlSecTransformStatusFinished;
- } else if(transform->status == xmlSecTransformStatusFinished) {
- /* the only way we can get here is if there is no input */
- xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
- } else {
- xmlSecInvalidTransfromStatusError(transform);
+ ret = xmlSecTransformKWAesExecute(transform, &(ctx->parentCtx), last);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesExecute", xmlSecTransformGetName(transform));
return(-1);
}
return(0);
*
********************************************************************/
static int
-xmlSecMSCryptoKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
+xmlSecMSCryptoKWAesBlockEncrypt(xmlSecTransformPtr transform, const xmlSecByte * in, xmlSecSize inSize,
xmlSecByte * out, xmlSecSize outSize,
- void * context) {
- xmlSecMSCryptoKWAesCtxPtr ctx = (xmlSecMSCryptoKWAesCtxPtr)context;
+ xmlSecSize* outWritten) {
+ xmlSecMSCryptoKWAesCtxPtr ctx;
HCRYPTKEY cryptKey = 0;
- DWORD dwCLen;
+ xmlSecByte* keyData;
+ xmlSecSize keySize;
+ DWORD dwKeySize, dwCLen, dwOutSize;
+ int res = -1;
+ xmlSecAssert2(xmlSecMSCryptoKWAesCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize), -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecMSCryptoKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->pubPrivKey != 0, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&ctx->keyBuffer) == ctx->keySize, -1);
- /* Import this key and get an HCRYPTKEY handle, we do it again and again
+ keyData = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keySize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keyData != NULL, -1);
+ xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(keySize == ctx->parentCtx.keyExpectedSize, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(keySize, dwKeySize, goto done, NULL);
+
+ /* Import this key and get an HCRYPTKEY handle, we do it again and again
to ensure we don't go into CBC mode */
if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->cryptProvider,
ctx->pubPrivKey,
ctx->algorithmIdentifier,
- xmlSecBufferGetData(&ctx->keyBuffer),
- xmlSecBufferGetSize(&ctx->keyBuffer),
+ keyData,
+ dwKeySize,
TRUE,
&cryptKey)) {
xmlSecInternalError("xmlSecMSCryptoImportPlainSessionBlob", NULL);
- return(-1);
+ goto done;
}
xmlSecAssert2(cryptKey != 0, -1);
if(out != in) {
memcpy(out, in, inSize);
}
- dwCLen = inSize;
- if(!CryptEncrypt(cryptKey, 0, FALSE, 0, out, &dwCLen, outSize)) {
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwCLen, goto done, NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(outSize, dwOutSize, goto done, NULL);
+ if(!CryptEncrypt(cryptKey, 0, FALSE, 0, out, &dwCLen, dwOutSize)) {
xmlSecMSCryptoError("CryptEncrypt", NULL);
- CryptDestroyKey(cryptKey);
- return(-1);
+ goto done;
}
+ /* success */
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwCLen, (*outWritten), goto done, NULL);
+ res = 0;
+
+done:
/* cleanup */
- CryptDestroyKey(cryptKey);
- return(dwCLen);
+ if (cryptKey != 0) {
+ CryptDestroyKey(cryptKey);
+ }
+ return(res);
}
static int
-xmlSecMSCryptoKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
+xmlSecMSCryptoKWAesBlockDecrypt(xmlSecTransformPtr transform, const xmlSecByte * in, xmlSecSize inSize,
xmlSecByte * out, xmlSecSize outSize,
- void * context) {
- xmlSecMSCryptoKWAesCtxPtr ctx = (xmlSecMSCryptoKWAesCtxPtr)context;
+ xmlSecSize* outWritten) {
+ xmlSecMSCryptoKWAesCtxPtr ctx;
HCRYPTKEY cryptKey = 0;
+ xmlSecByte* keyData;
+ xmlSecSize keySize;
+ DWORD dwKeySize;
DWORD dwCLen;
+ int res = -1;
+ xmlSecAssert2(xmlSecMSCryptoKWAesCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize), -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecMSCryptoKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->pubPrivKey != 0, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&ctx->keyBuffer) == ctx->keySize, -1);
- /* Import this key and get an HCRYPTKEY handle, we do it again and again
+ keyData = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keySize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keyData != NULL, -1);
+ xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(keySize == ctx->parentCtx.keyExpectedSize, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(keySize, dwKeySize, goto done, NULL);
+
+ /* Import this key and get an HCRYPTKEY handle, we do it again and again
to ensure we don't go into CBC mode */
if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->cryptProvider,
ctx->pubPrivKey,
ctx->algorithmIdentifier,
- xmlSecBufferGetData(&ctx->keyBuffer),
- xmlSecBufferGetSize(&ctx->keyBuffer),
+ keyData,
+ dwKeySize,
TRUE,
&cryptKey)) {
xmlSecInternalError("xmlSecMSCryptoImportPlainSessionBlob", NULL);
- return(-1);
+ goto done;
}
xmlSecAssert2(cryptKey != 0, -1);
if(out != in) {
memcpy(out, in, inSize);
}
- dwCLen = inSize;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwCLen, goto done, NULL);
if(!CryptDecrypt(cryptKey, 0, FALSE, 0, out, &dwCLen)) {
xmlSecMSCryptoError("CryptDecrypt", NULL);
- CryptDestroyKey(cryptKey);
- return(-1);
+ goto done;
}
+ /* success */
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwCLen, (*outWritten), goto done, NULL);
+ res = 0;
+
+done:
/* cleanup */
- CryptDestroyKey(cryptKey);
- return(dwCLen);
+ if (cryptKey != 0) {
+ CryptDestroyKey(cryptKey);
+ }
+ return(res);
}
/*********************************************************************
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_des
#include <wincrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
#include <xmlsec/mscrypto/crypto.h>
-#include "../kw_aes_des.h"
#include "private.h"
+#include "../kw_aes_des.h"
+#include "../cast_helpers.h"
/*********************************************************************
*
* DES KW implementation
*
*********************************************************************/
-static int xmlSecMSCryptoKWDes3GenerateRandom (void * context,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecMSCryptoKWDes3Sha1 (void * context,
- const xmlSecByte * in,
- xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecMSCryptoKWDes3BlockEncrypt (void * context,
- const xmlSecByte * iv,
+static int xmlSecMSCryptoKWDes3GenerateRandom (xmlSecTransformPtr transform,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecMSCryptoKWDes3Sha1 (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
+ xmlSecSize inSize,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecMSCryptoKWDes3BlockEncrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * iv,
xmlSecSize ivSize,
- const xmlSecByte * in,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecMSCryptoKWDes3BlockDecrypt (void * context,
- const xmlSecByte * iv,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecMSCryptoKWDes3BlockDecrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * iv,
xmlSecSize ivSize,
- const xmlSecByte * in,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
static xmlSecKWDes3Klass xmlSecMSCryptoKWDes3ImplKlass = {
/* callbacks */
/* for the future */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
-};
+};
/*********************************************************************
*
- * Triple DES Key Wrap transform
- *
- * key (xmlSecBuffer) is located after xmlSecTransform structure
+ * Triple DES Key Wrap transform context
*
********************************************************************/
typedef struct _xmlSecMSCryptoKWDes3Ctx xmlSecMSCryptoKWDes3Ctx,
*xmlSecMSCryptoKWDes3CtxPtr;
struct _xmlSecMSCryptoKWDes3Ctx {
+ xmlSecTransformKWDes3Ctx parentCtx;
+
ALG_ID desAlgorithmIdentifier;
const xmlSecMSCryptoProviderInfo * desProviders;
ALG_ID sha1AlgorithmIdentifier;
const xmlSecMSCryptoProviderInfo * sha1Providers;
- xmlSecKeyDataId keyId;
- xmlSecSize keySize;
HCRYPTPROV desCryptProvider;
HCRYPTPROV sha1CryptProvider;
HCRYPTKEY pubPrivKey;
- xmlSecBuffer keyBuffer;
};
-#define xmlSecMSCryptoKWDes3Size \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoKWDes3Ctx))
-#define xmlSecMSCryptoKWDes3GetCtx(transform) \
- ((xmlSecMSCryptoKWDes3CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+/*********************************************************************
+ *
+ * Triple DES Key Wrap transform
+ *
+ ********************************************************************/
+XMLSEC_TRANSFORM_DECLARE(MSCryptoKWDes3, xmlSecMSCryptoKWDes3Ctx)
+#define xmlSecMSCryptoKWDes3Size XMLSEC_TRANSFORM_SIZE(MSCryptoKWDes3)
static int xmlSecMSCryptoKWDes3Initialize (xmlSecTransformPtr transform);
static void xmlSecMSCryptoKWDes3Finalize (xmlSecTransformPtr transform);
ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
-
memset(ctx, 0, sizeof(xmlSecMSCryptoKWDes3Ctx));
- if(transform->id == xmlSecMSCryptoTransformKWDes3Id) {
- ctx->desAlgorithmIdentifier = CALG_3DES;
- ctx->desProviders = xmlSecMSCryptoProviderInfo_Des;
- ctx->sha1AlgorithmIdentifier = CALG_SHA1;
- ctx->sha1Providers = xmlSecMSCryptoProviderInfo_Sha1;
- ctx->keyId = xmlSecMSCryptoKeyDataDesId;
- ctx->keySize = XMLSEC_KW_DES3_KEY_LENGTH;
- } else {
- xmlSecInvalidTransfromError(transform)
+ ret = xmlSecTransformKWDes3Initialize(transform, &(ctx->parentCtx), &xmlSecMSCryptoKWDes3ImplKlass,
+ xmlSecMSCryptoKeyDataDesId);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3Initialize", xmlSecTransformGetName(transform));
return(-1);
}
- ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform));
- return(-1);
- }
+ ctx->desAlgorithmIdentifier = CALG_3DES;
+ ctx->desProviders = xmlSecMSCryptoProviderInfo_Des;
+ ctx->sha1AlgorithmIdentifier = CALG_SHA1;
+ ctx->sha1Providers = xmlSecMSCryptoProviderInfo_Sha1;
/* find providers */
ctx->desCryptProvider = xmlSecMSCryptoFindProvider(ctx->desProviders, NULL, CRYPT_VERIFYCONTEXT, TRUE);
if(ctx->desCryptProvider == 0) {
xmlSecInternalError("xmlSecMSCryptoFindProvider(des)",
xmlSecTransformGetName(transform));
+ xmlSecMSCryptoKWDes3Finalize(transform);
return(-1);
}
if(ctx->sha1CryptProvider == 0) {
xmlSecInternalError("xmlSecMSCryptoFindProvider(sha1)",
xmlSecTransformGetName(transform));
+ xmlSecMSCryptoKWDes3Finalize(transform);
return(-1);
}
if (!xmlSecMSCryptoCreatePrivateExponentOneKey(ctx->desCryptProvider, &(ctx->pubPrivKey))) {
xmlSecMSCryptoError("xmlSecMSCryptoCreatePrivateExponentOneKey",
xmlSecTransformGetName(transform));
+ xmlSecMSCryptoKWDes3Finalize(transform);
return(-1);
}
if (ctx->sha1CryptProvider) {
CryptReleaseContext(ctx->sha1CryptProvider, 0);
}
-
- xmlSecBufferFinalize(&ctx->keyBuffer);
+ xmlSecTransformKWDes3Finalize(transform, &(ctx->parentCtx));
memset(ctx, 0, sizeof(xmlSecMSCryptoKWDes3Ctx));
}
static int
xmlSecMSCryptoKWDes3SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecMSCryptoKWDes3CtxPtr ctx;
+ int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
- xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keyReq->keyId = xmlSecMSCryptoKeyDataDesId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage= xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage= xmlSecKeyUsageDecrypt;
+ ret = xmlSecTransformKWDes3SetKeyReq(transform, &(ctx->parentCtx), keyReq);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3SetKeyReq", xmlSecTransformGetName(transform));
+ return(-1);
}
- keyReq->keyBitsSize = 8 * XMLSEC_KW_DES3_KEY_LENGTH;
return(0);
}
static int
xmlSecMSCryptoKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecMSCryptoKWDes3CtxPtr ctx;
- xmlSecBufferPtr buffer;
- xmlSecSize keySize;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataDesId), -1);
ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
- xmlSecAssert2(buffer != NULL, -1);
-
- keySize = xmlSecBufferGetSize(buffer);
- if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) {
- xmlSecInvalidKeyDataSizeError(keySize, XMLSEC_KW_DES3_KEY_LENGTH,
- xmlSecTransformGetName(transform));
+ ret = xmlSecTransformKWDes3SetKey(transform, &(ctx->parentCtx), key);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3SetKey", xmlSecTransformGetName(transform));
return(-1);
}
-
- ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "size=%d", XMLSEC_KW_DES3_KEY_LENGTH);
- return(-1);
- }
-
return(0);
}
static int
-xmlSecMSCryptoKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecMSCryptoKWDes3Execute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecMSCryptoKWDes3CtxPtr ctx;
- xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize, keySize;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
- xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
-
- in = &(transform->inBuf);
- out = &(transform->outBuf);
- inSize = xmlSecBufferGetSize(in);
- outSize = xmlSecBufferGetSize(out);
- xmlSecAssert2(outSize == 0, -1);
-
- if(transform->status == xmlSecTransformStatusNone) {
- transform->status = xmlSecTransformStatusWorking;
- }
-
- if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
- /* just do nothing */
- } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
- xmlSecInvalidSizeNotMultipleOfError("Input data",
- inSize, XMLSEC_KW_DES3_BLOCK_LENGTH,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* the encoded key might be 16 bytes longer plus one block just in case */
- outSize = inSize + XMLSEC_KW_DES3_IV_LENGTH +
- XMLSEC_KW_DES3_BLOCK_LENGTH +
- XMLSEC_KW_DES3_BLOCK_LENGTH;
- } else {
- /* just in case, add a block */
- outSize = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH;
- }
-
- ret = xmlSecBufferSetMaxSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- ret = xmlSecKWDes3Encode(&xmlSecMSCryptoKWDes3ImplKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError4("xmlSecKWDes3Encode", xmlSecTransformGetName(transform),
- "key=%d,in=%d,out=%d",
- keySize, inSize, outSize);
- return(-1);
- }
- outSize = ret;
- } else {
- ret = xmlSecKWDes3Decode(&xmlSecMSCryptoKWDes3ImplKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError4("xmlSecKWDes3Decode", xmlSecTransformGetName(transform),
- "key=%d,in=%d,out=%d",
- keySize, inSize, outSize);
- return(-1);
- }
- outSize = ret;
- }
-
- ret = xmlSecBufferSetSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
- return(-1);
- }
-
- transform->status = xmlSecTransformStatusFinished;
- } else if(transform->status == xmlSecTransformStatusFinished) {
- /* the only way we can get here is if there is no input */
- xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
- } else {
- xmlSecInvalidTransfromStatusError(transform);
+ ret = xmlSecTransformKWDes3Execute(transform, &(ctx->parentCtx), last);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3Execute", xmlSecTransformGetName(transform));
return(-1);
}
return(0);
*
*********************************************************************/
static int
-xmlSecMSCryptoKWDes3Sha1(void * context,
- const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecMSCryptoKWDes3CtxPtr ctx = (xmlSecMSCryptoKWDes3CtxPtr)context;
+xmlSecMSCryptoKWDes3Sha1(xmlSecTransformPtr transform,
+ const xmlSecByte * in, xmlSecSize inSize,
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize* outWritten) {
+ xmlSecMSCryptoKWDes3CtxPtr ctx;
HCRYPTHASH mscHash = 0;
- DWORD retLen;
+ DWORD dwInSize, dwOutSize;
int ret;
+ int res = -1;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->sha1CryptProvider != 0, -1);
- xmlSecAssert2(ctx->sha1AlgorithmIdentifier != 0, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize > 0, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->sha1CryptProvider != 0, -1);
+ xmlSecAssert2(ctx->sha1AlgorithmIdentifier != 0, -1);
/* create */
ret = CryptCreateHash(ctx->sha1CryptProvider,
&mscHash);
if((ret == 0) || (mscHash == 0)) {
xmlSecMSCryptoError("CryptCreateHash", NULL);
- return(-1);
+ goto done;
}
/* hash */
- ret = CryptHashData(mscHash,
- in,
- inSize,
- 0);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, goto done, NULL);
+ ret = CryptHashData(mscHash, in, dwInSize, 0);
if(ret == 0) {
- xmlSecMSCryptoError2("CryptHashData", NULL,
- "size=%d", inSize);
- CryptDestroyHash(mscHash);
- return(-1);
+ xmlSecMSCryptoError2("CryptHashData", NULL, "size=" XMLSEC_SIZE_FMT, inSize);
+ goto done;
}
/* get results */
- retLen = outSize;
- ret = CryptGetHashParam(mscHash,
- HP_HASHVAL,
- out,
- &retLen,
- 0);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(outSize, dwOutSize, goto done, NULL);
+ ret = CryptGetHashParam(mscHash, HP_HASHVAL, out, &dwOutSize, 0);
if (ret == 0) {
- xmlSecMSCryptoError2("CryptGetHashParam(HP_HASHVAL)", NULL,
- "size=%d", outSize);
- CryptDestroyHash(mscHash);
- return(-1);
+ xmlSecMSCryptoError2("CryptGetHashParam(HP_HASHVAL)", NULL, "size=" XMLSEC_SIZE_FMT, outSize);
+ goto done;
}
- /* done */
- CryptDestroyHash(mscHash);
- return(retLen);
+ /* success */
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwOutSize, (*outWritten), goto done, NULL);
+ res = 0;
+
+done:
+ /* cleanup */
+ if (mscHash != 0) {
+ CryptDestroyHash(mscHash);
+ }
+ return(res);
}
static int
-xmlSecMSCryptoKWDes3GenerateRandom(void * context,
- xmlSecByte * out, xmlSecSize outSize)
+xmlSecMSCryptoKWDes3GenerateRandom(xmlSecTransformPtr transform, xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize* outWritten)
{
- xmlSecMSCryptoKWDes3CtxPtr ctx = (xmlSecMSCryptoKWDes3CtxPtr)context;
+ xmlSecMSCryptoKWDes3CtxPtr ctx;
+ DWORD dwOutSize;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->desCryptProvider != 0, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize > 0, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
- if(!CryptGenRandom(ctx->desCryptProvider, outSize, out)) {
- xmlSecMSCryptoError2("CryptGenRandom", NULL,
- "len=%d", outSize);
+ ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->desCryptProvider != 0, -1);
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(outSize, dwOutSize, return(-1), NULL);
+ if(!CryptGenRandom(ctx->desCryptProvider, dwOutSize, out)) {
+ xmlSecMSCryptoError2("CryptGenRandom", NULL, "len=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
+ (*outWritten) = outSize;
+ return(0);
- return((int)outSize);
}
static int
-xmlSecMSCryptoKWDes3BlockEncrypt(void * context,
- const xmlSecByte * iv, xmlSecSize ivSize,
- const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecMSCryptoKWDes3CtxPtr ctx = (xmlSecMSCryptoKWDes3CtxPtr)context;
- DWORD dwBlockLen, dwBlockLenLen, dwCLen;
+xmlSecMSCryptoKWDes3BlockEncrypt(xmlSecTransformPtr transform,
+ const xmlSecByte * iv, xmlSecSize ivSize,
+ const xmlSecByte * in, xmlSecSize inSize,
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize* outWritten) {
+ xmlSecMSCryptoKWDes3CtxPtr ctx;
+ xmlSecByte* keyBuf;
+ xmlSecSize keyBufSize, blockSizeInBits;
+ DWORD dwKeyBufSize, dwBlockLen, dwBlockLenLen, dwCLen, dwOutSize;
HCRYPTKEY cryptKey = 0;
+ int res = -1;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
xmlSecAssert2(iv != NULL, -1);
xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
- /* Import this key and get an HCRYPTKEY handle, we do it again and again
+ keyBuf = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keyBufSize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keyBuf != NULL, -1);
+ xmlSecAssert2(keyBufSize >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(keyBufSize, dwKeyBufSize, goto done, NULL);
+
+ /* Import this key and get an HCRYPTKEY handle, we do it again and again
to ensure we don't go into CBC mode */
if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->desCryptProvider,
ctx->pubPrivKey,
ctx->desAlgorithmIdentifier,
- xmlSecBufferGetData(&ctx->keyBuffer),
- xmlSecBufferGetSize(&ctx->keyBuffer),
+ keyBuf,
+ dwKeyBufSize,
TRUE,
&cryptKey)) {
xmlSecInternalError("xmlSecMSCryptoImportPlainSessionBlob", NULL);
- return(-1);
+ goto done;
}
xmlSecAssert2(cryptKey != 0, -1);
/* iv len == block len */
- dwBlockLenLen = sizeof(DWORD);
+ dwBlockLenLen = sizeof(dwBlockLen);
if (!CryptGetKeyParam(cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwBlockLenLen, 0)) {
xmlSecMSCryptoError("CryptGetKeyParam", NULL);
- CryptDestroyKey(cryptKey);
- return(-1);
+ goto done;
}
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwBlockLen, blockSizeInBits, goto done, NULL);
/* set IV */
- if(ivSize < dwBlockLen / 8) {
- xmlSecInvalidSizeLessThanError("ivSize", ivSize, dwBlockLen / 8, NULL);
- CryptDestroyKey(cryptKey);
- return(-1);
+ if(ivSize < blockSizeInBits / 8) {
+ xmlSecInvalidSizeLessThanError("ivSize", ivSize, blockSizeInBits / 8, NULL);
+ goto done;
}
if(!CryptSetKeyParam(cryptKey, KP_IV, iv, 0)) {
xmlSecMSCryptoError("CryptSetKeyParam", NULL);
- CryptDestroyKey(cryptKey);
- return(-1);
+ goto done;
}
/* Set process last block to false, since we handle padding ourselves, and MSCrypto padding
if(out != in) {
memcpy(out, in, inSize);
}
- dwCLen = inSize;
- if(!CryptEncrypt(cryptKey, 0, FALSE, 0, out, &dwCLen, outSize)) {
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwCLen, goto done, NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(outSize, dwOutSize, goto done, NULL);
+ if(!CryptEncrypt(cryptKey, 0, FALSE, 0, out, &dwCLen, dwOutSize)) {
xmlSecMSCryptoError("CryptEncrypt", NULL);
- CryptDestroyKey(cryptKey);
- return(-1);
+ goto done;
}
+ /* success */
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwCLen, (*outWritten), goto done, NULL);
+ res = 0;
+
/* cleanup */
- CryptDestroyKey(cryptKey);
- return(dwCLen);
+done:
+ if (cryptKey != 0) {
+ CryptDestroyKey(cryptKey);
+ }
+ return(res);
}
static int
-xmlSecMSCryptoKWDes3BlockDecrypt(void * context,
+xmlSecMSCryptoKWDes3BlockDecrypt(xmlSecTransformPtr transform,
const xmlSecByte * iv, xmlSecSize ivSize,
const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecMSCryptoKWDes3CtxPtr ctx = (xmlSecMSCryptoKWDes3CtxPtr)context;
- DWORD dwBlockLen, dwBlockLenLen, dwCLen;
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize* outWritten) {
+ xmlSecMSCryptoKWDes3CtxPtr ctx;
+ xmlSecByte* keyBuf;
+ xmlSecSize keyBufSize, blockSizeInBits;
+ DWORD dwKeyBufSize, dwBlockLen, dwBlockLenLen, dwCLen;
HCRYPTKEY cryptKey = 0;
+ int res = -1;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
xmlSecAssert2(iv != NULL, -1);
xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
- /* Import this key and get an HCRYPTKEY handle, we do it again and again
+ ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ keyBuf = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keyBufSize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keyBuf != NULL, -1);
+ xmlSecAssert2(keyBufSize >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(keyBufSize, dwKeyBufSize, goto done, NULL);
+
+ /* Import this key and get an HCRYPTKEY handle, we do it again and again
to ensure we don't go into CBC mode */
if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->desCryptProvider,
ctx->pubPrivKey,
ctx->desAlgorithmIdentifier,
- xmlSecBufferGetData(&ctx->keyBuffer),
- xmlSecBufferGetSize(&ctx->keyBuffer),
+ keyBuf,
+ dwKeyBufSize,
TRUE,
&cryptKey)) {
- xmlSecInternalError("xmlSecMSCryptoImportPlainSessionBlob", NULL);
- return(-1);
+ goto done;
}
xmlSecAssert2(cryptKey != 0, -1);
/* iv len == block len */
- dwBlockLenLen = sizeof(DWORD);
+ dwBlockLenLen = sizeof(dwBlockLen);
if (!CryptGetKeyParam(cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwBlockLenLen, 0)) {
xmlSecMSCryptoError("CryptGetKeyParam", NULL);
- CryptDestroyKey(cryptKey);
- return(-1);
+ goto done;
}
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwBlockLen, blockSizeInBits, goto done, NULL);
/* set IV */
- if(ivSize < dwBlockLen / 8) {
- xmlSecInvalidSizeLessThanError("ivSize", ivSize, dwBlockLen / 8, NULL);
- CryptDestroyKey(cryptKey);
- return(-1);
+ if(ivSize < blockSizeInBits / 8) {
+ xmlSecInvalidSizeLessThanError("ivSize", ivSize, blockSizeInBits / 8, NULL);
+ goto done;
}
if(!CryptSetKeyParam(cryptKey, KP_IV, iv, 0)) {
xmlSecMSCryptoError("CryptSetKeyParam", NULL);
- CryptDestroyKey(cryptKey);
- return(-1);
+ goto done;
}
/* Set process last block to false, since we handle padding ourselves, and MSCrypto padding
if(out != in) {
memcpy(out, in, inSize);
}
- dwCLen = inSize;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwCLen, goto done, NULL);
if(!CryptDecrypt(cryptKey, 0, FALSE, 0, out, &dwCLen)) {
xmlSecMSCryptoError("CryptEncrypt", NULL);
- CryptDestroyKey(cryptKey);
- return(-1);
+ goto done;
}
+ /* success */
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwCLen, (*outWritten), goto done, NULL);
+ res = 0;
+
+done:
/* cleanup */
- CryptDestroyKey(cryptKey);
- return(dwCLen);
+ if (cryptKey != 0) {
+ CryptDestroyKey(cryptKey);
+ }
+ return(res);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_MSCRYPTO_PRIVATE_H__
#define __XMLSEC_MSCRYPTO_PRIVATE_H__
* Utils
*
********************************************************************/
-int ConvertEndian (const xmlSecByte * src,
- xmlSecByte * dst,
+int ConvertEndian (const xmlSecByte * src,
+ xmlSecByte * dst,
xmlSecSize size);
-int ConvertEndianInPlace (xmlSecByte * buf,
+int ConvertEndianInPlace (xmlSecByte * buf,
xmlSecSize size);
/********************************************************************
BOOL xmlSecMSCryptoImportPlainSessionBlob (HCRYPTPROV hProv,
HCRYPTKEY hPrivateKey,
- ALG_ID dwAlgId,
+ ALG_ID algId,
LPBYTE pbKeyMaterial,
DWORD dwKeyMaterial,
BOOL bCheckKeyLength,
xmlChar *issuerSerial,
xmlChar *ski,
xmlSecKeyInfoCtx* keyInfoCtx);
+PCCERT_CONTEXT xmlSecMSCryptoX509StoreFindCert_ex (xmlSecKeyDataStorePtr store,
+ xmlChar* subjectName,
+ xmlChar* issuerName,
+ xmlChar* issuerSerial,
+ xmlSecByte* ski,
+ xmlSecSize skiSize,
+ xmlSecKeyInfoCtx* keyInfoCtx);
xmlChar * xmlSecMSCryptoX509GetNameString (PCCERT_CONTEXT pCertContext,
DWORD dwType,
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 200
3-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 200
2-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
*/
/**
#include <xmlsec/mscrypto/symbols.h>
#include <xmlsec/mscrypto/certkeys.h>
#include <xmlsec/mscrypto/x509.h>
+
#include "private.h"
+#include "../cast_helpers.h"
/**************************************************************************
*
* Signature transforms
*
- * xmlSecMSCryptoSignatureCtx is located after xmlSecTransform
- *
*****************************************************************************/
-#define xmlSecMSCryptoSignatureSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoSignatureCtx))
-#define xmlSecMSCryptoSignatureGetCtx(transform) \
- ((xmlSecMSCryptoSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(MSCryptoSignature, xmlSecMSCryptoSignatureCtx)
+#define xmlSecMSCryptoSignatureSize XMLSEC_TRANSFORM_SIZE(MSCryptoSignature)
static int xmlSecMSCryptoSignatureCheckId (xmlSecTransformPtr transform);
static int xmlSecMSCryptoSignatureInitialize (xmlSecTransformPtr transform);
xmlSecTransformCtxPtr transformCtx) {
xmlSecMSCryptoSignatureCtxPtr ctx;
xmlSecBuffer tmp;
+ int tmp_buf_initialized = 0;
xmlSecByte *tmpBuf;
HCRYPTKEY hKey;
+ DWORD dwDataSize;
DWORD dwError;
int ret;
+ int res = -1;
xmlSecAssert2(xmlSecMSCryptoSignatureCheckId(transform), -1);
xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
ret = xmlSecBufferInitialize(&tmp, dataSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform),
- "dataSize=%d", dataSize);
- return(-1);
+ xmlSecInternalError2("xmlSecBufferInitialize", xmlSecTransformGetName(transform),
+ "dataSize=" XMLSEC_SIZE_FMT, dataSize);
+ goto done;
}
+ tmp_buf_initialized = 1;
tmpBuf = xmlSecBufferGetData(&tmp);
xmlSecAssert2(tmpBuf != NULL, -1);
{
xmlSecInvalidTypeError("Invalid signature algorithm", xmlSecTransformGetName(transform));
- xmlSecBufferFinalize(&tmp);
- return(-1);
+ goto done;
}
hKey = xmlSecMSCryptoKeyDataGetKey(ctx->data, xmlSecKeyDataTypePublic);
if (hKey == 0) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataGetKey",
- xmlSecTransformGetName(transform));
- xmlSecBufferFinalize(&tmp);
- return(-1);
+ xmlSecInternalError("xmlSecMSCryptoKeyDataGetKey", xmlSecTransformGetName(transform));
+ goto done;
}
- if (!CryptVerifySignature(ctx->mscHash,
- tmpBuf,
- dataSize,
- hKey,
- NULL,
- 0)) {
+
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize, dwDataSize, goto done, xmlSecTransformGetName(transform));
+ if (!CryptVerifySignature(ctx->mscHash, tmpBuf, dwDataSize, hKey, NULL, 0)) {
dwError = GetLastError();
- if (NTE_BAD_SIGNATURE == dwError) {
- xmlSecOtherError(XMLSEC_ERRORS_R_DATA_NOT_MATCH,
- xmlSecTransformGetName(transform),
- "CryptVerifySignature: signature does not verify");
+ if (NTE_BAD_SIGNATURE == HRESULT_FROM_WIN32(dwError)) {
+ xmlSecOtherError(XMLSEC_ERRORS_R_DATA_NOT_MATCH, xmlSecTransformGetName(transform),
+ "CryptVerifySignature: signature verification failed");
transform->status = xmlSecTransformStatusFail;
- xmlSecBufferFinalize(&tmp);
- return(0);
+ goto done;
} else {
- xmlSecMSCryptoError("CryptVerifySignature",
- xmlSecTransformGetName(transform));
- xmlSecBufferFinalize(&tmp);
- return (-1);
+ xmlSecMSCryptoError("CryptVerifySignature", xmlSecTransformGetName(transform));
+ goto done;
}
}
- xmlSecBufferFinalize(&tmp);
+
+ /* success */
transform->status = xmlSecTransformStatusOk;
- return(0);
+ res = 0;
+
+done:
+ /* cleanup */
+ if (tmp_buf_initialized != 0) {
+ xmlSecBufferFinalize(&tmp);
+ }
+ return(res);
}
}
if((transform->status == xmlSecTransformStatusWorking) && (inSize > 0)) {
+ DWORD dwInSize;
+
xmlSecAssert2(outSize == 0, -1);
- if (!CryptHashData(ctx->mscHash, xmlSecBufferGetData(in), inSize, 0)) {
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(inSize, dwInSize, return(-1), NULL);
+ if (!CryptHashData(ctx->mscHash, xmlSecBufferGetData(in), dwInSize, 0)) {
xmlSecMSCryptoError("CryptHashData", NULL);
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform));
return(-1);
}
}
xmlSecMSCryptoError("CryptSignHash", NULL);
return(-1);
}
- outSize = (xmlSecSize)dwSigLen;
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwSigLen, outSize, return(-1), NULL);
ret = xmlSecBufferInitialize(&tmp, outSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize",
xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
tmpBuf = xmlSecBufferGetData(&tmp);
xmlSecBufferFinalize(&tmp);
return(-1);
}
- outSize = (xmlSecSize)dwSigLen;
+ XMLSEC_SAFE_CAST_ULONG_TO_SIZE(dwSigLen, outSize, return(-1), NULL);
ret = xmlSecBufferSetSize(out, outSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ xmlSecInternalError2("xmlSecBufferSetSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
xmlSecBufferFinalize(&tmp);
return(-1);
}
#include <wincrypt.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
#include <xmlsec/mscrypto/crypto.h>
+
#include "private.h"
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
/*****************************************************************************
*
#ifndef XMLSEC_NO_DES
if(klass == xmlSecMSCryptoKeyDataDesId) {
return(1);
- } else
+ } else
#endif /* XMLSEC_NO_DES */
#ifndef XMLSEC_NO_AES
/* Get the bit length of the key */
if(keyBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY)) {
xmlSecMSCryptoError2("CryptExportKey", NULL,
- "len=%ld",
- (long int)keyBlobLen);
+ "len=%lu", keyBlobLen);
goto done;
}
pubKeyStruc = (PUBLICKEYSTRUC*)keyBlob;
if(pubKeyStruc->bVersion != 0x02) {
xmlSecMSCryptoError2("CryptExportKey", NULL,
- "pubKeyStruc->bVersion=%ld",
- (long int)pubKeyStruc->bVersion);
+ "pubKeyStruc->bVersion=%d", (int)(pubKeyStruc->bVersion));
goto done;
}
if(pubKeyStruc->bType != PRIVATEKEYBLOB) {
xmlSecMSCryptoError2("CryptExportKey", NULL,
- "pubKeyStruc->bType=%ld",
- (long int)pubKeyStruc->bType);
+ "pubKeyStruc->bType=%d", (int)(pubKeyStruc->bType));
goto done;
}
/* check that we have RSA private key */
if(rsaPubKey->magic != 0x32415352) {
xmlSecMSCryptoError2("CryptExportKey", NULL,
- "rsaPubKey->magic=0x%08lx",
- (long int)rsaPubKey->magic);
+ "rsaPubKey->magic=0x%08lx", rsaPubKey->magic);
goto done;
}
bitLen = rsaPubKey->bitlen;
* BYTE privateExponent[rsapubkey.bitlen/8]; 1/8
*/
if(keyBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + bitLen / 2 + bitLen / 16) {
- xmlSecMSCryptoError2("CryptExportKey", NULL,
- "keBlobLen=%ld", keyBlobLen);
+ xmlSecMSCryptoError2("CryptExportKey", NULL, "keBlobLen=%lu", keyBlobLen);
goto done;
}
ptr = (BYTE*)(keyBlob + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY));
BOOL
xmlSecMSCryptoImportPlainSessionBlob(HCRYPTPROV hProv, HCRYPTKEY hPrivateKey,
- ALG_ID dwAlgId, LPBYTE pbKeyMaterial,
+ ALG_ID algId, LPBYTE pbKeyMaterial,
DWORD dwKeyMaterial, BOOL bCheckKeyLength,
HCRYPTKEY *hSessionKey) {
ALG_ID dwPrivKeyAlg;
LPBYTE keyBlob = NULL;
DWORD keyBlobLen, rndBlobSize, dwSize, n;
PUBLICKEYSTRUC* pubKeyStruc;
- ALG_ID* algId;
+ ALG_ID* pAlgId;
DWORD dwPublicKeySize;
DWORD dwProvSessionKeySize = 0;
LPBYTE pbPtr;
dwFlags = CRYPT_FIRST;
dwSize = sizeof(ProvEnum);
while(CryptGetProvParam(hProv, PP_ENUMALGS_EX, (LPBYTE)&ProvEnum, &dwSize, dwFlags)) {
- if (ProvEnum.aiAlgid == dwAlgId) {
+ if (ProvEnum.aiAlgid == algId) {
fFound = TRUE;
break;
}
dwFlags = 0;
}
if(!fFound) {
- xmlSecMSCryptoError2("CryptGetProvParam", NULL,
- "algId=%ld is not supported",
- (long int)dwAlgId);
+ xmlSecMSCryptoError2("CryptGetProvParam", NULL, "algId=%u is not supported", algId);
goto done;
}
/* We have to get the key size(including padding) from an HCRYPTKEY handle.
* PP_ENUMALGS_EX contains the key size without the padding so we can't use it.
*/
- if(!CryptGenKey(hProv, dwAlgId, 0, &hTempKey)) {
- xmlSecMSCryptoError2("CryptGenKey", NULL,
- "algId=%ld",
- (long int)dwAlgId);
+ if(!CryptGenKey(hProv, algId, 0, &hTempKey)) {
+ xmlSecMSCryptoError2("CryptGenKey", NULL, "algId=%u", algId);
goto done;
}
- dwSize = sizeof(DWORD);
+ dwSize = sizeof(dwProvSessionKeySize);
if(!CryptGetKeyParam(hTempKey, KP_KEYLEN, (LPBYTE)&dwProvSessionKeySize, &dwSize, 0)) {
- xmlSecMSCryptoError2("CryptGetKeyParam(KP_KEYLEN)", NULL,
- "algId=%ld", (long int)dwAlgId);
+ xmlSecMSCryptoError2("CryptGetKeyParam(KP_KEYLEN)", NULL, "algId=%u", algId);
goto done;
}
CryptDestroyKey(hTempKey);
hTempKey = 0;
/* yell if key is too big */
- if ((dwKeyMaterial * 8) > dwProvSessionKeySize) {
- xmlSecInvalidSizeMoreThanError("Key value (bits)",
- (dwKeyMaterial * 8), dwProvSessionKeySize,
- NULL);
+ if ((8 * dwKeyMaterial) > dwProvSessionKeySize) {
+ xmlSecMSCryptoError3("CryptGetKeyParam(KP_KEYLEN)", NULL,
+ "8*dwKeyMaterial=%lu; dwProvSessionKeySize=%lu", (8 * dwKeyMaterial), dwProvSessionKeySize);
goto done;
}
} else {
/* Get private key's algorithm */
dwSize = sizeof(ALG_ID);
if(!CryptGetKeyParam(hPrivateKey, KP_ALGID, (LPBYTE)&dwPrivKeyAlg, &dwSize, 0)) {
- xmlSecMSCryptoError2("CryptGetKeyParam(KP_ALGID)", NULL,
- "algId=%ld",
- (long int)dwAlgId);
+ xmlSecMSCryptoError2("CryptGetKeyParam(KP_ALGID)", NULL, "algId=%u", algId);
goto done;
}
/* Get private key's length in bits */
- dwSize = sizeof(DWORD);
+ dwSize = sizeof(dwPublicKeySize);
if(!CryptGetKeyParam(hPrivateKey, KP_KEYLEN, (LPBYTE)&dwPublicKeySize, &dwSize, 0)) {
- xmlSecMSCryptoError2("CryptGetKeyParam(KP_KEYLEN)", NULL,
- "algId=%ld",
- (long int)dwAlgId);
+ xmlSecMSCryptoError2("CryptGetKeyParam(KP_KEYLEN)", NULL, "algId=%u", algId);
goto done;
}
/* 3 is for the first reserved byte after the key material and the 2 reserved bytes at the end. */
if(dwPublicKeySize / 8 < dwKeyMaterial + 3) {
- xmlSecInvalidSizeLessThanError("Key value", dwPublicKeySize / 8, dwKeyMaterial + 3, NULL);
+ xmlSecMSCryptoError3("CryptGetKeyParam(KP_KEYLEN)", NULL,
+ "dwKeyMaterial+3=%lu; dwProvSessionKeySize/8=%lu", (dwKeyMaterial + 3), (dwPublicKeySize / 3));
goto done;
}
rndBlobSize = dwPublicKeySize / 8 - (dwKeyMaterial + 3);
pubKeyStruc->bType = SIMPLEBLOB;
pubKeyStruc->bVersion = 0x02;
pubKeyStruc->reserved = 0;
- pubKeyStruc->aiKeyAlg = dwAlgId;
+ pubKeyStruc->aiKeyAlg = algId;
/* Copy private key algorithm to buffer */
- algId = (ALG_ID*)(keyBlob + sizeof(PUBLICKEYSTRUC));
- (*algId) = dwPrivKeyAlg;
+ pAlgId = (ALG_ID*)(keyBlob + sizeof(PUBLICKEYSTRUC));
+ (*pAlgId) = dwPrivKeyAlg;
/* Place the key material in reverse order */
pbPtr = (BYTE*)(keyBlob + sizeof(PUBLICKEYSTRUC) + sizeof(ALG_ID));
/* Generate random data for the rest of the buffer */
if((rndBlobSize > 0) && !CryptGenRandom(hProv, rndBlobSize, pbPtr)) {
- xmlSecMSCryptoError2("CryptGenRandom", NULL,
- "rndBlobSize=%ld",
- (long int)rndBlobSize);
+ xmlSecMSCryptoError2("CryptGenRandom", NULL, "rndBlobSize=%lu", rndBlobSize);
goto done;
}
/* aleksey: why are we doing this? */
keyBlob[keyBlobLen - 2] = 2;
if(!CryptImportKey(hProv, keyBlob , keyBlobLen, hPrivateKey, CRYPT_EXPORTABLE, hSessionKey)) {
- xmlSecMSCryptoError2("CryptImportKey", NULL,
- "algId=%ld",
- (long int)dwAlgId);
+ xmlSecMSCryptoError2("CryptImportKey", NULL, "algId=%u", algId);
goto done;
}
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 200
3-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 200
2-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:x509
- * @Short_description: X509 certificates implementation for Microsoft Crypto API.
+ * @Short_description: X509 certificates implementation for Microsoft Crypto API.
* @Stability: Stable
*
*/
#include <windows.h>
#include <wincrypt.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/base64.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/keysmngr.h>
#include <xmlsec/x509.h>
-#include <xmlsec/base64.h>
#include <xmlsec/bn.h>
#include <xmlsec/errors.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/mscrypto/crypto.h>
#include <xmlsec/mscrypto/x509.h>
#include <xmlsec/mscrypto/certkeys.h>
#include "private.h"
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
/*************************************************************************
*
* X509 utility functions
*
************************************************************************/
-static int xmlSecMSCryptoX509DataNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoX509CertificateNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoX509CertificateNodeWrite (PCCERT_CONTEXT cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoX509SubjectNameNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoX509SubjectNameNodeWrite (PCCERT_CONTEXT cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoX509IssuerSerialNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoX509IssuerSerialNodeWrite (PCCERT_CONTEXT cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoX509SKINodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoX509SKINodeWrite (PCCERT_CONTEXT cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoX509CRLNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecMSCryptoX509CRLNodeWrite (PCCRL_CONTEXT crl,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
static int xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
xmlSecKeyPtr key,
xmlSecKeyInfoCtxPtr keyInfoCtx);
static PCCERT_CONTEXT xmlSecMSCryptoX509CertDerRead (const xmlSecByte* buf,
xmlSecSize size);
-static PCCERT_CONTEXT xmlSecMSCryptoX509CertBase64DerRead (xmlChar* buf);
-static xmlChar* xmlSecMSCryptoX509CertBase64DerWrite (PCCERT_CONTEXT cert,
- int base64LineWrap);
static PCCRL_CONTEXT xmlSecMSCryptoX509CrlDerRead (xmlSecByte* buf,
- xmlSecSize size,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static PCCRL_CONTEXT xmlSecMSCryptoX509CrlBase64DerRead (xmlChar* buf,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static xmlChar* xmlSecMSCryptoX509CrlBase64DerWrite (PCCRL_CONTEXT crl,
- int base64LineWrap);
+ xmlSecSize size);
static xmlChar* xmlSecMSCryptoX509NameWrite(PCERT_NAME_BLOB nm);
-static int xmlSecMSCryptoASN1IntegerWrite (xmlNodePtr node,
- PCRYPT_INTEGER_BLOB num);
-static xmlChar* xmlSecMSCryptoX509SKIWrite (PCCERT_CONTEXT cert);
+static xmlChar* xmlSecMSCryptoASN1IntegerWrite (PCRYPT_INTEGER_BLOB num);
+static int xmlSecMSCryptoX509SKIWrite (PCCERT_CONTEXT cert,
+ xmlSecBufferPtr buf);
static void xmlSecMSCryptoX509CertDebugDump (PCCERT_CONTEXT cert,
FILE* output);
static void xmlSecMSCryptoX509CertDebugXmlDump (PCCERT_CONTEXT cert,
static int xmlSecMSCryptoX509CertGetTime (FILETIME t,
time_t* res);
+
/*************************************************************************
*
* Internal MSCrypto X509 data CTX
/**************************************************************************
*
- * <dsig:X509Data> processing
- *
- *
- * The X509Data Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
- *
- * An X509Data element within KeyInfo contains one or more identifiers of keys
- * or X509 certificates (or certificates' identifiers or a revocation list).
- * The content of X509Data is:
- *
- * 1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
- * 2.
- * * The X509IssuerSerial element, which contains an X.509 issuer
- * distinguished name/serial number pair that SHOULD be compliant
- * with RFC2253 [LDAP-DN],
- * * The X509SubjectName element, which contains an X.509 subject
- * distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
- * * The X509SKI element, which contains the base64 encoded plain (i.e.
- * non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
- * * The X509Certificate element, which contains a base64-encoded [X509v3]
- * certificate, and
- * * Elements from an external namespace which accompanies/complements any
- * of the elements above.
- * * The X509CRL element, which contains a base64-encoded certificate
- * revocation list (CRL) [X509v3].
- *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
- * MUST refer to the certificate or certificates containing the validation key.
- * All such elements that refer to a particular individual certificate MUST be
- * grouped inside a single X509Data element and if the certificate to which
- * they refer appears, it MUST also be in that X509Data element.
- *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
- * the same key but different certificates MUST be grouped within a single
- * KeyInfo but MAY occur in multiple X509Data elements.
- *
- * All certificates appearing in an X509Data element MUST relate to the
- * validation key by either containing it or being part of a certification
- * chain that terminates in a certificate containing the validation key.
- *
- * No ordering is implied by the above constraints.
- *
- * Note, there is no direct provision for a PKCS#7 encoded "bag" of
- * certificates or CRLs. However, a set of certificates and CRLs can occur
- * within an X509Data element and multiple X509Data elements can occur in a
- * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
- * least one such certificate must contain the public key which verifies the
- * signature.
- *
- * Schema Definition
- *
- * <element name="X509Data" type="ds:X509DataType"/>
- * <complexType name="X509DataType">
- * <sequence maxOccurs="unbounded">
- * <choice>
- * <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
- * <element name="X509SKI" type="base64Binary"/>
- * <element name="X509SubjectName" type="string"/>
- * <element name="X509Certificate" type="base64Binary"/>
- * <element name="X509CRL" type="base64Binary"/>
- * <any namespace="##other" processContents="lax"/>
- * </choice>
- * </sequence>
- * </complexType>
- * <complexType name="X509IssuerSerialType">
- * <sequence>
- * <element name="X509IssuerName" type="string"/>
- * <element name="X509SerialNumber" type="integer"/>
- * </sequence>
- * </complexType>
- *
- * DTD
- *
- * <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
- * X509Certificate | X509CRL)+ %X509.ANY;)>
- * <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
- * <!ELEMENT X509IssuerName (#PCDATA) >
- * <!ELEMENT X509SubjectName (#PCDATA) >
- * <!ELEMENT X509SerialNumber (#PCDATA) >
- * <!ELEMENT X509SKI (#PCDATA) >
- * <!ELEMENT X509Certificate (#PCDATA) >
- * <!ELEMENT X509CRL (#PCDATA) >
- *
- * -----------------------------------------------------------------------
- *
- * xmlSecMSCryptoX509DataCtx is located after xmlSecTransform
+ * <dsig:X509Data> processing (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
*
*************************************************************************/
-#define xmlSecMSCryptoX509DataSize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecMSCryptoX509DataCtx))
-#define xmlSecMSCryptoX509DataGetCtx(data) \
- ((xmlSecMSCryptoX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+XMLSEC_KEY_DATA_DECLARE(MSCryptoX509Data, xmlSecMSCryptoX509DataCtx)
+#define xmlSecMSCryptoX509DataSize XMLSEC_KEY_DATA_SIZE(MSCryptoX509Data)
static int xmlSecMSCryptoKeyDataX509Initialize (xmlSecKeyDataPtr data);
static int xmlSecMSCryptoKeyDataX509Duplicate (xmlSecKeyDataPtr dst,
static void xmlSecMSCryptoKeyDataX509DebugXmlDump (xmlSecKeyDataPtr data,
FILE* output);
-
+typedef struct _xmlSecMSCryptoKeyDataX509Context {
+ xmlSecSize crtPos;
+ xmlSecSize crtSize;
+ xmlSecSize crlPos;
+ xmlSecSize crlSize;
+} xmlSecMSCryptoKeyDataX509Context;
+
+static int xmlSecMSCryptoKeyDataX509Read (xmlSecKeyDataPtr data,
+ xmlSecKeyValueX509Ptr x509Value,
+ xmlSecKeysMngrPtr keysMngr,
+ unsigned int flags);
+static int xmlSecMSCryptoKeyDataX509Write (xmlSecKeyDataPtr data,
+ xmlSecKeyValueX509Ptr x509Value,
+ int content,
+ void* context);
static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataX509Klass = {
sizeof(xmlSecKeyDataKlass),
if(certSrc == NULL) {
xmlSecInternalError2("xmlSecMSCryptoKeyDataX509GetCert",
xmlSecKeyDataGetName(src),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return(-1);
}
if(crlSrc == NULL) {
xmlSecInternalError2("xmlSecMSCryptoKeyDataX509GetCrl",
xmlSecKeyDataGetName(src),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return(-1);
}
xmlSecAssert2(id == xmlSecMSCryptoKeyDataX509Id, -1);
xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
data = xmlSecKeyEnsureData(key, id);
- if(data == NULL) {
+ if (data == NULL) {
xmlSecInternalError("xmlSecKeyEnsureData",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
- ret = xmlSecMSCryptoX509DataNodeRead(data, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoX509DataNodeRead",
- xmlSecKeyDataKlassGetName(id));
+ ret = xmlSecKeyDataX509XmlRead(data, node, keyInfoCtx,
+ xmlSecMSCryptoKeyDataX509Read);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecKeyDataX509XmlRead",
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
ret = xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
- if(ret < 0) {
+ if (ret < 0) {
xmlSecInternalError("xmlSecMSCryptoKeyDataX509VerifyAndExtractKey",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
return(0);
xmlSecMSCryptoKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
xmlSecKeyDataPtr data;
- PCCERT_CONTEXT cert;
- PCCRL_CONTEXT crl;
- xmlSecSize size, pos;
- int content = 0;
+ xmlSecMSCryptoKeyDataX509Context context;
int ret;
xmlSecAssert2(id == xmlSecMSCryptoKeyDataX509Id, -1);
xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlSecX509DataGetNodeContent (node, keyInfoCtx);
- if (content < 0) {
- xmlSecInternalError2("xmlSecX509DataGetNodeContent",
- xmlSecKeyDataKlassGetName(id),
- "content=%d", content);
- return(-1);
- } else if(content == 0) {
- /* by default we are writing certificates and crls */
- content = XMLSEC_X509DATA_DEFAULT;
- }
/* get x509 data */
data = xmlSecKeyGetData(key, id);
- if(data == NULL) {
+ if (data == NULL) {
/* no x509 data in the key */
return(0);
}
- /* write certs */
- size = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
- for(pos = 0; pos < size; ++pos) {
- cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
- if(cert == NULL) {
- xmlSecInternalError2("xmlSecMSCryptoKeyDataX509GetCert",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
-
- if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
- ret = xmlSecMSCryptoX509CertificateNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecMSCryptoX509CertificateNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
- ret = xmlSecMSCryptoX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecMSCryptoX509SubjectNameNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
- ret = xmlSecMSCryptoX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecMSCryptoX509IssuerSerialNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
- ret = xmlSecMSCryptoX509SKINodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecMSCryptoX509SKINodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
- }
-
- /* write crls if needed */
- if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
- size = xmlSecMSCryptoKeyDataX509GetCrlsSize(data);
- for(pos = 0; pos < size; ++pos) {
- crl = xmlSecMSCryptoKeyDataX509GetCrl(data, pos);
- if(crl == NULL) {
- xmlSecInternalError2("xmlSecMSCryptoKeyDataX509GetCrl",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
+ /* setup context */
+ context.crtPos = context.crlPos = 0;
+ context.crtSize = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
+ context.crlSize = xmlSecMSCryptoKeyDataX509GetCrlsSize(data);
- ret = xmlSecMSCryptoX509CRLNodeWrite(crl, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecMSCryptoX509CRLNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
+ ret = xmlSecKeyDataX509XmlWrite(data, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecMSCryptoKeyDataX509Write, &context);
+ if (ret < 0) {
+ xmlSecInternalError3("xmlSecKeyDataX509XmlWrite",
+ xmlSecKeyDataKlassGetName(id),
+ "crtSize=" XMLSEC_SIZE_FMT "; crlSize=" XMLSEC_SIZE_FMT,
+ context.crtSize, context.crlSize);
+ return(-1);
}
+ /* success */
return(0);
}
if(cert == NULL) {
xmlSecInternalError2("xmlSecMSCryptoKeyDataX509GetCert",
xmlSecKeyDataGetName(data),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return;
}
fprintf(output, "==== Certificate:\n");
if(cert == NULL) {
xmlSecInternalError2("xmlSecMSCryptoKeyDataX509GetCert",
xmlSecKeyDataGetName(data),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return;
}
fprintf(output, "<Certificate>\n");
fprintf(output, "</X509Data>\n");
}
-static int
-xmlSecMSCryptoX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- for(cur = xmlSecGetNextElementNode(node->children);
- cur != NULL;
- cur = xmlSecGetNextElementNode(cur->next)) {
-
- ret = 0;
- if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
- ret = xmlSecMSCryptoX509CertificateNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoX509CertificateNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
- ret = xmlSecMSCryptoX509SubjectNameNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoX509SubjectNameNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
- ret = xmlSecMSCryptoX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoX509IssuerSerialNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
- ret = xmlSecMSCryptoX509SKINodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoX509SKINodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
- ret = xmlSecMSCryptoX509CRLNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoX509CRLNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
- /* laxi schema validation: ignore unknown nodes */
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
- return(-1);
- }
- }
- return(0);
-}
static int
-xmlSecMSCryptoX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar *content;
- PCCERT_CONTEXT cert;
+xmlSecMSCryptoKeyDataX509Read(xmlSecKeyDataPtr data, xmlSecKeyValueX509Ptr x509Value,
+ xmlSecKeysMngrPtr keysMngr, unsigned int flags) {
+ xmlSecKeyDataStorePtr x509Store;
+ int stopOnUnknownCert = 0;
+ PCCERT_CONTEXT cert = NULL;
+ PCCRL_CONTEXT crl = NULL;
int ret;
+ int res = -1;
+ xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlNodeGetContent(node);
- if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
- if(content != NULL) {
- xmlFree(content);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- return(0);
- }
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(keysMngr != NULL, -1);
- cert = xmlSecMSCryptoX509CertBase64DerRead(content);
- if(cert == NULL) {
- xmlSecInternalError("xmlSecMSCryptoX509CertBase64DerRead",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
- return(-1);
- }
-
- ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CertFreeCertificateContext(cert);
- xmlFree(content);
- return(-1);
- }
-
- xmlFree(content);
- return(0);
-}
-
-static int
-xmlSecMSCryptoX509CertificateNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* buf;
- xmlNodePtr cur;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- /* set base64 lines size from context */
- buf = xmlSecMSCryptoX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecMSCryptoX509CertBase64DerWrite", NULL);
- return(-1);
- }
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509Certificate)", NULL);
- xmlFree(buf);
- return(-1);
+ x509Store = xmlSecKeysMngrGetDataStore(keysMngr, xmlSecMSCryptoX509StoreId);
+ if (x509Store == NULL) {
+ xmlSecInternalError("xmlSecKeysMngrGetDataStore", xmlSecKeyDataGetName(data));
+ goto done;
}
- /* todo: add \n around base64 data - from context */
- /* todo: add errors check */
- xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
- xmlNodeSetContent(cur, buf);
- xmlFree(buf);
- return(0);
-}
-
-static int
-xmlSecMSCryptoX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr x509Store;
- xmlChar* subject;
- PCCERT_CONTEXT cert;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
+ /* determine what to do */
+ if ((flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ stopOnUnknownCert = 1;
}
- subject = xmlNodeGetContent(node);
- if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
- if(subject != NULL) {
- xmlFree(subject);
+ if (xmlSecBufferGetSize(&(x509Value->cert)) > 0) {
+ cert = xmlSecMSCryptoX509CertDerRead(xmlSecBufferGetData(&(x509Value->cert)),
+ xmlSecBufferGetSize(&(x509Value->cert)));
+ if (cert == NULL) {
+ xmlSecInternalError("xmlSecMSCryptoX509CertDerRead", xmlSecKeyDataGetName(data));
+ goto done;
}
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
+ }
+ else if (xmlSecBufferGetSize(&(x509Value->crl)) > 0) {
+ crl = xmlSecMSCryptoX509CrlDerRead(xmlSecBufferGetData(&(x509Value->crl)),
+ xmlSecBufferGetSize(&(x509Value->crl)));
+ if (crl == NULL) {
+ xmlSecInternalError("xmlSecMSCryptoX509CertDerRead", xmlSecKeyDataGetName(data));
+ goto done;
}
- return(0);
}
-
- cert = xmlSecMSCryptoX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
- if(cert == NULL){
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ else if (xmlSecBufferGetSize(&(x509Value->ski)) > 0) {
+ cert = xmlSecMSCryptoX509StoreFindCert_ex(x509Store, NULL, NULL, NULL,
+ xmlSecBufferGetData(&(x509Value->ski)), xmlSecBufferGetSize(&(x509Value->ski)),
+ NULL /* unused */);
+ if ((cert == NULL) && (stopOnUnknownCert != 0)) {
xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "subject=%s", xmlSecErrorsSafeString(subject));
- xmlFree(subject);
- return(-1);
+ "skiSize=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(&(x509Value->ski)));
+ goto done;
}
- xmlFree(subject);
- return(0);
}
-
- ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CertFreeCertificateContext(cert);
- xmlFree(subject);
- return(-1);
- }
-
- xmlFree(subject);
- return(0);
-}
-
-static int
-xmlSecMSCryptoX509SubjectNameNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlChar* buf = NULL;
- xmlNodePtr cur = NULL;
- int ret;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- UNREFERENCED_PARAMETER(keyInfoCtx);
-
- buf = xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Subject));
- if(buf == NULL) {
- xmlSecInternalError("xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Subject))", NULL);
- return(-1);
- }
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SubjectName)", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- ret = xmlSecNodeEncodeAndSetContent(cur, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- /* done */
- xmlFree(buf);
- return(0);
-}
-
-static int
-xmlSecMSCryptoX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr x509Store;
- xmlNodePtr cur;
- xmlChar *issuerName;
- xmlChar *issuerSerial;
- PCCERT_CONTEXT cert;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(node->children);
- if(cur == NULL) {
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecNodeNotFoundError("xmlSecGetNextElementNode", node, NULL,
- xmlSecKeyDataGetName(data));
- return(-1);
+ else if (x509Value->subject != NULL) {
+ cert = xmlSecMSCryptoX509StoreFindCert_ex(x509Store, x509Value->subject,
+ NULL, NULL, NULL, 0, NULL /* unused */);
+ if ((cert == NULL) && (stopOnUnknownCert != 0)) {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "subject=%s", xmlSecErrorsSafeString(x509Value->subject));
+ goto done;
}
- return(0);
}
-
- /* the first is required node X509IssuerName */
- if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
- xmlSecInvalidNodeError(cur, xmlSecNodeX509IssuerName, xmlSecKeyDataGetName(data));
- return(-1);
- }
- issuerName = xmlNodeGetContent(cur);
- if(issuerName == NULL) {
- xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* next is required node X509SerialNumber */
- if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
- xmlSecInvalidNodeError(cur, xmlSecNodeX509SerialNumber, xmlSecKeyDataGetName(data));
- xmlFree(issuerName);
- return(-1);
- }
- issuerSerial = xmlNodeGetContent(cur);
- if(issuerSerial == NULL) {
- xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data), "empty");
- xmlFree(issuerName);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
- }
-
- cert = xmlSecMSCryptoX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
- if(cert == NULL){
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ else if ((x509Value->issuerName != NULL) && (x509Value->issuerSerial != NULL)) {
+ cert = xmlSecMSCryptoX509StoreFindCert_ex(x509Store, NULL,
+ x509Value->issuerName, x509Value->issuerSerial,
+ NULL, 0, NULL /* unused */);
+ if ((cert == NULL) && (stopOnUnknownCert != 0)) {
xmlSecOtherError3(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "issuerName=%s;issuerSerial=%s",
- xmlSecErrorsSafeString(issuerName),
- xmlSecErrorsSafeString(issuerSerial));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
+ "issuerName=%s;issuerSerial=%s",
+ xmlSecErrorsSafeString(x509Value->issuerName),
+ xmlSecErrorsSafeString(x509Value->issuerSerial));
+ goto done;
}
-
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(0);
- }
-
- ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CertFreeCertificateContext(cert);
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
}
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(0);
-}
-
-static int
-xmlSecMSCryptoX509IssuerSerialNodeWrite(PCCERT_CONTEXT cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlNodePtr cur;
- xmlNodePtr issuerNameNode;
- xmlNodePtr issuerNumberNode;
- xmlChar* buf;
- int ret;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- UNREFERENCED_PARAMETER(keyInfoCtx);
-
- /* create xml nodes */
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509IssuerSerial)", NULL);
- return(-1);
- }
-
- issuerNameNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
- if(issuerNameNode == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509IssuerName)", NULL);
- return(-1);
+ /* if we found a cert or a crl, then add it to the data */
+ if (cert != NULL) {
+ ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCert", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ cert = NULL; /* owned by data now */
}
-
- issuerNumberNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
- if(issuerNumberNode == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SerialNumber)", NULL);
- return(-1);
+ if (crl != NULL) {
+ ret = xmlSecMSCryptoKeyDataX509AdoptCrl(data, crl);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCrl", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ crl = NULL; /* owned by data now */
}
- /* write data */
- buf = xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Issuer));
- if(buf == NULL) {
- xmlSecInternalError("xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Issuer))", NULL);
- return(-1);
- }
+ /* success */
+ res = 0;
- ret = xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent(issuerNameNode)", NULL);
- xmlFree(buf);
- return(-1);
+done:
+ /* cleanup */
+ if (cert != NULL) {
+ CertFreeCertificateContext(cert);
}
-
- xmlFree(buf);
-
- ret = xmlSecMSCryptoASN1IntegerWrite(issuerNumberNode, &(cert->pCertInfo->SerialNumber));
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoASN1IntegerWrite(&(cert->serialNumber))", NULL);
- return(-1);
+ if (crl != NULL) {
+ CertFreeCRLContext(crl);
}
- return(0);
+ return(res);
}
+
static int
-xmlSecMSCryptoX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr x509Store;
- xmlChar* ski;
- PCCERT_CONTEXT cert;
+xmlSecMSCryptoKeyDataX509Write(xmlSecKeyDataPtr data, xmlSecKeyValueX509Ptr x509Value,
+ int content, void* context) {
+ xmlSecMSCryptoKeyDataX509Context* ctx;
int ret;
+ xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- ski = xmlNodeGetContent(node);
- if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
- if(ski != NULL) {
- xmlFree(ski);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(context != NULL, -1);
+
+ ctx = (xmlSecMSCryptoKeyDataX509Context*)context;
+ if (ctx->crtPos < ctx->crtSize) {
+ /* write cert */
+ PCCERT_CONTEXT cert = xmlSecMSCryptoKeyDataX509GetCert(data, ctx->crtPos);
+ if (cert == NULL) {
+ xmlSecInternalError2("xmlSecMSCryptoKeyDataX509GetCert",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
return(-1);
}
- return(0);
- }
-
- cert = xmlSecMSCryptoX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
- if(cert == NULL){
- xmlFree(ski);
-
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "ski=%s", xmlSecErrorsSafeString(ski));
- return(-1);
+ if ((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
+ xmlSecAssert2(cert->pbCertEncoded != NULL, -1);
+ xmlSecAssert2(cert->cbCertEncoded > 0, -1);
+
+ ret = xmlSecBufferSetData(&(x509Value->cert), cert->pbCertEncoded, cert->cbCertEncoded);
+ if (ret < 0) {
+ xmlSecInternalError3("xmlSecBufferSetData",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT "; certSize=%lu",
+ ctx->crtPos, cert->cbCertEncoded);
+ return(-1);
+ }
}
- return(0);
- }
-
- ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CertFreeCertificateContext(cert);
- xmlFree(ski);
- return(-1);
- }
-
- xmlFree(ski);
- return(0);
-}
-
-static int
-xmlSecMSCryptoX509SKINodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlChar *buf = NULL;
- xmlNodePtr cur = NULL;
- int ret;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- UNREFERENCED_PARAMETER(keyInfoCtx);
-
- buf = xmlSecMSCryptoX509SKIWrite(cert);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecMSCryptoX509SKIWrite", NULL);
- return(-1);
- }
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SKI)", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- ret = xmlSecNodeEncodeAndSetContent(cur, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- /* done */
- xmlFree(buf);
- return(0);
-}
-
-static int
-xmlSecMSCryptoX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar *content;
- PCCRL_CONTEXT crl;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlNodeGetContent(node);
- if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
- if(content != NULL) {
- xmlFree(content);
+ if ((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
+ ret = xmlSecMSCryptoX509SKIWrite(cert, &(x509Value->ski));
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecMSCryptoX509SKIWrite",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
}
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
+ if ((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
+ xmlSecAssert2(x509Value->subject == NULL, -1);
+ xmlSecAssert2(cert->pCertInfo != NULL, -1);
+
+ x509Value->subject = xmlSecMSCryptoX509NameWrite(& (cert->pCertInfo->Subject));
+ if (x509Value->subject == NULL) {
+ xmlSecInternalError2("xmlSecMSCryptoX509NameWrite(subject)",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
}
- return(0);
- }
-
- crl = xmlSecMSCryptoX509CrlBase64DerRead(content, keyInfoCtx);
- if(crl == NULL) {
- xmlSecInternalError("xmlSecMSCryptoX509CrlBase64DerRead",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
- return(-1);
- }
-
- if (0 != xmlSecMSCryptoKeyDataX509AdoptCrl(data, crl)) {
- xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCrl",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
- CertFreeCRLContext(crl);
- return(-1);
+ if ((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
+ xmlSecAssert2(x509Value->issuerName == NULL, -1);
+ xmlSecAssert2(x509Value->issuerSerial == NULL, -1);
+ xmlSecAssert2(cert->pCertInfo != NULL, -1);
+
+ x509Value->issuerName = xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Issuer));
+ if (x509Value->issuerName == NULL) {
+ xmlSecInternalError2("xmlSecMSCryptoX509NameWrite(issuer name)",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
+ x509Value->issuerSerial = xmlSecMSCryptoASN1IntegerWrite(&(cert->pCertInfo->SerialNumber));
+ if (x509Value->issuerSerial == NULL) {
+ xmlSecInternalError2("xmlSecMSCryptoASN1IntegerWrite(issuer serial))",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
+ }
+ ++ctx->crtPos;
}
+ else if (ctx->crlPos < ctx->crlSize) {
+ /* write crl */
+ PCCRL_CONTEXT crl = xmlSecMSCryptoKeyDataX509GetCrl(data, ctx->crlPos);
+ if (crl == NULL) {
+ xmlSecInternalError2("xmlSecMSCryptoKeyDataX509GetCrl",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crlPos);
+ return(-1);
+ }
- xmlFree(content);
- return(0);
-}
-
-static int
-xmlSecMSCryptoX509CRLNodeWrite(PCCRL_CONTEXT crl, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* buf = NULL;
- xmlNodePtr cur = NULL;
-
- xmlSecAssert2(crl != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- /* set base64 lines size from context */
- buf = xmlSecMSCryptoX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecMSCryptoX509CrlBase64DerWrite", NULL);
- return(-1);
+ if ((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
+ ret = xmlSecBufferSetData(&(x509Value->crl), crl->pbCrlEncoded, crl->cbCrlEncoded);
+ if (ret < 0) {
+ xmlSecInternalError3("xmlSecBufferSetData",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT "; crlSize=%lu",
+ ctx->crlPos, crl->cbCrlEncoded);
+ return(-1);
+ }
+ }
+ ++ctx->crlPos;
}
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509CRL)", NULL);
- xmlFree(buf);
- return(-1);
+ else {
+ /* no more certs or crls */
+ return(1);
}
- /* todo: add \n around base64 data - from context */
- /* todo: add errors check */
- xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
- xmlNodeSetContent(cur, buf);
- xmlFree(buf);
+ /* success */
return(0);
}
-
static int
xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
xmlSecKeyInfoCtxPtr keyInfoCtx) {
}
} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
xmlSecOtherError(XMLSEC_ERRORS_R_CERT_NOT_FOUND,
- xmlSecKeyDataGetName(data), NULL);
+ xmlSecKeyDataGetName(data), NULL);
return(-1);
}
}
result |= t.dwLowDateTime;
result /= 10000; /* Convert from 100 nano-sec periods to seconds. */
#if defined(__MINGW32__)
- result -= 11644473600000ULL; /* Convert from Windows epoch to Unix epoch */
+ result -= 11644473600000LL; /* Convert from Windows epoch to Unix epoch */
#else
result -= 11644473600000; /* Convert from Windows epoch to Unix epoch */
#endif
}
static PCCERT_CONTEXT
-xmlSecMSCryptoX509CertBase64DerRead(xmlChar* buf) {
- int ret;
-
- xmlSecAssert2(buf != NULL, NULL);
-
- /* usual trick with base64 decoding "in-place" */
- ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- return(NULL);
- }
-
- return(xmlSecMSCryptoX509CertDerRead((xmlSecByte*)buf, ret));
-}
-
-
-static PCCERT_CONTEXT
xmlSecMSCryptoX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
PCCERT_CONTEXT cert;
+ DWORD dwSize;
xmlSecAssert2(buf != NULL, NULL);
xmlSecAssert2(size > 0, NULL);
- cert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, size);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(size, dwSize, return(NULL), NULL);
+ cert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, dwSize);
if(cert == NULL) {
xmlSecMSCryptoError("CertCreateCertificateContext", NULL);
return(NULL);
return(cert);
}
-static xmlChar*
-xmlSecMSCryptoX509CertBase64DerWrite(PCCERT_CONTEXT cert, int base64LineWrap) {
- xmlChar *res = NULL;
- xmlSecByte *p = NULL;
- long size;
-
- xmlSecAssert2(cert != NULL, NULL);
-
- p = cert->pbCertEncoded;
- size = cert->cbCertEncoded;
- if((size <= 0) || (p == NULL)){
- xmlSecMSCryptoError("cert->pbCertEncoded", NULL);
- return(NULL);
- }
-
- res = xmlSecBase64Encode(p, size, base64LineWrap);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- return(NULL);
- }
-
- return(res);
-}
-
-static PCCRL_CONTEXT
-xmlSecMSCryptoX509CrlBase64DerRead(xmlChar* buf,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- int ret;
-
- xmlSecAssert2(buf != NULL, NULL);
-
- /* usual trick with base64 decoding "in-place" */
- ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- return(NULL);
- }
-
- return(xmlSecMSCryptoX509CrlDerRead((xmlSecByte*)buf, ret, keyInfoCtx));
-}
-
-
static PCCRL_CONTEXT
-xmlSecMSCryptoX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecMSCryptoX509CrlDerRead(xmlSecByte* buf, xmlSecSize size) {
PCCRL_CONTEXT crl = NULL;
+ DWORD dwSize;
xmlSecAssert2(buf != NULL, NULL);
- xmlSecAssert2(keyInfoCtx != NULL, NULL);
xmlSecAssert2(size > 0, NULL);
- crl = CertCreateCRLContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, size);
-
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(size, dwSize, return(NULL), NULL);
+ crl = CertCreateCRLContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, dwSize);
if(crl == NULL) {
xmlSecMSCryptoError("CertCreateCRLContext", NULL);
return(NULL);
}
return(crl);
- }
-
-static xmlChar*
-xmlSecMSCryptoX509CrlBase64DerWrite(PCCRL_CONTEXT crl, int base64LineWrap) {
- xmlChar *res = NULL;
- xmlSecByte *p = NULL;
- long size;
-
- xmlSecAssert2(crl != NULL, NULL);
-
- p = crl->pbCrlEncoded;
- size = crl->cbCrlEncoded;
- if((size <= 0) || (p == NULL)){
- xmlSecMSCryptoError("crl->pbCrlEncoded", NULL);
- return(NULL);
- }
-
- res = xmlSecBase64Encode(p, size, base64LineWrap);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- return(NULL);
- }
-
- return(res);
}
static xmlChar*
return(res);
}
-
-
-static int
-xmlSecMSCryptoASN1IntegerWrite(xmlNodePtr node, PCRYPT_INTEGER_BLOB num) {
+static xmlChar*
+xmlSecMSCryptoASN1IntegerWrite(PCRYPT_INTEGER_BLOB num) {
xmlSecBn bn;
+ xmlChar* res;
int ret;
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(num != NULL, -1);
+ xmlSecAssert2(num != NULL, NULL);
ret = xmlSecBnInitialize(&bn, num->cbData + 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBnInitialize", NULL,
- "size=%ld", num->cbData + 1);
- return(-1);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBnInitialize", NULL, "size=%lu", num->cbData + 1);
+ return(NULL);
}
ret = xmlSecBnSetData(&bn, num->pbData, num->cbData);
- if(ret < 0) {
+ if (ret < 0) {
xmlSecInternalError("xmlSecBnSetData", NULL);
xmlSecBnFinalize(&bn);
- return(-1);
+ return(NULL);
}
- /* I have no clue why at a sudden a swap is needed to
- * convert from lsb... This code is purely based upon
- * trial and error :( WK
- */
- ret = xmlSecBnSetNodeValue(&bn, node, xmlSecBnDec, 1, 0);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBnSetNodeValue", NULL);
+ /* SerialNumber is little-endian, see <https://msdn.microsoft.com/en-us/library/windows/desktop/aa377200(v=vs.85).aspx>.
+ * xmldsig wants big-endian, so reverse */
+ ret = xmlSecBnReverse(&bn);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBnReverse", NULL);
xmlSecBnFinalize(&bn);
- return(-1);
+ return(NULL);
+ }
+
+ res = xmlSecBnToDecString(&bn);
+ if (res == NULL) {
+ xmlSecInternalError("xmlSecBnToDecString", NULL);
+ xmlSecBnFinalize(&bn);
+ return(NULL);
}
+ /* done */
xmlSecBnFinalize(&bn);
- return(0);
+ return(res);
}
-static xmlChar*
-xmlSecMSCryptoX509SKIWrite(PCCERT_CONTEXT cert) {
- xmlChar *res = NULL;
- DWORD dwSize;
- BYTE *bSKI = NULL;
+static int
+xmlSecMSCryptoX509SKIWrite(PCCERT_CONTEXT cert, xmlSecBufferPtr buf) {
PCERT_EXTENSION pCertExt;
+ DWORD dwSize;
+ BOOL rv;
+ int ret;
- xmlSecAssert2(cert != NULL, NULL);
+ xmlSecAssert2(cert != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
- /* First check if the SKI extension actually exists, otherwise we get a SHA1 hash of the key/cert */
+ /* First check if the SKI extension actually exists, otherwise we get a SHA1 hash of the cert */
pCertExt = CertFindExtension(szOID_SUBJECT_KEY_IDENTIFIER, cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension);
if (pCertExt == NULL) {
xmlSecMSCryptoError("CertFindExtension", NULL);
- return (NULL);
+ return (0);
}
- if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, NULL, &dwSize) || dwSize < 1) {
+ rv = CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, NULL, &dwSize);
+ if (!rv || dwSize <= 0) {
xmlSecMSCryptoError("CertGetCertificateContextProperty", NULL);
- return (NULL);
- }
- bSKI = xmlMalloc(dwSize);
- if (NULL == bSKI) {
- xmlSecMallocError(dwSize, NULL);
- return (NULL);
+ return(-1);
}
- if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, bSKI, &dwSize)) {
- xmlSecMSCryptoError("CertGetCertificateContextProperty", NULL);
- xmlFree(bSKI);
- return (NULL);
+ ret = xmlSecBufferSetMaxSize(buf, dwSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL,
+ "size=%lu", dwSize);
+ return(-1);
}
- if (NULL == bSKI) {
- return(NULL);
+ if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, xmlSecBufferGetData(buf), &dwSize)) {
+ xmlSecMSCryptoError("CertGetCertificateContextProperty", NULL);
+ return(-1);
}
- res = xmlSecBase64Encode(bSKI, dwSize, 0);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- xmlFree(bSKI);
- return(NULL);
+ ret = xmlSecBufferSetSize(buf, dwSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=%lu", dwSize);
+ return(-1);
}
- xmlFree(bSKI);
-
- return(res);
+ return(0);
}
-
static void
xmlSecMSCryptoX509CertDebugDump(PCCERT_CONTEXT cert, FILE* output) {
PCRYPT_INTEGER_BLOB sn;
unsigned int i;
xmlChar * subject = NULL;
xmlChar * issuer = NULL;
-
+
xmlSecAssert(cert != NULL);
xmlSecAssert(output != NULL);
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 200
3-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 200
2-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:x509vfy
#include <ctype.h>
#include <errno.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/keysmngr.h>
#include <xmlsec/base64.h>
#include <xmlsec/bn.h>
#include <xmlsec/errors.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/mscrypto/crypto.h>
#include <xmlsec/mscrypto/x509.h>
+
#include "private.h"
+#include "../cast_helpers.h"
+
/**************************************************************************
*
*
* xmlSecMSCryptoKeyDataStoreX509Id:
*
- * xmlSecMSCryptoX509StoreCtx is located after xmlSecTransform
- *
***************************************************************************/
-#define xmlSecMSCryptoX509StoreGetCtx(store) \
- ((xmlSecMSCryptoX509StoreCtxPtr)(((xmlSecByte*)(store)) + \
- sizeof(xmlSecKeyDataStoreKlass)))
-#define xmlSecMSCryptoX509StoreSize \
- (sizeof(xmlSecKeyDataStoreKlass) + sizeof(xmlSecMSCryptoX509StoreCtx))
+XMLSEC_KEY_DATA_STORE_DECLARE(MSCryptoX509Store, xmlSecMSCryptoX509StoreCtx)
+#define xmlSecMSCryptoX509StoreSize XMLSEC_KEY_DATA_STORE_SIZE(MSCryptoX509Store)
static int xmlSecMSCryptoX509StoreInitialize (xmlSecKeyDataStorePtr store);
static void xmlSecMSCryptoX509StoreFinalize (xmlSecKeyDataStorePtr store);
static PCCERT_CONTEXT xmlSecMSCryptoX509FindCert(HCERTSTORE store,
const xmlChar *subjectName,
- const xmlChar *issuerName,
- const xmlChar *issuerSerial,
- const xmlChar *ski);
+ const xmlChar *issuerName, const xmlChar *issuerSerial,
+ const xmlSecByte* ski, xmlSecSize skiSize);
/**
xmlSecMSCryptoX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectName,
xmlChar *issuerName, xmlChar *issuerSerial,
xmlChar *ski, xmlSecKeyInfoCtx* keyInfoCtx) {
+ if (ski != NULL) {
+ xmlSecSize skiDecodedSize = 0;
+ int ret;
+
+ /* our usual trick with base64 decode */
+ ret = xmlSecBase64DecodeInPlace(ski, &skiDecodedSize);
+ if (ret < 0) {
+ xmlSecInternalError2("xmlSecBase64DecodeInPlace", NULL,
+ "ski=%s", xmlSecErrorsSafeString(ski));
+ return(NULL);
+ }
+
+ return(xmlSecMSCryptoX509StoreFindCert_ex(store, subjectName, issuerName, issuerSerial,
+ (xmlSecByte*)ski, skiDecodedSize, keyInfoCtx));
+ }
+ else {
+ return(xmlSecMSCryptoX509StoreFindCert_ex(store, subjectName, issuerName, issuerSerial,
+ NULL, 0, keyInfoCtx));
+
+ }
+}
+
+/**
+ * xmlSecMSCryptoX509StoreFindCert_ex:
+ * @store: the pointer to X509 key data store klass.
+ * @subjectName: the desired certificate name.
+ * @issuerName: the desired certificate issuer name.
+ * @issuerSerial: the desired certificate issuer serial number.
+ * @ski: the desired certificate SKI.
+ * @skiSize: the desired certificate SKI size.
+ * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context.
+ *
+ * Searches @store for a certificate that matches given criteria.
+ *
+ * Returns: pointer to found certificate or NULL if certificate is not found
+ * or an error occurs.
+ */
+PCCERT_CONTEXT
+xmlSecMSCryptoX509StoreFindCert_ex(xmlSecKeyDataStorePtr store, xmlChar* subjectName,
+ xmlChar* issuerName, xmlChar* issuerSerial,
+ xmlSecByte* ski, xmlSecSize skiSize,
+ xmlSecKeyInfoCtx* keyInfoCtx ATTRIBUTE_UNUSED) {
xmlSecMSCryptoX509StoreCtxPtr ctx;
PCCERT_CONTEXT pCert = NULL;
xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), NULL);
- xmlSecAssert2(keyInfoCtx != NULL, NULL);
+ UNREFERENCED_PARAMETER(keyInfoCtx);
ctx = xmlSecMSCryptoX509StoreGetCtx(store);
xmlSecAssert2(ctx != NULL, NULL);
/* search untrusted certs store */
- if((ctx->untrusted != NULL) && (pCert == NULL)) {
- pCert = xmlSecMSCryptoX509FindCert(ctx->untrusted, subjectName, issuerName, issuerSerial, ski);
+ if ((ctx->untrusted != NULL) && (pCert == NULL)) {
+ pCert = xmlSecMSCryptoX509FindCert(ctx->untrusted, subjectName,
+ issuerName, issuerSerial, ski, skiSize);
}
/* search untrusted certs store */
- if((ctx->trusted != NULL) && (pCert == NULL)) {
- pCert = xmlSecMSCryptoX509FindCert(ctx->trusted, subjectName, issuerName, issuerSerial, ski);
+ if ((ctx->trusted != NULL) && (pCert == NULL)) {
+ pCert = xmlSecMSCryptoX509FindCert(ctx->trusted, subjectName,
+ issuerName, issuerSerial, ski, skiSize);
}
return pCert;
xmlSecAssert(pft != NULL);
#if defined( __MINGW32__)
- ll = Int32x32To64(t, 10000000) + 116444736000000000ULL;
+ ll = Int32x32To64(t, 10000000) + 116444736000000000LL;
#else
ll = Int32x32To64(t, 10000000) + 116444736000000000;
#endif
- pft->dwLowDateTime = (DWORD)ll;
- pft->dwHighDateTime = ll >> 32;
+ pft->dwLowDateTime = (DWORD)ll;
+ pft->dwHighDateTime = (DWORD)(ll >> 32);
}
static BOOL
-xmlSecMSCrypoVerifyCertTime(PCCERT_CONTEXT pCert, LPFILETIME pft) {
+xmlSecMSCryptoVerifyCertTime(PCCERT_CONTEXT pCert, LPFILETIME pft) {
xmlSecAssert2(pCert != NULL, FALSE);
xmlSecAssert2(pCert->pCertInfo != NULL, FALSE);
xmlSecAssert2(pft != NULL, FALSE);
PCCERT_CONTEXT issuerCert = NULL;
DWORD flags;
- if (!xmlSecMSCrypoVerifyCertTime(cert, pfTime)) {
+ if (!xmlSecMSCryptoVerifyCertTime(cert, pfTime)) {
xmlSecMSCryptoX509StoreCertError(store, cert, CERT_STORE_TIME_VALIDITY_FLAG);
return(FALSE);
}
xmlSecAssert2(ctx->untrusted != NULL, FALSE);
if(keyInfoCtx->certsVerificationTime > 0) {
- /* convert the time to FILETIME */
+ /* convert the time to FILETIME */
xmlSecMSCryptoUnixTimeToFileTime(keyInfoCtx->certsVerificationTime, &fTime);
} else {
- /* Defaults to current time */
- GetSystemTimeAsFileTime(&fTime);
+ /* Defaults to current time */
+ GetSystemTimeAsFileTime(&fTime);
}
/* try the certificates in the keys manager */
if(!res) {
tempCert = CertEnumCertificatesInStore(ctx->trusted, NULL);
- if(tempCert) {
- CertFreeCertificateContext(tempCert);
+ if(tempCert) {
+ CertFreeCertificateContext(tempCert);
res = xmlSecMSCryptoBuildCertChainManually(cert, &fTime, ctx->trusted, ctx->untrusted, certs, store);
}
}
/* try the certificates in the system */
if(!res && !ctx->dont_use_system_trusted_certs) {
- res = xmlSecBuildChainUsingWinapi(cert, &fTime, ctx->untrusted, certs);
- }
+ res = xmlSecBuildChainUsingWinapi(cert, &fTime, ctx->untrusted, certs);
+ }
/* done */
return res;
}
if(selected == 1) {
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) != 0
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) != 0
|| xmlSecMSCryptoX509StoreConstructCertsChain(store, cert, certs, keyInfoCtx)) {
return(cert);
}
} else if(type == xmlSecKeyDataTypeNone) {
certStore = ctx->untrusted;
} else {
- xmlSecInvalidIntegerTypeError("type", type,
- "xmlSecKeyDataTypeTrusted, xmlSecKeyDataTypeNone",
- xmlSecKeyDataStoreGetName(store));
+ xmlSecUnsupportedEnumValueError("key data type", type, xmlSecKeyDataStoreGetName(store));
return(-1);
}
xmlSecBnPtr issuerSerialBn, DWORD dwCertEncodingType) {
PCCERT_CONTEXT res = NULL;
+ xmlSecSize size;
CERT_INFO certInfo;
BYTE* bdata;
DWORD len;
xmlSecAssert2(wcIssuer != NULL, NULL);
xmlSecAssert2(issuerSerialBn != NULL, NULL);
- certInfo.SerialNumber.cbData = xmlSecBnGetSize(issuerSerialBn);
certInfo.SerialNumber.pbData = xmlSecBnGetData(issuerSerialBn);
+ size = xmlSecBnGetSize(issuerSerialBn);
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(size, certInfo.SerialNumber.cbData, return(NULL), NULL);
/* CASE 1: UTF8, DN */
if (NULL == res) {
xmlSecAssert2(name != 0, NULL);
- /* MSCrypto doesn't support "emailAddress" attribute (see NSS as well).
+ /* MSCrypto doesn't support "emailAddress" attribute (see NSS as well).
* This code is not bullet proof and may produce incorrect results if someone has
- * "emailAddress=" string in one of the fields, but it is best I can suggest to fix
+ * "emailAddress=" string in one of the fields, but it is best I can suggest to fix
* this problem.
*/
name2 = xmlStrdup(name);
return(res);
}
+
+static PCCERT_CONTEXT
+xmlSecMSCryptoX509FindCertBySki(HCERTSTORE store, const xmlSecByte* ski, xmlSecSize skiSize) {
+ CRYPT_HASH_BLOB blob;
+
+ xmlSecAssert2(store != 0, NULL);
+ xmlSecAssert2(ski != NULL, NULL);
+ xmlSecAssert2(skiSize > 0, NULL);
+
+ blob.pbData = (xmlSecByte*)ski;
+ XMLSEC_SAFE_CAST_SIZE_TO_ULONG(skiSize, blob.cbData, return(NULL), NULL);
+
+ return(CertFindCertificateInStore(store,
+ PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
+ 0,
+ CERT_FIND_KEY_IDENTIFIER,
+ &blob,
+ NULL));
+}
+
static PCCERT_CONTEXT
-xmlSecMSCryptoX509FindCert(HCERTSTORE store,
- const xmlChar *subjectName,
- const xmlChar *issuerName,
- const xmlChar *issuerSerial,
- const xmlChar *ski) {
+xmlSecMSCryptoX509FindCert(HCERTSTORE store, const xmlChar *subjectName,
+ const xmlChar *issuerName, const xmlChar *issuerSerial,
+ const xmlSecByte* ski, xmlSecSize skiSize) {
PCCERT_CONTEXT pCert = NULL;
int ret;
xmlSecBnFinalize(&issuerSerialBn);
}
- if((pCert == NULL) && (ski != NULL)) {
- CRYPT_HASH_BLOB blob;
- xmlChar* binSki;
- int binSkiLen;
-
- binSki = xmlStrdup(ski);
- if(binSki == NULL) {
- xmlSecStrdupError(ski, NULL);
- return (NULL);
- }
-
- /* trick: base64 decode "in place" */
- binSkiLen = xmlSecBase64Decode(binSki, (xmlSecByte*)binSki, xmlStrlen(binSki));
- if(binSkiLen < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- xmlFree(binSki);
- return(NULL);
- }
-
- blob.pbData = binSki;
- blob.cbData = binSkiLen;
- pCert = CertFindCertificateInStore(store,
- PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
- 0,
- CERT_FIND_KEY_IDENTIFIER,
- &blob,
- NULL);
- xmlFree(binSki);
+ if((pCert == NULL) && (ski != NULL) && (skiSize > 0)) {
+ pCert = xmlSecMSCryptoX509FindCertBySki(store, ski, skiSize);
}
return(pCert);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:nodeset
#include <xmlsec/errors.h>
#include <xmlsec/private.h>
+#include "cast_helpers.h"
+
#define xmlSecGetParent(node) \
(((node)->type != XML_NAMESPACE_DECL) ? \
(node)->parent : \
}
return(1);
default:
- xmlSecInvalidIntegerTypeError("node set type", nset->type,
- "supported nodeset type", NULL);
+ xmlSecUnsupportedEnumValueError("node set type", nset->type, NULL);
+ return(0);
}
-
- return(0);
}
/**
break;
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_OPERATION, NULL,
- "node set operation=%d", (int)cur->op);
+ "node set operation=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(cur->op));
return(-1);
}
cur = cur->next;
*/
void
xmlSecNodeSetDebugDump(xmlSecNodeSetPtr nset, FILE *output) {
- int i, l;
+ int ii, len;
xmlNodePtr cur;
xmlSecAssert(nset != NULL);
xmlSecNodeSetDebugDump(nset->children, output);
fprintf(output, "<<<\n");
return;
- default:
- fprintf(output, "(unknown=%d)\n", nset->type);
- xmlSecInvalidIntegerTypeError("node set type", nset->type,
- "supported nodeset type", NULL);
}
- l = xmlXPathNodeSetGetLength(nset->nodes);
- for(i = 0; i < l; ++i) {
- cur = xmlXPathNodeSetItem(nset->nodes, i);
+ len = xmlXPathNodeSetGetLength(nset->nodes);
+ for(ii = 0; ii < len; ++ii) {
+ cur = xmlXPathNodeSetItem(nset->nodes, ii);
+ xmlSecAssert(cur != NULL);
+
if(cur->type != XML_NAMESPACE_DECL) {
- fprintf(output, "%d: %s\n", cur->type,
+ fprintf(output, XMLSEC_ENUM_FMT ": %s\n",
+ XMLSEC_ENUM_CAST(cur->type),
(cur->name) ? cur->name : BAD_CAST "null");
} else {
xmlNsPtr ns = (xmlNsPtr)cur;
- fprintf(output, "%d: %s=%s (%s:%s)\n", cur->type,
+ fprintf(output, XMLSEC_ENUM_FMT ": %s=%s (%s:%s)\n",
+ XMLSEC_ENUM_CAST(cur->type),
(ns->prefix) ? ns->prefix : BAD_CAST "null",
(ns->href) ? ns->href : BAD_CAST "null",
(((xmlNodePtr)ns->next)->ns &&
NULL =
EXTRA_DIST = \
- README \
+ README.md \
$(NULL)
lib_LTLIBRARIES = \
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/nss
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(libdir)"
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+am__objects_1 =
+am_libxmlsec1_nss_la_OBJECTS = libxmlsec1_nss_la-app.lo \
+ libxmlsec1_nss_la-bignum.lo libxmlsec1_nss_la-ciphers.lo \
+ libxmlsec1_nss_la-crypto.lo libxmlsec1_nss_la-digests.lo \
+ libxmlsec1_nss_la-hmac.lo libxmlsec1_nss_la-pkikeys.lo \
+ libxmlsec1_nss_la-signatures.lo libxmlsec1_nss_la-symkeys.lo \
+ libxmlsec1_nss_la-x509.lo libxmlsec1_nss_la-x509vfy.lo \
+ libxmlsec1_nss_la-keysstore.lo libxmlsec1_nss_la-keytrans.lo \
+ libxmlsec1_nss_la-kw_des.lo libxmlsec1_nss_la-kw_aes.lo \
+ $(am__objects_1)
+libxmlsec1_nss_la_OBJECTS = $(am_libxmlsec1_nss_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+libxmlsec1_nss_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+ $(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_nss_la_LDFLAGS) $(LDFLAGS) \
+ -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/libxmlsec1_nss_la-app.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-bignum.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-ciphers.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-crypto.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-digests.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-hmac.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-keysstore.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-keytrans.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-kw_aes.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-kw_des.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-pkikeys.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-signatures.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-symkeys.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-x509.Plo \
+ ./$(DEPDIR)/libxmlsec1_nss_la-x509vfy.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(libxmlsec1_nss_la_SOURCES)
+DIST_SOURCES = $(libxmlsec1_nss_la_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \
+ README.md
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+EXTRA_DIST = \
+ README.md \
+ $(NULL)
+
+lib_LTLIBRARIES = \
+ libxmlsec1-nss.la \
+ $(NULL)
+
+libxmlsec1_nss_la_CPPFLAGS = \
+ -DPACKAGE=\"@PACKAGE@\" \
+ -I../../include \
+ -I$(top_srcdir)/include \
+ $(XMLSEC_DEFINES) \
+ $(NSS_CFLAGS) \
+ $(LIBXSLT_CFLAGS) \
+ $(LIBXML_CFLAGS) \
+ $(NULL)
+
+libxmlsec1_nss_la_SOURCES = \
+ app.c \
+ bignum.c \
+ ciphers.c \
+ crypto.c \
+ digests.c \
+ hmac.c \
+ pkikeys.c \
+ signatures.c \
+ symkeys.c \
+ x509.c \
+ x509vfy.c \
+ keysstore.c \
+ keytrans.c \
+ kw_des.c \
+ kw_aes.c \
+ globals.h \
+ $(NULL)
+
+libxmlsec1_nss_la_LIBADD = \
+ $(NSS_LIBS) \
+ $(LIBXSLT_LIBS) \
+ $(LIBXML_LIBS) \
+ ../libxmlsec1.la \
+ $(NULL)
+
+libxmlsec1_nss_la_DEPENDENCIES = \
+ $(NULL)
+
+libxmlsec1_nss_la_LDFLAGS = \
+ @XMLSEC_CRYPTO_EXTRA_LDFLAGS@ \
+ -version-info @XMLSEC_VERSION_INFO@ \
+ $(NULL)
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/nss/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign src/nss/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+ }
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+
+libxmlsec1-nss.la: $(libxmlsec1_nss_la_OBJECTS) $(libxmlsec1_nss_la_DEPENDENCIES) $(EXTRA_libxmlsec1_nss_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(libxmlsec1_nss_la_LINK) -rpath $(libdir) $(libxmlsec1_nss_la_OBJECTS) $(libxmlsec1_nss_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-app.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-bignum.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-ciphers.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-crypto.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-digests.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-hmac.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-keysstore.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-keytrans.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-kw_aes.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-kw_des.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-pkikeys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-signatures.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-symkeys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-x509.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-x509vfy.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+ @$(MKDIR_P) $(@D)
+ @echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+libxmlsec1_nss_la-app.lo: app.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-app.Tpo -c -o libxmlsec1_nss_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-app.Tpo $(DEPDIR)/libxmlsec1_nss_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='app.c' object='libxmlsec1_nss_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+
+libxmlsec1_nss_la-bignum.lo: bignum.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-bignum.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-bignum.Tpo -c -o libxmlsec1_nss_la-bignum.lo `test -f 'bignum.c' || echo '$(srcdir)/'`bignum.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-bignum.Tpo $(DEPDIR)/libxmlsec1_nss_la-bignum.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='bignum.c' object='libxmlsec1_nss_la-bignum.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-bignum.lo `test -f 'bignum.c' || echo '$(srcdir)/'`bignum.c
+
+libxmlsec1_nss_la-ciphers.lo: ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-ciphers.Tpo -c -o libxmlsec1_nss_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_nss_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ciphers.c' object='libxmlsec1_nss_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+
+libxmlsec1_nss_la-crypto.lo: crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-crypto.Tpo -c -o libxmlsec1_nss_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-crypto.Tpo $(DEPDIR)/libxmlsec1_nss_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='crypto.c' object='libxmlsec1_nss_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+
+libxmlsec1_nss_la-digests.lo: digests.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-digests.Tpo -c -o libxmlsec1_nss_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-digests.Tpo $(DEPDIR)/libxmlsec1_nss_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='digests.c' object='libxmlsec1_nss_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+
+libxmlsec1_nss_la-hmac.lo: hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-hmac.Tpo -c -o libxmlsec1_nss_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-hmac.Tpo $(DEPDIR)/libxmlsec1_nss_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='hmac.c' object='libxmlsec1_nss_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+
+libxmlsec1_nss_la-pkikeys.lo: pkikeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-pkikeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-pkikeys.Tpo -c -o libxmlsec1_nss_la-pkikeys.lo `test -f 'pkikeys.c' || echo '$(srcdir)/'`pkikeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-pkikeys.Tpo $(DEPDIR)/libxmlsec1_nss_la-pkikeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='pkikeys.c' object='libxmlsec1_nss_la-pkikeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-pkikeys.lo `test -f 'pkikeys.c' || echo '$(srcdir)/'`pkikeys.c
+
+libxmlsec1_nss_la-signatures.lo: signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-signatures.Tpo -c -o libxmlsec1_nss_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-signatures.Tpo $(DEPDIR)/libxmlsec1_nss_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='signatures.c' object='libxmlsec1_nss_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+
+libxmlsec1_nss_la-symkeys.lo: symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-symkeys.Tpo -c -o libxmlsec1_nss_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_nss_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='symkeys.c' object='libxmlsec1_nss_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+
+libxmlsec1_nss_la-x509.lo: x509.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-x509.Tpo -c -o libxmlsec1_nss_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-x509.Tpo $(DEPDIR)/libxmlsec1_nss_la-x509.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509.c' object='libxmlsec1_nss_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+
+libxmlsec1_nss_la-x509vfy.lo: x509vfy.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-x509vfy.Tpo -c -o libxmlsec1_nss_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_nss_la-x509vfy.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509vfy.c' object='libxmlsec1_nss_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+
+libxmlsec1_nss_la-keysstore.lo: keysstore.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-keysstore.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-keysstore.Tpo -c -o libxmlsec1_nss_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-keysstore.Tpo $(DEPDIR)/libxmlsec1_nss_la-keysstore.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='keysstore.c' object='libxmlsec1_nss_la-keysstore.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+
+libxmlsec1_nss_la-keytrans.lo: keytrans.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-keytrans.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-keytrans.Tpo -c -o libxmlsec1_nss_la-keytrans.lo `test -f 'keytrans.c' || echo '$(srcdir)/'`keytrans.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-keytrans.Tpo $(DEPDIR)/libxmlsec1_nss_la-keytrans.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='keytrans.c' object='libxmlsec1_nss_la-keytrans.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-keytrans.lo `test -f 'keytrans.c' || echo '$(srcdir)/'`keytrans.c
+
+libxmlsec1_nss_la-kw_des.lo: kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-kw_des.Tpo -c -o libxmlsec1_nss_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_nss_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_des.c' object='libxmlsec1_nss_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+
+libxmlsec1_nss_la-kw_aes.lo: kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-kw_aes.Tpo -c -o libxmlsec1_nss_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_nss_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_aes.c' object='libxmlsec1_nss_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(libdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-bignum.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-keysstore.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-keytrans.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-pkikeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-symkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-x509.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-x509vfy.Plo
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-bignum.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-keysstore.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-keytrans.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-pkikeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-symkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-x509.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_nss_la-x509vfy.Plo
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-libLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+ clean-generic clean-libLTLIBRARIES clean-libtool cscopelist-am \
+ ctags ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
+++ /dev/null
-WHAT VERSION OF NSS?
-------------------------------------------------------------------------
-NSS 3.11.1 or greater and NSPR 4.4.1 or greater are required.
-
-KEYS MANAGER
-------------------------------------------------------------------------
-
-xmlsec-nss key manager uses a custom Keys Store, and a custom X509 Store.
-The custom Keys Store and the X509 Store use the NSS database as the underlying
-store for public/private keys, Certs and CRLs.
-
-The NSS Keys store uses the Simple Keys Store on top of the NSS repository.
-The reason for this is that XMLSEC's generic adoptkey/getKey functions use a
-XMLSEC key object that contains more attributes than the raw NSS key object,
-and the getkey function may use a combination of one or more of these attributes
-(name, type, usage, Id) to find a key. There is no straightforward 1-1 mapping
-between XMLSEC's adoptkey/getkey and NSS's APIs.
-
-For example, the store may be asked to adopt a symmetric key, and later asked
-to find it just by name. Or the store may be asked to adopt a private key
-just by its type, and later asked to find it just by type. The key returned
-by getKey is expected to contain all the attributes that were present at the
-time of adoptkey - NSS store does not provide a way to store app-specific
-attributes.
-
-When a key is adopted by the NSS Keys Store, it is simply saved in the
-Simple Keys Store. It is not saved into the NSS database. The only
-way to load keys into the NSS database is with a load operation through
-the XMLSEC API or via an administrator operation.
-
-When a getKey is done on the NSS Keys Store, it first checks the Simple
-Keys Store. If the key is found there, it is returned. If not, the key
-is searched in the NSS database. If found, the key is stored in the
-Simple Keys Store before it is returned.
-
-
-Thus, the various sources for keys/certs/crls for an XMLSEC-NSS application
-are:
-- elements in XML documents
-- PKCS12 and DER files
-- NSS Database
-
-
-KNOWN ISSUES
-------------------------------------------------------------------------
-1) NSS needs to provide a way to convert a DER integer string to an ASCII
-decimal string. Once NSS is fixed, the function xmlSecNssASN1IntegerWrite
-in src/nss/x509.c needs to be implemented.
- NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=212864
- xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118633
-
-2) RSA Encryption/Decryption using PKCS#1 v1.5 padding not currently exposed
-in NSS. This causes some tests to fail.
-
- NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=214236
- xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118628
-
-3) RSA-OAEP is not yet implemented in NSS. This is the only REQUIRED algorithm
-that is missing from xmlsec-nss.
-
- NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=158747
- xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118629
-
-4) CERT_FindCertByNameString does not work in all cases
-
- NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=210709
- xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118631
-
-5) CERT_FindCertBySubjectKeyID does not work in all cases
-
- NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=211051
- xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118632
-
-6) Finding a cert by Issuer & Serial Number needs the ability to
-convert an ASCII decimal string to a DER integer string. Filed
-an RFE against NSS. Once fixed, xmlSecNumToItem in x509vfy.c
-needs to be changed to use the new function(s) provided
-
- NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=212864
- xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118633
-
-7) RIPEMD160 Digest and RIPEMD160 HMAC is not supported by NSS
-
- xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118634
-
-8) AES Key wrap algorithm is implemented in NSS but not exposed due to
-some bug src/nss/kw_aes.c uses a workaround which should be removed
-when the bug is fixed
-
- NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=213795
- xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118635
-
-9) Not all file formats are supported
-
-- xmlSecNssAppKeyLoad(): This function loads a PKI key from a file.
- The following formats are supported:
- . xmlSecKeyDataFormatDer: This expects the private key to be in
- PrivateKeyInfo format. Note that the DER files containing
- private keys in the xmlsec test suite aren't in that format
- . xmlsecKeyDataFormatPkcs12
-
- The following formats are not supported:
- . xmlSecKeyDataFormatPkcs8Pem
- . xmlSecKeyDataFormatPkcs8Der
-
-
-- xmlSecNssAppCertLoad(): This function loads a cert from a file.
- The following formats are supported:
- xmlSecKeyDataFormatDer
-
- The following formats are not supported:
- xmlSecKeyDataFormatPem
-
-10) "Trusted" vs "Untrusted" certificates:
-The distinction between "trusted" and "untrusted" certificates in
-xmlsec-openssl is maintained because the OPENSSL application (and
-not the OPENSSL library) has to maintain a cert store and verify
-certificates. With NSS, no such distinction is necessary in the
-application.
-
-Aleksey: Not sure that I understand this point but thats what Tej wrote.
-
-11) NSS doesn't support emailAddress in the cert subject. There is a hack
-that needs to be removed in xmlSecNssX509FindCert function (x509vfy.c):
-
-https://bugzilla.mozilla.org/show_bug.cgi?id=561689
-
-12) CRLs from xml document support is not working at all.
--- /dev/null
+# XMLSec Library: XMLSEC-NSS
+
+## What version of NSS?
+NSS 3.50.1 or greater and NSPR 4.25.1 or greater are required.
+
+## Keys manager
+
+`xmlsec-nss` key manager uses a custom Keys Store, and a custom X509 Store.
+The custom Keys Store and the X509 Store use the NSS database as the underlying
+store for public/private keys, Certs and CRLs.
+
+The NSS Keys store uses the XMLSEC Simple Keys Store on top of the NSS repository.
+The reason for this is that XMLSEC's generic adoptkey/getKey functions use a
+XMLSEC key object that contains more attributes than the raw NSS key object,
+and the getkey function may use a combination of one or more of these attributes
+(name, type, usage, Id) to find a key. There is no straightforward 1-1 mapping
+between XMLSEC's adoptkey/getkey and NSS's APIs.
+
+For example, the store may be asked to adopt a symmetric key, and later asked
+to find it just by name. Or the store may be asked to adopt a private key
+just by its type, and later asked to find it just by type. The key returned
+by getKey is expected to contain all the attributes that were present at the
+time of adoptkey - NSS store does not provide a way to store app-specific
+attributes.
+
+When a key is adopted by the NSS Keys Store, it is simply saved in the
+XMLSEC Simple Keys Store. It is not saved into the NSS database. The only
+way to load keys into the NSS database is with a load operation through
+the XMLSEC API or via an administrator operation.
+
+When a getKey is done on the NSS Keys Store, it first checks the Simple
+Keys Store. If the key is found there, it is returned. If not, the key
+is searched in the NSS database. If found, the key is stored in the
+Simple Keys Store before it is returned.
+
+
+Thus, the various sources for keys/certs/crls for an XMLSEC-NSS application
+are:
+- elements in XML documents
+- PKCS12 and DER files
+- NSS Database
+
+
+## Known issues / limitations
+
+1) NSS needs to provide a way to convert a DER integer string to an ASCII
+decimal string. Once NSS is fixed, the function xmlSecNssASN1IntegerWrite
+in src/nss/x509.c needs to be implemented. Also see:
+ - [NSS bug](http://bugzilla.mozilla.org/show_bug.cgi?id=212864)
+ - [xmlsec bug](http://bugzilla.gnome.org/show_bug.cgi?id=118633)
+
+2) RSA Encryption/Decryption using PKCS#1 v1.5 padding not currently exposed
+in NSS. This causes some tests to fail. Also see:
+ - [NSS bug](http://bugzilla.mozilla.org/show_bug.cgi?id=214236)
+ - [xmlsec bug](https://github.com/lsh123/xmlsec/issues/1)
+
+3) RSA-OAEP is not yet implemented in NSS. This is the only REQUIRED algorithm
+that is missing from xmlsec-nss. Also see:
+ - [NSS bug](http://bugzilla.mozilla.org/show_bug.cgi?id=158747)
+ - [xmlsec bug](https://github.com/lsh123/xmlsec/issues/2)
+
+4) `CERT_FindCertByNameString` does not work in all cases. Also see:
+ - [NSS bug](http://bugzilla.mozilla.org/show_bug.cgi?id=210709)
+ - [xmlsec bug](https://github.com/lsh123/xmlsec/issues/3)
+
+5) `CERT_FindCertBySubjectKeyID` does not work in all cases. Also see:
+ - [NSS bug](http://bugzilla.mozilla.org/show_bug.cgi?id=211051)
+ - [xmlsec bug](https://github.com/lsh123/xmlsec/issues/4)
+
+6) Finding a cert by Issuer & Serial Number needs the ability to
+convert an ASCII decimal string to a DER integer string. Filed
+an RFE against NSS. Once fixed, `xmlSecNssNumToItem` in `nss/x509vfy.c`
+needs to be changed to use the new function(s) provided. Also see:
+ - [NSS bug](http://bugzilla.mozilla.org/show_bug.cgi?id=212864)
+ - [xmlsec bug](http://bugzilla.gnome.org/show_bug.cgi?id=118633)
+
+7) RIPEMD160 Digest and RIPEMD160 HMAC is not supported by NSS. These
+algorithms are obsolete and there are no plans to support those in xmlsec.
+Also see:
+ - [xmlsec bug](https://github.com/lsh123/xmlsec/issues/5)
+
+8) AES Key wrap algorithm is implemented in NSS but not exposed due to
+some bug src/nss/kw_aes.c uses a workaround which should be removed
+when the bug is fixed. Also see:
+ - [NSS bug](http://bugzilla.mozilla.org/show_bug.cgi?id=213795)
+ - [xmlsec bug](https://github.com/lsh123/xmlsec/issues/6)
+
+9) AES-GCM algorithms are not supported properly in NSS. Also see:
+ - [NSS bug](https://bugzilla.mozilla.org/show_bug.cgi?id=1501854)
+ - [xmlsec bug](https://github.com/lsh123/xmlsec/issues/233)
+
+10) Not all file formats are supported
+ - `xmlSecNssAppKeyLoad()`: This function loads a PKI key from a file.
+ - `xmlSecKeyDataFormatDer`: supported (note that `xmlsec-nss` expects
+ private key in DER file to be in PrivateKeyInfo format and private keys
+ in the xmlsec test suite aren't in that format);
+ - `xmlsecKeyDataFormatPkcs12`: supported;
+ - `xmlSecKeyDataFormatPkcs8Pem`: NOT supported
+ - `xmlSecKeyDataFormatPkcs8Der`: NOT supported
+
+ - `xmlSecNssAppCertLoad()`: This function loads an X509 cert from a file.
+ - `xmlSecKeyDataFormatDer`: supported
+ - `xmlSecKeyDataFormatPem`: NOT supported
+
+11) The distinction between "trusted" and "untrusted" certificates in
+xmlsec-openssl is maintained because the OPENSSL application (and
+not the OPENSSL library) has to maintain a cert store and verify
+certificates. With NSS, no such distinction is necessary in the
+application. (Note from Aleksey: Not sure that I understand this point but thats
+what Tej wrote).
+
+12) NSS doesn't support `emailAddress` in the cert subject. There is a hack
+that needs to be removed in `xmlSecNssX509FindCert` function (`nss/x509vfy.c`).
+ Also see:
+ - [NSS bug](https://bugzilla.mozilla.org/show_bug.cgi?id=561689)
+
+13) CRLs from xml document support is not working at all.
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
/**
#include <xmlsec/nss/pkikeys.h>
#include <xmlsec/nss/keysstore.h>
+#include "../cast_helpers.h"
+
/* workaround - NSS exports this but doesn't declare it */
extern CERTCertificate * __CERT_NewTempCertificate (CERTCertDBHandle *handle,
SECItem *derCert,
static int
xmlSecNssAppCreateSECItem(SECItem *contents, const xmlSecByte* data, xmlSecSize dataSize) {
+ unsigned int dataLen;
+
xmlSecAssert2(contents != NULL, -1);
xmlSecAssert2(data != NULL, -1);
contents->data = 0;
- if (!SECITEM_AllocItem(NULL, contents, dataSize)) {
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(dataSize, dataLen, return(-1), NULL);
+ if (!SECITEM_AllocItem(NULL, contents, dataLen)) {
xmlSecNssError("SECITEM_AllocItem", NULL);
return(-1);
}
- if(dataSize > 0) {
+ if(dataLen > 0) {
xmlSecAssert2(contents->data != NULL, -1);
- memcpy(contents->data, data, dataSize);
+ memcpy(contents->data, data, dataLen);
}
return (0);
PRFileDesc *file = NULL;
PRInt32 numBytes;
PRStatus prStatus;
+ unsigned int ulen;
int ret = -1;
xmlSecAssert2(contents != NULL, -1);
"filename=%s", xmlSecErrorsSafeString(fn));
goto done;
}
+ XMLSEC_SAFE_CAST_INT_TO_UINT(info.size, ulen, goto done, NULL);
contents->data = 0;
- if (!SECITEM_AllocItem(NULL, contents, info.size)) {
+ if (!SECITEM_AllocItem(NULL, contents, ulen)) {
xmlSecNssError("SECITEM_AllocItem", NULL);
goto done;
}
break;
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(NULL);
}
*/
int
xmlSecNssAppKeyCertLoadSECItem(xmlSecKeyPtr key, SECItem* secItem, xmlSecKeyDataFormat format) {
- CERTCertificate *cert=NULL;
+ CERTCertificate *cert = NULL;
+ CERTCertificate *keyCert = NULL;
xmlSecKeyDataPtr data;
int ret;
+ int res = -1;
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(secItem != NULL, -1);
data = xmlSecKeyEnsureData(key, xmlSecNssKeyDataX509Id);
if(data == NULL) {
xmlSecInternalError("xmlSecKeyEnsureData(xmlSecNssKeyDataX509Id)", NULL);
- return(-1);
+ goto done;
}
+ /* read cert */
switch(format) {
case xmlSecKeyDataFormatPkcs8Der:
case xmlSecKeyDataFormatDer:
cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
secItem, NULL, PR_FALSE, PR_TRUE);
if(cert == NULL) {
- xmlSecNssError2("__CERT_NewTempCertificate", NULL,
- "format=%d", (int)format);
- return(-1);
+ xmlSecNssError2("__CERT_NewTempCertificate", xmlSecKeyDataGetName(data),
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
+ goto done;
}
break;
default:
- xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
- return(-1);
+ xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, xmlSecKeyDataGetName(data),
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
+ goto done;
}
-
xmlSecAssert2(cert != NULL, -1);
+
+ /* make a copy for key cert */
+ keyCert = CERT_DupCertificate(cert);
+ if(keyCert == NULL) {
+ xmlSecNssError("CERT_DupCertificate", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ /* add both cert and key cert in the data */
ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
if(ret < 0) {
- xmlSecInternalError("xmlSecNssKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CERT_DestroyCertificate(cert);
- return(-1);
+ xmlSecInternalError("xmlSecNssKeyDataX509AdoptCert", xmlSecKeyDataGetName(data));
+ goto done;
}
+ cert = NULL; /* owned by data now */
- return(0);
+ ret = xmlSecNssKeyDataX509AdoptKeyCert(data, keyCert);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssKeyDataX509AdoptKeyCert", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ keyCert = NULL; /* owned by data now */
+
+ /* success */
+ res = 0;
+
+done:
+ if(cert != NULL) {
+ CERT_DestroyCertificate(cert);
+ }
+ if(keyCert != NULL) {
+ CERT_DestroyCertificate(keyCert);
+ }
+ return(res);
}
/**
CERTCertificate *cert = NULL;
CERTCertificate *tmpcert = NULL;
SEC_PKCS12DecoderContext *p12ctx = NULL;
-
+ size_t pwdSize;
xmlSecAssert2((secItem != NULL), NULL);
}
pwditem.data = (unsigned char *)pwd;
- pwditem.len = strlen(pwd)+1;
+ pwdSize = strlen(pwd) + 1;
+ XMLSEC_SAFE_CAST_SIZE_T_TO_UINT(pwdSize, pwditem.len, goto done, NULL);
+
if (!SECITEM_AllocItem(NULL, &uc2_pwditem, 2*pwditem.len)) {
xmlSecNssError("SECITEM_AllocItem", NULL);
goto done;
*/
xmlSecKeyPtr
xmlSecNssAppKeyFromCertLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format) {
- xmlSecKeyPtr key;
- xmlSecKeyDataPtr keyData;
+ xmlSecKeyPtr key = NULL;
+ xmlSecKeyDataPtr keyData = NULL;
xmlSecKeyDataPtr certData;
- CERTCertificate *cert=NULL;
+ CERTCertificate *cert = NULL;
+ CERTCertificate *keyCert = NULL;
int ret;
+ xmlSecKeyPtr res = NULL;
xmlSecAssert2(secItem != NULL, NULL);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
switch(format) {
case xmlSecKeyDataFormatCertDer:
cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- secItem, NULL, PR_FALSE, PR_TRUE);
+ secItem, NULL, PR_FALSE, PR_TRUE);
if(cert == NULL) {
xmlSecNssError2("__CERT_NewTempCertificate", NULL,
- "format=%d", (int)format);
- return(NULL);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
+ goto done;
}
break;
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
- return(NULL);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
+ goto done;
}
/* get key value */
keyData = xmlSecNssX509CertGetKey(cert);
if(keyData == NULL) {
xmlSecInternalError("xmlSecNssX509CertGetKey", NULL);
- CERT_DestroyCertificate(cert);
- return(NULL);
+ goto done;
}
/* create key */
key = xmlSecKeyCreate();
if(key == NULL) {
xmlSecInternalError("xmlSecKeyCreate", NULL);
- xmlSecKeyDataDestroy(keyData);
- CERT_DestroyCertificate(cert);
- return(NULL);
+ goto done;
+ }
+
+ /* make a copy for key cert */
+ keyCert = CERT_DupCertificate(cert);
+ if(keyCert == NULL) {
+ xmlSecNssError("CERT_DupCertificate", NULL);
+ goto done;
}
/* set key value */
ret = xmlSecKeySetValue(key, keyData);
if(ret < 0) {
xmlSecInternalError("xmlSecKeySetValue", NULL);
- xmlSecKeyDestroy(key);
- xmlSecKeyDataDestroy(keyData);
- CERT_DestroyCertificate(cert);
- return(NULL);
+ goto done;
}
+ keyData = NULL; /* owned by key now */
/* create cert data */
certData = xmlSecKeyEnsureData(key, xmlSecNssKeyDataX509Id);
if(certData == NULL) {
xmlSecInternalError("xmlSecKeyEnsureData", NULL);
- xmlSecKeyDestroy(key);
- CERT_DestroyCertificate(cert);
- return(NULL);
+ goto done;
}
- /* put cert in the cert data */
+ /* put cert and key cert in the cert data */
ret = xmlSecNssKeyDataX509AdoptCert(certData, cert);
if(ret < 0) {
xmlSecInternalError("xmlSecNssKeyDataX509AdoptCert", NULL);
+ goto done;
+ }
+ cert = NULL; /* owned by data now */
+
+ ret = xmlSecNssKeyDataX509AdoptKeyCert(certData, keyCert);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssKeyDataX509AdoptKeyCert", NULL);
+ goto done;
+ }
+ keyCert = NULL; /* owned by data now */
+
+ /* success */
+ res = key;
+ key = NULL;
+
+
+done:
+ if(key != NULL) {
xmlSecKeyDestroy(key);
+ }
+ if(keyData != NULL) {
+ xmlSecKeyDataDestroy(keyData);
+ }
+ if(cert != NULL) {
CERT_DestroyCertificate(cert);
- return(NULL);
+ }
+ if(keyCert != NULL) {
+ CERT_DestroyCertificate(keyCert);
}
- return(key);
+ return(res);
}
secItem, NULL, PR_FALSE, PR_TRUE);
if(cert == NULL) {
xmlSecNssError2("__CERT_NewTempCertificate", NULL,
- "format=%d", (int)format);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(-1);
}
break;
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(-1);
}
#include <nss.h>
#include <secitem.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
#include <xmlsec/xmltree.h>
#include <xmlsec/buffer.h>
#include <xmlsec/nss/crypto.h>
#include <xmlsec/nss/bignum.h>
+#include "../cast_helpers.h"
+
/**
* xmlSecNssNodeGetBigNumValue:
* @arena: the arena from which to allocate memory
* @cur: the pointer to an XML node.
* @a: a SECItem object to hold the BigNum value
*
- * Converts the node content from CryptoBinary format
+ * DEPRECATED. Converts the node content from CryptoBinary format
* (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
* to a SECItem. If no SECItem object provided then a new
* one is created (caller is responsible for freeing it).
xmlSecNssNodeGetBigNumValue(PRArenaPool *arena, const xmlNodePtr cur,
SECItem *a) {
xmlSecBuffer buf;
+ int bufInitialized = 0;
int ret;
- SECItem *rv;
+ SECItem *rv = NULL;
+ xmlSecSize size;
+ unsigned int ulen;
int len;
xmlSecAssert2(arena != NULL, NULL);
ret = xmlSecBufferInitialize(&buf, 128);
if(ret < 0) {
xmlSecInternalError("xmlSecBufferInitialize", NULL);
- return(NULL);
+ goto done;
}
+ bufInitialized = 1;
ret = xmlSecBufferBase64NodeContentRead(&buf, cur);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferBase64NodeContentRead", NULL);
- xmlSecBufferFinalize(&buf);
- return(NULL);
+ xmlSecInternalError("xmlSecBufferBase66NodeContentRead", NULL);
+ goto done;
}
- len = xmlSecBufferGetSize(&buf);
+ size = xmlSecBufferGetSize(&buf);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(size, len, goto done, NULL);
+ XMLSEC_SAFE_CAST_INT_TO_UINT(len, ulen, goto done, NULL);
if (a == NULL) {
- rv = SECITEM_AllocItem(arena, NULL, len);
+ rv = SECITEM_AllocItem(arena, NULL, ulen);
} else {
rv = a;
xmlSecAssert2(rv->data == NULL, NULL);
- rv->len = len;
- rv->data = PORT_ArenaZAlloc(arena, len);
+ rv->len = ulen;
+ rv->data = PORT_ArenaZAlloc(arena, ulen);
}
+ PORT_Memcpy(rv->data, xmlSecBufferGetData(&buf), ulen);
- PORT_Memcpy(rv->data, xmlSecBufferGetData(&buf), len);
-
- xmlSecBufferFinalize(&buf);
+done:
+ if(bufInitialized) {
+ xmlSecBufferFinalize(&buf);
+ }
return(rv);
}
* linebreaks will be added before and after
* new buffer content.
*
- * Converts SECItem to CryptoBinary string
+ * DEPRECATED. Converts SECItem to CryptoBinary string
* (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
* and sets it as the content of the given node. If the
* addLineBreaks is set then line breaks are added
ret = xmlSecBufferInitialize(&buf, a->len + 1);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize", NULL, "size=%d", a->len + 1);
+ xmlSecInternalError2("xmlSecBufferInitialize", NULL,
+ "size=%u", (a->len + 1));
return(-1);
}
ret = xmlSecBufferSetSize(&buf, a->len);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d", a->len);
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=%u", a->len);
xmlSecBufferFinalize(&buf);
return(-1);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
/**
#include <xmlsec/nss/crypto.h>
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+
#define XMLSEC_NSS_MAX_KEY_SIZE 32
#define XMLSEC_NSS_MAX_IV_SIZE 32
#define XMLSEC_NSS_MAX_BLOCK_SIZE 32
PK11SlotInfo* slot;
PK11SymKey* symKey;
int ivLen;
+ xmlSecSize ivSize;
SECStatus rv;
int ret;
xmlSecAssert2(transformCtx != NULL, -1);
ivLen = PK11_GetIVLength(ctx->cipher);
- xmlSecAssert2(ivLen > 0, -1);
- xmlSecAssert2((xmlSecSize)ivLen <= sizeof(ctx->iv), -1);
+ xmlSecAssert2(ivLen >= 0, -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ivLen, ivSize, return(-1), NULL);
+ xmlSecAssert2(ivSize <= sizeof(ctx->iv), -1);
if(encrypt) {
/* generate random iv */
rv = PK11_GenerateRandom(ctx->iv, ivLen);
if(rv != SECSuccess) {
- xmlSecNssError2("PK11_GenerateRandom", cipherName,
- "size=%d", ivLen);
+ xmlSecNssError2("PK11_GenerateRandom", cipherName, "size=%d", ivLen);
return(-1);
}
/* write iv to the output */
- ret = xmlSecBufferAppend(out, ctx->iv, ivLen);
+ ret = xmlSecBufferAppend(out, ctx->iv, ivSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend", cipherName,
- "size=%d", ivLen);
+ xmlSecInternalError2("xmlSecBufferAppend", cipherName, "size=%d", ivLen);
return(-1);
}
} else {
/* if we don't have enough data, exit and hope that
* we'll have iv next time */
- if(xmlSecBufferGetSize(in) < (xmlSecSize)ivLen) {
+ if(xmlSecBufferGetSize(in) < ivSize) {
return(0);
}
/* copy iv to our buffer*/
xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
- memcpy(ctx->iv, xmlSecBufferGetData(in), ivLen);
+ memcpy(ctx->iv, xmlSecBufferGetData(in), ivSize);
/* and remove from input */
- ret = xmlSecBufferRemoveHead(in, ivLen);
+ ret = xmlSecBufferRemoveHead(in, ivSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", ivLen);
+ "size=" XMLSEC_SIZE_FMT, ivSize);
return(-1);
}
}
memset(&keyItem, 0, sizeof(keyItem));
keyItem.data = ctx->key;
- keyItem.len = ctx->keySize;
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(ctx->keySize, keyItem.len, return(-1), NULL);
+
memset(&ivItem, 0, sizeof(ivItem));
ivItem.data = ctx->iv;
- ivItem.len = ivLen;
+ XMLSEC_SAFE_CAST_INT_TO_UINT(ivLen, ivItem.len, return(-1), NULL);
slot = PK11_GetBestSlot(ctx->cipher, NULL);
if(slot == NULL) {
int encrypt,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
- xmlSecSize inSize, inBlocks, outSize;
- int blockLen;
+ xmlSecSize inSize, inBlocks, blockSize, outSize, outSize2;
+ int blockLen, maxOutLen, inLen;
int outLen = 0;
+ const xmlSecByte* inBuf;
xmlSecByte* outBuf;
SECStatus rv;
int ret;
blockLen = PK11_GetBlockSize(ctx->cipher, NULL);
xmlSecAssert2(blockLen > 0, -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(blockLen, blockSize, return(-1), NULL);
inSize = xmlSecBufferGetSize(in);
outSize = xmlSecBufferGetSize(out);
- if(inSize < (xmlSecSize)blockLen) {
+ if(inSize < blockSize) {
return(0);
}
if(encrypt) {
- inBlocks = inSize / ((xmlSecSize)blockLen);
+ inBlocks = inSize / blockSize;
} else {
/* we want to have the last block in the input buffer
* for padding check */
- inBlocks = (inSize - 1) / ((xmlSecSize)blockLen);
+ inBlocks = (inSize - 1) / blockSize;
}
- inSize = inBlocks * ((xmlSecSize)blockLen);
+ inSize = inBlocks * blockSize;
/* we write out the input size plus may be one block */
- ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen);
+ ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", outSize + inSize + blockLen);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
+ "size=" XMLSEC_SIZE_FMT, (outSize + inSize + blockSize));
return(-1);
}
- outBuf = xmlSecBufferGetData(out) + outSize;
- rv = PK11_CipherOp(ctx->cipherCtx, outBuf, &outLen, inSize + blockLen,
- xmlSecBufferGetData(in), inSize);
+ inBuf = xmlSecBufferGetData(in);
+ outBuf = xmlSecBufferGetData(out) + outSize;
+ XMLSEC_SAFE_CAST_SIZE_TO_INT((inSize + blockSize), maxOutLen, return(-1), NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, return(-1), NULL);
+ rv = PK11_CipherOp(ctx->cipherCtx, outBuf, &outLen, maxOutLen, inBuf, inLen);
if(rv != SECSuccess) {
xmlSecNssError("PK11_CipherOp", cipherName);
return(-1);
}
- xmlSecAssert2((xmlSecSize)outLen == inSize, -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(outLen, outSize2, return(-1), NULL);
+ xmlSecAssert2(outSize2 == inSize, -1);
/* set correct output buffer size */
- ret = xmlSecBufferSetSize(out, outSize + outLen);
+ ret = xmlSecBufferSetSize(out, outSize + outSize2);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", outSize + outLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + outSize2));
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
return(0);
int encrypt,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
- xmlSecSize inSize, outSize;
- int blockLen, outLen = 0;
+ xmlSecSize inSize, outSize, outSize2, blockSize;
+ int blockLen, maxOutLen, inLen;
+ int outLen = 0;
xmlSecByte* inBuf;
xmlSecByte* outBuf;
SECStatus rv;
blockLen = PK11_GetBlockSize(ctx->cipher, NULL);
xmlSecAssert2(blockLen > 0, -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(blockLen, blockSize, return(-1), NULL);
inSize = xmlSecBufferGetSize(in);
outSize = xmlSecBufferGetSize(out);
if(encrypt != 0) {
- xmlSecAssert2(inSize < (xmlSecSize)blockLen, -1);
+ xmlSecAssert2(inSize < blockSize, -1);
/* create padding */
- ret = xmlSecBufferSetMaxSize(in, blockLen);
+ ret = xmlSecBufferSetMaxSize(in, blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", blockLen);
+ "size=" XMLSEC_SIZE_FMT, blockSize);
return(-1);
}
inBuf = xmlSecBufferGetData(in);
/* generate random padding */
- if((xmlSecSize)blockLen > (inSize + 1)) {
- rv = PK11_GenerateRandom(inBuf + inSize, blockLen - inSize - 1);
+ if(blockSize > (inSize + 1)) {
+ xmlSecSize padSize = blockSize - inSize - 1;
+ int padLen;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(padSize, padLen, return(-1), NULL);
+ rv = PK11_GenerateRandom(inBuf + inSize, padLen);
if(rv != SECSuccess) {
xmlSecNssError2("PK11_GenerateRandom", cipherName,
- "size=%d", ((int)blockLen - inSize - 1));
+ "size=" XMLSEC_SIZE_FMT, (blockSize - inSize - 1));
return(-1);
}
}
- inBuf[blockLen - 1] = blockLen - inSize;
- inSize = blockLen;
+ xmlSecAssert2(blockSize - inSize < 256, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_BYTE((blockSize - inSize), inBuf[blockSize - 1], return(-1), cipherName);
+ inSize = blockSize;
} else {
- if(inSize != (xmlSecSize)blockLen) {
- xmlSecInvalidSizeError("Input data", inSize, blockLen, cipherName);
+ if(inSize != blockSize) {
+ xmlSecInvalidSizeError("Input data", inSize, blockSize, cipherName);
return(-1);
}
}
/* process last block */
- ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockLen);
+ ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize", cipherName,
- "size=%d", outSize + 2 * blockLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + 2 * blockSize));
return(-1);
}
+
+ inBuf = xmlSecBufferGetData(in);
outBuf = xmlSecBufferGetData(out) + outSize;
+ XMLSEC_SAFE_CAST_SIZE_TO_INT((2 * blockSize), maxOutLen, return(-1), NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, return(-1), NULL);
- rv = PK11_CipherOp(ctx->cipherCtx, outBuf, &outLen, 2 * blockLen,
- xmlSecBufferGetData(in), inSize);
+ rv = PK11_CipherOp(ctx->cipherCtx, outBuf, &outLen, maxOutLen, inBuf, inLen);
if(rv != SECSuccess) {
xmlSecNssError("PK11_CipherOp", cipherName);
return(-1);
}
- xmlSecAssert2((xmlSecSize)outLen == inSize, -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(outLen, outSize2, return(-1), NULL);
+ xmlSecAssert2(outSize2 == inSize, -1);
+
+ rv = PK11_Finalize(ctx->cipherCtx);
+ if(rv != SECSuccess) {
+ xmlSecNssError("PK11_Finalize", cipherName);
+ return(-1);
+ }
if(encrypt == 0) {
+ xmlSecByte padding;
+
/* check padding */
- if(outLen < outBuf[blockLen - 1]) {
+ padding = outBuf[blockLen - 1];
+ if(outSize2 < (xmlSecSize)(padding)) {
xmlSecInvalidSizeLessThanError("Input data padding",
- inSize, outBuf[blockLen - 1], cipherName);
+ inSize, (xmlSecSize)(padding), cipherName);
return(-1);
}
- outLen -= outBuf[blockLen - 1];
+ outSize2 -= outBuf[blockLen - 1];
}
/* set correct output buffer size */
- ret = xmlSecBufferSetSize(out, outSize + outLen);
+ ret = xmlSecBufferSetSize(out, outSize + outSize2);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", outSize + outLen);
+ "size=" XMLSEC_SIZE_FMT, (outSize + outSize2));
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
*
* EVP Block Cipher transforms
*
- * xmlSecNssBlockCipherCtx block is located after xmlSecTransform structure
+ * xmlSecTransform + xmlSecNssBlockCipherCtx
*
*****************************************************************************/
-#define xmlSecNssBlockCipherSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecNssBlockCipherCtx))
-#define xmlSecNssBlockCipherGetCtx(transform) \
- ((xmlSecNssBlockCipherCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(NssBlockCipher, xmlSecNssBlockCipherCtx)
+#define xmlSecNssBlockCipherSize XMLSEC_TRANSFORM_SIZE(NssBlockCipher)
static int xmlSecNssBlockCipherInitialize (xmlSecTransformPtr transform);
static void xmlSecNssBlockCipherFinalize (xmlSecTransformPtr transform);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
/**
#include <xmlsec/nss/crypto.h>
#include <xmlsec/nss/x509.h>
+#include "../cast_helpers.h"
+
static xmlSecCryptoDLFunctionsPtr gXmlSecNssFunctions = NULL;
/**
int
xmlSecNssGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) {
SECStatus rv;
+ int len;
int ret;
xmlSecAssert2(buffer != NULL, -1);
ret = xmlSecBufferSetSize(buffer, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
/* get random data */
- rv = PK11_GenerateRandom((xmlSecByte*)xmlSecBufferGetData(buffer), size);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(size, len, return(-1), NULL);
+ rv = PK11_GenerateRandom((xmlSecByte*)xmlSecBufferGetData(buffer), len);
if(rv != SECSuccess) {
xmlSecNssError2("PK11_GenerateRandom", NULL,
- "size=%lu", (unsigned long)size);
+ "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
return(0);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
/**
#include <xmlsec/nss/app.h>
#include <xmlsec/nss/crypto.h>
+#include "../cast_helpers.h"
+
#define XMLSEC_NSS_MAX_DIGEST_SIZE 64
/**************************************************************************
*
* Digest transforms
*
- * xmlSecNssDigestCtx is located after xmlSecTransform
+ * xmlSecTransform + xmlSecNssDigestCtx
*
*****************************************************************************/
-#define xmlSecNssDigestSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecNssDigestCtx))
-#define xmlSecNssDigestGetCtx(transform) \
- ((xmlSecNssDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(NssDigest, xmlSecNssDigestCtx)
+#define xmlSecNssDigestSize XMLSEC_TRANSFORM_SIZE(NssDigest)
static int xmlSecNssDigestCheckId (xmlSecTransformPtr transform);
static int xmlSecNssDigestInitialize (xmlSecTransformPtr transform);
xmlSecAssert2(ctx->dgstSize > 0, -1);
if(dataSize != ctx->dgstSize) {
- xmlSecInvalidIntegerDataError2("dataSize", dataSize,
+ xmlSecInvalidSizeDataError2("dataSize", dataSize,
"dgstSize", ctx->dgstSize, "dataSize == dgstSize",
xmlSecTransformGetName(transform));
transform->status = xmlSecTransformStatusFail;
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
- rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
+ unsigned int inLen;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(inSize, inLen, return(-1), xmlSecTransformGetName(transform));
+ rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inLen);
if (rv != SECSuccess) {
xmlSecNssError("PK11_DigestOp", xmlSecTransformGetName(transform));
return(-1);
}
- ret = xmlSecBufferRemoveHead(in, inSize);
+ ret = xmlSecBufferRemoveHead(in, inLen);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ "size=%u", inLen);
return(-1);
}
}
return(-1);
}
xmlSecAssert2(dgstSize > 0, -1);
- ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize);
+ ctx->dgstSize =dgstSize;
if(transform->operation == xmlSecTransformOperationSign) {
ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend",
- xmlSecTransformGetName(transform),
- "size=%d", ctx->dgstSize);
+ xmlSecInternalError2("xmlSecBufferAppend", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, ctx->dgstSize);
return(-1);
}
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
#define __XMLSEC_GLOBALS_H__
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
"NSS error: %ld", \
- (long int)error_code \
+ (long)(error_code) \
); \
}
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
msg "; NSS error: %ld", \
(param), \
- (long int)error_code \
+ (long)(error_code) \
+ ); \
+ }
+
+
+ /**
+ * xmlSecNssError3:
+ * @errorFunction: the failed function name.
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ * @msg: the extra message.
+ * @param1: the extra message param1.
+ * @param2: the extra message param2.
+ *
+ * Macro. The XMLSec library macro for reporting NSS crypro errors.
+ */
+#define xmlSecNssError3(errorFunction, errorObject, msg, param1, param2) \
+ { \
+ PRInt32 error_code = PR_GetError(); \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ (errorFunction), \
+ XMLSEC_ERRORS_R_CRYPTO_FAILED, \
+ msg "; NSS error: %ld", \
+ (param1), \
+ (param2), \
+ (long)(error_code) \
); \
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
/**
#include <pk11func.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
-#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
+#include <xmlsec/transforms.h>
#include <xmlsec/nss/app.h>
#include <xmlsec/nss/crypto.h>
-/* sizes in bits */
-#define XMLSEC_NSS_MIN_HMAC_SIZE 80
-#define XMLSEC_NSS_MAX_HMAC_SIZE (128 * 8)
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+#include "../transform_helpers.h"
/**************************************************************************
*
* Configuration
*
*****************************************************************************/
-static int g_xmlsec_nss_hmac_min_length = XMLSEC_NSS_MIN_HMAC_SIZE;
/**
* xmlSecNssHmacGetMinOutputLength:
*
+ * DEPRECATED (use @xmlSecTransformHmacGetMinOutputBitsSize instead).
* Gets the value of min HMAC length.
*
* Returns: the min HMAC output length
*/
int xmlSecNssHmacGetMinOutputLength(void)
{
- return g_xmlsec_nss_hmac_min_length;
+ xmlSecSize val = xmlSecTransformHmacGetMinOutputBitsSize();
+ int res;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(val, res, return(-1), NULL);
+ return res;
}
/**
* xmlSecNssHmacSetMinOutputLength:
* @min_length: the new min length
*
+ * DEPRECATED (use @xmlSecTransformHmacSetMinOutputBitsSize instead).
* Sets the min HMAC output length
*/
void xmlSecNssHmacSetMinOutputLength(int min_length)
{
- g_xmlsec_nss_hmac_min_length = min_length;
+ xmlSecSize val;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(min_length, val, return, NULL);
+ xmlSecTransformHmacSetMinOutputBitsSize(val);
}
/**************************************************************************
struct _xmlSecNssHmacCtx {
CK_MECHANISM_TYPE digestType;
PK11Context* digestCtx;
- xmlSecByte dgst[XMLSEC_NSS_MAX_HMAC_SIZE / 8];
+ xmlSecByte dgst[XMLSEC_TRASNFORM_HMAC_MAX_OUTPUT_SIZE];
xmlSecSize dgstSize; /* dgst size in bits */
};
*
* HMAC transforms
*
- * xmlSecNssHmacCtx is located after xmlSecTransform
+ * xmlSecTransform + xmlSecNssHmacCtx
*
*****************************************************************************/
-#define xmlSecNssHmacGetCtx(transform) \
- ((xmlSecNssHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecNssHmacSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecNssHmacCtx))
+XMLSEC_TRANSFORM_DECLARE(NssHmac, xmlSecNssHmacCtx)
+#define xmlSecNssHmacSize XMLSEC_TRANSFORM_SIZE(NssHmac)
static int xmlSecNssHmacCheckId (xmlSecTransformPtr transform);
static int xmlSecNssHmacInitialize (xmlSecTransformPtr transform);
/**
* xmlSecNssHmacNodeRead:
- *
- * HMAC (http://www.w3.org/TR/xmldsig-core/#sec-HMAC):
- *
- * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits
- * as a parameter; if the parameter is not specified then all the bits of the
- * hash are output. An example of an HMAC SignatureMethod element:
- * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
- * <HMACOutputLength>128</HMACOutputLength>
- * </SignatureMethod>
- *
- * Schema Definition:
- *
- * <simpleType name="HMACOutputLengthType">
- * <restriction base="integer"/>
- * </simpleType>
- *
- * DTD:
- *
- * <!ELEMENT HMACOutputLength (#PCDATA)>
*/
static int
-xmlSecNssHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+xmlSecNssHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecNssHmacCtxPtr ctx;
- xmlNodePtr cur;
+ int ret;
xmlSecAssert2(xmlSecNssHmacCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
xmlSecAssert2(node!= NULL, -1);
- xmlSecAssert2(transformCtx!= NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecNssHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- cur = xmlSecGetNextElementNode(node->children);
- if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
- xmlChar *content;
-
- content = xmlNodeGetContent(cur);
- if(content != NULL) {
- ctx->dgstSize = atoi((char*)content);
- xmlFree(content);
- }
-
- /* Ensure that HMAC length is greater than min specified.
- Otherwise, an attacker can set this length to 0 or very
- small value
- */
- if((int)ctx->dgstSize < xmlSecNssHmacGetMinOutputLength()) {
- xmlSecInvalidNodeContentError(cur, xmlSecTransformGetName(transform),
- "HMAC output length is too small");
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform));
+ ret = xmlSecTransformHmacReadOutputBitsSize(node, ctx->dgstSize, &ctx->dgstSize);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformHmacReadOutputBitsSize()",
+ xmlSecTransformGetName(transform));
return(-1);
}
+
return(0);
}
xmlSecNssHmacCtxPtr ctx;
xmlSecKeyDataPtr value;
xmlSecBufferPtr buffer;
+ xmlSecSize bufferSize;
SECItem keyItem;
SECItem ignore;
PK11SlotInfo* slot;
buffer = xmlSecKeyDataBinaryValueGetBuffer(value);
xmlSecAssert2(buffer != NULL, -1);
- if(xmlSecBufferGetSize(buffer) == 0) {
+ bufferSize = xmlSecBufferGetSize(buffer);
+ if(bufferSize <= 0) {
xmlSecInvalidZeroKeyDataSizeError(xmlSecTransformGetName(transform));
return(-1);
}
memset(&ignore, 0, sizeof(ignore));
memset(&keyItem, 0, sizeof(keyItem));
keyItem.data = xmlSecBufferGetData(buffer);
- keyItem.len = xmlSecBufferGetSize(buffer);
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(bufferSize, keyItem.len, return(-1), xmlSecTransformGetName(transform));
slot = PK11_GetBestSlot(ctx->digestType, NULL);
if(slot == NULL) {
static int
xmlSecNssHmacVerify(xmlSecTransformPtr transform,
const xmlSecByte* data, xmlSecSize dataSize,
- xmlSecTransformCtxPtr transformCtx) {
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
static xmlSecByte last_byte_masks[] =
{ 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
xmlSecAssert2(data != NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecNssHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
- rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
+ unsigned int inLen;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(inSize, inLen, return(-1), xmlSecTransformGetName(transform));
+ rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inLen);
if (rv != SECSuccess) {
xmlSecNssError("PK11_DigestOp", xmlSecTransformGetName(transform));
return(-1);
}
- ret = xmlSecBufferRemoveHead(in, inSize);
+ ret = xmlSecBufferRemoveHead(in, inLen);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ "size=%u", inLen);
return(-1);
}
}
if(last) {
- unsigned int dgstSize;
+ unsigned int dgstLen;
+ xmlSecSize dgstSize;
- rv = PK11_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstSize, sizeof(ctx->dgst));
+ rv = PK11_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstLen, sizeof(ctx->dgst));
if(rv != SECSuccess) {
xmlSecNssError("PK11_DigestFinal", xmlSecTransformGetName(transform));
return(-1);
}
- xmlSecAssert2(dgstSize > 0, -1);
+ xmlSecAssert2(dgstLen > 0, -1);
+ XMLSEC_SAFE_CAST_UINT_TO_SIZE(dgstLen, dgstSize, return(-1), xmlSecTransformGetName(transform));
/* check/set the result digest size */
if(ctx->dgstSize == 0) {
- ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize * 8); /* no dgst size specified, use all we have */
- } else if(ctx->dgstSize <= XMLSEC_SIZE_BAD_CAST(8 * dgstSize)) {
- dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+ ctx->dgstSize = dgstSize * 8; /* no dgst size specified, use all we have */
+ } else if(ctx->dgstSize <= 8 * dgstSize) {
+ xmlSecSize adjustedDigestSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(adjustedDigestSize, dgstSize, return(-1), xmlSecTransformGetName(transform));
} else {
xmlSecInvalidSizeLessThanError("HMAC digest (bits)",
8 * dgstSize, ctx->dgstSize,
if(transform->operation == xmlSecTransformOperationSign) {
ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend",
- xmlSecTransformGetName(transform),
- "size=%d", dgstSize);
+ xmlSecInternalError2("xmlSecBufferAppend", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, dgstSize);
return(-1);
}
}
#include <pk11func.h>
#include <keyhi.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
#include <xmlsec/base64.h>
#include <xmlsec/errors.h>
-#include <xmlsec/xmltree.h>
-
#include <xmlsec/keysmngr.h>
#include <xmlsec/nss/crypto.h>
#include <xmlsec/nss/x509.h>
#include <xmlsec/nss/pkikeys.h>
+#include "../cast_helpers.h"
/****************************************************************************
*
* Nss Keys Store. Uses Simple Keys Store under the hood
*
- * Simple Keys Store ptr is located after xmlSecKeyStore
+ * xmlSecKeyStore + xmlSecKeyStorePtr(Simple Keys Store ptr)
*
***************************************************************************/
-#define xmlSecNssKeysStoreSize \
- (sizeof(xmlSecKeyStore) + sizeof(xmlSecKeyStorePtr))
-
-#define xmlSecNssKeysStoreGetSS(store) \
- ((xmlSecKeyStoreCheckSize((store), xmlSecNssKeysStoreSize)) ? \
- (xmlSecKeyStorePtr*)(((xmlSecByte*)(store)) + sizeof(xmlSecKeyStore)) : \
- (xmlSecKeyStorePtr*)NULL)
+XMLSEC_KEY_STORE_DECLARE(NssKeysStore, xmlSecKeyStorePtr)
+#define xmlSecNssKeysStoreSize XMLSEC_KEY_STORE_SIZE(NssKeysStore)
static int xmlSecNssKeysStoreInitialize (xmlSecKeyStorePtr store);
static void xmlSecNssKeysStoreFinalize (xmlSecKeyStorePtr store);
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId), -1);
xmlSecAssert2((key != NULL), -1);
- ss = xmlSecNssKeysStoreGetSS(store);
+ ss = xmlSecNssKeysStoreGetCtx(store);
xmlSecAssert2(((ss != NULL) && (*ss != NULL) &&
(xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
int
xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
xmlSecKeysMngrPtr keysMngr ATTRIBUTE_UNUSED) {
- xmlDocPtr doc;
- xmlNodePtr root;
- xmlNodePtr cur;
- xmlSecKeyPtr key;
- xmlSecKeyInfoCtx keyInfoCtx;
- int ret;
-
- xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId), -1);
- xmlSecAssert2((uri != NULL), -1);
-
- doc = xmlParseFile(uri);
- if(doc == NULL) {
- xmlSecXmlError2("xmlParseFile", xmlSecKeyStoreGetName(store),
- "uri=%s", xmlSecErrorsSafeString(uri));
- return(-1);
- }
-
- root = xmlDocGetRootElement(doc);
- if(!xmlSecCheckNodeName(root, BAD_CAST "Keys", xmlSecNs)) {
- xmlSecInvalidNodeError(root, BAD_CAST "Keys", xmlSecKeyStoreGetName(store));
- xmlFreeDoc(doc);
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(root->children);
- while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {
- key = xmlSecKeyCreate();
- if(key == NULL) {
- xmlSecInternalError("xmlSecKeyCreate",
- xmlSecKeyStoreGetName(store));
- xmlFreeDoc(doc);
- return(-1);
- }
-
- ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeyInfoCtxInitialize",
- xmlSecKeyStoreGetName(store));
- xmlSecKeyDestroy(key);
- xmlFreeDoc(doc);
- return(-1);
- }
-
- keyInfoCtx.mode = xmlSecKeyInfoModeRead;
- keyInfoCtx.keysMngr = NULL;
- keyInfoCtx.flags = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND |
- XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
- keyInfoCtx.keyReq.keyId = xmlSecKeyDataIdUnknown;
- keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny;
- keyInfoCtx.keyReq.keyUsage= xmlSecKeyDataUsageAny;
-
- ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeyInfoNodeRead",
- xmlSecKeyStoreGetName(store));
- xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
- xmlSecKeyDestroy(key);
- xmlFreeDoc(doc);
- return(-1);
- }
- xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-
- if(xmlSecKeyIsValid(key)) {
- ret = xmlSecNssKeysStoreAdoptKey(store, key);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssKeysStoreAdoptKey",
- xmlSecKeyStoreGetName(store));
- xmlSecKeyDestroy(key);
- xmlFreeDoc(doc);
- return(-1);
- }
- } else {
- /* we have an unknown key in our file, just ignore it */
- xmlSecKeyDestroy(key);
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyStoreGetName(store));
- xmlFreeDoc(doc);
- return(-1);
- }
-
- xmlFreeDoc(doc);
- return(0);
+ return(xmlSecSimpleKeysStoreLoad_ex(store, uri, keysMngr,
+ xmlSecNssKeysStoreAdoptKey));
}
/**
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId), -1);
xmlSecAssert2((filename != NULL), -1);
- ss = xmlSecNssKeysStoreGetSS(store);
+ ss = xmlSecNssKeysStoreGetCtx(store);
xmlSecAssert2(((ss != NULL) && (*ss != NULL) &&
(xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId), -1);
- ss = xmlSecNssKeysStoreGetSS(store);
+ ss = xmlSecNssKeysStoreGetCtx(store);
xmlSecAssert2(((ss == NULL) || (*ss == NULL)), -1);
*ss = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
xmlSecAssert(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId));
- ss = xmlSecNssKeysStoreGetSS(store);
+ ss = xmlSecNssKeysStoreGetCtx(store);
xmlSecAssert((ss != NULL) && (*ss != NULL));
xmlSecKeyStoreDestroy(*ss);
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId), NULL);
xmlSecAssert2(keyInfoCtx != NULL, NULL);
- ss = xmlSecNssKeysStoreGetSS(store);
+ ss = xmlSecNssKeysStoreGetCtx(store);
xmlSecAssert2(((ss != NULL) && (*ss != NULL)), NULL);
key = xmlSecKeyStoreFindKey(*ss, name, keyInfoCtx);
ret = xmlSecKeySetValue(key, data);
if (ret < 0) {
xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(data));
+ xmlSecKeyDataGetName(data));
goto done;
}
data = NULL;
#include <nss.h>
#include <pk11func.h>
#include <keyhi.h>
-#include <key.h>
#include <hasht.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
#include <xmlsec/nss/crypto.h>
#include <xmlsec/nss/pkikeys.h>
+#include "../cast_helpers.h"
+
/*********************************************************************
*
- * Key transport transforms
+ * Key transport transforms context
*
********************************************************************/
-typedef struct _xmlSecNssKeyTransportCtx xmlSecNssKeyTransportCtx;
-typedef struct _xmlSecNssKeyTransportCtx* xmlSecNssKeyTransportCtxPtr;
-
-#define xmlSecNssKeyTransportSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecNssKeyTransportCtx))
-#define xmlSecNssKeyTransportGetCtx(transform) \
- ((xmlSecNssKeyTransportCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+typedef struct _xmlSecNssKeyTransportCtx xmlSecNssKeyTransportCtx;
+typedef struct _xmlSecNssKeyTransportCtx* xmlSecNssKeyTransportCtxPtr;
struct _xmlSecNssKeyTransportCtx {
CK_MECHANISM_TYPE cipher;
xmlSecBufferPtr material; /* to be encrypted/decrypted material */
};
+/*********************************************************************
+ *
+ * Key transport transform
+ *
+ ********************************************************************/
+XMLSEC_TRANSFORM_DECLARE(NssKeyTransport, xmlSecNssKeyTransportCtx)
+#define xmlSecNssKeyTransportSize XMLSEC_TRANSFORM_SIZE(NssKeyTransport)
+
static int xmlSecNssKeyTransportInitialize (xmlSecTransformPtr transform);
static void xmlSecNssKeyTransportFinalize (xmlSecTransformPtr transform);
static int xmlSecNssKeyTransportSetKeyReq (xmlSecTransformPtr transform,
static int
xmlSecNssKeyTransportCtxInit(xmlSecNssKeyTransportCtxPtr ctx, xmlSecBufferPtr in, xmlSecBufferPtr out,
int encrypt, xmlSecTransformCtxPtr transformCtx) {
- int blockSize;
+ xmlSecSize blockSize;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->cipher != CKM_INVALID_MECHANISM, -1);
return(-1);
}
} else if(ctx->prikey != NULL) {
- blockSize = PK11_SignatureLen(ctx->prikey);
- if(blockSize <= 0) {
+ int blockLen;
+
+ blockLen = PK11_SignatureLen(ctx->prikey);
+ if(blockLen <= 0) {
xmlSecNssError("PK11_SignatureLen", NULL);
return(-1);
}
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(blockLen, blockSize, return(-1), NULL);
} else {
xmlSecOtherError(XMLSEC_ERRORS_R_KEY_NOT_FOUND, NULL,
- "neither public or private keys are set");
+ "neither public or private keys are set");
return(-1);
}
ctx->material = xmlSecBufferCreate(blockSize);
if(ctx->material == NULL) {
xmlSecInternalError2("xmlSecBufferSetData", NULL,
- "size=%lu", (long unsigned)blockSize);
+ "size=" XMLSEC_SIZE_FMT, blockSize);
return(-1);
}
/* read raw key material into context */
if(xmlSecBufferSetData(ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in)) < 0) {
xmlSecInternalError2("xmlSecBufferSetData", NULL,
- "size=%lu", (long unsigned)xmlSecBufferGetSize(in));
+ "size=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(in));
return(-1);
}
if(xmlSecBufferRemoveHead(in, xmlSecBufferGetSize(in)) < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", NULL,
- "size=%lu", (long unsigned)xmlSecBufferGetSize(in));
+ "size=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(in));
return(-1);
}
/* read raw key material and append into context */
if(xmlSecBufferAppend(ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in)) < 0) {
xmlSecInternalError2("xmlSecBufferAppend", NULL,
- "size=%lu", (long unsigned)xmlSecBufferGetSize(in));
+ "size=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(in));
return(-1);
}
if(xmlSecBufferRemoveHead(in, xmlSecBufferGetSize(in)) < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", NULL,
- "size=%lu", (long unsigned)xmlSecBufferGetSize(in));
+ "size=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(in));
return(-1);
}
return(0);
PK11SymKey* symKey;
PK11SlotInfo* slot;
SECItem oriskv;
- int blockSize;
+ xmlSecSize blockSize, materialSize, resultSize;
+ unsigned int resultLen;
xmlSecBufferPtr result;
xmlSecAssert2(ctx != NULL, -1);
/* read raw key material and append into context */
if(xmlSecBufferAppend(ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in)) < 0) {
xmlSecInternalError2("xmlSecBufferAppend", NULL,
- "size=%lu", (unsigned long)xmlSecBufferGetSize(in));
+ "size=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(in));
return(-1);
}
+ materialSize = xmlSecBufferGetSize(ctx->material);
if(xmlSecBufferRemoveHead(in, xmlSecBufferGetSize(in)) < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", NULL,
- "size=%lu", (unsigned long)xmlSecBufferGetSize(in));
+ "size=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(in));
return(-1);
}
return(-1);
}
} else if(ctx->prikey != NULL) {
- blockSize = PK11_SignatureLen(ctx->prikey);
- if(blockSize <= 0) {
+ int blockLen;
+
+ blockLen = PK11_SignatureLen(ctx->prikey);
+ if(blockLen <= 0) {
xmlSecNssError("PK11_SignatureLen", NULL);
return(-1);
}
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(blockLen, blockSize, return(-1), NULL);
} else {
xmlSecOtherError(XMLSEC_ERRORS_R_KEY_NOT_FOUND, NULL,
"neither public or private keys are set");
xmlSecInternalError("xmlSecBufferCreate", NULL);
return(-1);
}
+ resultSize = xmlSecBufferGetMaxSize(result);
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(resultSize, resultLen, return(-1), NULL);
oriskv.type = siBuffer;
oriskv.data = xmlSecBufferGetData(ctx->material);
- oriskv.len = xmlSecBufferGetSize(ctx->material);
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(materialSize, oriskv.len, return(-1), NULL);
if(encrypt != 0) {
CK_OBJECT_HANDLE id;
wrpskv.type = siBuffer;
wrpskv.data = xmlSecBufferGetData(result);
- wrpskv.len = xmlSecBufferGetMaxSize(result);
+ wrpskv.len = resultLen;
if(PK11_PubWrapSymKey(ctx->cipher, ctx->pubkey, symKey, &wrpskv) != SECSuccess) {
xmlSecNssError("PK11_PubWrapSymKey", NULL);
if(xmlSecBufferSetSize(result, wrpskv.len) < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", NULL,
- "size=%lu", (unsigned long)wrpskv.len);
+ "size=%u", wrpskv.len);
PK11_FreeSymKey(symKey);
xmlSecBufferDestroy(result);
PK11_FreeSlot(slot);
if(xmlSecBufferSetData(result, keyItem->data, keyItem->len) < 0) {
xmlSecInternalError2("xmlSecBufferSetData", NULL,
- "size=%lu", (unsigned long)keyItem->len);
+ "size=%u", keyItem->len);
PK11_FreeSymKey(symKey);
xmlSecBufferDestroy(result);
return(-1);
/* Write output */
if(xmlSecBufferAppend(out, xmlSecBufferGetData(result), xmlSecBufferGetSize(result)) < 0) {
xmlSecInternalError2("xmlSecBufferAppend", NULL,
- "size=%lu", (unsigned long)xmlSecBufferGetSize(result));
+ "size=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(result));
xmlSecBufferDestroy(result);
return(-1);
}
* distribution for preciese wording.
*
* Copyright (c) 2003 America Online, Inc. All rights reserved.
- * Copyright (C) 20
10-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 20
02-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_aes
#include <pk11func.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
#include <xmlsec/nss/crypto.h>
#include "../kw_aes_des.h"
+#include "../cast_helpers.h"
/*
* NSS needs to implement AES KW internally and then the code
* AES KW implementation
*
*********************************************************************/
-static int xmlSecNSSKWAesBlockEncrypt (const xmlSecByte * in,
+static int xmlSecNSSKWAesBlockEncrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
+ xmlSecByte * out,
xmlSecSize outSize,
- void * context);
-static int xmlSecNSSKWAesBlockDecrypt (const xmlSecByte * in,
+ xmlSecSize * outWritten);
+static int xmlSecNSSKWAesBlockDecrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
+ xmlSecByte * out,
xmlSecSize outSize,
- void * context);
+ xmlSecSize * outWritten);
static xmlSecKWAesKlass xmlSecNssKWAesKlass = {
/* callbacks */
xmlSecNSSKWAesBlockEncrypt, /* xmlSecKWAesBlockEncryptMethod encrypt; */
};
-
-
-static PK11SymKey* xmlSecNssMakeAesKey (const xmlSecByte *key,
- xmlSecSize keySize,
- int enc);
static int xmlSecNssAesOp (PK11SymKey *aeskey,
const xmlSecByte *in,
xmlSecByte *out,
/*********************************************************************
*
- * AES KW transforms
+ * AES KW transforms context
*
********************************************************************/
-typedef struct _xmlSecNssKWAesCtx xmlSecNssKWAesCtx,
- *xmlSecNssKWAesCtxPtr;
+typedef struct _xmlSecNssKWAesCtx xmlSecNssKWAesCtx,
+ *xmlSecNssKWAesCtxPtr;
+
struct _xmlSecNssKWAesCtx {
- xmlSecBuffer keyBuffer;
- xmlSecSize keyExpectedSize;
+ xmlSecTransformKWAesCtx parentCtx;
+ PK11SymKey* aesKey;
};
-#define xmlSecNssKWAesSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecNssKWAesCtx))
-#define xmlSecNssKWAesGetCtx(transform) \
- ((xmlSecNssKWAesCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int xmlSecNSSKWAesEnsureKey (xmlSecNssKWAesCtxPtr ctx,
+ int enc);
+
+
+/*********************************************************************
+ *
+ * AES KW transform
+ *
+ ********************************************************************/
+XMLSEC_TRANSFORM_DECLARE(NssKWAes, xmlSecNssKWAesCtx)
+#define xmlSecNssKWAesSize XMLSEC_TRANSFORM_SIZE(NssKWAes)
#define xmlSecNssKWAesCheckId(transform) \
(xmlSecTransformCheckId((transform), xmlSecNssTransformKWAes128Id) || \
static int
xmlSecNssKWAesInitialize(xmlSecTransformPtr transform) {
xmlSecNssKWAesCtxPtr ctx;
+ xmlSecSize keyExpectedSize;
int ret;
xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1);
ctx = xmlSecNssKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
+ memset(ctx, 0, sizeof(xmlSecNssKWAesCtx));
if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes128Id)) {
- ctx->keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE;
+ keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE;
} else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes192Id)) {
- ctx->keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE;
+ keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE;
} else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes256Id)) {
- ctx->keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE;
+ keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE;
} else {
xmlSecInvalidTransfromError(transform)
return(-1);
}
- ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+ ret = xmlSecTransformKWAesInitialize(transform, &(ctx->parentCtx),
+ &xmlSecNssKWAesKlass, xmlSecNssKeyDataAesId,
+ keyExpectedSize);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecTransformKWAesInitialize", xmlSecTransformGetName(transform));
+ xmlSecNssKWAesFinalize(transform);
return(-1);
}
ctx = xmlSecNssKWAesGetCtx(transform);
xmlSecAssert(ctx != NULL);
- xmlSecBufferFinalize(&(ctx->keyBuffer));
+ if(ctx->aesKey != NULL) {
+ PK11_FreeSymKey(ctx->aesKey);
+ }
+
+ xmlSecTransformKWAesFinalize(transform, &(ctx->parentCtx));
+ memset(ctx, 0, sizeof(xmlSecNssKWAesCtx));
}
static int
xmlSecNssKWAesSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecNssKWAesCtxPtr ctx;
+ int ret;
xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1);
- xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecNssKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keyReq->keyId = xmlSecNssKeyDataAesId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage = xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+ ret = xmlSecTransformKWAesSetKeyReq(transform, &(ctx->parentCtx),keyReq);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesSetKeyReq", xmlSecTransformGetName(transform));
+ return(-1);
}
- keyReq->keyBitsSize = 8 * ctx->keyExpectedSize;
-
return(0);
}
static int
xmlSecNssKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecNssKWAesCtxPtr ctx;
- xmlSecBufferPtr buffer;
- xmlSecSize keySize;
int ret;
xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecNssKeyDataAesId), -1);
ctx = xmlSecNssKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
- xmlSecAssert2(buffer != NULL, -1);
-
- keySize = xmlSecBufferGetSize(buffer);
- if(keySize < ctx->keyExpectedSize) {
- xmlSecInvalidKeyDataSizeError(keySize, ctx->keyExpectedSize,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- ret = xmlSecBufferSetData(&(ctx->keyBuffer),
- xmlSecBufferGetData(buffer),
- ctx->keyExpectedSize);
+ ret = xmlSecTransformKWAesSetKey(transform, &(ctx->parentCtx), key);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "expected-size=%d", ctx->keyExpectedSize);
+ xmlSecInternalError("xmlSecTransformKWAesSetKey", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
static int
-xmlSecNssKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecNssKWAesExecute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecNssKWAesCtxPtr ctx;
- xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize, keySize;
int ret;
xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecNssKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
- xmlSecAssert2(keySize == ctx->keyExpectedSize, -1);
-
- in = &(transform->inBuf);
- out = &(transform->outBuf);
- inSize = xmlSecBufferGetSize(in);
- outSize = xmlSecBufferGetSize(out);
- xmlSecAssert2(outSize == 0, -1);
-
- if(transform->status == xmlSecTransformStatusNone) {
- transform->status = xmlSecTransformStatusWorking;
- }
-
- if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
- /* just do nothing */
- } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- if((inSize % 8) != 0) {
- xmlSecInvalidSizeNotMultipleOfError("Input data",
- inSize, 8,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
- outSize = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE +
- XMLSEC_KW_AES_BLOCK_SIZE;
- } else {
- outSize = inSize + XMLSEC_KW_AES_BLOCK_SIZE;
- }
-
- ret = xmlSecBufferSetMaxSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "outSize=%d", outSize);
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- PK11SymKey *aeskey = NULL;
-
- /* create key */
- aeskey = xmlSecNssMakeAesKey(xmlSecBufferGetData(&(ctx->keyBuffer)), keySize, 1); /* encrypt */
- if(aeskey == NULL) {
- xmlSecInternalError2("xmlSecNssMakeAesKey",
- xmlSecTransformGetName(transform),
- "keySize=%lu", (unsigned long)keySize);
- return(-1);
- }
-
-
- /* encrypt */
- ret = xmlSecKWAesEncode(&xmlSecNssKWAesKlass, aeskey,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError3("xmlSecKWAesEncode",
- xmlSecTransformGetName(transform),
- "inSize=%lu; outSize=%lu",
- (unsigned long)inSize,
- (unsigned long)outSize);
- PK11_FreeSymKey(aeskey);
- return(-1);
- }
-
- outSize = ret;
- PK11_FreeSymKey(aeskey);
- } else {
- PK11SymKey *aeskey = NULL;
-
- /* create key */
- aeskey = xmlSecNssMakeAesKey(xmlSecBufferGetData(&(ctx->keyBuffer)), keySize, 0); /* decrypt */
- if(aeskey == NULL) {
- xmlSecInternalError2("xmlSecNssMakeAesKey",
- xmlSecTransformGetName(transform),
- "keySize=%lu", (unsigned long)keySize);
- return(-1);
- }
-
- /* decrypt */
- ret = xmlSecKWAesDecode(&xmlSecNssKWAesKlass, aeskey,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError3("xmlSecKWAesDecode",
- xmlSecTransformGetName(transform),
- "inSize=%lu; outSize=%lu",
- (unsigned long)inSize,
- (unsigned long)outSize);
- PK11_FreeSymKey(aeskey);
- return(-1);
- }
-
- outSize = ret;
- PK11_FreeSymKey(aeskey);
- }
-
- ret = xmlSecBufferSetSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "outSize=%d", outSize);
- return(-1);
- }
-
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "inSize%d", inSize);
- return(-1);
- }
-
- transform->status = xmlSecTransformStatusFinished;
- } else if(transform->status == xmlSecTransformStatusFinished) {
- /* the only way we can get here is if there is no input */
- xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
- } else {
- xmlSecInvalidTransfromStatusError(transform);
+ ret = xmlSecTransformKWAesExecute(transform, &(ctx->parentCtx), last);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesExecute", xmlSecTransformGetName(transform));
return(-1);
}
return(0);
*
*********************************************************************/
static int
-xmlSecNSSKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
+xmlSecNSSKWAesBlockEncrypt(xmlSecTransformPtr transform, const xmlSecByte * in, xmlSecSize inSize,
xmlSecByte * out, xmlSecSize outSize,
- void * context) {
- PK11SymKey *aeskey = (PK11SymKey *)context;
+ xmlSecSize * outWritten) {
+ xmlSecNssKWAesCtxPtr ctx;
int ret;
+ xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
- xmlSecAssert2(aeskey != NULL, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecNssKWAesGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ /* create key if needed */
+ ret = xmlSecNSSKWAesEnsureKey(ctx, 1); /* encrypt */
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNSSKWAesEnsureKey", NULL);
+ return(-1);
+ }
+ xmlSecAssert2(ctx->aesKey != NULL, -1);
/* one block */
- ret = xmlSecNssAesOp(aeskey, in, out, 1); /* encrypt */
+ ret = xmlSecNssAesOp(ctx->aesKey, in, out, 1); /* encrypt */
if(ret < 0) {
xmlSecInternalError("xmlSecNssAesOp", NULL);
return(-1);
}
- return(XMLSEC_KW_AES_BLOCK_SIZE);
+ (*outWritten) = XMLSEC_KW_AES_BLOCK_SIZE;
+ return(0);
}
static int
-xmlSecNSSKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
+xmlSecNSSKWAesBlockDecrypt(xmlSecTransformPtr transform, const xmlSecByte * in, xmlSecSize inSize,
xmlSecByte * out, xmlSecSize outSize,
- void * context) {
- PK11SymKey *aeskey = (PK11SymKey *)context;
+ xmlSecSize * outWritten) {
+ xmlSecNssKWAesCtxPtr ctx;
int ret;
+ xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
- xmlSecAssert2(aeskey != NULL, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecNssKWAesGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ /* create key if needed */
+ ret = xmlSecNSSKWAesEnsureKey(ctx, 1); /* encrypt */
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNSSKWAesEnsureKey", NULL);
+ return(-1);
+ }
+ xmlSecAssert2(ctx->aesKey != NULL, -1);
/* one block */
- ret = xmlSecNssAesOp(aeskey, in, out, 0); /* decrypt */
+ ret = xmlSecNssAesOp(ctx->aesKey, in, out, 0); /* decrypt */
if(ret < 0) {
xmlSecInternalError("xmlSecNssAesOp", NULL);
return(-1);
}
- return(XMLSEC_KW_AES_BLOCK_SIZE);
+ (*outWritten) = XMLSEC_KW_AES_BLOCK_SIZE;
+ return(0);
}
-static PK11SymKey *
-xmlSecNssMakeAesKey(const xmlSecByte *key, xmlSecSize keySize, int enc) {
- CK_MECHANISM_TYPE cipherMech;
- PK11SlotInfo* slot = NULL;
- PK11SymKey* aeskey = NULL;
- SECItem keyItem;
+static int
+xmlSecNSSKWAesEnsureKey(xmlSecNssKWAesCtxPtr ctx, int enc) {
+ xmlSecByte* keyData;
+ xmlSecSize keySize;
+ CK_MECHANISM_TYPE cipherMech;
+ PK11SlotInfo* slot = NULL;
+ SECItem keyItem;
+ int res = -1;
- xmlSecAssert2(key != NULL, NULL);
- xmlSecAssert2(keySize > 0, NULL);
+ xmlSecAssert2(ctx != NULL, -1);
+ if(ctx->aesKey != NULL) {
+ return(0);
+ }
+
+ keyData = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keySize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(keySize == ctx->parentCtx.keyExpectedSize, -1);
cipherMech = CKM_AES_ECB;
slot = PK11_GetBestSlot(cipherMech, NULL);
goto done;
}
- keyItem.data = (unsigned char *)key;
- keyItem.len = keySize;
- aeskey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap,
- enc ? CKA_ENCRYPT : CKA_DECRYPT, &keyItem, NULL);
- if (aeskey == NULL) {
+ keyItem.data = keyData;
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(keySize, keyItem.len, goto done, -1);
+
+ ctx->aesKey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap,
+ enc ? CKA_ENCRYPT : CKA_DECRYPT, &keyItem, NULL);
+ if (ctx->aesKey == NULL) {
xmlSecNssError("PK11_ImportSymKey", NULL);
goto done;
}
+ /* success */
+ res = 0;
+
done:
if (slot) {
PK11_FreeSlot(slot);
}
-
- return(aeskey);
+ return(res);
}
/* encrypt a block (XMLSEC_KW_AES_BLOCK_SIZE), in and out can overlap */
xmlSecNssAesOp(PK11SymKey *aeskey, const xmlSecByte *in, xmlSecByte *out, int enc) {
CK_MECHANISM_TYPE cipherMech;
- SECItem* SecParam = NULL;
- PK11Context* EncContext = NULL;
+ SECItem* secParam = NULL;
+ PK11Context* ctxt = NULL;
SECStatus rv;
- int tmp1_outlen;
- unsigned int tmp2_outlen;
+ int outlen;
int ret = -1;
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(out != NULL, -1);
cipherMech = CKM_AES_ECB;
- SecParam = PK11_ParamFromIV(cipherMech, NULL);
- if (SecParam == NULL) {
+ secParam = PK11_ParamFromIV(cipherMech, NULL);
+ if (secParam == NULL) {
xmlSecNssError("PK11_ParamFromIV", NULL);
goto done;
}
- EncContext = PK11_CreateContextBySymKey(cipherMech,
- enc ? CKA_ENCRYPT : CKA_DECRYPT,
- aeskey, SecParam);
- if (EncContext == NULL) {
+ ctxt = PK11_CreateContextBySymKey(cipherMech, enc ? CKA_ENCRYPT : CKA_DECRYPT,
+ aeskey, secParam);
+ if (ctxt == NULL) {
xmlSecNssError("PK11_CreateContextBySymKey", NULL);
goto done;
}
- tmp1_outlen = tmp2_outlen = 0;
- rv = PK11_CipherOp(EncContext, out, &tmp1_outlen,
+ outlen = 0;
+ rv = PK11_CipherOp(ctxt, out, &outlen,
XMLSEC_KW_AES_BLOCK_SIZE, (unsigned char *)in,
XMLSEC_KW_AES_BLOCK_SIZE);
- if (rv != SECSuccess) {
+ if ((rv != SECSuccess) || (outlen != XMLSEC_KW_AES_BLOCK_SIZE)) {
xmlSecNssError("PK11_CipherOp", NULL);
goto done;
}
- rv = PK11_DigestFinal(EncContext, out+tmp1_outlen,
- &tmp2_outlen, XMLSEC_KW_AES_BLOCK_SIZE-tmp1_outlen);
+ rv = PK11_Finalize(ctxt);
if (rv != SECSuccess) {
- xmlSecNssError("PK11_DigestFinal", NULL);
+ xmlSecNssError("PK11_Finalize", NULL);
goto done;
}
ret = 0;
done:
- if (SecParam) {
- SECITEM_FreeItem(SecParam, PR_TRUE);
+ if (secParam) {
+ SECITEM_FreeItem(secParam, PR_TRUE);
}
- if (EncContext) {
- PK11_DestroyContext(EncContext, PR_TRUE);
+ if (ctxt) {
+ PK11_DestroyContext(ctxt, PR_TRUE);
}
return (ret);
* distribution for preciese wording.
*
* Copyright (c) 2003 America Online, Inc. All rights reserved.
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_des
#include <hasht.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
#include <xmlsec/nss/crypto.h>
#include "../kw_aes_des.h"
+#include "../cast_helpers.h"
/*********************************************************************
*
* DES KW implementation
*
*********************************************************************/
-static int xmlSecNssKWDes3GenerateRandom (void * context,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecNssKWDes3Sha1 (void * context,
- const xmlSecByte * in,
- xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecNssKWDes3BlockEncrypt (void * context,
- const xmlSecByte * iv,
+static int xmlSecNssKWDes3GenerateRandom (xmlSecTransformPtr transform,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecNssKWDes3Sha1 (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
+ xmlSecSize inSize,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecNssKWDes3BlockEncrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * iv,
xmlSecSize ivSize,
- const xmlSecByte * in,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecNssKWDes3BlockDecrypt (void * context,
- const xmlSecByte * iv,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecNssKWDes3BlockDecrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * iv,
xmlSecSize ivSize,
- const xmlSecByte * in,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
static xmlSecKWDes3Klass xmlSecNssKWDes3ImplKlass = {
/* callbacks */
/* for the future */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
-};
+};
-static int xmlSecNssKWDes3Encrypt (const xmlSecByte *key,
+static int xmlSecNssKWDes3Encrypt (const xmlSecByte *key,
xmlSecSize keySize,
- const xmlSecByte *iv,
+ const xmlSecByte *iv,
xmlSecSize ivSize,
- const xmlSecByte *in,
+ const xmlSecByte *in,
xmlSecSize inSize,
- xmlSecByte *out,
- xmlSecSize outSize,
+ xmlSecByte *out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten,
int enc);
/*********************************************************************
*
- * Triple DES Key Wrap transform
+ * Triple DES Key Wrap transform context
+ *
+ ********************************************************************/
+typedef xmlSecTransformKWDes3Ctx xmlSecNssKWDes3Ctx,
+ *xmlSecNssKWDes3CtxPtr;
+
+/*********************************************************************
*
- * key (xmlSecBuffer) is located after xmlSecTransform structure
+ * Triple DES Key Wrap transform
*
********************************************************************/
-typedef struct _xmlSecNssKWDes3Ctx xmlSecNssKWDes3Ctx,
- *xmlSecNssKWDes3CtxPtr;
-struct _xmlSecNssKWDes3Ctx {
- xmlSecBuffer keyBuffer;
-};
-#define xmlSecNssKWDes3Size \
- (sizeof(xmlSecTransform) + sizeof(xmlSecNssKWDes3Ctx))
-#define xmlSecNssKWDes3GetCtx(transform) \
- ((xmlSecNssKWDes3CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(NssKWDes3, xmlSecNssKWDes3Ctx)
+#define xmlSecNssKWDes3Size XMLSEC_TRANSFORM_SIZE(NssKWDes3)
static int xmlSecNssKWDes3Initialize (xmlSecTransformPtr transform);
static void xmlSecNssKWDes3Finalize (xmlSecTransformPtr transform);
ctx = xmlSecNssKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
+ memset(ctx, 0, sizeof(xmlSecNssKWDes3Ctx));
- ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+ ret = xmlSecTransformKWDes3Initialize(transform, ctx,
+ &xmlSecNssKWDes3ImplKlass, xmlSecNssKeyDataDesId);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecTransformKWDes3Initialize", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
ctx = xmlSecNssKWDes3GetCtx(transform);
xmlSecAssert(ctx != NULL);
- xmlSecBufferFinalize(&(ctx->keyBuffer));
+ xmlSecTransformKWDes3Finalize(transform, ctx);
+ memset(ctx, 0, sizeof(xmlSecNssKWDes3Ctx));
}
static int
xmlSecNssKWDes3SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecNssKWDes3CtxPtr ctx;
+ int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecNssTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWDes3Size), -1);
- xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecNssKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keyReq->keyId = xmlSecNssKeyDataDesId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage= xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage= xmlSecKeyUsageDecrypt;
+ ret = xmlSecTransformKWDes3SetKeyReq(transform, ctx, keyReq);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3SetKeyReq",
+ xmlSecTransformGetName(transform));
+ return(-1);
}
- keyReq->keyBitsSize = 8 * XMLSEC_KW_DES3_KEY_LENGTH;
return(0);
}
static int
xmlSecNssKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecNssKWDes3CtxPtr ctx;
- xmlSecBufferPtr buffer;
- xmlSecSize keySize;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecNssTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWDes3Size), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecNssKeyDataDesId), -1);
ctx = xmlSecNssKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
- xmlSecAssert2(buffer != NULL, -1);
-
- keySize = xmlSecBufferGetSize(buffer);
- if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) {
- xmlSecInvalidKeyDataSizeError(keySize, XMLSEC_KW_DES3_KEY_LENGTH,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH);
+ ret = xmlSecTransformKWDes3SetKey(transform, ctx, key);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "size=%d", XMLSEC_KW_DES3_KEY_LENGTH);
+ xmlSecInternalError("xmlSecTransformKWDes3SetKey", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
static int
-xmlSecNssKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecNssKWDes3Execute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecNssKWDes3CtxPtr ctx;
- xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize, keySize;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecNssTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWDes3Size), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecNssKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
-
- keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
- xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
-
- in = &(transform->inBuf);
- out = &(transform->outBuf);
- inSize = xmlSecBufferGetSize(in);
- outSize = xmlSecBufferGetSize(out);
- xmlSecAssert2(outSize == 0, -1);
-
- if(transform->status == xmlSecTransformStatusNone) {
- transform->status = xmlSecTransformStatusWorking;
- }
-
- if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
- /* just do nothing */
- } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
- xmlSecInvalidSizeNotMultipleOfError("Input data",
- inSize, XMLSEC_KW_DES3_BLOCK_LENGTH,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* the encoded key might be 16 bytes longer plus one block just in case */
- outSize = inSize + XMLSEC_KW_DES3_IV_LENGTH +
- XMLSEC_KW_DES3_BLOCK_LENGTH +
- XMLSEC_KW_DES3_BLOCK_LENGTH;
- } else {
- /* just in case, add a block */
- outSize = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH;
- }
-
- ret = xmlSecBufferSetMaxSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- ret = xmlSecKWDes3Encode(&xmlSecNssKWDes3ImplKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError4("xmlSecKWDes3Encode", xmlSecTransformGetName(transform),
- "key=%d,in=%d,out=%d",
- keySize, inSize, outSize);
- return(-1);
- }
- outSize = ret;
- } else {
- ret = xmlSecKWDes3Decode(&xmlSecNssKWDes3ImplKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError4("xmlSecKWDes3Decode", xmlSecTransformGetName(transform),
- "key=%d,in=%d,out=%d",
- keySize, inSize, outSize);
- return(-1);
- }
- outSize = ret;
- }
-
- ret = xmlSecBufferSetSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
- return(-1);
- }
-
- transform->status = xmlSecTransformStatusFinished;
- } else if(transform->status == xmlSecTransformStatusFinished) {
- /* the only way we can get here is if there is no input */
- xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
- } else {
- xmlSecInvalidTransfromStatusError(transform);
+ ret = xmlSecTransformKWDes3Execute(transform, ctx, last);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3Execute", xmlSecTransformGetName(transform));
return(-1);
}
return(0);
*
*********************************************************************/
static int
-xmlSecNssKWDes3Sha1(void * context,
- const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecNssKWDes3CtxPtr ctx = (xmlSecNssKWDes3CtxPtr)context;
+xmlSecNssKWDes3Sha1(xmlSecTransformPtr transform ATTRIBUTE_UNUSED,
+ const xmlSecByte * in, xmlSecSize inSize,
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
PK11Context *pk11ctx = NULL;
- unsigned int outLen = 0;
+ unsigned int inLen, outLen;
SECStatus status;
- xmlSecAssert2(ctx != NULL, -1);
+ UNREFERENCED_PARAMETER(transform);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= SHA1_LENGTH, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(inSize, inLen, return(-1), NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(outSize, outLen, return(-1), NULL);
/* Create a pk11ctx for hashing (digesting) */
pk11ctx = PK11_CreateDigestContext(SEC_OID_SHA1);
return(-1);
}
- status = PK11_DigestOp(pk11ctx, in, inSize);
+ status = PK11_DigestOp(pk11ctx, in, inLen);
if (status != SECSuccess) {
xmlSecNssError("PK11_DigestOp", NULL);
PK11_DestroyContext(pk11ctx, PR_TRUE);
return(-1);
}
- status = PK11_DigestFinal(pk11ctx, out, &outLen, outSize);
+ status = PK11_DigestFinal(pk11ctx, out, &outLen, outLen);
if (status != SECSuccess) {
xmlSecNssError("PK11_DigestFinal", NULL);
PK11_DestroyContext(pk11ctx, PR_TRUE);
/* done */
PK11_DestroyContext(pk11ctx, PR_TRUE);
xmlSecAssert2(outLen == SHA1_LENGTH, -1);
- return(outLen);
+ (*outWritten) = outLen;
+
+ return(0);
}
static int
-xmlSecNssKWDes3GenerateRandom(void * context,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecNssKWDes3CtxPtr ctx = (xmlSecNssKWDes3CtxPtr)context;
+xmlSecNssKWDes3GenerateRandom(xmlSecTransformPtr transform ATTRIBUTE_UNUSED,
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
SECStatus status;
+ int outLen;
- xmlSecAssert2(ctx != NULL, -1);
+ UNREFERENCED_PARAMETER(transform);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize > 0, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
- status = PK11_GenerateRandom(out, outSize);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(outSize, outLen, return(-1), NULL);
+ status = PK11_GenerateRandom(out, outLen);
if(status != SECSuccess) {
xmlSecNssError("PK11_GenerateRandom", NULL);
return(-1);
}
- return((int)outSize);
+ (*outWritten) = outSize;
+ return(0);
}
static int
-xmlSecNssKWDes3BlockEncrypt(void * context,
+xmlSecNssKWDes3BlockEncrypt(xmlSecTransformPtr transform,
const xmlSecByte * iv, xmlSecSize ivSize,
const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecNssKWDes3CtxPtr ctx = (xmlSecNssKWDes3CtxPtr)context;
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ xmlSecNssKWDes3CtxPtr ctx;
int ret;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecNssTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWDes3Size), -1);
xmlSecAssert2(iv != NULL, -1);
xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecNssKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
ret = xmlSecNssKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)), XMLSEC_KW_DES3_KEY_LENGTH,
iv, XMLSEC_KW_DES3_IV_LENGTH,
in, inSize,
- out, outSize,
+ out, outSize, outWritten,
1); /* encrypt */
if(ret < 0) {
xmlSecInternalError("xmlSecNssKWDes3Encrypt", NULL);
return(-1);
}
- return(ret);
+ return(0);
}
static int
-xmlSecNssKWDes3BlockDecrypt(void * context,
+xmlSecNssKWDes3BlockDecrypt(xmlSecTransformPtr transform,
const xmlSecByte * iv, xmlSecSize ivSize,
const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecNssKWDes3CtxPtr ctx = (xmlSecNssKWDes3CtxPtr)context;
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ xmlSecNssKWDes3CtxPtr ctx;
int ret;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecNssTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWDes3Size), -1);
xmlSecAssert2(iv != NULL, -1);
xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecNssKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
ret = xmlSecNssKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)), XMLSEC_KW_DES3_KEY_LENGTH,
iv, XMLSEC_KW_DES3_IV_LENGTH,
in, inSize,
- out, outSize,
+ out, outSize, outWritten,
0); /* decrypt */
if(ret < 0) {
xmlSecInternalError("xmlSecNssKWDes3Encrypt", NULL);
return(-1);
}
- return(ret);
+ return(0);
}
-
-
static int
xmlSecNssKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
const xmlSecByte *iv, xmlSecSize ivSize,
const xmlSecByte *in, xmlSecSize inSize,
xmlSecByte *out, xmlSecSize outSize,
+ xmlSecSize * outWritten,
int enc) {
CK_MECHANISM_TYPE cipherMech;
PK11SlotInfo* slot = NULL;
PK11Context* pk11ctx = NULL;
SECItem keyItem, ivItem;
SECStatus status;
- int result_len = -1;
- int tmp1_outlen;
- unsigned int tmp2_outlen;
+ int inLen, outLen, maxOutLen;
+ int res = -1;
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
cipherMech = CKM_DES3_CBC;
slot = PK11_GetBestSlot(cipherMech, NULL);
}
keyItem.data = (unsigned char *)key;
- keyItem.len = keySize;
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(keySize, keyItem.len, goto done, NULL);
symKey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap,
enc ? CKA_ENCRYPT : CKA_DECRYPT, &keyItem, NULL);
if (symKey == NULL) {
}
ivItem.data = (unsigned char *)iv;
- ivItem.len = ivSize;
-
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(ivSize, ivItem.len, goto done, NULL);
param = PK11_ParamFromIV(cipherMech, &ivItem);
if (param == NULL) {
xmlSecNssError("PK11_ParamFromIV", NULL);
goto done;
}
- tmp1_outlen = tmp2_outlen = 0;
- status = PK11_CipherOp(pk11ctx, out, &tmp1_outlen, outSize,
- (unsigned char *)in, inSize);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, goto done, NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(outSize, maxOutLen, goto done, NULL);
+ outLen = 0;
+ status = PK11_CipherOp(pk11ctx, out, &outLen, maxOutLen, (unsigned char *)in, inLen);
if (status != SECSuccess) {
xmlSecNssError("PK11_CipherOp", NULL);
goto done;
}
- status = PK11_DigestFinal(pk11ctx, out+tmp1_outlen,
- &tmp2_outlen, outSize-tmp1_outlen);
+ status = PK11_Finalize(pk11ctx);
if (status != SECSuccess) {
- xmlSecNssError("PK11_DigestFinal", NULL);
+ xmlSecNssError("PK11_Finalize", NULL);
goto done;
}
- result_len = tmp1_outlen + tmp2_outlen;
+ /* success */
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(outLen, (*outWritten), goto done, NULL);
+ res = 0;
done:
if (slot) {
PK11_DestroyContext(pk11ctx, PR_TRUE);
}
- return(result_len);
+ return(res);
}
#include <pk11pqg.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/base64.h>
+#include <xmlsec/errors.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
+#include <xmlsec/private.h>
#include <xmlsec/transforms.h>
-#include <xmlsec/errors.h>
#include <xmlsec/nss/crypto.h>
#include <xmlsec/nss/bignum.h>
#include <xmlsec/nss/pkikeys.h>
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+
+
/**************************************************************************
*
* Internal NSS PKI key CTX
/******************************************************************************
*
- * PKI key (dsa/rsa)
- *
- * xmlSecNssPKIKeyDataCtx is located after xmlSecTransform
+ * PKI key data (dsa/rsa)
*
*****************************************************************************/
-#define xmlSecNssPKIKeyDataSize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecNssPKIKeyDataCtx))
-#define xmlSecNssPKIKeyDataGetCtx(data) \
- ((xmlSecNssPKIKeyDataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
-
+XMLSEC_KEY_DATA_DECLARE(NssPKIKeyData, xmlSecNssPKIKeyDataCtx)
+#define xmlSecNssPKIKeyDataSize XMLSEC_KEY_DATA_SIZE(NssPKIKeyData)
static int xmlSecNssPKIKeyDataInitialize (xmlSecKeyDataPtr data);
static void xmlSecNssPKIKeyDataFinalize (xmlSecKeyDataPtr data);
if(priType != nullKey && pubType != nullKey) {
if(pubType != priType) {
- xmlSecInvalidIntegerTypeError2("pubType", pubType, "priType", priType,
- "pubType == priType", NULL);
+ xmlSecNssError3("SECKEY_GetPrivateKeyType/SECKEY_GetPublicKeyType", NULL,
+ "pubType=%u; priType=%u", pubType, priType);
return -1;
}
}
if(priType != nullKey && pubType != nullKey) {
if(pubType != priType) {
- xmlSecInvalidIntegerTypeError2("pubType", pubType, "priType", priType,
- "pubType == priType", NULL);
+ xmlSecNssError3("SECKEY_GetPrivateKeyType/SECKEY_GetPublicKeyType", NULL,
+ "pubType=%u; priType=%u", pubType, priType);
return(NULL);
}
}
break;
#endif /* XMLSEC_NO_ECDSA */
default:
- xmlSecInvalidIntegerTypeError("pubType", pubType,
- "supported PKI key type", NULL);
+ xmlSecUnsupportedEnumValueError("pubType", pubType, NULL);
return(NULL);
}
return(0);
}
+/**************************************************************************
+ *
+ * Helpers
+ *
+ *************************************************************************/
+static int
+xmlSecNssGetBigNumValue(xmlSecBufferPtr buf, PRArenaPool *arena, SECItem *val) {
+ xmlSecByte* data;
+ xmlSecSize size;
+
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(arena != NULL, -1);
+ xmlSecAssert2(val != NULL, -1);
+ xmlSecAssert2(val->data == NULL, -1);
+ xmlSecAssert2(val->len == 0, -1);
+
+ data = xmlSecBufferGetData(buf);
+ size = xmlSecBufferGetSize(buf);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(size > 0, -1);
+
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(size, val->len, return(-1), NULL);
+ val->data = PORT_ArenaZAlloc(arena, val->len);
+ if(val->data == NULL) {
+ xmlSecMallocError(size, NULL);
+ val->len = 0;
+ return(-1);
+ }
+ PORT_Memcpy(val->data, data, val->len);
+ return(0);
+}
+
+static int
+xmlSecNssSetBigNumValue(const SECItem *val, xmlSecBufferPtr buf) {
+ int ret;
+
+ xmlSecAssert2(val != NULL, -1);
+ xmlSecAssert2(val->data != NULL, -1);
+ xmlSecAssert2(val->len > 0, -1);
+ xmlSecAssert2(buf != NULL, -1);
+
+ ret = xmlSecBufferSetData(buf, val->data, val->len);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData", NULL,
+ "size=%u", val->len);
+ return(-1);
+ }
+ return(0);
+}
+
#ifndef XMLSEC_NO_DSA
/**************************************************************************
*
static xmlSecSize xmlSecNssKeyDataDsaGetSize (xmlSecKeyDataPtr data);
static void xmlSecNssKeyDataDsaDebugDump (xmlSecKeyDataPtr data,
FILE* output);
-static void xmlSecNssKeyDataDsaDebugXmlDump (xmlSecKeyDataPtr data,
+static void xmlSecNssKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data,
FILE* output);
+
+static xmlSecKeyDataPtr xmlSecNssKeyDataDsaRead (xmlSecKeyDataId id,
+ xmlSecKeyValueDsaPtr dsaValue);
+static int xmlSecNssKeyDataDsaWrite (xmlSecKeyDataId id,
+ xmlSecKeyDataPtr data,
+ xmlSecKeyValueDsaPtr dsaValue,
+ int writePrivateKey);
+
static xmlSecKeyDataKlass xmlSecNssKeyDataDsaKlass = {
sizeof(xmlSecKeyDataKlass),
xmlSecNssPKIKeyDataSize,
static int
xmlSecNssKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataPtr data = NULL;
- xmlNodePtr cur;
- int ret;
- PK11SlotInfo *slot = NULL;
- CK_OBJECT_HANDLE handle;
- SECKEYPublicKey *pubkey=NULL;
- PRArenaPool *arena = NULL;
-
-
xmlSecAssert2(id == xmlSecNssKeyDataDsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(xmlSecKeyGetValue(key) != NULL) {
- xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
- xmlSecKeyDataKlassGetName(id),
- "key already has a value");
- ret = -1;
- goto done;
- }
-
- slot = PK11_GetBestSlot(CKM_DSA, NULL);
- if(slot == NULL) {
- xmlSecNssError("PK11_GetBestSlot", xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(arena == NULL) {
- xmlSecNssError("PORT_NewArena", xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
-
- pubkey = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
- if(pubkey == NULL) {
- xmlSecNssError2("PORT_ArenaZAlloc", xmlSecKeyDataKlassGetName(id),
- "size=%lu", (unsigned long)sizeof(SECKEYPublicKey));
- PORT_FreeArena(arena, PR_FALSE);
- ret = -1;
- goto done;
- }
- pubkey->arena = arena;
- pubkey->u.dsa.params.arena = arena;
- pubkey->keyType = dsaKey;
-
- cur = xmlSecGetNextElementNode(node->children);
-
- /* first is P node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAP, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAP, xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
- if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.dsa.params.prime)) == NULL) {
- xmlSecInternalError("xmlSecNssNodeGetBigNumValue(NodeDSAP)",
- xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* next is Q node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAQ, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAQ, xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
- if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.dsa.params.subPrime)) == NULL) {
- xmlSecInternalError("xmlSecNssNodeGetBigNumValue(NodeDSAQ)",
- xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* next is G node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAG, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAG, xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
- if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.dsa.params.base)) == NULL) {
- xmlSecInternalError("xmlSecNssNodeGetBigNumValue(NodeDSAG)",
- xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAX, xmlSecNs))) {
- /* next is X node. It is REQUIRED for private key but
- * NSS does not support it, we just ignore it */
-
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* next is Y node. */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAY, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAY, xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
- if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.dsa.publicValue)) == NULL) {
- xmlSecInternalError("xmlSecNssNodeGetBigNumValue(NodeDSAY)",
- xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* todo: add support for J */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAJ, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* todo: add support for seed */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSASeed, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* todo: add support for pgencounter */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAPgenCounter, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataKlassGetName(id))
- ret = -1;
- goto done;
- }
-
- handle = PK11_ImportPublicKey(slot, pubkey, PR_FALSE);
- if(handle == CK_INVALID_HANDLE) {
- xmlSecNssError("PK11_ImportPublicKey",
- xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
-
- data = xmlSecKeyDataCreate(id);
- if(data == NULL) {
- xmlSecInternalError("xmlSecKeyDataCreate",
- xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
-
- ret = xmlSecNssPKIKeyDataAdoptKey(data, NULL, pubkey);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssPKIKeyDataAdoptKey",
- xmlSecKeyDataGetName(data));
- goto done;
- }
- pubkey = NULL;
-
- ret = xmlSecKeySetValue(key, data);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(data));
- goto done;
- }
- data = NULL;
-
- ret = 0;
-
-done:
- if (slot != NULL) {
- PK11_FreeSlot(slot);
- }
- if (ret != 0) {
- if (pubkey != NULL) {
- SECKEY_DestroyPublicKey(pubkey);
- }
- if (data != NULL) {
- xmlSecKeyDataDestroy(data);
- }
- }
- return(ret);
+ return(xmlSecKeyDataDsaXmlRead(id, key, node, keyInfoCtx,
+ xmlSecNssKeyDataDsaRead));
}
static int
xmlSecNssKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecNssPKIKeyDataCtxPtr ctx;
- xmlNodePtr cur;
- int ret;
-
xmlSecAssert2(id == xmlSecNssKeyDataDsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecNssKeyDataDsaId), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- ctx = xmlSecNssPKIKeyDataGetCtx(xmlSecKeyGetValue(key));
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == dsaKey, -1);
-
- if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
- /* we can have only private key or public key */
- return(0);
- }
-
- /* first is P node */
- cur = xmlSecAddChild(node, xmlSecNodeDSAP, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAP)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.dsa.params.prime), 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssNodeSetBigNumValue(NodeDSAP)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
-
- /* next is Q node. */
- cur = xmlSecAddChild(node, xmlSecNodeDSAQ, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAQ)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.dsa.params.subPrime), 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssNodeSetBigNumValue(NodeDSAQ)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
-
- /* next is G node. */
- cur = xmlSecAddChild(node, xmlSecNodeDSAG, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAG)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.dsa.params.base), 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssNodeSetBigNumValue(NodeDSAG)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
-
- /* next is X node: not supported in NSS */
-
- /* next is Y node. */
- cur = xmlSecAddChild(node, xmlSecNodeDSAY, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeDSAY)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.dsa.publicValue), 1);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssNodeSetBigNumValue(NodeDSAY)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
-
- /* done */
- return(0);
+ return(xmlSecKeyDataDsaXmlWrite(id, key, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecNssKeyDataDsaWrite));
}
static int
SECKEYPrivateKey *privkey = NULL;
SECKEYPublicKey *pubkey = NULL;
int ret = -1;
- int j;
+ int index;
+ unsigned int uIndex;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId), -1);
xmlSecAssert2(sizeBits > 0, -1);
- j = PQG_PBITS_TO_INDEX(sizeBits);
- rv = PK11_PQG_ParamGen(j, &pqgParams, &pqgVerify);
+ index = PQG_PBITS_TO_INDEX(sizeBits);
+ if(index < 0) {
+ xmlSecNssError2("PQG_PBITS_TO_INDEX", xmlSecKeyDataGetName(data),
+ "size=" XMLSEC_SIZE_FMT, sizeBits);
+ goto done;
+ }
+ XMLSEC_SAFE_CAST_INT_TO_UINT(index, uIndex, goto done, xmlSecKeyDataGetName(data));
+
+ rv = PK11_PQG_ParamGen(uIndex, &pqgParams, &pqgVerify);
if (rv != SECSuccess) {
xmlSecNssError2("PK11_PQG_ParamGen", xmlSecKeyDataGetName(data),
- "size=%lu", (unsigned long)sizeBits);
+ "size=" XMLSEC_SIZE_FMT, sizeBits);
goto done;
}
rv = PK11_PQG_VerifyParams(pqgParams, pqgVerify, &res);
if (rv != SECSuccess || res != SECSuccess) {
xmlSecNssError2("PK11_PQG_VerifyParams", xmlSecKeyDataGetName(data),
- "size=%lu", (unsigned long)sizeBits);
+ "size=" XMLSEC_SIZE_FMT, sizeBits);
goto done;
}
xmlSecNssPKIKeyDataCtxPtr ctx;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId), xmlSecKeyDataTypeUnknown);
+
ctx = xmlSecNssPKIKeyDataGetCtx(data);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == dsaKey, -1);
+ xmlSecAssert2(ctx != NULL, xmlSecKeyDataTypeUnknown);
+ xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == dsaKey, xmlSecKeyDataTypeUnknown);
+
if (ctx->privkey != NULL) {
return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
} else {
xmlSecNssPKIKeyDataCtxPtr ctx;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId), 0);
+
ctx = xmlSecNssPKIKeyDataGetCtx(data);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == dsaKey, -1);
+ xmlSecAssert2(ctx != NULL, 0);
+ xmlSecAssert2(ctx->pubkey != NULL, 0);
+ xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == dsaKey, 0);
return(8 * SECKEY_PublicKeyStrength(ctx->pubkey));
}
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "=== dsa key: size = %d\n",
- xmlSecNssKeyDataDsaGetSize(data));
+ fprintf(output, "=== dsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecNssKeyDataDsaGetSize(data));
}
static void
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "<DSAKeyValue size=\"%d\" />\n",
- xmlSecNssKeyDataDsaGetSize(data));
+ fprintf(output, "<DSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecNssKeyDataDsaGetSize(data));
+}
+
+static xmlSecKeyDataPtr
+xmlSecNssKeyDataDsaRead(xmlSecKeyDataId id, xmlSecKeyValueDsaPtr dsaValue) {
+ xmlSecKeyDataPtr data = NULL;
+ xmlSecKeyDataPtr res = NULL;
+ PK11SlotInfo *slot = NULL;
+ CK_OBJECT_HANDLE handle;
+ SECKEYPublicKey *pubkey=NULL;
+ PRArenaPool *arena = NULL;
+ int ret;
+
+ xmlSecAssert2(id == xmlSecNssKeyDataDsaId, NULL);
+ xmlSecAssert2(dsaValue != NULL, NULL);
+
+ slot = PK11_GetBestSlot(CKM_DSA, NULL);
+ if(slot == NULL) {
+ xmlSecNssError("PK11_GetBestSlot", xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if(arena == NULL) {
+ xmlSecNssError("PORT_NewArena", xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ pubkey = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
+ if(pubkey == NULL) {
+ xmlSecNssError2("PORT_ArenaZAlloc", xmlSecKeyDataKlassGetName(id),
+ "size=" XMLSEC_SIZE_T_FMT, sizeof(SECKEYPublicKey));
+ goto done;
+ }
+ pubkey->arena = arena;
+ pubkey->u.dsa.params.arena = arena;
+ pubkey->keyType = dsaKey;
+ arena = NULL; /* owned by pubkey */
+
+ /*** p ***/
+ ret = xmlSecNssGetBigNumValue(&(dsaValue->p), pubkey->arena, &(pubkey->u.dsa.params.prime));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssGetBigNumValue(p)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /*** q ***/
+ ret = xmlSecNssGetBigNumValue(&(dsaValue->q), pubkey->arena, &(pubkey->u.dsa.params.subPrime));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssGetBigNumValue(q)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /*** g ***/
+ ret = xmlSecNssGetBigNumValue(&(dsaValue->g), pubkey->arena, &(pubkey->u.dsa.params.base));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssGetBigNumValue(g)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /* next is X (priv key). NSS does not support it, we just ignore it */
+
+ /*** y ***/
+ ret = xmlSecNssGetBigNumValue(&(dsaValue->y), pubkey->arena, &(pubkey->u.dsa.publicValue));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssGetBigNumValue(y)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /* todo: add support for J , seed, pgencounter */
+
+ /* create key */
+ handle = PK11_ImportPublicKey(slot, pubkey, PR_FALSE);
+ if(handle == CK_INVALID_HANDLE) {
+ xmlSecNssError("PK11_ImportPublicKey",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ data = xmlSecKeyDataCreate(id);
+ if(data == NULL) {
+ xmlSecInternalError("xmlSecKeyDataCreate",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ ret = xmlSecNssPKIKeyDataAdoptKey(data, NULL, pubkey);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssPKIKeyDataAdoptKey",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ pubkey = NULL; /* owned by data now */
+
+ /* success */
+ res = data;
+ data = NULL;
+
+done:
+ if (slot != NULL) {
+ PK11_FreeSlot(slot);
+ }
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ if (pubkey != NULL) {
+ SECKEY_DestroyPublicKey(pubkey);
+ }
+ if (data != NULL) {
+ xmlSecKeyDataDestroy(data);
+ }
+ return(res);
+}
+
+static int
+xmlSecNssKeyDataDsaWrite(xmlSecKeyDataId id, xmlSecKeyDataPtr data,
+ xmlSecKeyValueDsaPtr dsaValue,
+ int writePrivateKey ATTRIBUTE_UNUSED) {
+ xmlSecNssPKIKeyDataCtxPtr ctx;
+ int ret;
+
+ xmlSecAssert2(id == xmlSecNssKeyDataDsaId, -1);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId), -1);
+ xmlSecAssert2(dsaValue != NULL, -1);
+ UNREFERENCED_PARAMETER(writePrivateKey);
+
+ ctx = xmlSecNssPKIKeyDataGetCtx(data);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == dsaKey, -1);
+
+ /*** p ***/
+ ret = xmlSecNssSetBigNumValue(&(ctx->pubkey->u.dsa.params.prime), &(dsaValue->p));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssNodeSetBigNumValue(p)",
+ xmlSecKeyDataKlassGetName(id));
+ return(-1);
+ }
+
+ /*** q ***/
+ ret = xmlSecNssSetBigNumValue(&(ctx->pubkey->u.dsa.params.subPrime), &(dsaValue->q));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssNodeSetBigNumValue(q)",
+ xmlSecKeyDataKlassGetName(id));
+ return(-1);
+ }
+
+ /*** g ***/
+ ret = xmlSecNssSetBigNumValue(&(ctx->pubkey->u.dsa.params.base), &(dsaValue->g));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssNodeSetBigNumValue(g)",
+ xmlSecKeyDataKlassGetName(id));
+ return(-1);
+ }
+
+ /*** x: not supported in NSS ***/
+
+ /*** y ***/
+ ret = xmlSecNssSetBigNumValue(&(ctx->pubkey->u.dsa.publicValue), &(dsaValue->y));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssNodeSetBigNumValue(y)",
+ xmlSecKeyDataKlassGetName(id));
+ return(-1);
+ }
+
+ /* done */
+ return(0);
}
#endif /* XMLSEC_NO_DSA */
static void xmlSecNssKeyDataRsaDebugXmlDump (xmlSecKeyDataPtr data,
FILE* output);
+static xmlSecKeyDataPtr xmlSecNssKeyDataRsaRead (xmlSecKeyDataId id,
+ xmlSecKeyValueRsaPtr rsaValue);
+static int xmlSecNssKeyDataRsaWrite (xmlSecKeyDataId id,
+ xmlSecKeyDataPtr data,
+ xmlSecKeyValueRsaPtr rsaValue,
+ int writePrivateKey);
+
static xmlSecKeyDataKlass xmlSecNssKeyDataRsaKlass = {
sizeof(xmlSecKeyDataKlass),
xmlSecNssPKIKeyDataSize,
static int
xmlSecNssKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecNssKeyDataRsaId, -1);
+ return(xmlSecKeyDataRsaXmlRead(id, key, node, keyInfoCtx,
+ xmlSecNssKeyDataRsaRead));
+}
+
+static int
+xmlSecNssKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecNssKeyDataRsaId, -1);
+ return(xmlSecKeyDataRsaXmlWrite(id, key, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecNssKeyDataRsaWrite));
+}
+
+static xmlSecKeyDataType
+xmlSecNssKeyDataRsaGetType(xmlSecKeyDataPtr data) {
+ xmlSecNssPKIKeyDataCtxPtr ctx;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId), xmlSecKeyDataTypeUnknown);
+
+ ctx = xmlSecNssPKIKeyDataGetCtx(data);
+ xmlSecAssert2(ctx != NULL, xmlSecKeyDataTypeUnknown);
+ xmlSecAssert2(ctx->pubkey == NULL || SECKEY_GetPublicKeyType(ctx->pubkey) == rsaKey, xmlSecKeyDataTypeUnknown);
+
+ if (ctx->privkey != NULL) {
+ return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
+ } else {
+ return(xmlSecKeyDataTypePublic);
+ }
+
+ return(xmlSecKeyDataTypeUnknown);
+}
+
+static xmlSecSize
+xmlSecNssKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
+ xmlSecNssPKIKeyDataCtxPtr ctx;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId), 0);
+
+ ctx = xmlSecNssPKIKeyDataGetCtx(data);
+ xmlSecAssert2(ctx != NULL, 0);
+ xmlSecAssert2(ctx->pubkey != NULL, 0);
+ xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == rsaKey, 0);
+
+ return(8 * SECKEY_PublicKeyStrength(ctx->pubkey));
+}
+
+static void
+xmlSecNssKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "=== rsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecNssKeyDataRsaGetSize(data));
+}
+
+static void
+xmlSecNssKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "<RSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecNssKeyDataRsaGetSize(data));
+}
+
+static xmlSecKeyDataPtr
+xmlSecNssKeyDataRsaRead(xmlSecKeyDataId id, xmlSecKeyValueRsaPtr rsaValue) {
xmlSecKeyDataPtr data = NULL;
- xmlNodePtr cur;
- int ret;
+ xmlSecKeyDataPtr res = NULL;
PK11SlotInfo *slot = NULL;
SECKEYPublicKey *pubkey=NULL;
PRArenaPool *arena = NULL;
+ int ret;
- xmlSecAssert2(id == xmlSecNssKeyDataRsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(xmlSecKeyGetValue(key) != NULL) {
- xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
- xmlSecKeyDataKlassGetName(id),
- "key already has a value");
- ret = -1;
- goto done;
- }
+ xmlSecAssert2(id == xmlSecNssKeyDataRsaId, NULL);
+ xmlSecAssert2(rsaValue != NULL, NULL);
slot = PK11_GetBestSlot(CKM_RSA_PKCS, NULL);
if(slot == NULL) {
xmlSecNssError("PK11_GetBestSlot", xmlSecKeyDataKlassGetName(id));
- ret = -1;
goto done;
}
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if(arena == NULL) {
xmlSecNssError("PORT_NewArena", xmlSecKeyDataKlassGetName(id));
- ret = -1;
goto done;
}
sizeof(SECKEYPublicKey));
if(pubkey == NULL) {
xmlSecNssError("PORT_ArenaZAlloc", xmlSecKeyDataKlassGetName(id));
- PORT_FreeArena(arena, PR_FALSE);
- ret = -1;
goto done;
}
pubkey->arena = arena;
pubkey->keyType = rsaKey;
+ arena = NULL; /* owned by pubkey */
- cur = xmlSecGetNextElementNode(node->children);
-
- /* first is Modulus node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAModulus, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeRSAModulus, xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
- if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.rsa.modulus)) == NULL) {
- xmlSecInternalError("xmlSecNssNodeGetBigNumValue(NodeRSAModulus)",
+ /*** Modulus ***/
+ ret = xmlSecNssGetBigNumValue(&(rsaValue->modulus), pubkey->arena, &(pubkey->u.rsa.modulus));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssGetBigNumValue(Modulus)",
xmlSecKeyDataKlassGetName(id));
- ret = -1;
goto done;
}
- cur = xmlSecGetNextElementNode(cur->next);
- /* next is Exponent node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAExponent, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeRSAExponent, xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
- if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.rsa.publicExponent)) == NULL) {
- xmlSecInternalError("xmlSecNssNodeGetBigNumValue(NodeRSAExponent)",
+ /*** Exponent ***/
+ ret = xmlSecNssGetBigNumValue(&(rsaValue->publicExponent), pubkey->arena, &(pubkey->u.rsa.publicExponent));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssGetBigNumValue(Exponent)",
xmlSecKeyDataKlassGetName(id));
- ret = -1;
goto done;
}
- cur = xmlSecGetNextElementNode(cur->next);
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeRSAPrivateExponent, xmlSecNs))) {
- /* next is X node. It is REQUIRED for private key but
- * NSS does not support it. We just ignore it */
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataKlassGetName(id));
- ret = -1;
- goto done;
- }
+ /* next is PrivateExponent (priv key). NSS does not support it, we just ignore it */
+ /* create key */
data = xmlSecKeyDataCreate(id);
if(data == NULL) {
xmlSecInternalError("xmlSecKeyDataCreate",
xmlSecKeyDataDestroy(data);
goto done;
}
- pubkey = NULL;
+ pubkey = NULL; /* owned by data now */
- ret = xmlSecKeySetValue(key, data);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataKlassGetName(id));
- xmlSecKeyDataDestroy(data);
- goto done;
- }
+ /* success */
+ res = data;
data = NULL;
- ret = 0;
-
done:
if (slot != 0) {
PK11_FreeSlot(slot);
}
- if (ret != 0) {
- if (pubkey != 0) {
- SECKEY_DestroyPublicKey(pubkey);
- }
- if (data != 0) {
- xmlSecKeyDataDestroy(data);
- }
+ if(arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
}
- return(ret);
+ if (pubkey != 0) {
+ SECKEY_DestroyPublicKey(pubkey);
+ }
+ if (data != 0) {
+ xmlSecKeyDataDestroy(data);
+ }
+ return(res);
}
static int
-xmlSecNssKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecNssKeyDataRsaWrite(xmlSecKeyDataId id,xmlSecKeyDataPtr data,
+ xmlSecKeyValueRsaPtr rsaValue,
+ int writePrivateKey ATTRIBUTE_UNUSED) {
xmlSecNssPKIKeyDataCtxPtr ctx;
- xmlNodePtr cur;
int ret;
xmlSecAssert2(id == xmlSecNssKeyDataRsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecNssKeyDataRsaId), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId), -1);
+ xmlSecAssert2(rsaValue != NULL, -1);
+ UNREFERENCED_PARAMETER(writePrivateKey);
- ctx = xmlSecNssPKIKeyDataGetCtx(xmlSecKeyGetValue(key));
+ ctx = xmlSecNssPKIKeyDataGetCtx(data);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == rsaKey, -1);
-
- if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
- /* we can have only private key or public key */
- return(0);
- }
-
- /* first is Modulus node */
- cur = xmlSecAddChild(node, xmlSecNodeRSAModulus, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeRSAModulus)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.rsa.modulus), 1);
+ /*** Modulus ***/
+ ret = xmlSecNssSetBigNumValue(&(ctx->pubkey->u.rsa.modulus), &(rsaValue->modulus));
if(ret < 0) {
- xmlSecInternalError("xmlSecNssNodeSetBigNumValue(NodeRSAModulus)",
+ xmlSecInternalError("xmlSecNssNodeSetBigNumValue(Modulus)",
xmlSecKeyDataKlassGetName(id));
return(-1);
}
- /* next is Exponent node. */
- cur = xmlSecAddChild(node, xmlSecNodeRSAExponent, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecAddChild(NodeRSAExponent)",
- xmlSecKeyDataKlassGetName(id));
- return(-1);
- }
- ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.rsa.publicExponent), 1);
+ /*** Exponent ***/
+ ret = xmlSecNssSetBigNumValue(&(ctx->pubkey->u.rsa.publicExponent), &(rsaValue->publicExponent));
if(ret < 0) {
- xmlSecInternalError("xmlSecNssNodeSetBigNumValue(NodeRSAExponent)",
+ xmlSecInternalError("xmlSecNssNodeSetBigNumValue(Exponent)",
xmlSecKeyDataKlassGetName(id));
return(-1);
}
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId), -1);
xmlSecAssert2(sizeBits > 0, -1);
- params.keySizeInBits = sizeBits;
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(sizeBits, params.keySizeInBits, return(-1), xmlSecKeyDataGetName(data));
params.pe = 65537;
slot = PK11_GetBestSlot(CKM_RSA_PKCS_KEY_PAIR_GEN, NULL);
return(-1);
}
-static xmlSecKeyDataType
-xmlSecNssKeyDataRsaGetType(xmlSecKeyDataPtr data) {
- xmlSecNssPKIKeyDataCtxPtr ctx;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId), xmlSecKeyDataTypeUnknown);
-
- ctx = xmlSecNssPKIKeyDataGetCtx(data);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->pubkey == NULL || SECKEY_GetPublicKeyType(ctx->pubkey) == rsaKey, -1);
- if (ctx->privkey != NULL) {
- return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
- } else {
- return(xmlSecKeyDataTypePublic);
- }
-
- return(xmlSecKeyDataTypeUnknown);
-}
-
-static xmlSecSize
-xmlSecNssKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
- xmlSecNssPKIKeyDataCtxPtr ctx;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId), 0);
-
- ctx = xmlSecNssPKIKeyDataGetCtx(data);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == rsaKey, -1);
-
- return(8 * SECKEY_PublicKeyStrength(ctx->pubkey));
-}
-
-static void
-xmlSecNssKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId));
- xmlSecAssert(output != NULL);
-
- fprintf(output, "=== rsa key: size = %d\n",
- xmlSecNssKeyDataRsaGetSize(data));
-}
-
-static void
-xmlSecNssKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId));
- xmlSecAssert(output != NULL);
-
- fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
- xmlSecNssKeyDataRsaGetSize(data));
-}
-
#endif /* XMLSEC_NO_RSA */
#ifndef XMLSEC_NO_ECDSA
xmlSecNssPKIKeyDataCtxPtr ctx;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataEcdsaId), xmlSecKeyDataTypeUnknown);
+
ctx = xmlSecNssPKIKeyDataGetCtx(data);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->pubkey == NULL || SECKEY_GetPublicKeyType(ctx->pubkey) == ecKey, -1);
+ xmlSecAssert2(ctx != NULL, xmlSecKeyDataTypeUnknown);
+ xmlSecAssert2(ctx->pubkey == NULL || SECKEY_GetPublicKeyType(ctx->pubkey) == ecKey, xmlSecKeyDataTypeUnknown);
+
if (ctx->privkey != NULL) {
return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
} else {
xmlSecNssPKIKeyDataCtxPtr ctx;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataEcdsaId), 0);
+
ctx = xmlSecNssPKIKeyDataGetCtx(data);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == ecKey, -1);
+ xmlSecAssert2(ctx != NULL, 0);
+ xmlSecAssert2(ctx->pubkey != NULL, 0);
+ xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == ecKey, 0);
return(SECKEY_SignatureLen(ctx->pubkey));
}
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataEcdsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "=== ecdsa key: size = %d\n",
- xmlSecNssKeyDataEcdsaGetSize(data));
+ fprintf(output, "=== ecdsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecNssKeyDataEcdsaGetSize(data));
}
static void
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataEcdsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "<ECDSAKeyValue size=\"%d\" />\n",
- xmlSecNssKeyDataEcdsaGetSize(data));
+ fprintf(output, "<ECDSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecNssKeyDataEcdsaGetSize(data));
}
#endif /* XMLSEC_NO_ECDSA */
#include <xmlsec/nss/crypto.h>
#include <xmlsec/nss/pkikeys.h>
+#include "../cast_helpers.h"
/**************************************************************************
*
*
* Signature transforms
*
- * xmlSecNssSignatureCtx is located after xmlSecTransform
- *
*****************************************************************************/
-#define xmlSecNssSignatureSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecNssSignatureCtx))
-#define xmlSecNssSignatureGetCtx(transform) \
- ((xmlSecNssSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(NssSignature, xmlSecNssSignatureCtx)
+#define xmlSecNssSignatureSize XMLSEC_TRANSFORM_SIZE(NssSignature)
static int xmlSecNssSignatureCheckId (xmlSecTransformPtr transform);
static int xmlSecNssSignatureInitialize (xmlSecTransformPtr transform);
xmlSecAssert2(ctx != NULL, -1);
signature.data = (unsigned char *)data;
- signature.len = dataSize;
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(dataSize, signature.len, return(-1), xmlSecTransformGetName(transform));
if(xmlSecNssSignatureAlgorithmEncoded(ctx->alg)) {
/* This creates a signature which is ASN1 encoded */
if (PORT_GetError() == SEC_ERROR_PKCS7_BAD_SIGNATURE) {
xmlSecOtherError(XMLSEC_ERRORS_R_DATA_NOT_MATCH,
xmlSecTransformGetName(transform),
- "VFY_EndWithSignature: signature does not verify");
+ "VFY_EndWithSignature: signature verification failed");
transform->status = xmlSecTransformStatusFail;
} else {
xmlSecNssError("VFY_EndWithSignature",
return(0);
}
+/* This creates a signature which is ASN1 encoded */
+static SECItem*
+xmlSecNssSignatureDecode(xmlSecNssSignatureCtxPtr ctx, SECItem* signature) {
+ int signatureLen;
+ unsigned int signatureSize;
+ SECItem* res = NULL;
+
+ xmlSecAssert2(ctx != NULL, NULL);
+ xmlSecAssert2(signature != NULL, NULL);
+
+ switch(ctx->alg) {
+ case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+ res = DSAU_DecodeDerSig(signature);
+ if(res == NULL) {
+ xmlSecNssError("DSAU_DecodeDerSig", NULL);
+ return(NULL);
+ }
+ break;
+ case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST:
+ case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE:
+ /* In these cases the signature length depends on the key parameters. */
+ signatureLen = PK11_SignatureLen(ctx->u.sig.privkey);
+ if(signatureLen < 1) {
+ xmlSecNssError("PK11_SignatureLen", NULL);
+ return(NULL);
+ }
+ XMLSEC_SAFE_CAST_INT_TO_UINT(signatureLen, signatureSize, return(NULL), NULL);
+
+ res = DSAU_DecodeDerSigToLen(signature, signatureSize);
+ if(res == NULL) {
+ xmlSecNssError("DSAU_DecodeDerSigToLen", NULL);
+ return(NULL);
+ }
+ break;
+ default:
+ xmlSecInternalError2("xmlSecNssSignatureDecode", NULL,
+ "unknown algorithm=%u", ctx->alg);
+ return(NULL);
+ }
+ return(res);
+}
+
static int
xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
xmlSecNssSignatureCtxPtr ctx;
}
if((transform->status == xmlSecTransformStatusWorking) && (inSize > 0)) {
+ unsigned int inLen;
+
xmlSecAssert2(outSize == 0, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(inSize, inLen, return(-1), xmlSecTransformGetName(transform));
if(transform->operation == xmlSecTransformOperationSign) {
- status = SGN_Update(ctx->u.sig.sigctx, xmlSecBufferGetData(in), inSize);
+ status = SGN_Update(ctx->u.sig.sigctx, xmlSecBufferGetData(in), inLen);
if(status != SECSuccess) {
xmlSecNssError("SGN_Update",
xmlSecTransformGetName(transform));
return(-1);
}
} else {
- status = VFY_Update(ctx->u.vfy.vfyctx, xmlSecBufferGetData(in), inSize);
+ status = VFY_Update(ctx->u.vfy.vfyctx, xmlSecBufferGetData(in), inLen);
if(status != SECSuccess) {
xmlSecNssError("VFY_Update",
xmlSecTransformGetName(transform));
}
}
- ret = xmlSecBufferRemoveHead(in, inSize);
+ ret = xmlSecBufferRemoveHead(in, inLen);
if(ret < 0) {
xmlSecInternalError("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform));
/* This creates a signature which is ASN1 encoded */
SECItem * signatureClr;
- if(ctx->alg == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) {
- signatureClr = DSAU_DecodeDerSig(&signature);
- if(signatureClr == NULL) {
- xmlSecNssError("DSAU_DecodeDerSig",
- xmlSecTransformGetName(transform));
- SECITEM_FreeItem(&signature, PR_FALSE);
- return(-1);
- }
- } else {
- /* In the ECDSA case the signature length depends on the
- * key parameters. */
- int signatureSize = PK11_SignatureLen(ctx->u.sig.privkey);
- if(signatureSize < 1) {
- xmlSecNssError("PK11_SignatureLen",
- xmlSecTransformGetName(transform));
- SECITEM_FreeItem(&signature, PR_FALSE);
- return(-1);
- }
-
- signatureClr = DSAU_DecodeDerSigToLen(&signature, signatureSize);
- if(signatureClr == NULL) {
- xmlSecNssError("DSAU_DecodeDerSigToLen",
- xmlSecTransformGetName(transform));
- SECITEM_FreeItem(&signature, PR_FALSE);
- return(-1);
- }
+ signatureClr = xmlSecNssSignatureDecode(ctx, &signature);
+ if(signatureClr == NULL) {
+ xmlSecInternalError("xmlSecNssSignatureDecode",
+ xmlSecTransformGetName(transform));
+ SECITEM_FreeItem(&signature, PR_FALSE);
+ return(-1);
}
ret = xmlSecBufferSetData(out, signatureClr->data, signatureClr->len);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "size=%d", signatureClr->len);
+ xmlSecTransformGetName(transform),
+ "size=%u", signatureClr->len);
SECITEM_FreeItem(&signature, PR_FALSE);
return(-1);
}
ret = xmlSecBufferSetData(out, signature.data, signature.len);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "size=%d", signature.len);
+ xmlSecTransformGetName(transform),
+ "size=%u", signature.len);
SECITEM_FreeItem(&signature, PR_FALSE);
return(-1);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:symkeys
#include <string.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/nss/crypto.h>
+#include "../keysdata_helpers.h"
+
/*****************************************************************************
*
* Symmetic (binary) keys - just a wrapper for xmlSecKeyDataBinary
#include <certdb.h>
#include <pk11func.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/base64.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/keysmngr.h>
#include <xmlsec/x509.h>
-#include <xmlsec/base64.h>
#include <xmlsec/errors.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/nss/crypto.h>
#include <xmlsec/nss/x509.h>
#include <xmlsec/nss/pkikeys.h>
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
/* workaround - NSS exports this but doesn't declare it */
extern CERTCertificate * __CERT_NewTempCertificate(CERTCertDBHandle *handle,
* X509 utility functions
*
************************************************************************/
-static int xmlSecNssX509DataNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecNssX509CertificateNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecNssX509CertificateNodeWrite (CERTCertificate* cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecNssX509SubjectNameNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecNssX509SubjectNameNodeWrite (CERTCertificate* cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecNssX509IssuerSerialNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecNssX509IssuerSerialNodeWrite (CERTCertificate* cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecNssX509SKINodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecNssX509SKINodeWrite (CERTCertificate* cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecNssX509CRLNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecNssX509CRLNodeWrite (CERTSignedCrl* crl,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
static int xmlSecNssKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
xmlSecKeyPtr key,
xmlSecKeyInfoCtxPtr keyInfoCtx);
-static CERTCertificate* xmlSecNssX509CertDerRead (const xmlSecByte* buf,
+static int xmlSecNssX509SECItemWrite (SECItem * secItem,
+ xmlSecBufferPtr buf);
+static CERTCertificate* xmlSecNssX509CertDerRead (xmlSecByte* buf,
xmlSecSize size);
-static CERTCertificate* xmlSecNssX509CertBase64DerRead (xmlChar* buf);
-static xmlChar* xmlSecNssX509CertBase64DerWrite (CERTCertificate* cert,
- int base64LineWrap);
static CERTSignedCrl* xmlSecNssX509CrlDerRead (xmlSecByte* buf,
xmlSecSize size,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static CERTSignedCrl* xmlSecNssX509CrlBase64DerRead (xmlChar* buf,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static xmlChar* xmlSecNssX509CrlBase64DerWrite (CERTSignedCrl* crl,
- int base64LineWrap);
+ unsigned int flags);
static xmlChar* xmlSecNssX509NameWrite (CERTName* nm);
static xmlChar* xmlSecNssASN1IntegerWrite (SECItem *num);
-static xmlChar* xmlSecNssX509SKIWrite (CERTCertificate* cert);
static void xmlSecNssX509CertDebugDump (CERTCertificate* cert,
FILE* output);
static void xmlSecNssX509CertDebugXmlDump (CERTCertificate* cert,
/**************************************************************************
*
- * <dsig:X509Data> processing
- *
- *
- * The X509Data Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
- *
- * An X509Data element within KeyInfo contains one or more identifiers of keys
- * or X509 certificates (or certificates' identifiers or a revocation list).
- * The content of X509Data is:
- *
- * 1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
- * 2.
- * * The X509IssuerSerial element, which contains an X.509 issuer
- * distinguished name/serial number pair that SHOULD be compliant
- * with RFC2253 [LDAP-DN],
- * * The X509SubjectName element, which contains an X.509 subject
- * distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
- * * The X509SKI element, which contains the base64 encoded plain (i.e.
- * non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
- * * The X509Certificate element, which contains a base64-encoded [X509v3]
- * certificate, and
- * * Elements from an external namespace which accompanies/complements any
- * of the elements above.
- * * The X509CRL element, which contains a base64-encoded certificate
- * revocation list (CRL) [X509v3].
- *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
- * MUST refer to the certificate or certificates containing the validation key.
- * All such elements that refer to a particular individual certificate MUST be
- * grouped inside a single X509Data element and if the certificate to which
- * they refer appears, it MUST also be in that X509Data element.
- *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
- * the same key but different certificates MUST be grouped within a single
- * KeyInfo but MAY occur in multiple X509Data elements.
- *
- * All certificates appearing in an X509Data element MUST relate to the
- * validation key by either containing it or being part of a certification
- * chain that terminates in a certificate containing the validation key.
- *
- * No ordering is implied by the above constraints.
- *
- * Note, there is no direct provision for a PKCS#7 encoded "bag" of
- * certificates or CRLs. However, a set of certificates and CRLs can occur
- * within an X509Data element and multiple X509Data elements can occur in a
- * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
- * least one such certificate must contain the public key which verifies the
- * signature.
- *
- * Schema Definition
- *
- * <element name="X509Data" type="ds:X509DataType"/>
- * <complexType name="X509DataType">
- * <sequence maxOccurs="unbounded">
- * <choice>
- * <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
- * <element name="X509SKI" type="base64Binary"/>
- * <element name="X509SubjectName" type="string"/>
- * <element name="X509Certificate" type="base64Binary"/>
- * <element name="X509CRL" type="base64Binary"/>
- * <any namespace="##other" processContents="lax"/>
- * </choice>
- * </sequence>
- * </complexType>
- * <complexType name="X509IssuerSerialType">
- * <sequence>
- * <element name="X509IssuerName" type="string"/>
- * <element name="X509SerialNumber" type="integer"/>
- * </sequence>
- * </complexType>
- *
- * DTD
- *
- * <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
- * X509Certificate | X509CRL)+ %X509.ANY;)>
- * <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
- * <!ELEMENT X509IssuerName (#PCDATA) >
- * <!ELEMENT X509SubjectName (#PCDATA) >
- * <!ELEMENT X509SerialNumber (#PCDATA) >
- * <!ELEMENT X509SKI (#PCDATA) >
- * <!ELEMENT X509Certificate (#PCDATA) >
- * <!ELEMENT X509CRL (#PCDATA) >
- *
- * -----------------------------------------------------------------------
- *
- * xmlSecNssX509DataCtx is located after xmlSecTransform
+ * <dsig:X509Data> processing (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
*
*************************************************************************/
-#define xmlSecNssX509DataSize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecNssX509DataCtx))
-#define xmlSecNssX509DataGetCtx(data) \
- ((xmlSecNssX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+XMLSEC_KEY_DATA_DECLARE(NssX509Data, xmlSecNssX509DataCtx)
+#define xmlSecNssX509DataSize XMLSEC_KEY_DATA_SIZE(NssX509Data)
static int xmlSecNssKeyDataX509Initialize (xmlSecKeyDataPtr data);
static int xmlSecNssKeyDataX509Duplicate (xmlSecKeyDataPtr dst,
static void xmlSecNssKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data,
FILE* output);
-
+typedef struct _xmlSecNssKeyDataX509Context {
+ xmlSecSize crtPos;
+ xmlSecSize crtSize;
+ xmlSecSize crlPos;
+ xmlSecSize crlSize;
+} xmlSecNssDataX509Context;
+
+static int xmlSecNssKeyDataX509Read (xmlSecKeyDataPtr data,
+ xmlSecKeyValueX509Ptr x509Value,
+ xmlSecKeysMngrPtr keysMngr,
+ unsigned int flags);
+static int xmlSecNssKeyDataX509Write (xmlSecKeyDataPtr data,
+ xmlSecKeyValueX509Ptr x509Value,
+ int content,
+ void* context);
static xmlSecKeyDataKlass xmlSecNssKeyDataX509Klass = {
sizeof(xmlSecKeyDataKlass),
if(certSrc == NULL) {
xmlSecInternalError2("xmlSecNssKeyDataX509GetCert",
xmlSecKeyDataGetName(src),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return(-1);
}
if(crlSrc == NULL) {
xmlSecInternalError2("xmlSecNssKeyDataX509GetCrl",
xmlSecKeyDataGetName(src),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return(-1);
}
return(-1);
}
- ret = xmlSecNssX509DataNodeRead(data, node, keyInfoCtx);
+ ret = xmlSecKeyDataX509XmlRead(data, node, keyInfoCtx,
+ xmlSecNssKeyDataX509Read);
if(ret < 0) {
- xmlSecInternalError("xmlSecNssX509DataNodeRead",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecInternalError("xmlSecKeyDataX509XmlRead",
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
xmlSecNssKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
xmlSecKeyDataPtr data;
- CERTCertificate* cert;
- CERTSignedCrl* crl;
- xmlSecSize size, pos;
- int content = 0;
+ xmlSecNssDataX509Context context;
int ret;
xmlSecAssert2(id == xmlSecNssKeyDataX509Id, -1);
xmlSecAssert2(node != NULL, -1);
xmlSecAssert2(keyInfoCtx != NULL, -1);
- content = xmlSecX509DataGetNodeContent (node, keyInfoCtx);
- if (content < 0) {
- xmlSecInternalError2("xmlSecX509DataGetNodeContent",
- xmlSecKeyDataKlassGetName(id),
- "content=%d", content);
- return(-1);
- } else if(content == 0) {
- /* by default we are writing certificates and crls */
- content = XMLSEC_X509DATA_DEFAULT;
- }
-
/* get x509 data */
data = xmlSecKeyGetData(key, id);
if(data == NULL) {
return(0);
}
- /* write certs */
- size = xmlSecNssKeyDataX509GetCertsSize(data);
- for(pos = 0; pos < size; ++pos) {
- cert = xmlSecNssKeyDataX509GetCert(data, pos);
- if(cert == NULL) {
- xmlSecInternalError2("xmlSecNssKeyDataX509GetCert",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
-
- if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
- ret = xmlSecNssX509CertificateNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecNssX509CertificateNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
- ret = xmlSecNssX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecNssX509SubjectNameNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
- ret = xmlSecNssX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecNssX509IssuerSerialNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
- ret = xmlSecNssX509SKINodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecNssX509SKINodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
- }
-
- /* write crls if needed */
- if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
- size = xmlSecNssKeyDataX509GetCrlsSize(data);
- for(pos = 0; pos < size; ++pos) {
- crl = xmlSecNssKeyDataX509GetCrl(data, pos);
- if(crl == NULL) {
- xmlSecInternalError2("xmlSecNssKeyDataX509GetCrl",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
+ /* setup context */
+ context.crtPos = context.crlPos = 0;
+ context.crtSize = xmlSecNssKeyDataX509GetCertsSize(data);
+ context.crlSize = xmlSecNssKeyDataX509GetCrlsSize(data);
- ret = xmlSecNssX509CRLNodeWrite(crl, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecNssX509CRLNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
+ ret = xmlSecKeyDataX509XmlWrite(data, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecNssKeyDataX509Write, &context);
+ if(ret < 0) {
+ xmlSecInternalError3("xmlSecKeyDataX509XmlWrite",
+ xmlSecKeyDataKlassGetName(id),
+ "crtSize=" XMLSEC_SIZE_FMT "; crlSize=" XMLSEC_SIZE_FMT,
+ context.crtSize, context.crlSize);
+ return(-1);
}
+ /* success */
return(0);
}
if(cert == NULL) {
xmlSecInternalError2("xmlSecNssKeyDataX509GetCert",
xmlSecKeyDataGetName(data),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return;
}
fprintf(output, "==== Certificate:\n");
if(cert == NULL) {
xmlSecInternalError2("xmlSecNssKeyDataX509GetCert",
xmlSecKeyDataGetName(data),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return;
}
fprintf(output, "<Certificate>\n");
}
static int
-xmlSecNssX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- for(cur = xmlSecGetNextElementNode(node->children);
- cur != NULL;
- cur = xmlSecGetNextElementNode(cur->next)) {
-
- if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
- ret = xmlSecNssX509CertificateNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssX509CertificateNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
- ret = xmlSecNssX509SubjectNameNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssX509SubjectNameNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
- ret = xmlSecNssX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssX509IssuerSerialNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
- ret = xmlSecNssX509SKINodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssX509SKINodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
- ret = xmlSecNssX509CRLNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssX509CRLNodeRead",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
- /* laxi schema validation: ignore unknown nodes */
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
- return(-1);
- }
- }
- return(0);
-}
-
-static int
-xmlSecNssX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar *content;
- CERTCertificate* cert;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlNodeGetContent(node);
- if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
- if(content != NULL) {
- xmlFree(content);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- return(0);
- }
-
- cert = xmlSecNssX509CertBase64DerRead(content);
- if(cert == NULL) {
- xmlSecInternalError("xmlSecNssX509CertBase64DerRead",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
- return(-1);
- }
-
- ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CERT_DestroyCertificate(cert);
- xmlFree(content);
- return(-1);
- }
-
- xmlFree(content);
- return(0);
-}
-
-static int
-xmlSecNssX509CertificateNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* buf;
- xmlNodePtr cur;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- /* set base64 lines size from context */
- buf = xmlSecNssX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecNssX509CertBase64DerWrite", NULL);
- return(-1);
- }
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509Certificate)", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- /* todo: add \n around base64 data - from context */
- /* todo: add errors check */
- xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
- xmlNodeSetContent(cur, buf);
- xmlFree(buf);
- return(0);
-}
-
-static int
-xmlSecNssX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecNssKeyDataX509Read(xmlSecKeyDataPtr data, xmlSecKeyValueX509Ptr x509Value,
+ xmlSecKeysMngrPtr keysMngr, unsigned int flags) {
xmlSecKeyDataStorePtr x509Store;
- xmlChar* subject;
- CERTCertificate* cert;
+ CERTCertificate* cert = NULL;
+ CERTSignedCrl* crl = NULL;
+ int stopOnUnknownCert = 0;
int ret;
+ int res = -1;
+ xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(keysMngr != NULL, -1);
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
+ x509Store = xmlSecKeysMngrGetDataStore(keysMngr, xmlSecNssX509StoreId);
if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
+ xmlSecInternalError("xmlSecKeysMngrGetDataStore", xmlSecKeyDataGetName(data));
+ goto done;
}
- subject = xmlNodeGetContent(node);
- if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
- if(subject != NULL) {
- xmlFree(subject);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- return(0);
+ /* determine what to do */
+ if((flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ stopOnUnknownCert = 1;
}
- cert = xmlSecNssX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
- if(cert == NULL){
-
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ if(xmlSecBufferGetSize(&(x509Value->cert)) > 0) {
+ cert = xmlSecNssX509CertDerRead(xmlSecBufferGetData(&(x509Value->cert)),
+ xmlSecBufferGetSize(&(x509Value->cert)));
+ if(cert == NULL) {
+ xmlSecInternalError("xmlSecNssX509CertDerRead", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ } else if(xmlSecBufferGetSize(&(x509Value->crl)) > 0) {
+ crl = xmlSecNssX509CrlDerRead(xmlSecBufferGetData(&(x509Value->crl)),
+ xmlSecBufferGetSize(&(x509Value->crl)), flags);
+ if(crl == NULL) {
+ xmlSecInternalError("xmlSecNssX509CertDerRead", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ } else if(xmlSecBufferGetSize(&(x509Value->ski)) > 0) {
+ cert = xmlSecNssX509StoreFindCert_ex(x509Store, NULL, NULL, NULL,
+ xmlSecBufferGetData(&(x509Value->ski)), xmlSecBufferGetSize(&(x509Value->ski)),
+ NULL /* unused */);
+ if((cert == NULL) && (stopOnUnknownCert != 0)) {
xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "subject=%s", xmlSecErrorsSafeString(subject));
- xmlFree(subject);
- return(-1);
+ "skiSize=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(&(x509Value->ski)));
+ goto done;
}
-
- xmlFree(subject);
- return(0);
- }
-
- ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CERT_DestroyCertificate(cert);
- xmlFree(subject);
- return(-1);
- }
-
- xmlFree(subject);
- return(0);
-}
-
-static int
-xmlSecNssX509SubjectNameNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlChar* buf = NULL;
- xmlNodePtr cur = NULL;
- int ret;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- buf = xmlSecNssX509NameWrite(&(cert->subject));
- if(buf == NULL) {
- xmlSecInternalError("xmlSecNssX509NameWrite(&(cert->subject))", NULL);
- return(-1);
- }
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SubjectName)", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- ret = xmlSecNodeEncodeAndSetContent(cur, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- /* done */
- xmlFree(buf);
- return(0);
-}
-
-static int
-xmlSecNssX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr x509Store;
- xmlNodePtr cur;
- xmlChar *issuerName;
- xmlChar *issuerSerial;
- CERTCertificate* cert;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(node->children);
- if(cur == NULL) {
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecNodeNotFoundError("xmlSecGetNextElementNode", node, NULL,
- xmlSecKeyDataGetName(data));
- return(-1);
+ } else if(x509Value->subject != NULL) {
+ cert = xmlSecNssX509StoreFindCert_ex(x509Store, x509Value->subject,
+ NULL, NULL, NULL, 0, NULL /* unused */);
+ if((cert == NULL) && (stopOnUnknownCert != 0)) {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "subject=%s", xmlSecErrorsSafeString(x509Value->subject));
+ goto done;
}
- return(0);
- }
-
- /* the first is required node X509IssuerName */
- if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
- xmlSecInvalidNodeError(cur, xmlSecNodeX509IssuerName, xmlSecKeyDataGetName(data));
- return(-1);
- }
- issuerName = xmlNodeGetContent(cur);
- if(issuerName == NULL) {
- xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* next is required node X509SerialNumber */
- if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
- xmlSecInvalidNodeError(cur, xmlSecNodeX509SerialNumber, xmlSecKeyDataGetName(data));
- xmlFree(issuerName);
- return(-1);
- }
- issuerSerial = xmlNodeGetContent(cur);
- if(issuerSerial == NULL) {
- xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data), "empty");
- xmlFree(issuerName);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
- }
-
- cert = xmlSecNssX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
- if(cert == NULL){
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ } else if((x509Value->issuerName != NULL) && (x509Value->issuerSerial != NULL)) {
+ cert = xmlSecNssX509StoreFindCert_ex(x509Store, NULL,
+ x509Value->issuerName, x509Value->issuerSerial,
+ NULL, 0, NULL /* unused */);
+ if((cert == NULL) && (stopOnUnknownCert != 0)) {
xmlSecOtherError3(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "issuerName=%s;issuerSerial=%s",
- xmlSecErrorsSafeString(issuerName),
- xmlSecErrorsSafeString(issuerSerial));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
+ "issuerName=%s;issuerSerial=%s",
+ xmlSecErrorsSafeString(x509Value->issuerName),
+ xmlSecErrorsSafeString(x509Value->issuerSerial));
+ goto done;
}
-
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(0);
- }
-
- ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CERT_DestroyCertificate(cert);
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
- }
-
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(0);
-}
-
-static int
-xmlSecNssX509IssuerSerialNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlNodePtr cur;
- xmlNodePtr issuerNameNode;
- xmlNodePtr issuerNumberNode;
- xmlChar* buf;
- int ret;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* create xml nodes */
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509IssuerSerial)", NULL);
- return(-1);
}
- issuerNameNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
- if(issuerNameNode == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509IssuerName)", NULL);
- return(-1);
+ /* if we found a cert or a crl, then add it to the data */
+ if(cert != NULL) {
+ ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssKeyDataX509AdoptCert", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ cert = NULL; /* owned by data now */
}
-
- issuerNumberNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
- if(issuerNumberNode == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SerialNumber)", NULL);
- return(-1);
+ if(crl != NULL) {
+ ret = xmlSecNssKeyDataX509AdoptCrl(data, crl);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNssKeyDataX509AdoptCrl", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ crl = NULL; /* owned by data now */
}
- /* write data */
- buf = xmlSecNssX509NameWrite(&(cert->issuer));
- if(buf == NULL) {
- xmlSecInternalError("xmlSecNssX509NameWrite(&(cert->issuer))", NULL);
- return(-1);
- }
+ /* success */
+ res = 0;
- ret = xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent(issuerNameNode)", NULL);
- xmlFree(buf);
- return(-1);
+done:
+ /* cleanup */
+ if(cert != NULL) {
+ CERT_DestroyCertificate(cert);
}
- xmlFree(buf);
-
- buf = xmlSecNssASN1IntegerWrite(&(cert->serialNumber));
- if(buf == NULL) {
- xmlSecInternalError("xmlSecNssASN1IntegerWrite(&(cert->serialNumber))", NULL);
- return(-1);
+ if(crl != NULL) {
+ SEC_DestroyCrl(crl);
}
- xmlNodeSetContent(issuerNumberNode, buf);
- xmlFree(buf);
-
- return(0);
+ return(res);
}
static int
-xmlSecNssX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr x509Store;
- xmlChar* ski;
- CERTCertificate* cert;
+xmlSecNssKeyDataX509Write(xmlSecKeyDataPtr data, xmlSecKeyValueX509Ptr x509Value,
+ int content, void* context) {
+ xmlSecNssDataX509Context* ctx;
int ret;
+ xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(context != NULL, -1);
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
+ ctx = (xmlSecNssDataX509Context*)context;
- ski = xmlNodeGetContent(node);
- if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
- if(ski != NULL) {
- xmlFree(ski);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
+ if(ctx->crtPos < ctx->crtSize) {
+ /* write cert */
+ CERTCertificate* cert = xmlSecNssKeyDataX509GetCert(data, ctx->crtPos);
+ if(cert == NULL) {
+ xmlSecInternalError2("xmlSecNssKeyDataX509GetCert",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
return(-1);
}
- return(0);
- }
-
- cert = xmlSecNssX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
- if(cert == NULL){
- xmlFree(ski);
-
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "ski=%s", xmlSecErrorsSafeString(ski));
- return(-1);
+ if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
+ ret = xmlSecNssX509SECItemWrite(&(cert->derCert), &(x509Value->cert));
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecNssX509SECItemWrite(cert)",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
}
- return(0);
- }
-
- ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNssKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- CERT_DestroyCertificate(cert);
- xmlFree(ski);
- return(-1);
- }
-
- xmlFree(ski);
- return(0);
-}
-
-static int
-xmlSecNssX509SKINodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlChar *buf = NULL;
- xmlNodePtr cur = NULL;
- int ret;
-
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- buf = xmlSecNssX509SKIWrite(cert);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecNssX509SKIWrite", NULL);
- return(-1);
- }
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SKI)", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- ret = xmlSecNodeEncodeAndSetContent(cur, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
- return(-1);
- }
-
- /* done */
- xmlFree(buf);
- return(0);
-}
+ if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
+ SECItem ski;
+ SECStatus rv;
-static int
-xmlSecNssX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar *content;
- CERTSignedCrl* crl;
+ rv = CERT_FindSubjectKeyIDExtension(cert, &ski);
+ if (rv != SECSuccess) {
+ xmlSecNssError("CERT_FindSubjectKeyIDExtension", NULL);
+ return(-1);
+ }
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ ret = xmlSecNssX509SECItemWrite(&ski, &(x509Value->ski));
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecNssX509SECItemWrite(ski)",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ SECITEM_FreeItem(&ski, PR_FALSE);
+ return(-1);
+ }
+ SECITEM_FreeItem(&ski, PR_FALSE);
+ }
+ if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
+ xmlSecAssert2(x509Value->subject == NULL, -1);
- content = xmlNodeGetContent(node);
- if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
- if(content != NULL) {
- xmlFree(content);
+ x509Value->subject = xmlSecNssX509NameWrite(&(cert->subject));
+ if(x509Value->subject == NULL) {
+ xmlSecInternalError2("xmlSecNssX509NameWrite(subject)",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
}
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
+ if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
+ xmlSecAssert2(x509Value->issuerName == NULL, -1);
+ xmlSecAssert2(x509Value->issuerSerial == NULL, -1);
+
+ x509Value->issuerName = xmlSecNssX509NameWrite(&(cert->issuer));
+ if(x509Value->issuerName == NULL) {
+ xmlSecInternalError2("xmlSecNssX509NameWrite(ssuer)",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
+ x509Value->issuerSerial = xmlSecNssASN1IntegerWrite(&(cert->serialNumber));
+ if(x509Value->issuerSerial == NULL) {
+ xmlSecInternalError2("xmlSecNssASN1IntegerWrite(serialNumber))",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
+ }
+ }
+ ++ctx->crtPos;
+ } else if(ctx->crlPos < ctx->crlSize) {
+ /* write crl */
+ CERTSignedCrl* crl = xmlSecNssKeyDataX509GetCrl(data, ctx->crlPos);
+ if(crl == NULL) {
+ xmlSecInternalError2("xmlSecNssKeyDataX509GetCrl",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crlPos);
return(-1);
}
- return(0);
- }
-
- crl = xmlSecNssX509CrlBase64DerRead(content, keyInfoCtx);
- if(crl == NULL) {
- xmlSecInternalError("xmlSecNssX509CrlBase64DerRead",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
- return(-1);
- }
-
- SEC_DestroyCrl(crl);
- xmlFree(content);
- return(0);
-}
-
-static int
-xmlSecNssX509CRLNodeWrite(CERTSignedCrl* crl, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* buf = NULL;
- xmlNodePtr cur = NULL;
-
- xmlSecAssert2(crl != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- /* set base64 lines size from context */
- buf = xmlSecNssX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecNssX509CrlBase64DerWrite", NULL);
- return(-1);
- }
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509CRL)", NULL);
- xmlFree(buf);
- return(-1);
+ if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
+ ret = xmlSecNssX509SECItemWrite(crl->derCrl, &(x509Value->crl));
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecNssX509SECItemWrite(crl)",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crlPos);
+ return(-1);
+ }
+ }
+ ++ctx->crlPos;
+ } else {
+ /* no more certs or crls */
+ return(1);
}
- /* todo: add \n around base64 data - from context */
- /* todo: add errors check */
- xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
- xmlNodeSetContent(cur, buf);
- xmlFree(buf);
+ /* success */
return(0);
}
-
static int
xmlSecNssKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
xmlSecKeyInfoCtxPtr keyInfoCtx) {
return(data);
}
-static CERTCertificate*
-xmlSecNssX509CertBase64DerRead(xmlChar* buf) {
- int ret;
+static int
+xmlSecNssX509SECItemWrite(SECItem* secItem, xmlSecBufferPtr buf) {
+ xmlSecAssert2(secItem != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
- xmlSecAssert2(buf != NULL, NULL);
+ if((secItem->data != NULL) && (secItem->len > 0)) {
+ int ret;
- /* usual trick with base64 decoding "in-place" */
- ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- return(NULL);
+ ret = xmlSecBufferSetData(buf, secItem->data, secItem->len);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData", NULL,
+ "size=%u", secItem->len);
+ return(-1);
+ }
+ } else {
+ xmlSecBufferEmpty(buf);
}
-
- return(xmlSecNssX509CertDerRead((xmlSecByte*)buf, ret));
+ return(0);
}
-
static CERTCertificate*
-xmlSecNssX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
+xmlSecNssX509CertDerRead(xmlSecByte* buf, xmlSecSize size) {
CERTCertificate *cert;
SECItem derCert;
xmlSecAssert2(buf != NULL, NULL);
xmlSecAssert2(size > 0, NULL);
- derCert.data = (unsigned char *)buf;
- derCert.len = size;
+ derCert.data = buf;
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(size, derCert.len, return(NULL), NULL);
/* decode cert and import to temporary cert db */
cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &derCert,
return(cert);
}
-static xmlChar*
-xmlSecNssX509CertBase64DerWrite(CERTCertificate* cert, int base64LineWrap) {
- xmlChar *res = NULL;
- xmlSecByte *p = NULL;
- long size;
-
- xmlSecAssert2(cert != NULL, NULL);
-
- p = cert->derCert.data;
- xmlSecAssert2(p != NULL, NULL);
-
- size = cert->derCert.len;
- xmlSecAssert2(size > 0, NULL);
-
- res = xmlSecBase64Encode(p, size, base64LineWrap);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- return(NULL);
- }
-
- return(res);
-}
-
static CERTSignedCrl*
-xmlSecNssX509CrlBase64DerRead(xmlChar* buf,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- int ret;
-
- xmlSecAssert2(buf != NULL, NULL);
-
- /* usual trick with base64 decoding "in-place" */
- ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- return(NULL);
- }
-
- return(xmlSecNssX509CrlDerRead((xmlSecByte*)buf, ret, keyInfoCtx));
-}
-
-
-static CERTSignedCrl*
-xmlSecNssX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecNssX509CrlDerRead(xmlSecByte* buf, xmlSecSize size, unsigned int flags) {
CERTSignedCrl *crl = NULL;
SECItem derCrl;
PK11SlotInfo *slot = NULL;
PRInt32 importOptions = CRL_IMPORT_DEFAULT_OPTIONS;
xmlSecAssert2(buf != NULL, NULL);
- xmlSecAssert2(keyInfoCtx != NULL, NULL);
xmlSecAssert2(size > 0, NULL);
derCrl.data = buf;
- derCrl.len = size;
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(size, derCrl.len, return(NULL), NULL);
/* we're importing a CRL, it is ok to use the internal slot.
* crlutil does it :)
return NULL;
}
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS) != 0) {
+ if((flags & XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS) != 0) {
importOptions |= CRL_IMPORT_BYPASS_CHECKS;
}
}
static xmlChar*
-xmlSecNssX509CrlBase64DerWrite(CERTSignedCrl* crl, int base64LineWrap) {
- xmlChar *res = NULL;
- xmlSecByte *p = NULL;
- long size;
-
- xmlSecAssert2(crl != NULL && crl->derCrl != NULL, NULL);
-
- p = crl->derCrl->data;
- xmlSecAssert2(p != NULL, NULL);
-
- size = crl->derCrl->len;
- xmlSecAssert2(size > 0, NULL);
-
- res = xmlSecBase64Encode(p, size, base64LineWrap);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- return(NULL);
- }
-
- return(res);
-}
-
-static xmlChar*
xmlSecNssX509NameWrite(CERTName* nm) {
xmlChar *res = NULL;
char *str;
return(res);
}
+
+/* not more than 64 chars */
+#define XMLSEC_NSS_INT_TO_STR_MAX_SIZE 64
+
static xmlChar*
xmlSecNssASN1IntegerWrite(SECItem *num) {
xmlChar *res = NULL;
- int resLen = 64; /* not more than 64 chars */
PRUint64 val = 0;
unsigned int ii = 0;
int shift = 0;
}
}
- res = (xmlChar*)xmlMalloc(resLen + 1);
+ res = (xmlChar*)xmlMalloc(XMLSEC_NSS_INT_TO_STR_MAX_SIZE + 1);
if(res == NULL) {
- xmlSecMallocError(resLen + 1, NULL);
+ xmlSecMallocError(XMLSEC_NSS_INT_TO_STR_MAX_SIZE + 1, NULL);
return (NULL);
}
- PR_snprintf((char*)res, resLen, "%llu", val);
+ PR_snprintf((char*)res, XMLSEC_NSS_INT_TO_STR_MAX_SIZE, "%llu", val);
return(res);
}
-static xmlChar*
-xmlSecNssX509SKIWrite(CERTCertificate* cert) {
- xmlChar *res = NULL;
- SECItem ski;
- SECStatus rv;
-
- xmlSecAssert2(cert != NULL, NULL);
-
- memset(&ski, 0, sizeof(ski));
-
- rv = CERT_FindSubjectKeyIDExtension(cert, &ski);
- if (rv != SECSuccess) {
- xmlSecNssError("CERT_FindSubjectKeyIDExtension", NULL);
- SECITEM_FreeItem(&ski, PR_FALSE);
- return(NULL);
- }
-
- res = xmlSecBase64Encode(ski.data, ski.len, 0);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- SECITEM_FreeItem(&ski, PR_FALSE);
- return(NULL);
- }
- SECITEM_FreeItem(&ski, PR_FALSE);
-
- return(res);
-}
-
-
static void
xmlSecNssX509CertDebugDump(CERTCertificate* cert, FILE* output) {
SECItem *sn;
/* read/write */
NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
- xmlSecNssKeyDataRawX509CertBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
+ xmlSecNssKeyDataRawX509CertBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
/* debug */
xmlSecAssert2(bufSize > 0, -1);
xmlSecAssert2(keyInfoCtx != NULL, -1);
- cert = xmlSecNssX509CertDerRead(buf, bufSize);
+ cert = xmlSecNssX509CertDerRead((xmlSecByte*)buf, bufSize);
if(cert == NULL) {
xmlSecInternalError("xmlSecNssX509CertDerRead", NULL);
return(-1);
#include <cert.h>
#include <secerr.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/keysmngr.h>
#include <xmlsec/base64.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/nss/crypto.h>
#include <xmlsec/nss/x509.h>
+#include "../cast_helpers.h"
+
/**************************************************************************
*
* Internal NSS X509 store CTX
*
* 1) Just keeping a reference to destroy later.
*
- * 2) NSS doesn't update it's cache correctly when new certs are added
+ * 2) NSS doesn't update it's cache correctly when new certs are added
* https://bugzilla.mozilla.org/show_bug.cgi?id=211051
* we use this list to perform search ourselves.
*/
*
* xmlSecNssKeyDataStoreX509Id:
*
- * xmlSecNssX509StoreCtx is located after xmlSecTransform
- *
***************************************************************************/
-#define xmlSecNssX509StoreGetCtx(store) \
- ((xmlSecNssX509StoreCtxPtr)(((xmlSecByte*)(store)) + \
- sizeof(xmlSecKeyDataStoreKlass)))
-#define xmlSecNssX509StoreSize \
- (sizeof(xmlSecKeyDataStoreKlass) + sizeof(xmlSecNssX509StoreCtx))
+XMLSEC_KEY_DATA_STORE_DECLARE(NssX509Store, xmlSecNssX509StoreCtx)
+#define xmlSecNssX509StoreSize XMLSEC_KEY_DATA_STORE_SIZE(NssX509Store)
static int xmlSecNssX509StoreInitialize (xmlSecKeyDataStorePtr store);
static void xmlSecNssX509StoreFinalize (xmlSecKeyDataStorePtr store);
-static int xmlSecNssX509NameStringRead (xmlSecByte **str,
- int *strLen,
- xmlSecByte *res,
- int resLen,
+static int xmlSecNssX509NameStringRead (const xmlSecByte **in,
+ xmlSecSize *inSize,
+ xmlSecByte *out,
+ xmlSecSize outSize,
+ xmlSecSize *outWritten,
xmlSecByte delim,
int ingoreTrailingSpaces);
-static xmlSecByte * xmlSecNssX509NameRead (xmlSecByte *str,
- int len);
+static xmlSecByte * xmlSecNssX509NameRead (const xmlChar *str);
-static int xmlSecNssNumToItem (SECItem *it,
+static int xmlSecNssNumToItem (SECItem *it,
PRUint64 num);
const xmlChar *subjectName,
const xmlChar *issuerName,
const xmlChar *issuerSerial,
- xmlChar *ski);
+ xmlSecByte * ski,
+ xmlSecSize skiSize);
/**
xmlSecNssX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectName,
xmlChar *issuerName, xmlChar *issuerSerial,
xmlChar *ski, xmlSecKeyInfoCtx* keyInfoCtx) {
+ if(ski != NULL) {
+ xmlSecSize skiDecodedSize = 0;
+ int ret;
+
+ /* our usual trick with base64 decode */
+ ret = xmlSecBase64DecodeInPlace(ski, &skiDecodedSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBase64DecodeInPlace", NULL,
+ "ski=%s", xmlSecErrorsSafeString(ski));
+ return(NULL);
+ }
+
+ return(xmlSecNssX509StoreFindCert_ex(store, subjectName, issuerName, issuerSerial,
+ (xmlSecByte*)ski, skiDecodedSize, keyInfoCtx));
+ } else {
+ return(xmlSecNssX509StoreFindCert_ex(store, subjectName, issuerName, issuerSerial,
+ NULL, 0, keyInfoCtx));
+
+ }
+}
+
+
+/**
+ * xmlSecNssX509StoreFindCert_ex:
+ * @store: the pointer to X509 key data store klass.
+ * @subjectName: the desired certificate name.
+ * @issuerName: the desired certificate issuer name.
+ * @issuerSerial: the desired certificate issuer serial number.
+ * @ski: the desired certificate SKI.
+ * @skiSize: the desired certificate SKI size.
+ * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context.
+ *
+ * Searches @store for a certificate that matches given criteria.
+ *
+ * Returns: pointer to found certificate or NULL if certificate is not found
+ * or an error occurs.
+ */
+CERTCertificate *
+xmlSecNssX509StoreFindCert_ex(xmlSecKeyDataStorePtr store, xmlChar *subjectName,
+ xmlChar *issuerName, xmlChar *issuerSerial,
+ xmlSecByte * ski, xmlSecSize skiSize,
+ xmlSecKeyInfoCtx* keyInfoCtx ATTRIBUTE_UNUSED) {
xmlSecNssX509StoreCtxPtr ctx;
xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecNssX509StoreId), NULL);
- xmlSecAssert2(keyInfoCtx != NULL, NULL);
+ UNREFERENCED_PARAMETER(keyInfoCtx);
ctx = xmlSecNssX509StoreGetCtx(store);
xmlSecAssert2(ctx != NULL, NULL);
- return xmlSecNssX509FindCert(ctx->certsList, subjectName, issuerName, issuerSerial, ski);
+ return xmlSecNssX509FindCert(ctx->certsList, subjectName,
+ issuerName, issuerSerial,
+ ski, skiSize);
}
+
/**
* xmlSecNssX509StoreVerify:
* @store: the pointer to X509 key data store klass.
xmlSecAssert2(ctx != NULL, NULL);
if(keyInfoCtx->certsVerificationTime > 0) {
- /* convert the time since epoch in seconds to microseconds */
+ /* convert the time since epoch in seconds to microseconds */
LL_UI2L(timeboundary, keyInfoCtx->certsVerificationTime);
tmp1 = (int64)PR_USEC_PER_SEC;
tmp2 = timeboundary;
case SEC_ERROR_CA_CERT_INVALID:
case SEC_ERROR_UNKNOWN_SIGNER:
xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_ISSUER_FAILED,
- xmlSecKeyDataStoreGetName(store),
- "subject=\"%s\"; reason=the issuer's cert is expired/invalid or not found",
- xmlSecErrorsSafeString(cert->subjectName));
+ xmlSecKeyDataStoreGetName(store),
+ "subject=\"%s\"; reason=the issuer's cert is expired/invalid or not found",
+ xmlSecErrorsSafeString(cert->subjectName));
break;
case SEC_ERROR_EXPIRED_CERTIFICATE:
xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
- xmlSecKeyDataStoreGetName(store),
- "subject=\"%s\"; reason=expired",
- xmlSecErrorsSafeString(cert->subjectName));
+ xmlSecKeyDataStoreGetName(store),
+ "subject=\"%s\"; reason=expired",
+ xmlSecErrorsSafeString(cert->subjectName));
break;
case SEC_ERROR_REVOKED_CERTIFICATE:
xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_REVOKED,
- xmlSecKeyDataStoreGetName(store),
- "subject=\"%s\"; reason=revoked",
- xmlSecErrorsSafeString(cert->subjectName));
+ xmlSecKeyDataStoreGetName(store),
+ "subject=\"%s\"; reason=revoked",
+ xmlSecErrorsSafeString(cert->subjectName));
break;
default:
xmlSecOtherError3(XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
- xmlSecKeyDataStoreGetName(store),
- "subject=\"%s\"; reason=%d",
- xmlSecErrorsSafeString(cert->subjectName),
- (int)err);
+ xmlSecKeyDataStoreGetName(store),
+ "subject=\"%s\"; reason=%d",
+ xmlSecErrorsSafeString(cert->subjectName),
+ err);
break;
}
/* nss doesn't support emailAddress (see https://bugzilla.mozilla.org/show_bug.cgi?id=561689)
* This code is not bullet proof and may produce incorrect results if someone has
- * "emailAddress=" string in one of the fields, but it is best I can suggest to fix
+ * "emailAddress=" string in one of the fields, but it is best I can suggest to fix
* this problem.
*/
name2 = xmlStrdup(name);
memcpy(p, " E=", 13);
}
- tmp = xmlSecNssX509NameRead(name2, xmlStrlen(name2));
+ tmp = xmlSecNssX509NameRead(name2);
if(tmp == NULL) {
xmlSecInternalError2("xmlSecNssX509NameRead", NULL,
"name2=\"%s\"", xmlSecErrorsSafeString(name2));
res = CERT_AsciiToName((char*)tmp);
if (res == NULL) {
- xmlSecNssError2("CERT_AsciiToName", NULL,
- "ascii=\"%s\"", xmlSecErrorsSafeString((char*)tmp));
+ xmlSecNssError3("CERT_AsciiToName", NULL,
+ "name2=\"%s\";tmp=\"%s\"",
+ xmlSecErrorsSafeString((char*)name2),
+ xmlSecErrorsSafeString((char*)tmp));
PORT_Free(tmp);
xmlFree(name2);
return(NULL);
static CERTCertificate*
xmlSecNssX509FindCert(CERTCertList* certsList, const xmlChar *subjectName,
const xmlChar *issuerName, const xmlChar *issuerSerial,
- xmlChar *ski) {
+ xmlSecByte * ski, xmlSecSize skiSize) {
CERTCertificate *cert = NULL;
CERTName *name = NULL;
SECItem *nameitem = NULL;
PRArenaPool *arena = NULL;
int rv;
+ /* certsList can be NULL */
+
+ /* search by subject name if available */
if ((cert == NULL) && (subjectName != NULL)) {
name = xmlSecNssGetCertName(subjectName);
if (name == NULL) {
cert = CERT_FindCertByName(CERT_GetDefaultCertDB(), nameitem);
}
+ /* search by issuer name+serial if available */
if((cert == NULL) && (issuerName != NULL) && (issuerSerial != NULL)) {
CERTIssuerAndSN issuerAndSN;
PRUint64 issuerSN = 0;
SECITEM_FreeItem(&issuerAndSN.serialNumber, PR_FALSE);
}
- if((cert == NULL) && (ski != NULL)) {
+ /* search by SKI if available */
+ if((cert == NULL) && (ski != NULL) && (skiSize > 0)) {
SECItem subjKeyID;
- int len;
-
- len = xmlSecBase64Decode(ski, (xmlSecByte*)ski, xmlStrlen(ski));
- if(len < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- goto done;
- }
memset(&subjKeyID, 0, sizeof(subjKeyID));
subjKeyID.data = ski;
- subjKeyID.len = len;
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(skiSize, subjKeyID.len, goto done, NULL);
+
cert = CERT_FindCertBySubjectKeyID(CERT_GetDefaultCertDB(),
&subjKeyID);
* when new certs are added https://bugzilla.mozilla.org/show_bug.cgi?id=211051
*/
if((cert == NULL) && (certsList != NULL)) {
-
for(head = CERT_LIST_HEAD(certsList);
(cert == NULL) && !CERT_LIST_END(head, certsList) &&
(head != NULL) && (head->cert != NULL);
}
static xmlSecByte *
-xmlSecNssX509NameRead(xmlSecByte *str, int len) {
+xmlSecNssX509NameRead(const xmlChar *str) {
xmlSecByte name[256];
xmlSecByte value[256];
xmlSecByte *retval = NULL;
xmlSecByte *p = NULL;
- int nameLen, valueLen;
+ xmlSecSize strSize, nameSize, valueSize;
+ int ret;
xmlSecAssert2(str != NULL, NULL);
/* return string should be no longer than input string */
- retval = (xmlSecByte *)PORT_Alloc(len+1);
+ strSize = xmlSecStrlen(str);
+ retval = (xmlSecByte *)PORT_Alloc(strSize + 1);
if(retval == NULL) {
- xmlSecNssError2("PORT_Alloc", NULL,
- "size=%d", (len+1));
+ xmlSecNssError2("PORT_Alloc", NULL, "size=" XMLSEC_SIZE_FMT, (strSize + 1));
return(NULL);
}
p = retval;
- while(len > 0) {
+ while(strSize > 0) {
/* skip spaces after comma or semicolon */
- while((len > 0) && isspace(*str)) {
- ++str; --len;
+ while((strSize > 0) && isspace(*str)) {
+ ++str; --strSize;
}
- nameLen = xmlSecNssX509NameStringRead(&str, &len, name, sizeof(name), '=', 0);
- if(nameLen < 0) {
+ nameSize = 0;
+ ret = xmlSecNssX509NameStringRead(&str, &strSize,
+ name, sizeof(name), &nameSize, '=', 0);
+ if(ret < 0) {
xmlSecInternalError("xmlSecNssX509NameStringRead", NULL);
goto done;
}
- memcpy(p, name, nameLen);
- p+=nameLen;
- *p++='=';
- if(len > 0) {
- ++str; --len;
+
+ memcpy(p, name, nameSize);
+ p += nameSize;
+ *(p++) = '=';
+
+ if(strSize > 0) {
+ ++str; --strSize;
if((*str) == '\"') {
- valueLen = xmlSecNssX509NameStringRead(&str, &len,
- value, sizeof(value), '"', 1);
- if(valueLen < 0) {
+ valueSize = 0;
+ ret = xmlSecNssX509NameStringRead(&str, &strSize,
+ value, sizeof(value), &valueSize, '"', 1);
+ if(ret < 0) {
xmlSecInternalError("xmlSecNssX509NameStringRead", NULL);
goto done;
}
+ *(p++) = '\"';
+ memcpy(p, value, valueSize);
+ p += valueSize;
+ *(p++) = '\"';
+
/* skip spaces before comma or semicolon */
- while((len > 0) && isspace(*str)) {
- ++str; --len;
+ while((strSize > 0) && isspace(*str)) {
+ ++str; --strSize;
}
- if((len > 0) && ((*str) != ',')) {
+ if((strSize > 0) && ((*str) != ',')) {
xmlSecInvalidIntegerDataError("char", (*str), "comma ','", NULL);
goto done;
}
- if(len > 0) {
- ++str; --len;
+ if(strSize > 0) {
+ ++str; --strSize;
}
- *p++='\"';
- memcpy(p, value, valueLen);
- p+=valueLen;
- *p++='\"';
} else if((*str) == '#') {
/* TODO: read octect values */
xmlSecNotImplementedError("reading octect values is not implemented yet");
goto done;
} else {
- valueLen = xmlSecNssX509NameStringRead(&str, &len,
- value, sizeof(value), ',', 1);
- if(valueLen < 0) {
+ ret = xmlSecNssX509NameStringRead(&str, &strSize,
+ value, sizeof(value), &valueSize, ',', 1);
+ if(ret < 0) {
xmlSecInternalError("xmlSecNssX509NameStringRead", NULL);
goto done;
}
- memcpy(p, value, valueLen);
- p+=valueLen;
- if (len > 0) {
- *p++=',';
+
+ memcpy(p, value, valueSize);
+ p += valueSize;
+ if (strSize > 0) {
+ *(p++) = ',';
}
}
}
- if(len > 0) {
- ++str; --len;
+ if(strSize > 0) {
+ ++str; --strSize;
}
}
}
static int
-xmlSecNssX509NameStringRead(xmlSecByte **str, int *strLen,
- xmlSecByte *res, int resLen,
+xmlSecNssX509NameStringRead(const xmlSecByte **in, xmlSecSize *inSize,
+ xmlSecByte *out, xmlSecSize outSize,
+ xmlSecSize *outWritten,
xmlSecByte delim, int ingoreTrailingSpaces) {
- xmlSecByte *p, *q, *nonSpace;
-
- xmlSecAssert2(str != NULL, -1);
- xmlSecAssert2(strLen != NULL, -1);
- xmlSecAssert2(res != NULL, -1);
-
- p = (*str);
- nonSpace = q = res;
- while(((p - (*str)) < (*strLen)) && ((*p) != delim) && ((q - res) < resLen)) {
- if((*p) != '\\') {
- if(ingoreTrailingSpaces && !isspace(*p)) {
- nonSpace = q;
+ xmlSecSize ii, jj, nonSpace;
+
+ xmlSecAssert2(in != NULL, -1);
+ xmlSecAssert2((*in) != NULL, -1);
+ xmlSecAssert2(inSize != NULL, -1);
+ xmlSecAssert2(out != NULL, -1);
+
+ ii = jj = nonSpace = 0;
+ while (ii < (*inSize)) {
+ xmlSecByte inCh, inCh2, outCh;
+
+ inCh = (*in)[ii];
+ if (inCh == delim) {
+ break;
+ }
+ if (jj >= outSize) {
+ xmlSecInvalidSizeOtherError("output buffer is too small", NULL);
+ return(-1);
+ }
+
+ if (inCh == '\\') {
+ /* try to move to next char after \\ */
+ ++ii;
+ if (ii >= (*inSize)) {
+ break;
}
- *(q++) = *(p++);
- } else {
- ++p;
- nonSpace = q;
- if(xmlSecIsHex((*p))) {
- if((p - (*str) + 1) >= (*strLen)) {
+ inCh = (*in)[ii];
+
+ /* if next char after \\ is a hex then we expect \\XX, otherwise we just remove \\ */
+ if (xmlSecIsHex(inCh)) {
+ /* try to move to next char after \\X */
+ ++ii;
+ if (ii >= (*inSize)) {
xmlSecInvalidDataError("two hex digits expected", NULL);
return(-1);
}
- *(q++) = xmlSecGetHex(p[0]) * 16 + xmlSecGetHex(p[1]);
- p += 2;
- } else {
- if(((++p) - (*str)) >= (*strLen)) {
- xmlSecInvalidDataError("escaped symbol missed", NULL);
+ inCh2 = (*in)[ii];
+ if (!xmlSecIsHex(inCh2)) {
+ xmlSecInvalidDataError("two hex digits expected", NULL);
return(-1);
}
- *(q++) = *(p++);
+ outCh = (xmlSecByte)(xmlSecGetHex(inCh) * 16 + xmlSecGetHex(inCh2));
+ } else {
+ outCh = inCh;
}
+ } else {
+ outCh = inCh;
+ }
+
+ out[jj] = outCh;
+ ++ii;
+ ++jj;
+
+ if (ingoreTrailingSpaces && !isspace(outCh)) {
+ nonSpace = jj;
}
}
- if(((p - (*str)) < (*strLen)) && ((*p) != delim)) {
- xmlSecInvalidSizeOtherError("buffer is too small", NULL);
- return(-1);
+
+ (*inSize) -= ii;
+ (*in) += ii;
+
+ if (ingoreTrailingSpaces) {
+ (*outWritten) = nonSpace;
+ } else {
+ (*outWritten) = (jj);
}
- (*strLen) -= (p - (*str));
- (*str) = p;
- return((ingoreTrailingSpaces) ? nonSpace - res + 1 : q - res);
+ return(0);
}
/* code lifted from NSS */
xmlSecNssNumToItem(SECItem *it, PRUint64 ui)
{
unsigned char bb[9];
- unsigned int zeros_len;
+ unsigned int bb_len, zeros_len;
+ int res;
xmlSecAssert2(it != NULL, -1);
/*
** Small integers are encoded in a single byte. Larger integers
- ** require progressively more space. Start from 1 because byte at
+ ** require progressively more space. Start from 1 because byte at
** position 0 is zero
*/
- for(zeros_len = 1; (zeros_len < sizeof(bb)) && (bb[zeros_len] == 0); ++zeros_len) {
+ bb_len = sizeof(bb) / sizeof(bb[0]);
+ for(zeros_len = 1; (zeros_len < bb_len) && (bb[zeros_len] == 0); ++zeros_len) {
}
- it->len = sizeof(bb) - (zeros_len - 1);
- it->data = (unsigned char *)PORT_Alloc(it->len);
+ it->len = bb_len - (zeros_len - 1);
+ it->data = (unsigned char *)PORT_Alloc(it->len * sizeof(bb[0]));
if (it->data == NULL) {
it->len = 0;
return (-1);
}
PORT_Memcpy(it->data, bb + (zeros_len - 1), it->len);
- return(it->len);
+ XMLSEC_SAFE_CAST_UINT_TO_INT(it->len, res, return(-1), NULL);
+
+ return(res);
}
#endif /* XMLSEC_NO_X509 */
NULL =
EXTRA_DIST = \
- README \
+ README.md \
$(NULL)
lib_LTLIBRARIES = \
--- /dev/null
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/openssl
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(libdir)"
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+am__objects_1 =
+am_libxmlsec1_openssl_la_OBJECTS = libxmlsec1_openssl_la-app.lo \
+ libxmlsec1_openssl_la-bn.lo libxmlsec1_openssl_la-ciphers.lo \
+ libxmlsec1_openssl_la-crypto.lo \
+ libxmlsec1_openssl_la-digests.lo libxmlsec1_openssl_la-evp.lo \
+ libxmlsec1_openssl_la-evp_signatures.lo \
+ libxmlsec1_openssl_la-hmac.lo libxmlsec1_openssl_la-kw_aes.lo \
+ libxmlsec1_openssl_la-kw_des.lo \
+ libxmlsec1_openssl_la-kt_rsa.lo \
+ libxmlsec1_openssl_la-signatures.lo \
+ libxmlsec1_openssl_la-symkeys.lo libxmlsec1_openssl_la-x509.lo \
+ libxmlsec1_openssl_la-x509vfy.lo $(am__objects_1)
+libxmlsec1_openssl_la_OBJECTS = $(am_libxmlsec1_openssl_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+libxmlsec1_openssl_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+ $(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_openssl_la_LDFLAGS) \
+ $(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/libxmlsec1_openssl_la-app.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-bn.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-ciphers.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-crypto.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-digests.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-evp.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-hmac.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-kw_des.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-signatures.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-symkeys.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-x509.Plo \
+ ./$(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(libxmlsec1_openssl_la_SOURCES)
+DIST_SOURCES = $(libxmlsec1_openssl_la_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \
+ README.md
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CONFIG_PATH = @GCRYPT_CONFIG_PATH@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_SCAN = @GTKDOC_SCAN@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_CONFIG_PATH = @LIBXML_CONFIG_PATH@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_CONFIG_PATH = @LIBXSLT_CONFIG_PATH@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCNG_CFLAGS = @MSCNG_CFLAGS@
+MSCNG_CRYPTO_LIB = @MSCNG_CRYPTO_LIB@
+MSCNG_LIBS = @MSCNG_LIBS@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_CFLAGS = @NSPR_CFLAGS@
+NSPR_LIBS = @NSPR_LIBS@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OPENSSL_TEST_CONFIG = @OPENSSL_TEST_CONFIG@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APPS = @XMLSEC_APPS@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_DOCS = @XMLSEC_DOCS@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_MANS = @XMLSEC_MANS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_FILES = @XMLSEC_NO_FILES@
+XMLSEC_NO_FTP = @XMLSEC_NO_FTP@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_HTTP = @XMLSEC_NO_HTTP@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCNG = @XMLSEC_NO_MSCNG@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL =
+EXTRA_DIST = \
+ README.md \
+ $(NULL)
+
+lib_LTLIBRARIES = \
+ libxmlsec1-openssl.la \
+ $(NULL)
+
+libxmlsec1_openssl_la_CPPFLAGS = \
+ -DPACKAGE=\"@PACKAGE@\" \
+ -I../../include \
+ -I$(top_srcdir)/include \
+ $(XMLSEC_DEFINES) \
+ $(OPENSSL_CFLAGS) \
+ $(LIBXSLT_CFLAGS) \
+ $(LIBXML_CFLAGS) \
+ $(NULL)
+
+libxmlsec1_openssl_la_SOURCES = \
+ app.c \
+ bn.c \
+ ciphers.c \
+ crypto.c \
+ digests.c \
+ evp.c \
+ evp_signatures.c \
+ hmac.c \
+ kw_aes.c \
+ kw_des.c \
+ kt_rsa.c \
+ signatures.c \
+ symkeys.c \
+ x509.c \
+ x509vfy.c \
+ globals.h \
+ openssl_compat.h \
+ $(NULL)
+
+libxmlsec1_openssl_la_LIBADD = \
+ $(OPENSSL_LIBS) \
+ $(LIBXSLT_LIBS) \
+ $(LIBXML_LIBS) \
+ ../libxmlsec1.la \
+ $(NULL)
+
+libxmlsec1_openssl_la_DEPENDENCIES = \
+ $(NULL)
+
+libxmlsec1_openssl_la_LDFLAGS = \
+ @XMLSEC_CRYPTO_EXTRA_LDFLAGS@ \
+ -version-info @XMLSEC_VERSION_INFO@ \
+ $(NULL)
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/openssl/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign src/openssl/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+ }
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+
+libxmlsec1-openssl.la: $(libxmlsec1_openssl_la_OBJECTS) $(libxmlsec1_openssl_la_DEPENDENCIES) $(EXTRA_libxmlsec1_openssl_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(libxmlsec1_openssl_la_LINK) -rpath $(libdir) $(libxmlsec1_openssl_la_OBJECTS) $(libxmlsec1_openssl_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-app.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-bn.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-ciphers.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-crypto.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-digests.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-evp.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-hmac.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-kw_des.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-signatures.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-symkeys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-x509.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+ @$(MKDIR_P) $(@D)
+ @echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+libxmlsec1_openssl_la-app.lo: app.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-app.Tpo -c -o libxmlsec1_openssl_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-app.Tpo $(DEPDIR)/libxmlsec1_openssl_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='app.c' object='libxmlsec1_openssl_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+
+libxmlsec1_openssl_la-bn.lo: bn.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-bn.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-bn.Tpo -c -o libxmlsec1_openssl_la-bn.lo `test -f 'bn.c' || echo '$(srcdir)/'`bn.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-bn.Tpo $(DEPDIR)/libxmlsec1_openssl_la-bn.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='bn.c' object='libxmlsec1_openssl_la-bn.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-bn.lo `test -f 'bn.c' || echo '$(srcdir)/'`bn.c
+
+libxmlsec1_openssl_la-ciphers.lo: ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-ciphers.Tpo -c -o libxmlsec1_openssl_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_openssl_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ciphers.c' object='libxmlsec1_openssl_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+
+libxmlsec1_openssl_la-crypto.lo: crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-crypto.Tpo -c -o libxmlsec1_openssl_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-crypto.Tpo $(DEPDIR)/libxmlsec1_openssl_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='crypto.c' object='libxmlsec1_openssl_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+
+libxmlsec1_openssl_la-digests.lo: digests.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-digests.Tpo -c -o libxmlsec1_openssl_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-digests.Tpo $(DEPDIR)/libxmlsec1_openssl_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='digests.c' object='libxmlsec1_openssl_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+
+libxmlsec1_openssl_la-evp.lo: evp.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-evp.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-evp.Tpo -c -o libxmlsec1_openssl_la-evp.lo `test -f 'evp.c' || echo '$(srcdir)/'`evp.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-evp.Tpo $(DEPDIR)/libxmlsec1_openssl_la-evp.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='evp.c' object='libxmlsec1_openssl_la-evp.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-evp.lo `test -f 'evp.c' || echo '$(srcdir)/'`evp.c
+
+libxmlsec1_openssl_la-evp_signatures.lo: evp_signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-evp_signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Tpo -c -o libxmlsec1_openssl_la-evp_signatures.lo `test -f 'evp_signatures.c' || echo '$(srcdir)/'`evp_signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Tpo $(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='evp_signatures.c' object='libxmlsec1_openssl_la-evp_signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-evp_signatures.lo `test -f 'evp_signatures.c' || echo '$(srcdir)/'`evp_signatures.c
+
+libxmlsec1_openssl_la-hmac.lo: hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-hmac.Tpo -c -o libxmlsec1_openssl_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-hmac.Tpo $(DEPDIR)/libxmlsec1_openssl_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='hmac.c' object='libxmlsec1_openssl_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+
+libxmlsec1_openssl_la-kw_aes.lo: kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Tpo -c -o libxmlsec1_openssl_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_aes.c' object='libxmlsec1_openssl_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+
+libxmlsec1_openssl_la-kw_des.lo: kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-kw_des.Tpo -c -o libxmlsec1_openssl_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_openssl_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kw_des.c' object='libxmlsec1_openssl_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+
+libxmlsec1_openssl_la-kt_rsa.lo: kt_rsa.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-kt_rsa.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Tpo -c -o libxmlsec1_openssl_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Tpo $(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='kt_rsa.c' object='libxmlsec1_openssl_la-kt_rsa.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
+
+libxmlsec1_openssl_la-signatures.lo: signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-signatures.Tpo -c -o libxmlsec1_openssl_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-signatures.Tpo $(DEPDIR)/libxmlsec1_openssl_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='signatures.c' object='libxmlsec1_openssl_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+
+libxmlsec1_openssl_la-symkeys.lo: symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-symkeys.Tpo -c -o libxmlsec1_openssl_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_openssl_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='symkeys.c' object='libxmlsec1_openssl_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+
+libxmlsec1_openssl_la-x509.lo: x509.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-x509.Tpo -c -o libxmlsec1_openssl_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-x509.Tpo $(DEPDIR)/libxmlsec1_openssl_la-x509.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509.c' object='libxmlsec1_openssl_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+
+libxmlsec1_openssl_la-x509vfy.lo: x509vfy.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Tpo -c -o libxmlsec1_openssl_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='x509vfy.c' object='libxmlsec1_openssl_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(libdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-bn.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-evp.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-symkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-x509.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Plo
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-app.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-bn.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-ciphers.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-crypto.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-digests.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-evp.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-hmac.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-kw_des.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-signatures.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-symkeys.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-x509.Plo
+ -rm -f ./$(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Plo
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-libLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+ clean-generic clean-libLTLIBRARIES clean-libtool cscopelist-am \
+ ctags ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
+++ /dev/null
-WHAT VERSION OF OPENSSL?
-------------------------------------------------------------------------
-OpenSSL 1.0.0 or later is required
-
-KEYS MANAGER
-------------------------------------------------------------------------
-
-OpenSSL does not have a keys or certificates storage implementation. The
-default xmlsec-openssl key manager uses a simple keys store from xmlsec
-core library based on plain keys list. Trusted/untrusted certificates
-are stored in STACK_OF(X509) structures.
--- /dev/null
+# XMLSec Library: XMLSEC-OPENSSL
+
+## What version of OpenSSL?
+OpenSSL 1.1.1 or later is required. Note that support for OpenSSL 1.0.0 and
+OpenSSL 1.1.0 is deprecated and will be removed in the future releases.
+
+## Keys manager
+OpenSSL does not have a keys or certificates storage implementation. The
+default xmlsec-openssl key manager uses XMLSEC Simple Keys Store based on
+a plain keys list. Trusted/untrusted certificates are stored in `STACK_OF(X509)`
+structures.
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:app
#include <stdlib.h>
#include <stdio.h>
-#include <libxml/tree.h>
-
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/pem.h>
#include <openssl/pkcs12.h>
#include <openssl/conf.h>
#include <openssl/engine.h>
+#include <openssl/ui.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/private.h>
#include <xmlsec/errors.h>
#include "openssl_compat.h"
-static int xmlSecOpenSSLAppLoadRANDFile (const char *filename);
-static int xmlSecOpenSSLAppSaveRANDFile (const char *filename);
+#ifdef XMLSEC_OPENSSL_API_300
+#include <openssl/provider.h>
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+#include "../cast_helpers.h"
+
static int xmlSecOpenSSLDefaultPasswordCallback (char *buf,
int bufsiz,
int verify,
void *userdata);
static int xmlSecOpenSSLDummyPasswordCallback (char *buf,
- int bufsize,
+ int buflen,
int verify,
void *userdata);
+static xmlSecKeyPtr xmlSecOpenSSLAppEngineKeyLoad (const char *engineName,
+ const char *engineKeyId,
+ xmlSecKeyDataFormat format,
+ const char *pwd,
+ void* pwdCallback,
+ void* pwdCallbackCtx);
+
/* conversion from ptr to func "the right way" */
XMLSEC_PTR_TO_FUNC_IMPL(pem_password_cb)
XMLSEC_FUNC_TO_PTR_IMPL(pem_password_cb)
+/* helpers to overwrite global context temporarily for OpenSSL 3.0 */
+#ifdef XMLSEC_OPENSSL_API_300
+#define XMLSEC_OPENSSL_PUSH_LIB_CTX(on_error) \
+ { \
+ OSSL_LIB_CTX* savedDefaultLibCtx = NULL; \
+ savedDefaultLibCtx = OSSL_LIB_CTX_set0_default(xmlSecOpenSSLGetLibCtx()); \
+ if(savedDefaultLibCtx == NULL) { \
+ xmlSecOpenSSLError("OSSL_LIB_CTX_set0_default", NULL); \
+ on_error; \
+ }
+
+#define XMLSEC_OPENSSL_POP_LIB_CTX() \
+ if(savedDefaultLibCtx != NULL) { \
+ OSSL_LIB_CTX_set0_default(savedDefaultLibCtx); \
+ } \
+ }
+#else /* XMLSEC_OPENSSL_API_300 */
+
+/* noop */
+#define XMLSEC_OPENSSL_PUSH_LIB_CTX(on_error)
+#define XMLSEC_OPENSSL_POP_LIB_CTX()
+
+#endif /* XMLSEC_OPENSSL_API_300 */
/**
* xmlSecOpenSSLAppInit:
*/
int
xmlSecOpenSSLAppInit(const char* config) {
-#if !defined(XMLSEC_OPENSSL_API_110)
+#ifdef XMLSEC_OPENSSL_API_300
+ /* This code can be used to check that custom xmlsec LibCtx is propagated
+ everywhere as expected (see https://github.com/lsh123/xmlsec/issues/346) */
+ /*
+ OSSL_LIB_CTX * libCtx = OSSL_LIB_CTX_new();
+ OSSL_PROVIDER * legacyProvider = OSSL_PROVIDER_load(libCtx, "legacy");
+ OSSL_PROVIDER * defaultProvider = OSSL_PROVIDER_load(libCtx, "default");
+ if(!libCtx || !legacyProvider || !defaultProvider) {
+ xmlSecOpenSSLError("OSSL_LIB_CTX_new or OSSL_PROVIDER_load", NULL);
+ goto error;
+ }
+ xmlSecOpenSSLSetLibCtx(libCtx);
+ */
+#endif /* XMLSEC_OPENSSL_API_300 */
+#if !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300)
ERR_load_crypto_strings();
OPENSSL_config(NULL);
OpenSSL_add_all_algorithms();
-#else /* !defined(XMLSEC_OPENSSL_API_110) */
+#else /* !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300) */
int ret;
- uint64_t opts = OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
- OPENSSL_INIT_ADD_ALL_CIPHERS |
- OPENSSL_INIT_ADD_ALL_DIGESTS |
- OPENSSL_INIT_LOAD_CONFIG;
-#ifndef OPENSSL_IS_BORINGSSL
- opts |= OPENSSL_INIT_ASYNC | OPENSSL_INIT_ENGINE_ALL_BUILTIN;
-#endif /* OPENSSL_IS_BORINGSSL */
+ uint64_t opts = 0;
+
+ opts |= OPENSSL_INIT_LOAD_CRYPTO_STRINGS;
+ opts |= OPENSSL_INIT_ADD_ALL_CIPHERS;
+ opts |= OPENSSL_INIT_ADD_ALL_DIGESTS;
+ opts |= OPENSSL_INIT_LOAD_CONFIG;
+
+#if !defined(OPENSSL_IS_BORINGSSL)
+ opts |= OPENSSL_INIT_ASYNC;
+#endif /* !defined(OPENSSL_IS_BORINGSSL) */
+
+#if !defined(OPENSSL_IS_BORINGSSL) && !defined(XMLSEC_OPENSSL_API_300)
+ opts |= OPENSSL_INIT_ENGINE_ALL_BUILTIN;
+#endif /* !defined(OPENSSL_IS_BORINGSSL) && !defined(XMLSEC_OPENSSL_API_300) */
ret = OPENSSL_init_crypto(opts, NULL);
if(ret != 1) {
xmlSecOpenSSLError("OPENSSL_init_crypto", NULL);
- return(-1);
- }
-#endif /* !defined(XMLSEC_OPENSSL_API_110) */
-
- if((RAND_status() != 1) && (xmlSecOpenSSLAppLoadRANDFile(NULL) != 1)) {
- xmlSecInternalError("xmlSecOpenSSLAppLoadRANDFile", NULL);
- return(-1);
+ goto error;
}
+#endif /* !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300) */
if((config != NULL) && (xmlSecOpenSSLSetDefaultTrustedCertsFolder(BAD_CAST config) < 0)) {
xmlSecInternalError("xmlSecOpenSSLSetDefaultTrustedCertsFolder", NULL);
- return(-1);
+ goto error;
}
+ /* done! */
return(0);
+
+error:
+ /* cleanup */
+ return(-1);
}
/**
*/
int
xmlSecOpenSSLAppShutdown(void) {
- xmlSecOpenSSLAppSaveRANDFile(NULL);
-
/* OpenSSL 1.1.0+ does not require explicit cleanup */
-#if !defined(XMLSEC_OPENSSL_API_110)
+#if !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300)
#ifndef XMLSEC_NO_X509
X509_TRUST_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
-#endif /* !defined(XMLSEC_OPENSSL_API_110) */
+#endif /* !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300) */
/* done */
return(0);
xmlSecOpenSSLAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
const char *pwd, void* pwdCallback,
void* pwdCallbackCtx) {
- BIO* bio;
xmlSecKeyPtr key;
xmlSecAssert2(filename != NULL, NULL);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
- bio = BIO_new_file(filename, "rb");
- if(bio == NULL) {
- xmlSecOpenSSLError2("BIO_new_file", NULL,
- "filename=%s", xmlSecErrorsSafeString(filename));
- return(NULL);
- }
+ if(format == xmlSecKeyDataFormatEngine) {
+ char* buffer = NULL;
+ char* engineName;
+ char* engineKeyId;
+
+ /* for loading key from an engine, the filename format is:
+ * <openssl-engine>;<openssl-key-id>
+ */
+ buffer = (char*)xmlStrdup(BAD_CAST filename);
+ if(buffer == NULL) {
+ xmlSecStrdupError(BAD_CAST filename, NULL);
+ return(NULL);
+ }
+
+ engineName = buffer;
+ engineKeyId = strchr(buffer, ';');
+ if(engineKeyId == NULL) {
+ xmlSecInvalidStringDataError("openssl-engine-and-key", buffer, "<openssl-engine>;<openssl-key-id>", NULL);
+ xmlFree(buffer);
+ return(NULL);
+ }
+ (*engineKeyId) = '\0';
+ ++engineKeyId;
+
+ key = xmlSecOpenSSLAppEngineKeyLoad(engineName, engineKeyId, format, pwd, pwdCallback, pwdCallbackCtx);
+ if(key == NULL) {
+ xmlSecInternalError2("xmlSecOpenSSLAppEngineKeyLoad", NULL,
+ "filename=%s", xmlSecErrorsSafeString(filename));
+ xmlFree(buffer);
+ return(NULL);
+ }
+
+ xmlFree(buffer);
+ } else {
+ BIO* bio;
+
+ bio = xmlSecOpenSSLCreateReadFileBio(filename);
+ if(bio == NULL) {
+ xmlSecInternalError2("xmlSecOpenSSLCreateReadFileBio", NULL,
+ "filename=%s", xmlSecErrorsSafeString(filename));
+ return(NULL);
+ }
+
+ key = xmlSecOpenSSLAppKeyLoadBIO (bio, format, pwd, pwdCallback, pwdCallbackCtx);
+ if(key == NULL) {
+ xmlSecInternalError2("xmlSecOpenSSLAppKeyLoadBIO", NULL,
+ "filename=%s", xmlSecErrorsSafeString(filename));
+ BIO_free(bio);
+ return(NULL);
+ }
- key = xmlSecOpenSSLAppKeyLoadBIO (bio, format, pwd, pwdCallback, pwdCallbackCtx);
- if(key == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLAppKeyLoadBIO", NULL,
- "filename=%s", xmlSecErrorsSafeString(filename));
BIO_free(bio);
- return(NULL);
}
- BIO_free(bio);
return(key);
}
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
/* this would be a read only BIO, cast from const is ok */
- bio = BIO_new_mem_buf((void*)data, dataSize);
+ bio = xmlSecOpenSSLCreateMemBufBio((void*)data, dataSize);
if(bio == NULL) {
- xmlSecOpenSSLError2("BIO_new_mem_buf", NULL,
- "dataSize=%lu", (unsigned long)dataSize);
+ xmlSecInternalError2("xmlSecOpenSSLCreateMemBufBio", NULL,
+ "dataSize=" XMLSEC_SIZE_FMT, dataSize);
return(NULL);
}
xmlSecKeyPtr key = NULL;
xmlSecKeyDataPtr data;
EVP_PKEY* pKey = NULL;
+ pem_password_cb* pwdCb = NULL;
+ void* pwdCbCtx = NULL;
int ret;
xmlSecAssert2(bio != NULL, NULL);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
+ /* prep pwd callbacks */
+ if(pwd != NULL) {
+ pwdCb = xmlSecOpenSSLDummyPasswordCallback;
+ pwdCbCtx = (void*)pwd;
+ } else {
+ pwdCb = XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback);
+ pwdCbCtx = pwdCallbackCtx;
+ }
+
switch(format) {
case xmlSecKeyDataFormatPem:
- /* try to read private key first */
- if(pwd != NULL) {
- pKey = PEM_read_bio_PrivateKey(bio, NULL,
- xmlSecOpenSSLDummyPasswordCallback,
- (void*)pwd);
- } else {
- pKey = PEM_read_bio_PrivateKey(bio, NULL,
- XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback),
- pwdCallbackCtx);
- }
+ /* try to read private key first; if can't read private key then
+ reset bio to the start of the file and try to read public key. */
+ pKey = PEM_read_bio_PrivateKey_ex(bio, NULL, pwdCb, pwdCbCtx, xmlSecOpenSSLGetLibCtx(), NULL);
if(pKey == NULL) {
- /* go to start of the file and try to read public key */
(void)BIO_reset(bio);
- pKey = PEM_read_bio_PUBKEY(bio, NULL,
- XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback),
- pwdCallbackCtx);
- if(pKey == NULL) {
- xmlSecOpenSSLError("PEM_read_bio_PrivateKey and PEM_read_bio_PUBKEY", NULL);
- return(NULL);
- }
+ pKey = PEM_read_bio_PUBKEY_ex(bio, NULL, pwdCb, pwdCbCtx, xmlSecOpenSSLGetLibCtx(), NULL);
+ }
+
+ if(pKey == NULL) {
+ xmlSecOpenSSLError("PEM_read_bio_PrivateKey and PEM_read_bio_PUBKEY", NULL);
+ return(NULL);
}
break;
case xmlSecKeyDataFormatDer:
- /* try to read private key first */
- pKey = d2i_PrivateKey_bio(bio, NULL);
+ /* try to read private key first; if can't read private key then
+ reset bio to the start of the file and try to read public key. */
+ pKey = d2i_PrivateKey_ex_bio(bio, NULL, xmlSecOpenSSLGetLibCtx(), NULL);
if(pKey == NULL) {
- /* go to start of the file and try to read public key */
(void)BIO_reset(bio);
+
+ XMLSEC_OPENSSL_PUSH_LIB_CTX(return(NULL));
pKey = d2i_PUBKEY_bio(bio, NULL);
- if(pKey == NULL) {
- xmlSecOpenSSLError("d2i_PrivateKey_bio and d2i_PUBKEY_bio", NULL);
- return(NULL);
- }
+ XMLSEC_OPENSSL_POP_LIB_CTX();
+ }
+ if(pKey == NULL) {
+ xmlSecOpenSSLError("d2i_PrivateKey_bio and d2i_PUBKEY_bio", NULL);
+ return(NULL);
}
break;
case xmlSecKeyDataFormatPkcs8Pem:
- /* try to read private key first */
- pKey = PEM_read_bio_PrivateKey(bio, NULL,
- XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback),
- pwdCallbackCtx);
+ /* read private key */
+ pKey = PEM_read_bio_PrivateKey_ex(bio, NULL, pwdCb, pwdCbCtx, xmlSecOpenSSLGetLibCtx(), NULL);
if(pKey == NULL) {
xmlSecOpenSSLError("PEM_read_bio_PrivateKey", NULL);
return(NULL);
}
break;
case xmlSecKeyDataFormatPkcs8Der:
- /* try to read private key first */
- pKey = d2i_PKCS8PrivateKey_bio(bio, NULL,
- XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback),
- pwdCallbackCtx);
+ /* read private key */
+ XMLSEC_OPENSSL_PUSH_LIB_CTX(return(NULL));
+ pKey = d2i_PKCS8PrivateKey_bio(bio, NULL, pwdCb, pwdCbCtx);
+ XMLSEC_OPENSSL_POP_LIB_CTX();
if(pKey == NULL) {
- xmlSecOpenSSLError("d2i_PrivateKey_bio and d2i_PUBKEY_bio", NULL);
+ xmlSecOpenSSLError("d2i_PKCS8PrivateKey_bio", NULL);
return(NULL);
}
break;
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
return(NULL);
}
return(key);
}
+static xmlSecKeyPtr
+xmlSecOpenSSLAppEngineKeyLoad(const char *engineName, const char *engineKeyId,
+ xmlSecKeyDataFormat format, const char *pwd ATTRIBUTE_UNUSED,
+ void* pwdCallback ATTRIBUTE_UNUSED, void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+
+#if !defined(OPENSSL_NO_ENGINE) && (!defined(XMLSEC_OPENSSL_API_300) || defined(XMLSEC_OPENSSL3_ENGINES))
+ ENGINE* engine = NULL;
+ xmlSecKeyPtr key = NULL;
+ xmlSecKeyDataPtr data = NULL;
+ EVP_PKEY* pKey = NULL;
+ int engineInit = 0;
+ int ret;
+
+ xmlSecAssert2(engineName != NULL, NULL);
+ xmlSecAssert2(engineKeyId != NULL, NULL);
+ xmlSecAssert2(format == xmlSecKeyDataFormatEngine, NULL);
+
+ UNREFERENCED_PARAMETER(pwd);
+ UNREFERENCED_PARAMETER(pwdCallback);
+ UNREFERENCED_PARAMETER(pwdCallbackCtx);
+
+ /* load and initialize the engine */
+ engine = ENGINE_by_id(engineName);
+ if(engine == NULL) {
+ engine = ENGINE_by_id("dynamic");
+ if(engine != NULL) {
+ if(ENGINE_ctrl_cmd_string(engine, "SO_PATH", engineName, 0) <= 0) {
+ xmlSecOpenSSLError("ENGINE_ctrl_cmd_string(SO_PATH)", NULL);
+ goto done;
+ }
+ if(ENGINE_ctrl_cmd_string(engine, "LOAD", NULL, 0) <= 0) {
+ xmlSecOpenSSLError("ENGINE_ctrl_cmd_string(LOAD)", NULL);
+ goto done;
+ }
+ }
+ }
+
+ if(ENGINE_ctrl_cmd(engine, "SET_USER_INTERFACE", 0, (void *)UI_null(), 0, 1) < 0) {
+ xmlSecOpenSSLError("ENGINE_ctrl_cmd_string(SET_USER_INTERFACE)", NULL);
+ goto done;
+ }
+ if(!ENGINE_set_default(engine, ENGINE_METHOD_ALL)) {
+ xmlSecOpenSSLError("ENGINE_set_default", NULL);
+ goto done;
+ }
+ if(!ENGINE_init(engine)) {
+ xmlSecOpenSSLError("ENGINE_init", NULL);
+ goto done;
+ }
+ engineInit = 1;
+
+ /* load private key */
+ pKey = ENGINE_load_private_key(engine, engineKeyId,
+ (UI_METHOD *)UI_null(),
+ NULL);
+ if(pKey == NULL) {
+ xmlSecOpenSSLError("ENGINE_load_private_key", NULL);
+ goto done;
+ }
+
+ /* create xmlsec key */
+ data = xmlSecOpenSSLEvpKeyAdopt(pKey);
+ if(data == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLEvpKeyAdopt", NULL);
+ goto done;
+ }
+ pKey = NULL;
+
+ key = xmlSecKeyCreate();
+ if(key == NULL) {
+ xmlSecInternalError("xmlSecKeyCreate", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ ret = xmlSecKeySetValue(key, data);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeySetValue", xmlSecKeyDataGetName(data));
+ xmlSecKeyDestroy(key);
+ key = NULL;
+ goto done;
+ }
+ data = NULL;
+
+done:
+ /* cleanup */
+ if(pKey != NULL) {
+ EVP_PKEY_free(pKey);
+ }
+ if(data != NULL) {
+ xmlSecKeyDataDestroy(data);
+ }
+ if(engine !=NULL) {
+ if(engineInit != 0) {
+ ENGINE_finish(engine);
+ }
+ ENGINE_free(engine);
+ }
+
+ return(key);
+
+#else /* !defined(OPENSSL_NO_ENGINE) && (!defined(XMLSEC_OPENSSL_API_300) || defined(XMLSEC_OPENSSL3_ENGINES)) */
+ UNREFERENCED_PARAMETER(engineName);
+ UNREFERENCED_PARAMETER(engineKeyId);
+ UNREFERENCED_PARAMETER(format);
+ UNREFERENCED_PARAMETER(pwd);
+ UNREFERENCED_PARAMETER(pwdCallback);
+ UNREFERENCED_PARAMETER(pwdCallbackCtx);
+ xmlSecNotImplementedError("OpenSSL Engine interface is not enabled");
+ return (NULL);
+#endif /* !defined(OPENSSL_NO_ENGINE) && (!defined(XMLSEC_OPENSSL_API_300) || defined(XMLSEC_OPENSSL3_ENGINES)) */
+}
+
#ifndef XMLSEC_NO_X509
static X509* xmlSecOpenSSLAppCertLoadBIO (BIO* bio,
xmlSecAssert2(filename != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
- bio = BIO_new_file(filename, "rb");
+ bio = xmlSecOpenSSLCreateReadFileBio(filename);
if(bio == NULL) {
- xmlSecOpenSSLError2("BIO_new_file", NULL,
- "filename=%s", xmlSecErrorsSafeString(filename));
+ xmlSecInternalError2("xmlSecOpenSSLCreateReadFileBio", NULL,
+ "filename=%s", xmlSecErrorsSafeString(filename));
return(-1);
}
- ret = xmlSecOpenSSLAppKeyCertLoadBIO (key, bio, format);
+ ret = xmlSecOpenSSLAppKeyCertLoadBIO(key, bio, format);
if(ret < 0) {
xmlSecInternalError2("xmlSecOpenSSLAppKeyCertLoadBIO", NULL,
"filename=%s", xmlSecErrorsSafeString(filename));
- BIO_free(bio);
+ BIO_free_all(bio);
return(-1);
}
- BIO_free(bio);
+ BIO_free_all(bio);
return(0);
}
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
/* this would be a read only BIO, cast from const is ok */
- bio = BIO_new_mem_buf((void*)data, dataSize);
+ bio = xmlSecOpenSSLCreateMemBufBio((void*)data, dataSize);
if(bio == NULL) {
- xmlSecOpenSSLError2("BIO_new_mem_buf", NULL,
- "dataSize=%lu", (unsigned long)dataSize);
+ xmlSecInternalError2("xmlSecOpenSSLCreateMemBufBio", NULL,
+ "dataSize=" XMLSEC_SIZE_FMT, dataSize);
return(-1);
}
- ret = xmlSecOpenSSLAppKeyCertLoadBIO (key, bio, format);
+ ret = xmlSecOpenSSLAppKeyCertLoadBIO(key, bio, format);
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLAppKeyCertLoadBIO", NULL);
- BIO_free(bio);
+ BIO_free_all(bio);
return(-1);
}
- BIO_free(bio);
+ BIO_free_all(bio);
return(0);
}
xmlSecOpenSSLAppKeyCertLoadBIO(xmlSecKeyPtr key, BIO* bio, xmlSecKeyDataFormat format) {
xmlSecKeyDataFormat certFormat;
- xmlSecKeyDataPtr data;
- X509 *cert;
+ xmlSecKeyDataPtr data = NULL;
+ X509 *cert = NULL;
+ X509 *keyCert = NULL;
int ret;
+ int res = -1;
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(bio != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
- data = xmlSecKeyEnsureData(key, xmlSecOpenSSLKeyDataX509Id);
- if(data == NULL) {
- xmlSecInternalError("xmlSecKeyEnsureData",
- xmlSecTransformKlassGetName(xmlSecOpenSSLKeyDataX509Id));
- return(-1);
- }
-
- /* adjust cert format */
+ /* adjust cert format if needed */
switch(format) {
case xmlSecKeyDataFormatPkcs8Pem:
certFormat = xmlSecKeyDataFormatPem;
certFormat = format;
}
+ /* read cert and make a copy for key cert */
cert = xmlSecOpenSSLAppCertLoadBIO(bio, certFormat);
if(cert == NULL) {
- xmlSecInternalError("xmlSecOpenSSLAppCertLoad",
- xmlSecKeyDataGetName(data));
- return(-1);
+ xmlSecInternalError("xmlSecOpenSSLAppCertLoad", NULL);
+ goto done;
+ }
+ keyCert = X509_dup(cert);
+ if(keyCert == NULL) {
+ xmlSecOpenSSLError("X509_dup", NULL);
+ goto done;
+ }
+
+ /* add both cert and key cert to the key */
+ data = xmlSecKeyEnsureData(key, xmlSecOpenSSLKeyDataX509Id);
+ if(data == NULL) {
+ xmlSecInternalError("xmlSecKeyEnsureData", NULL);
+ goto done;
}
ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert);
if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- X509_free(cert);
- return(-1);
+ xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptCert", NULL);
+ goto done;
}
+ cert = NULL; /* owned by data now */
- return(0);
+ ret = xmlSecOpenSSLKeyDataX509AdoptKeyCert(data, keyCert);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptKeyCert", NULL);
+ goto done;
+ }
+ keyCert = NULL; /* owned by data now */
+
+ /* success */
+ res = 0;
+
+done:
+ if(cert != NULL) {
+ X509_free(cert);
+ }
+ if(keyCert != NULL) {
+ X509_free(keyCert);
+ }
+ return(res);
}
/**
xmlSecAssert2(filename != NULL, NULL);
- bio = BIO_new_file(filename, "rb");
+ bio = xmlSecOpenSSLCreateReadFileBio(filename);
if(bio == NULL) {
- xmlSecOpenSSLError2("BIO_new_file", NULL,
- "filename=%s", xmlSecErrorsSafeString(filename));
+ xmlSecInternalError2("xmlSecOpenSSLCreateReadFileBio", NULL,
+ "filename=%s", xmlSecErrorsSafeString(filename));
return(NULL);
}
- key = xmlSecOpenSSLAppPkcs12LoadBIO (bio, pwd, pwdCallback, pwdCallbackCtx);
+ key = xmlSecOpenSSLAppPkcs12LoadBIO(bio, pwd, pwdCallback, pwdCallbackCtx);
if(key == NULL) {
xmlSecInternalError2("xmlSecOpenSSLAppPkcs12LoadBIO", NULL,
"filename=%s", xmlSecErrorsSafeString(filename));
- BIO_free(bio);
+ BIO_free_all(bio);
return(NULL);
}
- BIO_free(bio);
+ BIO_free_all(bio);
return(key);
}
xmlSecAssert2(data != NULL, NULL);
/* this would be a read only BIO, cast from const is ok */
- bio = BIO_new_mem_buf((void*)data, dataSize);
+ bio = xmlSecOpenSSLCreateMemBufBio((void*)data, dataSize);
if(bio == NULL) {
- xmlSecOpenSSLError2("BIO_new_mem_buf", NULL,
- "dataSize=%lu", (unsigned long)dataSize);
+ xmlSecInternalError2("xmlSecOpenSSLCreateMemBufBio", NULL,
+ "dataSize=" XMLSEC_SIZE_FMT, dataSize);
return(NULL);
}
- key = xmlSecOpenSSLAppPkcs12LoadBIO (bio, pwd, pwdCallback, pwdCallbackCtx);
+ key = xmlSecOpenSSLAppPkcs12LoadBIO(bio, pwd, pwdCallback, pwdCallbackCtx);
if(key == NULL) {
xmlSecInternalError("xmlSecOpenSSLAppPkcs12LoadBIO", NULL);
- BIO_free(bio);
+ BIO_free_all(bio);
return(NULL);
}
- BIO_free(bio);
+ BIO_free_all(bio);
return(key);
}
EVP_PKEY *pKey = NULL;
STACK_OF(X509) *chain = NULL;
xmlSecKeyPtr key = NULL;
+ xmlSecKeyPtr res = NULL;
xmlSecKeyDataPtr data = NULL;
xmlSecKeyDataPtr x509Data = NULL;
X509 *cert = NULL;
X509 *tmpcert = NULL;
+ size_t pwdSize;
+ int pwdLen;
int i;
int has_cert;
int ret;
UNREFERENCED_PARAMETER(pwdCallback);
UNREFERENCED_PARAMETER(pwdCallbackCtx);
+ pwdSize = (pwd != NULL) ? strlen(pwd) : 0;
+ XMLSEC_SAFE_CAST_SIZE_T_TO_INT(pwdSize, pwdLen, return(NULL), NULL);
+
+ XMLSEC_OPENSSL_PUSH_LIB_CTX(goto done);
p12 = d2i_PKCS12_bio(bio, NULL);
+ XMLSEC_OPENSSL_POP_LIB_CTX();
if(p12 == NULL) {
- xmlSecOpenSSLError("d2i_PKCS12_fp", NULL);
+ xmlSecOpenSSLError("d2i_PKCS12_bio", NULL);
goto done;
}
- ret = PKCS12_verify_mac(p12, pwd, (pwd != NULL) ? (int)strlen(pwd) : 0);
+ XMLSEC_OPENSSL_PUSH_LIB_CTX(goto done);
+ ret = PKCS12_verify_mac(p12, pwd, pwdLen);
+ XMLSEC_OPENSSL_POP_LIB_CTX();
if(ret != 1) {
xmlSecOpenSSLError("PKCS12_verify_mac", NULL);
goto done;
}
+ XMLSEC_OPENSSL_PUSH_LIB_CTX(goto done);
ret = PKCS12_parse(p12, pwd, &pKey, &cert, &chain);
+ XMLSEC_OPENSSL_POP_LIB_CTX();
if(ret != 1) {
xmlSecOpenSSLError("PKCS12_parse", NULL);
goto done;
data = xmlSecOpenSSLEvpKeyAdopt(pKey);
if(data == NULL) {
xmlSecInternalError("xmlSecOpenSSLEvpKeyAdopt", NULL);
- EVP_PKEY_free(pKey);
goto done;
}
+ pKey = NULL;
x509Data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataX509Id);
if(x509Data == NULL) {
if(tmpcert == NULL) {
xmlSecOpenSSLError("X509_dup",
xmlSecKeyDataGetName(x509Data));
- X509_free(tmpcert);
goto done;
}
if(ret < 0) {
xmlSecInternalError("xmlSecKeySetValue",
xmlSecKeyDataGetName(x509Data));
- xmlSecKeyDestroy(key);
- key = NULL;
goto done;
}
data = NULL;
if(ret < 0) {
xmlSecInternalError("xmlSecKeyAdoptData",
xmlSecKeyDataGetName(x509Data));
- xmlSecKeyDestroy(key);
- key = NULL;
goto done;
}
x509Data = NULL;
+ /* success */
+ res = key;
+ key = NULL;
+
done:
if(x509Data != NULL) {
xmlSecKeyDataDestroy(x509Data);
if(chain != NULL) {
sk_X509_pop_free(chain, X509_free);
}
+ if(pKey != NULL) {
+ EVP_PKEY_free(pKey);
+ }
if(cert != NULL) {
X509_free(cert);
}
if(p12 != NULL) {
PKCS12_free(p12);
}
- return(key);
+ if(key != NULL) {
+ xmlSecKeyDestroy(key);
+ }
+ return(res);
}
/**
*/
xmlSecKeyPtr
xmlSecOpenSSLAppKeyFromCertLoadBIO(BIO* bio, xmlSecKeyDataFormat format) {
- xmlSecKeyPtr key;
- xmlSecKeyDataPtr keyData;
+ xmlSecKeyPtr key = NULL;
+ xmlSecKeyDataPtr keyData = NULL;
xmlSecKeyDataPtr certData;
- X509 *cert;
+ X509 * cert = NULL;
+ X509 * keyCert = NULL;
int ret;
+ xmlSecKeyPtr res = NULL;
xmlSecAssert2(bio != NULL, NULL);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
- /* load cert */
+ /* load cert and make a copy for keyCert */
cert = xmlSecOpenSSLAppCertLoadBIO(bio, format);
if(cert == NULL) {
xmlSecInternalError("xmlSecOpenSSLAppCertLoadBIO", NULL);
- return(NULL);
+ goto done;
+ }
+ keyCert = X509_dup(cert);
+ if(keyCert == NULL) {
+ xmlSecOpenSSLError("X509_dup", NULL);
+ goto done;
}
/* get key value */
keyData = xmlSecOpenSSLX509CertGetKey(cert);
if(keyData == NULL) {
xmlSecInternalError("xmlSecOpenSSLX509CertGetKey", NULL);
- X509_free(cert);
- return(NULL);
+ goto done;
}
/* create key */
key = xmlSecKeyCreate();
if(key == NULL) {
xmlSecInternalError("xmlSecKeyCreate", NULL);
- xmlSecKeyDataDestroy(keyData);
- X509_free(cert);
- return(NULL);
+ goto done;
}
/* set key value */
ret = xmlSecKeySetValue(key, keyData);
if(ret < 0) {
xmlSecInternalError("xmlSecKeySetValue", NULL);
- xmlSecKeyDestroy(key);
- xmlSecKeyDataDestroy(keyData);
- X509_free(cert);
- return(NULL);
+ goto done;
}
+ keyData = NULL; /* owned by key now */
/* create cert data */
certData = xmlSecKeyEnsureData(key, xmlSecOpenSSLKeyDataX509Id);
if(certData == NULL) {
xmlSecInternalError("xmlSecKeyEnsureData", NULL);
- xmlSecKeyDestroy(key);
- X509_free(cert);
- return(NULL);
+ goto done;
}
- /* put cert in the cert data */
+ /* put cert and key cert in the cert data */
ret = xmlSecOpenSSLKeyDataX509AdoptCert(certData, cert);
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptCert", NULL);
- xmlSecKeyDestroy(key);
- X509_free(cert);
- return(NULL);
+ goto done;
}
+ cert = NULL; /* owned by certData now */
- return(key);
+ ret = xmlSecOpenSSLKeyDataX509AdoptKeyCert(certData, keyCert);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptKeyCert", NULL);
+ goto done;
+ }
+ keyCert = NULL; /* owned by certData now */
+
+ /* success */
+ res = key;
+ key = NULL;
+
+done:
+ if(key != NULL) {
+ xmlSecKeyDestroy(key);
+ }
+ if(keyData != NULL) {
+ xmlSecKeyDataDestroy(keyData);
+ }
+ if(cert != NULL) {
+ X509_free(cert);
+ }
+ if(keyCert != NULL) {
+ X509_free(keyCert);
+ }
+ return(res);
}
xmlSecAssert2(filename != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
- bio = BIO_new_file(filename, "rb");
+ bio = xmlSecOpenSSLCreateReadFileBio(filename);
if(bio == NULL) {
- xmlSecOpenSSLError2("BIO_new_file", NULL,
- "filename=%s", xmlSecErrorsSafeString(filename));
+ xmlSecInternalError2("xmlSecOpenSSLCreateReadFileBio", NULL,
+ "filename=%s", xmlSecErrorsSafeString(filename));
return(-1);
}
if(ret < 0) {
xmlSecInternalError2("xmlSecOpenSSLAppKeysMngrCertLoadBIO", NULL,
"filename=%s", xmlSecErrorsSafeString(filename));
- BIO_free(bio);
+ BIO_free_all(bio);
return(-1);
}
- BIO_free(bio);
+ BIO_free_all(bio);
return(0);
}
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
/* this would be a read only BIO, cast from const is ok */
- bio = BIO_new_mem_buf((void*)data, dataSize);
+ bio = xmlSecOpenSSLCreateMemBufBio((void*)data, dataSize);
if(bio == NULL) {
- xmlSecOpenSSLError2("BIO_new_mem_buf", NULL,
- "dataSize=%lu", (unsigned long)dataSize);
+ xmlSecInternalError2("xmlSecOpenSSLCreateMemBufBio", NULL,
+ "dataSize=" XMLSEC_SIZE_FMT, dataSize);
return(-1);
}
ret = xmlSecOpenSSLAppKeysMngrCertLoadBIO(mngr, bio, format, type);
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLAppKeysMngrCertLoadBIO", NULL);
- BIO_free(bio);
+ BIO_free_all(bio);
return(-1);
}
- BIO_free(bio);
+ BIO_free_all(bio);
return(0);
}
static X509*
xmlSecOpenSSLAppCertLoadBIO(BIO* bio, xmlSecKeyDataFormat format) {
- X509 *cert;
+ X509* tmpCert = NULL;
+ X509* res = NULL;
xmlSecAssert2(bio != NULL, NULL);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
+ /* create certificate object to hold the cert we are going to read */
+ tmpCert = X509_new_ex(xmlSecOpenSSLGetLibCtx(), NULL);
+ if(tmpCert == NULL) {
+ xmlSecOpenSSLError("X509_new_ex", NULL);
+ goto done;
+ }
+
+ /* read the cert */
switch(format) {
case xmlSecKeyDataFormatPem:
case xmlSecKeyDataFormatCertPem:
- cert = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL);
- if(cert == NULL) {
+ res = PEM_read_bio_X509_AUX(bio, &tmpCert, NULL, NULL);
+ if(res == NULL) {
xmlSecOpenSSLError("PEM_read_bio_X509_AUX", NULL);
- return(NULL);
+ goto done;
}
+ tmpCert = NULL; /* now it's res */
break;
case xmlSecKeyDataFormatDer:
case xmlSecKeyDataFormatCertDer:
- cert = d2i_X509_bio(bio, NULL);
- if(cert == NULL) {
+ res = d2i_X509_bio(bio, &tmpCert);
+ if(res == NULL) {
xmlSecOpenSSLError("d2i_X509_bio", NULL);
- return(NULL);
+ goto done;
}
+ tmpCert = NULL; /* now it's res */
break;
default:
xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
- "format=%d", (int)format);
- return(NULL);
+ "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
+ goto done;
}
- return(cert);
+done:
+ if(tmpCert != NULL) {
+ X509_free(tmpCert);
+ }
+ return(res);
}
#endif /* XMLSEC_NO_X509 */
return(0);
}
-
-/*
- * Random numbers initialization from openssl (apps/app_rand.c)
- */
-static int seeded = 0;
-static int egdsocket = 0;
-
-static int
-xmlSecOpenSSLAppLoadRANDFile(const char *filename) {
- char buffer[1024];
-
- if(filename == NULL) {
- filename = RAND_file_name(buffer, sizeof(buffer));
-#ifndef OPENSSL_NO_EGD
- }else if(RAND_egd(filename) > 0) {
- /* we try if the given filename is an EGD socket.
- * if it is, we don't write anything back to the file. */
- egdsocket = 1;
- return 1;
-#endif
- }
-
- if((filename == NULL) || !RAND_load_file(filename, -1)) {
- if(RAND_status() == 0) {
- xmlSecOpenSSLError2("RAND_load_file", NULL,
- "filename=%s",
- xmlSecErrorsSafeString(filename));
- return 0;
- }
- }
- seeded = 1;
- return 1;
-}
-
-static int
-xmlSecOpenSSLAppSaveRANDFile(const char *filename) {
- char buffer[1024];
-
- if(egdsocket || !seeded) {
- /* If we did not manage to read the seed file,
- * we should not write a low-entropy seed file back --
- * it would suppress a crucial warning the next time
- * we want to use it. */
- return 0;
- }
-
- if(filename == NULL) {
- filename = RAND_file_name(buffer, sizeof(buffer));
- }
- if((filename == NULL) || !RAND_write_file(filename)) {
- xmlSecOpenSSLError2("RAND_write_file", NULL,
- "filename=%s", xmlSecErrorsSafeString(filename));
- return 0;
- }
-
- return 1;
-}
-
/**
* xmlSecOpenSSLAppGetDefaultPwdCallback:
*
}
static int
-xmlSecOpenSSLDefaultPasswordCallback(char *buf, int bufsize, int verify, void *userdata) {
+xmlSecOpenSSLDefaultPasswordCallback(char *buf, int buflen, int verify, void *userdata) {
char* filename = (char*)userdata;
char* buf2;
- xmlChar prompt[2048];
- int i, ret;
+ xmlSecSize bufsize;
+ char prompt[2048];
+ int ii, ret;
xmlSecAssert2(buf != NULL, -1);
/* try 3 times */
- for(i = 0; i < 3; i++) {
+ for(ii = 0; ii < 3; ii++) {
if(filename != NULL) {
- ret = xmlStrPrintf(prompt, sizeof(prompt), "Enter password for \"%s\" file: ", filename);
+ ret = xmlStrPrintf(BAD_CAST prompt, sizeof(prompt), "Enter password for \"%s\" file: ", filename);
} else {
- ret = xmlStrPrintf(prompt, sizeof(prompt), "Enter password: ");
+ ret = xmlStrPrintf(BAD_CAST prompt, sizeof(prompt), "Enter password: ");
}
if(ret < 0) {
xmlSecXmlError("xmlStrPrintf", NULL);
return(-1);
}
- ret = EVP_read_pw_string(buf, bufsize, (char*)prompt, 0);
+ ret = EVP_read_pw_string(buf, buflen, prompt, 0);
if(ret != 0) {
xmlSecOpenSSLError("EVP_read_pw_string", NULL);
return(-1);
/* if we don't need to verify password then we are done */
if(verify == 0) {
- return((int)strlen(buf));
+ size_t sz;
+ int len;
+ sz = strlen(buf);
+ XMLSEC_SAFE_CAST_SIZE_T_TO_INT(sz, len, return(-1), NULL);
+ return(len);
}
if(filename != NULL) {
- ret = xmlStrPrintf(prompt, sizeof(prompt), "Enter password for \"%s\" file again: ", filename);
+ ret = xmlStrPrintf(BAD_CAST prompt, sizeof(prompt), "Enter password for \"%s\" file again: ", filename);
} else {
- ret = xmlStrPrintf(prompt, sizeof(prompt), "Enter password again: ");
+ ret = xmlStrPrintf(BAD_CAST prompt, sizeof(prompt), "Enter password again: ");
}
if(ret < 0) {
xmlSecXmlError("xmlStrPrintf", NULL);
return(-1);
}
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(buflen, bufsize, return(-1), NULL);
buf2 = (char*)xmlMalloc(bufsize);
if(buf2 == NULL) {
xmlSecMallocError(bufsize, NULL);
return(-1);
}
- ret = EVP_read_pw_string(buf2, bufsize, (char*)prompt, 0);
+ ret = EVP_read_pw_string(buf2, buflen, (char*)prompt, 0);
if(ret != 0) {
xmlSecOpenSSLError("EVP_read_pw_string", NULL);
memset(buf2, 0, bufsize);
/* check if passwords match */
if(strcmp(buf, buf2) == 0) {
+ size_t sz;
+ int len;
+ sz = strlen(buf);
+
memset(buf2, 0, bufsize);
xmlFree(buf2);
- return((int)strlen(buf));
+
+ XMLSEC_SAFE_CAST_SIZE_T_TO_INT(sz, len, return(-1), NULL);
+ return(len);
}
/* try again */
}
static int
-xmlSecOpenSSLDummyPasswordCallback(char *buf, int bufsize,
+xmlSecOpenSSLDummyPasswordCallback(char *buf, int bufLen,
int verify ATTRIBUTE_UNUSED,
void *userdata) {
+#if defined(_MSC_VER)
+ xmlSecSize bufSize;
+#endif /* defined(_MSC_VER) */
char* password;
- int passwordlen;
+ size_t passwordSize;
+ int passwordLen;
UNREFERENCED_PARAMETER(verify);
password = (char*)userdata;
if(password == NULL) {
return(-1);
}
- passwordlen = (int)strlen(password);
- if(passwordlen + 1 > bufsize) {
+
+ passwordSize = strlen(password);
+ XMLSEC_SAFE_CAST_SIZE_T_TO_INT(passwordSize, passwordLen, return(-1), NULL);
+ if(passwordLen + 1 > bufLen) {
return(-1);
}
-#ifdef WIN32
- strcpy_s(buf, bufsize, password);
-#else /* WIN32 */
+#if defined(_MSC_VER)
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(bufLen, bufSize, return(-1), NULL);
+ strcpy_s(buf, bufSize, password);
+#else /* defined(_MSC_VER) */
strcpy(buf, password);
-#endif /* WIN32 */
+#endif /* defined(_MSC_VER) */
- return (passwordlen);
+ return (passwordLen);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:bn
#include <string.h>
#include <openssl/bn.h>
-#include <libxml/tree.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/xmltree.h>
#include <xmlsec/openssl/crypto.h>
#include <xmlsec/openssl/bn.h>
+#include "../cast_helpers.h"
+
/**
* xmlSecOpenSSLNodeGetBNValue:
* @cur: the pointer to an XML node.
* @a: the BIGNUM buffer.
*
- * Converts the node content from CryptoBinary format
+ * DEPRECATED. Converts the node content from CryptoBinary format
* (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
* to a BIGNUM. If no BIGNUM buffer provided then a new
* BIGNUM is created (caller is responsible for freeing it).
BIGNUM*
xmlSecOpenSSLNodeGetBNValue(const xmlNodePtr cur, BIGNUM **a) {
xmlSecBuffer buf;
+ int bufInitialized = 0;
+ xmlSecByte* bufPtr;
+ xmlSecSize bufSize;
+ int bufLen;
int ret;
+ BIGNUM* res = NULL;
xmlSecAssert2(cur != NULL, NULL);
ret = xmlSecBufferInitialize(&buf, 128);
if(ret < 0) {
xmlSecInternalError("xmlSecBufferInitialize", NULL);
- return(NULL);
+ goto done;
}
+ bufInitialized = 1;
ret = xmlSecBufferBase64NodeContentRead(&buf, cur);
if(ret < 0) {
xmlSecInternalError("xmlSecBufferBase64NodeContentRead", NULL);
- xmlSecBufferFinalize(&buf);
- return(NULL);
+ goto done;
}
- (*a) = BN_bin2bn(xmlSecBufferGetData(&buf), xmlSecBufferGetSize(&buf), (*a));
+ bufPtr = xmlSecBufferGetData(&buf);
+ bufSize = xmlSecBufferGetSize(&buf);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(bufSize, bufLen, goto done, NULL);
+
+ (*a) = BN_bin2bn(bufPtr, bufLen, (*a));
if( (*a) == NULL) {
- xmlSecOpenSSLError2("BN_bin2bn", NULL,
- "size=%lu", (unsigned long)(xmlSecBufferGetSize(&buf)));
+ xmlSecOpenSSLError2("BN_bin2bn", NULL, "size=%d", bufLen);
+ goto done;
+ }
+ res = (*a);
+
+done:
+ if(bufInitialized != 0) {
xmlSecBufferFinalize(&buf);
- return(NULL);
}
- xmlSecBufferFinalize(&buf);
- return(*a);
+ return(res);
}
/**
* linebreaks will be added before and after
* new buffer content.
*
- * Converts BIGNUM to CryptoBinary string
+ * DEPRECATED. Converts BIGNUM to CryptoBinary string
* (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
* and sets it as the content of the given node. If the
* addLineBreaks is set then line breaks are added
int
xmlSecOpenSSLNodeSetBNValue(xmlNodePtr cur, const BIGNUM *a, int addLineBreaks) {
xmlSecBuffer buf;
+ int bufInitialized = 0;
xmlSecSize size;
int ret;
+ int res = -1;
xmlSecAssert2(a != NULL, -1);
xmlSecAssert2(cur != NULL, -1);
- ret = xmlSecBufferInitialize(&buf, BN_num_bytes(a) + 1);
+ ret = BN_num_bytes(a);
+ if(ret < 0) {
+ xmlSecOpenSSLError("BN_num_bytes", NULL);
+ goto done;
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, goto done, NULL);
+
+ ret = xmlSecBufferInitialize(&buf, size + 1);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferInitialize", NULL,
- "size=%d", BN_num_bytes(a) + 1);
- return(-1);
+ "size=" XMLSEC_SIZE_FMT, (size + 1));
+ goto done;
}
+ bufInitialized = 1;
ret = BN_bn2bin(a, xmlSecBufferGetData(&buf));
if(ret < 0) {
xmlSecOpenSSLError("BN_bn2bin", NULL);
- xmlSecBufferFinalize(&buf);
- return(-1);
+ goto done;
}
- size = ret;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, goto done, NULL);
ret = xmlSecBufferSetSize(&buf, size);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", NULL,
- "size=%d", size);
- xmlSecBufferFinalize(&buf);
- return(-1);
+ "size=" XMLSEC_SIZE_FMT, size);
+ goto done;
}
if(addLineBreaks) {
ret = xmlSecBufferBase64NodeContentWrite(&buf, cur, xmlSecBase64GetDefaultLineSize());
if(ret < 0) {
xmlSecInternalError("xmlSecBufferBase64NodeContentWrite", NULL);
- xmlSecBufferFinalize(&buf);
- return(-1);
+ goto done;
}
if(addLineBreaks) {
xmlNodeAddContent(cur, xmlSecGetDefaultLineFeed());
}
- xmlSecBufferFinalize(&buf);
- return(0);
+ /* success */
+ res = 0;
+
+done:
+ if(bufInitialized != 0) {
+ xmlSecBufferFinalize(&buf);
+ }
+ return(res);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:ciphers
#include <openssl/rand.h>
#include <xmlsec/xmlsec.h>
+#include <xmlsec/errors.h>
#include <xmlsec/keys.h>
+#include <xmlsec/private.h>
#include <xmlsec/transforms.h>
-#include <xmlsec/errors.h>
#include <xmlsec/openssl/crypto.h>
#include <xmlsec/openssl/evp.h>
#include "openssl_compat.h"
-#define xmlSecOpenSSLAesGcmNonceLengthInBytes 12
-#define xmlSecOpenSSLAesGcmTagLengthInBytes 16
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+
+#define XMLSEC_OPENSSL_EVP_CIPHER_PAD_SIZE (2 * EVP_MAX_BLOCK_LENGTH)
+#define XMLSEC_OPENSSL_AES_GCM_NONCE_SIZE 12
+#define XMLSEC_OPENSSL_AES_GCM_TAG_SIZE 16
/**************************************************************************
*
typedef struct _xmlSecOpenSSLEvpBlockCipherCtx xmlSecOpenSSLEvpBlockCipherCtx,
*xmlSecOpenSSLEvpBlockCipherCtxPtr;
struct _xmlSecOpenSSLEvpBlockCipherCtx {
+#ifndef XMLSEC_OPENSSL_API_300
const EVP_CIPHER* cipher;
+#else /* XMLSEC_OPENSSL_API_300 */
+ const char* cipherName;
+ EVP_CIPHER* cipher;
+#endif /* XMLSEC_OPENSSL_API_300 */
xmlSecKeyDataId keyId;
EVP_CIPHER_CTX* cipherCtx;
int keyInitialized;
int cbcMode;
xmlSecByte key[EVP_MAX_KEY_LENGTH];
xmlSecByte iv[EVP_MAX_IV_LENGTH];
- xmlSecByte pad[2*EVP_MAX_BLOCK_LENGTH];
+ xmlSecByte pad[XMLSEC_OPENSSL_EVP_CIPHER_PAD_SIZE];
};
static int xmlSecOpenSSLEvpBlockCipherCtxInit (xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
xmlSecTransformCtxPtr transformCtx);
static int xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
const xmlSecByte * in,
- int inSize,
+ xmlSecSize inSize,
xmlSecBufferPtr out,
const xmlChar* cipherName,
int final,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
int ivLen;
+ xmlSecSize ivSize;
int ret;
xmlSecAssert2(ctx != NULL, -1);
ivLen = EVP_CIPHER_iv_length(ctx->cipher);
} else {
/* This is the nonce length for GCM mode rather than an IV */
- ivLen = xmlSecOpenSSLAesGcmNonceLengthInBytes;
+ ivLen = XMLSEC_OPENSSL_AES_GCM_NONCE_SIZE;
}
-
xmlSecAssert2(ivLen > 0, -1);
- xmlSecAssert2((xmlSecSize)ivLen <= sizeof(ctx->iv), -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ivLen, ivSize, return(-1), NULL);
+ xmlSecAssert2(ivSize <= sizeof(ctx->iv), -1);
if(encrypt) {
/* generate random iv */
- ret = RAND_bytes(ctx->iv, ivLen);
+ ret = RAND_priv_bytes_ex(xmlSecOpenSSLGetLibCtx(), ctx->iv, ivSize, XMLSEEC_OPENSSL_RAND_BYTES_STRENGTH);
if(ret != 1) {
- xmlSecOpenSSLError2("RAND_bytes", cipherName,
- "size=%lu", (unsigned long)ivLen);
+ xmlSecOpenSSLError2("RAND_priv_bytes_ex", cipherName, "size=%d", ivLen);
return(-1);
}
/* write iv to the output */
- ret = xmlSecBufferAppend(out, ctx->iv, ivLen);
+ ret = xmlSecBufferAppend(out, ctx->iv, ivSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferAppend", cipherName, "size=%d", ivLen);
return(-1);
} else {
/* if we don't have enough data, exit and hope that
* we'll have iv next time */
- if(xmlSecBufferGetSize(in) < (xmlSecSize)ivLen) {
+ if(xmlSecBufferGetSize(in) < ivSize) {
return(0);
}
/* copy iv to our buffer*/
xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
- memcpy(ctx->iv, xmlSecBufferGetData(in), ivLen);
+ memcpy(ctx->iv, xmlSecBufferGetData(in), ivSize);
/* and remove from input */
- ret = xmlSecBufferRemoveHead(in, ivLen);
+ ret = xmlSecBufferRemoveHead(in, ivSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d", ivLen);
return(-1);
static int
xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
const xmlSecByte * in,
- int inSize,
+ xmlSecSize inSize,
xmlSecBufferPtr out,
const xmlChar* cipherName,
int final,
xmlSecByte *tagData) {
xmlSecByte* outBuf;
- xmlSecSize outSize;
- int blockLen, outLen = 0;
+ xmlSecSize outSize, outSize2, blockSize;
+ int blockLen;
+ int inLen;
+ int outLen = 0;
int ret;
xmlSecAssert2(ctx != NULL, -1);
*/
blockLen = EVP_CIPHER_block_size(ctx->cipher);
xmlSecAssert2(blockLen > 0, -1);
- xmlSecAssert2((inSize % blockLen) == 0, -1);
+
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(blockLen, blockSize, return(-1), NULL);
+ xmlSecAssert2((inSize % blockSize) == 0, -1);
outSize = xmlSecBufferGetSize(out);
if(ctx->cbcMode) {
/* prepare: ensure we have enough space (+blockLen for final) */
- ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen);
+ ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize",
xmlSecErrorsSafeString(cipherName),
- "size=%d", (int)(outSize + inSize + blockLen));
+ "size=" XMLSEC_SIZE_FMT, (outSize + inSize + blockSize));
return(-1);
}
} else {
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize",
xmlSecErrorsSafeString(cipherName),
- "size=%d", (int)(outSize + inSize + blockLen));
+ "size=" XMLSEC_SIZE_FMT, (outSize + inSize));
return(-1);
}
}
outBuf = xmlSecBufferGetData(out) + outSize;
/* encrypt/decrypt */
- ret = EVP_CipherUpdate(ctx->cipherCtx, outBuf, &outLen, in, inSize);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, return(-1), cipherName);
+ ret = EVP_CipherUpdate(ctx->cipherCtx, outBuf, &outLen, in, inLen);
if(ret != 1) {
xmlSecOpenSSLError("EVP_CipherUpdate", cipherName);
return(-1);
}
- xmlSecAssert2(outLen == inSize, -1);
+ xmlSecAssert2(outLen == inLen, -1);
/* finalize transform if needed */
if(final != 0) {
if(ctx->cbcMode == 0) {
if(!EVP_CIPHER_CTX_encrypting(ctx->cipherCtx)) {
ret = EVP_CIPHER_CTX_ctrl(ctx->cipherCtx, EVP_CTRL_GCM_SET_TAG,
- xmlSecOpenSSLAesGcmTagLengthInBytes, tagData);
+ XMLSEC_OPENSSL_AES_GCM_TAG_SIZE, tagData);
if(ret != 1) {
xmlSecOpenSSLError("EVP_CIPHER_CTX_ctrl", cipherName);
return(-1);
if(ctx->cbcMode == 0) {
if(EVP_CIPHER_CTX_encrypting(ctx->cipherCtx)) {
ret = EVP_CIPHER_CTX_ctrl(ctx->cipherCtx, EVP_CTRL_GCM_GET_TAG,
- xmlSecOpenSSLAesGcmTagLengthInBytes, tagData);
+ XMLSEC_OPENSSL_AES_GCM_TAG_SIZE, tagData);
if(ret != 1) {
xmlSecOpenSSLError("EVP_CIPHER_CTX_ctrl", cipherName);
return(-1);
outLen += outLen2;
}
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(outLen, outSize2, return(-1), NULL);
/* set correct output buffer size */
- ret = xmlSecBufferSetSize(out, outSize + outLen);
+ ret = xmlSecBufferSetSize(out, outSize + outSize2);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", cipherName,
- "size=%d", (int)(outSize + outLen));
+ "size=" XMLSEC_SIZE_FMT, (outSize + outSize2));
return(-1);
}
xmlSecBufferPtr in, xmlSecBufferPtr out,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
- xmlSecSize inSize, blockLen, inBlocksLen;
+ xmlSecSize inSize, blockSize, inBlocksSize;
+ int blockLen;
xmlSecByte* inBuf;
int ret;
blockLen = EVP_CIPHER_block_size(ctx->cipher);
xmlSecAssert2(blockLen > 0, -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(blockLen, blockSize, return(-1), NULL);
inSize = xmlSecBufferGetSize(in);
-
if(ctx->cbcMode) {
- if(inSize <= blockLen) {
+ if(inSize <= blockSize) {
/* wait for more data: we want to make sure we keep the last chunk in tmp buffer for
* padding check/removal on decryption
*/
return(0);
}
} else {
- if(inSize <= xmlSecOpenSSLAesGcmTagLengthInBytes) {
+ if(inSize <= XMLSEC_OPENSSL_AES_GCM_TAG_SIZE) {
/* In GCM mode during decryption the last 16 bytes of the buffer are the tag.
* Make sure there are always at least 16 bytes left over until we know we're
* processing the last buffer */
* We process all complete blocks from the input
*/
if(ctx->cbcMode) {
- inBlocksLen = blockLen * (inSize / blockLen);
+ inBlocksSize = blockSize * (inSize / blockSize);
} else {
/* ensure we keep the last 16 bytes around until the Final() call */
- inBlocksLen = blockLen * ((inSize - xmlSecOpenSSLAesGcmTagLengthInBytes) / blockLen);
- if(inBlocksLen == 0) {
+ inBlocksSize = blockSize * ((inSize - XMLSEC_OPENSSL_AES_GCM_TAG_SIZE) / blockSize);
+ if(inBlocksSize == 0) {
return(0);
}
}
- if(inBlocksLen == inSize) {
+ if(inBlocksSize == inSize) {
if(ctx->cbcMode) {
- inBlocksLen -= blockLen; /* ensure we keep the last block around for Final() call to add/check/remove padding */
+ xmlSecAssert2(inBlocksSize >= blockSize, -1);
+ inBlocksSize -= blockSize; /* ensure we keep the last block around for Final() call to add/check/remove padding */
}
}
- xmlSecAssert2(inBlocksLen > 0, -1);
+ xmlSecAssert2(inBlocksSize > 0, -1);
inBuf = xmlSecBufferGetData(in);
- ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, (int)inBlocksLen, out, cipherName, 0,
+ ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, inBlocksSize, out, cipherName, 0,
NULL); /* not final */
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock", cipherName);
}
/* remove the processed block from input */
- ret = xmlSecBufferRemoveHead(in, inBlocksLen);
+ ret = xmlSecBufferRemoveHead(in, inBlocksSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d", (int)inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
+ "size=" XMLSEC_SIZE_FMT, inBlocksSize);
return(-1);
}
xmlSecAssert2(inSize > 0, -1);
if(ctx->cbcMode) {
- xmlSecAssert2(inSize <= blockLen, -1);
+ xmlSecAssert2(inSize <= blockSize, -1);
}
/* done */
xmlSecBufferPtr in,
xmlSecBufferPtr out,
const xmlChar* cipherName,
- xmlSecTransformCtxPtr transformCtx)
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED)
{
- xmlSecSize inSize, outSize, blockLen;
+ xmlSecSize size, inSize, outSize;
+ int inLen, outLen, padLen, blockLen;
xmlSecByte* inBuf;
xmlSecByte* outBuf;
int ret;
- /* unreferenced parameter */
- (void)transformCtx;
-
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->cipher != NULL, -1);
xmlSecAssert2(ctx->cipherCtx != NULL, -1);
xmlSecAssert2(ctx->ctxInitialized != 0, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(out != NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
blockLen = EVP_CIPHER_block_size(ctx->cipher);
xmlSecAssert2(blockLen > 0, -1);
/* not more than one block left */
inSize = xmlSecBufferGetSize(in);
inBuf = xmlSecBufferGetData(in);
- xmlSecAssert2(inSize <= blockLen, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, return(-1), NULL);
+ xmlSecAssert2(inLen <= blockLen, -1);
/*
* The padding used in XML Enc does not follow RFC 1423
* https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-Alg-Block
*/
if(EVP_CIPHER_CTX_encrypting(ctx->cipherCtx)) {
- xmlSecSize padLen;
-
- /* figure out pad length, if it is 0 (i.e. inSize == blockLen) then set it to blockLen */
- padLen = blockLen - inSize;
+ /* figure out pad length, if it is 0 (i.e. inLen == blockLen) then set it to blockLen */
+ padLen = blockLen - inLen;
if(padLen == 0) {
padLen = blockLen;
}
xmlSecAssert2(padLen > 0, -1);
- xmlSecAssert2(inSize + padLen <= sizeof(ctx->pad), -1);
+ xmlSecAssert2((inLen + padLen) <= XMLSEC_OPENSSL_EVP_CIPHER_PAD_SIZE, -1);
- /* we can have inSize == 0 if there were no data at all, otherwise -- copy the data */
- if(inSize > 0) {
- memcpy(ctx->pad, inBuf, inSize);
+ /* we can have inLen == 0 if there were no data at all, otherwise -- copy the data */
+ if(inLen > 0) {
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(inLen, size, return(-1), NULL);
+ memcpy(ctx->pad, inBuf, size);
}
/* generate random padding */
if(padLen > 1) {
- ret = RAND_bytes(ctx->pad + inSize, (int)(padLen - 1));
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(padLen, size, return(-1), NULL);
+ ret = RAND_priv_bytes_ex(xmlSecOpenSSLGetLibCtx(), ctx->pad + inLen, size - 1,
+ XMLSEEC_OPENSSL_RAND_BYTES_STRENGTH);
if (ret != 1) {
- xmlSecOpenSSLError("RAND_bytes", cipherName);
+ xmlSecOpenSSLError("RAND_priv_bytes_ex", cipherName);
return(-1);
}
}
/* set the last byte to the pad length */
- ctx->pad[inSize + padLen - 1] = (xmlSecByte)padLen;
+ outLen = inLen + padLen;
+ XMLSEC_SAFE_CAST_INT_TO_BYTE(padLen, ctx->pad[outLen - 1], return(-1), cipherName);
/* update the last 1 or 2 blocks with padding */
- ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, ctx->pad, (int)(inSize + padLen), out,
- cipherName, 1, NULL); /* final */
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(outLen, outSize, return(-1), NULL);
+ ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, ctx->pad, outSize, out, cipherName, 1, NULL); /* final */
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock", cipherName);
return(-1);
}
} else {
- xmlSecSize padLen;
+ xmlSecSize padSize;
/* update the last one block with padding */
- ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, (int)inSize, out, cipherName, 1, NULL); /* final */
+ ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, inSize, out, cipherName, 1, NULL); /* final */
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock", cipherName);
return(-1);
/* we expect at least one block in the output -- the one we just decrypted */
outBuf = xmlSecBufferGetData(out);
outSize = xmlSecBufferGetSize(out);
- if(outSize < blockLen) {
- xmlSecInvalidIntegerDataError2("outSize", outSize, "blockLen", blockLen,
- "outSize >= blockLen", cipherName);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(outSize, outLen, return(-1), NULL);
+ if(outLen < blockLen) {
+ xmlSecInvalidIntegerDataError2("outLen", outLen, "blockLen", blockLen,
+ "outLen >= blockLen", cipherName);
return(-1);
}
/* get the pad length from the last byte */
- padLen = (xmlSecSize)(outBuf[outSize - 1]);
+ padLen = outBuf[outLen - 1];
if(padLen > blockLen) {
xmlSecInvalidIntegerDataError2("padLen", padLen, "blockLen", blockLen,
"padLen <= blockLen", cipherName);
return(-1);
}
- xmlSecAssert2(padLen <= outSize, -1);
+ xmlSecAssert2(padLen <= outLen, -1);
/* remove the padding */
- ret = xmlSecBufferRemoveTail(out, padLen);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(padLen, padSize, return(-1), NULL);
+ ret = xmlSecBufferRemoveTail(out, padSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveTail", cipherName, "size=%d", (int)padLen);
+ xmlSecInternalError2("xmlSecBufferRemoveTail", cipherName, "size=%d", padLen);
return(-1);
}
}
/* remove the processed block from input */
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d", (int)inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d", inLen);
return(-1);
}
xmlSecSize inSize, outSize;
xmlSecByte* inBuf;
xmlSecByte* outBuf;
- xmlSecByte tag[xmlSecOpenSSLAesGcmTagLengthInBytes];
+ xmlSecByte tag[XMLSEC_OPENSSL_AES_GCM_TAG_SIZE];
int ret;
/* unreferenced parameter */
inBuf = xmlSecBufferGetData(in);
if(EVP_CIPHER_CTX_encrypting(ctx->cipherCtx)) {
- ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, (int)inSize, out, cipherName,
+ ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, inSize, out, cipherName,
1, tag); /* final */
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock", cipherName);
/* get the tag and add to the output */
outSize = xmlSecBufferGetSize(out);
- ret = xmlSecBufferSetMaxSize(out, outSize + xmlSecOpenSSLAesGcmTagLengthInBytes);
+ ret = xmlSecBufferSetMaxSize(out, outSize + XMLSEC_OPENSSL_AES_GCM_TAG_SIZE);
if(ret < 0) {
xmlSecInternalError("xmlSecBufferSetMaxSize", cipherName);
return(-1);
}
outBuf = xmlSecBufferGetData(out) + outSize;
- memcpy(outBuf, tag, xmlSecOpenSSLAesGcmTagLengthInBytes);
- ret = xmlSecBufferSetSize(out, outSize + xmlSecOpenSSLAesGcmTagLengthInBytes);
+ memcpy(outBuf, tag, XMLSEC_OPENSSL_AES_GCM_TAG_SIZE);
+ ret = xmlSecBufferSetSize(out, outSize + XMLSEC_OPENSSL_AES_GCM_TAG_SIZE);
if(ret < 0) {
xmlSecInternalError("xmlSecBufferSetSize", cipherName);
return(-1);
}
} else {
/* There must be at least 16 bytes in the buffer - the tag and anything left over */
- xmlSecAssert2(inSize >= xmlSecOpenSSLAesGcmTagLengthInBytes, -1);
+ xmlSecAssert2(inSize >= XMLSEC_OPENSSL_AES_GCM_TAG_SIZE, -1);
/* extract the tag */
- memcpy(tag, inBuf + inSize - xmlSecOpenSSLAesGcmTagLengthInBytes,
- xmlSecOpenSSLAesGcmTagLengthInBytes);
- xmlSecBufferRemoveTail(in, xmlSecOpenSSLAesGcmTagLengthInBytes);
+ memcpy(tag, inBuf + inSize - XMLSEC_OPENSSL_AES_GCM_TAG_SIZE,
+ XMLSEC_OPENSSL_AES_GCM_TAG_SIZE);
+ xmlSecBufferRemoveTail(in, XMLSEC_OPENSSL_AES_GCM_TAG_SIZE);
inBuf = xmlSecBufferGetData(in);
inSize = xmlSecBufferGetSize(in);
/* Decrypt anything remaining and verify the tag */
- ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, (int)inSize, out, cipherName,
+ ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, inSize, out, cipherName,
1, tag); /* final */
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock", cipherName);
/* remove the processed data from input */
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d", (int)inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName,
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
*
* EVP Block Cipher transforms
*
- * xmlSecOpenSSLEvpBlockCipherCtx block is located after xmlSecTransform structure
- *
*****************************************************************************/
-#define xmlSecOpenSSLEvpBlockCipherSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLEvpBlockCipherCtx))
-#define xmlSecOpenSSLEvpBlockCipherGetCtx(transform) \
- ((xmlSecOpenSSLEvpBlockCipherCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(OpenSSLEvpBlockCipher, xmlSecOpenSSLEvpBlockCipherCtx)
+#define xmlSecOpenSSLEvpBlockCipherSize XMLSEC_TRANSFORM_SIZE(OpenSSLEvpBlockCipher)
static int xmlSecOpenSSLEvpBlockCipherInitialize (xmlSecTransformPtr transform);
static void xmlSecOpenSSLEvpBlockCipherFinalize (xmlSecTransformPtr transform);
return(0);
}
+/* small helper macro to reduce clutter in the code */
+#ifndef XMLSEC_OPENSSL_API_300
+#define XMLSEC_OPENSSL_SET_CIPHER(ctx, cipherVal, cipherNameVal) \
+ (ctx)->cipher = (cipherVal)
+#else /* XMLSEC_OPENSSL_API_300 */
+#define XMLSEC_OPENSSL_SET_CIPHER(ctx, cipherVal, cipherNameVal) \
+ (ctx)->cipherName = (cipherNameVal)
+#endif /* XMLSEC_OPENSSL_API_300 */
+
static int
xmlSecOpenSSLEvpBlockCipherInitialize(xmlSecTransformPtr transform) {
xmlSecOpenSSLEvpBlockCipherCtxPtr ctx;
#ifndef XMLSEC_NO_DES
if(transform->id == xmlSecOpenSSLTransformDes3CbcId) {
- ctx->cipher = EVP_des_ede3_cbc();
+ XMLSEC_OPENSSL_SET_CIPHER(ctx, EVP_des_ede3_cbc(), XMLSEEC_OPENSSL_CIPHER_NAME_DES3_EDE);
ctx->keyId = xmlSecOpenSSLKeyDataDesId;
ctx->cbcMode = 1;
} else
#ifndef XMLSEC_NO_AES
if(transform->id == xmlSecOpenSSLTransformAes128CbcId) {
- ctx->cipher = EVP_aes_128_cbc();
+ XMLSEC_OPENSSL_SET_CIPHER(ctx, EVP_aes_128_cbc(), XMLSEEC_OPENSSL_CIPHER_NAME_AES128_CBC);
ctx->keyId = xmlSecOpenSSLKeyDataAesId;
ctx->cbcMode = 1;
} else if(transform->id == xmlSecOpenSSLTransformAes192CbcId) {
- ctx->cipher = EVP_aes_192_cbc();
+ XMLSEC_OPENSSL_SET_CIPHER(ctx, EVP_aes_192_cbc(), XMLSEEC_OPENSSL_CIPHER_NAME_AES192_CBC);
ctx->keyId = xmlSecOpenSSLKeyDataAesId;
ctx->cbcMode = 1;
} else if(transform->id == xmlSecOpenSSLTransformAes256CbcId) {
- ctx->cipher = EVP_aes_256_cbc();
+ XMLSEC_OPENSSL_SET_CIPHER(ctx, EVP_aes_256_cbc(), XMLSEEC_OPENSSL_CIPHER_NAME_AES256_CBC);
ctx->keyId = xmlSecOpenSSLKeyDataAesId;
ctx->cbcMode = 1;
} else if(transform->id == xmlSecOpenSSLTransformAes128GcmId) {
- ctx->cipher = EVP_aes_128_gcm();
+ XMLSEC_OPENSSL_SET_CIPHER(ctx, EVP_aes_128_gcm(), XMLSEEC_OPENSSL_CIPHER_NAME_AES128_GCM);
ctx->keyId = xmlSecOpenSSLKeyDataAesId;
ctx->cbcMode = 0;
} else if(transform->id == xmlSecOpenSSLTransformAes192GcmId) {
- ctx->cipher = EVP_aes_192_gcm();
+ XMLSEC_OPENSSL_SET_CIPHER(ctx, EVP_aes_192_gcm(), XMLSEEC_OPENSSL_CIPHER_NAME_AES192_GCM);
ctx->keyId = xmlSecOpenSSLKeyDataAesId;
ctx->cbcMode = 0;
} else if(transform->id == xmlSecOpenSSLTransformAes256GcmId) {
- ctx->cipher = EVP_aes_256_gcm();
+ XMLSEC_OPENSSL_SET_CIPHER(ctx, EVP_aes_256_gcm(), XMLSEEC_OPENSSL_CIPHER_NAME_AES256_GCM);
ctx->keyId = xmlSecOpenSSLKeyDataAesId;
ctx->cbcMode = 0;
} else
return(-1);
}
+#ifdef XMLSEC_OPENSSL_API_300
+ /* fetch cipher */
+ xmlSecAssert2(ctx->cipherName != NULL, -1);
+ ctx->cipher = EVP_CIPHER_fetch(xmlSecOpenSSLGetLibCtx(), ctx->cipherName, NULL);
+ if(ctx->cipher == NULL) {
+ xmlSecOpenSSLError2("EVP_CIPHER_fetch", xmlSecTransformGetName(transform),
+ "cipherName=%s", xmlSecErrorsSafeString(ctx->cipherName));
+ xmlSecOpenSSLEvpBlockCipherFinalize(transform);
+ return(-1);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
+
/* create cipher ctx */
ctx->cipherCtx = EVP_CIPHER_CTX_new();
if(ctx->cipherCtx == NULL) {
- xmlSecOpenSSLError("EVP_CIPHER_CTX_new",
- xmlSecTransformGetName(transform));
+ xmlSecOpenSSLError("EVP_CIPHER_CTX_new", xmlSecTransformGetName(transform));
+ xmlSecOpenSSLEvpBlockCipherFinalize(transform);
return(-1);
}
if(ctx->cipherCtx != NULL) {
EVP_CIPHER_CTX_free(ctx->cipherCtx);
}
-
+#ifdef XMLSEC_OPENSSL_API_300
+ if(ctx->cipher != NULL) {
+ EVP_CIPHER_free(ctx->cipher);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
memset(ctx, 0, sizeof(xmlSecOpenSSLEvpBlockCipherCtx));
}
static int
xmlSecOpenSSLEvpBlockCipherSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecOpenSSLEvpBlockCipherCtxPtr ctx;
- int cipherKeyLen;
+ int cipherKeyLen, keyBitsLen;
xmlSecAssert2(xmlSecOpenSSLEvpBlockCipherCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
cipherKeyLen = EVP_CIPHER_key_length(ctx->cipher);
xmlSecAssert2(cipherKeyLen > 0, -1);
- keyReq->keyBitsSize = (xmlSecSize)(8 * cipherKeyLen);
+ keyBitsLen = 8 * cipherKeyLen;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(keyBitsLen, keyReq->keyBitsSize, return(-1), xmlSecTransformGetName(transform));
return(0);
}
xmlSecOpenSSLEvpBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecOpenSSLEvpBlockCipherCtxPtr ctx;
xmlSecBufferPtr buffer;
+ xmlSecSize cipherKeySize;
int cipherKeyLen;
xmlSecAssert2(xmlSecOpenSSLEvpBlockCipherCheckId(transform), -1);
cipherKeyLen = EVP_CIPHER_key_length(ctx->cipher);
xmlSecAssert2(cipherKeyLen > 0, -1);
- xmlSecAssert2((xmlSecSize)cipherKeyLen <= sizeof(ctx->key), -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(cipherKeyLen, cipherKeySize, return(-1), xmlSecTransformGetName(transform));
+ xmlSecAssert2(cipherKeySize <= sizeof(ctx->key), -1);
buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
xmlSecAssert2(buffer != NULL, -1);
- if(xmlSecBufferGetSize(buffer) < (xmlSecSize)cipherKeyLen) {
- xmlSecInvalidKeyDataSizeError(xmlSecBufferGetSize(buffer), cipherKeyLen,
+ if(xmlSecBufferGetSize(buffer) < cipherKeySize) {
+ xmlSecInvalidKeyDataSizeError(xmlSecBufferGetSize(buffer), cipherKeySize,
xmlSecTransformGetName(transform));
return(-1);
}
-
xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
- memcpy(ctx->key, xmlSecBufferGetData(buffer), cipherKeyLen);
+ memcpy(ctx->key, xmlSecBufferGetData(buffer), cipherKeySize);
ctx->keyInitialized = 1;
return(0);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:crypto
#include <xmlsec/openssl/crypto.h>
#include <xmlsec/openssl/x509.h>
+#include "openssl_compat.h"
+#include "../cast_helpers.h"
+
static int xmlSecOpenSSLErrorsInit (void);
+static void xmlSecOpenSSLErrorsShutdown (void);
static xmlSecCryptoDLFunctionsPtr gXmlSecOpenSSLFunctions = NULL;
static xmlChar* gXmlSecOpenSSLTrustedCertsFolder = NULL;
+#if !defined(XMLSEC_OPENSSL_API_300) && !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ERR)
+
+#define XMLSEC_OPENSSL_ERRORS_FUNCTION 0
+
+static int gXmlSecOpenSSLErrorsLib = 0;
+static char gXmlSecOpenSSLErrorsLibName[] = "xmlsec lib";
+static char gXmlSecOpenSSLErrorsDefault[] = "xmlsec routines";
+
+static ERR_STRING_DATA xmlSecOpenSSLStrLib[2];
+static ERR_STRING_DATA xmlSecOpenSSLStrDefReason[2];
+static ERR_STRING_DATA xmlSecOpenSSLStrReasons[XMLSEC_ERRORS_MAX_NUMBER + 1];
+#endif /* !defined(XMLSEC_OPENSSL_API_300) && !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ERR) */
+
/**
* xmlSecCryptoGetFunctions_openssl:
*
int
xmlSecOpenSSLShutdown(void) {
xmlSecOpenSSLSetDefaultTrustedCertsFolder(NULL);
+ xmlSecOpenSSLErrorsShutdown();
return(0);
}
ret = xmlSecBufferSetSize(buffer, size);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
/* get random data */
- ret = RAND_bytes((xmlSecByte*)xmlSecBufferGetData(buffer), size);
+ ret = RAND_priv_bytes_ex(xmlSecOpenSSLGetLibCtx(), (xmlSecByte*)xmlSecBufferGetData(buffer), size,
+ XMLSEEC_OPENSSL_RAND_BYTES_STRENGTH);
if(ret != 1) {
- xmlSecOpenSSLError2("RAND_bytes", NULL,
- "size=%lu", (unsigned long)size);
+ xmlSecOpenSSLError2("RAND_priv_bytes_ex", NULL,
+ "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
return(0);
xmlSecOpenSSLErrorsDefaultCallback(const char* file, int line, const char* func,
const char* errorObject, const char* errorSubject,
int reason, const char* msg) {
- ERR_put_error(XMLSEC_OPENSSL_ERRORS_LIB,
+#if !defined(XMLSEC_OPENSSL_API_300) && !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ERR)
+ ERR_put_error(gXmlSecOpenSSLErrorsLib,
XMLSEC_OPENSSL_ERRORS_FUNCTION,
reason, file, line);
+#endif /* !defined(XMLSEC_OPENSSL_API_300) && !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ERR) */
+
xmlSecErrorsDefaultCallback(file, line, func,
errorObject, errorSubject,
reason, msg);
static int
xmlSecOpenSSLErrorsInit(void) {
-#ifndef OPENSSL_IS_BORINGSSL
- static ERR_STRING_DATA xmlSecOpenSSLStrReasons[XMLSEC_ERRORS_MAX_NUMBER + 1];
- static ERR_STRING_DATA xmlSecOpenSSLStrLib[]= {
- { ERR_PACK(XMLSEC_OPENSSL_ERRORS_LIB,0,0), "xmlsec routines"},
- { 0, NULL}
- };
- static ERR_STRING_DATA xmlSecOpenSSLStrDefReason[]= {
- { XMLSEC_OPENSSL_ERRORS_LIB, "xmlsec lib"},
- { 0, NULL}
- };
+#if !defined(XMLSEC_OPENSSL_API_300) && !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ERR)
xmlSecSize pos;
+ /* get XMLSec library id */
+ gXmlSecOpenSSLErrorsLib = ERR_get_next_error_library();
+
+ /* initialize xmlsec lib name array */
+ memset(xmlSecOpenSSLStrLib, 0, sizeof(xmlSecOpenSSLStrLib));
+ xmlSecOpenSSLStrLib[0].error = ERR_PACK(gXmlSecOpenSSLErrorsLib, 0, 0);
+ xmlSecOpenSSLStrLib[0].string = gXmlSecOpenSSLErrorsLibName;
+
+ /* initialize xmlsec default error array */
+ memset(xmlSecOpenSSLStrDefReason, 0, sizeof(xmlSecOpenSSLStrDefReason));
+ xmlSecOpenSSLStrDefReason[0].error = ERR_PACK(gXmlSecOpenSSLErrorsLib, XMLSEC_OPENSSL_ERRORS_FUNCTION, 0);
+ xmlSecOpenSSLStrDefReason[0].string = gXmlSecOpenSSLErrorsDefault;
+
/* initialize reasons array */
memset(xmlSecOpenSSLStrReasons, 0, sizeof(xmlSecOpenSSLStrReasons));
for(pos = 0; (pos < XMLSEC_ERRORS_MAX_NUMBER) && (xmlSecErrorsGetMsg(pos) != NULL); ++pos) {
- xmlSecOpenSSLStrReasons[pos].error = xmlSecErrorsGetCode(pos);
+ xmlSecOpenSSLStrReasons[pos].error = ERR_PACK(gXmlSecOpenSSLErrorsLib, XMLSEC_OPENSSL_ERRORS_FUNCTION, xmlSecErrorsGetCode(pos));
xmlSecOpenSSLStrReasons[pos].string = xmlSecErrorsGetMsg(pos);
}
- /* finally load xmlsec strings in OpenSSL */
- ERR_load_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrLib); /* define xmlsec lib name */
- ERR_load_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrDefReason); /* define default reason */
- ERR_load_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrReasons);
-#endif /* OPENSSL_IS_BORINGSSL */
+ /* load xmlsec strings in OpenSSL */
+ ERR_load_strings(gXmlSecOpenSSLErrorsLib, xmlSecOpenSSLStrLib); /* define xmlsec lib name */
+ ERR_load_strings(gXmlSecOpenSSLErrorsLib, xmlSecOpenSSLStrDefReason); /* define default reason */
+ ERR_load_strings(gXmlSecOpenSSLErrorsLib, xmlSecOpenSSLStrReasons);
+#endif /* !defined(XMLSEC_OPENSSL_API_300) && !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ERR) */
/* and set default errors callback for xmlsec to us */
xmlSecErrorsSetCallback(xmlSecOpenSSLErrorsDefaultCallback);
return(0);
}
+
+static void
+xmlSecOpenSSLErrorsShutdown(void) {
+ /* remove callback */
+ xmlSecErrorsSetCallback(NULL);
+
+#if !defined(XMLSEC_OPENSSL_API_300) && !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ERR)
+ /* unload xmlsec strings from OpenSSL */
+ ERR_unload_strings(gXmlSecOpenSSLErrorsLib, xmlSecOpenSSLStrLib);
+ ERR_unload_strings(gXmlSecOpenSSLErrorsLib, xmlSecOpenSSLStrDefReason);
+ ERR_unload_strings(gXmlSecOpenSSLErrorsLib, xmlSecOpenSSLStrReasons);
+#endif /* !defined(XMLSEC_OPENSSL_API_300) && !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ERR) */
+}
+
/**
* xmlSecOpenSSLSetDefaultTrustedCertsFolder:
* @path: the default trusted certs path.
xmlSecOpenSSLGetDefaultTrustedCertsFolder(void) {
return(gXmlSecOpenSSLTrustedCertsFolder);
}
+
+#ifdef XMLSEC_OPENSSL_API_300
+
+static OSSL_LIB_CTX* gXmlSecOpenSSLLibCtx = NULL;
+
+/**
+ * xmlSecOpenSSLSetLibCtx:
+ * @libctx: the OSSL_LIB_CTX object to be used by xmlsec-openssl
+ * or NULL to use default.
+ *
+ * Sets the OSSL_LIB_CTX object to be used by xmlsec-openssl. The caller is
+ * responsible for lifetime of this object.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecOpenSSLSetLibCtx(OSSL_LIB_CTX* libctx) {
+ gXmlSecOpenSSLLibCtx = libctx;
+ return(0);
+}
+
+/**
+ * xmlSecOpenSSLGetLibCtx:
+ *
+ * Gets the current OSSL_LIB_CTX object to be used by xmlsec-openssl or
+ * NULL if the default one is used.
+ *
+ * Returns: the current OSSL_LIB_CTX object or NULL if default is used.
+ */
+OSSL_LIB_CTX*
+xmlSecOpenSSLGetLibCtx(void) {
+ return(gXmlSecOpenSSLLibCtx);
+}
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+/********************************************************************
+ *
+ * BIO helpers
+ *
+ ********************************************************************/
+
+/**
+ * xmlSecOpenSSLCreateMemBio:
+ *
+ * Creates a memory BIO using xmlSecOpenSSLGetLibCtx() for OpenSSL 3.0.
+ *
+ * Returns: the pointer to BIO object or NULL if an error occurs/
+ */
+BIO*
+xmlSecOpenSSLCreateMemBio(void) {
+ BIO* bio = NULL;
+
+ bio = BIO_new_ex(xmlSecOpenSSLGetLibCtx(), BIO_s_mem());
+ if(bio == NULL) {
+ xmlSecOpenSSLError("BIO_new_ex(BIO_s_mem())", NULL);
+ return(NULL);
+ }
+ return(bio);
+}
+
+/**
+ * xmlSecOpenSSLCreateMemBufBio:
+ * @buf: the data
+ * @bufSize: the data size
+ *
+ * Creates a read-only memory BIO using xmlSecOpenSSLGetLibCtx() for
+ * OpenSSL 3.0 containing @len bytes of data from @buf.
+ *
+ * Returns: the pointer to BIO object or NULL if an error occurs/
+ */
+BIO*
+xmlSecOpenSSLCreateMemBufBio(const xmlSecByte *buf, xmlSecSize bufSize) {
+ BIO* bio = NULL;
+ int bufLen;
+
+ xmlSecAssert2(buf != NULL, NULL);
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(bufSize, bufLen, return(NULL), NULL);
+ bio = BIO_new_mem_buf((const void*)buf, bufLen);
+ if(bio == NULL) {
+ xmlSecOpenSSLError2("BIO_new_mem_buf", NULL,
+ "dataSize=%d", bufLen);
+ return(NULL);
+ }
+ return(bio);
+}
+
+/**
+ * xmlSecOpenSSLCreateReadFileBio:
+ * @path: the file path
+ *
+ * Creates a read-only file BIO using xmlSecOpenSSLGetLibCtx() for
+ * OpenSSL 3.0.
+ *
+ * Returns: the pointer to BIO object or NULL if an error occurs/
+ */
+BIO*
+xmlSecOpenSSLCreateReadFileBio(const char* path) {
+ BIO* bio = NULL;
+ xmlSecAssert2(path != NULL, NULL);
+
+ bio = BIO_new_ex(xmlSecOpenSSLGetLibCtx(), BIO_s_file());
+ if(bio == NULL) {
+ xmlSecOpenSSLError("BIO_new_ex(BIO_s_file())", NULL);
+ return(NULL);
+ }
+ if(BIO_read_filename(bio, path) != 1) {
+ xmlSecOpenSSLError2("BIO_read_filename", NULL,
+ "path=%s", xmlSecErrorsSafeString(path));
+ return(NULL);
+ }
+ return(bio);
+}
+
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:digests
#include <xmlsec/openssl/evp.h>
#include "openssl_compat.h"
+#ifdef XMLSEC_OPENSSL_API_300
+#include <openssl/core_names.h>
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+#include "../cast_helpers.h"
+
/**************************************************************************
*
- * Internal OpenSSL Digest CTX
+ * Internal OpenSSL EVP Digest CTX
*
*****************************************************************************/
-typedef struct _xmlSecOpenSSLDigestCtx xmlSecOpenSSLDigestCtx, *xmlSecOpenSSLDigestCtxPtr;
-struct _xmlSecOpenSSLDigestCtx {
+typedef struct _xmlSecOpenSSLEvpDigestCtx xmlSecOpenSSLEvpDigestCtx, *xmlSecOpenSSLEvpDigestCtxPtr;
+struct _xmlSecOpenSSLEvpDigestCtx {
+#ifndef XMLSEC_OPENSSL_API_300
const EVP_MD* digest;
+#else /* XMLSEC_OPENSSL_API_300 */
+ const char* digestName;
+ EVP_MD* digest;
+ int legacyDigest;
+#endif /* XMLSEC_OPENSSL_API_300 */
EVP_MD_CTX* digestCtx;
xmlSecByte dgst[EVP_MAX_MD_SIZE];
xmlSecSize dgstSize; /* dgst size in bytes */
*
* EVP Digest transforms
*
- * xmlSecOpenSSLDigestCtx is located after xmlSecTransform
- *
*****************************************************************************/
-#define xmlSecOpenSSLEvpDigestSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLDigestCtx))
-#define xmlSecOpenSSLEvpDigestGetCtx(transform) \
- ((xmlSecOpenSSLDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-
+XMLSEC_TRANSFORM_DECLARE(OpenSSLEvpDigest, xmlSecOpenSSLEvpDigestCtx)
+#define xmlSecOpenSSLEvpDigestSize XMLSEC_TRANSFORM_SIZE(OpenSSLEvpDigest)
static int xmlSecOpenSSLEvpDigestInitialize (xmlSecTransformPtr transform);
static void xmlSecOpenSSLEvpDigestFinalize (xmlSecTransformPtr transform);
}
}
+/* small helper macro to reduce clutter in the code */
+#ifndef XMLSEC_OPENSSL_API_300
+#define XMLSEC_OPENSSL_EVP_DIGEST_SETUP(ctx, digestVal, digestNameVal) \
+ (ctx)->digest = (digestVal)
+#else /* XMLSEC_OPENSSL_API_300 */
+#define XMLSEC_OPENSSL_EVP_DIGEST_SETUP(ctx, digestVal, digestNameVal) \
+ (ctx)->digestName = (digestNameVal)
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+#ifndef XMLSEC_NO_GOST2012
+
+/* Not all algorithms have been converted to the new providers design (e.g. GOST) */
+static int
+xmlSecOpenSSLEvpDigestSetLegacyDigest(xmlSecOpenSSLEvpDigestCtxPtr ctx,
+ const char * digestName) {
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->digest == NULL, -1);
+ xmlSecAssert2(digestName != NULL, -1);
+
+#ifndef XMLSEC_OPENSSL_API_300
+ ctx->digest = EVP_get_digestbyname(digestName);
+ if (ctx->digest == NULL) {
+ xmlSecOpenSSLError2("EVP_get_digestbyname()", NULL,
+ "digestName=%s", xmlSecErrorsSafeString(digestName));
+ return(-1);
+ }
+#else /* XMLSEC_OPENSSL_API_300 */
+ ctx->digestName = digestName;
+ ctx->legacyDigest = 1;
+ ctx->digest = (EVP_MD*)EVP_get_digestbyname(digestName);
+ if (ctx->digest == NULL) {
+ xmlSecOpenSSLError2("EVP_get_digestbyname", NULL,
+ "digestName=%s", xmlSecErrorsSafeString(digestName));
+ return(-1);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+ return(0);
+}
+
+#endif /* XMLSEC_NO_GOST2012 */
+
+
static int
xmlSecOpenSSLEvpDigestInitialize(xmlSecTransformPtr transform) {
- xmlSecOpenSSLDigestCtxPtr ctx;
+ xmlSecOpenSSLEvpDigestCtxPtr ctx;
xmlSecAssert2(xmlSecOpenSSLEvpDigestCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpDigestSize), -1);
xmlSecAssert2(ctx != NULL, -1);
/* initialize context */
- memset(ctx, 0, sizeof(xmlSecOpenSSLDigestCtx));
+ memset(ctx, 0, sizeof(xmlSecOpenSSLEvpDigestCtx));
#ifndef XMLSEC_NO_MD5
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformMd5Id)) {
- ctx->digest = EVP_md5();
+ XMLSEC_OPENSSL_EVP_DIGEST_SETUP(ctx, EVP_md5(), OSSL_DIGEST_NAME_MD5);
} else
#endif /* XMLSEC_NO_MD5 */
#ifndef XMLSEC_NO_RIPEMD160
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRipemd160Id)) {
- ctx->digest = EVP_ripemd160();
+ XMLSEC_OPENSSL_EVP_DIGEST_SETUP(ctx, EVP_ripemd160(), OSSL_DIGEST_NAME_RIPEMD160);
} else
#endif /* XMLSEC_NO_RIPEMD160 */
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha1Id)) {
- ctx->digest = EVP_sha1();
+ XMLSEC_OPENSSL_EVP_DIGEST_SETUP(ctx, EVP_sha1(), OSSL_DIGEST_NAME_SHA1);
} else
#endif /* XMLSEC_NO_SHA1 */
#ifndef XMLSEC_NO_SHA224
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha224Id)) {
- ctx->digest = EVP_sha224();
+ XMLSEC_OPENSSL_EVP_DIGEST_SETUP(ctx, EVP_sha224(), OSSL_DIGEST_NAME_SHA2_224);
} else
#endif /* XMLSEC_NO_SHA224 */
#ifndef XMLSEC_NO_SHA256
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha256Id)) {
- ctx->digest = EVP_sha256();
+ XMLSEC_OPENSSL_EVP_DIGEST_SETUP(ctx, EVP_sha256(), OSSL_DIGEST_NAME_SHA2_256);
} else
#endif /* XMLSEC_NO_SHA256 */
#ifndef XMLSEC_NO_SHA384
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha384Id)) {
- ctx->digest = EVP_sha384();
+ XMLSEC_OPENSSL_EVP_DIGEST_SETUP(ctx, EVP_sha384(), OSSL_DIGEST_NAME_SHA2_384);
} else
#endif /* XMLSEC_NO_SHA384 */
#ifndef XMLSEC_NO_SHA512
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha512Id)) {
- ctx->digest = EVP_sha512();
+ XMLSEC_OPENSSL_EVP_DIGEST_SETUP(ctx, EVP_sha512(), OSSL_DIGEST_NAME_SHA2_512);
} else
#endif /* XMLSEC_NO_SHA512 */
#ifndef XMLSEC_NO_GOST
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_94Id)) {
- ctx->digest = EVP_get_digestbyname("md_gost94");
- if (!ctx->digest) {
- xmlSecInvalidTransfromError(transform)
- return(-1);
- }
+ int ret;
+ ret = xmlSecOpenSSLEvpDigestSetLegacyDigest(ctx, XMLSEC_OPENSSL_DIGEST_NAME_GOST94);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLEvpDigestSetLegacyDigest(md_gost94)",
+ xmlSecTransformGetName(transform));
+ xmlSecOpenSSLEvpDigestFinalize(transform);
+ return(-1);
+ }
} else
#endif /* XMLSEC_NO_GOST */
#ifndef XMLSEC_NO_GOST2012
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_256Id)) {
- ctx->digest = EVP_get_digestbyname("md_gost12_256");
- if (!ctx->digest)
- {
- xmlSecInvalidTransfromError(transform)
- return(-1);
- }
+ int ret;
+ ret = xmlSecOpenSSLEvpDigestSetLegacyDigest(ctx, XMLSEC_OPENSSL_DIGEST_NAME_GOST12_256);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLEvpDigestSetLegacyDigest(md_gost2012_256)",
+ xmlSecTransformGetName(transform));
+ xmlSecOpenSSLEvpDigestFinalize(transform);
+ return(-1);
+ }
} else
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_512Id)) {
- ctx->digest = EVP_get_digestbyname("md_gost12_512");
- if (!ctx->digest)
- {
- xmlSecInvalidTransfromError(transform)
- return(-1);
- }
+ int ret;
+ ret = xmlSecOpenSSLEvpDigestSetLegacyDigest(ctx, XMLSEC_OPENSSL_DIGEST_NAME_GOST12_512);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLEvpDigestSetLegacyDigest(md_gost2012_512)",
+ xmlSecTransformGetName(transform));
+ xmlSecOpenSSLEvpDigestFinalize(transform);
+ return(-1);
+ }
} else
#endif /* XMLSEC_NO_GOST2012 */
-
{
- xmlSecInvalidTransfromError(transform)
+ xmlSecInvalidTransfromError(transform);
+ xmlSecOpenSSLEvpDigestFinalize(transform);
return(-1);
}
+#ifdef XMLSEC_OPENSSL_API_300
+ if(ctx->legacyDigest == 0) {
+ xmlSecAssert2(ctx->digestName != NULL, -1);
+ ctx->digest = EVP_MD_fetch(xmlSecOpenSSLGetLibCtx(), ctx->digestName, NULL);
+ if(ctx->digest == NULL) {
+ xmlSecOpenSSLError2("EVP_MD_fetch", xmlSecTransformGetName(transform),
+ "digestName=%s", xmlSecErrorsSafeString(ctx->digestName));
+ xmlSecOpenSSLEvpDigestFinalize(transform);
+ return(-1);
+ }
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
+ xmlSecAssert2(ctx->digest != NULL, -1);
+
/* create digest CTX */
ctx->digestCtx = EVP_MD_CTX_new();
if(ctx->digestCtx == NULL) {
- xmlSecOpenSSLError("EVP_MD_CTX_new",
- xmlSecTransformGetName(transform));
+ xmlSecOpenSSLError("EVP_MD_CTX_new", xmlSecTransformGetName(transform));
+ xmlSecOpenSSLEvpDigestFinalize(transform);
return(-1);
}
static void
xmlSecOpenSSLEvpDigestFinalize(xmlSecTransformPtr transform) {
- xmlSecOpenSSLDigestCtxPtr ctx;
+ xmlSecOpenSSLEvpDigestCtxPtr ctx;
xmlSecAssert(xmlSecOpenSSLEvpDigestCheckId(transform));
xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpDigestSize));
if(ctx->digestCtx != NULL) {
EVP_MD_CTX_free(ctx->digestCtx);
}
+#ifdef XMLSEC_OPENSSL_API_300
+ if((ctx->digest != NULL) && (ctx->legacyDigest == 0)) {
+ EVP_MD_free(ctx->digest);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
- memset(ctx, 0, sizeof(xmlSecOpenSSLDigestCtx));
+ memset(ctx, 0, sizeof(xmlSecOpenSSLEvpDigestCtx));
}
static int
xmlSecOpenSSLEvpDigestVerify(xmlSecTransformPtr transform,
const xmlSecByte* data, xmlSecSize dataSize,
xmlSecTransformCtxPtr transformCtx) {
- xmlSecOpenSSLDigestCtxPtr ctx;
+ xmlSecOpenSSLEvpDigestCtxPtr ctx;
xmlSecAssert2(xmlSecOpenSSLEvpDigestCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpDigestSize), -1);
xmlSecInvalidSizeError("Digest", dataSize, ctx->dgstSize,
xmlSecTransformGetName(transform));
transform->status = xmlSecTransformStatusFail;
- return -1;
+ return(0);
}
if(memcmp(ctx->dgst, data, ctx->dgstSize) != 0) {
xmlSecInvalidDataError("data and digest do not match",
xmlSecTransformGetName(transform));
transform->status = xmlSecTransformStatusFail;
- return -1;
+ return(0);
}
transform->status = xmlSecTransformStatusOk;
static int
xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
- xmlSecOpenSSLDigestCtxPtr ctx;
+ xmlSecOpenSSLEvpDigestCtxPtr ctx;
xmlSecBufferPtr in, out;
int ret;
if(ret != 1) {
xmlSecOpenSSLError2("EVP_DigestUpdate",
xmlSecTransformGetName(transform),
- "size=%lu", (unsigned long)inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
}
if(last) {
unsigned int dgstSize;
+ xmlSecSize size;
- xmlSecAssert2((xmlSecSize)EVP_MD_size(ctx->digest) <= sizeof(ctx->dgst), -1);
+ ret = EVP_MD_size(ctx->digest);
+ if (ret < 0) {
+ xmlSecOpenSSLError("EVP_MD_size",
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, return(-1), xmlSecTransformGetName(transform));
+ xmlSecAssert2(size <= sizeof(ctx->dgst), -1);
ret = EVP_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstSize);
if(ret != 1) {
return(-1);
}
xmlSecAssert2(dgstSize > 0, -1);
- ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize);
+ ctx->dgstSize = dgstSize;
/* copy result to output */
if(transform->operation == xmlSecTransformOperationSign) {
ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferAppend",
- xmlSecTransformGetName(transform),
- "size=%d", ctx->dgstSize);
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, ctx->dgstSize);
return(-1);
}
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:evp
* @Stability: Stable
*
*/
-
#include "globals.h"
#include <string.h>
#include <openssl/rand.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/base64.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/openssl/evp.h>
#include "openssl_compat.h"
+
+#ifdef XMLSEC_OPENSSL_API_300
+#include <openssl/core_names.h>
+#include <openssl/param_build.h>
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+
+
/******************************************************************************
*
* OpenSSL 1.1.0 compatibility
*
*****************************************************************************/
-#if !defined(XMLSEC_OPENSSL_API_110)
+#if !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300)
#ifndef XMLSEC_NO_RSA
return(0);
}
if(n != NULL) {
- BN_free(r->n);
+ BN_clear_free(r->n);
r->n = n;
}
if(e != NULL) {
- BN_free(r->e);
+ BN_clear_free(r->e);
r->e = e;
}
if(d != NULL) {
- BN_free(r->d);
+ BN_clear_free(r->d);
r->d = d;
}
return(1);
}
if(p != NULL) {
- BN_free(d->p);
+ BN_clear_free(d->p);
d->p = p;
}
if(q != NULL) {
- BN_free(d->q);
+ BN_clear_free(d->q);
d->q = q;
}
if(g != NULL) {
- BN_free(d->g);
+ BN_clear_free(d->g);
d->g = g;
}
return(1);
}
if(pub_key != NULL) {
- BN_free(d->pub_key);
+ BN_clear_free(d->pub_key);
d->pub_key = pub_key;
}
if(priv_key != NULL) {
- BN_free(d->priv_key);
+ BN_clear_free(d->priv_key);
d->priv_key = priv_key;
}
return(1);
}
#endif /* XMLSEC_NO_DSA */
-#endif /* !defined(XMLSEC_OPENSSL_API_110) */
+#endif /* !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300) */
#ifdef OPENSSL_IS_BORINGSSL
#ifndef XMLSEC_NO_RSA
#endif /* OPENSSL_IS_BORINGSSL */
+static int
+xmlSecOpenSSLGetBNValue(const xmlSecBufferPtr buf, BIGNUM **bigNum) {
+ xmlSecByte* bufPtr;
+ xmlSecSize bufSize;
+ int bufLen;
+
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(bigNum!= NULL, -1);
+
+ bufPtr = xmlSecBufferGetData(buf);
+ bufSize = xmlSecBufferGetSize(buf);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(bufSize, bufLen, return(-1), NULL);
+
+ (*bigNum) = BN_bin2bn(bufPtr, bufLen, (*bigNum));
+ if((*bigNum) == NULL) {
+ xmlSecOpenSSLError2("BN_bin2bn", NULL, "size=%d", bufLen);
+ return(-1);
+ }
+ return(0);
+}
+
+static int
+xmlSecOpenSSLSetBNValue(const BIGNUM *bigNum, xmlSecBufferPtr buf) {
+ xmlSecSize size;
+ int ret;
+
+ xmlSecAssert2(bigNum != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
+
+ ret = BN_num_bytes(bigNum);
+ if(ret < 0) {
+ xmlSecOpenSSLError("BN_num_bytes", NULL);
+ return(-1);
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, return(-1), NULL);
+
+ ret = xmlSecBufferSetMaxSize(buf, size + 1);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, (size + 1));
+ return(-1);
+ }
+
+ ret = BN_bn2bin(bigNum, xmlSecBufferGetData(buf));
+ if(ret < 0) {
+ xmlSecOpenSSLError("BN_bn2bin", NULL);
+ return(-1);
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, return(-1), NULL);
+
+ ret = xmlSecBufferSetSize(buf, size);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetSize", NULL,
+ "size=" XMLSEC_SIZE_FMT, size);
+ return(-1);
+ }
+
+ return(0);
+}
+
/**************************************************************************
*
* Internal OpenSSL EVP key CTX
/******************************************************************************
*
- * EVP key (dsa/rsa)
- *
- * xmlSecOpenSSLEvpKeyDataCtx is located after xmlSecTransform
+ * EVP key data (dsa/rsa)
*
*****************************************************************************/
-#define xmlSecOpenSSLEvpKeyDataSize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecOpenSSLEvpKeyDataCtx))
-#define xmlSecOpenSSLEvpKeyDataGetCtx(data) \
- ((xmlSecOpenSSLEvpKeyDataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+XMLSEC_KEY_DATA_DECLARE(OpenSSLEvpKeyData, xmlSecOpenSSLEvpKeyDataCtx)
+#define xmlSecOpenSSLEvpKeyDataSize XMLSEC_KEY_DATA_SIZE(OpenSSLEvpKeyData)
static int xmlSecOpenSSLEvpKeyDataInitialize (xmlSecKeyDataPtr data);
static int xmlSecOpenSSLEvpKeyDataDuplicate (xmlSecKeyDataPtr dst,
xmlSecKeyDataDestroy(data);
return(NULL);
}
+ pKey = NULL;
+
return(data);
}
#ifndef XMLSEC_NO_DSA
+
+/**
+ * @xmlSecOpenSSLKeyValueDsa: holds the parts of OpenSSL DSA key
+ */
+typedef struct _xmlSecOpenSSLKeyValueDsa {
+ BIGNUM* p;
+ BIGNUM* q;
+ BIGNUM* g;
+ BIGNUM* pub_key;
+ BIGNUM* priv_key;
+ int externalPrivKey;
+ int notOwner;
+} xmlSecOpenSSLKeyValueDsa, *xmlSecOpenSSLKeyValueDsaPtr;
+
+static int
+xmlSecOpenSSLKeyValueDsaInitialize(xmlSecOpenSSLKeyValueDsaPtr dsaKeyValue) {
+ xmlSecAssert2(dsaKeyValue != NULL, -1);
+ memset(dsaKeyValue, 0, sizeof(*dsaKeyValue));
+ return(0);
+}
+
+static void
+xmlSecOpenSSLKeyValueDsaFinalize(xmlSecOpenSSLKeyValueDsaPtr dsaKeyValue) {
+ xmlSecAssert(dsaKeyValue != NULL);
+
+ if((dsaKeyValue->notOwner == 0) && (dsaKeyValue->p != NULL)) {
+ BN_clear_free(dsaKeyValue->p);
+ }
+ if((dsaKeyValue->notOwner == 0) && (dsaKeyValue->q != NULL)) {
+ BN_clear_free(dsaKeyValue->q);
+ }
+ if((dsaKeyValue->notOwner == 0) && (dsaKeyValue->g != NULL)) {
+ BN_clear_free(dsaKeyValue->g);
+ }
+ if((dsaKeyValue->notOwner == 0) && (dsaKeyValue->pub_key != NULL)) {
+ BN_clear_free(dsaKeyValue->pub_key);
+ }
+ if((dsaKeyValue->notOwner == 0) && (dsaKeyValue->priv_key != NULL)) {
+ BN_clear_free(dsaKeyValue->priv_key);
+ }
+ memset(dsaKeyValue, 0, sizeof(*dsaKeyValue));
+}
+
+
/**************************************************************************
*
* <dsig:DSAKeyValue> processing
* by this the P, Q and G are *required*!
*
*************************************************************************/
+
static int xmlSecOpenSSLKeyDataDsaInitialize (xmlSecKeyDataPtr data);
static int xmlSecOpenSSLKeyDataDsaDuplicate (xmlSecKeyDataPtr dst,
xmlSecKeyDataPtr src);
xmlSecKeyDataType type);
static xmlSecKeyDataType xmlSecOpenSSLKeyDataDsaGetType (xmlSecKeyDataPtr data);
-static xmlSecSize xmlSecOpenSSLKeyDataDsaGetSize (xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecOpenSSLKeyDataDsaGetSize (xmlSecKeyDataPtr data);
static void xmlSecOpenSSLKeyDataDsaDebugDump (xmlSecKeyDataPtr data,
FILE* output);
static void xmlSecOpenSSLKeyDataDsaDebugXmlDump (xmlSecKeyDataPtr data,
FILE* output);
+static xmlSecKeyDataPtr xmlSecOpenSSLKeyDataDsaRead (xmlSecKeyDataId id,
+ xmlSecKeyValueDsaPtr dsaValue);
+static int xmlSecOpenSSLKeyDataDsaWrite (xmlSecKeyDataId id,
+ xmlSecKeyDataPtr data,
+ xmlSecKeyValueDsaPtr dsaValue,
+ int writePrivateKey);
+
static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataDsaKlass = {
sizeof(xmlSecKeyDataKlass),
xmlSecOpenSSLEvpKeyDataSize,
* @data: the pointer to DSA key data.
* @dsa: the pointer to OpenSSL DSA key.
*
- * Sets the value of DSA key data.
+ * DEPRECATED. Sets the value of DSA key data.
*
* Returns: 0 on success or a negative value otherwise.
*/
int
xmlSecOpenSSLKeyDataDsaAdoptDsa(xmlSecKeyDataPtr data, DSA* dsa) {
+#ifndef XMLSEC_OPENSSL_API_300
EVP_PKEY* pKey = NULL;
int ret;
xmlSecKeyDataGetName(data));
return(-1);
}
-
ret = EVP_PKEY_assign_DSA(pKey, dsa);
if(ret != 1) {
xmlSecOpenSSLError("EVP_PKEY_assign_DSA",
return(-1);
}
return(0);
+#else /* XMLSEC_OPENSSL_API_300 */
+ UNREFERENCED_PARAMETER(data);
+ UNREFERENCED_PARAMETER(dsa);
+ xmlSecNotImplementedError("OpenSSL 3.0 does not support direct access to DSA key");
+ return(-1);
+#endif /* XMLSEC_OPENSSL_API_300 */
}
/**
* xmlSecOpenSSLKeyDataDsaGetDsa:
* @data: the pointer to DSA key data.
*
- * Gets the OpenSSL DSA key from DSA key data.
+ * DEPRECATED. Gets the OpenSSL DSA key from DSA key data.
*
* Returns: pointer to OpenSSL DSA key or NULL if an error occurs.
*/
DSA*
xmlSecOpenSSLKeyDataDsaGetDsa(xmlSecKeyDataPtr data) {
+#ifndef XMLSEC_OPENSSL_API_300
EVP_PKEY* pKey;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), NULL);
xmlSecAssert2((pKey == NULL) || (EVP_PKEY_base_id(pKey) == EVP_PKEY_DSA), NULL);
return((pKey != NULL) ? EVP_PKEY_get0_DSA(pKey) : NULL);
+#else /* XMLSEC_OPENSSL_API_300 */
+ UNREFERENCED_PARAMETER(data);
+ xmlSecNotImplementedError("OpenSSL 3.0 does not support direct access to DSA key");
+ return(NULL);
+#endif /* XMLSEC_OPENSSL_API_300 */
}
/**
static int
xmlSecOpenSSLKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataPtr data = NULL;
- xmlNodePtr cur;
- DSA *dsa = NULL;
- BIGNUM *p = NULL, *q = NULL, *g = NULL;
- BIGNUM *priv_key = NULL, *pub_key = NULL;
- int ret;
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
xmlSecAssert2(id == xmlSecOpenSSLKeyDataDsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(xmlSecKeyGetValue(key) != NULL) {
- xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
- xmlSecKeyDataKlassGetName(id),
- "Key data value is already set");
- return(-1);
- }
+ return(xmlSecKeyDataDsaXmlRead(id, key, node, keyInfoCtx,
+ xmlSecOpenSSLKeyDataDsaRead));
+}
- dsa = DSA_new();
- if(dsa == NULL) {
- xmlSecOpenSSLError("DSA_new",
- xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
- }
+static int
+xmlSecOpenSSLKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecOpenSSLKeyDataDsaId, -1);
+ return(xmlSecKeyDataDsaXmlWrite(id, key, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecOpenSSLKeyDataDsaWrite));
+}
- cur = xmlSecGetNextElementNode(node->children);
+#ifndef XMLSEC_OPENSSL_API_300
- /* first is P node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAP, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAP, xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
- }
+static int
+xmlSecOpenSSLKeyDataDsaGetValue(xmlSecKeyDataPtr data, xmlSecOpenSSLKeyValueDsaPtr dsaKeyValue) {
+ DSA* dsa = NULL;
- if(xmlSecOpenSSLNodeGetBNValue(cur, &p) == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLNodeGetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAP));
- goto err_cleanup;
- }
- cur = xmlSecGetNextElementNode(cur->next);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
+ xmlSecAssert2(dsaKeyValue != NULL, -1);
- /* next is Q node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAQ, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAQ, xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
- }
- if(xmlSecOpenSSLNodeGetBNValue(cur, &q) == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLNodeGetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAQ));
- goto err_cleanup;
- }
- cur = xmlSecGetNextElementNode(cur->next);
+ /* ensure the values are not getting free'd */
+ dsaKeyValue->notOwner = 1;
- /* next is G node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAG, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAG, xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
+ dsa = xmlSecOpenSSLKeyDataDsaGetDsa(data);
+ if(dsa == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataDsaGetDsa", xmlSecKeyDataGetName(data));
+ return(-1);
}
- if(xmlSecOpenSSLNodeGetBNValue(cur, &g) == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLNodeGetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAG));
- goto err_cleanup;
+ DSA_get0_pqg(dsa,
+ (const BIGNUM**)&(dsaKeyValue->p),
+ (const BIGNUM**)&(dsaKeyValue->q),
+ (const BIGNUM**)&(dsaKeyValue->g));
+ if((dsaKeyValue->p == NULL) || (dsaKeyValue->q == NULL) || (dsaKeyValue->g == NULL)) {
+ xmlSecOpenSSLError("DSA_get0_pqg", xmlSecKeyDataGetName(data));
+ return(-1);
}
- cur = xmlSecGetNextElementNode(cur->next);
-
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAX, xmlSecNs))) {
- /* next is X node. It is REQUIRED for private key but
- * we are not sure exactly what do we read */
- if(xmlSecOpenSSLNodeGetBNValue(cur, &priv_key) == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLNodeGetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAX));
- goto err_cleanup;
- }
- cur = xmlSecGetNextElementNode(cur->next);
+ DSA_get0_key(dsa,
+ (const BIGNUM**)&(dsaKeyValue->pub_key),
+ (const BIGNUM**)&(dsaKeyValue->priv_key));
+ if(dsaKeyValue->pub_key == NULL) {
+ xmlSecOpenSSLError("DSA_get0_key", xmlSecKeyDataGetName(data));
+ return(-1);
}
- /* next is Y node. */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAY, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeDSAY, xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
- }
- if(xmlSecOpenSSLNodeGetBNValue(cur, &pub_key) == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLNodeGetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAY));
- goto err_cleanup;
+ if(dsaKeyValue->priv_key == NULL) {
+ /*
+ * !!! HACK !!! Also see RSA key
+ * We assume here that engine *always* has private key.
+ * This might be incorrect but it seems that there is no
+ * way to ask engine if given key is private or not.
+ */
+ const ENGINE* dsa_eng = NULL;
+ dsa_eng = DSA_get0_engine(dsa);
+ if(dsa_eng != NULL) {
+ dsaKeyValue->externalPrivKey = 1;
+ } else {
+ dsaKeyValue->externalPrivKey = 0;
+ }
}
- cur = xmlSecGetNextElementNode(cur->next);
- /* todo: add support for J */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAJ, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
+ /* success */
+ return(0);
+}
- /* todo: add support for seed */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSASeed, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
- /* todo: add support for pgencounter */
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAPgenCounter, xmlSecDSigNs))) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
+static int
+xmlSecOpenSSLKeyDataDsaSetValue(xmlSecKeyDataPtr data, xmlSecOpenSSLKeyValueDsaPtr dsaKeyValue) {
+ DSA* dsa = NULL;
+ int ret;
+ int res = -1;
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
- }
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
+ xmlSecAssert2(dsaKeyValue != NULL, -1);
+ xmlSecAssert2(dsaKeyValue->p != NULL, -1);
+ xmlSecAssert2(dsaKeyValue->q != NULL, -1);
+ xmlSecAssert2(dsaKeyValue->g != NULL, -1);
+ xmlSecAssert2(dsaKeyValue->pub_key != NULL, -1);
- data = xmlSecKeyDataCreate(id);
- if(data == NULL ) {
- xmlSecInternalError("xmlSecKeyDataCreate",
- xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
+ dsa = DSA_new();
+ if(dsa == NULL) {
+ xmlSecOpenSSLError("DSA_new", xmlSecKeyDataGetName(data));
+ goto done;
}
- ret = DSA_set0_pqg(dsa, p, q, g);
+ ret = DSA_set0_pqg(dsa, dsaKeyValue->p, dsaKeyValue->q, dsaKeyValue->g);
if(ret != 1) {
- xmlSecOpenSSLError("DSA_set0_pqg",
- xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
+ xmlSecOpenSSLError("DSA_set0_pqg", xmlSecKeyDataGetName(data));
+ goto done;
}
- p = NULL;
- q = NULL;
- g = NULL;
+ dsaKeyValue->p = NULL;
+ dsaKeyValue->q = NULL;
+ dsaKeyValue->g = NULL;
- ret = DSA_set0_key(dsa, pub_key, priv_key);
+ ret = DSA_set0_key(dsa, dsaKeyValue->pub_key, dsaKeyValue->priv_key);
if(ret != 1) {
- xmlSecOpenSSLError("DSA_set0_key",
- xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
+ xmlSecOpenSSLError("DSA_set0_key", xmlSecKeyDataGetName(data));
+ goto done;
}
- pub_key = NULL;
- priv_key = NULL;
+ dsaKeyValue->pub_key = NULL;
+ dsaKeyValue->priv_key = NULL;
ret = xmlSecOpenSSLKeyDataDsaAdoptDsa(data, dsa);
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLKeyDataDsaAdoptDsa",
- xmlSecKeyDataGetName(data));
- goto err_cleanup;
+ xmlSecKeyDataGetName(data));
+ goto done;
}
dsa = NULL;
- ret = xmlSecKeySetValue(key, data);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(data));
- data = NULL;
- goto err_cleanup;
- }
-
- return(0);
-
-err_cleanup:
- DSA_free(dsa);
- BN_free(p);
- BN_free(q);
- BN_free(g);
- BN_free(priv_key);
- BN_free(pub_key);
- if(data != NULL) {
- xmlSecKeyDataDestroy(data);
- }
- return(-1);
-}
-
-static int
-xmlSecOpenSSLKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlNodePtr cur;
- DSA* dsa;
- int ret;
- const BIGNUM *p = NULL, *q = NULL, *g = NULL;
- const BIGNUM *priv_key = NULL, *pub_key = NULL;
-
- xmlSecAssert2(id == xmlSecOpenSSLKeyDataDsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecOpenSSLKeyDataDsaId), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- dsa = xmlSecOpenSSLKeyDataDsaGetDsa(xmlSecKeyGetValue(key));
- xmlSecAssert2(dsa != NULL, -1);
-
- if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
- /* we can have only private key or public key */
- return(0);
- }
-
- DSA_get0_pqg(dsa, &p, &q, &g);
-
- /* first is P node */
- xmlSecAssert2(p != NULL, -1);
- cur = xmlSecAddChild(node, xmlSecNodeDSAP, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError2("xmlSecAddChild",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAP));
- return(-1);
- }
- ret = xmlSecOpenSSLNodeSetBNValue(cur, p, 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLNodeSetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAP));
- return(-1);
- }
-
- /* next is Q node. */
- xmlSecAssert2(q != NULL, -1);
- cur = xmlSecAddChild(node, xmlSecNodeDSAQ, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError2("xmlSecAddChild",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAQ));
- return(-1);
- }
- ret = xmlSecOpenSSLNodeSetBNValue(cur, q, 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLNodeSetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAQ));
- return(-1);
- }
-
- /* next is G node. */
- xmlSecAssert2(g != NULL, -1);
- cur = xmlSecAddChild(node, xmlSecNodeDSAG, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError2("xmlSecAddChild",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAG));
- return(-1);
- }
- ret = xmlSecOpenSSLNodeSetBNValue(cur, g, 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLNodeSetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAG));
- return(-1);
- }
-
- DSA_get0_key(dsa, &pub_key, &priv_key);
-
- /* next is X node: write it ONLY for private keys and ONLY if it is requested */
- if(((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) && (priv_key != NULL)) {
- cur = xmlSecAddChild(node, xmlSecNodeDSAX, xmlSecNs);
- if(cur == NULL) {
- xmlSecInternalError2("xmlSecAddChild",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAX));
- return(-1);
- }
- ret = xmlSecOpenSSLNodeSetBNValue(cur, priv_key, 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLNodeSetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAX));
- return(-1);
- }
- }
+ /* success */
+ res = 0;
- /* next is Y node. */
- xmlSecAssert2(pub_key != NULL, -1);
- cur = xmlSecAddChild(node, xmlSecNodeDSAY, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError2("xmlSecAddChild",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAY));
- return(-1);
- }
- ret = xmlSecOpenSSLNodeSetBNValue(cur, pub_key, 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLNodeSetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAY));
- return(-1);
+done:
+ /* cleanup */
+ if(dsa != NULL) {
+ DSA_free(dsa);
}
- return(0);
+ return(res);
}
static int
xmlSecOpenSSLKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
- DSA* dsa;
- int counter_ret;
+ DSA* dsa = NULL;
+ int counter_ret, bitsLen;
unsigned long h_ret;
int ret;
+ int res = -1;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
xmlSecAssert2(sizeBits > 0, -1);
if(dsa == NULL) {
xmlSecOpenSSLError("DSA_new",
xmlSecKeyDataGetName(data));
- return(-1);
+ goto done;
}
- ret = DSA_generate_parameters_ex(dsa, sizeBits, NULL, 0, &counter_ret, &h_ret, NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(sizeBits, bitsLen, goto done, NULL);
+ ret = DSA_generate_parameters_ex(dsa, bitsLen, NULL, 0, &counter_ret, &h_ret, NULL);
if(ret != 1) {
- xmlSecOpenSSLError2("DSA_generate_parameters_ex",
- xmlSecKeyDataGetName(data),
- "sizeBits=%lu", (unsigned long)sizeBits);
- DSA_free(dsa);
- return(-1);
+ xmlSecOpenSSLError2("DSA_generate_parameters_ex", xmlSecKeyDataGetName(data),
+ "sizeBits=" XMLSEC_SIZE_FMT, sizeBits);
+ goto done;
}
ret = DSA_generate_key(dsa);
if(ret < 0) {
- xmlSecOpenSSLError("DSA_generate_key",
- xmlSecKeyDataGetName(data));
- DSA_free(dsa);
- return(-1);
+ xmlSecOpenSSLError("DSA_generate_key", xmlSecKeyDataGetName(data));
+ goto done;
}
ret = xmlSecOpenSSLKeyDataDsaAdoptDsa(data, dsa);
if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLKeyDataDsaAdoptDsa",
- xmlSecKeyDataGetName(data));
- DSA_free(dsa);
- return(-1);
+ xmlSecInternalError("xmlSecOpenSSLKeyDataDsaAdoptDsa", xmlSecKeyDataGetName(data));
+ goto done;
}
+ dsa = NULL;
- return(0);
-}
-
-static xmlSecKeyDataType
-xmlSecOpenSSLKeyDataDsaGetType(xmlSecKeyDataPtr data) {
- DSA* dsa;
- const BIGNUM *p = NULL, *q = NULL, *g = NULL;
- const BIGNUM *priv_key = NULL, *pub_key = NULL;
- const ENGINE *dsa_eng = NULL;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), xmlSecKeyDataTypeUnknown);
+ /* success */
+ res = 0;
- dsa = xmlSecOpenSSLKeyDataDsaGetDsa(data);
- if(dsa == NULL) {
- return(xmlSecKeyDataTypeUnknown);
- }
-
- DSA_get0_pqg(dsa, &p, &q, &g);
- DSA_get0_key(dsa, &pub_key, &priv_key);
- dsa_eng = DSA_get0_engine(dsa);
-
- if(p != NULL && q != NULL && g != NULL && pub_key != NULL) {
- if(priv_key != NULL) {
- return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
- } else if(dsa_eng != NULL) {
- /*
- * !!! HACK !!! Also see RSA key
- * We assume here that engine *always* has private key.
- * This might be incorrect but it seems that there is no
- * way to ask engine if given key is private or not.
- */
- return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
- } else {
- return(xmlSecKeyDataTypePublic);
- }
+done:
+ if(dsa != NULL) {
+ DSA_free(dsa);
}
-
- return(xmlSecKeyDataTypeUnknown);
+ return(res);
}
static xmlSecSize
xmlSecOpenSSLKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
- DSA* dsa;
- const BIGNUM *p;
+ DSA* dsa = NULL;
+ const BIGNUM *p = NULL;
+ int numBits;
+ xmlSecSize res = 0;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), 0);
dsa = xmlSecOpenSSLKeyDataDsaGetDsa(data);
if(dsa == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataDsaGetDsa", xmlSecKeyDataGetName(data));
return(0);
}
DSA_get0_pqg(dsa, &p, NULL, NULL);
if(p == NULL) {
+ xmlSecOpenSSLError("DSA_get0_pqg", xmlSecKeyDataGetName(data));
+ return(0);
+ }
+ numBits = BN_num_bits(p);
+ if(numBits < 0) {
+ xmlSecOpenSSLError("BN_num_bits", xmlSecKeyDataGetName(data));
return(0);
}
- return(BN_num_bits(p));
-}
-
-static void
-xmlSecOpenSSLKeyDataDsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId));
- xmlSecAssert(output != NULL);
- fprintf(output, "=== dsa key: size = %d\n",
- xmlSecOpenSSLKeyDataDsaGetSize(data));
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(numBits, res, return(0), xmlSecKeyDataGetName(data));
+ return(res);
}
-static void
-xmlSecOpenSSLKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId));
- xmlSecAssert(output != NULL);
+#else /* XMLSEC_OPENSSL_API_300 */
- fprintf(output, "<DSAKeyValue size=\"%d\" />\n",
- xmlSecOpenSSLKeyDataDsaGetSize(data));
-}
+static int
+xmlSecOpenSSLKeyDataDsaGetValue(xmlSecKeyDataPtr data, xmlSecOpenSSLKeyValueDsaPtr dsaKeyValue) {
+ const EVP_PKEY* pKey = NULL;
+ int ret;
-#endif /* XMLSEC_NO_DSA */
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
+ xmlSecAssert2(dsaKeyValue != NULL, -1);
-#ifndef XMLSEC_NO_ECDSA
-/**************************************************************************
- *
- * ECDSA XML key representation processing.
- *
- * http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7802
- *
- * RFC 4050 [RFC4050] describes a possible <dsig:KeyValue> representation
- * for an ECDSA key. The representation and processing instructions
- * described in [RFC4050] are not completely compatible with [XMLDSIG-11];
- * therefore, ECDSA keys SHOULD NOT be provided through a <dsig:KeyValue>
- * element.
- *
- *************************************************************************/
-static int xmlSecOpenSSLKeyDataEcdsaInitialize(xmlSecKeyDataPtr data);
-static int xmlSecOpenSSLKeyDataEcdsaDuplicate(xmlSecKeyDataPtr dst,
- xmlSecKeyDataPtr src);
-static void xmlSecOpenSSLKeyDataEcdsaFinalize(xmlSecKeyDataPtr data);
+ pKey = xmlSecOpenSSLKeyDataDsaGetEvp(data);
+ xmlSecAssert2(pKey != NULL, -1);
-static xmlSecKeyDataType xmlSecOpenSSLKeyDataEcdsaGetType(xmlSecKeyDataPtr data);
-static xmlSecSize xmlSecOpenSSLKeyDataEcdsaGetSize(xmlSecKeyDataPtr data);
-static void xmlSecOpenSSLKeyDataEcdsaDebugDump(xmlSecKeyDataPtr data,
- FILE* output);
-static void xmlSecOpenSSLKeyDataEcdsaDebugXmlDump(xmlSecKeyDataPtr data,
- FILE* output);
+ ret = EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_FFC_P, &(dsaKeyValue->p));
+ if((ret != 1) || (dsaKeyValue->p == NULL)) {
+ xmlSecOpenSSLError("EVP_PKEY_get_bn_param(p)", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ ret = EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_FFC_Q, &(dsaKeyValue->q));
+ if((ret != 1) || (dsaKeyValue->q == NULL)) {
+ xmlSecOpenSSLError("EVP_PKEY_get_bn_param(q)", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ ret = EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_FFC_G, &(dsaKeyValue->g));
+ if((ret != 1) || (dsaKeyValue->g == NULL)) {
+ xmlSecOpenSSLError("EVP_PKEY_get_bn_param(g)", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ ret = EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_PUB_KEY, &(dsaKeyValue->pub_key));
+ if((ret != 1) || (dsaKeyValue->pub_key == NULL)) {
+ xmlSecOpenSSLError("EVP_PKEY_get_bn_param(pub_key)", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ ret = EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_PRIV_KEY, &(dsaKeyValue->priv_key));
+ if((ret != 1) || (dsaKeyValue->priv_key == NULL)) {
+ /* ignore the error -- public key doesn't have private component */
+ }
-static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataEcdsaKlass = {
- sizeof(xmlSecKeyDataKlass),
- xmlSecOpenSSLEvpKeyDataSize,
+ /* TODO: implement check for private key on a token (similar to keys on ENGINE) */
+ dsaKeyValue->externalPrivKey = 0;
- /* data */
- xmlSecNameECDSAKeyValue,
- xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
- /* xmlSecKeyDataUsage usage; */
- xmlSecHrefECDSAKeyValue, /* const xmlChar* href; */
- xmlSecNodeECDSAKeyValue, /* const xmlChar* dataNodeName; */
- xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
+ /* success */
+ return(0);
+}
+
+static int
+xmlSecOpenSSLKeyDataDsaSetValue(xmlSecKeyDataPtr data, xmlSecOpenSSLKeyValueDsaPtr dsaKeyValue) {
+ EVP_PKEY* pKey = NULL;
+ EVP_PKEY_CTX* ctx = NULL;
+ OSSL_PARAM_BLD* param_bld = NULL;
+ OSSL_PARAM* params = NULL;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
+ xmlSecAssert2(dsaKeyValue != NULL, -1);
+ xmlSecAssert2(dsaKeyValue->p != NULL, -1);
+ xmlSecAssert2(dsaKeyValue->q != NULL, -1);
+ xmlSecAssert2(dsaKeyValue->g != NULL, -1);
+ xmlSecAssert2(dsaKeyValue->pub_key != NULL, -1);
+
+ param_bld = OSSL_PARAM_BLD_new();
+ if(param_bld == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_new",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_P, dsaKeyValue->p);
+ if(ret != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_BN(p)",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_Q, dsaKeyValue->q);
+ if(ret != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_BN(q)",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_G, dsaKeyValue->g);
+ if(ret != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_BN(g)",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_PUB_KEY, dsaKeyValue->pub_key);
+ if(ret != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_BN(pub_key)",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_PRIV_KEY, dsaKeyValue->priv_key);
+ if(ret != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_BN(priv_key)",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ params = OSSL_PARAM_BLD_to_param(param_bld);
+ if(params == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_to_param",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ctx = EVP_PKEY_CTX_new_from_name(xmlSecOpenSSLGetLibCtx(), "DSA", NULL);
+ if(ctx == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_new_from_name",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ ret = EVP_PKEY_fromdata_init(ctx);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_fromdata_init",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = EVP_PKEY_fromdata(ctx, &pKey, EVP_PKEY_KEYPAIR, params);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_fromdata",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = xmlSecOpenSSLKeyDataDsaAdoptEvp(data, pKey);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataDsaAdoptEvp",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ pKey = NULL;
+
+ /* success */
+ res = 0;
+
+done:
+ if(pKey != NULL) {
+ EVP_PKEY_free(pKey);
+ }
+ if(ctx != NULL) {
+ EVP_PKEY_CTX_free(ctx);
+ }
+ if(params != NULL) {
+ OSSL_PARAM_free(params);
+ }
+ if(param_bld != NULL) {
+ OSSL_PARAM_BLD_free(param_bld);
+ }
+ return(res);
+}
+
+static int
+xmlSecOpenSSLKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+ EVP_PKEY_CTX* pctx = NULL;
+ OSSL_PARAM_BLD* param_bld = NULL;
+ OSSL_PARAM* params = NULL;
+ EVP_PKEY* pKey = NULL;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
+ xmlSecAssert2(sizeBits > 0, -1);
+ UNREFERENCED_PARAMETER(type);
+
+ pctx = EVP_PKEY_CTX_new_from_name(xmlSecOpenSSLGetLibCtx(), "DSA", NULL);
+ if(pctx == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_new_from_name", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = EVP_PKEY_paramgen_init(pctx);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_paramgen_init", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ param_bld = OSSL_PARAM_BLD_new();
+ if(param_bld == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_new", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ if(OSSL_PARAM_BLD_push_size_t(param_bld, OSSL_PKEY_PARAM_BITS, sizeBits) != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_size_t(bits)", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ params = OSSL_PARAM_BLD_to_param(param_bld);
+ if(params == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_to_param", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = EVP_PKEY_CTX_set_params(pctx, params);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_set_params", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = EVP_PKEY_generate(pctx, &pKey);
+ if(ret <= 0) {
+ xmlSecOpenSSLError2("EVP_PKEY_generate", xmlSecKeyDataGetName(data),
+ "sizeBits=" XMLSEC_SIZE_FMT, sizeBits);
+ goto done;
+ }
+ ret = xmlSecOpenSSLKeyDataDsaAdoptEvp(data, pKey);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataDsaAdoptEvp", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ pKey = NULL;
+
+ /* success */
+ res = 0;
+
+done:
+ if(pKey != NULL) {
+ EVP_PKEY_free(pKey);
+ }
+ if(params != NULL) {
+ OSSL_PARAM_free(params);
+ }
+ if(param_bld != NULL) {
+ OSSL_PARAM_BLD_free(param_bld);
+ }
+ if(pctx != NULL) {
+ EVP_PKEY_CTX_free(pctx);
+ }
+
+ return(res);
+}
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
+ const EVP_PKEY* pKey = NULL;
+ BIGNUM *p = NULL;
+ int numBits;
+ int ret;
+ xmlSecSize res = 0;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), 0);
+
+ pKey = xmlSecOpenSSLKeyDataDsaGetEvp(data);
+ xmlSecAssert2(pKey != NULL, 0);
+
+ ret = EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_FFC_P, &p);
+ if((ret != 1) || (p == NULL)) {
+ xmlSecOpenSSLError("EVP_PKEY_get_bn_param(p)", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ numBits = BN_num_bits(p);
+ if(numBits < 0) {
+ xmlSecOpenSSLError("BN_num_bits", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ /* success */
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(numBits, res, goto done, xmlSecKeyDataGetName(data));
+
+done:
+ /* cleanup */
+ if(p != NULL) {
+ BN_clear_free(p);
+ }
+ return(res);
+}
+
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+static xmlSecKeyDataType
+xmlSecOpenSSLKeyDataDsaGetType(xmlSecKeyDataPtr data) {
+ xmlSecOpenSSLKeyValueDsa dsaKeyValue;
+ xmlSecKeyDataType res = xmlSecKeyDataTypeUnknown;
+ int ret;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), xmlSecKeyDataTypeUnknown);
+
+ ret = xmlSecOpenSSLKeyValueDsaInitialize(&dsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyValueDsaInitialize",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ ret = xmlSecOpenSSLKeyDataDsaGetValue(data, &dsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataDsaGetValue",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ if((dsaKeyValue.priv_key != NULL) || (dsaKeyValue.externalPrivKey != 0)) {
+ res = xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic;
+ } else {
+ res = xmlSecKeyDataTypePublic;
+ }
+
+done:
+ xmlSecOpenSSLKeyValueDsaFinalize(&dsaKeyValue);
+ return(res);
+}
+
+static void
+xmlSecOpenSSLKeyDataDsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "=== dsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecOpenSSLKeyDataDsaGetSize(data));
+}
+
+static void
+xmlSecOpenSSLKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "<DSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecOpenSSLKeyDataDsaGetSize(data));
+}
+
+xmlSecKeyDataPtr
+xmlSecOpenSSLKeyDataDsaRead(xmlSecKeyDataId id, xmlSecKeyValueDsaPtr dsaValue) {
+ xmlSecKeyDataPtr data = NULL;
+ xmlSecKeyDataPtr res = NULL;
+ xmlSecOpenSSLKeyValueDsa dsaKeyValue;
+ int ret;
+
+ xmlSecAssert2(id == xmlSecOpenSSLKeyDataDsaId, NULL);
+ xmlSecAssert2(dsaValue != NULL, NULL);
+
+ ret = xmlSecOpenSSLKeyValueDsaInitialize(&dsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyValueDsaInitialize",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ /*** p ***/
+ ret = xmlSecOpenSSLGetBNValue(&(dsaValue->p), &(dsaKeyValue.p));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLGetBNValue(p)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ /*** q ***/
+ ret = xmlSecOpenSSLGetBNValue(&(dsaValue->q), &(dsaKeyValue.q));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLGetBNValue(q)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ /*** q ***/
+ ret = xmlSecOpenSSLGetBNValue(&(dsaValue->g), &(dsaKeyValue.g));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLGetBNValue(g)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ /*** y ***/
+ ret = xmlSecOpenSSLGetBNValue(&(dsaValue->y), &(dsaKeyValue.pub_key));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLGetBNValue(y)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ /*** x (only for private key) ***/
+ if(xmlSecBufferGetSize(&(dsaValue->x)) > 0) {
+ /*** p ***/
+ ret = xmlSecOpenSSLGetBNValue(&(dsaValue->x), &(dsaKeyValue.priv_key));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLGetBNValue(x)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ }
+
+ data = xmlSecKeyDataCreate(id);
+ if(data == NULL) {
+ xmlSecInternalError("xmlSecKeyDataCreate",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ ret = xmlSecOpenSSLKeyDataDsaSetValue(data, &dsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataDsaSetValue()",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /* success */
+ res = data;
+ data = NULL;
+
+done:
+ if(data != NULL) {
+ xmlSecKeyDataDestroy(data);
+ }
+ xmlSecOpenSSLKeyValueDsaFinalize(&dsaKeyValue);
+ return(res);
+}
+
+static int
+xmlSecOpenSSLKeyDataDsaWrite(xmlSecKeyDataId id, xmlSecKeyDataPtr data,
+ xmlSecKeyValueDsaPtr dsaValue, int writePrivateKey) {
+ xmlSecOpenSSLKeyValueDsa dsaKeyValue;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(id == xmlSecOpenSSLKeyDataDsaId, -1);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
+ xmlSecAssert2(dsaValue != NULL, -1);
+
+ /* first, get all values */
+ ret = xmlSecOpenSSLKeyValueDsaInitialize(&dsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyValueDsaInitialize",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ ret = xmlSecOpenSSLKeyDataDsaGetValue(data, &dsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataDsaGetValue",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ /*** p ***/
+ xmlSecAssert2(dsaKeyValue.p != NULL, -1);
+ ret = xmlSecOpenSSLSetBNValue(dsaKeyValue.p, &(dsaValue->p));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLSetBNValue(p)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /*** q ***/
+ xmlSecAssert2(dsaKeyValue.q != NULL, -1);
+ ret = xmlSecOpenSSLSetBNValue(dsaKeyValue.q, &(dsaValue->q));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLSetBNValue(q)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /*** g ***/
+ xmlSecAssert2(dsaKeyValue.g != NULL, -1);
+ ret = xmlSecOpenSSLSetBNValue(dsaKeyValue.g, &(dsaValue->g));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLSetBNValue(g)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /*** y ***/
+ xmlSecAssert2(dsaKeyValue.pub_key != NULL, -1);
+ ret = xmlSecOpenSSLSetBNValue(dsaKeyValue.pub_key, &(dsaValue->y));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLSetBNValue(y)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /*** x (only if availabel and requested) ***/
+ if((writePrivateKey != 0) && (dsaKeyValue.priv_key != NULL)) {
+ ret = xmlSecOpenSSLSetBNValue(dsaKeyValue.priv_key, &(dsaValue->x));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLSetBNValue(x)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ xmlSecOpenSSLKeyValueDsaFinalize(&dsaKeyValue);
+ return(res);
+}
+
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_ECDSA
+/**************************************************************************
+ *
+ * ECDSA XML key representation processing.
+ *
+ * http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7802
+ *
+ * RFC 4050 [RFC4050] describes a possible <dsig:KeyValue> representation
+ * for an ECDSA key. The representation and processing instructions
+ * described in [RFC4050] are not completely compatible with [XMLDSIG-11];
+ * therefore, ECDSA keys SHOULD NOT be provided through a <dsig:KeyValue>
+ * element.
+ *
+ *************************************************************************/
+static int xmlSecOpenSSLKeyDataEcdsaInitialize(xmlSecKeyDataPtr data);
+static int xmlSecOpenSSLKeyDataEcdsaDuplicate(xmlSecKeyDataPtr dst,
+ xmlSecKeyDataPtr src);
+static void xmlSecOpenSSLKeyDataEcdsaFinalize(xmlSecKeyDataPtr data);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataEcdsaGetType(xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecOpenSSLKeyDataEcdsaGetSize(xmlSecKeyDataPtr data);
+static void xmlSecOpenSSLKeyDataEcdsaDebugDump(xmlSecKeyDataPtr data,
+ FILE* output);
+static void xmlSecOpenSSLKeyDataEcdsaDebugXmlDump(xmlSecKeyDataPtr data,
+ FILE* output);
+
+static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataEcdsaKlass = {
+ sizeof(xmlSecKeyDataKlass),
+ xmlSecOpenSSLEvpKeyDataSize,
+
+ /* data */
+ xmlSecNameECDSAKeyValue,
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+ /* xmlSecKeyDataUsage usage; */
+ xmlSecHrefECDSAKeyValue, /* const xmlChar* href; */
+ xmlSecNodeECDSAKeyValue, /* const xmlChar* dataNodeName; */
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
/* constructors/destructor */
xmlSecOpenSSLKeyDataEcdsaInitialize, /* xmlSecKeyDataInitializeMethod initialize; */
* @data: the pointer to ECDSA key data.
* @ecdsa: the pointer to OpenSSL ECDSA key.
*
- * Sets the value of ECDSA key data.
+ * DEPRECATED. Sets the value of ECDSA key data.
*
* Returns: 0 on success or a negative value otherwise.
*/
int
xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa(xmlSecKeyDataPtr data, EC_KEY* ecdsa) {
+#ifndef XMLSEC_OPENSSL_API_300
EVP_PKEY* pKey = NULL;
int ret;
return(-1);
}
return(0);
+#else /* XMLSEC_OPENSSL_API_300 */
+ UNREFERENCED_PARAMETER(data);
+ UNREFERENCED_PARAMETER(ecdsa);
+ xmlSecNotImplementedError("OpenSSL 3.0 does not support direct access to ECDSA key");
+ return(-1);
+#endif /* XMLSEC_OPENSSL_API_300 */
}
/**
* xmlSecOpenSSLKeyDataEcdsaGetEcdsa:
* @data: the pointer to ECDSA key data.
*
- * Gets the OpenSSL ECDSA key from ECDSA key data.
+ * DEPRECATED. Gets the OpenSSL ECDSA key from ECDSA key data.
*
* Returns: pointer to OpenSSL ECDSA key or NULL if an error occurs.
*/
EC_KEY*
xmlSecOpenSSLKeyDataEcdsaGetEcdsa(xmlSecKeyDataPtr data) {
+#ifndef XMLSEC_OPENSSL_API_300
EVP_PKEY* pKey;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId), NULL);
xmlSecAssert2((pKey == NULL) || (EVP_PKEY_base_id(pKey) == EVP_PKEY_EC), NULL);
return((pKey != NULL) ? EVP_PKEY_get0_EC_KEY(pKey) : NULL);
+#else /* XMLSEC_OPENSSL_API_300 */
+ UNREFERENCED_PARAMETER(data);
+ xmlSecNotImplementedError("OpenSSL 3.0 does not support direct access to ECDSA key");
+ return(NULL);
+#endif /* XMLSEC_OPENSSL_API_300 */
}
/**
return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
}
+#ifndef XMLSEC_OPENSSL_API_300
+
static xmlSecSize
xmlSecOpenSSLKeyDataEcdsaGetSize(xmlSecKeyDataPtr data) {
const EC_GROUP *group;
const EC_KEY *ecdsa;
- BIGNUM * order;
- xmlSecSize res;
+ BIGNUM * order = NULL;
+ int numBits;
int ret;
+ xmlSecSize res = 0;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId), 0);
ecdsa = xmlSecOpenSSLKeyDataEcdsaGetEcdsa(data);
if(ecdsa == NULL) {
- return(0);
+ goto done;
}
group = EC_KEY_get0_group(ecdsa);
if(group == NULL) {
- xmlSecOpenSSLError("EC_KEY_get0_group", NULL);
- return(0);
+ xmlSecOpenSSLError("EC_KEY_get0_group", xmlSecKeyDataGetName(data));
+ goto done;
}
order = BN_new();
if(order == NULL) {
- xmlSecOpenSSLError("BN_new", NULL);
- return(0);
+ xmlSecOpenSSLError("BN_new", xmlSecKeyDataGetName(data));
+ goto done;
}
ret = EC_GROUP_get_order(group, order, NULL);
if(ret != 1) {
- xmlSecOpenSSLError("EC_GROUP_get_order", NULL);
- BN_free(order);
- return(0);
+ xmlSecOpenSSLError("EC_GROUP_get_order", xmlSecKeyDataGetName(data));
+ goto done;
}
- res = BN_num_bytes(order);
- BN_free(order);
+ numBits = BN_num_bytes(order);
+ if(numBits < 0) {
+ xmlSecOpenSSLError("BN_num_bits", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ /* success */
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(numBits, res, goto done, xmlSecKeyDataGetName(data));
+done:
+ if(order != NULL) {
+ BN_clear_free(order);
+ }
return(res);
}
+#else /* XMLSEC_OPENSSL_API_300 */
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataEcdsaGetSize(xmlSecKeyDataPtr data) {
+ const EVP_PKEY* pKey;
+ BIGNUM * order = NULL;
+ int numBits;
+ int ret;
+ xmlSecSize res = 0;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId), 0);
+
+ pKey = xmlSecOpenSSLKeyDataEcdsaGetEvp(data);
+ xmlSecAssert2(pKey != NULL, 0);
+
+ ret = EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_EC_ORDER, &order);
+ if((ret != 1) || (order == NULL)) {
+ xmlSecOpenSSLError("EVP_PKEY_get_bn_param(ec_order)",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ numBits = BN_num_bytes(order);
+ if(numBits < 0) {
+ xmlSecOpenSSLError("BN_num_bits",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ /* success */
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(numBits, res, goto done, xmlSecKeyDataGetName(data));
+
+ done:
+ if(order != NULL) {
+ BN_clear_free(order);
+ }
+ return(res);
+}
+
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+
static void
xmlSecOpenSSLKeyDataEcdsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "=== ecdsa key: size = %d\n",
- xmlSecOpenSSLKeyDataEcdsaGetSize(data));
+ fprintf(output, "=== ecdsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecOpenSSLKeyDataEcdsaGetSize(data));
}
static void
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "<ECDSAKeyValue size=\"%d\" />\n",
- xmlSecOpenSSLKeyDataEcdsaGetSize(data));
+ fprintf(output, "<ECDSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecOpenSSLKeyDataEcdsaGetSize(data));
}
#endif /* XMLSEC_NO_ECDSA */
#ifndef XMLSEC_NO_RSA
+
+/**
+ * @xmlSecOpenSSLKeyValueRsa: holds the parts of OpenSSL RSA key
+ */
+typedef struct _xmlSecOpenSSLKeyValueRsa {
+ BIGNUM* n;
+ BIGNUM* e;
+ BIGNUM* d;
+ int externalPrivKey;
+ int notOwner;
+} xmlSecOpenSSLKeyValueRsa, *xmlSecOpenSSLKeyValueRsaPtr;
+
+static int
+xmlSecOpenSSLKeyValueRsaInitialize(xmlSecOpenSSLKeyValueRsaPtr rsaKeyValue) {
+ xmlSecAssert2(rsaKeyValue != NULL, -1);
+ memset(rsaKeyValue, 0, sizeof(*rsaKeyValue));
+ return(0);
+}
+
+static void
+xmlSecOpenSSLKeyValueRsaFinalize(xmlSecOpenSSLKeyValueRsaPtr rsaKeyValue) {
+ xmlSecAssert(rsaKeyValue != NULL);
+
+ if((rsaKeyValue->notOwner == 0) && (rsaKeyValue->n != NULL)) {
+ BN_clear_free(rsaKeyValue->n);
+ }
+ if((rsaKeyValue->notOwner == 0) && (rsaKeyValue->e != NULL)) {
+ BN_clear_free(rsaKeyValue->e);
+ }
+ if((rsaKeyValue->notOwner == 0) && (rsaKeyValue->d != NULL)) {
+ BN_clear_free(rsaKeyValue->d);
+ }
+ memset(rsaKeyValue, 0, sizeof(*rsaKeyValue));
+}
+
/**************************************************************************
*
* <dsig:RSAKeyValue> processing
FILE* output);
static void xmlSecOpenSSLKeyDataRsaDebugXmlDump (xmlSecKeyDataPtr data,
FILE* output);
+
+static xmlSecKeyDataPtr xmlSecOpenSSLKeyDataRsaRead (xmlSecKeyDataId id,
+ xmlSecKeyValueRsaPtr rsaValue);
+static int xmlSecOpenSSLKeyDataRsaWrite (xmlSecKeyDataId id,
+ xmlSecKeyDataPtr data,
+ xmlSecKeyValueRsaPtr rsaValue,
+ int writePrivateKey);
+
static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataRsaKlass = {
sizeof(xmlSecKeyDataKlass),
xmlSecOpenSSLEvpKeyDataSize,
* @data: the pointer to RSA key data.
* @rsa: the pointer to OpenSSL RSA key.
*
- * Sets the value of RSA key data.
+ * DEPRECATED. Sets the value of RSA key data.
*
* Returns: 0 on success or a negative value otherwise.
*/
int
xmlSecOpenSSLKeyDataRsaAdoptRsa(xmlSecKeyDataPtr data, RSA* rsa) {
+#ifndef XMLSEC_OPENSSL_API_300
EVP_PKEY* pKey = NULL;
int ret;
return(-1);
}
return(0);
+#else /* XMLSEC_OPENSSL_API_300 */
+ UNREFERENCED_PARAMETER(data);
+ UNREFERENCED_PARAMETER(rsa);
+ xmlSecNotImplementedError("OpenSSL 3.0 does not support direct access to RSA key");
+ return(-1);
+#endif /* XMLSEC_OPENSSL_API_300 */
}
/**
* xmlSecOpenSSLKeyDataRsaGetRsa:
* @data: the pointer to RSA key data.
*
- * Gets the OpenSSL RSA key from RSA key data.
+ * DEPRECATED. Gets the OpenSSL RSA key from RSA key data.
*
* Returns: pointer to OpenSSL RSA key or NULL if an error occurs.
*/
RSA*
xmlSecOpenSSLKeyDataRsaGetRsa(xmlSecKeyDataPtr data) {
+#ifndef XMLSEC_OPENSSL_API_300
EVP_PKEY* pKey;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), NULL);
xmlSecAssert2((pKey == NULL) || (EVP_PKEY_base_id(pKey) == EVP_PKEY_RSA), NULL);
return((pKey != NULL) ? EVP_PKEY_get0_RSA(pKey) : NULL);
+#else /* XMLSEC_OPENSSL_API_300 */
+ UNREFERENCED_PARAMETER(data);
+ xmlSecNotImplementedError("OpenSSL 3.0 does not support direct access to RSA key");
+ return(NULL);
+#endif /* XMLSEC_OPENSSL_API_300 */
}
/**
}
static int
-xmlSecOpenSSLKeyDataRsaInitialize(xmlSecKeyDataPtr data) {
+xmlSecOpenSSLKeyDataRsaInitialize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
+
+ return(xmlSecOpenSSLEvpKeyDataInitialize(data));
+}
+
+static int
+xmlSecOpenSSLKeyDataRsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataRsaId), -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataRsaId), -1);
+
+ return(xmlSecOpenSSLEvpKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecOpenSSLKeyDataRsaFinalize(xmlSecKeyDataPtr data) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId));
+
+ xmlSecOpenSSLEvpKeyDataFinalize(data);
+}
+
+static int
+xmlSecOpenSSLKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecOpenSSLKeyDataRsaId, -1);
+ return(xmlSecKeyDataRsaXmlRead(id, key, node, keyInfoCtx,
+ xmlSecOpenSSLKeyDataRsaRead));
+
+}
+
+static int
+xmlSecOpenSSLKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecAssert2(id == xmlSecOpenSSLKeyDataRsaId, -1);
+ return(xmlSecKeyDataRsaXmlWrite(id, key, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecOpenSSLKeyDataRsaWrite));
+}
+
+#ifndef XMLSEC_OPENSSL_API_300
+
+static int
+xmlSecOpenSSLKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+ RSA* rsa = NULL;
+ int lenBits;
+ BIGNUM* publicExponent = NULL;
+ int res = -1;
+ int ret;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
+ xmlSecAssert2(sizeBits > 0, -1);
+ UNREFERENCED_PARAMETER(type);
+
+ /* create publicExponent */
+ publicExponent = BN_new();
+ if(publicExponent == NULL) {
+ xmlSecOpenSSLError("BN_new", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ ret = BN_set_word(publicExponent, RSA_F4);
+ if(ret != 1){
+ xmlSecOpenSSLError("BN_set_word", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ rsa = RSA_new();
+ if(rsa == NULL) {
+ xmlSecOpenSSLError("RSA_new", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(sizeBits, lenBits, goto done, NULL);
+ ret = RSA_generate_key_ex(rsa, lenBits, publicExponent, NULL);
+ if(ret != 1) {
+ xmlSecOpenSSLError2("RSA_generate_key_ex", xmlSecKeyDataGetName(data),
+ "sizeBits=" XMLSEC_SIZE_FMT, sizeBits);
+ goto done;
+ }
+
+ ret = xmlSecOpenSSLKeyDataRsaAdoptRsa(data, rsa);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataRsaAdoptRsa", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ rsa = NULL;
+
+
+ /* success */
+ res = 0;
+
+done:
+ if(rsa != NULL) {
+ RSA_free(rsa);
+ }
+ if(publicExponent != NULL) {
+ BN_clear_free(publicExponent);
+ }
+ return(res);
+}
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
+ RSA* rsa = NULL;
+ const BIGNUM* n = NULL;
+ int numBits;
+ xmlSecSize res;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), 0);
+
+ rsa = xmlSecOpenSSLKeyDataRsaGetRsa(data);
+ if(rsa == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataRsaGetRsa", xmlSecKeyDataGetName(data));
+ return(0);
+ }
+
+ RSA_get0_key(rsa, &n, NULL, NULL);
+ if(n == NULL) {
+ xmlSecOpenSSLError("RSA_get0_key", xmlSecKeyDataGetName(data));
+ return(0);
+ }
+
+ numBits = BN_num_bits(n);
+ if(numBits < 0) {
+ xmlSecOpenSSLError("BN_num_bits", xmlSecKeyDataGetName(data));
+ return(0);
+ }
+
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(numBits, res, return(0), xmlSecKeyDataGetName(data));
+ return(res);
+}
+
+
+static int
+xmlSecOpenSSLKeyDataRsaGetValue(xmlSecKeyDataPtr data, xmlSecOpenSSLKeyValueRsaPtr rsaKeyValue) {
+ RSA* rsa = NULL;
+
+ xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
+ xmlSecAssert2(rsaKeyValue != NULL, -1);
- return(xmlSecOpenSSLEvpKeyDataInitialize(data));
-}
+ /* ensure the values are not getting free'd */
+ rsaKeyValue->notOwner = 1;
-static int
-xmlSecOpenSSLKeyDataRsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
- xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataRsaId), -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataRsaId), -1);
+ rsa = xmlSecOpenSSLKeyDataRsaGetRsa(data);
+ if(rsa == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataRsaGetRsa", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
- return(xmlSecOpenSSLEvpKeyDataDuplicate(dst, src));
-}
+ RSA_get0_key(rsa,
+ (const BIGNUM**)(&rsaKeyValue->n),
+ (const BIGNUM**)(&rsaKeyValue->e),
+ (const BIGNUM**)(&rsaKeyValue->d));
+ if((rsaKeyValue->n == NULL) || (rsaKeyValue->e == NULL)) {
+ xmlSecOpenSSLError("RSA_get0_key", xmlSecKeyDataGetName(data));
+ return(-1);
+ }
-static void
-xmlSecOpenSSLKeyDataRsaFinalize(xmlSecKeyDataPtr data) {
- xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId));
+ if(rsaKeyValue->d == NULL) {
+ /*
+ * !!! HACK !!! Also see DSA key
+ * We assume here that engine *always* has private key.
+ * This might be incorrect but it seems that there is no
+ * way to ask engine if given key is private or not.
+ */
+ if(RSA_test_flags(rsa, (RSA_FLAG_EXT_PKEY)) != 0) {
+ rsaKeyValue->externalPrivKey = 1;
+ } else {
+ rsaKeyValue->externalPrivKey = 0;
+ }
+ }
- xmlSecOpenSSLEvpKeyDataFinalize(data);
+ /* success */
+ return(0);
}
static int
-xmlSecOpenSSLKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataPtr data = NULL;
- xmlNodePtr cur;
- RSA *rsa = NULL;
- BIGNUM *n = NULL, *e = NULL, *d = NULL;
+xmlSecOpenSSLKeyDataRsaSetValue(xmlSecKeyDataPtr data, xmlSecOpenSSLKeyValueRsaPtr rsaKeyValue) {
+ RSA* rsa = NULL;
int ret;
+ int res = -1;
- xmlSecAssert2(id == xmlSecOpenSSLKeyDataRsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- if(xmlSecKeyGetValue(key) != NULL) {
- xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_KEY_DATA,
- xmlSecKeyDataKlassGetName(id),
- "Key data value is already set");
- return(-1);
- }
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
+ xmlSecAssert2(rsaKeyValue != NULL, -1);
rsa = RSA_new();
if(rsa == NULL) {
- xmlSecOpenSSLError("RSA_new",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(node->children);
-
- /* first is Modulus node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAModulus, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeRSAModulus, xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
+ xmlSecOpenSSLError("RSA_new", xmlSecKeyDataGetName(data));
+ goto done;
}
- if(xmlSecOpenSSLNodeGetBNValue(cur, &n) == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLNodeGetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
- goto err_cleanup;
+ ret = RSA_set0_key(rsa, rsaKeyValue->n, rsaKeyValue->e, rsaKeyValue->d);
+ if(ret == 0) {
+ xmlSecOpenSSLError("RSA_set0_key",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
- cur = xmlSecGetNextElementNode(cur->next);
+ /* owned by rsa now */
+ rsaKeyValue->n = NULL;
+ rsaKeyValue->e = NULL;
+ rsaKeyValue->d = NULL;
- /* next is Exponent node. It is REQUIRED because we do not support Seed and PgenCounter*/
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAExponent, xmlSecDSigNs))) {
- xmlSecInvalidNodeError(cur, xmlSecNodeRSAExponent, xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
- }
- if(xmlSecOpenSSLNodeGetBNValue(cur, &e) == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLNodeGetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
- goto err_cleanup;
+ ret = xmlSecOpenSSLKeyDataRsaAdoptRsa(data, rsa);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataRsaAdoptRsa",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
- cur = xmlSecGetNextElementNode(cur->next);
+ rsa = NULL;
- if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeRSAPrivateExponent, xmlSecNs))) {
- /* next is X node. It is REQUIRED for private key but
- * we are not sure exactly what do we read */
- if(xmlSecOpenSSLNodeGetBNValue(cur, &d) == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLNodeGetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
- goto err_cleanup;
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
+ /* success */
+ res = 0;
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
+done:
+ if(rsa != NULL) {
+ RSA_free(rsa);
}
+ return(res);
+}
- ret = RSA_set0_key(rsa, n, e, d);
- if(ret == 0) {
- xmlSecOpenSSLError("RSA_set0_key",
- xmlSecKeyDataGetName(data));
- goto err_cleanup;
- }
- n = NULL;
- e = NULL;
- d = NULL;
+#else /* XMLSEC_OPENSSL_API_300 */
- data = xmlSecKeyDataCreate(id);
- if(data == NULL ) {
- xmlSecInternalError("xmlSecKeyDataCreate",
- xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
+static int
+xmlSecOpenSSLKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+ EVP_PKEY_CTX* pctx = NULL;
+ OSSL_PARAM_BLD* param_bld = NULL;
+ OSSL_PARAM* params = NULL;
+ EVP_PKEY* pKey = NULL;
+ BIGNUM* publicExponent = NULL;
+ int res = -1;
+ int ret;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
+ xmlSecAssert2(sizeBits > 0, -1);
+ UNREFERENCED_PARAMETER(type);
+
+ /* create publicExponent */
+ publicExponent = BN_new();
+ if(publicExponent == NULL) {
+ xmlSecOpenSSLError("BN_new",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
- ret = xmlSecOpenSSLKeyDataRsaAdoptRsa(data, rsa);
- if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLKeyDataRsaAdoptRsa",
- xmlSecKeyDataKlassGetName(id));
- goto err_cleanup;
+ ret = BN_set_word(publicExponent, RSA_F4);
+ if(ret != 1){
+ xmlSecOpenSSLError("BN_set_word",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
- ret = xmlSecKeySetValue(key, data);
+ pctx = EVP_PKEY_CTX_new_from_name(xmlSecOpenSSLGetLibCtx(), "RSA", NULL);
+ if(pctx == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_new_from_name",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = EVP_PKEY_keygen_init(pctx);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_paramgen_init",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ param_bld = OSSL_PARAM_BLD_new();
+ if(param_bld == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_new",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ if(OSSL_PARAM_BLD_push_size_t(param_bld, OSSL_PKEY_PARAM_BITS, sizeBits) != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_size_t(bits)",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ if(OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_E, publicExponent) != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_BN(publicExponent)",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ params = OSSL_PARAM_BLD_to_param(param_bld);
+ if(params == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_to_param",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = EVP_PKEY_CTX_set_params(pctx, params);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_set_param",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = EVP_PKEY_generate(pctx, &pKey);
+ if(ret <= 0) {
+ xmlSecOpenSSLError2("EVP_PKEY_generate",
+ xmlSecKeyDataGetName(data),
+ "sizeBits=" XMLSEC_SIZE_FMT, sizeBits);
+ goto done;
+ }
+ ret = xmlSecOpenSSLKeyDataRsaAdoptEvp(data, pKey);
if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataKlassGetName(id));
- data = NULL;
- goto err_cleanup;
+ xmlSecInternalError("xmlSecOpenSSLKeyDataDsaAdoptEvp",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
+ pKey = NULL;
- return(0);
+ /* success */
+ res = 0;
-err_cleanup:
- RSA_free(rsa);
- BN_free(n);
- BN_free(e);
- BN_free(d);
- if(data != NULL) {
- xmlSecKeyDataDestroy(data);
+done:
+ if(pKey != NULL) {
+ EVP_PKEY_free(pKey);
}
- return(-1);
+ if(params != NULL) {
+ OSSL_PARAM_free(params);
+ }
+ if(param_bld != NULL) {
+ OSSL_PARAM_BLD_free(param_bld);
+ }
+ if(pctx != NULL) {
+ EVP_PKEY_CTX_free(pctx);
+ }
+ if(publicExponent != NULL) {
+ BN_clear_free(publicExponent);
+ }
+ return(res);
}
-static int
-xmlSecOpenSSLKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
- xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlNodePtr cur;
- RSA* rsa;
- const BIGNUM *n = NULL, *e = NULL, *d = NULL;
- int ret;
+static xmlSecSize
+xmlSecOpenSSLKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
+ EVP_PKEY* pKey = NULL;
+ BIGNUM* n = NULL;
+ int numBits;
+ xmlSecSize res = 0;
- xmlSecAssert2(id == xmlSecOpenSSLKeyDataRsaId, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecOpenSSLKeyDataRsaId), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), 0);
- rsa = xmlSecOpenSSLKeyDataRsaGetRsa(xmlSecKeyGetValue(key));
- xmlSecAssert2(rsa != NULL, -1);
+ pKey = xmlSecOpenSSLKeyDataRsaGetEvp(data);
+ xmlSecAssert2(pKey != NULL, 0);
- if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
- /* we can have only private key or public key */
- return(0);
+ if(EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_RSA_N, &n) != 1) {
+ xmlSecOpenSSLError("EVP_PKEY_get_bn_param(n)", xmlSecKeyDataGetName(data));
+ goto done;
}
- RSA_get0_key(rsa, &n, &e, &d);
- /* first is Modulus node */
- cur = xmlSecAddChild(node, xmlSecNodeRSAModulus, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError2("xmlSecAddChild",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
- return(-1);
+ numBits = BN_num_bits(n);
+ if(numBits < 0) {
+ xmlSecOpenSSLError("BN_num_bits", xmlSecKeyDataGetName(data));
+ goto done;
}
- ret = xmlSecOpenSSLNodeSetBNValue(cur, n, 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLNodeSetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
- return(-1);
+ /* success */
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(numBits, res, goto done, xmlSecKeyDataGetName(data));
+
+done:
+ if(n != NULL) {
+ BN_clear_free(n);
}
+ return(res);
+}
- /* next is Exponent node. */
- cur = xmlSecAddChild(node, xmlSecNodeRSAExponent, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError2("xmlSecAddChild",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
- return(-1);
+static int
+xmlSecOpenSSLKeyDataRsaGetValue(xmlSecKeyDataPtr data, xmlSecOpenSSLKeyValueRsaPtr rsaKeyValue) {
+ EVP_PKEY* pKey = NULL;
+ int ret;
+
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
+ xmlSecAssert2(rsaKeyValue != NULL, -1);
+
+ pKey = xmlSecOpenSSLKeyDataRsaGetEvp(data);
+ xmlSecAssert2(pKey != NULL, xmlSecKeyDataTypeUnknown);
+
+ ret = EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_RSA_N, &(rsaKeyValue->n));
+ if((ret != 1) || (rsaKeyValue->n == NULL)) {
+ xmlSecOpenSSLError("EVP_PKEY_get_bn_param(n)", xmlSecKeyDataGetName(data));
+ return(-1);
}
- ret = xmlSecOpenSSLNodeSetBNValue(cur, e, 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLNodeSetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
- return(-1);
+ ret = EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_RSA_E, &(rsaKeyValue->e));
+ if((ret != 1) || (rsaKeyValue->e == NULL)) {
+ xmlSecOpenSSLError("EVP_PKEY_get_bn_param(e)", xmlSecKeyDataGetName(data));
+ return(-1);
}
-
- /* next is PrivateExponent node: write it ONLY for private keys and ONLY if it is requested */
- if(((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) && (d != NULL)) {
- cur = xmlSecAddChild(node, xmlSecNodeRSAPrivateExponent, xmlSecNs);
- if(cur == NULL) {
- xmlSecInternalError2("xmlSecAddChild",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
- return(-1);
- }
- ret = xmlSecOpenSSLNodeSetBNValue(cur, d, 1);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLNodeSetBNValue",
- xmlSecKeyDataKlassGetName(id),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
- return(-1);
- }
+ ret = EVP_PKEY_get_bn_param(pKey, OSSL_PKEY_PARAM_RSA_D, &(rsaKeyValue->d));
+ if((ret != 1) || (rsaKeyValue->d == NULL)) {
+ /* ignore the error since public keys don't have private component */
}
+ /* TODO: implement check for private key on a token (similar to keys on ENGINE) */
+ rsaKeyValue->externalPrivKey = 0;
+
+ /* success */
return(0);
}
static int
-xmlSecOpenSSLKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
- BIGNUM* e;
- RSA* rsa;
+xmlSecOpenSSLKeyDataRsaSetValue(xmlSecKeyDataPtr data, xmlSecOpenSSLKeyValueRsaPtr rsaKeyValue) {
+ EVP_PKEY* pKey = NULL;
+ EVP_PKEY_CTX* ctx = NULL;
+ OSSL_PARAM_BLD* param_bld = NULL;
+ OSSL_PARAM* params = NULL;
int ret;
+ int res = -1;
+ xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
- xmlSecAssert2(sizeBits > 0, -1);
- UNREFERENCED_PARAMETER(type);
+ xmlSecAssert2(rsaKeyValue != NULL, -1);
- /* create exponent */
- e = BN_new();
- if(e == NULL) {
- xmlSecOpenSSLError("BN_new",
- xmlSecKeyDataGetName(data));
- return(-1);
+ param_bld = OSSL_PARAM_BLD_new();
+ if(param_bld == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_new",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
-
- ret = BN_set_word(e, RSA_F4);
- if(ret != 1){
- xmlSecOpenSSLError("BN_set_word",
- xmlSecKeyDataGetName(data));
- BN_free(e);
- return(-1);
+ ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_N, rsaKeyValue->n);
+ if(ret != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_BN(n)",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
-
- rsa = RSA_new();
- if(rsa == NULL) {
- xmlSecOpenSSLError("RSA_new",
- xmlSecKeyDataGetName(data));
- BN_free(e);
- return(-1);
+ ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_E, rsaKeyValue->e);
+ if(ret != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_BN(e)",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
-
- ret = RSA_generate_key_ex(rsa, sizeBits, e, NULL);
+ ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_D, rsaKeyValue->d);
if(ret != 1) {
- xmlSecOpenSSLError2("RSA_generate_key_ex",
- xmlSecKeyDataGetName(data),
- "sizeBits=%lu", (unsigned long)sizeBits);
- RSA_free(rsa);
- BN_free(e);
- return(-1);
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_BN(d)",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
- ret = xmlSecOpenSSLKeyDataRsaAdoptRsa(data, rsa);
+ params = OSSL_PARAM_BLD_to_param(param_bld);
+ if(params == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_to_param",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ctx = EVP_PKEY_CTX_new_from_name(xmlSecOpenSSLGetLibCtx(), "RSA", NULL);
+ if(ctx == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_new_from_name",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ ret = EVP_PKEY_fromdata_init(ctx);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_fromdata_init",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = EVP_PKEY_fromdata(ctx, &pKey, EVP_PKEY_KEYPAIR, params);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_fromdata",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ ret = xmlSecOpenSSLKeyDataRsaAdoptEvp(data, pKey);
if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLKeyDataRsaAdoptRsa",
- xmlSecKeyDataGetName(data));
- RSA_free(rsa);
- BN_free(e);
- return(-1);
+ xmlSecInternalError("xmlSecOpenSSLKeyDataDsaAdoptEvp",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
+ pKey = NULL;
- /* cleanup (don't release rsa since xmlSecKeyDataPtr data owns it now */
- BN_free(e);
+ /* success */
+ res = 0;
- /* done */
- return(0);
+done:
+ if(pKey != NULL) {
+ EVP_PKEY_free(pKey);
+ }
+ if(ctx != NULL) {
+ EVP_PKEY_CTX_free(ctx);
+ }
+ if(params != NULL) {
+ OSSL_PARAM_free(params);
+ }
+ if(param_bld != NULL) {
+ OSSL_PARAM_BLD_free(param_bld);
+ }
+ return(res);
}
+#endif /* XMLSEC_OPENSSL_API_300 */
static xmlSecKeyDataType
xmlSecOpenSSLKeyDataRsaGetType(xmlSecKeyDataPtr data) {
- RSA* rsa;
- const BIGNUM *n = NULL, *e = NULL, *d = NULL;
+ xmlSecOpenSSLKeyValueRsa rsaKeyValue;
+ xmlSecKeyDataType res = xmlSecKeyDataTypeUnknown;
+ int ret;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), xmlSecKeyDataTypeUnknown);
- rsa = xmlSecOpenSSLKeyDataRsaGetRsa(data);
- if(rsa == NULL) {
- return(xmlSecKeyDataTypeUnknown);
- }
-
- RSA_get0_key(rsa, &n, &e, &d);
- if(n != NULL && e != NULL) {
- if(d != NULL) {
- return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
- } else if(RSA_test_flags(rsa, (RSA_FLAG_EXT_PKEY)) != 0) {
- /*
- * !!! HACK !!! Also see DSA key
- * We assume here that engine *always* has private key.
- * This might be incorrect but it seems that there is no
- * way to ask engine if given key is private or not.
- */
- return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
- } else {
- return(xmlSecKeyDataTypePublic);
- }
+ ret = xmlSecOpenSSLKeyValueRsaInitialize(&rsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyValueRsaInitialize",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
- return(xmlSecKeyDataTypeUnknown);
-}
-
-static xmlSecSize
-xmlSecOpenSSLKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
- RSA* rsa;
- const BIGNUM *n;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), 0);
-
- rsa = xmlSecOpenSSLKeyDataRsaGetRsa(data);
- if(rsa == NULL) {
- return(0);
+ ret = xmlSecOpenSSLKeyDataRsaGetValue(data, &rsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataRsaGetValue",
+ xmlSecKeyDataGetName(data));
+ goto done;
}
- RSA_get0_key(rsa, &n, NULL, NULL);
- if(n != NULL) {
- return(BN_num_bits(n));
+
+ if((rsaKeyValue.d != NULL) || (rsaKeyValue.externalPrivKey != 0)) {
+ res = xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic;
+ } else {
+ res = xmlSecKeyDataTypePublic;
}
- return(0);
+
+done:
+ xmlSecOpenSSLKeyValueRsaFinalize(&rsaKeyValue);
+ return(res);
}
+
static void
xmlSecOpenSSLKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "=== rsa key: size = %d\n",
- xmlSecOpenSSLKeyDataRsaGetSize(data));
+ fprintf(output, "=== rsa key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecOpenSSLKeyDataRsaGetSize(data));
}
static void
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId));
xmlSecAssert(output != NULL);
- fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
- xmlSecOpenSSLKeyDataRsaGetSize(data));
+ fprintf(output, "<RSAKeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecOpenSSLKeyDataRsaGetSize(data));
+}
+
+static xmlSecKeyDataPtr
+xmlSecOpenSSLKeyDataRsaRead(xmlSecKeyDataId id, xmlSecKeyValueRsaPtr rsaValue) {
+ xmlSecKeyDataPtr data = NULL;
+ xmlSecKeyDataPtr res = NULL;
+ xmlSecOpenSSLKeyValueRsa rsaKeyValue;
+ int ret;
+
+ xmlSecAssert2(id == xmlSecOpenSSLKeyDataRsaId, NULL);
+ xmlSecAssert2(rsaValue != NULL, NULL);
+
+ ret = xmlSecOpenSSLKeyValueRsaInitialize(&rsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyValueRsaInitialize",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /*** Modulus ***/
+ ret = xmlSecOpenSSLGetBNValue(&(rsaValue->modulus), &(rsaKeyValue.n));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLGetBNValue(Modulus)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /*** Exponent ***/
+ ret = xmlSecOpenSSLGetBNValue(&(rsaValue->publicExponent), &(rsaKeyValue.e));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLGetBNValue(Exponent)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ /*** PrivateExponent (only for private key) ***/
+ if(xmlSecBufferGetSize(&(rsaValue->privateExponent)) > 0) {
+ /*** p ***/
+ ret = xmlSecOpenSSLGetBNValue(&(rsaValue->privateExponent), &(rsaKeyValue.d));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLGetBNValue(x)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ }
+
+ data = xmlSecKeyDataCreate(id);
+ if(data == NULL ) {
+ xmlSecInternalError("xmlSecKeyDataCreate", xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ ret = xmlSecOpenSSLKeyDataRsaSetValue(data, &rsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataRsaSetValue()",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /* success */
+ res = data;
+ data = NULL;
+
+done:
+ if(data != NULL) {
+ xmlSecKeyDataDestroy(data);
+ }
+ xmlSecOpenSSLKeyValueRsaFinalize(&rsaKeyValue);
+ return(res);
+}
+
+static int
+xmlSecOpenSSLKeyDataRsaWrite(xmlSecKeyDataId id, xmlSecKeyDataPtr data,
+ xmlSecKeyValueRsaPtr rsaValue, int writePrivateKey) {
+
+ xmlSecOpenSSLKeyValueRsa rsaKeyValue;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(id == xmlSecOpenSSLKeyDataRsaId, -1);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
+ xmlSecAssert2(rsaValue != NULL, -1);
+
+ /* first, get all values */
+ ret = xmlSecOpenSSLKeyValueRsaInitialize(&rsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyValueRsaInitialize",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ ret = xmlSecOpenSSLKeyDataRsaGetValue(data, &rsaKeyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataRsaGetValue",
+ xmlSecKeyDataGetName(data));
+ goto done;
+ }
+
+ /*** Modulus ***/
+ xmlSecAssert2(rsaKeyValue.n != NULL, -1);
+ ret = xmlSecOpenSSLSetBNValue(rsaKeyValue.n, &(rsaValue->modulus));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLSetBNValue(Modulus)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /*** Exponent ***/
+ xmlSecAssert2(rsaKeyValue.e != NULL, -1);
+ ret = xmlSecOpenSSLSetBNValue(rsaKeyValue.e, &(rsaValue->publicExponent));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLSetBNValue(Exponent)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+
+ /*** PrivateExponent (only if availabel and requested) ***/
+ if((writePrivateKey != 0) && (rsaKeyValue.d != NULL)) {
+ ret = xmlSecOpenSSLSetBNValue(rsaKeyValue.d, &(rsaValue->privateExponent));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLSetBNValue(PrivateExponent)",
+ xmlSecKeyDataKlassGetName(id));
+ goto done;
+ }
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ xmlSecOpenSSLKeyValueRsaFinalize(&rsaKeyValue);
+ return(res);
}
#endif /* XMLSEC_NO_RSA */
}
static xmlSecKeyDataType
-xmlSecOpenSSLKeyDataGost2001GetType(xmlSecKeyDataPtr data) {
- /* Now I don't know how to find whether we have both private and public key
+xmlSecOpenSSLKeyDataGost2001GetType(xmlSecKeyDataPtr data ATTRIBUTE_UNUSED) {
+ UNREFERENCED_PARAMETER(data);
+
+ /* Now I don't know how to find whether we have both private and public key
or the public only*/
return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
}
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGost2001Id));
xmlSecAssert(output != NULL);
- fprintf(output, "=== gost key: size = %d\n",
- xmlSecOpenSSLKeyDataGost2001GetSize(data));
+ fprintf(output, "=== gost key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecOpenSSLKeyDataGost2001GetSize(data));
}
static void
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGost2001Id));
xmlSecAssert(output != NULL);
- fprintf(output, "<GOST2001KeyValue size=\"%d\" />\n",
- xmlSecOpenSSLKeyDataGost2001GetSize(data));
+ fprintf(output, "<GOST2001KeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecOpenSSLKeyDataGost2001GetSize(data));
}
#endif /* XMLSEC_NO_GOST */
}
static xmlSecKeyDataType
-xmlSecOpenSSLKeyDataGostR3410_2012_256GetType(xmlSecKeyDataPtr data) {
- /* Now I don't know how to find whether we have both private and public key
- or the public only*/
- return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+xmlSecOpenSSLKeyDataGostR3410_2012_256GetType(xmlSecKeyDataPtr data ATTRIBUTE_UNUSED) {
+ UNREFERENCED_PARAMETER(data);
+
+ /* I don't know how to find whether we have both private and public key
+ or the public only*/
+ return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
}
static xmlSecSize
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
xmlSecAssert(output != NULL);
- fprintf(output, "=== gost key: size = %d\n",
- xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(data));
+ fprintf(output, "=== gost key: size = " XMLSEC_SIZE_FMT "\n",
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(data));
}
static void
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
xmlSecAssert(output != NULL);
- fprintf(output, "<GOST2012_256KeyValue size=\"%d\" />\n",
- xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(data));
+ fprintf(output, "<GOST2012_256KeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(data));
}
}
static xmlSecKeyDataType
-xmlSecOpenSSLKeyDataGostR3410_2012_512GetType(xmlSecKeyDataPtr data) {
- /* Now I don't know how to find whether we have both private and public key
- or the public only*/
- return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+xmlSecOpenSSLKeyDataGostR3410_2012_512GetType(xmlSecKeyDataPtr data ATTRIBUTE_UNUSED) {
+ UNREFERENCED_PARAMETER(data);
+
+ /* I don't know how to find whether we have both private and public key
+ or the public only*/
+ return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
}
static xmlSecSize
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
xmlSecAssert(output != NULL);
- fprintf(output, "=== gost key: size = %d\n",
+ fprintf(output, "=== gost key: size = " XMLSEC_SIZE_FMT "\n",
xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(data));
}
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
xmlSecAssert(output != NULL);
- fprintf(output, "<GOST2012_512KeyValue size=\"%d\" />\n",
+ fprintf(output, "<GOST2012_512KeyValue size=\"" XMLSEC_SIZE_FMT "\" />\n",
xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(data));
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:evp_signatures
#include <xmlsec/openssl/evp.h>
#include "openssl_compat.h"
+
+#ifdef XMLSEC_OPENSSL_API_300
+#include <openssl/core_names.h>
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+#include "../cast_helpers.h"
+#include "openssl_compat.h"
+
/**************************************************************************
*
* Internal OpenSSL evp signatures ctx
typedef struct _xmlSecOpenSSLEvpSignatureCtx xmlSecOpenSSLEvpSignatureCtx,
*xmlSecOpenSSLEvpSignatureCtxPtr;
struct _xmlSecOpenSSLEvpSignatureCtx {
+#ifndef XMLSEC_OPENSSL_API_300
const EVP_MD* digest;
+#else /* XMLSEC_OPENSSL_API_300 */
+ const char* digestName;
+ EVP_MD* digest;
+ int legacyDigest;
+#endif /* XMLSEC_OPENSSL_API_300 */
EVP_MD_CTX* digestCtx;
xmlSecKeyDataId keyId;
EVP_PKEY* pKey;
*
* EVP Signature transforms
*
- * xmlSecOpenSSLEvpSignatureCtx is located after xmlSecTransform
- *
*****************************************************************************/
-#define xmlSecOpenSSLEvpSignatureSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLEvpSignatureCtx))
-#define xmlSecOpenSSLEvpSignatureGetCtx(transform) \
- ((xmlSecOpenSSLEvpSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(OpenSSLEvpSignature, xmlSecOpenSSLEvpSignatureCtx)
+#define xmlSecOpenSSLEvpSignatureSize XMLSEC_TRANSFORM_SIZE(OpenSSLEvpSignature)
static int xmlSecOpenSSLEvpSignatureCheckId (xmlSecTransformPtr transform);
static int xmlSecOpenSSLEvpSignatureInitialize (xmlSecTransformPtr transform);
}
}
+/* small helper macro to reduce clutter in the code */
+#ifndef XMLSEC_OPENSSL_API_300
+#define XMLSEC_OPENSSL_EVP_SIGNATURE_SET_DIGEST(ctx, digestVal, digestNameVal) \
+ (ctx)->digest = (digestVal)
+#else /* XMLSEC_OPENSSL_API_300 */
+#define XMLSEC_OPENSSL_EVP_SIGNATURE_SET_DIGEST(ctx, digestVal, digestNameVal) \
+ (ctx)->digestName = (digestNameVal)
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+#ifndef XMLSEC_NO_GOST2012
+
+/* Not all algorithms have been converted to the new providers design (e.g. GOST) */
+static int
+xmlSecOpenSSLEvpSignatureSetLegacyDigest(xmlSecOpenSSLEvpSignatureCtxPtr ctx,
+ const char * digestName) {
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->digest == NULL, -1);
+ xmlSecAssert2(digestName != NULL, -1);
+
+#ifndef XMLSEC_OPENSSL_API_300
+ ctx->digest = EVP_get_digestbyname(digestName);
+ if (ctx->digest == NULL) {
+ xmlSecOpenSSLError2("EVP_get_digestbyname()", NULL,
+ "digestName=%s", xmlSecErrorsSafeString(digestName));
+ return(-1);
+ }
+#else /* XMLSEC_OPENSSL_API_300 */
+ ctx->digestName = digestName;
+ ctx->legacyDigest = 1;
+ ctx->digest = (EVP_MD*)EVP_get_digestbyname(digestName);
+ if (ctx->digest == NULL) {
+ xmlSecOpenSSLError2("EVP_get_digestbyname", NULL,
+ "digestName=%s", xmlSecErrorsSafeString(digestName));
+ return(-1);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+ return(0);
+}
+
+#endif /* XMLSEC_NO_GOST2012 */
+
static int
xmlSecOpenSSLEvpSignatureInitialize(xmlSecTransformPtr transform) {
xmlSecOpenSSLEvpSignatureCtxPtr ctx;
#ifndef XMLSEC_NO_MD5
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaMd5Id)) {
- ctx->digest = EVP_md5();
+ XMLSEC_OPENSSL_EVP_SIGNATURE_SET_DIGEST(ctx, EVP_md5(), OSSL_DIGEST_NAME_MD5);
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_MD5 */
#ifndef XMLSEC_NO_RIPEMD160
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaRipemd160Id)) {
- ctx->digest = EVP_ripemd160();
+ XMLSEC_OPENSSL_EVP_SIGNATURE_SET_DIGEST(ctx, EVP_ripemd160(), OSSL_DIGEST_NAME_RIPEMD160);
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_RIPEMD160 */
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha1Id)) {
- ctx->digest = EVP_sha1();
+ XMLSEC_OPENSSL_EVP_SIGNATURE_SET_DIGEST(ctx, EVP_sha1(), OSSL_DIGEST_NAME_SHA1);
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_SHA1 */
#ifndef XMLSEC_NO_SHA224
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha224Id)) {
- ctx->digest = EVP_sha224();
+ XMLSEC_OPENSSL_EVP_SIGNATURE_SET_DIGEST(ctx, EVP_sha224(), OSSL_DIGEST_NAME_SHA2_224);
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_SHA224 */
#ifndef XMLSEC_NO_SHA256
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha256Id)) {
- ctx->digest = EVP_sha256();
+ XMLSEC_OPENSSL_EVP_SIGNATURE_SET_DIGEST(ctx, EVP_sha256(), OSSL_DIGEST_NAME_SHA2_256);
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_SHA256 */
#ifndef XMLSEC_NO_SHA384
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha384Id)) {
- ctx->digest = EVP_sha384();
+ XMLSEC_OPENSSL_EVP_SIGNATURE_SET_DIGEST(ctx, EVP_sha384(), OSSL_DIGEST_NAME_SHA2_384);
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_SHA384 */
#ifndef XMLSEC_NO_SHA512
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha512Id)) {
- ctx->digest = EVP_sha512();
+ XMLSEC_OPENSSL_EVP_SIGNATURE_SET_DIGEST(ctx, EVP_sha512(), OSSL_DIGEST_NAME_SHA2_512);
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_SHA512 */
#ifndef XMLSEC_NO_GOST
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGost2001GostR3411_94Id)) {
- ctx->keyId = xmlSecOpenSSLKeyDataGost2001Id;
- ctx->digest = EVP_get_digestbyname("md_gost94");
- if (!ctx->digest) {
- xmlSecInvalidTransfromError(transform)
- return(-1);
+ int ret;
+ ret = xmlSecOpenSSLEvpSignatureSetLegacyDigest(ctx, XMLSEC_OPENSSL_DIGEST_NAME_GOST94);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLEvpSignatureSetLegacyDigest(md_gost94)",
+ xmlSecTransformGetName(transform));
+ xmlSecOpenSSLEvpSignatureFinalize(transform);
+ return(-1);
}
+ ctx->keyId = xmlSecOpenSSLKeyDataGost2001Id;
} else
#endif /* XMLSEC_NO_GOST */
#ifndef XMLSEC_NO_GOST2012
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id)) {
+ int ret;
+ ret = xmlSecOpenSSLEvpSignatureSetLegacyDigest(ctx, XMLSEC_OPENSSL_DIGEST_NAME_GOST12_256);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLEvpSignatureSetLegacyDigest(md_gost12_256)",
+ xmlSecTransformGetName(transform));
+ xmlSecOpenSSLEvpSignatureFinalize(transform);
+ return(-1);
+ }
ctx->keyId = xmlSecOpenSSLKeyDataGostR3410_2012_256Id;
- ctx->digest = EVP_get_digestbyname("md_gost12_256");
- if (!ctx->digest) {
- xmlSecInvalidTransfromError(transform)
- return(-1);
- }
} else
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id)) {
+ int ret;
+ ret = xmlSecOpenSSLEvpSignatureSetLegacyDigest(ctx, XMLSEC_OPENSSL_DIGEST_NAME_GOST12_512);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLEvpSignatureSetLegacyDigest(md_gost12_512)",
+ xmlSecTransformGetName(transform));
+ xmlSecOpenSSLEvpSignatureFinalize(transform);
+ return(-1);
+ }
ctx->keyId = xmlSecOpenSSLKeyDataGostR3410_2012_512Id;
- ctx->digest = EVP_get_digestbyname("md_gost12_512");
- if (!ctx->digest) {
- xmlSecInvalidTransfromError(transform)
- return(-1);
- }
} else
#endif /* XMLSEC_NO_GOST2012 */
if(1) {
- xmlSecInvalidTransfromError(transform)
+ xmlSecInvalidTransfromError(transform);
+ xmlSecOpenSSLEvpSignatureFinalize(transform);
return(-1);
}
+#ifdef XMLSEC_OPENSSL_API_300
+ /* fetch digest */
+ if(ctx->legacyDigest == 0) {
+ xmlSecAssert2(ctx->digestName != NULL, -1);
+ ctx->digest = EVP_MD_fetch(xmlSecOpenSSLGetLibCtx(), ctx->digestName, NULL);
+ if(ctx->digest == NULL) {
+ xmlSecOpenSSLError2("EVP_MD_fetch", xmlSecTransformGetName(transform),
+ "digestName=%s", xmlSecErrorsSafeString(ctx->digestName));
+ xmlSecOpenSSLEvpSignatureFinalize(transform);
+ return(-1);
+ }
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
+ xmlSecAssert2(ctx->digest != NULL, -1);
+
/* create digest CTX */
ctx->digestCtx = EVP_MD_CTX_new();
if(ctx->digestCtx == NULL) {
- xmlSecOpenSSLError("EVP_MD_CTX_new",
- xmlSecTransformGetName(transform));
+ xmlSecOpenSSLError("EVP_MD_CTX_new", xmlSecTransformGetName(transform));
+ xmlSecOpenSSLEvpSignatureFinalize(transform);
return(-1);
}
if(ctx->digestCtx != NULL) {
EVP_MD_CTX_free(ctx->digestCtx);
}
+#ifdef XMLSEC_OPENSSL_API_300
+ if((ctx->digest != NULL) && (ctx->legacyDigest == 0)) {
+ EVP_MD_free(ctx->digest);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx));
}
const xmlSecByte* data, xmlSecSize dataSize,
xmlSecTransformCtxPtr transformCtx) {
xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+ unsigned int dataLen;
int ret;
xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->digestCtx != NULL, -1);
- ret = EVP_VerifyFinal(ctx->digestCtx, (xmlSecByte*)data, dataSize, ctx->pKey);
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(dataSize, dataLen, return(-1), xmlSecTransformGetName(transform));
+
+ ret = EVP_VerifyFinal_ex(ctx->digestCtx, (xmlSecByte*)data, dataLen, ctx->pKey, xmlSecOpenSSLGetLibCtx(), NULL);
if(ret < 0) {
- xmlSecOpenSSLError("EVP_VerifyFinal",
+ xmlSecOpenSSLError("EVP_VerifyFinal_ex",
xmlSecTransformGetName(transform));
return(-1);
} else if(ret != 1) {
xmlSecOtherError(XMLSEC_ERRORS_R_DATA_NOT_MATCH,
xmlSecTransformGetName(transform),
- "EVP_VerifyFinal: signature does not verify");
+ "EVP_VerifyFinal: signature verification failed");
transform->status = xmlSecTransformStatusFail;
return(0);
}
} else {
ret = EVP_VerifyUpdate(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
if(ret != 1) {
- xmlSecOpenSSLError("EVP_VerifyUpdate",
- xmlSecTransformGetName(transform));
+ xmlSecOpenSSLError("EVP_VerifyUpdate", xmlSecTransformGetName(transform));
return(-1);
}
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform));
return(-1);
}
}
if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
xmlSecAssert2(outSize == 0, -1);
if(transform->operation == xmlSecTransformOperationSign) {
+ int signLen;
unsigned int signSize;
/* for rsa signatures we get size from EVP_PKEY_size() */
- signSize = EVP_PKEY_size(ctx->pKey);
+ signLen = EVP_PKEY_size(ctx->pKey);
+ if(signLen <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_size", xmlSecTransformGetName(transform));
+ return(-1);
+ }
+ // XMLSEC_SAFE_CAST_INT_TO_UINT(signLen, signSize, return(-1), xmlSecTransformGetName(transform));
+ XMLSEC_SAFE_CAST_INT_TO_UINT(signLen, signSize, return(-1), xmlSecTransformGetName(transform));
+
ret = xmlSecBufferSetMaxSize(out, signSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%u", signSize);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", xmlSecTransformGetName(transform),
+ "size=%u", signSize);
return(-1);
}
- ret = EVP_SignFinal(ctx->digestCtx, xmlSecBufferGetData(out), &signSize, ctx->pKey);
+ ret = EVP_SignFinal_ex(ctx->digestCtx, xmlSecBufferGetData(out), &signSize, ctx->pKey,
+ xmlSecOpenSSLGetLibCtx(), NULL);
if(ret != 1) {
- xmlSecOpenSSLError("EVP_SignFinal",
- xmlSecTransformGetName(transform));
+ xmlSecOpenSSLError("EVP_SignFinal", xmlSecTransformGetName(transform));
return(-1);
}
ret = xmlSecBufferSetSize(out, signSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%u", signSize);
+ xmlSecInternalError2("xmlSecBufferSetSize", xmlSecTransformGetName(transform),
+ "size=%u", signSize);
return(-1);
}
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
#define __XMLSEC_GLOBALS_H__
/* Include common error helper macros. */
#include "../errors_helpers.h"
-/**************************************************************
- *
- * Error constants for OpenSSL
- *
- *************************************************************/
/**
- * XMLSEC_OPENSSL_ERRORS_LIB:
+ * XMLSEC_OPENSSL_ERROR_BUFFER_SIZE:
*
- * Macro. The XMLSec library klass for OpenSSL errors reporting functions.
+ * Macro. The buffer size for reporting OpenSSL errors.
*/
-#define XMLSEC_OPENSSL_ERRORS_LIB (ERR_LIB_USER + 57)
-
-/**
- * XMLSEC_OPENSSL_ERRORS_FUNCTION:
- *
- * Macro. The XMLSec library functions OpenSSL errors reporting functions.
- */
-#define XMLSEC_OPENSSL_ERRORS_FUNCTION 0
+#define XMLSEC_OPENSSL_ERROR_BUFFER_SIZE 1024
/**
* xmlSecOpenSSLError:
*/
#define xmlSecOpenSSLError(errorFunction, errorObject) \
{ \
- unsigned long error_code = ERR_peek_error(); \
- const char* lib = ERR_lib_error_string(error_code); \
- const char* func = ERR_func_error_string(error_code); \
- const char* reason = ERR_reason_error_string(error_code); \
+ char _openssl_error_buf[XMLSEC_OPENSSL_ERROR_BUFFER_SIZE]; \
+ unsigned long _openssl_error_code = ERR_peek_error(); \
+ ERR_error_string_n(_openssl_error_code, _openssl_error_buf, sizeof(_openssl_error_buf)); \
xmlSecError(XMLSEC_ERRORS_HERE, \
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
- "openssl error: %lu: %s: %s %s", \
- error_code, \
- xmlSecErrorsSafeString(lib), \
- xmlSecErrorsSafeString(func), \
- xmlSecErrorsSafeString(reason) \
+ "openssl error: %s", \
+ xmlSecErrorsSafeString(_openssl_error_buf) \
); \
}
+
/**
* xmlSecOpenSSLError2:
* @errorFunction: the failed function name.
* Macro. The XMLSec library macro for reporting OpenSSL crypro errors.
*/
#define xmlSecOpenSSLError2(errorFunction, errorObject, msg, param) \
- { \
- unsigned long error_code = ERR_peek_error(); \
- const char* lib = ERR_lib_error_string(error_code); \
- const char* func = ERR_func_error_string(error_code); \
- const char* reason = ERR_reason_error_string(error_code); \
+ char _openssl_error_buf[XMLSEC_OPENSSL_ERROR_BUFFER_SIZE]; \
+ unsigned long _openssl_error_code = ERR_peek_error(); \
+ ERR_error_string_n(_openssl_error_code, _openssl_error_buf, sizeof(_openssl_error_buf)); \
xmlSecError(XMLSEC_ERRORS_HERE, \
(const char*)(errorObject), \
(errorFunction), \
XMLSEC_ERRORS_R_CRYPTO_FAILED, \
- msg "; openssl error: %lu: %s: %s %s", \
+ msg "; openssl error: %s", \
(param), \
- error_code, \
- xmlSecErrorsSafeString(lib), \
- xmlSecErrorsSafeString(func), \
- xmlSecErrorsSafeString(reason) \
+ xmlSecErrorsSafeString(_openssl_error_buf) \
); \
- }
+
+ /**
+ * xmlSecOpenSSLError3:
+ * @errorFunction: the failed function name.
+ * @errorObject: the error specific error object (e.g. transform, key data, etc).
+ * @msg: the extra message.
+ * @param1: the extra message param1.
+ * @param2: the extra message param2.
+ *
+ * Macro. The XMLSec library macro for reporting OpenSSL crypro errors.
+ */
+#define xmlSecOpenSSLError3(errorFunction, errorObject, msg, param1, param2) \
+ char _openssl_error_buf[XMLSEC_OPENSSL_ERROR_BUFFER_SIZE]; \
+ unsigned long _openssl_error_code = ERR_peek_error(); \
+ ERR_error_string_n(_openssl_error_code, _openssl_error_buf, sizeof(_openssl_error_buf)); \
+ xmlSecError(XMLSEC_ERRORS_HERE, \
+ (const char*)(errorObject), \
+ (errorFunction), \
+ XMLSEC_ERRORS_R_CRYPTO_FAILED, \
+ msg "; openssl error: %s", \
+ (param1), \
+ (param2), \
+ xmlSecErrorsSafeString(_openssl_error_buf) \
+ ); \
+
+
+
#endif /* ! __XMLSEC_GLOBALS_H__ */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:hmac
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
+#include <ctype.h>
#include <openssl/hmac.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/base64.h>
#include <xmlsec/keys.h>
-#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
#include <xmlsec/openssl/crypto.h>
#include "openssl_compat.h"
-/* sizes in bits */
-#define XMLSEC_OPENSSL_MIN_HMAC_SIZE 80
-#define XMLSEC_OPENSSL_MAX_HMAC_SIZE (EVP_MAX_MD_SIZE * 8)
+#ifdef XMLSEC_OPENSSL_API_300
+#include <openssl/core_names.h>
+#include <openssl/param_build.h>
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
+#include "../transform_helpers.h"
+
/**************************************************************************
*
* Configuration
*
*****************************************************************************/
-static int g_xmlsec_openssl_hmac_min_length = XMLSEC_OPENSSL_MIN_HMAC_SIZE;
/**
* xmlSecOpenSSLHmacGetMinOutputLength:
*
+ * DEPRECATED (use @xmlSecTransformHmacGetMinOutputBitsSize instead).
* Gets the value of min HMAC length.
*
* Returns: the min HMAC output length
*/
int xmlSecOpenSSLHmacGetMinOutputLength(void)
{
- return g_xmlsec_openssl_hmac_min_length;
+ xmlSecSize val = xmlSecTransformHmacGetMinOutputBitsSize();
+ int res;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(val, res, return(-1), NULL);
+ return res;
}
/**
* xmlSecOpenSSLHmacSetMinOutputLength:
* @min_length: the new min length
*
+ * DEPRECATED (use @xmlSecTransformHmacSetMinOutputBitsSize instead).
* Sets the min HMAC output length
*/
void xmlSecOpenSSLHmacSetMinOutputLength(int min_length)
{
- g_xmlsec_openssl_hmac_min_length = min_length;
+ xmlSecSize val;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(min_length, val, return, NULL);
+ xmlSecTransformHmacSetMinOutputBitsSize(val);
}
/**************************************************************************
*****************************************************************************/
typedef struct _xmlSecOpenSSLHmacCtx xmlSecOpenSSLHmacCtx, *xmlSecOpenSSLHmacCtxPtr;
struct _xmlSecOpenSSLHmacCtx {
+#ifndef XMLSEC_OPENSSL_API_300
const EVP_MD* hmacDgst;
HMAC_CTX* hmacCtx;
+#else /* XMLSEC_OPENSSL_API_300 */
+ const char* evpHmacDgstName;
+ EVP_MAC* evpHmac;
+ EVP_MAC_CTX* evpHmacCtx;
+#endif /* XMLSEC_OPENSSL_API_300 */
int ctxInitialized;
- xmlSecByte dgst[XMLSEC_OPENSSL_MAX_HMAC_SIZE];
+ xmlSecByte dgst[EVP_MAX_MD_SIZE];
xmlSecSize dgstSize; /* dgst size in bits */
};
*
* HMAC transforms
*
- * xmlSecOpenSSLHmacCtx is located after xmlSecTransform
- *
*****************************************************************************/
-#define xmlSecOpenSSLHmacGetCtx(transform) \
- ((xmlSecOpenSSLHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecOpenSSLHmacSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLHmacCtx))
+XMLSEC_TRANSFORM_DECLARE(OpenSSLHmac, xmlSecOpenSSLHmacCtx)
+#define xmlSecOpenSSLHmacSize XMLSEC_TRANSFORM_SIZE(OpenSSLHmac)
static int xmlSecOpenSSLHmacCheckId (xmlSecTransformPtr transform);
static int xmlSecOpenSSLHmacInitialize (xmlSecTransformPtr transform);
}
}
-
+/* small helper macro to reduce clutter in the code */
+#ifndef XMLSEC_OPENSSL_API_300
+#define XMLSEC_OPENSSL_HMAC_SET_DIGEST(ctx, digestVal, digestNameVal) \
+ (ctx)->hmacDgst = (digestVal)
+#else /* XMLSEC_OPENSSL_API_300 */
+#define XMLSEC_OPENSSL_HMAC_SET_DIGEST(ctx, digestVal, digestNameVal) \
+ (ctx)->evpHmacDgstName = (digestNameVal)
+#endif /* XMLSEC_OPENSSL_API_300 */
static int
xmlSecOpenSSLHmacInitialize(xmlSecTransformPtr transform) {
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha1Id)) {
- ctx->hmacDgst = EVP_sha1();
+ XMLSEC_OPENSSL_HMAC_SET_DIGEST(ctx, EVP_sha1(), OSSL_DIGEST_NAME_SHA1);
} else
#endif /* XMLSEC_NO_SHA1 */
#ifndef XMLSEC_NO_SHA224
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha224Id)) {
- ctx->hmacDgst = EVP_sha224();
+ XMLSEC_OPENSSL_HMAC_SET_DIGEST(ctx, EVP_sha224(), OSSL_DIGEST_NAME_SHA2_224);
} else
#endif /* XMLSEC_NO_SHA224 */
#ifndef XMLSEC_NO_SHA256
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha256Id)) {
- ctx->hmacDgst = EVP_sha256();
+ XMLSEC_OPENSSL_HMAC_SET_DIGEST(ctx, EVP_sha256(), OSSL_DIGEST_NAME_SHA2_256);
} else
#endif /* XMLSEC_NO_SHA256 */
#ifndef XMLSEC_NO_SHA384
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha384Id)) {
- ctx->hmacDgst = EVP_sha384();
+ XMLSEC_OPENSSL_HMAC_SET_DIGEST(ctx, EVP_sha384(), OSSL_DIGEST_NAME_SHA2_384);
} else
#endif /* XMLSEC_NO_SHA384 */
#ifndef XMLSEC_NO_SHA512
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha512Id)) {
- ctx->hmacDgst = EVP_sha512();
+ XMLSEC_OPENSSL_HMAC_SET_DIGEST(ctx, EVP_sha512(), OSSL_DIGEST_NAME_SHA2_512);
} else
#endif /* XMLSEC_NO_SHA512 */
#ifndef XMLSEC_NO_RIPEMD160
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacRipemd160Id)) {
- ctx->hmacDgst = EVP_ripemd160();
+ XMLSEC_OPENSSL_HMAC_SET_DIGEST(ctx, EVP_ripemd160(), OSSL_DIGEST_NAME_RIPEMD160);
} else
#endif /* XMLSEC_NO_RIPEMD160 */
#ifndef XMLSEC_NO_MD5
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacMd5Id)) {
- ctx->hmacDgst = EVP_md5();
+ XMLSEC_OPENSSL_HMAC_SET_DIGEST(ctx, EVP_md5(), OSSL_DIGEST_NAME_MD5);
} else
#endif /* XMLSEC_NO_MD5 */
return(-1);
}
+#ifndef XMLSEC_OPENSSL_API_300
/* create hmac CTX */
ctx->hmacCtx = HMAC_CTX_new();
if(ctx->hmacCtx == NULL) {
- xmlSecOpenSSLError("HMAC_CTX_new",
- xmlSecTransformGetName(transform));
+ xmlSecOpenSSLError("HMAC_CTX_new", xmlSecTransformGetName(transform));
+ xmlSecOpenSSLHmacFinalize(transform);
return(-1);
}
+#else /* XMLSEC_OPENSSL_API_300 */
+ ctx->evpHmac = EVP_MAC_fetch(xmlSecOpenSSLGetLibCtx(), OSSL_MAC_NAME_HMAC, NULL);
+ if (ctx->evpHmac == NULL) {
+ xmlSecOpenSSLError("EVP_MAC_fetch", xmlSecTransformGetName(transform));
+ xmlSecOpenSSLHmacFinalize(transform);
+ return(-1);
+ }
+ ctx->evpHmacCtx = EVP_MAC_CTX_new(ctx->evpHmac);
+ if (ctx->evpHmacCtx == NULL) {
+ xmlSecOpenSSLError("EVP_MAC_CTX_new", xmlSecTransformGetName(transform));
+ xmlSecOpenSSLHmacFinalize(transform);
+ return(-1);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
/* done */
return(0);
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert(ctx != NULL);
+#ifndef XMLSEC_OPENSSL_API_300
if(ctx->hmacCtx != NULL) {
HMAC_CTX_free(ctx->hmacCtx);
}
+#else /* XMLSEC_OPENSSL_API_300 */
+ if(ctx->evpHmacCtx != NULL) {
+ EVP_MAC_CTX_free(ctx->evpHmacCtx);
+ }
+ if (ctx->evpHmac != NULL) {
+ EVP_MAC_free(ctx->evpHmac);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
memset(ctx, 0, sizeof(xmlSecOpenSSLHmacCtx));
}
static int
-xmlSecOpenSSLHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+xmlSecOpenSSLHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecOpenSSLHmacCtxPtr ctx;
- xmlNodePtr cur;
+ int ret;
xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1);
xmlSecAssert2(node!= NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- cur = xmlSecGetNextElementNode(node->children);
- if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
- xmlChar *content;
-
- content = xmlNodeGetContent(cur);
- if(content != NULL) {
- ctx->dgstSize = atoi((char*)content);
- xmlFree(content);
- }
-
- /* Ensure that HMAC length is greater than min specified.
- Otherwise, an attacker can set this length to 0 or very
- small value
- */
- if((int)ctx->dgstSize < xmlSecOpenSSLHmacGetMinOutputLength()) {
- xmlSecInvalidNodeContentError(cur, xmlSecTransformGetName(transform),
- "HMAC output length is too small");
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform));
+ ret = xmlSecTransformHmacReadOutputBitsSize(node, ctx->dgstSize, &ctx->dgstSize);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformHmacReadOutputBitsSize()",
+ xmlSecTransformGetName(transform));
return(-1);
}
+
return(0);
}
return(0);
}
+#ifndef XMLSEC_OPENSSL_API_300
+static int
+xmlSecOpenSSLHmacSetKeyImpl(xmlSecOpenSSLHmacCtxPtr ctx, const xmlSecByte* key, xmlSecSize keySize) {
+ int keyLen;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->hmacCtx != NULL, -1);
+ xmlSecAssert2(ctx->hmacDgst != NULL, -1);
+ xmlSecAssert2(key != NULL, -1);
+ xmlSecAssert2(keySize > 0, -1);
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(keySize, keyLen, return(-1), NULL);
+ ret = HMAC_Init_ex(ctx->hmacCtx, key, keyLen, ctx->hmacDgst, NULL);
+ if(ret != 1) {
+ xmlSecOpenSSLError("HMAC_Init_ex", NULL);
+ return(-1);
+ }
+
+ /* success */
+ return(0);
+}
+
+#else /* XMLSEC_OPENSSL_API_300 */
+
+static int
+xmlSecOpenSSLHmacSetKeyImpl(xmlSecOpenSSLHmacCtxPtr ctx, const xmlSecByte* key, xmlSecSize keySize) {
+ OSSL_PARAM_BLD* param_bld = NULL;
+ OSSL_PARAM* params = NULL;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->evpHmacCtx != NULL, -1);
+ xmlSecAssert2(ctx->evpHmacDgstName != NULL, -1);
+ xmlSecAssert2(key != NULL, -1);
+ xmlSecAssert2(keySize > 0, -1);
+
+ param_bld = OSSL_PARAM_BLD_new();
+ if (param_bld == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_new", NULL);
+ goto done;
+ }
+
+ ret = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_MAC_PARAM_DIGEST,
+ ctx->evpHmacDgstName, strlen(ctx->evpHmacDgstName));
+ if(ret != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_utf8_string", NULL);
+ goto done;
+ }
+
+ params = OSSL_PARAM_BLD_to_param(param_bld);
+ if (params == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_to_param", NULL);
+ goto done;
+ }
+
+ ret = EVP_MAC_init(ctx->evpHmacCtx, key, keySize, params);
+ if (ret != 1) {
+ xmlSecOpenSSLError("EVP_MAC_init", NULL);
+ goto done;
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ if(params != NULL) {
+ OSSL_PARAM_free(params);
+ }
+ if(param_bld != NULL) {
+ OSSL_PARAM_BLD_free(param_bld);
+ }
+ return(res);
+
+}
+
+#endif /* XMLSEC_OPENSSL_API_300 */
+
static int
xmlSecOpenSSLHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecOpenSSLHmacCtxPtr ctx;
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->hmacCtx != NULL, -1);
- xmlSecAssert2(ctx->hmacDgst != NULL, -1);
xmlSecAssert2(ctx->ctxInitialized == 0, -1);
value = xmlSecKeyGetValue(key);
if(xmlSecBufferGetSize(buffer) == 0) {
xmlSecInvalidZeroKeyDataSizeError(xmlSecTransformGetName(transform));
- return(-1);
+ return(-1);
}
-
xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
- ret = HMAC_Init_ex(ctx->hmacCtx,
- xmlSecBufferGetData(buffer),
- xmlSecBufferGetSize(buffer),
- ctx->hmacDgst,
- NULL);
- if(ret != 1) {
- xmlSecOpenSSLError("HMAC_Init_ex",
- xmlSecTransformGetName(transform));
- return(-1);
+ ret = xmlSecOpenSSLHmacSetKeyImpl(ctx, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLHmacSetKeyImpl", xmlSecTransformGetName(transform));
+ return(-1);
}
+ /* success */
ctx->ctxInitialized = 1;
return(0);
}
static int
xmlSecOpenSSLHmacVerify(xmlSecTransformPtr transform,
const xmlSecByte* data, xmlSecSize dataSize,
- xmlSecTransformCtxPtr transformCtx) {
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
static xmlSecByte last_byte_masks[] =
{ 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
xmlSecAssert2(data != NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->ctxInitialized != 0, -1);
- xmlSecAssert2(ctx->hmacCtx != NULL, -1);
if(transform->status == xmlSecTransformStatusNone) {
/* we should be already initialized when we set key */
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
+#ifndef XMLSEC_OPENSSL_API_300
+ xmlSecAssert2(ctx->hmacCtx != NULL, -1);
+
ret = HMAC_Update(ctx->hmacCtx, xmlSecBufferGetData(in), inSize);
if(ret != 1) {
xmlSecOpenSSLError("HMAC_Update",
xmlSecTransformGetName(transform));
return(-1);
}
+#else /* XMLSEC_OPENSSL_API_300 */
+ xmlSecAssert2(ctx->evpHmacCtx != NULL, -1);
+
+ ret = EVP_MAC_update(ctx->evpHmacCtx, xmlSecBufferGetData(in), inSize);
+ if(ret != 1) {
+ xmlSecOpenSSLError("EVP_MAC_update",
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
}
if(last) {
- unsigned int dgstSize = 0;
+ xmlSecSize dgstSize;
- ret = HMAC_Final(ctx->hmacCtx, ctx->dgst, &dgstSize);
+#ifndef XMLSEC_OPENSSL_API_300
+ unsigned int dgstLen = 0;
+
+ xmlSecAssert2(ctx->hmacCtx != NULL, -1);
+ ret = HMAC_Final(ctx->hmacCtx, ctx->dgst, &dgstLen);
if(ret != 1) {
- xmlSecOpenSSLError("HMAC_Final",
- xmlSecTransformGetName(transform));
+ xmlSecOpenSSLError("HMAC_Final", xmlSecTransformGetName(transform));
+ return(-1);
+ }
+ XMLSEC_SAFE_CAST_UINT_TO_SIZE(dgstLen, dgstSize, return(-1), xmlSecTransformGetName(transform));
+#else /* XMLSEC_OPENSSL_API_300 */
+ size_t dgstSizeT = 0;
+
+ xmlSecAssert2(ctx->evpHmacCtx != NULL, -1);
+ ret = EVP_MAC_final(ctx->evpHmacCtx, ctx->dgst, &dgstSizeT, sizeof(ctx->dgst));
+ if(ret != 1) {
+ xmlSecOpenSSLError("EVP_MAC_final", xmlSecTransformGetName(transform));
return(-1);
}
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(dgstSizeT, dgstSize, return(-1), xmlSecTransformGetName(transform));
+#endif /* XMLSEC_OPENSSL_API_300 */
xmlSecAssert2(dgstSize > 0, -1);
/* check/set the result digest size */
if(ctx->dgstSize == 0) {
- ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize * 8); /* no dgst size specified, use all we have */
- } else if(ctx->dgstSize <= XMLSEC_SIZE_BAD_CAST(8 * dgstSize)) {
- dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+ ctx->dgstSize = dgstSize * 8; /* no dgst size specified, use all we have */
+ } else if(ctx->dgstSize <= 8 * dgstSize) {
+ xmlSecSize adjustedDigestSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+ XMLSEC_SAFE_CAST_SIZE_TO_UINT(adjustedDigestSize, dgstSize, return(-1), xmlSecTransformGetName(transform));
} else {
xmlSecInvalidSizeLessThanError("HMAC digest (bits)",
- 8 * dgstSize, ctx->dgstSize,
- xmlSecTransformGetName(transform));
+ 8 * dgstSize, ctx->dgstSize,
+ xmlSecTransformGetName(transform));
return(-1);
}
ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferAppend",
- xmlSecTransformGetName(transform),
- "size=%d", dgstSize);
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, dgstSize);
return(-1);
}
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kt_rsa
#include <openssl/sha.h>
#include <openssl/objects.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
#include <xmlsec/buffer.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/errors.h>
#include <xmlsec/keys.h>
-#include <xmlsec/transforms.h>
+#include <xmlsec/private.h>
#include <xmlsec/strings.h>
-#include <xmlsec/errors.h>
+#include <xmlsec/transforms.h>
#include <xmlsec/openssl/crypto.h>
#include <xmlsec/openssl/evp.h>
#include <xmlsec/openssl/bn.h>
#include "openssl_compat.h"
+#ifdef XMLSEC_OPENSSL_API_300
+#include <openssl/core_names.h>
+#include <openssl/param_build.h>
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+#include "../cast_helpers.h"
+#include "../transform_helpers.h"
+
#ifdef OPENSSL_IS_BORINGSSL
/* defined in boringssl/crypto/fipsmodule/rsa/internal.h */
unsigned char *param, int param_len) {
size_t out_len = 0;
int ret;
+ int res;
ret = RSA_padding_check_PKCS1_OAEP_mgf1(to, &out_len, to_len, from, from_len, param, param_len, NULL, NULL);
if(!ret) {
return(-1);
}
- return((int)out_len);
+ XMLSEC_SAFE_CAST_SIZE_T_TO_INT(out_len, res, return(-1), NULL);
+ return(res);
}
typedef struct _xmlSecOpenSSLRsaPkcs1Ctx xmlSecOpenSSLRsaPkcs1Ctx,
*xmlSecOpenSSLRsaPkcs1CtxPtr;
struct _xmlSecOpenSSLRsaPkcs1Ctx {
+#ifndef XMLSEC_OPENSSL_API_300
EVP_PKEY* pKey;
+#else /* XMLSEC_OPENSSL_API_300 */
+ EVP_PKEY_CTX* pKeyCtx;
+#endif /* XMLSEC_OPENSSL_API_300 */
+ xmlSecSize keySize;
};
/*********************************************************************
*
* RSA PKCS1 key transport transform
*
- * xmlSecOpenSSLRsaPkcs1Ctx is located after xmlSecTransform
- *
********************************************************************/
-#define xmlSecOpenSSLRsaPkcs1Size \
- (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLRsaPkcs1Ctx))
-#define xmlSecOpenSSLRsaPkcs1GetCtx(transform) \
- ((xmlSecOpenSSLRsaPkcs1CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(OpenSSLRsaPkcs1, xmlSecOpenSSLRsaPkcs1Ctx)
+#define xmlSecOpenSSLRsaPkcs1Size XMLSEC_TRANSFORM_SIZE(OpenSSLRsaPkcs1)
static int xmlSecOpenSSLRsaPkcs1Initialize (xmlSecTransformPtr transform);
static void xmlSecOpenSSLRsaPkcs1Finalize (xmlSecTransformPtr transform);
static int xmlSecOpenSSLRsaPkcs1Execute (xmlSecTransformPtr transform,
int last,
xmlSecTransformCtxPtr transformCtx);
-static int xmlSecOpenSSLRsaPkcs1Process (xmlSecTransformPtr transform,
- xmlSecTransformCtxPtr transformCtx);
+static int xmlSecOpenSSLRsaPkcs1Process (xmlSecTransformPtr transform);
static xmlSecTransformKlass xmlSecOpenSSLRsaPkcs1Klass = {
/* klass/object sizes */
return(&xmlSecOpenSSLRsaPkcs1Klass);
}
+#ifndef XMLSEC_OPENSSL_API_300
+
+static int
+xmlSecOpenSSLRsaPkcs1SetKeyImpl(xmlSecOpenSSLRsaPkcs1CtxPtr ctx, EVP_PKEY* pKey,
+ int encrypt ATTRIBUTE_UNUSED) {
+ RSA *rsa = NULL;
+ int keyLen;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKey == NULL, -1);
+ xmlSecAssert2(pKey != NULL, -1);
+ UNREFERENCED_PARAMETER(encrypt);
+
+ rsa = EVP_PKEY_get0_RSA(pKey);
+ xmlSecAssert2(rsa != NULL, -1);
+
+ keyLen = RSA_size(rsa);
+ if(keyLen <= 0) {
+ xmlSecOpenSSLError("RSA_size", NULL);
+ return (-1);
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(keyLen, ctx->keySize, return(-1), NULL);
+
+ ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey);
+ if(ctx->pKey == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLEvpKeyDup", NULL);
+ return(-1);
+ }
+
+ /* success */
+ return(0);
+}
+
+static int
+xmlSecOpenSSLRsaPkcs1ProcessImpl(xmlSecOpenSSLRsaPkcs1CtxPtr ctx, const xmlSecByte* inBuf, xmlSecSize inSize,
+ xmlSecByte* outBuf, xmlSecSize* outSize, int encrypt) {
+ RSA* rsa;
+ int inLen;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKey != NULL, -1);
+ xmlSecAssert2(EVP_PKEY_base_id(ctx->pKey) == EVP_PKEY_RSA, -1);
+ xmlSecAssert2(inBuf != NULL, -1);
+ xmlSecAssert2(inSize > 0, -1);
+ xmlSecAssert2(outBuf != NULL, -1);
+ xmlSecAssert2(outSize != NULL, -1);
+
+ rsa = EVP_PKEY_get0_RSA(ctx->pKey);
+ xmlSecAssert2(rsa != NULL, -1);
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, return(-1), NULL);
+ if(encrypt != 0) {
+ ret = RSA_public_encrypt(inLen, inBuf, outBuf, rsa, RSA_PKCS1_PADDING);
+ if(ret <= 0) {
+ xmlSecOpenSSLError2("RSA_public_encrypt", NULL,
+ "size=" XMLSEC_SIZE_FMT, inSize);
+ return(-1);
+ }
+
+ } else {
+ ret = RSA_private_decrypt(inLen, inBuf, outBuf, rsa, RSA_PKCS1_PADDING);
+ if(ret <= 0) {
+ xmlSecOpenSSLError2("RSA_private_decrypt", NULL,
+ "size=" XMLSEC_SIZE_FMT, inSize);
+ return(-1);
+ }
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, (*outSize), return(-1), NULL);
+
+ /* success */
+ return(0);
+}
+
+#else /* XMLSEC_OPENSSL_API_300 */
+
+static int
+xmlSecOpenSSLRsaPkcs1SetKeyImpl(xmlSecOpenSSLRsaPkcs1CtxPtr ctx, EVP_PKEY* pKey,
+ int encrypt) {
+ int keyLen;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKeyCtx == NULL, -1);
+ xmlSecAssert2(pKey != NULL, -1);
+
+ keyLen = EVP_PKEY_get_size(pKey);
+ if(keyLen <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_get_size", NULL);
+ return (-1);
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(keyLen, ctx->keySize, return(-1), NULL);
+
+ ctx->pKeyCtx = EVP_PKEY_CTX_new_from_pkey(xmlSecOpenSSLGetLibCtx(), pKey, NULL);
+ if (ctx->pKeyCtx == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_new_from_pkey", NULL);
+ return (-1);
+ }
+
+ if (encrypt != 0) {
+ ret = EVP_PKEY_encrypt_init(ctx->pKeyCtx);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_encrypt_init", NULL);
+ return (-1);
+ }
+ } else {
+ ret = EVP_PKEY_decrypt_init(ctx->pKeyCtx);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_decrypt_init", NULL);
+ return (-1);
+ }
+ }
+
+ ret = EVP_PKEY_CTX_set_rsa_padding(ctx->pKeyCtx, RSA_PKCS1_PADDING);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_set_rsa_padding", NULL);
+ return (-1);
+ }
+
+ /* success */
+ return(0);
+}
+
+static int
+xmlSecOpenSSLRsaPkcs1ProcessImpl(xmlSecOpenSSLRsaPkcs1CtxPtr ctx, const xmlSecByte* inBuf, xmlSecSize inSize,
+ xmlSecByte* outBuf, xmlSecSize* outSize, int encrypt) {
+ size_t outLen = 0;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKeyCtx != NULL, -1);
+ xmlSecAssert2(inBuf != NULL, -1);
+ xmlSecAssert2(inSize > 0, -1);
+ xmlSecAssert2(outBuf != NULL, -1);
+ xmlSecAssert2(outSize != NULL, -1);
+
+ outLen = (*outSize);
+ if(encrypt != 0) {
+ ret = EVP_PKEY_encrypt(ctx->pKeyCtx, outBuf, &outLen, inBuf, inSize);
+ if(ret <= 0) {
+ xmlSecOpenSSLError2("EVP_PKEY_encrypt", NULL,
+ "size=" XMLSEC_SIZE_FMT, inSize);
+ return(-1);
+ }
+ } else {
+ ret = EVP_PKEY_decrypt(ctx->pKeyCtx, outBuf, &outLen, inBuf, inSize);
+ if (ret <= 0) {
+ xmlSecOpenSSLError2("EVP_PKEY_decrypt", NULL,
+ "size=" XMLSEC_SIZE_FMT, inSize);
+ return(-1);
+ }
+ }
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(outLen, (*outSize), return(-1), NULL);
+
+ /* success */
+ return(0);
+}
+#endif /* XMLSEC_OPENSSL_API_300 */
+
static int
xmlSecOpenSSLRsaPkcs1Initialize(xmlSecTransformPtr transform) {
xmlSecOpenSSLRsaPkcs1CtxPtr ctx;
ctx = xmlSecOpenSSLRsaPkcs1GetCtx(transform);
xmlSecAssert(ctx != NULL);
+
+#ifndef XMLSEC_OPENSSL_API_300
if(ctx->pKey != NULL) {
EVP_PKEY_free(ctx->pKey);
}
+#else /* XMLSEC_OPENSSL_API_300 */
+ if(ctx->pKeyCtx != NULL) {
+ EVP_PKEY_CTX_free(ctx->pKeyCtx);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
+
memset(ctx, 0, sizeof(xmlSecOpenSSLRsaPkcs1Ctx));
}
xmlSecOpenSSLRsaPkcs1SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecOpenSSLRsaPkcs1CtxPtr ctx;
EVP_PKEY* pKey;
- RSA *rsa;
+ int encrypt;
+ int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaPkcs1Id), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
ctx = xmlSecOpenSSLRsaPkcs1GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->pKey == NULL, -1);
+ xmlSecAssert2(ctx->keySize == 0, -1);
+
pKey = xmlSecOpenSSLKeyDataRsaGetEvp(xmlSecKeyGetValue(key));
if(pKey == NULL) {
return(-1);
}
xmlSecAssert2(EVP_PKEY_base_id(pKey) == EVP_PKEY_RSA, -1);
- rsa = EVP_PKEY_get0_RSA(pKey);
- xmlSecAssert2(rsa != NULL, -1);
- ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey);
- if(ctx->pKey == NULL) {
- xmlSecInternalError("xmlSecOpenSSLEvpKeyDup",
- xmlSecTransformGetName(transform));
+ if (transform->operation == xmlSecTransformOperationEncrypt) {
+ encrypt = 1;
+ } else if (transform->operation == xmlSecTransformOperationDecrypt) {
+ encrypt = 0;
+ } else {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_OPERATION,
+ xmlSecTransformGetName(transform),
+ "Unexpected transform operation: " XMLSEC_ENUM_FMT,
+ XMLSEC_ENUM_CAST(transform->operation));
return(-1);
}
+ ret = xmlSecOpenSSLRsaPkcs1SetKeyImpl(ctx, pKey, encrypt);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLRsaPkcs1SetKeyImpl",
+ xmlSecTransformGetName(transform));
+ return (-1);
+ }
+
+ /* success */
return(0);
}
static int
-xmlSecOpenSSLRsaPkcs1Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecOpenSSLRsaPkcs1Execute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecOpenSSLRsaPkcs1CtxPtr ctx;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaPkcs1Id), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaPkcs1Size), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecOpenSSLRsaPkcs1GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->pKey != NULL, -1);
+ xmlSecAssert2(ctx->keySize > 0, -1);
if(transform->status == xmlSecTransformStatusNone) {
transform->status = xmlSecTransformStatusWorking;
if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
/* just do nothing */
} else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- ret = xmlSecOpenSSLRsaPkcs1Process(transform, transformCtx);
+ ret = xmlSecOpenSSLRsaPkcs1Process(transform);
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLRsaPkcs1Process",
xmlSecTransformGetName(transform));
}
static int
-xmlSecOpenSSLRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPtr transformCtx) {
+xmlSecOpenSSLRsaPkcs1Process(xmlSecTransformPtr transform) {
xmlSecOpenSSLRsaPkcs1CtxPtr ctx;
xmlSecBufferPtr in, out;
xmlSecSize inSize, outSize;
- xmlSecSize keySize;
- RSA *rsa;
+ int encrypt;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaPkcs1Id), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaPkcs1Size), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
ctx = xmlSecOpenSSLRsaPkcs1GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->pKey != NULL, -1);
- xmlSecAssert2(EVP_PKEY_base_id(ctx->pKey) == EVP_PKEY_RSA, -1);
- rsa = EVP_PKEY_get0_RSA(ctx->pKey);
- xmlSecAssert2(rsa != NULL, -1);
-
- keySize = RSA_size(rsa);
- xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(ctx->keySize > 0, -1);
in = &(transform->inBuf);
out = &(transform->outBuf);
outSize = xmlSecBufferGetSize(out);
xmlSecAssert2(outSize == 0, -1);
+ if (transform->operation == xmlSecTransformOperationEncrypt) {
+ encrypt = 1;
+ } else if (transform->operation == xmlSecTransformOperationDecrypt) {
+ encrypt = 0;
+ } else {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_OPERATION,
+ xmlSecTransformGetName(transform),
+ "Unexpected transform operation: " XMLSEC_ENUM_FMT,
+ XMLSEC_ENUM_CAST(transform->operation));
+ return(-1);
+ }
+
/* the encoded size is equal to the keys size so we could not
* process more than that */
- if((transform->operation == xmlSecTransformOperationEncrypt) && (inSize >= keySize)) {
- xmlSecInvalidSizeLessThanError("Input data", inSize, keySize,
- xmlSecTransformGetName(transform));
+ if((encrypt != 0) && (inSize >= ctx->keySize)) {
+ xmlSecInvalidSizeLessThanError("Input data", inSize, ctx->keySize,
+ xmlSecTransformGetName(transform));
return(-1);
- } else if((transform->operation == xmlSecTransformOperationDecrypt) && (inSize != keySize)) {
- xmlSecInvalidSizeError("Input data", inSize, keySize,
- xmlSecTransformGetName(transform));
+ } else if((encrypt == 0) && (inSize != ctx->keySize)) {
+ xmlSecInvalidSizeError("Input data", inSize, ctx->keySize,
+ xmlSecTransformGetName(transform));
return(-1);
}
- outSize = keySize;
+ outSize = ctx->keySize;
ret = xmlSecBufferSetMaxSize(out, outSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- ret = RSA_public_encrypt(inSize, xmlSecBufferGetData(in),
- xmlSecBufferGetData(out),
- rsa, RSA_PKCS1_PADDING);
- if(ret <= 0) {
- xmlSecOpenSSLError2("RSA_public_encrypt",
- xmlSecTransformGetName(transform),
- "size=%lu", (unsigned long)inSize);
- return(-1);
- }
- outSize = ret;
- } else {
- ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
- xmlSecBufferGetData(out),
- rsa, RSA_PKCS1_PADDING);
- if(ret <= 0) {
- xmlSecOpenSSLError2("RSA_private_decrypt",
- xmlSecTransformGetName(transform),
- "size=%lu", (unsigned long)inSize);
- return(-1);
- }
- outSize = ret;
+ ret = xmlSecOpenSSLRsaPkcs1ProcessImpl(ctx, xmlSecBufferGetData(in), inSize,
+ xmlSecBufferGetData(out), &outSize, encrypt);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLRsaPkcs1ProcessImpl",
+ xmlSecTransformGetName(transform));
+ return(-1);
}
ret = xmlSecBufferSetSize(out, outSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
typedef struct _xmlSecOpenSSLRsaOaepCtx xmlSecOpenSSLRsaOaepCtx,
*xmlSecOpenSSLRsaOaepCtxPtr;
struct _xmlSecOpenSSLRsaOaepCtx {
+#ifndef XMLSEC_OPENSSL_API_300
EVP_PKEY* pKey;
+#else /* XMLSEC_OPENSSL_API_300 */
+ EVP_PKEY_CTX* pKeyCtx;
+ int paramsInitialized;
+#endif /* XMLSEC_OPENSSL_API_300 */
+ xmlSecSize keySize;
xmlSecBuffer oaepParams;
};
*
* RSA OAEP key transport transform
*
- * xmlSecOpenSSLRsaOaepCtx is located after xmlSecTransform
- *
********************************************************************/
-#define xmlSecOpenSSLRsaOaepSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLRsaOaepCtx))
-#define xmlSecOpenSSLRsaOaepGetCtx(transform) \
- ((xmlSecOpenSSLRsaOaepCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(OpenSSLRsaOaep, xmlSecOpenSSLRsaOaepCtx)
+#define xmlSecOpenSSLRsaOaepSize XMLSEC_TRANSFORM_SIZE(OpenSSLRsaOaep)
static int xmlSecOpenSSLRsaOaepInitialize (xmlSecTransformPtr transform);
static void xmlSecOpenSSLRsaOaepFinalize (xmlSecTransformPtr transform);
static int xmlSecOpenSSLRsaOaepExecute (xmlSecTransformPtr transform,
int last,
xmlSecTransformCtxPtr transformCtx);
-static int xmlSecOpenSSLRsaOaepProcess (xmlSecTransformPtr transform,
- xmlSecTransformCtxPtr transformCtx);
+static int xmlSecOpenSSLRsaOaepProcess (xmlSecTransformPtr transform);
static xmlSecTransformKlass xmlSecOpenSSLRsaOaepKlass = {
/* klass/object sizes */
return(&xmlSecOpenSSLRsaOaepKlass);
}
+#ifndef XMLSEC_OPENSSL_API_300
+
+static int
+xmlSecOpenSSLRsaOaepSetKeyImpl(xmlSecOpenSSLRsaOaepCtxPtr ctx, EVP_PKEY* pKey,
+ int encrypt ATTRIBUTE_UNUSED) {
+ RSA *rsa = NULL;
+ int keyLen;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKey == NULL, -1);
+ xmlSecAssert2(pKey != NULL, -1);
+ UNREFERENCED_PARAMETER(encrypt);
+
+ rsa = EVP_PKEY_get0_RSA(pKey);
+ xmlSecAssert2(rsa != NULL, -1);
+
+ keyLen = RSA_size(rsa);
+ if(keyLen <= 0) {
+ xmlSecOpenSSLError("RSA_size", NULL);
+ return (-1);
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(keyLen, ctx->keySize, return(-1), NULL);
+
+ ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey);
+ if(ctx->pKey == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLEvpKeyDup", NULL);
+ return(-1);
+ }
+
+ /* success */
+ return(0);
+}
+
+static int
+xmlSecOpenSSLRsaOaepProcessImpl(xmlSecOpenSSLRsaOaepCtxPtr ctx, const xmlSecByte* inBuf, xmlSecSize inSize,
+ xmlSecByte* outBuf, xmlSecSize* outSize, int encrypt) {
+ xmlSecSize paramsSize;
+ RSA* rsa;
+ int inLen;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKey != NULL, -1);
+ xmlSecAssert2(EVP_PKEY_base_id(ctx->pKey) == EVP_PKEY_RSA, -1);
+ xmlSecAssert2(inBuf != NULL, -1);
+ xmlSecAssert2(inSize > 0, -1);
+ xmlSecAssert2(outBuf != NULL, -1);
+ xmlSecAssert2(outSize != NULL, -1);
+
+ rsa = EVP_PKEY_get0_RSA(ctx->pKey);
+ xmlSecAssert2(rsa != NULL, -1);
+
+ paramsSize = xmlSecBufferGetSize(&(ctx->oaepParams));
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, return(-1), NULL);
+ if((encrypt != 0) && (paramsSize == 0)) {
+ /* encode w/o OAEPParams --> simple */
+ ret = RSA_public_encrypt(inLen, inBuf, outBuf, rsa, RSA_PKCS1_OAEP_PADDING);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("RSA_public_encrypt(RSA_PKCS1_OAEP_PADDING)", NULL);
+ return(-1);
+ }
+ } else if((encrypt != 0) && (paramsSize != 0)) {
+ xmlSecBuffer tmp;
+ int keyLen, paramLen;
+
+ xmlSecAssert2(xmlSecBufferGetData(&(ctx->oaepParams)) != NULL, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(ctx->keySize, keyLen, return(-1), NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(paramsSize, paramLen, return(-1), NULL);
+
+ /* allocate space for temp buffer */
+ ret = xmlSecBufferInitialize(&tmp, ctx->keySize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferInitialize", NULL,
+ "size=" XMLSEC_SIZE_FMT, ctx->keySize);
+ return(-1);
+ }
+
+ /* add padding */
+ ret = RSA_padding_add_PKCS1_OAEP(xmlSecBufferGetData(&tmp), keyLen,
+ inBuf, inLen , xmlSecBufferGetData(&(ctx->oaepParams)), paramLen);
+ if(ret != 1) {
+ xmlSecOpenSSLError("RSA_padding_add_PKCS1_OAEP", NULL);
+ xmlSecBufferFinalize(&tmp);
+ return(-1);
+ }
+
+ /* encode with OAEPParams */
+ ret = RSA_public_encrypt(keyLen, xmlSecBufferGetData(&tmp),
+ outBuf, rsa, RSA_NO_PADDING);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("RSA_public_encrypt(RSA_NO_PADDING)", NULL);
+ xmlSecBufferFinalize(&tmp);
+ return(-1);
+ }
+ xmlSecBufferFinalize(&tmp);
+ } else if((encrypt == 0) && (paramsSize == 0)) {
+ ret = RSA_private_decrypt(inLen, inBuf, outBuf, rsa, RSA_PKCS1_OAEP_PADDING);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("RSA_private_decrypt(RSA_PKCS1_OAEP_PADDING)", NULL);
+ return(-1);
+ }
+ } else if((encrypt == 0) && (paramsSize != 0)) {
+ BIGNUM * bn;
+ int outLen, keyLen, paramLen;
+
+ xmlSecAssert2(xmlSecBufferGetData(&(ctx->oaepParams)) != NULL, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(ctx->keySize, keyLen, return(-1), NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(paramsSize, paramLen, return(-1), NULL);
+
+ ret = RSA_private_decrypt(inLen, inBuf, outBuf, rsa, RSA_NO_PADDING);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("RSA_private_decrypt(RSA_NO_PADDING)", NULL);
+ return(-1);
+ }
+ outLen = ret;
+
+#ifndef OPENSSL_IS_BORINGSSL
+ /*
+ * the private decrypt w/o padding adds '0's at the beginning.
+ * it's not clear for me can I simply skip all '0's from the
+ * beggining so I have to do decode it back to BIGNUM and dump
+ * buffer again
+ */
+ bn = BN_new();
+ if(bn == NULL) {
+ xmlSecOpenSSLError("BN_new()", NULL);
+ return(-1);
+ }
+
+ if(BN_bin2bn(outBuf, outLen, bn) == NULL) {
+ xmlSecOpenSSLError2("BN_bin2bn", NULL,
+ "size=%d", outLen);
+ BN_clear_free(bn);
+ return(-1);
+ }
+
+ ret = BN_bn2bin(bn, outBuf);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("BN_bn2bin", NULL);
+ BN_clear_free(bn);
+ return(-1);
+ }
+ outLen = ret;
+ BN_clear_free(bn);
+#endif /* OPENSSL_IS_BORINGSSL */
+
+ ret = RSA_padding_check_PKCS1_OAEP(outBuf, outLen, outBuf, outLen, keyLen,
+ xmlSecBufferGetData(&(ctx->oaepParams)), paramLen);
+ if(ret < 0) {
+ xmlSecOpenSSLError("RSA_padding_check_PKCS1_OAEP", NULL);
+ return(-1);
+ }
+ } else {
+ xmlSecInternalError3("Impossible to be here", NULL,
+ "encrypt=%d; paramsSize=" XMLSEC_SIZE_FMT, encrypt, paramsSize);
+ return(-1);
+ }
+
+ /* success */
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, (*outSize), return(-1), NULL);
+ return(0);
+}
+
+#else /* XMLSEC_OPENSSL_API_300 */
+
+static int
+xmlSecOpenSSLRsaOaepSetKeyImpl(xmlSecOpenSSLRsaOaepCtxPtr ctx, EVP_PKEY* pKey,
+ int encrypt) {
+ int keyLen;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKeyCtx == NULL, -1);
+ xmlSecAssert2(pKey != NULL, -1);
+
+ keyLen = EVP_PKEY_get_size(pKey);
+ if(keyLen <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_get_size", NULL);
+ return (-1);
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(keyLen, ctx->keySize, return(-1), NULL);
+
+ ctx->pKeyCtx = EVP_PKEY_CTX_new_from_pkey(xmlSecOpenSSLGetLibCtx(), pKey, NULL);
+ if (ctx->pKeyCtx == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_new_from_pkey", NULL);
+ return (-1);
+ }
+
+ if (encrypt != 0) {
+ ret = EVP_PKEY_encrypt_init(ctx->pKeyCtx);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_encrypt_init", NULL);
+ return (-1);
+ }
+ } else {
+ ret = EVP_PKEY_decrypt_init(ctx->pKeyCtx);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_decrypt_init", NULL);
+ return (-1);
+ }
+ }
+
+ ret = EVP_PKEY_CTX_set_rsa_padding(ctx->pKeyCtx, RSA_PKCS1_OAEP_PADDING);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_set_rsa_padding", NULL);
+ return(-1);
+ }
+
+ /* success */
+ return(0);
+}
+
+static int
+xmlSecOpenSSSLRsaOaepSetParams(EVP_PKEY_CTX* pKeyCtx,
+ const xmlSecByte* paramsBuf, xmlSecSize paramsSize) {
+ OSSL_PARAM_BLD* param_bld = NULL;
+ OSSL_PARAM* params = NULL;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(pKeyCtx != NULL, -1);
+ xmlSecAssert2(paramsBuf != NULL, -1)
+ xmlSecAssert2(paramsSize > 0, -1);
+
+ param_bld = OSSL_PARAM_BLD_new();
+ if(param_bld == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_new", NULL);
+ goto done;
+ }
+
+ ret = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL,
+ paramsBuf, paramsSize);
+ if(ret != 1) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_push_octet_string(label)", NULL);
+ goto done;
+ }
+
+ params = OSSL_PARAM_BLD_to_param(param_bld);
+ if(params == NULL) {
+ xmlSecOpenSSLError("OSSL_PARAM_BLD_to_param", NULL);
+ goto done;
+ }
+
+ ret = EVP_PKEY_CTX_set_params(pKeyCtx, params);
+ if(ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_set_params", NULL);
+ goto done;
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ if(params != NULL) {
+ OSSL_PARAM_free(params);
+ }
+ if(param_bld != NULL) {
+ OSSL_PARAM_BLD_free(param_bld);
+ }
+ return(res);
+}
+
+static int
+xmlSecOpenSSLRsaOaepProcessImpl(xmlSecOpenSSLRsaOaepCtxPtr ctx, const xmlSecByte* inBuf, xmlSecSize inSize,
+ xmlSecByte* outBuf, xmlSecSize* outSize, int encrypt) {
+ xmlSecSize paramsSize;
+ size_t outSizeT;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKeyCtx != NULL, -1);
+ xmlSecAssert2(inBuf != NULL, -1);
+ xmlSecAssert2(inSize > 0, -1);
+ xmlSecAssert2(outBuf != NULL, -1);
+ xmlSecAssert2(outSize != NULL, -1);
+
+ paramsSize = xmlSecBufferGetSize(&(ctx->oaepParams));
+ if((paramsSize > 0) && (ctx->paramsInitialized == 0)){
+ ret = xmlSecOpenSSSLRsaOaepSetParams(ctx->pKeyCtx,
+ xmlSecBufferGetData(&(ctx->oaepParams)), paramsSize);
+ if(ret != 0) {
+ xmlSecInternalError("xmlSecOpenSSSLRsaOaepSetParams", NULL);
+ return(-1);
+ }
+ ctx->paramsInitialized = 1;
+ }
+
+ outSizeT = (*outSize);
+ if(encrypt != 0) {
+ ret = EVP_PKEY_encrypt(ctx->pKeyCtx, outBuf, &outSizeT, inBuf, inSize);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_encrypt", NULL);
+ return(-1);
+ }
+ } else {
+ ret = EVP_PKEY_decrypt(ctx->pKeyCtx, outBuf, &outSizeT, inBuf, inSize);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_decrypt", NULL);
+ return(-1);
+ }
+ }
+ /* success */
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(outSizeT, (*outSize), return(-1), NULL);
+ return(0);
+
+}
+#endif /* XMLSEC_OPENSSL_API_300 */
+
static int
xmlSecOpenSSLRsaOaepInitialize(xmlSecTransformPtr transform) {
xmlSecOpenSSLRsaOaepCtxPtr ctx;
ctx = xmlSecOpenSSLRsaOaepGetCtx(transform);
xmlSecAssert(ctx != NULL);
+#ifndef XMLSEC_OPENSSL_API_300
if(ctx->pKey != NULL) {
EVP_PKEY_free(ctx->pKey);
}
+#else /* XMLSEC_OPENSSL_API_300 */
+ if(ctx->pKeyCtx != NULL) {
+ EVP_PKEY_CTX_free(ctx->pKeyCtx);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
+
xmlSecBufferFinalize(&(ctx->oaepParams));
memset(ctx, 0, sizeof(xmlSecOpenSSLRsaOaepCtx));
}
static int
-xmlSecOpenSSLRsaOaepNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+xmlSecOpenSSLRsaOaepNodeRead(xmlSecTransformPtr transform, xmlNodePtr node,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecOpenSSLRsaOaepCtxPtr ctx;
- xmlNodePtr cur;
+ xmlChar* algorithm = NULL;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1);
xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecOpenSSLRsaOaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(xmlSecBufferGetSize(&(ctx->oaepParams)) == 0, -1);
- cur = xmlSecGetNextElementNode(node->children);
- while(cur != NULL) {
- if(xmlSecCheckNodeName(cur, xmlSecNodeRsaOAEPparams, xmlSecEncNs)) {
- ret = xmlSecBufferBase64NodeContentRead(&(ctx->oaepParams), cur);
- if(ret < 0) {
- xmlSecInternalError("xmlSecBufferBase64NodeContentRead",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeDigestMethod, xmlSecDSigNs)) {
- xmlChar* algorithm;
-
- /* Algorithm attribute is required */
- algorithm = xmlGetProp(cur, xmlSecAttrAlgorithm);
- if(algorithm == NULL) {
- xmlSecInvalidNodeAttributeError(cur, xmlSecAttrAlgorithm,
- xmlSecTransformGetName(transform),
- "empty");
- return(-1);
- }
-
- /* for now we support only sha1 */
- if(xmlStrcmp(algorithm, xmlSecHrefSha1) != 0) {
- xmlSecInvalidTransfromError2(transform,
- "digest algorithm=\"%s\" is not supported for rsa/oaep",
- xmlSecErrorsSafeString(algorithm));
- xmlFree(algorithm);
- return(-1);
- }
- xmlFree(algorithm);
- } else {
- /* not found */
- xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform));
- return(-1);
- }
+ ret = xmlSecTransformRsaOaepReadParams(node, &(ctx->oaepParams), &algorithm);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecTransformRsaOaepReadParams",
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
- /* next node */
- cur = xmlSecGetNextElementNode(cur->next);
+ /* for now we support only sha1 */
+ if ((algorithm != NULL) && (xmlStrcmp(algorithm, xmlSecHrefSha1) != 0)) {
+ xmlSecInvalidTransfromError2(transform,
+ "digest algorithm=\"%s\" is not supported for rsa/oaep",
+ xmlSecErrorsSafeString(algorithm));
+ xmlFree(algorithm);
+ return(-1);
}
+ xmlFree(algorithm);
+ /* done */
return(0);
}
xmlSecOpenSSLRsaOaepSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecOpenSSLRsaOaepCtxPtr ctx;
EVP_PKEY* pKey;
- RSA *rsa;
+ int encrypt;
+ int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
ctx = xmlSecOpenSSLRsaOaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->pKey == NULL, -1);
+ xmlSecAssert2(ctx->keySize == 0, -1);
pKey = xmlSecOpenSSLKeyDataRsaGetEvp(xmlSecKeyGetValue(key));
if(pKey == NULL) {
xmlSecInternalError("xmlSecOpenSSLKeyDataRsaGetEvp",
- xmlSecTransformGetName(transform));
+ xmlSecTransformGetName(transform));
return(-1);
}
xmlSecAssert2(EVP_PKEY_base_id(pKey) == EVP_PKEY_RSA, -1);
- rsa = EVP_PKEY_get0_RSA(pKey);
- xmlSecAssert2(rsa != NULL, -1);
- ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey);
- if(ctx->pKey == NULL) {
- xmlSecInternalError("xmlSecOpenSSLEvpKeyDup",
- xmlSecTransformGetName(transform));
+ if (transform->operation == xmlSecTransformOperationEncrypt) {
+ encrypt = 1;
+ } else if (transform->operation == xmlSecTransformOperationDecrypt) {
+ encrypt = 0;
+ } else {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_OPERATION,
+ xmlSecTransformGetName(transform),
+ "Unexpected transform operation: " XMLSEC_ENUM_FMT,
+ XMLSEC_ENUM_CAST(transform->operation));
return(-1);
}
+ ret = xmlSecOpenSSLRsaOaepSetKeyImpl(ctx, pKey, encrypt);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataRsaGetEvp",
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
+
+ /* success */
return(0);
}
static int
-xmlSecOpenSSLRsaOaepExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecOpenSSLRsaOaepExecute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecOpenSSLRsaOaepCtxPtr ctx;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecOpenSSLRsaOaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->pKey != NULL, -1);
+ xmlSecAssert2(ctx->keySize > 0, -1);
if(transform->status == xmlSecTransformStatusNone) {
transform->status = xmlSecTransformStatusWorking;
if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
/* just do nothing */
} else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- ret = xmlSecOpenSSLRsaOaepProcess(transform, transformCtx);
+ ret = xmlSecOpenSSLRsaOaepProcess(transform);
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLRsaOaepProcess",
xmlSecTransformGetName(transform));
}
static int
-xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr transformCtx) {
+xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform) {
xmlSecOpenSSLRsaOaepCtxPtr ctx;
- xmlSecSize paramsSize;
xmlSecBufferPtr in, out;
xmlSecSize inSize, outSize;
- xmlSecSize keySize;
- RSA *rsa;
+ int encrypt;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
ctx = xmlSecOpenSSLRsaOaepGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->pKey != NULL, -1);
- xmlSecAssert2(EVP_PKEY_base_id(ctx->pKey) == EVP_PKEY_RSA, -1);
- rsa = EVP_PKEY_get0_RSA(ctx->pKey);
- xmlSecAssert2(rsa != NULL, -1);
-
- keySize = RSA_size(rsa);
- xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(ctx->keySize > 0, -1);
in = &(transform->inBuf);
out = &(transform->outBuf);
/* the encoded size is equal to the keys size so we could not
* process more than that */
- if((transform->operation == xmlSecTransformOperationEncrypt) && (inSize >= keySize)) {
- xmlSecInvalidSizeLessThanError("Input data", inSize, keySize,
- xmlSecTransformGetName(transform));
+ if (transform->operation == xmlSecTransformOperationEncrypt) {
+ encrypt = 1;
+ } else if (transform->operation == xmlSecTransformOperationDecrypt) {
+ encrypt = 0;
+ } else {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_OPERATION,
+ xmlSecTransformGetName(transform),
+ "Unexpected transform operation: " XMLSEC_ENUM_FMT,
+ XMLSEC_ENUM_CAST(transform->operation));
return(-1);
- } else if((transform->operation == xmlSecTransformOperationDecrypt) && (inSize != keySize)) {
- xmlSecInvalidSizeError("Input data", inSize, keySize,
- xmlSecTransformGetName(transform));
+ }
+
+ if((encrypt != 0) && (inSize >= ctx->keySize)) {
+ xmlSecInvalidSizeLessThanError("Input data", inSize, ctx->keySize,
+ xmlSecTransformGetName(transform));
+ return(-1);
+ } else if((encrypt == 0) && (inSize != ctx->keySize)) {
+ xmlSecInvalidSizeError("Input data", inSize, ctx->keySize,
+ xmlSecTransformGetName(transform));
return(-1);
}
- outSize = keySize;
+ outSize = ctx->keySize;
ret = xmlSecBufferSetMaxSize(out, outSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
- paramsSize = xmlSecBufferGetSize(&(ctx->oaepParams));
- if((transform->operation == xmlSecTransformOperationEncrypt) && (paramsSize == 0)) {
- /* encode w/o OAEPParams --> simple */
- ret = RSA_public_encrypt(inSize, xmlSecBufferGetData(in),
- xmlSecBufferGetData(out),
- rsa, RSA_PKCS1_OAEP_PADDING);
- if(ret <= 0) {
- xmlSecOpenSSLError("RSA_public_encrypt(RSA_PKCS1_OAEP_PADDING)",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
- } else if((transform->operation == xmlSecTransformOperationEncrypt) && (paramsSize > 0)) {
- xmlSecBuffer tmp;
-
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->oaepParams)) != NULL, -1);
-
- /* allocate space for temp buffer */
- ret = xmlSecBufferInitialize(&tmp, keySize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform),
- "size=%d", keySize);
- return(-1);
- }
-
- /* add padding */
- ret = RSA_padding_add_PKCS1_OAEP(xmlSecBufferGetData(&tmp), keySize,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(&(ctx->oaepParams)), paramsSize);
- if(ret != 1) {
- xmlSecOpenSSLError("RSA_padding_add_PKCS1_OAEP",
- xmlSecTransformGetName(transform));
- xmlSecBufferFinalize(&tmp);
- return(-1);
- }
-
- /* encode with OAEPParams */
- ret = RSA_public_encrypt(keySize, xmlSecBufferGetData(&tmp),
- xmlSecBufferGetData(out),
- rsa, RSA_NO_PADDING);
- if(ret <= 0) {
- xmlSecOpenSSLError("RSA_public_encrypt(RSA_NO_PADDING)",
- xmlSecTransformGetName(transform));
- xmlSecBufferFinalize(&tmp);
- return(-1);
- }
- outSize = ret;
- xmlSecBufferFinalize(&tmp);
- } else if((transform->operation == xmlSecTransformOperationDecrypt) && (paramsSize == 0)) {
- ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
- xmlSecBufferGetData(out),
- rsa, RSA_PKCS1_OAEP_PADDING);
- if(ret <= 0) {
- xmlSecOpenSSLError("RSA_private_decrypt(RSA_PKCS1_OAEP_PADDING)",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
- } else if((transform->operation == xmlSecTransformOperationDecrypt) && (paramsSize != 0)) {
- BIGNUM * bn;
-
- ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
- xmlSecBufferGetData(out),
- rsa, RSA_NO_PADDING);
- if(ret <= 0) {
- xmlSecOpenSSLError("RSA_private_decrypt(RSA_NO_PADDING)",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
-
-#ifndef OPENSSL_IS_BORINGSSL
- /*
- * the private decrypt w/o padding adds '0's at the beginning.
- * it's not clear for me can I simply skip all '0's from the
- * beggining so I have to do decode it back to BIGNUM and dump
- * buffer again
- */
- bn = BN_new();
- if(bn == NULL) {
- xmlSecOpenSSLError("BN_new()",
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(BN_bin2bn(xmlSecBufferGetData(out), outSize, bn) == NULL) {
- xmlSecOpenSSLError2("BN_bin2bn",
- xmlSecTransformGetName(transform),
- "size=%lu", (unsigned long)outSize);
- BN_free(bn);
- return(-1);
- }
-
- ret = BN_bn2bin(bn, xmlSecBufferGetData(out));
- if(ret <= 0) {
- xmlSecOpenSSLError("BN_bn2bin",
- xmlSecTransformGetName(transform));
- BN_free(bn);
- return(-1);
- }
- BN_free(bn);
- outSize = ret;
-#endif /* OPENSSL_IS_BORINGSSL */
-
- ret = RSA_padding_check_PKCS1_OAEP(xmlSecBufferGetData(out), outSize,
- xmlSecBufferGetData(out), outSize,
- keySize,
- xmlSecBufferGetData(&(ctx->oaepParams)),
- paramsSize);
- if(ret < 0) {
- xmlSecOpenSSLError("RSA_padding_check_PKCS1_OAEP",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
- } else {
- xmlSecOtherError3(XMLSEC_ERRORS_R_INVALID_OPERATION,
- xmlSecTransformGetName(transform),
- "Unexpected transform operation: %ld; paramsSize: %ld",
- (long int)transform->operation, (long int)paramsSize);
+ ret = xmlSecOpenSSLRsaOaepProcessImpl(ctx, xmlSecBufferGetData(in), inSize,
+ xmlSecBufferGetData(out), &outSize, encrypt);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLRsaOaepProcessImpl",
+ xmlSecTransformGetName(transform));
return(-1);
}
ret = xmlSecBufferSetSize(out, outSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_aes
#include <openssl/rand.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
#include <xmlsec/openssl/crypto.h>
#include "../kw_aes_des.h"
-
+#include "../cast_helpers.h"
+#include "openssl_compat.h"
/*********************************************************************
*
* AES KW implementation
*
*********************************************************************/
-static int xmlSecOpenSSLKWAesBlockEncrypt (const xmlSecByte * in,
+static int xmlSecOpenSSLKWAesBlockEncrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
+ xmlSecByte * out,
xmlSecSize outSize,
- void * context);
-static int xmlSecOpenSSLKWAesBlockDecrypt (const xmlSecByte * in,
+ xmlSecSize * outWritten);
+static int xmlSecOpenSSLKWAesBlockDecrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
+ xmlSecByte * out,
xmlSecSize outSize,
- void * context);
+ xmlSecSize * outWritten);
static xmlSecKWAesKlass xmlSecOpenSSLKWAesKlass = {
/* callbacks */
xmlSecOpenSSLKWAesBlockEncrypt, /* xmlSecKWAesBlockEncryptMethod encrypt; */
NULL /* void* reserved1; */
};
-
/*********************************************************************
*
- * AES KW transforms
+ * AES KW transforms context
*
********************************************************************/
-typedef struct _xmlSecOpenSSLKWAesCtx xmlSecOpenSSLKWAesCtx,
- *xmlSecOpenSSLKWAesCtxPtr;
+typedef struct _xmlSecOpenSSLKWAesCtx xmlSecOpenSSLKWAesCtx,
+ *xmlSecOpenSSLKWAesCtxPtr;
struct _xmlSecOpenSSLKWAesCtx {
- xmlSecBuffer keyBuffer;
- xmlSecSize keyExpectedSize;
+ xmlSecTransformKWAesCtx parentCtx;
+
+#ifdef XMLSEC_OPENSSL_API_300
+ const char* cipherName;
+ EVP_CIPHER* cipher;
+#endif /* XMLSEC_OPENSSL_API_300 */
};
-#define xmlSecOpenSSLKWAesSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLKWAesCtx))
-#define xmlSecOpenSSLKWAesGetCtx(transform) \
- ((xmlSecOpenSSLKWAesCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+/*********************************************************************
+ *
+ * AES KW transforms
+ *
+ ********************************************************************/
+XMLSEC_TRANSFORM_DECLARE(OpenSSLKWAes, xmlSecOpenSSLKWAesCtx)
+#define xmlSecOpenSSLKWAesSize XMLSEC_TRANSFORM_SIZE(OpenSSLKWAes)
+
#define xmlSecOpenSSLKWAesCheckId(transform) \
(xmlSecTransformCheckId((transform), xmlSecOpenSSLTransformKWAes128Id) || \
xmlSecTransformCheckId((transform), xmlSecOpenSSLTransformKWAes192Id) || \
int last,
xmlSecTransformCtxPtr transformCtx);
+
+/* small helper macro to reduce clutter in the code */
+#ifndef XMLSEC_OPENSSL_API_300
+#define XMLSEC_OPENSSL_KW_AES_SET_CIPHER(ctx, cipherNameVal)
+
+#else /* XMLSEC_OPENSSL_API_300 */
+#define XMLSEC_OPENSSL_KW_AES_SET_CIPHER(ctx, cipherNameVal) \
+ (ctx)->cipherName = (cipherNameVal)
+#endif /* XMLSEC_OPENSSL_API_300 */
+
static int
xmlSecOpenSSLKWAesInitialize(xmlSecTransformPtr transform) {
xmlSecOpenSSLKWAesCtxPtr ctx;
+ xmlSecSize keyExpectedSize;
int ret;
xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1);
ctx = xmlSecOpenSSLKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
+ memset(ctx, 0, sizeof(xmlSecOpenSSLKWAesCtx));
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWAes128Id)) {
- ctx->keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE;
+ XMLSEC_OPENSSL_KW_AES_SET_CIPHER(ctx, XMLSEEC_OPENSSL_CIPHER_NAME_AES128_CBC);
+ keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE;
} else if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWAes192Id)) {
- ctx->keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE;
+ XMLSEC_OPENSSL_KW_AES_SET_CIPHER(ctx, XMLSEEC_OPENSSL_CIPHER_NAME_AES192_CBC);
+ keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE;
} else if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWAes256Id)) {
- ctx->keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE;
+ XMLSEC_OPENSSL_KW_AES_SET_CIPHER(ctx, XMLSEEC_OPENSSL_CIPHER_NAME_AES256_CBC);
+ keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE;
} else {
xmlSecInvalidTransfromError(transform)
return(-1);
}
- ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+ ret = xmlSecTransformKWAesInitialize(transform, &(ctx->parentCtx),
+ &xmlSecOpenSSLKWAesKlass, xmlSecOpenSSLKeyDataAesId,
+ keyExpectedSize);
if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLKWAesGetKey",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecTransformKWAesInitialize", xmlSecTransformGetName(transform));
+ xmlSecOpenSSLKWAesFinalize(transform);
return(-1);
}
+#ifdef XMLSEC_OPENSSL_API_300
+ /* fetch cipher */
+ xmlSecAssert2(ctx->cipherName != NULL, -1);
+ ctx->cipher = EVP_CIPHER_fetch(xmlSecOpenSSLGetLibCtx(), ctx->cipherName, NULL);
+ if(ctx->cipher == NULL) {
+ xmlSecOpenSSLError2("EVP_CIPHER_fetch", xmlSecTransformGetName(transform),
+ "cipherName=%s", xmlSecErrorsSafeString(ctx->cipherName));
+ xmlSecOpenSSLKWAesFinalize(transform);
+ return(-1);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
+
return(0);
}
ctx = xmlSecOpenSSLKWAesGetCtx(transform);
xmlSecAssert(ctx != NULL);
- xmlSecBufferFinalize(&(ctx->keyBuffer));
+#ifdef XMLSEC_OPENSSL_API_300
+ if(ctx->cipher != NULL) {
+ EVP_CIPHER_free(ctx->cipher);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+ xmlSecTransformKWAesFinalize(transform, &(ctx->parentCtx));
+ memset(ctx, 0, sizeof(xmlSecOpenSSLKWAesCtx));
}
static int
xmlSecOpenSSLKWAesSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecOpenSSLKWAesCtxPtr ctx;
+ int ret;
xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize), -1);
- xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecOpenSSLKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keyReq->keyId = xmlSecOpenSSLKeyDataAesId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage = xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+ ret = xmlSecTransformKWAesSetKeyReq(transform, &(ctx->parentCtx),keyReq);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesSetKeyReq", xmlSecTransformGetName(transform));
+ return(-1);
}
- keyReq->keyBitsSize = 8 * ctx->keyExpectedSize;
-
return(0);
}
static int
xmlSecOpenSSLKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecOpenSSLKWAesCtxPtr ctx;
- xmlSecBufferPtr buffer;
- xmlSecSize keySize;
int ret;
xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecOpenSSLKeyDataAesId), -1);
ctx = xmlSecOpenSSLKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
- xmlSecAssert2(buffer != NULL, -1);
-
- keySize = xmlSecBufferGetSize(buffer);
- if(keySize < ctx->keyExpectedSize) {
- xmlSecInvalidKeyDataSizeError(keySize, ctx->keyExpectedSize,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- ret = xmlSecBufferSetData(&(ctx->keyBuffer),
- xmlSecBufferGetData(buffer),
- ctx->keyExpectedSize);
+ ret = xmlSecTransformKWAesSetKey(transform, &(ctx->parentCtx), key);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "size=%d", ctx->keyExpectedSize);
+ xmlSecInternalError("xmlSecTransformKWAesSetKey", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
static int
-xmlSecOpenSSLKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecOpenSSLKWAesExecute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecOpenSSLKWAesCtxPtr ctx;
- xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize, keySize;
- AES_KEY aesKey;
int ret;
xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecOpenSSLKWAesGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
- xmlSecAssert2(keySize == ctx->keyExpectedSize, -1);
-
- in = &(transform->inBuf);
- out = &(transform->outBuf);
- inSize = xmlSecBufferGetSize(in);
- outSize = xmlSecBufferGetSize(out);
- xmlSecAssert2(outSize == 0, -1);
-
- if(transform->status == xmlSecTransformStatusNone) {
- transform->status = xmlSecTransformStatusWorking;
- }
-
- if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
- /* just do nothing */
- } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- if((inSize % 8) != 0) {
- xmlSecInvalidSizeNotMultipleOfError("Input data",
- inSize, 8, xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
- outSize = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE +
- XMLSEC_KW_AES_BLOCK_SIZE;
- } else {
- outSize = inSize + XMLSEC_KW_AES_BLOCK_SIZE;
- }
-
- ret = xmlSecBufferSetMaxSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* prepare key */
- ret = AES_set_encrypt_key(xmlSecBufferGetData(&(ctx->keyBuffer)),
- 8 * keySize,
- &aesKey);
- if(ret != 0) {
- xmlSecOpenSSLError("AES_set_decrypt_key",
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- ret = xmlSecKWAesEncode(&xmlSecOpenSSLKWAesKlass, &aesKey,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKWAesEncode",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
- } else {
- /* prepare key */
- ret = AES_set_decrypt_key(xmlSecBufferGetData(&(ctx->keyBuffer)),
- 8 * keySize,
- &aesKey);
- if(ret != 0) {
- xmlSecOpenSSLError("AES_set_decrypt_key",
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- ret = xmlSecKWAesDecode(&xmlSecOpenSSLKWAesKlass, &aesKey,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKWAesEncode",
- xmlSecTransformGetName(transform));
- return(-1);
- }
- outSize = ret;
- }
-
- ret = xmlSecBufferSetSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
- return(-1);
- }
-
- transform->status = xmlSecTransformStatusFinished;
- } else if(transform->status == xmlSecTransformStatusFinished) {
- /* the only way we can get here is if there is no input */
- xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
- } else {
- xmlSecInvalidTransfromStatusError(transform);
+ ret = xmlSecTransformKWAesExecute(transform, &(ctx->parentCtx), last);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWAesExecute", xmlSecTransformGetName(transform));
return(-1);
}
return(0);
* AES KW implementation
*
*********************************************************************/
+#ifndef XMLSEC_OPENSSL_API_300
+static int
+xmlSecOpenSSLKWAesEncryptDecrypt(xmlSecOpenSSLKWAesCtxPtr ctx, const xmlSecByte * in, xmlSecSize inSize,
+ xmlSecByte * out, xmlSecSize outSize, xmlSecSize * outWritten,
+ int encrypt) {
+ xmlSecByte* keyData;
+ xmlSecSize keySize;
+ AES_KEY aesKey;
+ int keyLen;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(in != NULL, -1);
+ xmlSecAssert2(inSize >= AES_BLOCK_SIZE, -1);
+ xmlSecAssert2(out != NULL, -1);
+ xmlSecAssert2(outSize >= AES_BLOCK_SIZE, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ keyData = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keySize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keyData != NULL, -1);
+ xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(keySize == ctx->parentCtx.keyExpectedSize, -1);
+
+ /* prepare key and encrypt/decrypt */
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(keySize, keyLen, return(-1), NULL);
+ if(encrypt != 0) {
+ ret = AES_set_encrypt_key(keyData, 8 * keyLen, &aesKey);
+ if(ret != 0) {
+ xmlSecOpenSSLError("AES_set_encrypt_key", NULL);
+ return(-1);
+ }
+ AES_encrypt(in, out, &aesKey);
+ } else {
+ ret = AES_set_decrypt_key(keyData, 8 * keyLen, &aesKey);
+ if(ret != 0) {
+ xmlSecOpenSSLError("AES_set_decrypt_key", NULL);
+ return(-1);
+ }
+ AES_decrypt(in, out, &aesKey);
+ }
+
+ /* success */
+ (*outWritten) = AES_BLOCK_SIZE;
+ return(0);
+}
+
+#else /* XMLSEC_OPENSSL_API_300 */
+
+static int
+xmlSecOpenSSLKWAesEncryptDecrypt(xmlSecOpenSSLKWAesCtxPtr ctx, const xmlSecByte * in, xmlSecSize inSize,
+ xmlSecByte * out, xmlSecSize outSize, xmlSecSize * outWritten,
+ int encrypt) {
+ xmlSecByte* keyData;
+ xmlSecSize keySize;
+ EVP_CIPHER_CTX* cctx = NULL;
+ int nOut, inLen, outLen, totalLen;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->cipher != NULL, -1);
+ xmlSecAssert2(in != NULL, -1);
+ xmlSecAssert2(inSize >= AES_BLOCK_SIZE, -1);
+ xmlSecAssert2(out != NULL, -1);
+ xmlSecAssert2(outSize >= AES_BLOCK_SIZE, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ keyData = xmlSecBufferGetData(&(ctx->parentCtx.keyBuffer));
+ keySize = xmlSecBufferGetSize(&(ctx->parentCtx.keyBuffer));
+ xmlSecAssert2(keyData != NULL, -1);
+ xmlSecAssert2(keySize > 0, -1);
+ xmlSecAssert2(keySize == ctx->parentCtx.keyExpectedSize, -1);
+
+ cctx = EVP_CIPHER_CTX_new();
+ if (cctx == NULL) {
+ xmlSecOpenSSLError("EVP_CIPHER_CTX_new", NULL);
+ goto done;
+ }
+
+ ret = EVP_CipherInit_ex2(cctx, ctx->cipher, keyData,
+ NULL, ((encrypt != 0) ? 1 : 0), NULL);
+ if (ret != 1) {
+ xmlSecOpenSSLError("EVP_CIPHER_init_ex2(encrypt)", NULL);
+ goto done;
+ }
+
+ ret = EVP_CIPHER_CTX_set_padding(cctx, 0);
+ if (ret != 1) {
+ xmlSecOpenSSLError("EVP_CIPHER_CTX_set_padding)", NULL);
+ goto done;
+ }
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, goto done, NULL);
+ ret = EVP_CipherUpdate(cctx, out, &nOut, in, inLen);
+ if (ret != 1) {
+ xmlSecOpenSSLError("EVP_CipherUpdate(encrypt)", NULL);
+ goto done;
+ }
+
+ outLen = nOut;
+ ret = EVP_CipherFinal_ex(cctx, out + outLen, &nOut);
+ if (ret != 1) {
+ xmlSecOpenSSLError("EVP_CipherFinal_ex(encrypt)", NULL);
+ goto done;
+ }
+
+ /* success */
+ totalLen = outLen + nOut;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(totalLen, (*outWritten), goto done, NULL);
+ res = 0;
+
+done:
+ if(cctx != NULL) {
+ EVP_CIPHER_CTX_free(cctx);
+ }
+ return(res);
+}
+#endif /* XMLSEC_OPENSSL_API_300 */
+
static int
-xmlSecOpenSSLKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
+xmlSecOpenSSLKWAesBlockEncrypt(xmlSecTransformPtr transform, const xmlSecByte * in, xmlSecSize inSize,
xmlSecByte * out, xmlSecSize outSize,
- void * context) {
+ xmlSecSize * outWritten) {
+ xmlSecOpenSSLKWAesCtxPtr ctx;
+
+ int ret;
+
+ xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize), -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize >= AES_BLOCK_SIZE, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= AES_BLOCK_SIZE, -1);
- xmlSecAssert2(context != NULL, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ctx = xmlSecOpenSSLKWAesGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
- AES_encrypt(in, out, (AES_KEY*)context);
- return(AES_BLOCK_SIZE);
+ ret = xmlSecOpenSSLKWAesEncryptDecrypt(ctx, in, inSize, out, outSize, outWritten, 1); /* encrypt */
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKWAesEncryptDecrypt",
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
+
+ /* success */
+ return(0);
}
static int
-xmlSecOpenSSLKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
+xmlSecOpenSSLKWAesBlockDecrypt(xmlSecTransformPtr transform, const xmlSecByte * in, xmlSecSize inSize,
xmlSecByte * out, xmlSecSize outSize,
- void * context) {
+ xmlSecSize * outWritten) {
+ xmlSecOpenSSLKWAesCtxPtr ctx;
+ int ret;
+
+ xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize), -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize >= AES_BLOCK_SIZE, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= AES_BLOCK_SIZE, -1);
- xmlSecAssert2(context != NULL, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
- AES_decrypt(in, out, (AES_KEY*)context);
- return(AES_BLOCK_SIZE);
+ ctx = xmlSecOpenSSLKWAesGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ ret = xmlSecOpenSSLKWAesEncryptDecrypt(ctx, in, inSize, out, outSize, outWritten, 0); /* decrypt */
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKWAesEncryptDecrypt",
+ xmlSecTransformGetName(transform));
+ return(-1);
+ }
+
+ /* success */
+ return(0);
}
#endif /* XMLSEC_NO_AES */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:kw_des
#include <openssl/sha.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
#include <xmlsec/openssl/crypto.h>
#include "../kw_aes_des.h"
+#include "../cast_helpers.h"
#include "openssl_compat.h"
+#ifdef XMLSEC_OPENSSL_API_300
+#include <openssl/core_names.h>
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+
/*********************************************************************
*
* DES KW implementation
*
*********************************************************************/
-static int xmlSecOpenSSLKWDes3GenerateRandom (void * context,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecOpenSSLKWDes3Sha1 (void * context,
- const xmlSecByte * in,
- xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecOpenSSLKWDes3BlockEncrypt (void * context,
- const xmlSecByte * iv,
+static int xmlSecOpenSSLKWDes3GenerateRandom (xmlSecTransformPtr transform,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecOpenSSLKWDes3Sha1 (xmlSecTransformPtr transform,
+ const xmlSecByte * in,
+ xmlSecSize inSize,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecOpenSSLKWDes3BlockEncrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * iv,
xmlSecSize ivSize,
- const xmlSecByte * in,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
-static int xmlSecOpenSSLKWDes3BlockDecrypt (void * context,
- const xmlSecByte * iv,
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
+static int xmlSecOpenSSLKWDes3BlockDecrypt (xmlSecTransformPtr transform,
+ const xmlSecByte * iv,
xmlSecSize ivSize,
- const xmlSecByte * in,
+ const xmlSecByte * in,
xmlSecSize inSize,
- xmlSecByte * out,
- xmlSecSize outSize);
+ xmlSecByte * out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten);
static xmlSecKWDes3Klass xmlSecOpenSSLKWDes3ImplKlass = {
/* callbacks */
/* for the future */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
-};
+};
-static int xmlSecOpenSSLKWDes3Encrypt (const xmlSecByte *key,
+static int xmlSecOpenSSLKWDes3Encrypt (const xmlSecByte *key,
xmlSecSize keySize,
- const xmlSecByte *iv,
+ const xmlSecByte *iv,
xmlSecSize ivSize,
- const xmlSecByte *in,
+ const xmlSecByte *in,
xmlSecSize inSize,
- xmlSecByte *out,
- xmlSecSize outSize,
+ xmlSecByte *out,
+ xmlSecSize outSize,
+ xmlSecSize * outWritten,
int enc);
/*********************************************************************
*
- * Triple DES Key Wrap transform
+ * Triple DES Key Wrap transform context
+ *
+ ********************************************************************/
+typedef xmlSecTransformKWDes3Ctx xmlSecOpenSSLKWDes3Ctx,
+ *xmlSecOpenSSLKWDes3CtxPtr;
+
+/*********************************************************************
*
- * key (xmlSecBuffer) is located after xmlSecTransform structure
+ * Triple DES Key Wrap transform
*
********************************************************************/
-typedef struct _xmlSecOpenSSLKWDes3Ctx xmlSecOpenSSLKWDes3Ctx,
- *xmlSecOpenSSLKWDes3CtxPtr;
-struct _xmlSecOpenSSLKWDes3Ctx {
- xmlSecBuffer keyBuffer;
-};
-#define xmlSecOpenSSLKWDes3Size \
- (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLKWDes3Ctx))
-#define xmlSecOpenSSLKWDes3GetCtx(transform) \
- ((xmlSecOpenSSLKWDes3CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(OpenSSLKWDes3, xmlSecOpenSSLKWDes3Ctx)
+#define xmlSecOpenSSLKWDes3Size XMLSEC_TRANSFORM_SIZE(OpenSSLKWDes3)
static int xmlSecOpenSSLKWDes3Initialize (xmlSecTransformPtr transform);
static void xmlSecOpenSSLKWDes3Finalize (xmlSecTransformPtr transform);
ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
+ memset(ctx, 0, sizeof(xmlSecOpenSSLKWDes3Ctx));
- ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+ ret = xmlSecTransformKWDes3Initialize(transform, ctx, &xmlSecOpenSSLKWDes3ImplKlass,
+ xmlSecOpenSSLKeyDataDesId);
if(ret < 0) {
- xmlSecInternalError("xmlSecBufferInitialize",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecTransformKWDes3Initialize", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
xmlSecAssert(ctx != NULL);
- xmlSecBufferFinalize(&(ctx->keyBuffer));
+ xmlSecTransformKWDes3Finalize(transform, ctx);
+ memset(ctx, 0, sizeof(xmlSecOpenSSLKWDes3Ctx));
}
static int
xmlSecOpenSSLKWDes3SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
xmlSecOpenSSLKWDes3CtxPtr ctx;
+ int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size), -1);
- xmlSecAssert2(keyReq != NULL, -1);
ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keyReq->keyId = xmlSecOpenSSLKeyDataDesId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage= xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage= xmlSecKeyUsageDecrypt;
+ ret = xmlSecTransformKWDes3SetKeyReq(transform, ctx, keyReq);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3SetKeyReq", xmlSecTransformGetName(transform));
+ return(-1);
}
- keyReq->keyBitsSize = 8 * XMLSEC_KW_DES3_KEY_LENGTH;
return(0);
}
static int
xmlSecOpenSSLKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecOpenSSLKWDes3CtxPtr ctx;
- xmlSecBufferPtr buffer;
- xmlSecSize keySize;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecOpenSSLKeyDataDesId), -1);
ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
- xmlSecAssert2(buffer != NULL, -1);
-
- keySize = xmlSecBufferGetSize(buffer);
- if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) {
- xmlSecInvalidKeyDataSizeError(keySize, XMLSEC_KW_DES3_KEY_LENGTH,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH);
+ ret = xmlSecTransformKWDes3SetKey(transform, ctx, key);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetData",
- xmlSecTransformGetName(transform),
- "size=%d", XMLSEC_KW_DES3_KEY_LENGTH);
+ xmlSecInternalError("xmlSecTransformKWDes3SetKey", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
static int
-xmlSecOpenSSLKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+xmlSecOpenSSLKWDes3Execute(xmlSecTransformPtr transform, int last,
+ xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED) {
xmlSecOpenSSLKWDes3CtxPtr ctx;
- xmlSecBufferPtr in, out;
- xmlSecSize inSize, outSize, keySize;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWDes3Id), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size), -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ UNREFERENCED_PARAMETER(transformCtx);
ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
- xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
-
- in = &(transform->inBuf);
- out = &(transform->outBuf);
- inSize = xmlSecBufferGetSize(in);
- outSize = xmlSecBufferGetSize(out);
- xmlSecAssert2(outSize == 0, -1);
-
- if(transform->status == xmlSecTransformStatusNone) {
- transform->status = xmlSecTransformStatusWorking;
- }
-
- if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
- /* just do nothing */
- } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
- if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
- xmlSecInvalidSizeNotMultipleOfError("Input data",
- inSize, XMLSEC_KW_DES3_BLOCK_LENGTH,
- xmlSecTransformGetName(transform));
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- /* the encoded key might be 16 bytes longer plus one block just in case */
- outSize = inSize + XMLSEC_KW_DES3_IV_LENGTH +
- XMLSEC_KW_DES3_BLOCK_LENGTH +
- XMLSEC_KW_DES3_BLOCK_LENGTH;
- } else {
- /* just in case, add a block */
- outSize = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH;
- }
-
- ret = xmlSecBufferSetMaxSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- ret = xmlSecKWDes3Encode(&xmlSecOpenSSLKWDes3ImplKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError4("xmlSecKWDes3Encode", xmlSecTransformGetName(transform),
- "key=%d,in=%d,out=%d", keySize, inSize, outSize);
- return(-1);
- }
- outSize = ret;
- } else {
- ret = xmlSecKWDes3Decode(&xmlSecOpenSSLKWDes3ImplKlass, ctx,
- xmlSecBufferGetData(in), inSize,
- xmlSecBufferGetData(out), outSize);
- if(ret < 0) {
- xmlSecInternalError4("xmlSecKWDes3Decode", xmlSecTransformGetName(transform),
- "key=%d,in=%d,out=%d", keySize, inSize, outSize);
- return(-1);
- }
- outSize = ret;
- }
-
- ret = xmlSecBufferSetSize(out, outSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
- return(-1);
- }
-
- ret = xmlSecBufferRemoveHead(in, inSize);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
- return(-1);
- }
-
- transform->status = xmlSecTransformStatusFinished;
- } else if(transform->status == xmlSecTransformStatusFinished) {
- /* the only way we can get here is if there is no input */
- xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
- } else {
- xmlSecInvalidTransfromStatusError(transform);
+ ret = xmlSecTransformKWDes3Execute(transform, ctx, last);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecTransformKWDes3Execute", xmlSecTransformGetName(transform));
return(-1);
}
-
return(0);
}
* DES KW implementation
*
*********************************************************************/
-static int
-xmlSecOpenSSLKWDes3Sha1(void * context,
- const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecOpenSSLKWDes3CtxPtr ctx = (xmlSecOpenSSLKWDes3CtxPtr)context;
+#ifndef XMLSEC_OPENSSL_API_300
- xmlSecAssert2(ctx != NULL, -1);
+static int
+xmlSecOpenSSLKWDes3Sha1(xmlSecTransformPtr transform ATTRIBUTE_UNUSED,
+ const xmlSecByte * in, xmlSecSize inSize,
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ UNREFERENCED_PARAMETER(transform);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= SHA_DIGEST_LENGTH, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
if(SHA1(in, inSize, out) == NULL) {
xmlSecOpenSSLError("SHA1", NULL);
return(-1);
}
- return(SHA_DIGEST_LENGTH);
+
+ /* success */
+ (*outWritten) = SHA_DIGEST_LENGTH;
+ return(0);
}
+#else /* XMLSEC_OPENSSL_API_300 */
+
static int
-xmlSecOpenSSLKWDes3GenerateRandom(void * context,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecOpenSSLKWDes3CtxPtr ctx = (xmlSecOpenSSLKWDes3CtxPtr)context;
+xmlSecOpenSSLKWDes3Sha1(xmlSecTransformPtr transform ATTRIBUTE_UNUSED,
+ const xmlSecByte * in, xmlSecSize inSize,
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ size_t outSizeT;
int ret;
- xmlSecAssert2(ctx != NULL, -1);
+ UNREFERENCED_PARAMETER(transform);
+ xmlSecAssert2(in != NULL, -1);
+ xmlSecAssert2(inSize > 0, -1);
+ xmlSecAssert2(out != NULL, -1);
+ xmlSecAssert2(outSize >= SHA_DIGEST_LENGTH, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ outSizeT = outSize;
+ ret = EVP_Q_digest(xmlSecOpenSSLGetLibCtx(), OSSL_DIGEST_NAME_SHA1, NULL,
+ in, inSize, out, &outSizeT);
+ if(ret != 1) {
+ xmlSecOpenSSLError("EVP_Q_digest(SHA1)", NULL);
+ return(-1);
+ }
+
+ /* success */
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(outSizeT, (*outWritten), return(-1), NULL);
+ return(0);
+}
+
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+
+static int
+xmlSecOpenSSLKWDes3GenerateRandom(xmlSecTransformPtr transform ATTRIBUTE_UNUSED,
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ int ret;
+
+ UNREFERENCED_PARAMETER(transform);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize > 0, -1);
- ret = RAND_bytes(out, outSize);
+ ret = RAND_priv_bytes_ex(xmlSecOpenSSLGetLibCtx(), out, outSize, XMLSEEC_OPENSSL_RAND_BYTES_STRENGTH);
if(ret != 1) {
- xmlSecOpenSSLError2("RAND_bytes", NULL,
- "size=%lu", (unsigned long)outSize);
+ xmlSecOpenSSLError2("RAND_priv_bytes_ex", NULL, "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
+ (*outWritten) = outSize;
- return((int)outSize);
+ return(0);
}
static int
-xmlSecOpenSSLKWDes3BlockEncrypt(void * context,
+xmlSecOpenSSLKWDes3BlockEncrypt(xmlSecTransformPtr transform,
const xmlSecByte * iv, xmlSecSize ivSize,
const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecOpenSSLKWDes3CtxPtr ctx = (xmlSecOpenSSLKWDes3CtxPtr)context;
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ xmlSecOpenSSLKWDes3CtxPtr ctx;
int ret;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size), -1);
xmlSecAssert2(iv != NULL, -1);
xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
- ret = xmlSecOpenSSLKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)), XMLSEC_KW_DES3_KEY_LENGTH,
- iv, XMLSEC_KW_DES3_IV_LENGTH,
- in, inSize,
- out, outSize,
- 1); /* encrypt */
+ ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+
+ ret = xmlSecOpenSSLKWDes3Encrypt(
+ xmlSecBufferGetData(&(ctx->keyBuffer)),XMLSEC_KW_DES3_KEY_LENGTH,
+ iv, XMLSEC_KW_DES3_IV_LENGTH,
+ in, inSize,
+ out, outSize, outWritten,
+ 1); /* encrypt */
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLKWDes3Encrypt", NULL);
return(-1);
}
- return(ret);
+ return(0);
}
static int
-xmlSecOpenSSLKWDes3BlockDecrypt(void * context,
+xmlSecOpenSSLKWDes3BlockDecrypt(xmlSecTransformPtr transform,
const xmlSecByte * iv, xmlSecSize ivSize,
const xmlSecByte * in, xmlSecSize inSize,
- xmlSecByte * out, xmlSecSize outSize) {
- xmlSecOpenSSLKWDes3CtxPtr ctx = (xmlSecOpenSSLKWDes3CtxPtr)context;
+ xmlSecByte * out, xmlSecSize outSize,
+ xmlSecSize * outWritten) {
+ xmlSecOpenSSLKWDes3CtxPtr ctx;
int ret;
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
- xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWDes3Id), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size), -1);
xmlSecAssert2(iv != NULL, -1);
xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
- ret = xmlSecOpenSSLKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)), XMLSEC_KW_DES3_KEY_LENGTH,
- iv, XMLSEC_KW_DES3_IV_LENGTH,
- in, inSize,
- out, outSize,
- 0); /* decrypt */
+ ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+ xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+
+ ret = xmlSecOpenSSLKWDes3Encrypt(
+ xmlSecBufferGetData(&(ctx->keyBuffer)), XMLSEC_KW_DES3_KEY_LENGTH,
+ iv, XMLSEC_KW_DES3_IV_LENGTH,
+ in, inSize,
+ out, outSize, outWritten,
+ 0); /* decrypt */
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLKWDes3Encrypt", NULL);
return(-1);
}
- return(ret);
+ return(0);
}
static int
-xmlSecOpenSSLKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
- const xmlSecByte *iv, xmlSecSize ivSize,
- const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize,
+xmlSecOpenSSLKWDes3Encrypt(const xmlSecByte* key, xmlSecSize keySize,
+ const xmlSecByte* iv, xmlSecSize ivSize,
+ const xmlSecByte* in, xmlSecSize inSize,
+ xmlSecByte* out, xmlSecSize outSize,
+ xmlSecSize* outWritten,
int enc) {
- EVP_CIPHER_CTX * cipherCtx;
- int updateLen;
- int finalLen;
+#ifndef XMLSEC_OPENSSL_API_300
+ const EVP_CIPHER* cipher = NULL;
+#else /* XMLSEC_OPENSSL_API_300 */
+ EVP_CIPHER* cipher = NULL;
+#endif /* XMLSEC_OPENSSL_API_300 */
+ EVP_CIPHER_CTX* cipherCtx = NULL;
+ xmlSecSize size;
+ int inLen, outLen, updateLen, finalLen;
int ret;
+ int res = -1;
xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(keySize == (xmlSecSize)EVP_CIPHER_key_length(EVP_des_ede3_cbc()), -1);
xmlSecAssert2(iv != NULL, -1);
- xmlSecAssert2(ivSize == (xmlSecSize)EVP_CIPHER_iv_length(EVP_des_ede3_cbc()), -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
+ xmlSecAssert2(outWritten != NULL, -1);
+
+ ret = EVP_CIPHER_key_length(EVP_des_ede3_cbc());
+ if(ret <= 0) {
+ xmlSecOpenSSLError("EVP_CIPHER_key_length(EVP_des_ede3_cbc)", NULL);
+ goto done;
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, goto done, NULL);
+ xmlSecAssert2(keySize == size, -1);
+
+ ret = EVP_CIPHER_iv_length(EVP_des_ede3_cbc());
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_CIPHER_iv_length(EVP_des_ede3_cbc)", NULL);
+ goto done;
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, goto done, NULL);
+ xmlSecAssert2(ivSize == size, -1);
+
+#ifndef XMLSEC_OPENSSL_API_300
+ cipher = EVP_des_ede3_cbc();
+#else /* XMLSEC_OPENSSL_API_300 */
+ cipher = EVP_CIPHER_fetch(xmlSecOpenSSLGetLibCtx(), XMLSEEC_OPENSSL_CIPHER_NAME_DES3_EDE, NULL);
+ if(cipher == NULL) {
+ xmlSecOpenSSLError("EVP_CIPHER_fetch(DES3_EDE)", NULL);
+ goto done;
+ }
+
+#endif /* XMLSEC_OPENSSL_API_300 */
cipherCtx = EVP_CIPHER_CTX_new();
if(cipherCtx == NULL) {
xmlSecOpenSSLError("EVP_CIPHER_CTX_new", NULL);
- return(-1);
+ goto done;
}
- ret = EVP_CipherInit(cipherCtx, EVP_des_ede3_cbc(), key, iv, enc);
+ ret = EVP_CipherInit(cipherCtx, cipher, key, iv, enc);
if(ret != 1) {
xmlSecOpenSSLError("EVP_CipherInit", NULL);
- EVP_CIPHER_CTX_free(cipherCtx);
- return(-1);
+ goto done;
}
EVP_CIPHER_CTX_set_padding(cipherCtx, 0);
- ret = EVP_CipherUpdate(cipherCtx, out, &updateLen, in, inSize);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, goto done, NULL);
+ ret = EVP_CipherUpdate(cipherCtx, out, &updateLen, in, inLen);
if(ret != 1) {
xmlSecOpenSSLError("EVP_CipherUpdate", NULL);
- EVP_CIPHER_CTX_free(cipherCtx);
- return(-1);
+ goto done;
}
ret = EVP_CipherFinal(cipherCtx, out + updateLen, &finalLen);
if(ret != 1) {
xmlSecOpenSSLError("EVP_CipherFinal", NULL);
- EVP_CIPHER_CTX_free(cipherCtx);
- return(-1);
+ goto done;
}
+ /* success */
+ outLen = updateLen + finalLen;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(outLen, (*outWritten), goto done, NULL);
+ res = 0;
+
+done:
/* cleanup */
- EVP_CIPHER_CTX_free(cipherCtx);
+ if(cipherCtx != NULL) {
+ EVP_CIPHER_CTX_free(cipherCtx);
+ }
+#ifdef XMLSEC_OPENSSL_API_300
+ if(cipher != NULL) {
+ EVP_CIPHER_free(cipher);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
/* done */
- return(updateLen + finalLen);
+ return(res);
}
-#ifndef __XMLSEC_OPENSSL_OPENSSL_COMPAT_H__
-#define __XMLSEC_OPENSSL_OPENSSL_COMPAT_H__
-/*
+/**
* XML Security Library (http://www.aleksey.com/xmlsec).
*
* This file provides a compatibility layer for pre-OpenSSL 1.1.0 versions.
* the minimum supported version. Note that LibreSSL "forked" at OpenSSL 1.0.0.
*/
+#ifndef __XMLSEC_OPENSSL_OPENSSL_COMPAT_H__
+#define __XMLSEC_OPENSSL_OPENSSL_COMPAT_H__
+
+#include <openssl/rand.h>
+
+#include "../cast_helpers.h"
+
/******************************************************************************
*
- * OpenSSL 1.1.0 compatibility
+ * OpenSSL 1.1.0 and 3.0.0 compatibility
*
*****************************************************************************/
-#if !defined(XMLSEC_OPENSSL_API_110)
+#if !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300)
/* EVP_PKEY stuff */
#define EVP_PKEY_up_ref(pKey) CRYPTO_add(&((pKey)->references), 1, CRYPTO_LOCK_EVP_PKEY)
#define X509_OBJECT_free(x) { X509_OBJECT_free_contents(x); free(x); }
#define X509_OBJECT_get0_X509(x) (((x) != NULL) ? ((x)->data.x509) : (X509 *)NULL)
+#endif /* !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300) */
+
+
+/******************************************************************************
+ *
+ * OpenSSL 1.1.1
+ *
+ ******************************************************************************/
+#if !defined(XMLSEC_OPENSSL_API_111)
+
+#define RAND_priv_bytes(buf,num) RAND_bytes((buf),(num))
+
#endif /* !defined(XMLSEC_OPENSSL_API_110) */
+
+/******************************************************************************
+ *
+ * OpenSSL 3.0.0 compatibility
+ *
+ *****************************************************************************/
+#if !defined(XMLSEC_OPENSSL_API_300)
+
+#define BIO_new_ex(libctx,type) BIO_new((type))
+#define PEM_read_bio_PrivateKey_ex(bp,x,cb,u,libctx,propq) PEM_read_bio_PrivateKey((bp),(x),(cb),(u))
+#define PEM_read_bio_PUBKEY_ex(bp,x,cb,u,libctx,propq) PEM_read_bio_PUBKEY((bp),(x),(cb),(u))
+#define d2i_PrivateKey_ex_bio(bp,a,libctx,propq) d2i_PrivateKey_bio((bp),(a))
+
+#define EVP_SignFinal_ex(ctx,md,s,pkey,libctx,propq) EVP_SignFinal((ctx),(md),(s),(pkey))
+#define EVP_VerifyFinal_ex(ctx,sigbuf,siglen,pkey,libctx,propq) EVP_VerifyFinal((ctx),(sigbuf),(siglen),(pkey))
+
+#define X509_new_ex(libctx,propq) X509_new()
+#define X509_CRL_new_ex(libctx,propq) X509_CRL_new()
+#define X509_STORE_CTX_new_ex(libctx,propq) X509_STORE_CTX_new()
+#define X509_STORE_set_default_paths_ex(ctx,libctx,propq) X509_STORE_set_default_paths((ctx))
+#define X509_NAME_hash_ex(x,libctx,propq,ok) X509_NAME_hash((x))
+
+#define RAND_priv_bytes_ex(ctx,buf,num,strength) xmlSecOpenSSLCompatRand((buf),(num))
+static inline int xmlSecOpenSSLCompatRand(unsigned char *buf, xmlSecSize size) {
+ int num;
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(size, num, return(0), NULL);
+ return(RAND_priv_bytes(buf, num));
+}
+
+#endif /* !defined(XMLSEC_OPENSSL_API_300) */
+
/******************************************************************************
*
* boringssl compatibility
* LibreSSL 2.7 compatibility (implements most of OpenSSL 1.1 API)
*
*****************************************************************************/
-#if defined(LIBRESSL_VERSION_NUMBER) && defined(XMLSEC_OPENSSL_API_110)
+#if defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x30500000L) && defined(XMLSEC_OPENSSL_API_110)
/* EVP_CIPHER_CTX stuff */
#define EVP_CIPHER_CTX_encrypting(x) ((x)->encrypt)
#define X509_STORE_CTX_get_by_subject X509_STORE_get_by_subject
#define X509_OBJECT_new() (calloc(1, sizeof(X509_OBJECT)))
#define X509_OBJECT_free(x) { X509_OBJECT_free_contents(x); free(x); }
-#endif /* defined(LIBRESSL_VERSION_NUMBER) && defined(XMLSEC_OPENSSL_API_110) */
+#endif /* defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x30500000L) && defined(XMLSEC_OPENSSL_API_110) */
+
+
+/******************************************************************************
+ *
+ * Common constants that aren't defined anywhere.
+ *
+ *****************************************************************************/
+#ifndef XMLSEC_NO_GOST
+#define XMLSEC_OPENSSL_DIGEST_NAME_GOST94 "md_gost94"
+#endif /* XMLSEC_NO_GOST*/
+
+#ifndef XMLSEC_NO_GOST2012
+#define XMLSEC_OPENSSL_DIGEST_NAME_GOST12_256 "md_gost12_256"
+#define XMLSEC_OPENSSL_DIGEST_NAME_GOST12_512 "md_gost12_512"
+#endif /* XMLSEC_NO_GOST2012 */
+
+
+#ifdef XMLSEC_OPENSSL_API_300
+#define XMLSEEC_OPENSSL_RAND_BYTES_STRENGTH 0
+
+/* Cipher names, hopefully OpenSSL defines them one day */
+#define XMLSEEC_OPENSSL_CIPHER_NAME_DES3_EDE "DES3"
+#define XMLSEEC_OPENSSL_CIPHER_NAME_AES128_CBC "AES-128-CBC"
+#define XMLSEEC_OPENSSL_CIPHER_NAME_AES192_CBC "AES-192-CBC"
+#define XMLSEEC_OPENSSL_CIPHER_NAME_AES256_CBC "AES-256-CBC"
+#define XMLSEEC_OPENSSL_CIPHER_NAME_AES128_GCM "AES-128-GCM"
+#define XMLSEEC_OPENSSL_CIPHER_NAME_AES192_GCM "AES-192-GCM"
+#define XMLSEEC_OPENSSL_CIPHER_NAME_AES256_GCM "AES-256-GCM"
+
+#endif /* XMLSEC_OPENSSL_API_300 */
+
#endif /* __XMLSEC_OPENSSL_OPENSSL_COMPAT_H__ */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:signatures
#include <xmlsec/openssl/evp.h>
#include "openssl_compat.h"
+#ifdef XMLSEC_OPENSSL_API_300
+#include <openssl/core_names.h>
+#include <openssl/param_build.h>
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+#include "../cast_helpers.h"
+
/******************************************************************************
*
- * OpenSSL 1.1.0 compatibility
+ * OpenSSL 1.1.0 and 3.0.0 compatibility
*
*****************************************************************************/
-#if !defined(XMLSEC_OPENSSL_API_110)
+#if !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300)
#ifndef XMLSEC_NO_ECDSA
#endif /* XMLSEC_NO_DSA */
-#endif /* !defined(XMLSEC_OPENSSL_API_110) */
+#endif /* !defined(XMLSEC_OPENSSL_API_110) && !defined(XMLSEC_OPENSSL_API_300) */
/**************************************************************************
#endif /* XMLSEC_NO_ECDSA */
-
-
/**************************************************************************
*
* Sign/verify callbacks
*
*****************************************************************************/
struct _xmlSecOpenSSLSignatureCtx {
+#ifndef XMLSEC_OPENSSL_API_300
const EVP_MD* digest;
+#else /* XMLSEC_OPENSSL_API_300 */
+ const char* digestName;
+ EVP_MD* digest;
+#endif /* XMLSEC_OPENSSL_API_300 */
EVP_MD_CTX* digestCtx;
xmlSecKeyDataId keyId;
xmlSecOpenSSLSignatureSignCallback signCallback;
*
* Signature transforms
*
- * xmlSecOpenSSLSignatureCtx is located after xmlSecTransform
- *
*****************************************************************************/
-#define xmlSecOpenSSLSignatureSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLSignatureCtx))
-#define xmlSecOpenSSLSignatureGetCtx(transform) \
- ((xmlSecOpenSSLSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(OpenSSLSignature, xmlSecOpenSSLSignatureCtx)
+#define xmlSecOpenSSLSignatureSize XMLSEC_TRANSFORM_SIZE(OpenSSLSignature)
static int xmlSecOpenSSLSignatureCheckId (xmlSecTransformPtr transform);
static int xmlSecOpenSSLSignatureInitialize (xmlSecTransformPtr transform);
}
}
+/* small helper macro to reduce clutter in the code */
+#ifndef XMLSEC_OPENSSL_API_300
+#define XMLSEC_OPENSSL_SIGNATURE_SET_DIGEST(ctx, digestVal, digestNameVal) \
+ (ctx)->digest = (digestVal)
+#else /* XMLSEC_OPENSSL_API_300 */
+#define XMLSEC_OPENSSL_SIGNATURE_SET_DIGEST(ctx, digestVal, digestNameVal) \
+ (ctx)->digestName = (digestNameVal)
+#endif /* XMLSEC_OPENSSL_API_300 */
+
static int
xmlSecOpenSSLSignatureInitialize(xmlSecTransformPtr transform) {
xmlSecOpenSSLSignatureCtxPtr ctx;
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformDsaSha1Id)) {
- ctx->digest = EVP_sha1();
+ XMLSEC_OPENSSL_SIGNATURE_SET_DIGEST(ctx, EVP_sha1(), OSSL_DIGEST_NAME_SHA1);
ctx->keyId = xmlSecOpenSSLKeyDataDsaId;
ctx->signCallback = xmlSecOpenSSLSignatureDsaSign;
ctx->verifyCallback = xmlSecOpenSSLSignatureDsaVerify;
#ifndef XMLSEC_NO_SHA256
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformDsaSha256Id)) {
- ctx->digest = EVP_sha256();
+ XMLSEC_OPENSSL_SIGNATURE_SET_DIGEST(ctx, EVP_sha256(), OSSL_DIGEST_NAME_SHA2_256);
ctx->keyId = xmlSecOpenSSLKeyDataDsaId;
ctx->signCallback = xmlSecOpenSSLSignatureDsaSign;
ctx->verifyCallback = xmlSecOpenSSLSignatureDsaVerify;
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha1Id)) {
- ctx->digest = EVP_sha1();
+ XMLSEC_OPENSSL_SIGNATURE_SET_DIGEST(ctx, EVP_sha1(), OSSL_DIGEST_NAME_SHA1);
ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
ctx->signCallback = xmlSecOpenSSLSignatureEcdsaSign;
ctx->verifyCallback = xmlSecOpenSSLSignatureEcdsaVerify;
#ifndef XMLSEC_NO_SHA224
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha224Id)) {
- ctx->digest = EVP_sha224();
+ XMLSEC_OPENSSL_SIGNATURE_SET_DIGEST(ctx, EVP_sha224(), OSSL_DIGEST_NAME_SHA2_224);
ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
ctx->signCallback = xmlSecOpenSSLSignatureEcdsaSign;
ctx->verifyCallback = xmlSecOpenSSLSignatureEcdsaVerify;
#ifndef XMLSEC_NO_SHA256
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha256Id)) {
- ctx->digest = EVP_sha256();
+ XMLSEC_OPENSSL_SIGNATURE_SET_DIGEST(ctx, EVP_sha256(), OSSL_DIGEST_NAME_SHA2_256);
ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
ctx->signCallback = xmlSecOpenSSLSignatureEcdsaSign;
ctx->verifyCallback = xmlSecOpenSSLSignatureEcdsaVerify;
#ifndef XMLSEC_NO_SHA384
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha384Id)) {
- ctx->digest = EVP_sha384();
+ XMLSEC_OPENSSL_SIGNATURE_SET_DIGEST(ctx, EVP_sha384(), OSSL_DIGEST_NAME_SHA2_384);
ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
ctx->signCallback = xmlSecOpenSSLSignatureEcdsaSign;
ctx->verifyCallback = xmlSecOpenSSLSignatureEcdsaVerify;
#ifndef XMLSEC_NO_SHA512
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha512Id)) {
- ctx->digest = EVP_sha512();
+ XMLSEC_OPENSSL_SIGNATURE_SET_DIGEST(ctx, EVP_sha512(), OSSL_DIGEST_NAME_SHA2_512);
ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
ctx->signCallback = xmlSecOpenSSLSignatureEcdsaSign;
ctx->verifyCallback = xmlSecOpenSSLSignatureEcdsaVerify;
return(-1);
}
+#ifdef XMLSEC_OPENSSL_API_300
+ /* fetch digest */
+ xmlSecAssert2(ctx->digestName != NULL, -1);
+ ctx->digest = EVP_MD_fetch(xmlSecOpenSSLGetLibCtx(), ctx->digestName, NULL);
+ if(ctx->digest == NULL) {
+ xmlSecOpenSSLError2("EVP_MD_fetch", xmlSecTransformGetName(transform),
+ "digestName=%s", xmlSecErrorsSafeString(ctx->digestName));
+ xmlSecOpenSSLSignatureFinalize(transform);
+ return(-1);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
+
/* create/init digest CTX */
ctx->digestCtx = EVP_MD_CTX_new();
if(ctx->digestCtx == NULL) {
- xmlSecOpenSSLError("EVP_MD_CTX_new",
- xmlSecTransformGetName(transform));
+ xmlSecOpenSSLError("EVP_MD_CTX_new", xmlSecTransformGetName(transform));
+ xmlSecOpenSSLSignatureFinalize(transform);
return(-1);
}
ret = EVP_DigestInit(ctx->digestCtx, ctx->digest);
if(ret != 1) {
- xmlSecOpenSSLError("EVP_DigestInit",
- xmlSecTransformGetName(transform));
+ xmlSecOpenSSLError("EVP_DigestInit", xmlSecTransformGetName(transform));
+ xmlSecOpenSSLSignatureFinalize(transform);
return(-1);
}
if(ctx->digestCtx != NULL) {
EVP_MD_CTX_free(ctx->digestCtx);
}
+#ifdef XMLSEC_OPENSSL_API_300
+ if(ctx->digest != NULL) {
+ EVP_MD_free(ctx->digest);
+ }
+#endif /* XMLSEC_OPENSSL_API_300 */
memset(ctx, 0, sizeof(xmlSecOpenSSLSignatureCtx));
}
} else {
xmlSecOtherError(XMLSEC_ERRORS_R_DATA_NOT_MATCH,
xmlSecTransformGetName(transform),
- "ctx->verifyCallback: signature does not verify");
+ "ctx->verifyCallback: signature verification failed");
transform->status = xmlSecTransformStatusFail;
}
* <SignatureValue>i6watmQQQ1y3GB+VsWq5fJKzQcBB4jRfH1bfJFj0JtFVtLotttzYyA==</SignatureValue>
*
***************************************************************************/
+
+#ifndef XMLSEC_OPENSSL_API_300
+
static int
-xmlSecOpenSSLSignatureDsaSign(xmlSecOpenSSLSignatureCtxPtr ctx, xmlSecBufferPtr out) {
+xmlSecOpenSSLSignatureDsaGetKeyLen(EVP_PKEY* pKey) {
+ DSA* dsaKey = NULL;
+ int res = -1;
+
+ xmlSecAssert2(pKey != NULL, -1);
+
+ dsaKey = EVP_PKEY_get1_DSA(pKey);
+ if(dsaKey == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_get1_DSA", NULL);
+ goto done;
+ }
+
+ res = DSA_size(dsaKey);
+ if(res <= 0) {
+ xmlSecOpenSSLError("DSA_size", NULL);
+ goto done;
+ }
+
+done:
+ /* cleanup */
+ if(dsaKey != NULL) {
+ DSA_free(dsaKey);
+ }
+ return(res);
+}
+
+static DSA_SIG*
+xmlSecOpenSSLSignatureDsaSignImpl(EVP_PKEY* pKey, const xmlSecByte* buf, xmlSecSize bufSize) {
+ DSA* dsaKey = NULL;
+ int bufLen;
+ DSA_SIG* res = NULL;
+
+ xmlSecAssert2(pKey != NULL, NULL);
+ xmlSecAssert2(buf != NULL, NULL);
+ xmlSecAssert2(bufSize > 0, NULL);
+
+ dsaKey = EVP_PKEY_get1_DSA(pKey);
+ if(dsaKey == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_get1_DSA", NULL);
+ goto done;
+ }
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(bufSize, bufLen, goto done, NULL);
+ res = DSA_do_sign(buf, bufLen, dsaKey);
+ if(res == NULL) {
+ xmlSecOpenSSLError("DSA_do_sign", NULL);
+ goto done;
+ }
+
+done:
+ if(dsaKey != NULL) {
+ DSA_free(dsaKey);
+ }
+ return(res);
+}
+
+static int
+xmlSecOpenSSLSignatureDsaVerifyImpl(EVP_PKEY* pKey, DSA_SIG* sig, const xmlSecByte* buf, xmlSecSize bufSize) {
DSA * dsaKey = NULL;
- DSA_SIG *sig = NULL;
- const BIGNUM *rr = NULL, *ss = NULL;
- xmlSecByte *outData;
- xmlSecSize dsaSignSize, signHalfSize, rSize, sSize;
+ int bufLen;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(pKey != NULL, -1);
+ xmlSecAssert2(sig != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(bufSize > 0, -1);
+
+ dsaKey = EVP_PKEY_get1_DSA(pKey);
+ if(dsaKey == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_get1_DSA", NULL);
+ goto done;
+ }
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(bufSize, bufLen, goto done, NULL);
+ ret = DSA_do_verify(buf, bufLen, sig, dsaKey);
+ if(ret < 0) {
+ xmlSecOpenSSLError("EVP_PKEY_get1_DSA", NULL);
+ goto done;
+ }
+
+ /* success */
+ res = ret;
+
+
+done:
+ if(dsaKey != NULL) {
+ DSA_free(dsaKey);
+ }
+ return(res);
+}
+
+#else /* XMLSEC_OPENSSL_API_300 */
+
+static int
+xmlSecOpenSSLSignatureDsaGetKeyLen(EVP_PKEY* pKey) {
+ xmlSecAssert2(pKey != NULL, -1);
+
+ return(EVP_PKEY_get_size(pKey));
+}
+
+static DSA_SIG*
+xmlSecOpenSSLSignatureDsaSignImpl(EVP_PKEY* pKey, const xmlSecByte* buf, xmlSecSize bufSize) {
+ EVP_PKEY_CTX* pKeyCtx = NULL;
+ size_t dsaSignBufSizeT = 0;
+ xmlSecSize dsaSignBufSize;
+ long dsaSignBufLen;
+ xmlSecBufferPtr dsaSignBuf = NULL;
+ const unsigned char* dsaSignBufPtr = NULL;
+ int ret;
+ DSA_SIG* res = NULL;
+
+ xmlSecAssert2(pKey != NULL, NULL);
+ xmlSecAssert2(buf != NULL, NULL);
+ xmlSecAssert2(bufSize > 0, NULL);
+
+ pKeyCtx = EVP_PKEY_CTX_new_from_pkey(xmlSecOpenSSLGetLibCtx(), pKey, NULL);
+ if (pKeyCtx == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_new_from_pkey", NULL);
+ goto done;
+ }
+
+ ret = EVP_PKEY_sign_init(pKeyCtx);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_sign_init", NULL);
+ goto done;
+ }
+
+ ret = EVP_PKEY_sign(pKeyCtx, NULL, &dsaSignBufSizeT, buf, bufSize);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_sign(1)", NULL);
+ goto done;
+ }
+
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(dsaSignBufSizeT, dsaSignBufSize, goto done, NULL);
+ dsaSignBuf = xmlSecBufferCreate(dsaSignBufSize);
+ if (dsaSignBuf == NULL) {
+ xmlSecInternalError2("xmlSecBufferCreate", NULL,
+ "size=" XMLSEC_SIZE_FMT, dsaSignBufSize);
+ goto done;
+ }
+
+ ret = EVP_PKEY_sign(pKeyCtx, xmlSecBufferGetData(dsaSignBuf), &dsaSignBufSizeT, buf, bufSize);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_sign(2)", NULL);
+ goto done;
+ }
+
+ dsaSignBufPtr = xmlSecBufferGetData(dsaSignBuf);
+ XMLSEC_SAFE_CAST_SIZE_T_TO_LONG(dsaSignBufSizeT, dsaSignBufLen, goto done, NULL);
+ res = d2i_DSA_SIG(NULL, &dsaSignBufPtr, dsaSignBufLen);
+ if (res == NULL) {
+ xmlSecOpenSSLError("d2i_DSA_SIG", NULL);
+ goto done;
+ }
+
+done:
+ if (pKeyCtx != NULL) {
+ EVP_PKEY_CTX_free(pKeyCtx);
+ }
+ if (dsaSignBuf != NULL) {
+ xmlSecBufferDestroy(dsaSignBuf);
+ }
+ return(res);
+}
+
+static int
+xmlSecOpenSSLSignatureDsaVerifyImpl(EVP_PKEY* pKey, DSA_SIG* sig, const xmlSecByte* buf, xmlSecSize bufSize) {
+ EVP_PKEY_CTX* pKeyCtx = NULL;
+ unsigned char* pout = NULL;
+ xmlSecSize size;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(pKey != NULL, -1);
+ xmlSecAssert2(sig != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(bufSize > 0, -1);
+ pKeyCtx = EVP_PKEY_CTX_new_from_pkey(xmlSecOpenSSLGetLibCtx(), pKey, NULL);
+ if (pKeyCtx == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_new_from_pkey", NULL);
+ goto done;
+ }
+
+ ret = EVP_PKEY_verify_init(pKeyCtx);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_verify_init", NULL);
+ goto done;
+ }
+
+ ret = i2d_DSA_SIG(sig, &pout); /* ret is size of signature on success */
+ if (ret < 0) {
+ xmlSecOpenSSLError("i2d_DSA_SIG", NULL);
+ goto done;
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, goto done, NULL);
+
+ ret = EVP_PKEY_verify(pKeyCtx, pout, size, buf, bufSize);
+ if(ret < 0) {
+ xmlSecOpenSSLError("EVP_PKEY_verify", NULL);
+ goto done;
+ }
+
+ /* success */
+ res = ret;
+
+done:
+ /* cleanup */
+ if (pout != NULL) {
+ OPENSSL_free(pout);
+ }
+ if (pKeyCtx != NULL) {
+ EVP_PKEY_CTX_free(pKeyCtx);
+ }
+ return(res);
+}
+#endif /* XMLSEC_OPENSSL_API_300 */
+
+static int
+xmlSecOpenSSLSignatureDsaSign(xmlSecOpenSSLSignatureCtxPtr ctx, xmlSecBufferPtr out) {
+ DSA_SIG* sig = NULL;
+ const BIGNUM* rr = NULL;
+ const BIGNUM* ss = NULL;
+ xmlSecByte* outData = NULL;
+ xmlSecSize outSize;
+ int dsaKeyLen = 0, signHalfLen;
+ int rLen, sLen;
int res = -1;
int ret;
xmlSecAssert2(ctx->dgstSize <= sizeof(ctx->dgst), -1);
xmlSecAssert2(out != NULL, -1);
- /* get key */
- dsaKey = EVP_PKEY_get1_DSA(ctx->pKey);
- if(dsaKey == NULL) {
- xmlSecOpenSSLError("EVP_PKEY_get1_DSA", NULL);
+ /* calculate signature */
+ sig = xmlSecOpenSSLSignatureDsaSignImpl(ctx->pKey, ctx->dgst, ctx->dgstSize);
+ if(sig == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLSignatureDsaSignImpl", NULL);
goto done;
}
- /* signature size = r + s + 8 bytes, we just need r+s */
- dsaSignSize = DSA_size(dsaKey);
- if(dsaSignSize < 8) {
- xmlSecInvalidSizeLessThanError("DSA signature", dsaSignSize, 8, NULL);
+ /* get key len */
+ dsaKeyLen = xmlSecOpenSSLSignatureDsaGetKeyLen(ctx->pKey);
+ if(dsaKeyLen <= 0) {
+ xmlSecInternalError("xmlSecOpenSSLSignatureDsaGetKeyLen", NULL);
goto done;
}
- signHalfSize = (dsaSignSize - 8) / 2;
- if(signHalfSize < 4) {
- xmlSecInvalidSizeLessThanError("DSA signature (half)", signHalfSize, 4, NULL);
+ /* signature size = r + s + 8 bytes, we just need r+s */
+ if(dsaKeyLen < 8) {
+ xmlSecOpenSSLError2("DSA key len", NULL,
+ "dsaKeyLen=%d", dsaKeyLen);
goto done;
}
-
- /* calculate signature */
- sig = DSA_do_sign(ctx->dgst, ctx->dgstSize, dsaKey);
- if(sig == NULL) {
- xmlSecOpenSSLError("DSA_do_sign", NULL);
+ signHalfLen = (dsaKeyLen - 8) / 2;
+ if(signHalfLen < 4) {
+ xmlSecOpenSSLError2("DSA signature half len", NULL,
+ "signHalfLen=%d", signHalfLen);
goto done;
}
xmlSecOpenSSLError("DSA_SIG_get0", NULL);
goto done;
}
- rSize = BN_num_bytes(rr);
- if(rSize > signHalfSize) {
- xmlSecInvalidSizeMoreThanError("DSA signature r",
- rSize, signHalfSize, NULL);
+ rLen = BN_num_bytes(rr);
+ if((rLen <= 0) || (rLen > signHalfLen)) {
+ xmlSecOpenSSLError3("BN_num_bytes(rr)", NULL,
+ "signHalfLen=%d; rLen=%d", signHalfLen, rLen);
goto done;
}
- sSize = BN_num_bytes(ss);
- if(sSize > signHalfSize) {
- xmlSecInvalidSizeMoreThanError("DSA signature s",
- sSize, signHalfSize, NULL);
+ sLen = BN_num_bytes(ss);
+ if((sLen <= 0) || (sLen > signHalfLen)) {
+ xmlSecOpenSSLError3("BN_num_bytes(ss)", NULL,
+ "signHalfLen=%d; sLen=%d", signHalfLen, sLen);
goto done;
}
/* allocate buffer */
- ret = xmlSecBufferSetSize(out, 2 * signHalfSize);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE((2 * signHalfLen), outSize, goto done, NULL);
+ ret = xmlSecBufferSetSize(out, outSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", NULL,
- "size=%d", (int)(2 * signHalfSize));
+ "size=" XMLSEC_SIZE_FMT, outSize);
goto done;
}
outData = xmlSecBufferGetData(out);
xmlSecAssert2(outData != NULL, -1);
/* write components */
- xmlSecAssert2((rSize + sSize) <= 2 * signHalfSize, -1);
- memset(outData, 0, 2 * signHalfSize);
- BN_bn2bin(rr, outData + signHalfSize - rSize);
- BN_bn2bin(ss, outData + 2 * signHalfSize - sSize);
+ xmlSecAssert2((rLen + sLen) <= 2 * signHalfLen, -1);
+ memset(outData, 0, outSize);
+ BN_bn2bin(rr, outData + signHalfLen - rLen);
+ BN_bn2bin(ss, outData + 2 * signHalfLen - sLen);
/* success */
res = 0;
if(sig != NULL) {
DSA_SIG_free(sig);
}
- if(dsaKey != NULL) {
- DSA_free(dsaKey);
- }
-
- /* done */
return(res);
}
static int
xmlSecOpenSSLSignatureDsaVerify(xmlSecOpenSSLSignatureCtxPtr ctx, const xmlSecByte* signData, xmlSecSize signSize) {
- DSA * dsaKey = NULL;
- DSA_SIG *sig = NULL;
- BIGNUM *rr = NULL, *ss = NULL;
- xmlSecSize dsaSignSize, signHalfSize;
+ int dsaKeyLen, signLen, signHalfLen;
+ DSA_SIG* sig = NULL;
+ BIGNUM* rr = NULL;
+ BIGNUM* ss = NULL;
int res = -1;
int ret;
xmlSecAssert2(ctx->dgstSize > 0, -1);
xmlSecAssert2(signData != NULL, -1);
- /* get key */
- dsaKey = EVP_PKEY_get1_DSA(ctx->pKey);
- if(dsaKey == NULL) {
- xmlSecOpenSSLError("EVP_PKEY_get1_DSA", NULL);
+ /* get key len */
+ dsaKeyLen = xmlSecOpenSSLSignatureDsaGetKeyLen(ctx->pKey);
+ if(dsaKeyLen <= 0) {
+ xmlSecInternalError("xmlSecOpenSSLSignatureDsaGetKeyLen", NULL);
goto done;
}
/* signature size = r + s + 8 bytes, we just need r+s */
- dsaSignSize = DSA_size(dsaKey);
- if(dsaSignSize < 8) {
- xmlSecInvalidSizeLessThanError("DSA signatue",
- dsaSignSize, 8, NULL);
+ if(dsaKeyLen < 8) {
+ xmlSecOpenSSLError2("DSA key len", NULL,
+ "dsaKeyLen=%d", dsaKeyLen);
goto done;
}
-
- signHalfSize = (dsaSignSize - 8) / 2;
- if(signHalfSize < 4) {
- xmlSecInvalidSizeLessThanError("DSA signatue (half size)",
- signHalfSize, 4, NULL);
+ signHalfLen = (dsaKeyLen - 8) / 2;
+ if(signHalfLen < 4) {
+ xmlSecOpenSSLError2("DSA signature half len", NULL,
+ "signHalfLen=%d", signHalfLen);
goto done;
}
/* check size */
- if(signSize != 2 * signHalfSize) {
- xmlSecInvalidSizeError("DSA signature", signSize, 2 * signHalfSize,
- NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(signSize, signLen, goto done, NULL);
+ if(signLen != 2 * signHalfLen) {
+ xmlSecOpenSSLError3("DSA signatue len", NULL,
+ "signHalfLen=%d; signLen=%d", signHalfLen, signLen);
goto done;
}
goto done;
}
- rr = BN_bin2bn(signData, signHalfSize, NULL);
+ rr = BN_bin2bn(signData, signHalfLen, NULL);
if(rr == NULL) {
xmlSecOpenSSLError("BN_bin2bn(sig->r)", NULL);
goto done;
}
- ss = BN_bin2bn(signData + signHalfSize, signHalfSize, NULL);
+ ss = BN_bin2bn(signData + signHalfLen, signHalfLen, NULL);
if(ss == NULL) {
xmlSecOpenSSLError("BN_bin2bn(sig->s)", NULL);
goto done;
xmlSecOpenSSLError("DSA_SIG_set0", NULL);
goto done;
}
-
rr = NULL;
ss = NULL;
/* verify signature */
- ret = DSA_do_verify(ctx->dgst, ctx->dgstSize, sig, dsaKey);
+ ret = xmlSecOpenSSLSignatureDsaVerifyImpl(ctx->pKey, sig, ctx->dgst, ctx->dgstSize);
if(ret < 0) {
- xmlSecOpenSSLError("DSA_do_verify", NULL);
+ xmlSecInternalError("xmlSecOpenSSLSignatureDsaVerifyImpl", NULL);
goto done;
}
done:
/* cleanup */
- DSA_SIG_free(sig);
- DSA_free(dsaKey);
- BN_clear_free(rr);
- BN_clear_free(ss);
+ if (sig != NULL) {
+ DSA_SIG_free(sig);
+ }
+ if(rr != NULL) {
+ BN_clear_free(rr);
+ }
+ if(ss != NULL) {
+ BN_clear_free(ss);
+ }
+
/* done */
return(res);
}
* P-256 curve and 66 for the P-521 curve).
*
***************************************************************************/
-static xmlSecSize
-xmlSecOpenSSLSignatureEcdsaSignatureHalfSize(EC_KEY * ecKey) {
- const EC_GROUP *group;
+#ifndef XMLSEC_OPENSSL_API_300
+
+static int
+xmlSecOpenSSLSignatureEcdsaSignatureHalfLen(EVP_PKEY* pKey) {
+ const EC_GROUP *group = NULL;
BIGNUM *order = NULL;
- xmlSecSize signHalfSize = 0;
+ EC_KEY* ecKey = NULL;
+ int signHalfLen;
+ int res = -1;
- xmlSecAssert2(ecKey != NULL, 0);
+ xmlSecAssert2(pKey != NULL, -1);
+
+ /* get key */
+ ecKey = EVP_PKEY_get1_EC_KEY(pKey);
+ if(ecKey == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_get1_EC_KEY", NULL);
+ goto done;
+ }
group = EC_KEY_get0_group(ecKey);
if(group == NULL) {
xmlSecOpenSSLError("EC_KEY_get0_group", NULL);
goto done;
}
-
order = BN_new();
if(order == NULL) {
xmlSecOpenSSLError("BN_new", NULL);
goto done;
}
-
if(EC_GROUP_get_order(group, order, NULL) != 1) {
xmlSecOpenSSLError("EC_GROUP_get_order", NULL);
goto done;
}
+ signHalfLen = BN_num_bytes(order);
+ if(signHalfLen <= 0) {
+ xmlSecOpenSSLError("BN_num_bytes", NULL);
+ goto done;
+ }
+
+ /* success */
+ res = signHalfLen;
+
+done:
+ /* cleanup */
+ if(order != NULL) {
+ BN_clear_free(order);
+ }
+ if(ecKey != NULL) {
+ EC_KEY_free(ecKey);
+ }
+ return(res);
+}
+
+static ECDSA_SIG*
+xmlSecOpenSSLSignatureEcdsaSignImpl(EVP_PKEY* pKey, const xmlSecByte* buf, xmlSecSize bufSize) {
+ EC_KEY* ecKey = NULL;
+ ECDSA_SIG* sig = NULL;
+ int dgstLen;
+ ECDSA_SIG* res = NULL;
+
+ xmlSecAssert2(pKey != NULL, NULL);
+ xmlSecAssert2(buf != NULL, NULL);
+ xmlSecAssert2(bufSize > 0, NULL);
+
+ /* get key */
+ ecKey = EVP_PKEY_get1_EC_KEY(pKey);
+ if(ecKey == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_get1_DSA", NULL);
+ goto done;
+ }
+
+ /* sign */
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(bufSize, dgstLen, goto done, NULL);
+ sig = ECDSA_do_sign(buf, dgstLen, ecKey);
+ if(sig == NULL) {
+ xmlSecOpenSSLError("ECDSA_do_sign", NULL);
+ goto done;
+ }
+
+ /* success */
+ res = sig;
+ sig = NULL;
+
+done:
+ if(sig != NULL) {
+ ECDSA_SIG_free(sig);
+ }
+ if(ecKey != NULL) {
+ EC_KEY_free(ecKey);
+ }
+ return(res);
+}
+
+static int
+xmlSecOpenSSLSignatureEcdsaVerifyImpl(EVP_PKEY* pKey, ECDSA_SIG* sig,
+ const xmlSecByte* buf, xmlSecSize bufSize) {
+ EC_KEY* ecKey = NULL;
+ int bufLen;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(pKey != NULL, -1);
+ xmlSecAssert2(sig != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(bufSize > 0, -1);
+
+ /* get key */
+ ecKey = EVP_PKEY_get1_EC_KEY(pKey);
+ if(ecKey == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_get1_DSA", NULL);
+ goto done;
+ }
+
+ /* verify */
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(bufSize, bufLen, goto done, NULL);
+ ret = ECDSA_do_verify(buf, bufLen, sig, ecKey);
+ if(ret < 0) {
+ xmlSecOpenSSLError("ECDSA_do_verify", NULL);
+ goto done;
+ }
+
+ /* success */
+ res = ret;
+
+done:
+ /* cleanup */
+ if(ecKey != NULL) {
+ EC_KEY_free(ecKey);
+ }
+
+ return(res);
+}
+
+#else /* XMLSEC_OPENSSL_API_300 */
+
+static int
+xmlSecOpenSSLSignatureEcdsaSignatureHalfLen(EVP_PKEY * ecKey) {
+ BIGNUM *order = NULL;
+ int signHalfLen = 0;
+
+ xmlSecAssert2(ecKey != NULL, 0);
+
+ if(EVP_PKEY_get_bn_param(ecKey, OSSL_PKEY_PARAM_EC_ORDER, &order) != 1) {
+ xmlSecOpenSSLError("EVP_PKEY_get_bn_parami(order)", NULL);
+ goto done;
+ }
/* result */
- signHalfSize = BN_num_bytes(order);
+ signHalfLen = BN_num_bytes(order);
+ if(signHalfLen <= 0) {
+ xmlSecOpenSSLError("BN_num_bytes", NULL);
+ goto done;
+ }
done:
/* cleanup */
}
/* done */
- return(signHalfSize);
+ return(signHalfLen);
}
+static ECDSA_SIG*
+xmlSecOpenSSLSignatureEcdsaSignImpl(EVP_PKEY* pKey, const xmlSecByte* buf,
+ xmlSecSize bufSize) {
+ EVP_PKEY_CTX* pKeyCtx = NULL;
+ size_t ecSignBufSize = 0;
+ xmlSecSize ecSignBufSize2;
+ xmlSecBufferPtr ecSignBuf = NULL;
+ const unsigned char* ecSignBufPtr = NULL;
+ long ecSignBufLen;
+ int ret;
+ ECDSA_SIG* sig = NULL;
+ ECDSA_SIG* res = NULL;
+
+ xmlSecAssert2(pKey != NULL, NULL);
+ xmlSecAssert2(buf != NULL, NULL);
+ xmlSecAssert2(bufSize > 0, NULL);
+
+ /* get key */
+ pKeyCtx = EVP_PKEY_CTX_new_from_pkey(xmlSecOpenSSLGetLibCtx(), pKey, NULL);
+ if (pKeyCtx == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_new_from_pkey", NULL);
+ goto done;
+ }
+
+ /* sign */
+ ret = EVP_PKEY_sign_init(pKeyCtx);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_sign_init", NULL);
+ goto done;
+ }
+ ret = EVP_PKEY_sign(pKeyCtx, NULL, &ecSignBufSize, buf, bufSize);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_sign(1)", NULL);
+ goto done;
+ }
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(ecSignBufSize, ecSignBufSize2, goto done, NULL);
+ ecSignBuf = xmlSecBufferCreate(ecSignBufSize2);
+ if (ecSignBuf == NULL) {
+ xmlSecInternalError2("xmlSecBufferCreate", NULL,
+ "size=" XMLSEC_SIZE_FMT, ecSignBufSize2);
+ goto done;
+ }
+ ret = EVP_PKEY_sign(pKeyCtx, xmlSecBufferGetData(ecSignBuf), &ecSignBufSize,
+ buf, bufSize);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_sign(2)", NULL);
+ goto done;
+ }
+ ecSignBufPtr = xmlSecBufferGetData(ecSignBuf);
+ XMLSEC_SAFE_CAST_SIZE_T_TO_LONG(ecSignBufSize, ecSignBufLen, goto done, NULL);
+
+ sig = d2i_ECDSA_SIG(NULL, &ecSignBufPtr, ecSignBufLen);
+ if (sig == NULL) {
+ xmlSecOpenSSLError("d2i_ECDSA_SIG", NULL);
+ goto done;
+ }
+
+ /* success */
+ res = sig;
+ sig = NULL;
+
+done:
+ if(sig != NULL) {
+ ECDSA_SIG_free(sig);
+ }
+ if (pKeyCtx != NULL) {
+ EVP_PKEY_CTX_free(pKeyCtx);
+ }
+ if (ecSignBuf != NULL) {
+ xmlSecBufferDestroy(ecSignBuf);
+ }
+ return(res);
+}
+
+static int
+xmlSecOpenSSLSignatureEcdsaVerifyImpl(EVP_PKEY* pKey, ECDSA_SIG* sig,
+ const xmlSecByte* buf, xmlSecSize bufSize) {
+ EVP_PKEY_CTX* pKeyCtx = NULL;
+ unsigned char* pout = NULL;
+ xmlSecSize size;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(pKey != NULL, -1);
+ xmlSecAssert2(sig != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(bufSize > 0, -1);
+
+ pKeyCtx = EVP_PKEY_CTX_new_from_pkey(xmlSecOpenSSLGetLibCtx(), pKey, NULL);
+ if (pKeyCtx == NULL) {
+ xmlSecOpenSSLError("EVP_PKEY_CTX_new_from_pkey", NULL);
+ goto done;
+ }
+
+ ret = EVP_PKEY_verify_init(pKeyCtx);
+ if (ret <= 0) {
+ xmlSecOpenSSLError("EVP_PKEY_verify_init", NULL);
+ goto done;
+ }
+
+ ret = i2d_ECDSA_SIG(sig, &pout); /* ret is size of signature on success */
+ if (ret < 0) {
+ xmlSecOpenSSLError("i2d_ECDSA_SIG", NULL);
+ goto done;
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, goto done, NULL);
+
+ ret = EVP_PKEY_verify(pKeyCtx, pout, size, buf, bufSize);
+ if(ret < 0) {
+ xmlSecOpenSSLError("ECDSA_do_verify", NULL);
+ goto done;
+ }
+
+ /* success */
+ res = ret;
+
+done:
+ /* cleanup */
+ if (pout != NULL) {
+ OPENSSL_free(pout);
+ }
+ if (pKeyCtx != NULL) {
+ EVP_PKEY_CTX_free(pKeyCtx);
+ }
+ return(res);
+}
+
+#endif /* XMLSEC_OPENSSL_API_300 */
static int
xmlSecOpenSSLSignatureEcdsaSign(xmlSecOpenSSLSignatureCtxPtr ctx, xmlSecBufferPtr out) {
- EC_KEY * ecKey = NULL;
- ECDSA_SIG *sig = NULL;
- const BIGNUM *rr = NULL, *ss = NULL;
- xmlSecByte *outData;
- xmlSecSize signHalfSize, rSize, sSize;
+ ECDSA_SIG* sig = NULL;
+ const BIGNUM* rr = NULL;
+ const BIGNUM* ss = NULL;
+ xmlSecByte* outData = NULL;
+ xmlSecSize outSize;
+ int signHalfLen, rLen, sLen;
int res = -1;
int ret;
xmlSecAssert2(ctx->dgstSize <= sizeof(ctx->dgst), -1);
xmlSecAssert2(out != NULL, -1);
- /* get key */
- ecKey = EVP_PKEY_get1_EC_KEY(ctx->pKey);
- if(ecKey == NULL) {
- xmlSecOpenSSLError("EVP_PKEY_get1_DSA", NULL);
+ /* sign */
+ sig = xmlSecOpenSSLSignatureEcdsaSignImpl(ctx->pKey, ctx->dgst, ctx->dgstSize);
+ if(sig == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLSignatureEcdsaSignImpl", NULL);
goto done;
}
/* calculate signature size */
- signHalfSize = xmlSecOpenSSLSignatureEcdsaSignatureHalfSize(ecKey);
- if(signHalfSize <= 0) {
- xmlSecInternalError("xmlSecOpenSSLSignatureEcdsaSignatureHalfSize", NULL);
- goto done;
- }
-
- /* sign */
- sig = ECDSA_do_sign(ctx->dgst, ctx->dgstSize, ecKey);
- if(sig == NULL) {
- xmlSecOpenSSLError("ECDSA_do_sign", NULL);
+ signHalfLen = xmlSecOpenSSLSignatureEcdsaSignatureHalfLen(ctx->pKey);
+ if(signHalfLen <= 0) {
+ xmlSecInternalError("xmlSecOpenSSLSignatureEcdsaSignatureHalfLen", NULL);
goto done;
}
}
/* check sizes */
- rSize = BN_num_bytes(rr);
- if(rSize > signHalfSize) {
- xmlSecInvalidSizeMoreThanError("ECDSA signatue r",
- rSize, signHalfSize, NULL);
+ rLen = BN_num_bytes(rr);
+ if ((rLen <= 0) || (rLen > signHalfLen)) {
+ xmlSecOpenSSLError3("BN_num_bytes(rr)", NULL,
+ "signHalfLen=%d; rLen=%d", signHalfLen, rLen);
goto done;
}
- sSize = BN_num_bytes(ss);
- if(sSize > signHalfSize) {
- xmlSecInvalidSizeMoreThanError("ECDSA signatue s",
- sSize, signHalfSize, NULL);
+ sLen = BN_num_bytes(ss);
+ if ((sLen <= 0) || (sLen > signHalfLen)) {
+ xmlSecOpenSSLError3("BN_num_bytes(ss)", NULL,
+ "signHalfLen=%d; sLen=%d", signHalfLen, sLen);
goto done;
}
/* allocate buffer */
- ret = xmlSecBufferSetSize(out, 2 * signHalfSize);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(2 * signHalfLen, outSize, goto done, NULL);
+ ret = xmlSecBufferSetSize(out, outSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferSetSize", NULL,
- "size=%d", (int)(2 * signHalfSize));
+ "size=" XMLSEC_SIZE_FMT, outSize);
goto done;
}
outData = xmlSecBufferGetData(out);
xmlSecAssert2(outData != NULL, -1);
/* write components */
- xmlSecAssert2((rSize + sSize) <= 2 * signHalfSize, -1);
- memset(outData, 0, 2 * signHalfSize);
- BN_bn2bin(rr, outData + signHalfSize - rSize);
- BN_bn2bin(ss, outData + 2 * signHalfSize - sSize);
+ xmlSecAssert2((rLen + sLen) <= 2 * signHalfLen, -1);
+ memset(outData, 0, outSize);
+ BN_bn2bin(rr, outData + signHalfLen - rLen);
+ BN_bn2bin(ss, outData + 2 * signHalfLen - sLen);
/* success */
res = 0;
if(sig != NULL) {
ECDSA_SIG_free(sig);
}
- if(ecKey != NULL) {
- EC_KEY_free(ecKey);
- }
/* done */
return(res);
}
static int
-xmlSecOpenSSLSignatureEcdsaVerify(xmlSecOpenSSLSignatureCtxPtr ctx, const xmlSecByte* signData, xmlSecSize signSize) {
- EC_KEY * ecKey = NULL;
- ECDSA_SIG *sig = NULL;
- BIGNUM *rr = NULL, *ss = NULL;
- xmlSecSize signHalfSize;
+xmlSecOpenSSLSignatureEcdsaVerify(xmlSecOpenSSLSignatureCtxPtr ctx,
+ const xmlSecByte* signData, xmlSecSize signSize) {
+ ECDSA_SIG* sig = NULL;
+ BIGNUM* rr = NULL;
+ BIGNUM* ss = NULL;
+ int signLen, signHalfLen;
int res = -1;
int ret;
xmlSecAssert2(ctx->dgstSize <= sizeof(ctx->dgst), -1);
xmlSecAssert2(signData != NULL, -1);
- /* get key */
- ecKey = EVP_PKEY_get1_EC_KEY(ctx->pKey);
- if(ecKey == NULL) {
- xmlSecOpenSSLError("EVP_PKEY_get1_EC_KEY", NULL);
- goto done;
- }
-
/* calculate signature size */
- signHalfSize = xmlSecOpenSSLSignatureEcdsaSignatureHalfSize(ecKey);
- if(signHalfSize <= 0) {
+ signHalfLen = xmlSecOpenSSLSignatureEcdsaSignatureHalfLen(ctx->pKey);
+ if(signHalfLen <= 0) {
xmlSecInternalError("xmlSecOpenSSLSignatureEcdsaSignatureHalfSize", NULL);
goto done;
}
/* check size: we expect the r and s to be the same size and match the size of
* the key (RFC 6931); however some implementations (e.g. Java) cut leading zeros:
* https://github.com/lsh123/xmlsec/issues/228 */
- if((signSize < 2 * signHalfSize) && (signSize % 2 == 0)) {
- signHalfSize = signSize / 2;
- } else if(signSize != 2 * signHalfSize) {
- xmlSecInvalidSizeError("ECDSA signature", signSize, 2 * signHalfSize,
- NULL);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(signSize, signLen, goto done, NULL);
+ if((signLen < 2 * signHalfLen) && (signLen % 2 == 0)) {
+ signHalfLen = signLen / 2;
+ } else if(signLen != 2 * signHalfLen) {
+ xmlSecInternalError3("xmlSecOpenSSLSignatureEcdsaSignatureHalfLen", NULL,
+ "signLen=%d; signHalfLen=%d", signLen, signHalfLen);
goto done;
}
goto done;
}
- rr = BN_bin2bn(signData, signHalfSize, NULL);
+ rr = BN_bin2bn(signData, signHalfLen, NULL);
if(rr == NULL) {
xmlSecOpenSSLError("BN_bin2bn(sig->r)", NULL);
goto done;
}
- ss = BN_bin2bn(signData + signHalfSize, signHalfSize, NULL);
+ ss = BN_bin2bn(signData + signHalfLen, signHalfLen, NULL);
if(ss == NULL) {
xmlSecOpenSSLError("BN_bin2bn(sig->s)", NULL);
goto done;
ss = NULL;
/* verify signature */
- ret = ECDSA_do_verify(ctx->dgst, ctx->dgstSize, sig, ecKey);
+ ret = xmlSecOpenSSLSignatureEcdsaVerifyImpl(ctx->pKey, sig, ctx->dgst, ctx->dgstSize);
if(ret < 0) {
- xmlSecOpenSSLError("ECDSA_do_verify", NULL);
+ xmlSecInternalError("xmlSecOpenSSLSignatureEcdsaVerifyImpl", NULL);
goto done;
}
+#ifndef XMLSEC_OPENSSL_API_300
+
+#else /* XMLSEC_OPENSSL_API_300 */
+
+#endif /* XMLSEC_OPENSSL_API_300 */
/* return 1 for good signatures and 0 for bad */
if(ret > 0) {
done:
/* cleanup */
- ECDSA_SIG_free(sig);
- EC_KEY_free(ecKey);
- BN_clear_free(rr);
- BN_clear_free(ss);
+ if (sig != NULL) {
+ ECDSA_SIG_free(sig);
+ }
+ if(rr != NULL) {
+ BN_clear_free(rr);
+ }
+ if(ss != NULL) {
+ BN_clear_free(ss);
+ }
/* done */
return(res);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:symkeys
#include <openssl/rand.h>
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/transforms.h>
#include <xmlsec/openssl/crypto.h>
+#include "../keysdata_helpers.h"
+
/*****************************************************************************
*
* Symmetic (binary) keys - just a wrapper for xmlSecKeyDataBinary
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:x509
#include <errno.h>
#include <time.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
+#include <xmlsec/base64.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/keysmngr.h>
#include <xmlsec/base64.h>
#include <xmlsec/errors.h>
#include <xmlsec/private.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/openssl/crypto.h>
#include <xmlsec/openssl/evp.h>
#include <openssl/mem.h>
#endif /* OPENSSL_IS_BORINGSSL */
-
+#include "../cast_helpers.h"
+#include "../keysdata_helpers.h"
#include "openssl_compat.h"
-
-/* The ASN1_TIME_check() function was changed from ASN1_TIME * to
- * const ASN1_TIME * in 1.1.0. To avoid compiler warnings, we use this hack.
- */
-#if !defined(XMLSEC_OPENSSL_API_110) || defined(OPENSSL_IS_BORINGSSL)
-typedef ASN1_TIME XMLSEC_CONST_ASN1_TIME;
-#else /* !defined(XMLSEC_OPENSSL_API_110) || defined(OPENSSL_IS_BORINGSSL) */
-typedef const ASN1_TIME XMLSEC_CONST_ASN1_TIME;
-#endif /* !defined(XMLSEC_OPENSSL_API_110) || defined(OPENSSL_IS_BORINGSSL) */
-
/*************************************************************************
*
* X509 utility functions
*
************************************************************************/
-static int xmlSecOpenSSLX509DataNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecOpenSSLX509CertificateNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecOpenSSLX509CertificateNodeWrite (X509* cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecOpenSSLX509SubjectNameNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecOpenSSLX509SubjectNameNodeWrite (X509* cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecOpenSSLX509IssuerSerialNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecOpenSSLX509IssuerSerialNodeWrite (X509* cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecOpenSSLX509SKINodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecOpenSSLX509SKINodeWrite (X509* cert,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecOpenSSLX509CRLNodeRead (xmlSecKeyDataPtr data,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int xmlSecOpenSSLX509CRLNodeWrite (X509_CRL* crl,
- xmlNodePtr node,
- xmlSecKeyInfoCtxPtr keyInfoCtx);
static int xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
xmlSecKeyPtr key,
xmlSecKeyInfoCtxPtr keyInfoCtx);
static X509* xmlSecOpenSSLX509CertDerRead (const xmlSecByte* buf,
xmlSecSize size);
-static X509* xmlSecOpenSSLX509CertBase64DerRead (xmlChar* buf);
-static xmlChar* xmlSecOpenSSLX509CertBase64DerWrite (X509* cert,
- int base64LineWrap);
static X509_CRL* xmlSecOpenSSLX509CrlDerRead (xmlSecByte* buf,
xmlSecSize size);
-static X509_CRL* xmlSecOpenSSLX509CrlBase64DerRead (xmlChar* buf);
-static xmlChar* xmlSecOpenSSLX509CrlBase64DerWrite (X509_CRL* crl,
- int base64LineWrap);
-static xmlChar* xmlSecOpenSSLX509NameWrite (X509_NAME* nm);
-static xmlChar* xmlSecOpenSSLASN1IntegerWrite (ASN1_INTEGER *asni);
-static xmlChar* xmlSecOpenSSLX509SKIWrite (X509* cert);
static void xmlSecOpenSSLX509CertDebugDump (X509* cert,
FILE* output);
static void xmlSecOpenSSLX509CertDebugXmlDump (X509* cert,
FILE* output);
-static int xmlSecOpenSSLX509CertGetTime (XMLSEC_CONST_ASN1_TIME * t,
- time_t* res);
/*************************************************************************
*
/**************************************************************************
*
- * <dsig:X509Data> processing
- *
- *
- * The X509Data Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
- *
- * An X509Data element within KeyInfo contains one or more identifiers of keys
- * or X509 certificates (or certificates' identifiers or a revocation list).
- * The content of X509Data is:
- *
- * 1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
- * 2.
- * * The X509IssuerSerial element, which contains an X.509 issuer
- * distinguished name/serial number pair that SHOULD be compliant
- * with RFC2253 [LDAP-DN],
- * * The X509SubjectName element, which contains an X.509 subject
- * distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
- * * The X509SKI element, which contains the base64 encoded plain (i.e.
- * non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
- * * The X509Certificate element, which contains a base64-encoded [X509v3]
- * certificate, and
- * * Elements from an external namespace which accompanies/complements any
- * of the elements above.
- * * The X509CRL element, which contains a base64-encoded certificate
- * revocation list (CRL) [X509v3].
- *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
- * MUST refer to the certificate or certificates containing the validation key.
- * All such elements that refer to a particular individual certificate MUST be
- * grouped inside a single X509Data element and if the certificate to which
- * they refer appears, it MUST also be in that X509Data element.
- *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
- * the same key but different certificates MUST be grouped within a single
- * KeyInfo but MAY occur in multiple X509Data elements.
- *
- * All certificates appearing in an X509Data element MUST relate to the
- * validation key by either containing it or being part of a certification
- * chain that terminates in a certificate containing the validation key.
- *
- * No ordering is implied by the above constraints.
- *
- * Note, there is no direct provision for a PKCS#7 encoded "bag" of
- * certificates or CRLs. However, a set of certificates and CRLs can occur
- * within an X509Data element and multiple X509Data elements can occur in a
- * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
- * least one such certificate must contain the public key which verifies the
- * signature.
- *
- * Schema Definition
- *
- * <element name="X509Data" type="ds:X509DataType"/>
- * <complexType name="X509DataType">
- * <sequence maxOccurs="unbounded">
- * <choice>
- * <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
- * <element name="X509SKI" type="base64Binary"/>
- * <element name="X509SubjectName" type="string"/>
- * <element name="X509Certificate" type="base64Binary"/>
- * <element name="X509CRL" type="base64Binary"/>
- * <any namespace="##other" processContents="lax"/>
- * </choice>
- * </sequence>
- * </complexType>
- * <complexType name="X509IssuerSerialType">
- * <sequence>
- * <element name="X509IssuerName" type="string"/>
- * <element name="X509SerialNumber" type="integer"/>
- * </sequence>
- * </complexType>
- *
- * DTD
- *
- * <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
- * X509Certificate | X509CRL)+ %X509.ANY;)>
- * <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
- * <!ELEMENT X509IssuerName (#PCDATA) >
- * <!ELEMENT X509SubjectName (#PCDATA) >
- * <!ELEMENT X509SerialNumber (#PCDATA) >
- * <!ELEMENT X509SKI (#PCDATA) >
- * <!ELEMENT X509Certificate (#PCDATA) >
- * <!ELEMENT X509CRL (#PCDATA) >
- *
- * -----------------------------------------------------------------------
- *
- * xmlSecOpenSSLX509DataCtx is located after xmlSecTransform
+ * <dsig:X509Data> processing (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
*
*************************************************************************/
-#define xmlSecOpenSSLX509DataSize \
- (sizeof(xmlSecKeyData) + sizeof(xmlSecOpenSSLX509DataCtx))
-#define xmlSecOpenSSLX509DataGetCtx(data) \
- ((xmlSecOpenSSLX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+XMLSEC_KEY_DATA_DECLARE(OpenSSLX509Data, xmlSecOpenSSLX509DataCtx)
+#define xmlSecOpenSSLX509DataSize XMLSEC_KEY_DATA_SIZE(OpenSSLX509Data)
static int xmlSecOpenSSLKeyDataX509Initialize (xmlSecKeyDataPtr data);
static int xmlSecOpenSSLKeyDataX509Duplicate (xmlSecKeyDataPtr dst,
FILE* output);
+typedef struct _xmlSecOpenSSLKeyDataX509Context {
+ xmlSecSize crtPos;
+ xmlSecSize crtSize;
+ xmlSecSize crlPos;
+ xmlSecSize crlSize;
+} xmlSecOpenSSLKeyDataX509Context;
+
+static int xmlSecOpenSSLKeyDataX509Read (xmlSecKeyDataPtr data,
+ xmlSecKeyValueX509Ptr x509Value,
+ xmlSecKeysMngrPtr keysMngr,
+ unsigned int flags);
+static int xmlSecOpenSSLKeyDataX509Write (xmlSecKeyDataPtr data,
+ xmlSecKeyValueX509Ptr x509Value,
+ int content,
+ void* context);
static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataX509Klass = {
sizeof(xmlSecKeyDataKlass),
X509*
xmlSecOpenSSLKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
xmlSecOpenSSLX509DataCtxPtr ctx;
+ int iPos;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), NULL);
ctx = xmlSecOpenSSLX509DataGetCtx(data);
xmlSecAssert2(ctx != NULL, NULL);
xmlSecAssert2(ctx->certsList != NULL, NULL);
- xmlSecAssert2(pos < (xmlSecSize)sk_X509_num(ctx->certsList), NULL);
- return(sk_X509_value(ctx->certsList, (int)pos));
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(pos, iPos, return(NULL), NULL);
+ xmlSecAssert2(iPos < sk_X509_num(ctx->certsList), NULL);
+ return(sk_X509_value(ctx->certsList, iPos));
}
/**
xmlSecSize
xmlSecOpenSSLKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
xmlSecOpenSSLX509DataCtxPtr ctx;
+ int ret;
+ xmlSecSize res;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), 0);
ctx = xmlSecOpenSSLX509DataGetCtx(data);
xmlSecAssert2(ctx != NULL, 0);
- return((ctx->certsList != NULL) ? sk_X509_num(ctx->certsList) : 0);
+ if(ctx->certsList == NULL) {
+ return(0);
+ }
+
+ ret = sk_X509_num(ctx->certsList);
+ if(ret < 0) {
+ xmlSecOpenSSLError("sk_X509_num", NULL);
+ return(0);
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, res, return(0), NULL);
+
+ return(res);
}
/**
X509_CRL*
xmlSecOpenSSLKeyDataX509GetCrl(xmlSecKeyDataPtr data, xmlSecSize pos) {
xmlSecOpenSSLX509DataCtxPtr ctx;
+ int iPos;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), NULL);
xmlSecAssert2(ctx != NULL, NULL);
xmlSecAssert2(ctx->crlsList != NULL, NULL);
- xmlSecAssert2(pos < (xmlSecSize)sk_X509_CRL_num(ctx->crlsList), NULL);
- return(sk_X509_CRL_value(ctx->crlsList, (int)pos));
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(pos, iPos, return(NULL), NULL);
+ xmlSecAssert2(iPos < sk_X509_CRL_num(ctx->crlsList), NULL);
+ return(sk_X509_CRL_value(ctx->crlsList, iPos));
}
/**
xmlSecSize
xmlSecOpenSSLKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) {
xmlSecOpenSSLX509DataCtxPtr ctx;
+ int ret;
+ xmlSecSize res;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), 0);
ctx = xmlSecOpenSSLX509DataGetCtx(data);
xmlSecAssert2(ctx != NULL, 0);
- return((ctx->crlsList != NULL) ? sk_X509_CRL_num(ctx->crlsList) : 0);
+ if(ctx->crlsList == NULL) {
+ return(0);
+ }
+
+ ret = sk_X509_CRL_num(ctx->crlsList);
+ if(ret < 0) {
+ xmlSecOpenSSLError("sk_X509_CRL_num", NULL);
+ return(0);
+ }
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, res, return(0), NULL);
+
+ return(res);
}
static int
if(certSrc == NULL) {
xmlSecInternalError2("xmlSecOpenSSLKeyDataX509GetCert",
xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return(-1);
}
if(crlSrc == NULL) {
xmlSecInternalError2("xmlSecOpenSSLKeyDataX509GetCrl",
xmlSecKeyDataGetName(src),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return(-1);
}
xmlSecAssert2(id == xmlSecOpenSSLKeyDataX509Id, -1);
xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
data = xmlSecKeyEnsureData(key, id);
if(data == NULL) {
xmlSecInternalError("xmlSecKeyEnsureData",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
- ret = xmlSecOpenSSLX509DataNodeRead(data, node, keyInfoCtx);
+ ret = xmlSecKeyDataX509XmlRead(data, node, keyInfoCtx,
+ xmlSecOpenSSLKeyDataX509Read);
if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLX509DataNodeRead",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecInternalError("xmlSecKeyDataX509XmlRead",
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
ret = xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLKeyDataX509VerifyAndExtractKey",
- xmlSecKeyDataKlassGetName(id));
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
return(0);
xmlSecOpenSSLKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
xmlSecKeyDataPtr data;
- X509* cert;
- X509_CRL* crl;
- xmlSecSize size, pos;
- int content;
+ xmlSecOpenSSLKeyDataX509Context context;
int ret;
xmlSecAssert2(id == xmlSecOpenSSLKeyDataX509Id, -1);
xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- content = xmlSecX509DataGetNodeContent (node, keyInfoCtx);
- if (content < 0) {
- xmlSecInternalError2("xmlSecX509DataGetNodeContent",
- xmlSecKeyDataKlassGetName(id),
- "content=%d", content);
- return(-1);
- } else if(content == 0) {
- /* by default we are writing certificates and crls */
- content = XMLSEC_X509DATA_DEFAULT;
- }
/* get x509 data */
data = xmlSecKeyGetData(key, id);
return(0);
}
- /* write certs */
- size = xmlSecOpenSSLKeyDataX509GetCertsSize(data);
- for(pos = 0; pos < size; ++pos) {
- cert = xmlSecOpenSSLKeyDataX509GetCert(data, pos);
- if(cert == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLKeyDataX509GetCert",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
-
- if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
- ret = xmlSecOpenSSLX509CertificateNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLX509CertificateNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
- ret = xmlSecOpenSSLX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLX509SubjectNameNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
- ret = xmlSecOpenSSLX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLX509IssuerSerialNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
-
- if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
- ret = xmlSecOpenSSLX509SKINodeWrite(cert, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLX509SKINodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
- }
-
- /* write crls if needed */
- if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
- size = xmlSecOpenSSLKeyDataX509GetCrlsSize(data);
- for(pos = 0; pos < size; ++pos) {
- crl = xmlSecOpenSSLKeyDataX509GetCrl(data, pos);
- if(crl == NULL) {
- xmlSecInternalError2("xmlSecOpenSSLKeyDataX509GetCrl",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
+ /* setup context */
+ context.crtPos = context.crlPos = 0;
+ context.crtSize = xmlSecOpenSSLKeyDataX509GetCertsSize(data);
+ context.crlSize = xmlSecOpenSSLKeyDataX509GetCrlsSize(data);
- ret = xmlSecOpenSSLX509CRLNodeWrite(crl, node, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLX509CRLNodeWrite",
- xmlSecKeyDataKlassGetName(id),
- "pos=%d", pos);
- return(-1);
- }
- }
+ ret = xmlSecKeyDataX509XmlWrite(data, node, keyInfoCtx,
+ xmlSecBase64GetDefaultLineSize(), 1, /* add line breaks */
+ xmlSecOpenSSLKeyDataX509Write, &context);
+ if(ret < 0) {
+ xmlSecInternalError3("xmlSecKeyDataX509XmlWrite",
+ xmlSecKeyDataKlassGetName(id),
+ "crtSize=" XMLSEC_SIZE_FMT "; crlSize=" XMLSEC_SIZE_FMT,
+ context.crtSize, context.crlSize);
+ return(-1);
}
+ /* success */
return(0);
}
if(cert == NULL) {
xmlSecInternalError2("xmlSecOpenSSLKeyDataX509GetCert",
xmlSecKeyDataGetName(data),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return;
}
fprintf(output, "==== Certificate:\n");
if(cert == NULL) {
xmlSecInternalError2("xmlSecOpenSSLKeyDataX509GetCert",
xmlSecKeyDataGetName(data),
- "pos=%d", pos);
+ "pos=" XMLSEC_SIZE_FMT, pos);
return;
}
fprintf(output, "<Certificate>\n");
}
static int
-xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlNodePtr cur;
+xmlSecOpenSSLKeyDataX509Read(xmlSecKeyDataPtr data, xmlSecKeyValueX509Ptr x509Value,
+ xmlSecKeysMngrPtr keysMngr, unsigned int flags) {
+ xmlSecKeyDataStorePtr x509Store;
+ int stopOnUnknownCert = 0;
+ X509* storeCert = NULL;
+ X509* cert = NULL;
+ X509_CRL* crl = NULL;
int ret;
+ int res = -1;
+ xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(keysMngr != NULL, -1);
- for(cur = xmlSecGetNextElementNode(node->children);
- cur != NULL;
- cur = xmlSecGetNextElementNode(cur->next)) {
+ x509Store = xmlSecKeysMngrGetDataStore(keysMngr, xmlSecOpenSSLX509StoreId);
+ if(x509Store == NULL) {
+ xmlSecInternalError("xmlSecKeysMngrGetDataStore", xmlSecKeyDataGetName(data));
+ goto done;
+ }
- ret = 0;
- if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
- ret = xmlSecOpenSSLX509CertificateNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLX509CertificateNodeRead",
- xmlSecKeyDataGetName(data),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
- ret = xmlSecOpenSSLX509SubjectNameNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLX509SubjectNameNodeRead",
- xmlSecKeyDataGetName(data),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
- ret = xmlSecOpenSSLX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLX509IssuerSerialNodeRead",
- xmlSecKeyDataGetName(data),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
- ret = xmlSecOpenSSLX509SKINodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLX509SKINodeRead",
- xmlSecKeyDataGetName(data),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
- return(-1);
- }
- } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
- ret = xmlSecOpenSSLX509CRLNodeRead(data, cur, keyInfoCtx);
- if(ret < 0) {
- xmlSecInternalError2("xmlSecOpenSSLX509CRLNodeRead",
- xmlSecKeyDataGetName(data),
- "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
- return(-1);
- }
- } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
- /* laxi schema validation: ignore unknown nodes */
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
- return(-1);
- }
+ /* determine what to do */
+ if((flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+ stopOnUnknownCert = 1;
}
- return(0);
-}
-static int
-xmlSecOpenSSLX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar *content;
- X509* cert;
- int ret;
+ if(xmlSecBufferGetSize(&(x509Value->cert)) > 0) {
+ cert = xmlSecOpenSSLX509CertDerRead(xmlSecBufferGetData(&(x509Value->cert)),
+ xmlSecBufferGetSize(&(x509Value->cert)));
+ if(cert == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLX509CertDerRead", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ } else if(xmlSecBufferGetSize(&(x509Value->crl)) > 0) {
+ crl = xmlSecOpenSSLX509CrlDerRead(xmlSecBufferGetData(&(x509Value->crl)),
+ xmlSecBufferGetSize(&(x509Value->crl)));
+ if(crl == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLX509CertDerRead", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ } else if(xmlSecBufferGetSize(&(x509Value->ski)) > 0) {
+ storeCert = xmlSecOpenSSLX509StoreFindCert_ex(x509Store, NULL, NULL, NULL,
+ xmlSecBufferGetData(&(x509Value->ski)), xmlSecBufferGetSize(&(x509Value->ski)),
+ NULL /* unused */);
+ if((storeCert == NULL) && (stopOnUnknownCert != 0)) {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "skiSize=" XMLSEC_SIZE_FMT, xmlSecBufferGetSize(&(x509Value->ski)));
+ goto done;
+ }
+ } else if(x509Value->subject != NULL) {
+ storeCert = xmlSecOpenSSLX509StoreFindCert_ex(x509Store, x509Value->subject,
+ NULL, NULL, NULL, 0, NULL /* unused */);
+ if((storeCert == NULL) && (stopOnUnknownCert != 0)) {
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "subject=%s", xmlSecErrorsSafeString(x509Value->subject));
+ goto done;
+ }
+ } else if((x509Value->issuerName != NULL) && (x509Value->issuerSerial != NULL)) {
+ storeCert = xmlSecOpenSSLX509StoreFindCert_ex(x509Store, NULL,
+ x509Value->issuerName, x509Value->issuerSerial,
+ NULL, 0, NULL /* unused */);
+ if((storeCert == NULL) && (stopOnUnknownCert != 0)) {
+ xmlSecOtherError3(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "issuerName=%s;issuerSerial=%s",
+ xmlSecErrorsSafeString(x509Value->issuerName),
+ xmlSecErrorsSafeString(x509Value->issuerSerial));
+ goto done;
+ }
+ }
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ /* if we found cert in a store, then duplicate it for key data */
+ if((cert == NULL) && (storeCert != NULL)) {
+ cert = X509_dup(storeCert);
+ if(cert == NULL) {
+ xmlSecOpenSSLError("X509_dup", xmlSecKeyDataGetName(data));
+ goto done;
+ }
+ }
- content = xmlNodeGetContent(node);
- if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
- if(content != NULL) {
- xmlFree(content);
+ /* if we found a cert or a crl, then add it to the data */
+ if(cert != NULL) {
+ ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptCert", xmlSecKeyDataGetName(data));
+ goto done;
}
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
+ cert = NULL; /* owned by data now */
+ }
+ if(crl != NULL) {
+ ret = xmlSecOpenSSLKeyDataX509AdoptCrl(data, crl);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptCrl", xmlSecKeyDataGetName(data));
+ goto done;
}
- return(0);
+ crl = NULL; /* owned by data now */
}
- cert = xmlSecOpenSSLX509CertBase64DerRead(content);
- if(cert == NULL) {
- xmlSecInternalError("xmlSecOpenSSLX509CertBase64DerRead",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
- return(-1);
- }
+ /* success */
+ res = 0;
- ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert);
- if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
+done:
+ /* cleanup */
+ if(cert != NULL) {
X509_free(cert);
- xmlFree(content);
- return(-1);
}
-
- xmlFree(content);
- return(0);
+ if(crl != NULL) {
+ X509_CRL_free(crl);
+ }
+ return(res);
}
static int
-xmlSecOpenSSLX509CertificateNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* buf;
- xmlNodePtr cur;
+xmlSecOpenSSLX509CertDerWrite(X509* cert, xmlSecBufferPtr buf) {
+ BIO *mem = NULL;
+ xmlSecByte *data = NULL;
+ xmlSecSize size;
+ long len;
+ int ret;
+ int res = -1;
xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
- /* set base64 lines size from context */
- buf = xmlSecOpenSSLX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecOpenSSLX509CertBase64DerWrite", NULL);
- return(-1);
+ mem = xmlSecOpenSSLCreateMemBio();
+ if(mem == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLCreateMemBio", NULL);
+ goto done;
}
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(xmlSecNodeX509Certificate)", NULL);
- xmlFree(buf);
- return(-1);
+ ret = i2d_X509_bio(mem, cert);
+ if(ret != 1) {
+ xmlSecOpenSSLError("i2d_X509_bio", NULL);
+ goto done;
+ }
+ ret = BIO_flush(mem);
+ if(ret != 1) {
+ xmlSecOpenSSLError("BIO_flush", NULL);
+ goto done;
}
- /* todo: add \n around base64 data - from context */
- /* todo: add errors check */
- xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
- xmlNodeSetContent(cur, buf);
- xmlFree(buf);
- return(0);
+ len = BIO_get_mem_data(mem, &data);
+ if((len <= 0) || (data == NULL)){
+ xmlSecOpenSSLError("BIO_get_mem_data", NULL);
+ goto done;
+ }
+ XMLSEC_SAFE_CAST_LONG_TO_SIZE(len, size, goto done, NULL);
+
+ ret = xmlSecBufferSetData(buf, data, size);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecBufferSetData", NULL);
+ goto done;
+ }
+
+ /* success */
+ res = 0;
+
+done:
+ if(mem != NULL) {
+ BIO_free_all(mem);
+ }
+ return(res);
}
static int
-xmlSecOpenSSLX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr x509Store;
- xmlChar* subject;
- X509* cert;
- X509* cert2;
+xmlSecOpenSSLX509CrlDerWrite(X509_CRL* crl, xmlSecBufferPtr buf) {
+ BIO *mem = NULL;
+ xmlSecByte *data = NULL;
+ xmlSecSize size;
+ long len;
int ret;
+ int res = -1;
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
+ xmlSecAssert2(crl != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
+ mem = xmlSecOpenSSLCreateMemBio();
+ if(mem == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLCreateMemBio", NULL);
+ goto done;
}
- subject = xmlNodeGetContent(node);
- if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
- if(subject != NULL) {
- xmlFree(subject);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- return(0);
+ ret = i2d_X509_CRL_bio(mem, crl);
+ if(ret != 1) {
+ xmlSecOpenSSLError("i2d_X509_CRL_bio", NULL);
+ goto done;
}
-
- cert = xmlSecOpenSSLX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
- if(cert == NULL){
-
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "subject=%s", xmlSecErrorsSafeString(subject));
- xmlFree(subject);
- return(-1);
- }
-
- xmlFree(subject);
- return(0);
+ ret = BIO_flush(mem);
+ if(ret != 1) {
+ xmlSecOpenSSLError("BIO_flush", NULL);
+ goto done;
}
- cert2 = X509_dup(cert);
- if(cert2 == NULL) {
- xmlSecOpenSSLError("X509_dup",
- xmlSecKeyDataGetName(data));
- xmlFree(subject);
- return(-1);
+ len = BIO_get_mem_data(mem, &data);
+ if((len <= 0) || (data == NULL)){
+ xmlSecOpenSSLError("BIO_get_mem_data", NULL);
+ goto done;
}
+ XMLSEC_SAFE_CAST_LONG_TO_SIZE(len, size, goto done, NULL);
- ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert2);
+ ret = xmlSecBufferSetData(buf, data, size);
if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- X509_free(cert2);
- xmlFree(subject);
- return(-1);
+ xmlSecInternalError2("xmlSecBufferSetData", NULL,
+ "size=" XMLSEC_SIZE_FMT, size);
+ goto done;
}
- xmlFree(subject);
- return(0);
+ /* success */
+ res = 0;
+
+done:
+ if(mem != NULL) {
+ BIO_free_all(mem);
+ }
+ return(res);
}
static int
-xmlSecOpenSSLX509SubjectNameNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlChar* buf = NULL;
- xmlNodePtr cur = NULL;
+xmlSecOpenSSLX509SKIWrite(X509* cert, xmlSecBufferPtr buf) {
+ X509_EXTENSION *ext;
+ ASN1_OCTET_STRING *keyId = NULL;
+ const xmlSecByte* keyIdData;
+ int index, keyIdLen;
+ xmlSecSize keyIdSize;
int ret;
+ int res = -1;
xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- UNREFERENCED_PARAMETER(keyInfoCtx);
+ xmlSecAssert2(buf != NULL, -1);
- buf = xmlSecOpenSSLX509NameWrite(X509_get_subject_name(cert));
- if(buf == NULL) {
- xmlSecInternalError("xmlSecOpenSSLX509NameWrite(X509_get_subject_name)", NULL);
- return(-1);
+ index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
+ if (index < 0) {
+ xmlSecOpenSSLError("X509_get_ext_by_NID(): Certificate without SubjectKeyIdentifier extension", NULL);
+ goto done;
}
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(xmlSecNodeX509SubjectName)", NULL);
- xmlFree(buf);
- return(-1);
+ ext = X509_get_ext(cert, index);
+ if (ext == NULL) {
+ xmlSecOpenSSLError("X509_get_ext", NULL);
+ goto done;
}
- ret = xmlSecNodeEncodeAndSetContent(cur, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
- return(-1);
+ keyId = (ASN1_OCTET_STRING *)X509V3_EXT_d2i(ext);
+ if (keyId == NULL) {
+ xmlSecOpenSSLError("X509V3_EXT_d2i", NULL);
+ goto done;
}
- /* done */
- xmlFree(buf);
- return(0);
-}
-
-static int
-xmlSecOpenSSLX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr x509Store;
- xmlNodePtr cur;
- xmlChar *issuerName;
- xmlChar *issuerSerial;
- X509* cert;
- X509* cert2;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(node->children);
- if(cur == NULL) {
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecNodeNotFoundError("xmlSecGetNextElementNode", node, NULL,
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- return(0);
- }
-
- /* the first is required node X509IssuerName */
- if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
- xmlSecInvalidNodeError(cur, xmlSecNodeX509IssuerName, xmlSecKeyDataGetName(data));
- return(-1);
- }
- issuerName = xmlNodeGetContent(cur);
- if(issuerName == NULL) {
- xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data), "empty");
- return(-1);
+ keyIdData = ASN1_STRING_get0_data(keyId);
+ if(keyIdData == NULL) {
+ xmlSecOpenSSLError("ASN1_STRING_get0_data", NULL);
+ goto done;
}
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* next is required node X509SerialNumber */
- if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
- xmlSecInvalidNodeError(cur, xmlSecNodeX509SerialNumber, xmlSecKeyDataGetName(data));
- xmlFree(issuerName);
- return(-1);
+ keyIdLen = ASN1_STRING_length(keyId);
+ if(keyIdLen <= 0) {
+ xmlSecOpenSSLError("ASN1_STRING_length", NULL);
+ goto done;
}
- issuerSerial = xmlNodeGetContent(cur);
- if(issuerSerial == NULL) {
- xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data), "empty");
- xmlFree(issuerName);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(keyIdLen, keyIdSize, goto done, NULL);
- if(cur != NULL) {
- xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
+ ret = xmlSecBufferSetData(buf, keyIdData, keyIdSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBufferSetData", NULL,
+ "keyIdSize=" XMLSEC_SIZE_FMT, keyIdSize);
+ goto done;
}
- cert = xmlSecOpenSSLX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
- if(cert == NULL){
-
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecOtherError3(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "issuerName=%s;issuerSerial=%s",
- xmlSecErrorsSafeString(issuerName),
- xmlSecErrorsSafeString(issuerSerial));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
- }
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(0);
- }
+ /* success */
+ res = 0;
- cert2 = X509_dup(cert);
- if(cert2 == NULL) {
- xmlSecOpenSSLError("X509_dup",
- xmlSecKeyDataGetName(data));
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
- }
- ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert2);
- if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- X509_free(cert2);
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(-1);
+done:
+ if(keyId != NULL) {
+ ASN1_OCTET_STRING_free(keyId);
}
-
- xmlFree(issuerSerial);
- xmlFree(issuerName);
- return(0);
+ return(res);
}
-static int
-xmlSecOpenSSLX509IssuerSerialNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlNodePtr cur;
- xmlNodePtr issuerNameNode;
- xmlNodePtr issuerNumberNode;
- xmlChar* buf;
+static xmlChar*
+xmlSecOpenSSLX509NameWrite(X509_NAME* nm) {
+ xmlChar* res = NULL;
+ BIO *mem = NULL;
+ xmlChar* buf = NULL;
+ xmlSecSize sizeBuf;
+ int lenBuf, lenRead;
int ret;
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- UNREFERENCED_PARAMETER(keyInfoCtx);
-
- /* create xml nodes */
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(xmlSecNodeX509IssuerSerial)", NULL);
- return(-1);
- }
+ xmlSecAssert2(nm != NULL, NULL);
- issuerNameNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
- if(issuerNameNode == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(xmlSecNodeX509IssuerName)", NULL);
- return(-1);
+ mem = xmlSecOpenSSLCreateMemBio();
+ if(mem == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLCreateMemBio", NULL);
+ goto done;
}
- issuerNumberNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
- if(issuerNumberNode == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(xmlSecNodeX509SerialNumber)", NULL);
- return(-1);
+ if (X509_NAME_print_ex(mem, nm, 0, XN_FLAG_RFC2253) <=0) {
+ xmlSecOpenSSLError("X509_NAME_print_ex", NULL);
+ goto done;
}
- /* write data */
- buf = xmlSecOpenSSLX509NameWrite(X509_get_issuer_name(cert));
- if(buf == NULL) {
- xmlSecInternalError("xmlSecOpenSSLX509NameWrite(X509_get_issuer_name)", NULL);
- return(-1);
+ ret = BIO_flush(mem);
+ if(ret != 1) {
+ xmlSecOpenSSLError("BIO_flush", NULL);
+ goto done;
}
- ret = xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent(issuerNameNode)", NULL);
- xmlFree(buf);
- return(-1);
+ lenBuf = BIO_pending(mem);
+ if(lenBuf <= 0) {
+ xmlSecOpenSSLError("BIO_pending", NULL);
+ goto done;
}
- xmlFree(buf);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(lenBuf, sizeBuf, goto done, NULL);
- buf = xmlSecOpenSSLASN1IntegerWrite(X509_get_serialNumber(cert));
+ buf = (xmlChar *)xmlMalloc(sizeBuf + 1);
if(buf == NULL) {
- xmlSecInternalError("xmlSecOpenSSLASN1IntegerWrite(X509_get_serialNumber)", NULL);
- return(-1);
+ xmlSecMallocError(sizeBuf + 1, NULL);
+ goto done;
}
+ memset(buf, 0, sizeBuf + 1);
- ret = xmlSecNodeEncodeAndSetContent(issuerNumberNode, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent(issuerNumberNode)", NULL);
- xmlFree(buf);
- return(-1);
+ lenRead = BIO_read(mem, buf, lenBuf);
+ if(lenRead != lenBuf) {
+ xmlSecOpenSSLError("BIO_read", NULL);
+ goto done;
}
- /* done */
- xmlFree(buf);
- return(0);
-}
-
+ /* success */
+ buf[sizeBuf] = '\0';
+ res = buf;
+ buf = NULL;
-static int
-xmlSecOpenSSLX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecKeyDataStorePtr x509Store;
- xmlChar* ski;
- X509* cert;
- X509* cert2;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- ski = xmlNodeGetContent(node);
- if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
- if(ski != NULL) {
- xmlFree(ski);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
- return(-1);
- }
- return(0);
- }
-
- cert = xmlSecOpenSSLX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
- if(cert == NULL){
- xmlFree(ski);
-
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
- "ski=%s", xmlSecErrorsSafeString(ski));
- return(-1);
- }
- return(0);
- }
-
- cert2 = X509_dup(cert);
- if(cert2 == NULL) {
- xmlSecOpenSSLError("X509_dup",
- xmlSecKeyDataGetName(data));
- xmlFree(ski);
- return(-1);
+done:
+ if(buf != NULL) {
+ xmlFree(buf);
}
-
- ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert2);
- if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptCert",
- xmlSecKeyDataGetName(data));
- X509_free(cert2);
- xmlFree(ski);
- return(-1);
+ if(mem != NULL) {
+ BIO_free_all(mem);
}
-
- xmlFree(ski);
- return(0);
+ return(res);
}
-static int
-xmlSecOpenSSLX509SKINodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
- xmlChar *buf = NULL;
- xmlNodePtr cur = NULL;
- int ret;
+static xmlChar*
+xmlSecOpenSSLASN1IntegerWrite(ASN1_INTEGER *asni) {
+ xmlChar *res = NULL;
+ BIGNUM *bn;
+ char *p;
- xmlSecAssert2(cert != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- UNREFERENCED_PARAMETER(keyInfoCtx);
+ xmlSecAssert2(asni != NULL, NULL);
- buf = xmlSecOpenSSLX509SKIWrite(cert);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecOpenSSLX509SKIWrite", NULL);
- return(-1);
+ bn = ASN1_INTEGER_to_BN(asni, NULL);
+ if(bn == NULL) {
+ xmlSecOpenSSLError("ASN1_INTEGER_to_BN", NULL);
+ return(NULL);
}
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(xmlSecNodeX509SKI)", NULL);
- xmlFree(buf);
- return(-1);
+ p = BN_bn2dec(bn);
+ if (p == NULL) {
+ xmlSecOpenSSLError("BN_bn2dec", NULL);
+ BN_clear_free(bn);
+ return(NULL);
}
+ BN_clear_free(bn);
+ bn = NULL;
- ret = xmlSecNodeEncodeAndSetContent(cur, buf);
- if(ret < 0) {
- xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
- xmlFree(buf);
- return(-1);
+ /* OpenSSL and LibXML2 can have different memory callbacks, i.e.
+ when data is allocated in OpenSSL should be freed with OpenSSL
+ method, not with LibXML2 method.
+ */
+ res = xmlCharStrdup(p);
+ if(res == NULL) {
+ xmlSecStrdupError(BAD_CAST p, NULL);
+ OPENSSL_free(p);
+ return(NULL);
}
-
- /* done */
- xmlFree(buf);
- return(0);
+ OPENSSL_free(p);
+ p = NULL;
+ return(res);
}
static int
-xmlSecOpenSSLX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar *content;
- X509_CRL* crl;
+xmlSecOpenSSLKeyDataX509Write(xmlSecKeyDataPtr data, xmlSecKeyValueX509Ptr x509Value,
+ int content, void* context) {
+ xmlSecOpenSSLKeyDataX509Context* ctx;
int ret;
+ xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(x509Value != NULL, -1);
+ xmlSecAssert2(context != NULL, -1);
- content = xmlNodeGetContent(node);
- if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
- if(content != NULL) {
- xmlFree(content);
- }
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
+ ctx = (xmlSecOpenSSLKeyDataX509Context*)context;
+ if(ctx->crtPos < ctx->crtSize) {
+ /* write cert */
+ X509* cert = xmlSecOpenSSLKeyDataX509GetCert(data, ctx->crtPos);
+ if(cert == NULL) {
+ xmlSecInternalError2("xmlSecOpenSSLKeyDataX509GetCert",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
return(-1);
}
- return(0);
- }
-
- crl = xmlSecOpenSSLX509CrlBase64DerRead(content);
- if(crl == NULL) {
- xmlSecInternalError("xmlSecOpenSSLX509CrlBase64DerRead",
- xmlSecKeyDataGetName(data));
- xmlFree(content);
- return(-1);
- }
-
- ret = xmlSecOpenSSLKeyDataX509AdoptCrl(data, crl);
- if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLKeyDataX509AdoptCrl",
- xmlSecKeyDataGetName(data));
- X509_CRL_free(crl);
- xmlFree(content);
- return(-1);
- }
-
- xmlFree(content);
- return(0);
-}
-
-static int
-xmlSecOpenSSLX509CRLNodeWrite(X509_CRL* crl, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlChar* buf = NULL;
- xmlNodePtr cur = NULL;
-
- xmlSecAssert2(crl != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
-
- /* set base64 lines size from context */
- buf = xmlSecOpenSSLX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
- if(buf == NULL) {
- xmlSecInternalError("xmlSecOpenSSLX509CrlBase64DerWrite", NULL);
- return(-1);
- }
-
- cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecInternalError("xmlSecEnsureEmptyChild(xmlSecNodeX509CRL)", NULL);
- xmlFree(buf);
- return(-1);
- }
- /* todo: add \n around base64 data - from context */
- /* todo: add errors check */
- xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
- xmlNodeSetContent(cur, buf);
- xmlFree(buf);
-
- return(0);
-}
-
-static int
-xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
- xmlSecKeyInfoCtxPtr keyInfoCtx) {
- xmlSecOpenSSLX509DataCtxPtr ctx;
- xmlSecKeyDataStorePtr x509Store;
- int ret;
-
- xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(keyInfoCtx != NULL, -1);
- xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
-
- ctx = xmlSecOpenSSLX509DataGetCtx(data);
- xmlSecAssert2(ctx != NULL, -1);
-
- x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
- if(x509Store == NULL) {
- xmlSecInternalError("xmlSecKeysMngrGetDataStore",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
-
- if((ctx->keyCert == NULL) && (ctx->certsList != NULL) && (xmlSecKeyGetValue(key) == NULL)) {
- X509* cert;
-
- cert = xmlSecOpenSSLX509StoreVerify(x509Store, ctx->certsList, ctx->crlsList, keyInfoCtx);
- if(cert != NULL) {
- xmlSecKeyDataPtr keyValue;
-
- ctx->keyCert = X509_dup(cert);
- if(ctx->keyCert == NULL) {
- xmlSecOpenSSLError("X509_dup",
- xmlSecKeyDataGetName(data));
+ if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
+ ret = xmlSecOpenSSLX509CertDerWrite(cert, &(x509Value->cert));
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecOpenSSLX509CertDerWrite",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
return(-1);
}
-
- keyValue = xmlSecOpenSSLX509CertGetKey(ctx->keyCert);
- if(keyValue == NULL) {
- xmlSecInternalError("xmlSecOpenSSLX509CertGetKey",
- xmlSecKeyDataGetName(data));
+ }
+ if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
+ ret = xmlSecOpenSSLX509SKIWrite(cert, &(x509Value->ski));
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecOpenSSLX509SKIWrite",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
return(-1);
}
+ }
+ if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
+ xmlSecAssert2(x509Value->subject == NULL, -1);
- /* verify that the key matches our expectations */
- if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
- xmlSecInternalError("xmlSecKeyReqMatchKeyValue",
- xmlSecKeyDataGetName(data));
- xmlSecKeyDataDestroy(keyValue);
+ x509Value->subject = xmlSecOpenSSLX509NameWrite(X509_get_subject_name(cert));
+ if(x509Value->subject == NULL) {
+ xmlSecInternalError2("xmlSecOpenSSLX509NameWrite(X509_get_subject_name)",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
return(-1);
}
-
- ret = xmlSecKeySetValue(key, keyValue);
- if(ret < 0) {
- xmlSecInternalError("xmlSecKeySetValue",
- xmlSecKeyDataGetName(data));
- xmlSecKeyDataDestroy(keyValue);
+ }
+ if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
+ xmlSecAssert2(x509Value->issuerName == NULL, -1);
+ xmlSecAssert2(x509Value->issuerSerial == NULL, -1);
+
+ x509Value->issuerName = xmlSecOpenSSLX509NameWrite(X509_get_issuer_name(cert));
+ if(x509Value->issuerName == NULL) {
+ xmlSecInternalError2("xmlSecOpenSSLX509NameWrite(X509_get_issuer_name)",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
return(-1);
}
-
- if((X509_get0_notBefore(ctx->keyCert) != NULL) && (X509_get0_notAfter(ctx->keyCert) != NULL)) {
- ret = xmlSecOpenSSLX509CertGetTime(X509_get0_notBefore(ctx->keyCert), &(key->notValidBefore));
- if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLX509CertGetTime(notAfter)",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- ret = xmlSecOpenSSLX509CertGetTime(X509_get0_notAfter(ctx->keyCert), &(key->notValidAfter));
- if(ret < 0) {
- xmlSecInternalError("xmlSecOpenSSLX509CertGetTime(notBefore)",
- xmlSecKeyDataGetName(data));
- return(-1);
- }
- } else {
- key->notValidBefore = key->notValidAfter = 0;
+ x509Value->issuerSerial = xmlSecOpenSSLASN1IntegerWrite(X509_get_serialNumber(cert));
+ if(x509Value->issuerSerial == NULL) {
+ xmlSecInternalError2("xmlSecOpenSSLASN1IntegerWrite(X509_get_serialNumber))",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crtPos);
+ return(-1);
}
- } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
- xmlSecOtherError(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data), NULL);
+ }
+ ++ctx->crtPos;
+ } else if(ctx->crlPos < ctx->crlSize) {
+ /* write crl */
+ X509_CRL* crl = xmlSecOpenSSLKeyDataX509GetCrl(data, ctx->crlPos);
+ if(crl == NULL) {
+ xmlSecInternalError2("xmlSecOpenSSLKeyDataX509GetCrl",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crlPos);
return(-1);
}
- }
- return(0);
-}
-#ifdef HAVE_TIMEGM
-extern time_t timegm (struct tm *tm);
-#else /* HAVE_TIMEGM */
-
-#ifdef WIN32
-
-#ifdef _MSC_VER
-static time_t
-my_timegm(struct tm *t) {
- long seconds = 0;
- if(_get_timezone(&seconds) != 0) {
- return(-1);
+ if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
+ ret = xmlSecOpenSSLX509CrlDerWrite(crl, &(x509Value->crl));
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecOpenSSLX509CrlDerWrite",
+ xmlSecKeyDataGetName(data),
+ "pos=" XMLSEC_SIZE_FMT, ctx->crlPos);
+ return(-1);
+ }
+ }
+ ++ctx->crlPos;
+ } else {
+ /* no more certs or crls */
+ return(1);
}
- return (mktime(t) - seconds);
+
+ /* success */
+ return(0);
}
-#define timegm(tm) my_timegm(tm)
-#else /* _MSC_VER */
-#define timegm(tm) (mktime(tm) - _timezone)
+#ifdef HAVE_TIMEGM
-#endif /* _MSC_VER */
+/* easy case */
+extern time_t timegm (struct tm *tm);
-#else /* WIN32 */
+#elif !defined(XMLSEC_WINDOWS)
/* Absolutely not the best way but it's the only ANSI compatible way I know.
* If you system has a native struct tm --> GMT time_t conversion function
#define timegm(tm) my_timegm(tm)
-#endif /* WIN32 */
+#elif defined(_MSC_VER)
+
+/* Windows build with MSVC */
+static time_t
+my_timegm(struct tm *t) {
+ long seconds = 0;
+ if(_get_timezone(&seconds) != 0) {
+ return(-1);
+ }
+ return (mktime(t) - seconds);
+}
+#define timegm(tm) my_timegm(tm)
+
+#else /* defined(_MSC_VER) */
+
+/* Windows build with MinGW, Cygwin, etc */
+#define timegm(tm) (mktime(tm) - _timezone)
+
#endif /* HAVE_TIMEGM */
+#if (defined(XMLSEC_OPENSSL_API_110) || defined(XMLSEC_OPENSSL_API_300)) && !defined(OPENSSL_IS_BORINGSSL)
+
+static int
+xmlSecOpenSSLX509CertGetTime(const ASN1_TIME * t, time_t* res) {
+ struct tm tm;
+ int ret;
+
+ xmlSecAssert2(t != NULL, -1);
+ xmlSecAssert2(res != NULL, -1);
+
+ (*res) = 0;
+ if(!ASN1_TIME_check(t)) {
+ xmlSecOpenSSLError("ASN1_TIME_check", NULL);
+ return(-1);
+ }
+
+ memset(&tm, 0, sizeof(tm));
+ ret = ASN1_TIME_to_tm(t, &tm);
+ if(ret != 1) {
+ xmlSecOpenSSLError("ASN1_TIME_to_tm", NULL);
+ return(-1);
+ }
+
+ (*res) = timegm(&tm);
+ return(0);
+}
+
+#else /* (defined(XMLSEC_OPENSSL_API_110) || defined(XMLSEC_OPENSSL_API_300)) && !defined(OPENSSL_IS_BORINGSSL) */
+
static int
-xmlSecOpenSSLX509CertGetTime(XMLSEC_CONST_ASN1_TIME * t, time_t* res) {
+xmlSecOpenSSLX509CertGetTime(ASN1_TIME * t, time_t* res) {
struct tm tm;
int offset;
if(t->type == V_ASN1_UTCTIME) {
xmlSecAssert2(t->length > 12, -1);
- /* this code is copied from OpenSSL asn1/a_utctm.c file */
- tm.tm_year = g2(t->data);
- if(tm.tm_year < 50) {
- tm.tm_year += 100;
- }
- tm.tm_mon = g2(t->data + 2) - 1;
- tm.tm_mday = g2(t->data + 4);
- tm.tm_hour = g2(t->data + 6);
- tm.tm_min = g2(t->data + 8);
- tm.tm_sec = g2(t->data + 10);
- if(t->data[12] == 'Z') {
- offset = 0;
- } else {
- xmlSecAssert2(t->length > 16, -1);
+ /* this code is copied from OpenSSL asn1/a_utctm.c file */
+ tm.tm_year = g2(t->data);
+ if(tm.tm_year < 50) {
+ tm.tm_year += 100;
+ }
+ tm.tm_mon = g2(t->data + 2) - 1;
+ tm.tm_mday = g2(t->data + 4);
+ tm.tm_hour = g2(t->data + 6);
+ tm.tm_min = g2(t->data + 8);
+ tm.tm_sec = g2(t->data + 10);
+ if(t->data[12] == 'Z') {
+ offset = 0;
+ } else {
+ xmlSecAssert2(t->length > 16, -1);
+
+ offset = g2(t->data + 13) * 60 + g2(t->data + 15);
+ if(t->data[12] == '-') {
+ offset = -offset;
+ }
+ }
+ tm.tm_isdst = -1;
+ } else {
+ xmlSecAssert2(t->length > 14, -1);
+
+ tm.tm_year = g2(t->data) * 100 + g2(t->data + 2);
+ tm.tm_mon = g2(t->data + 4) - 1;
+ tm.tm_mday = g2(t->data + 6);
+ tm.tm_hour = g2(t->data + 8);
+ tm.tm_min = g2(t->data + 10);
+ tm.tm_sec = g2(t->data + 12);
+ if(t->data[14] == 'Z') {
+ offset = 0;
+ } else {
+ xmlSecAssert2(t->length > 18, -1);
+
+ offset = g2(t->data + 15) * 60 + g2(t->data + 17);
+ if(t->data[14] == '-') {
+ offset = -offset;
+ }
+ }
+ tm.tm_isdst = -1;
+ }
+#undef g2
+ (*res) = timegm(&tm) - offset * 60;
+ return(0);
+}
+
+#endif /* (defined(XMLSEC_OPENSSL_API_110) || defined(XMLSEC_OPENSSL_API_300)) && !defined(OPENSSL_IS_BORINGSSL) */
+
+static int
+xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
+ xmlSecOpenSSLX509DataCtxPtr ctx;
+ xmlSecKeyDataStorePtr x509Store;
+ int ret;
+
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
+ xmlSecAssert2(key != NULL, -1);
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
+
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
+ if(x509Store == NULL) {
+ xmlSecInternalError("xmlSecKeysMngrGetDataStore",
+ xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+
+ if((ctx->keyCert == NULL) && (ctx->certsList != NULL) && (xmlSecKeyGetValue(key) == NULL)) {
+ X509* cert;
+
+ cert = xmlSecOpenSSLX509StoreVerify(x509Store, ctx->certsList, ctx->crlsList, keyInfoCtx);
+ if(cert != NULL) {
+ xmlSecKeyDataPtr keyValue;
+
+ ctx->keyCert = X509_dup(cert);
+ if(ctx->keyCert == NULL) {
+ xmlSecOpenSSLError("X509_dup",
+ xmlSecKeyDataGetName(data));
+ return(-1);
+ }
- offset = g2(t->data + 13) * 60 + g2(t->data + 15);
- if(t->data[12] == '-') {
- offset = -offset;
+ keyValue = xmlSecOpenSSLX509CertGetKey(ctx->keyCert);
+ if(keyValue == NULL) {
+ xmlSecInternalError("xmlSecOpenSSLX509CertGetKey",
+ xmlSecKeyDataGetName(data));
+ return(-1);
}
- }
- tm.tm_isdst = -1;
- } else {
- xmlSecAssert2(t->length > 14, -1);
- tm.tm_year = g2(t->data) * 100 + g2(t->data + 2);
- tm.tm_mon = g2(t->data + 4) - 1;
- tm.tm_mday = g2(t->data + 6);
- tm.tm_hour = g2(t->data + 8);
- tm.tm_min = g2(t->data + 10);
- tm.tm_sec = g2(t->data + 12);
- if(t->data[14] == 'Z') {
- offset = 0;
- } else {
- xmlSecAssert2(t->length > 18, -1);
+ /* verify that the key matches our expectations */
+ if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
+ xmlSecInternalError("xmlSecKeyReqMatchKeyValue",
+ xmlSecKeyDataGetName(data));
+ xmlSecKeyDataDestroy(keyValue);
+ return(-1);
+ }
- offset = g2(t->data + 15) * 60 + g2(t->data + 17);
- if(t->data[14] == '-') {
- offset = -offset;
+ ret = xmlSecKeySetValue(key, keyValue);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecKeySetValue",
+ xmlSecKeyDataGetName(data));
+ xmlSecKeyDataDestroy(keyValue);
+ return(-1);
+ }
+
+ if((X509_get0_notBefore(ctx->keyCert) != NULL) && (X509_get0_notAfter(ctx->keyCert) != NULL)) {
+ ret = xmlSecOpenSSLX509CertGetTime(X509_get0_notBefore(ctx->keyCert), &(key->notValidBefore));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLX509CertGetTime(notAfter)",
+ xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ ret = xmlSecOpenSSLX509CertGetTime(X509_get0_notAfter(ctx->keyCert), &(key->notValidAfter));
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecOpenSSLX509CertGetTime(notBefore)",
+ xmlSecKeyDataGetName(data));
+ return(-1);
+ }
+ } else {
+ key->notValidBefore = key->notValidAfter = 0;
}
+ } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
+ xmlSecOtherError(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data), NULL);
+ return(-1);
}
- tm.tm_isdst = -1;
}
-#undef g2
- (*res) = timegm(&tm) - offset * 60;
return(0);
}
}
static X509*
-xmlSecOpenSSLX509CertBase64DerRead(xmlChar* buf) {
- int ret;
-
- xmlSecAssert2(buf != NULL, NULL);
-
- /* usual trick with base64 decoding "in-place" */
- ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- return(NULL);
- }
-
- return(xmlSecOpenSSLX509CertDerRead((xmlSecByte*)buf, ret));
-}
-
-static X509*
xmlSecOpenSSLX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
X509 *cert = NULL;
BIO *mem = NULL;
- int ret;
+ X509 *tmpCert = NULL;
xmlSecAssert2(buf != NULL, NULL);
xmlSecAssert2(size > 0, NULL);
- mem = BIO_new(BIO_s_mem());
+ mem = xmlSecOpenSSLCreateMemBufBio(buf, size);
if(mem == NULL) {
- xmlSecOpenSSLError("BIO_new", NULL);
- return(NULL);
+ xmlSecInternalError2("xmlSecOpenSSLCreateMemBufBio", NULL,
+ "size=" XMLSEC_SIZE_FMT, size);
+ goto done;
}
- ret = BIO_write(mem, buf, size);
- if(ret <= 0) {
- xmlSecOpenSSLError2("BIO_write", NULL,
- "size=%lu", (unsigned long)size);
- BIO_free_all(mem);
- return(NULL);
+ tmpCert = X509_new_ex(xmlSecOpenSSLGetLibCtx(), NULL);
+ if(tmpCert == NULL) {
+ xmlSecOpenSSLError("X509_new_ex", NULL);
+ goto done;
}
-
- cert = d2i_X509_bio(mem, NULL);
+ cert = d2i_X509_bio(mem, &tmpCert);
if(cert == NULL) {
xmlSecOpenSSLError2("d2i_X509_bio", NULL,
- "size=%lu", (unsigned long)size);
- BIO_free_all(mem);
- return(NULL);
- }
-
- BIO_free_all(mem);
- return(cert);
-}
-
-static xmlChar*
-xmlSecOpenSSLX509CertBase64DerWrite(X509* cert, int base64LineWrap) {
- xmlChar *res = NULL;
- BIO *mem = NULL;
- xmlSecByte *p = NULL;
- long size;
-
- xmlSecAssert2(cert != NULL, NULL);
-
- mem = BIO_new(BIO_s_mem());
- if(mem == NULL) {
- xmlSecOpenSSLError("BIO_new", NULL);
- return(NULL);
+ "size=" XMLSEC_SIZE_FMT, size);
+ goto done;
}
- /* todo: add error checks */
- i2d_X509_bio(mem, cert);
- (void)BIO_flush(mem);
+ /* sucess: tmpCert is now cert */
+ tmpCert = NULL;
- size = BIO_get_mem_data(mem, &p);
- if((size <= 0) || (p == NULL)){
- xmlSecOpenSSLError("BIO_get_mem_data", NULL);
- BIO_free_all(mem);
- return(NULL);
+done:
+ /* cleanup */
+ if(tmpCert != NULL) {
+ X509_free(tmpCert);
}
-
- res = xmlSecBase64Encode(p, size, base64LineWrap);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
+ if(mem != NULL) {
BIO_free_all(mem);
- return(NULL);
- }
-
- BIO_free_all(mem);
- return(res);
-}
-
-static X509_CRL*
-xmlSecOpenSSLX509CrlBase64DerRead(xmlChar* buf) {
- int ret;
-
- xmlSecAssert2(buf != NULL, NULL);
-
- /* usual trick with base64 decoding "in-place" */
- ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
- if(ret < 0) {
- xmlSecInternalError("xmlSecBase64Decode", NULL);
- return(NULL);
}
-
- return(xmlSecOpenSSLX509CrlDerRead((xmlSecByte*)buf, ret));
+ return(cert);
}
static X509_CRL*
xmlSecOpenSSLX509CrlDerRead(xmlSecByte* buf, xmlSecSize size) {
+ X509_CRL *tmpCrl = NULL;
X509_CRL *crl = NULL;
BIO *mem = NULL;
- int ret;
xmlSecAssert2(buf != NULL, NULL);
xmlSecAssert2(size > 0, NULL);
- mem = BIO_new(BIO_s_mem());
+ mem = xmlSecOpenSSLCreateMemBufBio(buf, size);
if(mem == NULL) {
- xmlSecOpenSSLError("BIO_new", NULL);
- return(NULL);
+ xmlSecInternalError2("xmlSecOpenSSLCreateMemBufBio", NULL,
+ "size=" XMLSEC_SIZE_FMT, size);
+ goto done;
}
- ret = BIO_write(mem, buf, size);
- if(ret <= 0) {
- xmlSecOpenSSLError2("BIO_write", NULL,
- "size=%lu", (unsigned long)size);
- BIO_free_all(mem);
- return(NULL);
+ tmpCrl = X509_CRL_new_ex(xmlSecOpenSSLGetLibCtx(), NULL);
+ if(tmpCrl == NULL) {
+ xmlSecOpenSSLError("X509_CRL_new_ex", NULL);
+ goto done;
}
- crl = d2i_X509_CRL_bio(mem, NULL);
+ crl = d2i_X509_CRL_bio(mem, &tmpCrl);
if(crl == NULL) {
xmlSecOpenSSLError("d2i_X509_CRL_bio", NULL);
- BIO_free_all(mem);
- return(NULL);
- }
-
- BIO_free_all(mem);
- return(crl);
-}
-
-static xmlChar*
-xmlSecOpenSSLX509CrlBase64DerWrite(X509_CRL* crl, int base64LineWrap) {
- xmlChar *res = NULL;
- BIO *mem = NULL;
- xmlSecByte *p = NULL;
- long size;
-
- xmlSecAssert2(crl != NULL, NULL);
-
- mem = BIO_new(BIO_s_mem());
- if(mem == NULL) {
- xmlSecOpenSSLError("BIO_new", NULL);
- return(NULL);
- }
-
- /* todo: add error checks */
- i2d_X509_CRL_bio(mem, crl);
- (void)BIO_flush(mem);
-
- size = BIO_get_mem_data(mem, &p);
- if((size <= 0) || (p == NULL)){
- xmlSecOpenSSLError("BIO_get_mem_data", NULL);
- BIO_free_all(mem);
- return(NULL);
- }
-
- res = xmlSecBase64Encode(p, size, base64LineWrap);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- BIO_free_all(mem);
- return(NULL);
+ goto done;
}
- BIO_free_all(mem);
- return(res);
-}
-
-static xmlChar*
-xmlSecOpenSSLX509NameWrite(X509_NAME* nm) {
- xmlChar *res = NULL;
- BIO *mem = NULL;
- long size;
-
- xmlSecAssert2(nm != NULL, NULL);
-
- mem = BIO_new(BIO_s_mem());
- if(mem == NULL) {
- xmlSecOpenSSLError("BIO_new", NULL);
- return(NULL);
- }
+ /* success, tmpCrl is now crl */
+ tmpCrl = NULL;
- if (X509_NAME_print_ex(mem, nm, 0, XN_FLAG_RFC2253) <=0) {
- xmlSecOpenSSLError("X509_NAME_print_ex", NULL);
- BIO_free_all(mem);
- return(NULL);
+done:
+ /* cleanup */
+ if(tmpCrl != NULL) {
+ X509_CRL_free(tmpCrl);
}
-
- (void)BIO_flush(mem); /* should call flush ? */
-
- size = BIO_pending(mem);
- res = (xmlChar *)xmlMalloc(size + 1);
- if(res == NULL) {
- xmlSecMallocError(size + 1, NULL);
+ if(mem != NULL) {
BIO_free_all(mem);
- return(NULL);
- }
-
- size = BIO_read(mem, res, size);
- res[size] = '\0';
-
- BIO_free_all(mem);
- return(res);
-}
-
-static xmlChar*
-xmlSecOpenSSLASN1IntegerWrite(ASN1_INTEGER *asni) {
- xmlChar *res = NULL;
- BIGNUM *bn;
- char *p;
-
- xmlSecAssert2(asni != NULL, NULL);
-
- bn = ASN1_INTEGER_to_BN(asni, NULL);
- if(bn == NULL) {
- xmlSecOpenSSLError("ASN1_INTEGER_to_BN", NULL);
- return(NULL);
- }
-
- p = BN_bn2dec(bn);
- if (p == NULL) {
- xmlSecOpenSSLError("BN_bn2dec", NULL);
- BN_free(bn);
- return(NULL);
- }
- BN_free(bn);
- bn = NULL;
-
- /* OpenSSL and LibXML2 can have different memory callbacks, i.e.
- when data is allocated in OpenSSL should be freed with OpenSSL
- method, not with LibXML2 method.
- */
- res = xmlCharStrdup(p);
- if(res == NULL) {
- xmlSecStrdupError(BAD_CAST p, NULL);
- OPENSSL_free(p);
- return(NULL);
- }
- OPENSSL_free(p);
- p = NULL;
- return(res);
-}
-
-static xmlChar*
-xmlSecOpenSSLX509SKIWrite(X509* cert) {
- xmlChar *res = NULL;
- int index;
- X509_EXTENSION *ext;
- ASN1_OCTET_STRING *keyId;
-
- xmlSecAssert2(cert != NULL, NULL);
-
- index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
- if (index < 0) {
- xmlSecOpenSSLError("X509_get_ext_by_NID(): Certificate without SubjectKeyIdentifier extension", NULL);
- return(NULL);
- }
-
- ext = X509_get_ext(cert, index);
- if (ext == NULL) {
- xmlSecOpenSSLError("X509_get_ext", NULL);
- return(NULL);
- }
-
- keyId = (ASN1_OCTET_STRING *)X509V3_EXT_d2i(ext);
- if (keyId == NULL) {
- xmlSecOpenSSLError("X509V3_EXT_d2i", NULL);
- ASN1_OCTET_STRING_free(keyId);
- return(NULL);
}
-
- res = xmlSecBase64Encode(ASN1_STRING_get0_data(keyId), ASN1_STRING_length(keyId), 0);
- if(res == NULL) {
- xmlSecInternalError("xmlSecBase64Encode", NULL);
- ASN1_OCTET_STRING_free(keyId);
- return(NULL);
- }
- ASN1_OCTET_STRING_free(keyId);
-
- return(res);
+ return(crl);
}
static void
bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(cert),NULL);
if(bn != NULL) {
BN_print_fp(output, bn);
- BN_free(bn);
+ BN_clear_free(bn);
fprintf(output, "\n");
} else {
fprintf(output, "unknown\n");
bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(cert),NULL);
if(bn != NULL) {
BN_print_fp(output, bn);
- BN_free(bn);
+ BN_clear_free(bn);
}
fprintf(output, "</SerialNumber>\n");
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:x509vfy
#include <ctype.h>
#include <errno.h>
-#include <libxml/tree.h>
-
#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
#include <xmlsec/keys.h>
#include <xmlsec/keyinfo.h>
#include <xmlsec/keysmngr.h>
#include <xmlsec/base64.h>
#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
+#include <xmlsec/xmltree.h>
#include <xmlsec/openssl/crypto.h>
#include <xmlsec/openssl/evp.h>
#include <openssl/x509_vfy.h>
#include <openssl/x509v3.h>
+#include "../cast_helpers.h"
+#include "openssl_compat.h"
+
#ifdef OPENSSL_IS_BORINGSSL
typedef size_t x509_size_t;
#else /* OPENSSL_IS_BORINGSSL */
*
* xmlSecOpenSSLKeyDataStoreX509Id:
*
- * xmlSecOpenSSLX509StoreCtx is located after xmlSecTransform
- *
***************************************************************************/
-#define xmlSecOpenSSLX509StoreGetCtx(store) \
- ((xmlSecOpenSSLX509StoreCtxPtr)(((xmlSecByte*)(store)) + \
- sizeof(xmlSecKeyDataStoreKlass)))
-#define xmlSecOpenSSLX509StoreSize \
- (sizeof(xmlSecKeyDataStoreKlass) + sizeof(xmlSecOpenSSLX509StoreCtx))
+XMLSEC_KEY_DATA_STORE_DECLARE(OpenSSLX509Store, xmlSecOpenSSLX509StoreCtx)
+#define xmlSecOpenSSLX509StoreSize XMLSEC_KEY_DATA_STORE_SIZE(OpenSSLX509Store)
static int xmlSecOpenSSLX509StoreInitialize (xmlSecKeyDataStorePtr store);
static void xmlSecOpenSSLX509StoreFinalize (xmlSecKeyDataStorePtr store);
xmlChar *subjectName,
xmlChar *issuerName,
xmlChar *issuerSerial,
- xmlChar *ski);
+ xmlSecByte * ski,
+ xmlSecSize skiSize);
static X509* xmlSecOpenSSLX509FindNextChainCert (STACK_OF(X509) *chain,
X509 *cert);
static int xmlSecOpenSSLX509VerifyCertAgainstCrls (STACK_OF(X509_CRL) *crls,
X509* cert);
-static X509_NAME* xmlSecOpenSSLX509NameRead (xmlSecByte *str,
- int len);
-static int xmlSecOpenSSLX509NameStringRead (xmlSecByte **str,
- int *strLen,
- xmlSecByte *res,
- int resLen,
+static X509_NAME* xmlSecOpenSSLX509NameRead (const xmlChar *str);
+static int xmlSecOpenSSLX509NameStringRead (const xmlChar **in,
+ xmlSecSize *inSize,
+ xmlSecByte *out,
+ xmlSecSize outSize,
+ xmlSecSize *outWritten,
xmlSecByte delim,
int ingoreTrailingSpaces);
static int xmlSecOpenSSLX509NamesCompare (X509_NAME *a,
X509*
xmlSecOpenSSLX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectName,
xmlChar *issuerName, xmlChar *issuerSerial,
- xmlChar *ski, xmlSecKeyInfoCtx* keyInfoCtx) {
+ xmlChar *ski, xmlSecKeyInfoCtx* keyInfoCtx ) {
+ if(ski != NULL) {
+ xmlSecSize skiDecodedSize = 0;
+ int ret;
+
+ /* our usual trick with base64 decode */
+ ret = xmlSecBase64DecodeInPlace(ski, &skiDecodedSize);
+ if(ret < 0) {
+ xmlSecInternalError2("xmlSecBase64DecodeInPlace", NULL,
+ "ski=%s", xmlSecErrorsSafeString(ski));
+ return(NULL);
+ }
+
+ return(xmlSecOpenSSLX509StoreFindCert_ex(store, subjectName, issuerName, issuerSerial,
+ (xmlSecByte*)ski, skiDecodedSize, keyInfoCtx));
+ } else {
+ return(xmlSecOpenSSLX509StoreFindCert_ex(store, subjectName, issuerName, issuerSerial,
+ NULL, 0, keyInfoCtx));
+
+ }
+}
+
+/**
+ * xmlSecOpenSSLX509StoreFindCert_ex:
+ * @store: the pointer to X509 key data store klass.
+ * @subjectName: the desired certificate name.
+ * @issuerName: the desired certificate issuer name.
+ * @issuerSerial: the desired certificate issuer serial number.
+ * @ski: the desired certificate SKI.
+ * @skiSize: the desired certificate SKI size.
+ * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context.
+ *
+ * Searches @store for a certificate that matches given criteria.
+ *
+ * Returns: pointer to found certificate or NULL if certificate is not found
+ * or an error occurs.
+ */
+X509*
+xmlSecOpenSSLX509StoreFindCert_ex(xmlSecKeyDataStorePtr store, xmlChar *subjectName,
+ xmlChar *issuerName, xmlChar *issuerSerial,
+ xmlSecByte * ski, xmlSecSize skiSize,
+ xmlSecKeyInfoCtx* keyInfoCtx ATTRIBUTE_UNUSED) {
xmlSecOpenSSLX509StoreCtxPtr ctx;
X509* res = NULL;
xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecOpenSSLX509StoreId), NULL);
- xmlSecAssert2(keyInfoCtx != NULL, NULL);
+ UNREFERENCED_PARAMETER(keyInfoCtx);
ctx = xmlSecOpenSSLX509StoreGetCtx(store);
xmlSecAssert2(ctx != NULL, NULL);
if((res == NULL) && (ctx->untrusted != NULL)) {
- res = xmlSecOpenSSLX509FindCert(ctx->untrusted, subjectName, issuerName, issuerSerial, ski);
+ res = xmlSecOpenSSLX509FindCert(ctx->untrusted, subjectName,
+ issuerName, issuerSerial,
+ ski, skiSize);
}
return(res);
}
xmlSecAssert2(certs != NULL, NULL);
xmlSecAssert2(keyInfoCtx != NULL, NULL);
- xsc = X509_STORE_CTX_new();
+ xsc = X509_STORE_CTX_new_ex(xmlSecOpenSSLGetLibCtx(), NULL);
if(xsc == NULL) {
xmlSecOpenSSLError("X509_STORE_CTX_new",
xmlSecKeyDataStoreGetName(store));
xmlSecAssert2(ctx != NULL, NULL);
xmlSecAssert2(ctx->xst != NULL, NULL);
- /* dup certs */
certs2 = sk_X509_dup(certs);
if(certs2 == NULL) {
xmlSecOpenSSLError("sk_X509_dup",
for(i = 0; i < sk_X509_num(certs2); ++i) {
cert = sk_X509_value(certs2, i);
if(xmlSecOpenSSLX509FindNextChainCert(certs2, cert) == NULL) {
-
ret = X509_STORE_CTX_init(xsc, ctx->xst, cert, certs2);
if(ret != 1) {
xmlSecOpenSSLError("X509_STORE_CTX_init",
goto done;
}
vpm_flags = X509_VERIFY_PARAM_get_flags(vpm);
- vpm_flags &= (~X509_V_FLAG_CRL_CHECK);
+ vpm_flags &= (~((unsigned long)X509_V_FLAG_CRL_CHECK));
if(keyInfoCtx->certsVerificationTime > 0) {
vpm_flags |= X509_V_FLAG_USE_CHECK_TIME;
err = X509_STORE_CTX_get_error(xsc);
X509_STORE_CTX_cleanup (xsc);
- if(ret != 1 && keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_ALLOW_BROKEN_CHAIN){
- ret = 1;
- keyInfoCtx->flags2 |= XMLSEC_KEYINFO_ERROR_FLAGS_BROKEN_CHAIN;
- }
-
if(ret == 1) {
res = cert;
xmlSecKeyDataStoreGetName(store),
"X509_verify_cert: subject=%s; issuer=%s; err=%d; msg=%s",
subject, issuer, err, xmlSecErrorsSafeString(err_msg));
+ /* ignore error */
}
}
}
xmlSecKeyDataStoreGetName(store),
"subject=%s; issuer=%s; err=%d; msg=%s",
subject, issuer, err, xmlSecErrorsSafeString(err_msg));
- break;
+ goto done;
+
case X509_V_ERR_CERT_NOT_YET_VALID:
case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
xmlSecOtherError5(XMLSEC_ERRORS_R_CERT_NOT_YET_VALID,
xmlSecKeyDataStoreGetName(store),
"subject=%s; issuer=%s; err=%d; msg=%s",
subject, issuer, err, xmlSecErrorsSafeString(err_msg));
- break;
+ goto done;
+
case X509_V_ERR_CERT_HAS_EXPIRED:
case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
xmlSecOtherError5(XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
xmlSecKeyDataStoreGetName(store),
"subject=%s; issuer=%s; err=%d; msg=%s",
subject, issuer, err, xmlSecErrorsSafeString(err_msg));
- break;
+ goto done;
+
default:
xmlSecOtherError5(XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
xmlSecKeyDataStoreGetName(store),
"subject=%s; issuer=%s; err=%d; msg=%s",
subject, issuer, err, xmlSecErrorsSafeString(err_msg));
- break;
+ goto done;
}
}
xmlSecOpenSSLX509StoreInitialize(xmlSecKeyDataStorePtr store) {
const xmlChar* path;
X509_LOOKUP *lookup = NULL;
+ int ret;
xmlSecOpenSSLX509StoreCtxPtr ctx;
xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecOpenSSLX509StoreId), -1);
return(-1);
}
- if(!X509_STORE_set_default_paths(ctx->xst)) {
+ ret = X509_STORE_set_default_paths_ex(ctx->xst, xmlSecOpenSSLGetLibCtx(), NULL);
+ if(ret != 1) {
xmlSecOpenSSLError("X509_STORE_set_default_paths",
xmlSecKeyDataStoreGetName(store));
return(-1);
xmlSecAssert2(xst != NULL, -1);
xmlSecAssert2(crl != NULL, -1);
- xsc = X509_STORE_CTX_new();
+ xsc = X509_STORE_CTX_new_ex(xmlSecOpenSSLGetLibCtx(), NULL);
if(xsc == NULL) {
xmlSecOpenSSLError("X509_STORE_CTX_new", NULL);
goto err;
static X509*
xmlSecOpenSSLX509FindCert(STACK_OF(X509) *certs, xmlChar *subjectName,
xmlChar *issuerName, xmlChar *issuerSerial,
- xmlChar *ski) {
+ xmlSecByte * ski, xmlSecSize skiSize) {
X509 *cert = NULL;
- x509_size_t i;
+ x509_size_t ii;
xmlSecAssert2(certs != NULL, NULL);
/* todo: may be this is not the fastest way to search certs */
+
+ /* search by subject name if available */
if(subjectName != NULL) {
X509_NAME *nm;
X509_NAME *subj;
- nm = xmlSecOpenSSLX509NameRead(subjectName, xmlStrlen(subjectName));
+ nm = xmlSecOpenSSLX509NameRead(subjectName);
if(nm == NULL) {
xmlSecInternalError2("xmlSecOpenSSLX509NameRead", NULL,
- "subject=%s", xmlSecErrorsSafeString(subjectName));
+ "subject=%s", xmlSecErrorsSafeString(subjectName));
return(NULL);
}
-
- for(i = 0; i < sk_X509_num(certs); ++i) {
- cert = sk_X509_value(certs, i);
+ for(ii = 0; ii < sk_X509_num(certs); ++ii) {
+ cert = sk_X509_value(certs, ii);
subj = X509_get_subject_name(cert);
if(xmlSecOpenSSLX509NamesCompare(nm, subj) == 0) {
X509_NAME_free(nm);
}
}
X509_NAME_free(nm);
- } else if((issuerName != NULL) && (issuerSerial != NULL)) {
+ }
+
+ /* search by issuer name+serial if available */
+ if((issuerName != NULL) && (issuerSerial != NULL)) {
X509_NAME *nm;
X509_NAME *issuer;
BIGNUM *bn;
ASN1_INTEGER *serial;
- nm = xmlSecOpenSSLX509NameRead(issuerName, xmlStrlen(issuerName));
+ nm = xmlSecOpenSSLX509NameRead(issuerName);
if(nm == NULL) {
xmlSecInternalError2("xmlSecOpenSSLX509NameRead", NULL,
- "issuer=%s", xmlSecErrorsSafeString(issuerName));
+ "issuer=%s", xmlSecErrorsSafeString(issuerName));
return(NULL);
}
}
if(BN_dec2bn(&bn, (char*)issuerSerial) == 0) {
xmlSecOpenSSLError("BN_dec2bn", NULL);
- BN_free(bn);
+ BN_clear_free(bn);
X509_NAME_free(nm);
return(NULL);
}
serial = BN_to_ASN1_INTEGER(bn, NULL);
if(serial == NULL) {
xmlSecOpenSSLError("BN_to_ASN1_INTEGER", NULL);
- BN_free(bn);
+ BN_clear_free(bn);
X509_NAME_free(nm);
return(NULL);
}
- BN_free(bn);
+ BN_clear_free(bn);
- for(i = 0; i < sk_X509_num(certs); ++i) {
- cert = sk_X509_value(certs, i);
+ for(ii = 0; ii < sk_X509_num(certs); ++ii) {
+ cert = sk_X509_value(certs, ii);
if(ASN1_INTEGER_cmp(X509_get_serialNumber(cert), serial) != 0) {
continue;
}
return(cert);
}
}
-
X509_NAME_free(nm);
ASN1_INTEGER_free(serial);
- } else if(ski != NULL) {
- int len;
- int index;
+ }
+
+ /* search by SKI if available */
+ if((ski != NULL) && (skiSize > 0)){
+ int index, skiLen;
X509_EXTENSION *ext;
ASN1_OCTET_STRING *keyId;
- /* our usual trick with base64 decode */
- len = xmlSecBase64Decode(ski, (xmlSecByte*)ski, xmlStrlen(ski));
- if(len < 0) {
- xmlSecInternalError2("xmlSecBase64Decode", NULL,
- "ski=%s", xmlSecErrorsSafeString(ski));
- return(NULL);
- }
- for(i = 0; i < sk_X509_num(certs); ++i) {
- cert = sk_X509_value(certs, i);
+ /* we need len as int since OpenSSL keyId->length is int */
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(skiSize, skiLen, return(NULL), NULL);
+ for(ii = 0; ii < sk_X509_num(certs); ++ii) {
+ cert = sk_X509_value(certs, ii);
index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
if(index < 0) {
continue;
if(keyId == NULL) {
continue;
}
- if((keyId->length == len) && (memcmp(keyId->data, ski, len) == 0)) {
+
+ if((keyId->length == skiLen) && (memcmp(keyId->data, ski, skiSize) == 0)) {
ASN1_OCTET_STRING_free(keyId);
return(cert);
}
return(NULL);
}
+static unsigned long
+xmlSecOpenSSLX509GetSubjectHash(X509* x) {
+ X509_NAME* name;
+ unsigned long res;
+
+ xmlSecAssert2(x != NULL, 0);
+
+ name = X509_get_subject_name(x);
+ if(name == NULL) {
+ xmlSecOpenSSLError("X509_get_subject_name", NULL);
+ return(0);
+ }
+
+ res = X509_NAME_hash_ex(name, xmlSecOpenSSLGetLibCtx(), NULL, NULL);
+ if(res == 0) {
+ xmlSecOpenSSLError("X509_NAME_hash_ex", NULL);
+ return(0);
+ }
+
+ return(res);
+}
+
+static unsigned long
+xmlSecOpenSSLX509GetIssuerHash(X509* x) {
+ X509_NAME* name;
+ unsigned long res;
+
+ xmlSecAssert2(x != NULL, 0);
+
+ name = X509_get_issuer_name(x);
+ if(name == NULL) {
+ xmlSecOpenSSLError("X509_get_issuer_name", NULL);
+ return(0);
+ }
+
+ res = X509_NAME_hash_ex(name, xmlSecOpenSSLGetLibCtx(), NULL, NULL);
+ if(res == 0) {
+ xmlSecOpenSSLError("X509_NAME_hash_ex", NULL);
+ return(0);
+ }
+
+ return(res);
+}
+
+/* Try to find cert "up-the-chain" (i.e. with issuer matching given cert) */
static X509*
xmlSecOpenSSLX509FindNextChainCert(STACK_OF(X509) *chain, X509 *cert) {
- unsigned long certSubjHash;
- x509_size_t i;
+ unsigned long certNameHash;
+ unsigned long certNameHash2;
+ x509_size_t ii;
xmlSecAssert2(chain != NULL, NULL);
xmlSecAssert2(cert != NULL, NULL);
- certSubjHash = X509_subject_name_hash(cert);
- for(i = 0; i < sk_X509_num(chain); ++i) {
- if((sk_X509_value(chain, i) != cert) &&
- (X509_issuer_name_hash(sk_X509_value(chain, i)) == certSubjHash)) {
+ certNameHash = xmlSecOpenSSLX509GetSubjectHash(cert);
+ if(certNameHash == 0) {
+ xmlSecInternalError("xmlSecOpenSSLX509GetSubjectHash", NULL);
+ return(NULL);
+ }
+ for(ii = 0; ii < sk_X509_num(chain); ++ii) {
+ X509* cert_ii = sk_X509_value(chain, ii);
+ xmlSecAssert2(cert_ii != NULL, NULL);
- return(sk_X509_value(chain, i));
+ if(cert == cert_ii) {
+ /* same cert, skip for self-signed certs */
+ continue;
+ }
+
+ certNameHash2 = xmlSecOpenSSLX509GetSubjectHash(cert_ii);
+ if(certNameHash2 == 0) {
+ xmlSecInternalError("xmlSecOpenSSLX509GetSubjectHash", NULL);
+ return(NULL);
}
+ if(certNameHash == certNameHash2) {
+ /* same cert but different copy, skip for self-signed certs */
+ continue;
+ }
+
+ certNameHash2 = xmlSecOpenSSLX509GetIssuerHash(cert_ii);
+ if(certNameHash2 == 0) {
+ xmlSecInternalError("xmlSecOpenSSLX509GetIssuerHash", NULL);
+ return(NULL);
+ }
+ if(certNameHash != certNameHash2) {
+ /* issuer doesn't match */
+ continue;
+ }
+
+ /* found it! cert_ii issuer matches cert */
+ return(cert_ii);
}
return(NULL);
}
}
static X509_NAME *
-xmlSecOpenSSLX509NameRead(xmlSecByte *str, int len) {
+xmlSecOpenSSLX509NameRead(const xmlChar *str) {
xmlSecByte name[256];
xmlSecByte value[256];
- int nameLen, valueLen;
- X509_NAME *nm;
+ xmlSecSize strSize, nameSize, valueSize;
+ X509_NAME *nm = NULL;
+ X509_NAME *res = NULL;
int type = MBSTRING_ASC;
+ int valueLen;
+ int ret;
xmlSecAssert2(str != NULL, NULL);
nm = X509_NAME_new();
if(nm == NULL) {
xmlSecOpenSSLError("X509_NAME_new", NULL);
- return(NULL);
+ goto done;
}
- while(len > 0) {
+ strSize = xmlSecStrlen(str);
+ while(strSize > 0) {
/* skip spaces after comma or semicolon */
- while((len > 0) && isspace(*str)) {
- ++str; --len;
+ while((strSize > 0) && isspace(*str)) {
+ ++str; --strSize;
}
- nameLen = xmlSecOpenSSLX509NameStringRead(&str, &len, name, sizeof(name), '=', 0);
- if(nameLen < 0) {
+ nameSize = 0;
+ ret = xmlSecOpenSSLX509NameStringRead(&str, &strSize,
+ name, sizeof(name), &nameSize, '=', 0);
+ if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLX509NameStringRead", NULL);
- X509_NAME_free(nm);
- return(NULL);
+ goto done;
+ }
+ name[nameSize] = '\0';
+
+ /* handle synonymous */
+ if(xmlStrcmp(name, BAD_CAST "E") == 0) {
+ ret = xmlStrPrintf(name, sizeof(name), "emailAddress");
+ if(ret < 0) {
+ xmlSecInternalError("xmlStrPrintf(emailAddress)", NULL);
+ goto done;
+ }
}
- name[nameLen] = '\0';
- if(len > 0) {
- ++str; --len;
+
+ if(strSize > 0) {
+ ++str; --strSize;
if((*str) == '\"') {
- ++str; --len;
- valueLen = xmlSecOpenSSLX509NameStringRead(&str, &len,
- value, sizeof(value), '"', 1);
- if(valueLen < 0) {
+ ++str; --strSize;
+ ret = xmlSecOpenSSLX509NameStringRead(&str, &strSize,
+ value, sizeof(value), &valueSize, '"', 1);
+ if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLX509NameStringRead", NULL);
- X509_NAME_free(nm);
- return(NULL);
+ goto done;
}
/* skip quote */
- if((len <= 0) || ((*str) != '\"')) {
+ if((strSize <= 0) || ((*str) != '\"')) {
xmlSecInvalidIntegerDataError("char", (*str), "quote '\"'", NULL);
- X509_NAME_free(nm);
- return(NULL);
+ goto done;
}
- ++str; --len;
+ ++str; --strSize;
/* skip spaces before comma or semicolon */
- while((len > 0) && isspace(*str)) {
- ++str; --len;
+ while((strSize > 0) && isspace(*str)) {
+ ++str; --strSize;
}
- if((len > 0) && ((*str) != ',')) {
+ if((strSize > 0) && ((*str) != ',')) {
xmlSecInvalidIntegerDataError("char", (*str), "comma ','", NULL);
- X509_NAME_free(nm);
- return(NULL);
+ goto done;
}
- if(len > 0) {
- ++str; --len;
+ if(strSize > 0) {
+ ++str; --strSize;
}
type = MBSTRING_ASC;
} else if((*str) == '#') {
/* TODO: read octect values */
xmlSecNotImplementedError("reading octect values is not implemented yet");
- X509_NAME_free(nm);
- return(NULL);
+ goto done;
} else {
- valueLen = xmlSecOpenSSLX509NameStringRead(&str, &len,
- value, sizeof(value), ',', 1);
- if(valueLen < 0) {
+ ret = xmlSecOpenSSLX509NameStringRead(&str, &strSize,
+ value, sizeof(value), &valueSize, ',', 1);
+ if(ret < 0) {
xmlSecInternalError("xmlSecOpenSSLX509NameStringRead", NULL);
- X509_NAME_free(nm);
- return(NULL);
+ goto done;
}
type = MBSTRING_ASC;
}
} else {
- valueLen = 0;
+ valueSize = 0;
+ }
+ value[valueSize] = '\0';
+ if(strSize > 0) {
+ ++str; --strSize;
}
- value[valueLen] = '\0';
- if(len > 0) {
- ++str; --len;
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(valueSize, valueLen, goto done, NULL);
+ ret = X509_NAME_add_entry_by_txt(nm, (char*)name, type, value, valueLen, -1, 0);
+ if(ret != 1) {
+ xmlSecOpenSSLError2("X509_NAME_add_entry_by_txt", NULL,
+ "name=%s", xmlSecErrorsSafeString(name));
+ goto done;
}
- X509_NAME_add_entry_by_txt(nm, (char*)name, type, value, valueLen, -1, 0);
}
- return(nm);
+ /* success */
+ res = nm;
+ nm = NULL;
+
+done:
+ if(nm != NULL) {
+ X509_NAME_free(nm);
+ }
+ return(res);
}
static int
-xmlSecOpenSSLX509NameStringRead(xmlSecByte **str, int *strLen,
- xmlSecByte *res, int resLen,
- xmlSecByte delim, int ingoreTrailingSpaces) {
- xmlSecByte *p, *q, *nonSpace;
-
- xmlSecAssert2(str != NULL, -1);
- xmlSecAssert2(strLen != NULL, -1);
- xmlSecAssert2(res != NULL, -1);
-
- p = (*str);
- nonSpace = q = res;
- while(((p - (*str)) < (*strLen)) && ((*p) != delim) && ((q - res) < resLen)) {
- if((*p) != '\\') {
- if(ingoreTrailingSpaces && !isspace(*p)) {
- nonSpace = q;
+xmlSecOpenSSLX509NameStringRead(const xmlChar **in, xmlSecSize *inSize,
+ xmlSecByte *out, xmlSecSize outSize,
+ xmlSecSize *outWritten,
+ xmlSecByte delim, int ingoreTrailingSpaces) {
+ xmlSecSize ii, jj, nonSpace;
+
+ xmlSecAssert2(in != NULL, -1);
+ xmlSecAssert2((*in) != NULL, -1);
+ xmlSecAssert2(inSize != NULL, -1);
+ xmlSecAssert2(out != NULL, -1);
+
+ ii = jj = nonSpace = 0;
+ while (ii < (*inSize)) {
+ xmlSecByte inCh, inCh2, outCh;
+
+ inCh = (*in)[ii];
+ if (inCh == delim) {
+ break;
+ }
+ if (jj >= outSize) {
+ xmlSecInvalidSizeOtherError("output buffer is too small", NULL);
+ return(-1);
+ }
+
+ if (inCh == '\\') {
+ /* try to move to next char after \\ */
+ ++ii;
+ if (ii >= (*inSize)) {
+ break;
}
- *(q++) = *(p++);
- } else {
- ++p;
- nonSpace = q;
- if(xmlSecIsHex((*p))) {
- if((p - (*str) + 1) >= (*strLen)) {
+ inCh = (*in)[ii];
+
+ /* if next char after \\ is a hex then we expect \\XX, otherwise we just remove \\ */
+ if (xmlSecIsHex(inCh)) {
+ /* try to move to next char after \\X */
+ ++ii;
+ if (ii >= (*inSize)) {
xmlSecInvalidDataError("two hex digits expected", NULL);
return(-1);
}
- *(q++) = xmlSecGetHex(p[0]) * 16 + xmlSecGetHex(p[1]);
- p += 2;
- } else {
- if(((++p) - (*str)) >= (*strLen)) {
- xmlSecInvalidDataError("escaped symbol missed", NULL);
+ inCh2 = (*in)[ii];
+ if (!xmlSecIsHex(inCh2)) {
+ xmlSecInvalidDataError("two hex digits expected", NULL);
return(-1);
}
- *(q++) = *(p++);
+ outCh = (xmlSecByte)(xmlSecGetHex(inCh) * 16 + xmlSecGetHex(inCh2));
+ } else {
+ outCh = inCh;
}
+ } else {
+ outCh = inCh;
+ }
+
+ out[jj] = outCh;
+ ++ii;
+ ++jj;
+
+ if (ingoreTrailingSpaces && !isspace(outCh)) {
+ nonSpace = jj;
}
}
- if(((p - (*str)) < (*strLen)) && ((*p) != delim)) {
- xmlSecInvalidSizeOtherError("buffer is too small", NULL);
- return(-1);
+
+ (*inSize) -= ii;
+ (*in) += ii;
+
+ if (ingoreTrailingSpaces) {
+ (*outWritten) = nonSpace;
+ } else {
+ (*outWritten) = (jj);
}
- (*strLen) -= (int)(p - (*str));
- (*str) = p;
- return(int)((ingoreTrailingSpaces) ? nonSpace - res + 1 : q - res);
+ return(0);
}
/*
}
if(a_len > 0) {
- ret = memcmp(ASN1_STRING_get0_data(a_value), ASN1_STRING_get0_data(b_value), a_len);
+ xmlSecSize a_size;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(a_len, a_size, return(-1), NULL);
+ ret = memcmp(ASN1_STRING_get0_data(a_value), ASN1_STRING_get0_data(b_value), a_size);
if(ret != 0) {
return(ret);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:parser
#include <xmlsec/parser.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
/**************************************************************************
*
* Internal parser
*
* XML Parser transform
*
- * xmlSecParserCtx is located after xmlSecTransform
+ * xmlSecTransform + xmlSecParserCtx
*
***************************************************************************/
-#define xmlSecParserSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecParserCtx))
-#define xmlSecParserGetCtx(transform) \
- ((xmlSecTransformCheckSize((transform), xmlSecParserSize)) ? \
- ((xmlSecParserCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform))) : \
- (xmlSecParserCtxPtr)NULL)
+XMLSEC_TRANSFORM_DECLARE(Parser, xmlSecParserCtx)
+#define xmlSecParserSize XMLSEC_TRANSFORM_SIZE(Parser)
static int xmlSecParserInitialize (xmlSecTransformPtr transform);
static void xmlSecParserFinalize (xmlSecTransformPtr transform);
if(ctx->parserCtx != NULL) {
if(ctx->parserCtx->myDoc != NULL) {
xmlFreeDoc(ctx->parserCtx->myDoc);
- ctx->parserCtx->myDoc = NULL;
+ ctx->parserCtx->myDoc = NULL;
}
xmlFreeParserCtxt(ctx->parserCtx);
}
static int
xmlSecParserPushBin(xmlSecTransformPtr transform, const xmlSecByte* data,
- xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
+ xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
xmlSecParserCtxPtr ctx;
int ret;
xmlSecXmlError("xmlCreatePushParserCtxt", xmlSecTransformGetName(transform));
return(-1);
}
-
- /* required for c14n! */
- ctx->parserCtx->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
- ctx->parserCtx->replaceEntities = 1;
- ctx->parserCtx->options = XML_PARSE_NONET;
+ xmlSecParsePrepareCtxt(ctx->parserCtx);
transform->status = xmlSecTransformStatusWorking;
} else if(transform->status == xmlSecTransformStatusFinished) {
/* push data to the input buffer */
if((data != NULL) && (dataSize > 0)) {
- ret = xmlParseChunk(ctx->parserCtx, (const char*)data, dataSize, 0);
+ int dataLen;
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(dataSize, dataLen, return(-1), xmlSecTransformGetName(transform));
+ ret = xmlParseChunk(ctx->parserCtx, (const char*)data, dataLen, 0);
if(ret != 0) {
xmlSecXmlParserError2("xmlParseChunk", ctx->parserCtx,
- xmlSecTransformGetName(transform),
- "size=%lu", (unsigned long)dataSize);
+ xmlSecTransformGetName(transform),
+ "size=%d", dataLen);
return(-1);
}
}
ret = xmlParseChunk(ctx->parserCtx, NULL, 0, 1);
if((ret != 0) || (ctx->parserCtx->myDoc == NULL)) {
xmlSecXmlParserError("xmlParseChunk", ctx->parserCtx,
- xmlSecTransformGetName(transform));
+ xmlSecTransformGetName(transform));
return(-1);
}
transform->outNodes = xmlSecNodeSetCreate(ctx->parserCtx->myDoc,
NULL, xmlSecNodeSetTree);
if(transform->outNodes == NULL) {
- xmlSecInternalError("xmlSecNodeSetCreate",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecNodeSetCreate", xmlSecTransformGetName(transform));
xmlFreeDoc(ctx->parserCtx->myDoc);
ctx->parserCtx->myDoc = NULL;
return(-1);
if(transform->next != NULL) {
ret = xmlSecTransformPushXml(transform->next, transform->outNodes, transformCtx);
if(ret < 0) {
- xmlSecInternalError("xmlSecTransformPushXml",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecTransformPushXml", xmlSecTransformGetName(transform));
return(-1);
}
}
xmlFreeParserInputBuffer(buf);
return(-1);
}
+ xmlSecParsePrepareCtxt(ctxt);
input = xmlNewIOInputStream(ctxt, buf, XML_CHAR_ENCODING_NONE);
if(input == NULL) {
return(-1);
}
- /* required for c14n! */
- ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
- ctxt->replaceEntities = 1;
-
/* finaly do the parsing */
ret = xmlParseDocument(ctxt);
if(ret < 0) {
xmlDocPtr
xmlSecParseFile(const char *filename) {
xmlParserCtxtPtr ctxt;
- xmlDocPtr res = NULL;
- char *directory = NULL;
int ret;
+ xmlDocPtr res = NULL;
xmlSecAssert2(filename != NULL, NULL);
if (ctxt == NULL) {
xmlSecXmlError2("xmlCreateFileParserCtxt", NULL,
"filename=%s", xmlSecErrorsSafeString(filename));
- return(NULL);
+ goto done;
}
-
- /* enable parsing of XML documents with large text nodes */
- /* crashes on x64 xmlCtxtUseOptions (ctxt, XML_PARSE_HUGE); */
+ xmlSecParsePrepareCtxt(ctxt);
/* todo: set directories from current doc? */
- if ((ctxt->directory == NULL) && (directory == NULL)) {
- directory = xmlParserGetDirectory(filename);
- if(directory == NULL) {
- xmlSecXmlError2("xmlParserGetDirectory", NULL,
- "filename=%s", xmlSecErrorsSafeString(filename));
- xmlFreeParserCtxt(ctxt);
- return(NULL);
- }
- }
- if ((ctxt->directory == NULL) && (directory != NULL)) {
- ctxt->directory = (char *) xmlStrdup(BAD_CAST directory);
+ if (ctxt->directory == NULL) {
+ ctxt->directory = xmlParserGetDirectory(filename);
if(ctxt->directory == NULL) {
- xmlSecStrdupError(BAD_CAST directory, NULL);
- xmlFreeParserCtxt(ctxt);
- return(NULL);
+ xmlSecXmlError2("xmlParserGetDirectory", NULL,
+ "filename=%s", xmlSecErrorsSafeString(filename));
+ goto done;
}
}
- /* required for c14n! */
- ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
- ctxt->replaceEntities = 1;
-
ret = xmlParseDocument(ctxt);
if(ret < 0) {
xmlSecXmlParserError2("xmlParseDocument", ctxt, NULL,
- "filename=%s",
- xmlSecErrorsSafeString(filename));
- if(ctxt->myDoc != NULL) {
- xmlFreeDoc(ctxt->myDoc);
- ctxt->myDoc = NULL;
- }
- xmlFreeParserCtxt(ctxt);
- return(NULL);
+ "filename=%s",
+ xmlSecErrorsSafeString(filename));
+ goto done;
}
if(!ctxt->wellFormed) {
xmlSecInternalError("document is not well formed", NULL);
- if(ctxt->myDoc != NULL) {
- xmlFreeDoc(ctxt->myDoc);
- ctxt->myDoc = NULL;
- }
- xmlFreeParserCtxt(ctxt);
- return(NULL);
+ goto done;
}
- /* done */
+ /* success */
res = ctxt->myDoc;
ctxt->myDoc = NULL;
- xmlFreeParserCtxt(ctxt);
+
+done:
+ /* cleanup */
+ if(ctxt != NULL) {
+ if(ctxt->myDoc != NULL) {
+ xmlFreeDoc(ctxt->myDoc);
+ ctxt->myDoc = NULL;
+ }
+ xmlFreeParserCtxt(ctxt);
+ }
return(res);
}
xmlSecXmlError("xmlCreatePushParserCtxt", NULL);
goto done;
}
-
- /* required for c14n! */
- ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
- ctxt->replaceEntities = 1;
+ xmlSecParsePrepareCtxt(ctxt);
/* prefix */
if((prefix != NULL) && (prefixSize > 0)) {
- ret = xmlParseChunk(ctxt, (const char*)prefix, prefixSize, 0);
+ int prefixLen;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(prefixSize, prefixLen, goto done, NULL);
+ ret = xmlParseChunk(ctxt, (const char*)prefix, prefixLen, 0);
if(ret != 0) {
xmlSecXmlParserError2("xmlParseChunk", ctxt, NULL,
- "chunkSize=%d", prefixSize);
-
+ "chunkSize=%d", prefixLen);
goto done;
}
}
/* buffer */
if((buffer != NULL) && (bufferSize > 0)) {
- ret = xmlParseChunk(ctxt, (const char*)buffer, bufferSize, 0);
+ int bufferLen;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(bufferSize, bufferLen, goto done, NULL);
+ ret = xmlParseChunk(ctxt, (const char*)buffer, bufferLen, 0);
if(ret != 0) {
xmlSecXmlParserError2("xmlParseChunk", ctxt, NULL,
- "chunkSize=%d", bufferSize);
-
+ "chunkSize=%d", bufferLen);
goto done;
}
}
/* postfix */
if((postfix != NULL) && (postfixSize > 0)) {
- ret = xmlParseChunk(ctxt, (const char*)postfix, postfixSize, 0);
+ int postfixLen;
+
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(postfixSize, postfixLen, goto done, NULL);
+ ret = xmlParseChunk(ctxt, (const char*)postfix, postfixLen, 0);
if(ret != 0) {
xmlSecXmlParserError2("xmlParseChunk", ctxt, NULL,
- "chunkSize=%d", postfixSize);
-
+ "chunkSize=%d", postfixLen);
goto done;
}
}
xmlSecParseMemory(const xmlSecByte *buffer, xmlSecSize size, int recovery) {
xmlParserCtxtPtr ctxt;
xmlDocPtr res = NULL;
+ int len;
int ret;
xmlSecAssert2(buffer != NULL, NULL);
- ctxt = xmlCreateMemoryParserCtxt((char*)buffer, size);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(size, len, return(NULL), NULL);
+ ctxt = xmlCreateMemoryParserCtxt((char*)buffer, len);
if (ctxt == NULL) {
xmlSecXmlError("xmlCreateMemoryParserCtxt", NULL);
return(NULL);
}
-
- /* required for c14n! */
- ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
- ctxt->replaceEntities = 1;
+ xmlSecParsePrepareCtxt(ctxt);
ret = xmlParseDocument(ctxt);
if(ret < 0) {
if(ctxt->myDoc != NULL) {
xmlFreeDoc(ctxt->myDoc);
ctxt->myDoc = NULL;
- }
+ }
xmlFreeParserCtxt(ctxt);
return(NULL);
}
return(res);
}
+/**
+ * xmlSecParsePrepareCtxt:
+ * @ctxt: the parser context
+ *
+ * Prepares parser context for parsing XML for XMLSec.
+ */
+void
+xmlSecParsePrepareCtxt(xmlParserCtxtPtr ctxt) {
+ xmlSecAssert(ctxt != NULL);
+
+ /* required for c14n! */
+ ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
+ ctxt->replaceEntities = 1;
+
+ xmlCtxtUseOptions(ctxt, xmlSecParserGetDefaultOptions());
+}
+
+/*
+ * XML_PARSE_NONET to support c14n
+ * XML_PARSE_NODICT to avoid problems with moving nodes around
+ * XML_PARSE_HUGE to enable parsing of XML documents with large text nodes
+ */
+static int g_xmlsec_parser_default_options = XML_PARSE_NONET | XML_PARSE_NODICT | XML_PARSE_HUGE;
+
+/**
+ * xmlSecParserGetDefaultOptions:
+ *
+ * Gets default LibXML2 parser options.
+ *
+ * Returns: the current default LibXML2 parser options.
+ */
+int
+xmlSecParserGetDefaultOptions(void) {
+ return (g_xmlsec_parser_default_options);
+}
+
+/**
+ * xmlSecParserSetDefaultOptions:
+ * @options: the new parser options.
+ *
+ * Sets default LibXML2 parser options.
+ */
+void xmlSecParserSetDefaultOptions(int options) {
+ g_xmlsec_parser_default_options = options;
+}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:relationship
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
+/**************************************************************************
+ *
+ * XML Relationshi transform
+ *
+ * xmlSecTransform + xmlSecRelationshipCtx
+ *
+ ***************************************************************************/
typedef struct _xmlSecRelationshipCtx xmlSecRelationshipCtx,
*xmlSecRelationshipCtxPtr;
struct _xmlSecRelationshipCtx {
xmlSecPtrListPtr sourceIdList;
};
-#define xmlSecRelationshipSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecRelationshipCtx))
-#define xmlSecRelationshipGetCtx(transform) \
- ((xmlSecRelationshipCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+XMLSEC_TRANSFORM_DECLARE(Relationship, xmlSecRelationshipCtx)
+#define xmlSecRelationshipSize XMLSEC_TRANSFORM_SIZE(Relationship)
static int xmlSecRelationshipInitialize (xmlSecTransformPtr transform);
static void xmlSecRelationshipFinalize (xmlSecTransformPtr transform);
if(ret < 0) {
xmlSecInternalError("xmlSecTransformRelationshipExecute",
xmlSecTransformGetName(transform));
- xmlOutputBufferClose(buf);
+ (void)xmlOutputBufferClose(buf);
return(-1);
}
if(ret < 0) {
xmlSecInternalError("xmlC14NExecute",
xmlSecTransformGetName(transform));
- xmlOutputBufferClose(buf);
+ (void)xmlOutputBufferClose(buf);
return(-1);
}
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
} else if(xmlSecBufferGetSize(out) == 0) {
NULL =
EXTRA_DIST = \
- README \
+ README.md \
$(NULL)
lib_LTLIBRARIES = \
--- /dev/null
+# XMLSec Library: XMLSEC-SKELETON
+
+## What version of SKELETON?
+SKELETON X.Y.Z or later is required.
+
+## Known issues / limitations
+TODO
\ No newline at end of file
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:app
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:crypto
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
#define __XMLSEC_GLOBALS_H__
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
17 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>
*/
/**
* SECTION:soap
#include <xmlsec/soap.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
/***********************************************************************
*
* SOAP 1.1
faultCode);
if(ret < 0) {
xmlSecInternalError2("xmlSecQName2IntegerNodeWrite", NULL,
- "faultCode=%d", faultCode);
+ "faultCode=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(faultCode));
xmlUnlinkNode(faultNode);
xmlFreeNode(faultNode);
return(NULL);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:strings
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:templates
return(-1);
}
-#ifdef WIN32
- sprintf_s(buf, sizeof(buf), "%lu", (unsigned long)bitsLen);
-#else /* WIN32 */
- sprintf(buf, "%lu", (unsigned long)bitsLen);
-#endif /* WIN32 */
+#if defined(_MSC_VER)
+ sprintf_s(buf, sizeof(buf), XMLSEC_SIZE_FMT, bitsLen);
+#else /* defined(_MSC_VER) */
+ sprintf(buf, XMLSEC_SIZE_FMT, bitsLen);
+#endif /* defined(_MSC_VER) */
+
xmlNodeSetContent(cur, BAD_CAST buf);
return(0);
}
base64 = xmlSecBase64Encode(buf, size, 0);
if(base64 == NULL) {
- xmlSecInternalError2("xmlSecBase64Encode", NULL, "size=%d", size);
+ xmlSecInternalError2("xmlSecBase64Encode", NULL, "size=" XMLSEC_SIZE_FMT, size);
return(-1);
}
--- /dev/null
+/*
+ * XML Security Library (http://www.aleksey.com/xmlsec).
+ *
+ * Internal header only used during the compilation,
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2022 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ */
+#ifndef __XMLSEC_TRASNFORMS_HELPERS_H__
+#define __XMLSEC_TRASNFORMS_HELPERS_H__
+
+
+#ifndef XMLSEC_PRIVATE
+#error "private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
+#endif /* XMLSEC_PRIVATE */
+
+#include <xmlsec/transforms.h>
+
+#ifndef XMLSEC_NO_HMAC
+
+/* max HMAC output size in bytes */
+#define XMLSEC_TRASNFORM_HMAC_MAX_OUTPUT_SIZE 128U
+
+XMLSEC_EXPORT int xmlSecTransformHmacReadOutputBitsSize (xmlNodePtr node,
+ xmlSecSize defaultSize,
+ xmlSecSize* res);
+
+#endif /* XMLSEC_NO_HMAC */
+
+#ifndef XMLSEC_NO_RSA
+
+XMLSEC_EXPORT int xmlSecTransformRsaOaepReadParams (xmlNodePtr node,
+ xmlSecBufferPtr params,
+ xmlChar** algorithm);
+#endif /* XMLSEC_NO_RSA */
+
+#endif /* __XMLSEC_TRASNFORMS_HELPERS_H__ */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
- * SECTION:transforms
+ * SECTION:transforms
* @Short_description: Transform object functions.
* @Stability: Stable
*
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
+#include <stddef.h>
#include <libxml/tree.h>
#include <libxml/xpath.h>
#include <xmlsec/parser.h>
#include <xmlsec/errors.h>
-#include <xmlsec/private/xslt.h>
+#include "xslt.h"
+#include "cast_helpers.h"
+#include "transform_helpers.h"
+
+#define XMLSEC_TRANSFORM_XPOINTER_TMPL "xpointer(id(\'%s\'))"
/**************************************************************************
*
xmlSecTransformUriTypeCheck(xmlSecTransformUriType type, const xmlChar* uri) {
xmlSecTransformUriType uriType = 0;
- if((uri == NULL) || (xmlStrlen(uri) == 0)) {
+ if((uri == NULL) || (xmlSecStrlen(uri) == 0)) {
uriType = xmlSecTransformUriTypeEmpty;
} else if(uri[0] == '#') {
uriType = xmlSecTransformUriTypeSameDocument;
xmlSecNodeSetType nodeSetType = xmlSecNodeSetTree;
const xmlChar* xptr;
xmlChar* buf = NULL;
+ int uriLen;
int useVisa3DHack = 0;
int ret;
}
/* is it an empty uri? */
- if((uri == NULL) || (xmlStrlen(uri) == 0)) {
+ if((uri == NULL) || (xmlSecStrlen(uri) == 0)) {
return(0);
}
return(0);
}
- ctx->uri = xmlStrndup(uri, (int)(xptr - uri));
+ XMLSEC_SAFE_CAST_PTRDIFF_TO_INT((xptr - uri), uriLen, return(-1), NULL);
+ ctx->uri = xmlStrndup(uri, uriLen);
if(ctx->uri == NULL) {
xmlSecStrdupError(uri, NULL);
return(-1);
nodeSetType = xmlSecNodeSetTreeWithoutComments;
useVisa3DHack = 1;
} else {
- static const char tmpl[] = "xpointer(id(\'%s\'))";
xmlSecSize size;
+ int len;
/* we need to add "xpointer(id('..')) because otherwise we have
* problems with numeric ("111" and so on) and other "strange" ids */
- size = xmlStrlen(BAD_CAST tmpl) + xmlStrlen(xptr) + 2;
+ len = xmlStrlen(BAD_CAST XMLSEC_TRANSFORM_XPOINTER_TMPL) + xmlStrlen(xptr) + 2;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(-1), NULL);
buf = (xmlChar*)xmlMalloc(size * sizeof(xmlChar));
if(buf == NULL) {
xmlSecMallocError(size * sizeof(xmlChar), NULL);
return(-1);
}
- ret = xmlStrPrintf(buf, size, tmpl, xptr + 1);
+ ret = xmlStrPrintf(buf, len, XMLSEC_TRANSFORM_XPOINTER_TMPL, xptr + 1);
if(ret < 0) {
xmlSecXmlError("xmlStrPrintf", NULL);
xmlFree(buf);
ret = xmlSecTransformPushBin(ctx->first, data, dataSize, 1, ctx);
if(ret < 0) {
xmlSecInternalError2("xmlSecTransformPushBin", NULL,
- "dataSize=%d", dataSize);
+ "dataSize=" XMLSEC_SIZE_FMT, dataSize);
return(-1);
}
xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, -1);
xmlSecAssert2(doc != NULL, -1);
- if((ctx->uri == NULL) || (xmlStrlen(ctx->uri) == 0)) {
+ if((ctx->uri == NULL) || (xmlSecStrlen(ctx->uri) == 0)) {
xmlSecNodeSetPtr nodes;
- if((ctx->xptrExpr != NULL) && (xmlStrlen(ctx->xptrExpr) > 0)){
+ if((ctx->xptrExpr != NULL) && (xmlSecStrlen(ctx->xptrExpr) > 0)){
/* our xpointer transform takes care of providing correct nodes set */
nodes = xmlSecNodeSetCreate(doc, NULL, xmlSecNodeSetNormal);
if(nodes == NULL) {
xmlSecAssert(ctx != NULL);
xmlSecAssert(output != NULL);
- fprintf(output, "== TRANSFORMS CTX (status=%d)\n", ctx->status);
+ fprintf(output, "== TRANSFORMS CTX (status=" XMLSEC_ENUM_FMT ")\n",
+ XMLSEC_ENUM_CAST(ctx->status));
fprintf(output, "== flags: 0x%08x\n", ctx->flags);
fprintf(output, "== flags2: 0x%08x\n", ctx->flags2);
xmlSecAssert(ctx != NULL);
xmlSecAssert(output != NULL);
- fprintf(output, "<TransformCtx status=\"%d\">\n", ctx->status);
+ fprintf(output, "<TransformCtx status=\"" XMLSEC_ENUM_FMT "\">\n",
+ XMLSEC_ENUM_CAST(ctx->status));
fprintf(output, "<Flags>%08x</Flags>\n", ctx->flags);
fprintf(output, "<Flags2>%08x</Flags2>\n", ctx->flags2);
}
break;
default:
- xmlSecInvalidIntegerDataError("mode", mode,
- "xmlSecTransformModePush,xmlSecTransformModePop",
- xmlSecTransformGetName(transform));
+ xmlSecUnsupportedEnumValueError("mode", mode, xmlSecTransformGetName(transform));
return(xmlSecTransformDataTypeUnknown);
}
ret = xmlSecBufferAppend(&(transform->inBuf), data, chunkSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferAppend",
- xmlSecTransformGetName(transform),
- "size=%d", chunkSize);
+ xmlSecInternalError2("xmlSecBufferAppend", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, chunkSize);
return(-1);
}
finalData = (((dataSize == 0) && (final != 0)) ? 1 : 0);
ret = xmlSecTransformExecute(transform, finalData, transformCtx);
if(ret < 0) {
- xmlSecInternalError2("xmlSecTransformExecute",
- xmlSecTransformGetName(transform),
- "final=%d", final);
+ xmlSecInternalError2("xmlSecTransformExecute", xmlSecTransformGetName(transform),
+ "final=%d", final);
return(-1);
}
finalData,
transformCtx);
if(ret < 0) {
- xmlSecInternalError3("xmlSecTransformPushBin",
- xmlSecTransformGetName(transform->next),
- "final=%d;outSize=%d", final, outSize);
+ xmlSecInternalError3("xmlSecTransformPushBin", xmlSecTransformGetName(transform->next),
+ "final=%d;outSize=" XMLSEC_SIZE_FMT, final, outSize);
return(-1);
}
}
if(outSize > 0) {
ret = xmlSecBufferRemoveHead(&(transform->outBuf), outSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
}
/* ensure that we have space for at least one data chunk */
ret = xmlSecBufferSetMaxSize(&(transform->inBuf), inSize + chunkSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetMaxSize",
- xmlSecTransformGetName(transform),
- "size=%d", inSize + chunkSize);
+ xmlSecInternalError2("xmlSecBufferSetMaxSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, (inSize + chunkSize));
return(-1);
}
xmlSecBufferGetData(&(transform->inBuf)) + inSize,
chunkSize, &chunkSize, transformCtx);
if(ret < 0) {
- xmlSecInternalError("xmlSecTransformPopBin",
- xmlSecTransformGetName(transform->prev));
+ xmlSecInternalError("xmlSecTransformPopBin", xmlSecTransformGetName(transform->prev));
return(-1);
}
if(chunkSize > 0) {
ret = xmlSecBufferSetSize(&(transform->inBuf), inSize + chunkSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferSetSize",
- xmlSecTransformGetName(transform),
- "size=%d", inSize + chunkSize);
+ xmlSecInternalError2("xmlSecBufferSetSize", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, (inSize + chunkSize));
return(-1);
}
final = 0; /* the previous transform returned some data..*/
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
- "size=%d", outSize);
+ "size=" XMLSEC_SIZE_FMT, outSize);
return(-1);
}
}
static void xmlSecTransformIOBufferDestroy (xmlSecTransformIOBufferPtr buffer);
static int xmlSecTransformIOBufferRead (xmlSecTransformIOBufferPtr buffer,
xmlSecByte *buf,
- xmlSecSize size);
+ int len);
static int xmlSecTransformIOBufferWrite (xmlSecTransformIOBufferPtr buffer,
const xmlSecByte *buf,
- xmlSecSize size);
+ int len);
static int xmlSecTransformIOBufferClose (xmlSecTransformIOBufferPtr buffer);
type = xmlSecTransformDefaultGetDataType(transform, xmlSecTransformModePush, transformCtx);
if((type & xmlSecTransformDataTypeBin) == 0) {
xmlSecInvalidTransfromError2(transform,
- "push binary data not supported, type=\"%d\"",
- (int)type);
+ "push binary data not supported, type=\"" XMLSEC_ENUM_FMT "\"",
+ XMLSEC_ENUM_CAST(type));
return(NULL);
}
type = xmlSecTransformDefaultGetDataType(transform, xmlSecTransformModePop, transformCtx);
if((type & xmlSecTransformDataTypeBin) == 0) {
xmlSecInvalidTransfromError2(transform,
- "pop binary data not supported, type=\"%d\"",
- (int)type);
+ "pop binary data not supported, type=\"" XMLSEC_ENUM_FMT "\"",
+ XMLSEC_ENUM_CAST(type));
return(NULL);
}
static int
xmlSecTransformIOBufferRead(xmlSecTransformIOBufferPtr buffer,
- xmlSecByte *buf, xmlSecSize size) {
+ xmlSecByte *buf, int len) {
+ xmlSecSize size;
int ret;
+ int res;
xmlSecAssert2(buffer != NULL, -1);
xmlSecAssert2(buffer->mode == xmlSecTransformIOBufferModeRead, -1);
xmlSecAssert2(buffer->transformCtx != NULL, -1);
xmlSecAssert2(buf != NULL, -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(-1), xmlSecTransformGetName(buffer->transform));
ret = xmlSecTransformPopBin(buffer->transform, buf, size, &size, buffer->transformCtx);
if(ret < 0) {
xmlSecInternalError("xmlSecTransformPopBin",
xmlSecTransformGetName(buffer->transform));
return(-1);
}
- return(size);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(size, res, return(-1), NULL);
+ return(res);
}
static int
xmlSecTransformIOBufferWrite(xmlSecTransformIOBufferPtr buffer,
- const xmlSecByte *buf, xmlSecSize size) {
+ const xmlSecByte *buf, int len) {
+ xmlSecSize size;
int ret;
+ int res;
xmlSecAssert2(buffer != NULL, -1);
xmlSecAssert2(buffer->mode == xmlSecTransformIOBufferModeWrite, -1);
xmlSecAssert2(buffer->transformCtx != NULL, -1);
xmlSecAssert2(buf != NULL, -1);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(-1), xmlSecTransformGetName(buffer->transform));
ret = xmlSecTransformPushBin(buffer->transform, buf, size, 0, buffer->transformCtx);
if(ret < 0) {
xmlSecInternalError("xmlSecTransformPushBin",
xmlSecTransformGetName(buffer->transform));
return(-1);
}
- return(size);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(size, res, return(-1), NULL);
+ return(res);
}
static int
xmlSecTransformIOBufferDestroy(buffer);
return(0);
}
+
+
+/*********************************************************************
+ *
+ * Helper transform functions
+ *
+ ********************************************************************/
+
+#ifndef XMLSEC_NO_HMAC
+
+/* min output for hmac transform in bits */
+static xmlSecSize g_xmlsec_transform_hmac_min_output_bits_size = 80;
+
+/**
+ * xmlSecTransformHmacGetMinOutputBitsSize:
+ *
+ * Gets the minimum size in bits for HMAC output.
+ *
+ * Returns: the min HMAC output size in bits.
+ */
+xmlSecSize
+xmlSecTransformHmacGetMinOutputBitsSize(void) {
+ return(g_xmlsec_transform_hmac_min_output_bits_size);
+}
+
+/**
+ * xmlSecTransformHmacSetMinOutputBitsSize:
+ * @val: the new min hmac output size in bits.
+ *
+ * Sets the min HMAC output size in bits. Low value for min output size
+ * might create a security vulnerability and is not recommended.
+ */
+void xmlSecTransformHmacSetMinOutputBitsSize(xmlSecSize val) {
+ g_xmlsec_transform_hmac_min_output_bits_size = val;
+}
+
+/**
+ * xmlSecTransformHmacReadOutputDigestSize:
+ *
+ * HMAC (http://www.w3.org/TR/xmldsig-core/#sec-HMAC):
+ *
+ * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits
+ * as a parameter; if the parameter is not specified then all the bits of the
+ * hash are output. An example of an HMAC SignatureMethod element:
+ * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
+ * <HMACOutputLength>128</HMACOutputLength>
+ * </SignatureMethod>
+ *
+ * Schema Definition:
+ *
+ * <simpleType name="HMACOutputLengthType">
+ * <restriction base="integer"/>
+ * </simpleType>
+ *
+ * DTD:
+ *
+ * <!ELEMENT HMACOutputLength (#PCDATA)>
+ */
+int
+xmlSecTransformHmacReadOutputBitsSize(xmlNodePtr node, xmlSecSize defaultSize, xmlSecSize* res) {
+ xmlNodePtr cur;
+
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(res != NULL, -1);
+
+ cur = xmlSecGetNextElementNode(node->children);
+ if ((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
+ xmlSecSize minSize;
+ int ret;
+
+ ret = xmlSecGetNodeContentAsSize(cur, defaultSize, res);
+ if (ret != 0) {
+ xmlSecInternalError("xmlSecGetNodeContentAsSize(HMACOutputLength)", NULL);
+ return(-1);
+ }
+
+ /* Ensure that HMAC length is greater than min specified.
+ Otherwise, an attacker can set this length to 0 or very
+ small value
+ */
+ minSize = xmlSecTransformHmacGetMinOutputBitsSize();
+ if ((*res) < minSize) {
+ xmlSecInvalidNodeContentError3(cur, NULL,
+ "HMAC output length=" XMLSEC_SIZE_FMT "; HMAC min output length=" XMLSEC_SIZE_FMT,
+ (*res), minSize);
+ return(-1);
+ }
+
+ cur = xmlSecGetNextElementNode(cur->next);
+ }
+
+ /* no other nodes expected */
+ if (cur != NULL) {
+ xmlSecUnexpectedNodeError(cur, NULL);
+ return(-1);
+ }
+ return(0);
+}
+
+#endif /* XMLSEC_NO_HMAC */
+
+#ifndef XMLSEC_NO_RSA
+
+int
+xmlSecTransformRsaOaepReadParams(xmlNodePtr node, xmlSecBufferPtr params, xmlChar** algorithm) {
+ xmlChar* alg = NULL;
+ xmlNodePtr cur;
+ int ret;
+ int res = -1;
+
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(params != NULL, -1);
+ xmlSecAssert2(algorithm != NULL, -1);
+
+ cur = xmlSecGetNextElementNode(node->children);
+ while (cur != NULL) {
+ if (xmlSecCheckNodeName(cur, xmlSecNodeRsaOAEPparams, xmlSecEncNs)) {
+ ret = xmlSecBufferBase64NodeContentRead(params, cur);
+ if (ret < 0) {
+ xmlSecInternalError("xmlSecBufferBase64NodeContentRead", NULL);
+ goto done;
+ }
+ } else if (xmlSecCheckNodeName(cur, xmlSecNodeDigestMethod, xmlSecDSigNs)) {
+ /* Algorithm attribute is required */
+ alg = xmlGetProp(cur, xmlSecAttrAlgorithm);
+ if (alg == NULL) {
+ xmlSecInvalidNodeAttributeError(cur, xmlSecAttrAlgorithm, NULL, "empty");
+ goto done;
+ }
+ } else {
+ /* node not recognized */
+ xmlSecUnexpectedNodeError(cur, NULL);
+ goto done;
+ }
+
+ /* next node */
+ cur = xmlSecGetNextElementNode(cur->next);
+ }
+
+ /* success */
+ (*algorithm) = alg;
+ alg = NULL;
+ res = 0;
+
+done:
+ /* cleanup */
+ if (alg != NULL) {
+ xmlFree(alg);
+ }
+ return(res);
+}
+
+#endif /* XMLSEC_NO_RSA */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:x509
* @node: the pointer to <dsig:X509Data/> node.
* @keyInfoCtx: the pointer to <dsig:KeyInfo/> node processing context.
*
- * Reads the contents of <dsig:X509Data/> node and returns it as
+ * DEPRECATED. Reads the contents of <dsig:X509Data/> node and returns it as
* a bits mask.
*
* Returns: the bit mask representing the <dsig:X509Data/> node content
if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
if(xmlSecIsEmptyNode(cur) == 1) {
content |= XMLSEC_X509DATA_CERTIFICATE_NODE;
+ } else {
+ /* ensure return value isn't 0 if there are non-empty elements */
+ content |= (XMLSEC_X509DATA_CERTIFICATE_NODE << 16);
}
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
if(xmlSecIsEmptyNode(cur) == 1) {
content |= XMLSEC_X509DATA_SUBJECTNAME_NODE;
+ } else {
+ content |= (XMLSEC_X509DATA_SUBJECTNAME_NODE << 16);
}
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
if(xmlSecIsEmptyNode(cur) == 1) {
content |= XMLSEC_X509DATA_ISSUERSERIAL_NODE;
+ } else {
+ content |= (XMLSEC_X509DATA_ISSUERSERIAL_NODE << 16);
}
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
if(xmlSecIsEmptyNode(cur) == 1) {
content |= XMLSEC_X509DATA_SKI_NODE;
+ } else {
+ content |= (XMLSEC_X509DATA_SKI_NODE << 16);
}
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
if(xmlSecIsEmptyNode(cur) == 1) {
content |= XMLSEC_X509DATA_CRL_NODE;
+ } else {
+ content |= (XMLSEC_X509DATA_CRL_NODE << 16);
}
} else {
/* todo: fail on unknown child node? */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:xmldsig
#include <xmlsec/xmldsig.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
/**************************************************************************
*
* xmlSecDSigCtx
static int xmlSecDSigCtxProcessReferences (xmlSecDSigCtxPtr dsigCtx,
xmlNodePtr firstReferenceNode);
-/* TIZEN CUSTOMIZED */
-static int xmlSecHexToInt (char a);
-static int xmlSecDecodeCmp (const xmlChar* encoded,
- const xmlChar* plain);
-#define xmlSecTizenError(...) do {\
- xmlSecError(XMLSEC_ERRORS_HERE,NULL,NULL,\
- XMLSEC_ERRORS_MAX_NUMBER,\
- __VA_ARGS__);\
- } while (0)
/* The ID attribute in XMLDSig is 'Id' */
static const xmlChar* xmlSecDSigIds[] = { xmlSecAttrId, NULL };
memset(dsigCtx, 0, sizeof(xmlSecDSigCtx));
}
-/* TIZEN CUSTOMIZED */
-int
-xmlSecProxyCtxAdd(xmlSecProxyCtxPtr* proxyCtxPtrPtr, const xmlChar* uri) {
- xmlSecProxyCtxPtr pc = (xmlSecProxyCtxPtr)xmlMalloc(sizeof(xmlSecProxyCtx));
- if(pc == NULL) {
- xmlSecMallocError(sizeof(xmlSecProxyCtx), NULL);
- return(-1);
- }
-
- pc->cache = xmlStrdup(uri);
- if(pc->cache == NULL) {
- xmlSecStrdupError(uri, NULL);
- xmlFree(pc);
- return(-1);
- }
- pc->next = NULL;
-
- while(*proxyCtxPtrPtr != NULL)
- proxyCtxPtrPtr = &((*proxyCtxPtrPtr)->next);
-
- *proxyCtxPtrPtr = pc;
- return(0);
-}
-
-void xmlSecProxyCtxDestroy(xmlSecProxyCtxPtr proxyCtxPtr) {
- while(proxyCtxPtr != NULL) {
- if(proxyCtxPtr->cache != NULL)
- xmlFree(proxyCtxPtr->cache);
-
- xmlSecProxyCtxPtr next = proxyCtxPtr->next;
- xmlFree(proxyCtxPtr);
- proxyCtxPtr = next;
- }
-}
-
/**
* xmlSecDSigCtxEnableReferenceTransform:
* @dsigCtx: the pointer to <dsig:Signature/> processing context.
*/
int
xmlSecDSigCtxSign(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr tmpl) {
+ xmlSecByte* outBuf;
+ xmlSecSize outSize;
+ int outLen;
int ret;
xmlSecAssert2(dsigCtx != NULL, -1);
}
/* write signed data to xml */
- xmlNodeSetContentLen(dsigCtx->signValueNode,
- xmlSecBufferGetData(dsigCtx->result),
- xmlSecBufferGetSize(dsigCtx->result));
+ outBuf = xmlSecBufferGetData(dsigCtx->result);
+ outSize = xmlSecBufferGetSize(dsigCtx->result);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(outSize, outLen, return(-1), NULL);
+ xmlNodeSetContentLen(dsigCtx->signValueNode, outBuf, outLen);
/* set success status and we are done */
dsigCtx->status = xmlSecDSigStatusSucceeded;
/* as the result, we should have a key */
xmlSecAssert2(dsigCtx->signKey != NULL, -1);
- /* TIZEN CUSTOMIZED : if no-hash mode, skip processing references */
- if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_IGNORE_REFERENCES) != 0) {
- xmlSecTizenError("Skip processing references. no-hash mode.");
- dsigCtx->status = xmlSecDSigStatusSucceeded;
- } else {
- /* now actually process references and calculate digests */
- ret = xmlSecDSigCtxProcessReferences(dsigCtx, firstReferenceNode);
- if(ret < 0) {
- xmlSecInternalError("xmlSecDSigCtxProcessReferences", NULL);
- return(-1);
- }
- /* references processing might change the status */
- if(dsigCtx->status != xmlSecDSigStatusUnknown) {
- return(0);
- }
+ /* now actually process references and calculate digests */
+ ret = xmlSecDSigCtxProcessReferences(dsigCtx, firstReferenceNode);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecDSigCtxProcessReferences", NULL);
+ return(-1);
+ }
+ /* references processing might change the status */
+ if(dsigCtx->status != xmlSecDSigStatusUnknown) {
+ return(0);
}
/* if we need to write result to xml node then we need base64 encode result */
if(dsigCtx->preSignMemBufMethod == NULL) {
xmlSecInternalError("xmlSecTransformCtxCreateAndAppend",
xmlSecTransformKlassGetName(xmlSecTransformMemBufId));
+ return(-1);
}
}
return(0);
}
-static int
-xmlSecHexToInt(char a)
-{
- if (a >= '0' && a <= '9') return(a - '0');
- if (a >= 'A' && a <= 'F') return(a - 'A' + 10);
- if (a >= 'a' && a <= 'f') return(a - 'a' + 10);
-
- return(-1);
-}
-
-static int
-xmlSecDecodeCmp(const xmlChar* encoded, const xmlChar* plain) {
-
- xmlSecAssert2(encoded != NULL, -1);
- xmlSecAssert2(plain != NULL, -1);
-
- while(*plain != '\0') {
- if(*encoded == '\0')
- return(-1);
-
- /* check encoded char is same with plain char */
- if(*encoded == '%') {
- if(*(encoded + 1) == '\0' &&*(encoded + 2) == '\0')
- return(-1);
-
- if((int)*plain !=
- xmlSecHexToInt(*(encoded + 1)) * 16 + xmlSecHexToInt(*(encoded + 2)))
- return(-1);
-
- encoded += 3;
- plain++;
- } else {
- if(*(encoded++) != *(plain++))
- return(-1);
- }
- }
- return(0);
-}
static int
xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferenceNode) {
return(-1);
}
- /* TIZEN CUSTOMIZED : skip uri in proxy caches for proxy mode */
- if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_SKIP_PROXY) != 0) {
-
- int isInProxy = 0;
- if(dsigCtx->skipReferences != NULL) {
- xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI);
- if(refUri == NULL) {
- xmlSecInvalidNodeAttributeError(cur, NULL, NULL, "empty");
- return(-1);
- }
-
- xmlSecProxyCtxPtr pc = dsigCtx->skipReferences;
- while(pc != NULL) {
- if(strncmp((char*)refUri, (char*)pc->cache, xmlStrlen(refUri)) == 0) {
- isInProxy = 1;
- xmlSecTizenError("[%s] is already checked by singature-validator.", refUri);
- break;
- }
- pc = pc->next;
- }
- xmlFree(refUri);
- } else {
- /* if proxy is not exist, process references */
- xmlSecTizenError("Proxy doesn't exist.");
- }
-
- if(isInProxy)
- continue;
- }
-
- /* TIZEN CUSTOMIZED : check uri only in proxy caches for partial mode */
- if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_CHECK_PROXY) != 0) {
-
- int isInProxy = 0;
- if(dsigCtx->checkReferences != NULL) {
- xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI);
- if(refUri == NULL) {
- xmlSecInvalidNodeAttributeError(cur, NULL, NULL, "empty");
- return(-1);
- }
-
- xmlSecProxyCtxPtr pc = dsigCtx->checkReferences;
- while(pc != NULL) {
- if(xmlSecDecodeCmp(refUri, pc->cache) == 0) {
- isInProxy = 1;
- xmlSecTizenError("Check [%s] on processing references.", refUri);
- break;
- }
- pc = pc->next;
- }
- xmlFree(refUri);
- } else {
- /* if proxy is not exist, process references */
- xmlSecTizenError("Proxy doesn't exist.");
- }
-
- /* if not exist on proxy, skip on processing references */
- if(isInProxy == 0)
- continue;
- }
-
/* create reference */
dsigRefCtx = xmlSecDSigReferenceCtxCreate(dsigCtx, xmlSecDSigReferenceOriginSignedInfo);
if(dsigRefCtx == NULL) {
}
dsigRefCtx->transformCtx.preExecCallback = dsigCtx->referencePreExecuteCallback;
dsigRefCtx->transformCtx.enabledUris = dsigCtx->enabledReferenceUris;
+ dsigRefCtx->transformCtx.userData = dsigCtx->userData;
if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK) != 0) {
dsigRefCtx->transformCtx.flags |= XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK;
/* finally get transforms results */
ret = xmlSecTransformCtxExecute(transformCtx, node->doc);
if(ret < 0) {
- xmlSecInternalError("xmlSecTransformCtxExecute", dsigRefCtx->uri);
+ xmlSecInternalError("xmlSecTransformCtxExecute", NULL);
return(-1);
}
dsigRefCtx->result = transformCtx->result;
if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
+ xmlSecByte* outBuf;
+ xmlSecSize outSize;
+ int outLen;
+
if((dsigRefCtx->result == NULL) || (xmlSecBufferGetData(dsigRefCtx->result) == NULL)) {
xmlSecInternalError("xmlSecTransformCtxExecute", NULL);
return(-1);
}
/* write signed data to xml */
- xmlNodeSetContentLen(digestValueNode,
- xmlSecBufferGetData(dsigRefCtx->result),
- xmlSecBufferGetSize(dsigRefCtx->result));
+ outBuf = xmlSecBufferGetData(dsigRefCtx->result);
+ outSize = xmlSecBufferGetSize(dsigRefCtx->result);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(outSize, outLen, return(-1), NULL);
+ xmlNodeSetContentLen(digestValueNode, outBuf, outLen);
/* set success status and we are done */
dsigRefCtx->status = xmlSecDSigStatusSucceeded;
ret = xmlSecTransformVerifyNodeContent(dsigRefCtx->digestMethod,
digestValueNode, transformCtx);
if(ret < 0) {
- xmlSecInternalError("xmlSecTransformVerifyNodeContent", dsigRefCtx->uri);
+ xmlSecInternalError("xmlSecTransformVerifyNodeContent", NULL);
return(-1);
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:xmlenc
#include <xmlsec/xmlenc.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
static int xmlSecEncCtxEncDataNodeRead (xmlSecEncCtxPtr encCtx,
xmlNodePtr node);
static int xmlSecEncCtxEncDataNodeWrite (xmlSecEncCtxPtr encCtx);
xmlFree(encCtx);
}
+static void
+xmlSecEncCtxSetDefaults(xmlSecEncCtxPtr encCtx) {
+ xmlSecAssert(encCtx != NULL);
+
+ encCtx->keyInfoReadCtx.mode = xmlSecKeyInfoModeRead;
+
+ /* it's not wise to write private key :) */
+ encCtx->keyInfoWriteCtx.mode = xmlSecKeyInfoModeWrite;
+ encCtx->keyInfoWriteCtx.keyReq.keyType = xmlSecKeyDataTypePublic;
+}
+
/**
* xmlSecEncCtxInitialize:
* @encCtx: the pointer to <enc:EncryptedData/> processing context.
xmlSecInternalError("xmlSecKeyInfoCtxInitialize", NULL);
return(-1);
}
- encCtx->keyInfoReadCtx.mode = xmlSecKeyInfoModeRead;
ret = xmlSecKeyInfoCtxInitialize(&(encCtx->keyInfoWriteCtx), keysMngr);
if(ret < 0) {
xmlSecInternalError("xmlSecKeyInfoCtxInitialize", NULL);
return(-1);
}
- encCtx->keyInfoWriteCtx.mode = xmlSecKeyInfoModeWrite;
- /* it's not wise to write private key :) */
- encCtx->keyInfoWriteCtx.keyReq.keyType = xmlSecKeyDataTypePublic;
/* initializes transforms encCtx */
ret = xmlSecTransformCtxInitialize(&(encCtx->transformCtx));
return(-1);
}
+ xmlSecEncCtxSetDefaults(encCtx);
return(0);
}
encCtx->encDataNode = encCtx->encMethodNode =
encCtx->keyInfoNode = encCtx->cipherValueNode = NULL;
+
+ xmlSecEncCtxSetDefaults(encCtx);
}
/**
ret = xmlSecTransformCtxBinaryExecute(&(encCtx->transformCtx), data, dataSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecTransformCtxBinaryExecute", NULL,
- "dataSize=%d", dataSize);
+ "dataSize=" XMLSEC_SIZE_FMT, dataSize);
return(-1);
}
} else {
xmlSecInvalidStringTypeError("encryption type", encCtx->type,
"supported encryption type", NULL);
- xmlOutputBufferClose(output);
+ (void)xmlOutputBufferClose(output);
return(-1);
}
return(-1);
}
}
-
- encCtx->resultReplaced = 1;
+ encCtx->resultReplaced = 1;
} else if((encCtx->type != NULL) && xmlStrEqual(encCtx->type, xmlSecTypeEncContent)) {
/* check if we need to return the replaced node */
if((encCtx->flags & XMLSEC_ENC_RETURN_REPLACED_NODE) != 0) {
return(-1);
}
}
-
encCtx->resultReplaced = 1;
} else {
/* we should've caught this error before */
*/
xmlSecBufferPtr
xmlSecEncCtxDecryptToBuffer(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
+ xmlSecBufferPtr res = NULL;
+ xmlChar* data = NULL;
int ret;
xmlSecAssert2(encCtx != NULL, NULL);
ret = xmlSecEncCtxEncDataNodeRead(encCtx, node);
if(ret < 0) {
xmlSecInternalError("xmlSecEncCtxEncDataNodeRead", NULL);
- return(NULL);
+ goto done;
}
/* decrypt the data */
if(encCtx->cipherValueNode != NULL) {
- xmlChar* data = NULL;
- xmlSecSize dataSize = 0;
-
data = xmlNodeGetContent(encCtx->cipherValueNode);
if(data == NULL) {
xmlSecInvalidNodeContentError(encCtx->cipherValueNode, NULL, "empty");
- return(NULL);
+ goto done;
}
- dataSize = xmlStrlen(data);
- ret = xmlSecTransformCtxBinaryExecute(&(encCtx->transformCtx), data, dataSize);
+ ret = xmlSecTransformCtxBinaryExecute(&(encCtx->transformCtx), data, xmlSecStrlen(data));
if(ret < 0) {
xmlSecInternalError("xmlSecTransformCtxBinaryExecute", NULL);
- if(data != NULL) {
- xmlFree(data);
- }
- return(NULL);
- }
- if(data != NULL) {
- xmlFree(data);
+ goto done;
}
} else {
ret = xmlSecTransformCtxExecute(&(encCtx->transformCtx), node->doc);
if(ret < 0) {
xmlSecInternalError("xmlSecTransformCtxExecute", NULL);
- return(NULL);
+ goto done;
}
}
- encCtx->result = encCtx->transformCtx.result;
+ /* success */
+ res = encCtx->result = encCtx->transformCtx.result;
xmlSecAssert2(encCtx->result != NULL, NULL);
- return(encCtx->result);
+done:
+ if(data != NULL) {
+ xmlFree(data);
+ }
+ return(res);
}
static int
/* write encrypted data to xml (if requested) */
if(encCtx->cipherValueNode != NULL) {
- xmlSecAssert2(xmlSecBufferGetData(encCtx->result) != NULL, -1);
+ xmlSecByte* inBuf;
+ xmlSecSize inSize;
+ int inLen;
+
+ inBuf = xmlSecBufferGetData(encCtx->result);
+ inSize = xmlSecBufferGetSize(encCtx->result);
+ xmlSecAssert2(inBuf != NULL, -1);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, return(-1), NULL);
- xmlNodeSetContentLen(encCtx->cipherValueNode,
- xmlSecBufferGetData(encCtx->result),
- xmlSecBufferGetSize(encCtx->result));
+ xmlNodeSetContentLen(encCtx->cipherValueNode, inBuf, inLen);
encCtx->resultReplaced = 1;
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:xmlsec
#include <stdlib.h>
#include <stdio.h>
+#include <string.h>
#include <libxml/tree.h>
#include <xmlsec/io.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
+
/*
* Custom external entity handler, denies all files except the initial
* document we're parsing (input_id == 1)
/*
* xmlSecSetExternalEntityLoader:
- * @entityLoader: the new entity resolver function, or NULL to restore
+ * @entityLoader: the new entity resolver function, or NULL to restore
* libxml2's default handler
*
* Wrapper for xmlSetExternalEntityLoader.
*/
int
xmlSecShutdown(void) {
- int res = 0;
+ int res = -1;
xmlSecTransformIdsShutdown();
xmlSecKeyDataIdsShutdown();
#ifndef XMLSEC_NO_CRYPTO_DYNAMIC_LOADING
if(xmlSecCryptoDLShutdown() < 0) {
xmlSecInternalError("xmlSecCryptoDLShutdown", NULL);
- res = -1;
+ goto done;
}
#endif /* XMLSEC_NO_CRYPTO_DYNAMIC_LOADING */
+ /* success */
+ res = 0;
+
+#ifndef XMLSEC_NO_CRYPTO_DYNAMIC_LOADING
+done:
+#endif /* XMLSEC_NO_CRYPTO_DYNAMIC_LOADING */
+
xmlSecIOShutdown();
xmlSecErrorsShutdown();
return(res);
return(1);
}
+/**
+ * xmlSecStrlen:
+ * @str: the string.
+ *
+ * Calcaulates the lenght of the string.
+ *
+ * Returns: the length of the string.
+ */
+xmlSecSize
+xmlSecStrlen(const xmlChar* str) {
+ size_t len;
+ xmlSecSize res;
+ if (str == NULL) {
+ return(0);
+ }
+ len = strlen((const char*)str);
+ XMLSEC_SAFE_CAST_SIZE_T_TO_SIZE(len, res, return(0), NULL);
+ return(res);
+}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:xmltree
#include <xmlsec/base64.h>
#include <xmlsec/errors.h>
-static const xmlChar* g_xmlsec_xmltree_default_linefeed = xmlSecStringCR;
+#include "cast_helpers.h"
+
+static const xmlChar* g_xmlsec_xmltree_default_linefeed = xmlSecStringCR;
/**
* xmlSecGetDefaultLineFeed:
g_xmlsec_xmltree_default_linefeed = linefeed;
}
+
+/**
+ * xmlSecGetNodeContentAsSize:
+ * @cur: the pointer to XML node.
+ * @defValue: the default value that will be returned in @res if there is no node content.
+ * @res: the pointer to the result value.
+ *
+ * Reads @cur node content and converts it to xmlSecSize value.
+ *
+ * Returns: 0 on success or -1 on error.
+ */
+
+int
+xmlSecGetNodeContentAsSize(const xmlNodePtr cur, xmlSecSize defValue, xmlSecSize* res) {
+ xmlChar *content;
+ long int val;
+ char* endptr = NULL;
+
+ xmlSecAssert2(cur != NULL, -1);
+ xmlSecAssert2(res != NULL, -1);
+
+ content = xmlNodeGetContent(cur);
+ if(content == NULL) {
+ (*res) = defValue;
+ return(0);
+ }
+
+ val = strtol((char*)content, &endptr, 10);
+ if((val < 0) || (val == LONG_MAX) || (endptr == NULL)) {
+ xmlSecInvalidNodeContentError(cur, NULL, "can't parse node content as size");
+ xmlFree(content);
+ return(-1);
+ }
+
+ /* skip spaces at the end */
+ while(isspace((int)(*endptr))) {
+ ++endptr;
+ }
+ if((content + xmlStrlen(content)) != BAD_CAST endptr) {
+ xmlSecInvalidNodeContentError(cur, NULL, "can't parse node content as size (extra characters at the end)");
+ xmlFree(content);
+ return(-1);
+ }
+ xmlFree(content);
+
+ /* success */
+ XMLSEC_SAFE_CAST_LONG_TO_SIZE(val, (*res), return(-1), NULL);
+ return(0);
+}
+
/**
* xmlSecFindSibling:
* @cur: the pointer to XML node.
/* if not found then either add next or add at the end */
if(cur == NULL) {
cur = xmlSecAddChild(parent, name, ns);
- } else if((cur->next != NULL) && (cur->next->type == XML_TEXT_NODE)) {
- cur = xmlSecAddNextSibling(cur->next, name, ns);
} else {
cur = xmlSecAddNextSibling(cur, name, ns);
}
xmlSecAssert2(node != NULL, -1);
xmlSecAssert2(newNode != NULL, -1);
- xmlUnlinkNode(newNode);
- xmlSetTreeDoc(newNode, node->doc);
-
/* return the old nodes if requested */
if(replaced != NULL) {
xmlNodePtr cur, next, tail;
for(cur = node->children; (cur != NULL); cur = next) {
next = cur->next;
if((*replaced) != NULL) {
- /* n is unlinked in this function */
+ /* cur is unlinked in this function */
xmlAddNextSibling(tail, cur);
tail = cur;
} else {
xmlNodeSetContent(node, NULL);
}
- xmlAddChild(node, newNode);
- xmlSetTreeDoc(newNode, node->doc);
+ /* swap nodes */
+ xmlUnlinkNode(newNode);
+ xmlAddChildList(node, newNode);
return(0);
}
xmlSecReplaceNodeBufferAndReturn(xmlNodePtr node, const xmlSecByte *buffer, xmlSecSize size, xmlNodePtr *replaced) {
xmlNodePtr results = NULL;
xmlNodePtr next = NULL;
- int ret;
+ int len;
+ xmlParserErrors ret;
xmlSecAssert2(node != NULL, -1);
xmlSecAssert2(node->parent != NULL, -1);
/* parse buffer in the context of node's parent */
- ret = xmlParseInNodeContext(node->parent, (const char*)buffer, size, XML_PARSE_NODICT, &results);
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(size, len, return(-1), NULL);
+ ret = xmlParseInNodeContext(node->parent, (const char*)buffer, len,
+ xmlSecParserGetDefaultOptions(), &results);
if(ret != XML_ERR_OK) {
xmlSecXmlError("xmlParseInNodeContext", NULL);
return(-1);
xmlAddID(NULL, doc, name, attr);
} else if(tmp != attr) {
xmlSecInvalidStringDataError("id", name, "unique id (id already defined)", NULL);
+ /* ignore error */
}
xmlFree(name);
}
xmlSecAssert2(str != NULL, -1);
for( ;*str != '\0'; ++str) {
- if(!isspace((int)(*str))) {
+ if(!isspace((*str))) {
return(0);
}
}
return(res);
}
-
/**
* xmlSecGetQName:
* @node: the context node.
}
if((ns != NULL) && (ns->prefix != NULL)) {
- xmlSecSize len;
+ xmlSecSize size;
+ int len;
len = xmlStrlen(local) + xmlStrlen(ns->prefix) + 4;
- qname = (xmlChar *)xmlMalloc(len);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(NULL), NULL);
+
+ qname = (xmlChar *)xmlMalloc(size);
if(qname == NULL) {
- xmlSecMallocError(len, NULL);
+ xmlSecMallocError(size, NULL);
return(NULL);
}
qnameLocalPart = xmlStrchr(qname, ':');
if(qnameLocalPart != NULL) {
- qnamePrefix = xmlStrndup(qname, (int)(qnameLocalPart - qname));
+ int qnameLen;
+
+ XMLSEC_SAFE_CAST_PTRDIFF_TO_INT((qnameLocalPart - qname), qnameLen, return(-1), NULL);
+ qnamePrefix = xmlStrndup(qname, qnameLen);
if(qnamePrefix == NULL) {
xmlSecStrdupError(qname, NULL);
return(-1);
qnameLocalPart = xmlStrchr(qname, ':');
if(qnameLocalPart != NULL) {
- qnamePrefix = xmlStrndup(qname, (int)(qnameLocalPart - qname));
+ int qnameLen;
+
+ XMLSEC_SAFE_CAST_PTRDIFF_TO_INT((qnameLocalPart - qname), qnameLen, return(-1), NULL);
+ qnamePrefix = xmlStrndup(qname, qnameLen);
if(qnamePrefix == NULL) {
xmlSecStrdupError(qname, NULL);
return(-1);
qnameInfo = xmlSecQName2BitMaskGetInfo(info, mask);
if(qnameInfo == NULL) {
xmlSecInternalError3("xmlSecQName2BitMaskGetInfo", NULL,
- "node=%s,mask=%d",
- xmlSecErrorsSafeString(node->name),
- mask);
+ "node=%s,mask=%u", xmlSecErrorsSafeString(node->name), mask);
return(NULL);
}
* Windows string conversions
*
************************************************************************/
-#ifdef WIN32
+#if defined(XMLSEC_WINDOWS)
/**
* xmlSecWin32ConvertUtf8ToUnicode:
LPWSTR
xmlSecWin32ConvertUtf8ToUnicode(const xmlChar* str) {
LPWSTR res = NULL;
+ xmlSecSize size;
int len;
int ret;
return(NULL);
}
len = ret + 1;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(NULL), NULL);
/* allocate buffer */
- res = (LPWSTR)xmlMalloc(sizeof(WCHAR) * len);
+ res = (LPWSTR)xmlMalloc(sizeof(WCHAR) * size);
if(res == NULL) {
- xmlSecMallocError(sizeof(WCHAR) * len, NULL);
+ xmlSecMallocError(sizeof(WCHAR) * size, NULL);
return(NULL);
}
xmlChar*
xmlSecWin32ConvertUnicodeToUtf8(LPCWSTR str) {
xmlChar * res = NULL;
+ xmlSecSize size;
int len;
int ret;
return(NULL);
}
len = ret + 1;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(NULL), NULL);
/* allocate buffer */
- res = (xmlChar*)xmlMalloc(sizeof(xmlChar) * len);
+ res = (xmlChar*)xmlMalloc(sizeof(xmlChar) * size);
if(res == NULL) {
- xmlSecMallocError(sizeof(xmlChar) * len, NULL);
+ xmlSecMallocError(sizeof(xmlChar) * size, NULL);
return(NULL);
}
LPWSTR
xmlSecWin32ConvertLocaleToUnicode(const char* str) {
LPWSTR res = NULL;
+ xmlSecSize size;
int len;
int ret;
if(ret <= 0) {
return(NULL);
}
- len = ret;
+ len = ret + 1;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(NULL), NULL);
/* allocate buffer */
- res = (LPWSTR)xmlMalloc(sizeof(WCHAR) * len);
+ res = (LPWSTR)xmlMalloc(sizeof(WCHAR) * size);
if(res == NULL) {
- xmlSecMallocError(sizeof(WCHAR) * len, NULL);
+ xmlSecMallocError(sizeof(WCHAR) * size, NULL);
return(NULL);
}
xmlSecWin32ConvertLocaleToUtf8(const char * str) {
LPWSTR strW = NULL;
xmlChar * res = NULL;
+ xmlSecSize size;
int len;
int ret;
return(NULL);
}
len = ret + 1;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(NULL), NULL);
/* allocate buffer */
- res = (xmlChar*)xmlMalloc(sizeof(xmlChar) * len);
+ res = (xmlChar*)xmlMalloc(sizeof(xmlChar) * size);
if(res == NULL) {
- xmlSecMallocError(sizeof(xmlChar) * len, NULL);
+ xmlSecMallocError(sizeof(xmlChar) * size, NULL);
xmlFree(strW);
return(NULL);
}
xmlSecWin32ConvertUtf8ToLocale(const xmlChar* str) {
LPWSTR strW = NULL;
char * res = NULL;
+ xmlSecSize size;
int len;
int ret;
return(NULL);
}
len = ret + 1;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(len, size, return(NULL), NULL);
/* allocate buffer */
- res = (char*)xmlMalloc(sizeof(char) * len);
+ res = (char*)xmlMalloc(sizeof(char) * size);
if(res == NULL) {
- xmlSecMallocError(sizeof(char) * len, NULL);
+ xmlSecMallocError(sizeof(char) * size, NULL);
xmlFree(strW);
return(NULL);
}
#endif /* UNICODE */
}
-#endif /* WIN32 */
+#endif /* defined(XMLSEC_WINDOWS) */
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:xpath
* @Short_description: XPath transform implementation.
* @Stability: Private
*
- *
+ *
*/
#include "globals.h"
#include <xmlsec/transforms.h>
#include <xmlsec/errors.h>
+#include "cast_helpers.h"
/**************************************************************************
*
return(NULL);
}
break;
+ default:
+ xmlSecInternalError("Invalid XPath transform type", NULL);
+ return(NULL);
}
/* sometime LibXML2 returns an empty nodeset or just NULL, we want
to reserve NULL for our own purposes so we simply create an empty
node set here */
if(xpathObj->nodesetval == NULL) {
- xpathObj->nodesetval = xmlXPathNodeSetCreate(NULL);
- if(xpathObj->nodesetval == NULL) {
- xmlXPathFreeObject(xpathObj);
+ xpathObj->nodesetval = xmlXPathNodeSetCreate(NULL);
+ if(xpathObj->nodesetval == NULL) {
+ xmlXPathFreeObject(xpathObj);
xmlSecXmlError2("xmlXPathNodeSetCreate", NULL,
"expr=%s", xmlSecErrorsSafeString(data->expr));
- return(NULL);
- }
+ return(NULL);
+ }
}
nodes = xmlSecNodeSetCreate(doc, xpathObj->nodesetval, data->nodeSetType);
if(nodes == NULL) {
- xmlSecInternalError2("xmlSecNodeSetCreate", NULL, "type=%d", data->nodeSetType);
+ xmlSecInternalError2("xmlSecNodeSetCreate", NULL,
+ "type=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(data->nodeSetType));
xmlXPathFreeObject(xpathObj);
return(NULL);
}
for(pos = 0; pos < xmlSecPtrListGetSize(dataList); ++pos) {
data = (xmlSecXPathDataPtr)xmlSecPtrListGetItem(dataList, pos);
if(data == NULL) {
- xmlSecInternalError2("xmlSecPtrListGetItem", NULL, "pos=%d", pos);
+ xmlSecInternalError2("xmlSecPtrListGetItem", NULL, "pos=" XMLSEC_SIZE_FMT, pos);
if((res != NULL) && (res != nodes)) {
xmlSecNodeSetDestroy(res);
}
tmp2 = xmlSecNodeSetAdd(res, tmp, data->nodeSetOp);
if(tmp2 == NULL) {
xmlSecInternalError2("xmlSecNodeSetAdd", NULL,
- "nodeSetOp=%d", (int)data->nodeSetOp);
+ "nodeSetOp=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(data->nodeSetOp));
if((res != NULL) && (res != nodes)) {
xmlSecNodeSetDestroy(res);
}
*
* XPath/XPointer transforms
*
- * xmlSecXPathDataList is located after xmlSecTransform structure
+ * xmlSecTransform + xmlSecXPathDataList
*
*****************************************************************************/
-#define xmlSecXPathTransformSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecPtrList))
-#define xmlSecXPathTransformGetDataList(transform) \
- ((xmlSecTransformCheckSize((transform), xmlSecXPathTransformSize)) ? \
- (xmlSecPtrListPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
- (xmlSecPtrListPtr)NULL)
+XMLSEC_TRANSFORM_DECLARE(XPath, xmlSecPtrList)
+#define xmlSecXPathSize XMLSEC_TRANSFORM_SIZE(XPath)
+
#define xmlSecTransformXPathCheckId(transform) \
(xmlSecTransformCheckId((transform), xmlSecTransformXPathId) || \
xmlSecTransformCheckId((transform), xmlSecTransformXPath2Id) || \
xmlSecAssert2(xmlSecTransformXPathCheckId(transform), -1);
- dataList = xmlSecXPathTransformGetDataList(transform);
+ dataList = xmlSecXPathGetCtx(transform);
xmlSecAssert2(dataList != NULL, -1);
ret = xmlSecPtrListInitialize(dataList, xmlSecXPathDataListId);
xmlSecAssert(xmlSecTransformXPathCheckId(transform));
- dataList = xmlSecXPathTransformGetDataList(transform);
+ dataList = xmlSecXPathGetCtx(transform);
xmlSecAssert(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId));
xmlSecPtrListFinalize(dataList);
xmlSecAssert2(last != 0, -1);
xmlSecAssert2(transformCtx != NULL, -1);
- dataList = xmlSecXPathTransformGetDataList(transform);
+ dataList = xmlSecXPathGetCtx(transform);
xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1);
xmlSecAssert2(xmlSecPtrListGetSize(dataList) > 0, -1);
static xmlSecTransformKlass xmlSecTransformXPathKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecXPathTransformSize, /* xmlSecSize objSize */
+ xmlSecXPathSize, /* xmlSecSize objSize */
xmlSecNameXPath, /* const xmlChar* name; */
xmlSecXPathNs, /* const xmlChar* href; */
return(&xmlSecTransformXPathKlass);
}
-static const char xpathPattern[] = "(//. | //@* | //namespace::*)[boolean(%s)]";
+#define XMLSEC_TRANSFORM_XPATH_TMPL "(//. | //@* | //namespace::*)[boolean(%s)]"
+
static int
xmlSecTransformXPathNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
xmlSecPtrListPtr dataList;
xmlSecXPathDataPtr data;
xmlNodePtr cur;
xmlChar* tmp;
- int tmpSize;
+ xmlSecSize tmpSize;
+ int tmpLen;
int ret;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXPathId), -1);
xmlSecAssert2(node != NULL, -1);
xmlSecAssert2(transformCtx != NULL, -1);
- dataList = xmlSecXPathTransformGetDataList(transform);
+ dataList = xmlSecXPathGetCtx(transform);
xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1);
xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1);
/* create full XPath expression */
xmlSecAssert2(data->expr != NULL, -1);
- tmpSize = xmlStrlen(data->expr) + xmlStrlen(BAD_CAST xpathPattern) + 1;
+ tmpLen = xmlStrlen(data->expr) + xmlStrlen(BAD_CAST XMLSEC_TRANSFORM_XPATH_TMPL) + 1;
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(tmpLen, tmpSize, return(-1), NULL);
+
tmp = (xmlChar*) xmlMalloc(sizeof(xmlChar) * tmpSize);
if(tmp == NULL) {
xmlSecMallocError(sizeof(xmlChar) * tmpSize,
xmlSecTransformGetName(transform));
return(-1);
}
- ret = xmlStrPrintf(tmp, tmpSize, xpathPattern, (char*)data->expr);
+ ret = xmlStrPrintf(tmp, tmpLen, XMLSEC_TRANSFORM_XPATH_TMPL, (char*)data->expr);
if(ret < 0) {
xmlSecXmlError("xmlStrPrintf", xmlSecTransformGetName(transform));
xmlFree(tmp);
static xmlSecTransformKlass xmlSecTransformXPath2Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecXPathTransformSize, /* xmlSecSize objSize */
+ xmlSecXPathSize, /* xmlSecSize objSize */
xmlSecNameXPath2, /* const xmlChar* name; */
xmlSecXPath2Ns, /* const xmlChar* href; */
xmlSecAssert2(node != NULL, -1);
xmlSecAssert2(transformCtx != NULL, -1);
- dataList = xmlSecXPathTransformGetDataList(transform);
+ dataList = xmlSecXPathGetCtx(transform);
xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1);
xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1);
static xmlSecTransformKlass xmlSecTransformXPointerKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecXPathTransformSize, /* xmlSecSize objSize */
+ xmlSecXPathSize, /* xmlSecSize objSize */
xmlSecNameXPointer, /* const xmlChar* name; */
xmlSecXPointerNs, /* const xmlChar* href; */
transform->hereNode = hereNode;
- dataList = xmlSecXPathTransformGetDataList(transform);
+ dataList = xmlSecXPathGetCtx(transform);
xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1);
xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1);
xmlSecAssert2(node != NULL, -1);
xmlSecAssert2(transformCtx != NULL, -1);
- dataList = xmlSecXPathTransformGetDataList(transform);
+ dataList = xmlSecXPathGetCtx(transform);
xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1);
xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1);
*
* Visa3DHack transform
*
+ * xmlSecTransform + xmlChar* (pointer to ID)
+ *
*****************************************************************************/
-#define xmlSecVisa3DHackTransformSize \
- (sizeof(xmlSecTransform) + sizeof(xmlChar*))
-#define xmlSecVisa3DHackTransformGetIDPtr(transform) \
- ((xmlSecTransformCheckSize((transform), xmlSecVisa3DHackTransformSize)) ? \
- (xmlChar**)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
- (xmlChar**)NULL)
+XMLSEC_TRANSFORM_DECLARE(Visa3DHack, xmlChar*)
+#define xmlSecVisa3DHackSize XMLSEC_TRANSFORM_SIZE(Visa3DHack)
+
#define xmlSecTransformVisa3DHackCheckId(transform) \
(xmlSecTransformCheckId((transform), xmlSecTransformVisa3DHackId))
static xmlSecTransformKlass xmlSecTransformVisa3DHackKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecVisa3DHackTransformSize, /* xmlSecSize objSize */
+ xmlSecVisa3DHackSize, /* xmlSecSize objSize */
BAD_CAST "Visa3DHackTransform", /* const xmlChar* name; */
NULL, /* const xmlChar* href; */
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformVisa3DHackId), -1);
xmlSecAssert2(id != NULL, -1);
- idPtr = xmlSecVisa3DHackTransformGetIDPtr(transform);
+ idPtr = xmlSecVisa3DHackGetCtx(transform);
xmlSecAssert2(idPtr != NULL, -1);
xmlSecAssert2((*idPtr) == NULL, -1);
xmlSecAssert(xmlSecTransformVisa3DHackCheckId(transform));
- idPtr = xmlSecVisa3DHackTransformGetIDPtr(transform);
+ idPtr = xmlSecVisa3DHackGetCtx(transform);
xmlSecAssert(idPtr != NULL);
if((*idPtr) != NULL) {
xmlSecAssert2(last != 0, -1);
xmlSecAssert2(transformCtx != NULL, -1);
- idPtr = xmlSecVisa3DHackTransformGetIDPtr(transform);
+ idPtr = xmlSecVisa3DHackGetCtx(transform);
xmlSecAssert2(idPtr != NULL, -1);
xmlSecAssert2((*idPtr) != NULL, -1);
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
/**
* SECTION:xslt
#include <xmlsec/keys.h>
#include <xmlsec/parser.h>
#include <xmlsec/errors.h>
-#include <xmlsec/private/xslt.h>
+#include "xslt.h"
+
+#include "cast_helpers.h"
/**************************************************************************
*
*
* XSLT transform
*
- * xmlSecXsltCtx is located after xmlSecTransform
+ * xmlSecTransform + xmlSecXsltCtx
*
***************************************************************************/
-#define xmlSecXsltSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecXsltCtx))
-#define xmlSecXsltGetCtx(transform) \
- ((xmlSecXsltCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+XMLSEC_TRANSFORM_DECLARE(Xslt, xmlSecXsltCtx)
+#define xmlSecXsltSize XMLSEC_TRANSFORM_SIZE(Xslt)
static int xmlSecXsltInitialize (xmlSecTransformPtr transform);
static void xmlSecXsltFinalize (xmlSecTransformPtr transform);
xmlSecBufferPtr out);
static xmlDocPtr xmlSecXsApplyStylesheet (xmlSecXsltCtxPtr ctx,
xmlDocPtr doc);
-
+
static xmlSecTransformKlass xmlSecXsltKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
* xmlSecTransformXsltSetDefaultSecurityPrefs:
* @sec: the new security preferences
*
- * Sets the new default security preferences. The xmlsec default security policy is
+ * Sets the new default security preferences. The xmlsec default security policy is
* to disable everything.
*/
-XMLSEC_EXPORT void
+void
xmlSecTransformXsltSetDefaultSecurityPrefs(xsltSecurityPrefsPtr sec) {
xmlSecAssert(sec != NULL);
xmlSecAssert(g_xslt_default_security_prefs != NULL);
-
+
/* copy prefs */
XMLSEC_XSLT_COPY_SEC_PREF(sec, g_xslt_default_security_prefs, XSLT_SECPREF_READ_FILE);
XMLSEC_XSLT_COPY_SEC_PREF(sec, g_xslt_default_security_prefs, XSLT_SECPREF_WRITE_FILE);
/* initialize context */
memset(ctx, 0, sizeof(xmlSecXsltCtx));
-
+
/* done */
return(0);
}
if(ctx->parserCtx != NULL) {
if(ctx->parserCtx->myDoc != NULL) {
xmlFreeDoc(ctx->parserCtx->myDoc);
- ctx->parserCtx->myDoc = NULL;
+ ctx->parserCtx->myDoc = NULL;
}
xmlFreeParserCtxt(ctx->parserCtx);
}
static int
xmlSecXsltReadNode(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
xmlSecXsltCtxPtr ctx;
- xmlBufferPtr buffer;
- xmlDocPtr doc;
+ xmlBufferPtr buffer = NULL;
+ xmlDocPtr doc = NULL;
xmlNodePtr cur;
+ const xmlChar* buf;
+ xmlSecSize bufSize;
+ int bufLen;
+ int res = -1;
xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXsltId), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecXsltSize), -1);
buffer = xmlBufferCreate();
if(buffer == NULL) {
xmlSecXmlError("xmlBufferCreate", xmlSecTransformGetName(transform));
- return(-1);
+ goto done;
}
cur = node->children;
while(cur != NULL) {
}
/* parse the buffer */
- doc = xmlSecParseMemory(xmlBufferContent(buffer),
- xmlBufferLength(buffer), 1);
+ buf = xmlBufferContent(buffer);
+ bufLen = xmlBufferLength(buffer);
+ XMLSEC_SAFE_CAST_INT_TO_SIZE(bufLen, bufSize, goto done, xmlSecTransformGetName(transform));
+ doc = xmlSecParseMemory(buf, bufSize, 1);
if(doc == NULL) {
xmlSecInternalError("xmlSecParseMemory",
xmlSecTransformGetName(transform));
- xmlBufferFree(buffer);
- return(-1);
+ goto done;
}
/* pre-process stylesheet */
if(ctx->xslt == NULL) {
xmlSecXsltError("xsltParseStylesheetDoc", NULL, xmlSecTransformGetName(transform));
- /* after parsing stylesheet doc is assigned
- * to it and will be freed by xsltFreeStylesheet() */
+ goto done;
+ }
+ doc = NULL; /* owned by ctx->xslt and will be freed by xsltFreeStylesheet() */
+
+ /* success */
+ res = 0;
+
+done:
+ if(doc != NULL) {
xmlFreeDoc(doc);
+ }
+ if(buffer != NULL) {
xmlBufferFree(buffer);
- return(-1);
}
-
- xmlBufferFree(buffer);
- return(0);
+ return(res);
}
static int
xmlSecXsltPushBin(xmlSecTransformPtr transform, const xmlSecByte* data,
- xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
+ xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
xmlSecXsltCtxPtr ctx;
int ret;
xmlSecXmlError("xmlCreatePushParserCtxt", xmlSecTransformGetName(transform));
return(-1);
}
-
- /* required for c14n! */
- ctx->parserCtx->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
- ctx->parserCtx->replaceEntities = 1;
+ xmlSecParsePrepareCtxt(ctx->parserCtx);
transform->status = xmlSecTransformStatusWorking;
} else if(transform->status == xmlSecTransformStatusFinished) {
/* push data to the input buffer */
if((data != NULL) && (dataSize > 0)) {
- ret = xmlParseChunk(ctx->parserCtx, (const char*)data, dataSize, 0);
- if(ret != 0) {
- xmlSecXmlParserError2("xmlParseChunk", ctx->parserCtx,
- xmlSecTransformGetName(transform),
- "size=%d", dataSize);
+ int dataLen;
+ XMLSEC_SAFE_CAST_SIZE_TO_INT(dataSize, dataLen, return(-1), xmlSecTransformGetName(transform));
+ ret = xmlParseChunk(ctx->parserCtx, (const char*)data, dataLen, 0);
+ if(ret != 0) {
+ xmlSecXmlParserError2("xmlParseChunk", ctx->parserCtx, xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, dataSize);
return(-1);
}
}
/* finalize */
ret = xmlParseChunk(ctx->parserCtx, NULL, 0, 1);
if((ret != 0) || (ctx->parserCtx->myDoc == NULL)) {
- xmlSecXmlParserError("xmlParseChunk", ctx->parserCtx,
- xmlSecTransformGetName(transform));
+ xmlSecXmlParserError("xmlParseChunk", ctx->parserCtx, xmlSecTransformGetName(transform));
return(-1);
}
docOut = xmlSecXsApplyStylesheet(ctx, docIn);
if(docOut == NULL) {
- xmlSecInternalError("xmlSecXsApplyStylesheet",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecXsApplyStylesheet", xmlSecTransformGetName(transform));
xmlFreeDoc(docIn);
return(-1);
}
if(transform->next != NULL) {
output = xmlSecTransformCreateOutputBuffer(transform->next, transformCtx);
if(output == NULL) {
- xmlSecInternalError("xmlSecTransformCreateOutputBuffer",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecTransformCreateOutputBuffer", xmlSecTransformGetName(transform));
xmlFreeDoc(docOut);
return(-1);
}
} else {
output = xmlSecBufferCreateOutputBuffer(&(transform->outBuf));
if(output == NULL) {
- xmlSecInternalError("xmlSecBufferCreateOutputBuffer",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecBufferCreateOutputBuffer", xmlSecTransformGetName(transform));
xmlFreeDoc(docOut);
return(-1);
}
ret = xsltSaveResultTo(output, docOut, ctx->xslt);
if(ret < 0) {
xmlSecXsltError("xsltParseStylesheetDoc", ctx->xslt, xmlSecTransformGetName(transform));
- xmlOutputBufferClose(output);
+ (void)xmlOutputBufferClose(output);
xmlFreeDoc(docOut);
return(-1);
}
ret = xmlSecXslProcess(ctx, in, out);
if(ret < 0) {
- xmlSecInternalError("xmlSecXslProcess",
- xmlSecTransformGetName(transform));
+ xmlSecInternalError("xmlSecXslProcess", xmlSecTransformGetName(transform));
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
- xmlSecInternalError2("xmlSecBufferRemoveHead",
- xmlSecTransformGetName(transform),
- "size=%d", inSize);
+ xmlSecInternalError2("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform),
+ "size=" XMLSEC_SIZE_FMT, inSize);
return(-1);
}
done:
if(output != NULL) {
- xmlOutputBufferClose(output);
+ (void)xmlOutputBufferClose(output);
}
if(docIn != NULL) {
xmlFreeDoc(docIn);
xsltTransformContextPtr xsltCtx = NULL;
xmlDocPtr res = NULL;
int ret;
-
+
xmlSecAssert2(ctx != NULL, NULL);
xmlSecAssert2(ctx->xslt != NULL, NULL);
xmlSecAssert2(doc != NULL, NULL);
xmlSecXsltError("xsltApplyStylesheetUser", ctx->xslt, NULL);
goto done;
}
-
+
done:
if(xsltCtx != NULL) {
xsltFreeTransformContext(xsltCtx);
}
- return res;
+ return res;
}
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-20
16 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ * Copyright (C) 2002-20
22 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_PRIVATE_XSLT_H__
#define __XMLSEC_PRIVATE_XSLT_H__
+++ /dev/null
-Running a specific test
-----------------------------------------------
-
-If a test fails, it's possible to re-run just that specific test for that
-specific backend using:
-
-> make check-crypto-$backend XMLSEC_TEST_NAME="$name"
-
-where $name is the key name for key tests, and a file name otherwise.
-
-Example:
-
-> make check-crypto-nss XMLSEC_TEST_NAME="enveloping-sha256-rsa-sha256-relationship"
-
-Reproducible output
-----------------------------------------------
-
-It is also possible to have reproducible output, filtering out timestamps. This
-is useful to see the output before and after a change to understand its impact.
-
-Example:
-
-> make check-crypto-nss XMLSEC_TEST_REPRODUCIBLE=y
--- /dev/null
+# XMLSec Library: Unit Tests
+
+## Running a specific test
+
+If a test fails, it's possible to re-run just that specific test for that
+specific backend using:
+
+```
+make check-crypto-$backend XMLSEC_TEST_NAME="$name"
+```
+
+where `$name` is the key name for key tests, and a file name otherwise.
+
+Example:
+
+```
+make check-crypto-nss XMLSEC_TEST_NAME="enveloping-sha256-rsa-sha256-relationship"
+```
+
+## Reproducible output
+
+It is also possible to have reproducible output, filtering out timestamps. This
+is useful to see the output before and after a change to understand its impact.
+
+Example:
+
+```
+make check-crypto-nss XMLSEC_TEST_REPRODUCIBLE=y
+```
<?xml version="1.0" encoding="UTF-8"?>
-<!--
-XML Security Library example: Simple signature template file for sign1 example.
--->
<Envelope xmlns="urn:envelope">
<Data>
Hello, World!
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<Envelope xmlns="urn:envelope">
+ <Data>
+ Hello, World!
+ </Data>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-256"/>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">not(ancestor-or-self::dsig:Signature)</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-256"/>
+ <DigestValue></DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue/>
+ <KeyInfo>
+ <X509Data>
+ </X509Data>
+ </KeyInfo>
+ </Signature>
+</Envelope>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<Envelope xmlns="urn:envelope">
+ <Data>
+ Hello, World!
+ </Data>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-512"/>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">not(ancestor-or-self::dsig:Signature)</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-512"/>
+ <DigestValue></DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue/>
+ <KeyInfo>
+ <X509Data>
+ </X509Data>
+ </KeyInfo>
+ </Signature>
+</Envelope>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+XML Security Library example: Simple signature template file for sign1 example.
+-->
+<Envelope xmlns="urn:envelope">
+ <Data>
+ Hello, World!
+ </Data>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">not(ancestor-or-self::dsig:Signature)</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <DigestValue></DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue/>
+ <KeyInfo>
+ <X509Data>
+ <X509IssuerSerial/>
+ </X509Data>
+ </KeyInfo>
+ </Signature>
+</Envelope>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+XML Security Library example: Simple signature template file for sign1 example.
+-->
+<Envelope xmlns="urn:envelope">
+ <Data>
+ Hello, World!
+ </Data>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">not(ancestor-or-self::dsig:Signature)</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <DigestValue>j12SN+LRqX4RricEwl5iEpjyand0nCMO8T5dNYR5P661F2ZrUS5wSbyMdu826KrG
+IQbvvjmkI+9+QmCrcJyXXA==</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>oSQazmnGpiLXxuDQXrhB5w4qz2QMUPT9LPbQ4+UqhxFYdGxhRRe4/ITwjZ6XG32h
+/5wcrScI0dUGfklofgPuDSuxa3A9ueXRahOtN3hUL1gDTRGxhPW+EAOzqBGb/9Yc
+zSG4Y7jo4LDA9ebWYQhRMpYsXRPQqh2/JSqHtAo/GQvTi3hcIZ3NbjPjCaScW6Gq
+rDSvFLRnWUAl8CimYRs3D4QdzvqrMDxVnsamDsUAn8oroMBtbC3m8ELvElgZ0xq9
+qv17kqc5P5d0Xl18tNvlx/wKPpAcAcPrAmUkb+oWpCycFSc68aLws6VJj3rCZV6U
+4QMQHcW6zFQfbG5/wPchJIBlxx2FdJu7RMeGbx7pwLIsEkU6RcKRniVcxVNKhIbD
+7owZxRPJ7LP/PnQ6v9zSZmvz1+f5sNG7GIqGDde2iWlg67AtmtMaW0KIAMGoOA1t
+O+RHySxxB/5uss4ANlJZF1Ehm0Zgo7S11D00Vq24aCjMEz9FRSkhq0X4kW1a2BjX
+o1rJBk7cQOFfSqmUblPEh41SrYtrSkqUNNiSQwI2XfhTAKwUn4c7HBDpagWOorFr
+k8QSLUdcYlYLcDM6YRIeDIqXv2ieV5t/m+Na0B37Ef5GH27bBshAETsON05wYlaq
+ZmudHZxyIKRkwdo3341b8p8rQEE9tcnUOzgbqs0qmZQ=</SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509IssuerSerial>
+<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Root CA,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName>
+<X509SerialNumber>12655831530416757421</X509SerialNumber>
+</X509IssuerSerial>
+<X509IssuerSerial>
+<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Root CA,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName>
+<X509SerialNumber>12655831530416757420</X509SerialNumber>
+</X509IssuerSerial>
+<X509IssuerSerial>
+<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName>
+<X509SerialNumber>12655831530416757424</X509SerialNumber>
+</X509IssuerSerial>
+ </X509Data>
+ </KeyInfo>
+ </Signature>
+</Envelope>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+XML Security Library example: Simple signature template file for sign1 example.
+-->
+<Envelope xmlns="urn:envelope">
+ <Data>
+ Hello, World!
+ </Data>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">not(ancestor-or-self::dsig:Signature)</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <DigestValue></DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue/>
+ <KeyInfo>
+ <X509Data>
+ <X509SKI/>
+ </X509Data>
+ </KeyInfo>
+ </Signature>
+</Envelope>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+XML Security Library example: Simple signature template file for sign1 example.
+-->
+<Envelope xmlns="urn:envelope">
+ <Data>
+ Hello, World!
+ </Data>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">not(ancestor-or-self::dsig:Signature)</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <DigestValue>j12SN+LRqX4RricEwl5iEpjyand0nCMO8T5dNYR5P661F2ZrUS5wSbyMdu826KrG
+IQbvvjmkI+9+QmCrcJyXXA==</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>oSQazmnGpiLXxuDQXrhB5w4qz2QMUPT9LPbQ4+UqhxFYdGxhRRe4/ITwjZ6XG32h
+/5wcrScI0dUGfklofgPuDSuxa3A9ueXRahOtN3hUL1gDTRGxhPW+EAOzqBGb/9Yc
+zSG4Y7jo4LDA9ebWYQhRMpYsXRPQqh2/JSqHtAo/GQvTi3hcIZ3NbjPjCaScW6Gq
+rDSvFLRnWUAl8CimYRs3D4QdzvqrMDxVnsamDsUAn8oroMBtbC3m8ELvElgZ0xq9
+qv17kqc5P5d0Xl18tNvlx/wKPpAcAcPrAmUkb+oWpCycFSc68aLws6VJj3rCZV6U
+4QMQHcW6zFQfbG5/wPchJIBlxx2FdJu7RMeGbx7pwLIsEkU6RcKRniVcxVNKhIbD
+7owZxRPJ7LP/PnQ6v9zSZmvz1+f5sNG7GIqGDde2iWlg67AtmtMaW0KIAMGoOA1t
+O+RHySxxB/5uss4ANlJZF1Ehm0Zgo7S11D00Vq24aCjMEz9FRSkhq0X4kW1a2BjX
+o1rJBk7cQOFfSqmUblPEh41SrYtrSkqUNNiSQwI2XfhTAKwUn4c7HBDpagWOorFr
+k8QSLUdcYlYLcDM6YRIeDIqXv2ieV5t/m+Na0B37Ef5GH27bBshAETsON05wYlaq
+ZmudHZxyIKRkwdo3341b8p8rQEE9tcnUOzgbqs0qmZQ=</SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509SKI>/uTsUyTwlZXHELXhRLVdOWVa434=
+</X509SKI>
+<X509SKI>BrWkrKeqdUTqFZxP3wWDT2oe/gs=
+</X509SKI>
+<X509SKI>kDU2EVL5AGX8cedzsJHtCxmExig=
+</X509SKI>
+ </X509Data>
+ </KeyInfo>
+ </Signature>
+</Envelope>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+XML Security Library example: Simple signature template file for sign1 example.
+-->
+<Envelope xmlns="urn:envelope">
+ <Data>
+ Hello, World!
+ </Data>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">not(ancestor-or-self::dsig:Signature)</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <DigestValue></DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue/>
+ <KeyInfo>
+ <X509Data>
+ <X509SubjectName/>
+ </X509Data>
+ </KeyInfo>
+ </Signature>
+</Envelope>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+XML Security Library example: Simple signature template file for sign1 example.
+-->
+<Envelope xmlns="urn:envelope">
+ <Data>
+ Hello, World!
+ </Data>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">not(ancestor-or-self::dsig:Signature)</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <DigestValue>j12SN+LRqX4RricEwl5iEpjyand0nCMO8T5dNYR5P661F2ZrUS5wSbyMdu826KrG
+IQbvvjmkI+9+QmCrcJyXXA==</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>oSQazmnGpiLXxuDQXrhB5w4qz2QMUPT9LPbQ4+UqhxFYdGxhRRe4/ITwjZ6XG32h
+/5wcrScI0dUGfklofgPuDSuxa3A9ueXRahOtN3hUL1gDTRGxhPW+EAOzqBGb/9Yc
+zSG4Y7jo4LDA9ebWYQhRMpYsXRPQqh2/JSqHtAo/GQvTi3hcIZ3NbjPjCaScW6Gq
+rDSvFLRnWUAl8CimYRs3D4QdzvqrMDxVnsamDsUAn8oroMBtbC3m8ELvElgZ0xq9
+qv17kqc5P5d0Xl18tNvlx/wKPpAcAcPrAmUkb+oWpCycFSc68aLws6VJj3rCZV6U
+4QMQHcW6zFQfbG5/wPchJIBlxx2FdJu7RMeGbx7pwLIsEkU6RcKRniVcxVNKhIbD
+7owZxRPJ7LP/PnQ6v9zSZmvz1+f5sNG7GIqGDde2iWlg67AtmtMaW0KIAMGoOA1t
+O+RHySxxB/5uss4ANlJZF1Ehm0Zgo7S11D00Vq24aCjMEz9FRSkhq0X4kW1a2BjX
+o1rJBk7cQOFfSqmUblPEh41SrYtrSkqUNNiSQwI2XfhTAKwUn4c7HBDpagWOorFr
+k8QSLUdcYlYLcDM6YRIeDIqXv2ieV5t/m+Na0B37Ef5GH27bBshAETsON05wYlaq
+ZmudHZxyIKRkwdo3341b8p8rQEE9tcnUOzgbqs0qmZQ=</SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName>
+<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Root CA,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName>
+<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Large RSA Key,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName>
+ </X509Data>
+ </KeyInfo>
+ </Signature>
+</Envelope>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE test [
+<!ATTLIST Test Id ID #IMPLIED>
+]>
+<Test Id="Test">
+test
+</Test>
--- /dev/null
+<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
+<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"> </EncryptionMethod>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>key1</KeyName>
+<X509Data>
+<X509Certificate/>
+</X509Data>
+</KeyInfo>
+<CipherData>
+<CipherValue/>
+</CipherData>
+</EncryptedKey>
+<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"> </EncryptionMethod>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>key2</KeyName>
+<X509Data>
+<X509Certificate/>
+</X509Data>
+</KeyInfo>
+<CipherData>
+<CipherValue/>
+</CipherData>
+</EncryptedKey>
+</KeyInfo>
+<CipherData>
+<CipherValue/>
+</CipherData>
+</EncryptedData>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE test [
+<!ATTLIST Test Id ID #IMPLIED>
+]>
+<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
+<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"> </EncryptionMethod>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>key1</KeyName>
+<X509Data>
+<X509Certificate>MIID9zCCA2CgAwIBAgIJAK+ii7kzrdqsMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEQMA4G
+A1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3
+DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMCAXDTE0MDUyMzE3NTA1OVoYDzIxMTQw
+NDI5MTc1MDU5WjCBrjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEx
+PTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtz
+ZXkuY29tL3htbHNlYykxEDAOBgNVBAsTB1Jvb3QgQ0ExFjAUBgNVBAMTDUFsZWtz
+ZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtY4MCNj/qrOzVuex1BD/PuCYTDDOLLVj
+tpKXQteQPqy0kgMwuQgRwdNnICIHQbnFKL40XoyACJVWKM7b0LkvWJNeyVzXPqEE
+9ZPmNxWGUjVcr7powT7v8V7S2QflUnr8ZvR4XWwkZJ9EYKNhenijgJ5yYDrXCWdv
+C+fnjBjv2LcCAwEAAaOCARcwggETMB0GA1UdDgQWBBQGtaSsp6p1ROoVnE/fBYNP
+ah7+CzCB4wYDVR0jBIHbMIHYgBQGtaSsp6p1ROoVnE/fBYNPah7+C6GBtKSBsTCB
+rjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhN
+TCBTZWN1cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNl
+YykxEDAOBgNVBAsTB1Jvb3QgQ0ExFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAf
+BgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbYIJAK+ii7kzrdqsMAwGA1Ud
+EwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEARpb86RP/ck55X+NunXeIX81i763b
+j7Z1VJwFbA/QfupzxnqJ2IP/lxC8YxJ3Bp2IJMI7rC9r0poa41ZxI5rGHip97Dpg
+sxPF9lkRUmKBBQjkICOq1w/4d2DRInBoqXttD+0WsqDfNDVK+7kSE07ytn3RzHCj
+j0gv0PdxmuCsR/E=
+</X509Certificate>
+</X509Data>
+</KeyInfo>
+<CipherData>
+<CipherValue>OWIZitDwtQp3dvJ2NP2bgQaaiW+Z0vwyh8ajaw7nuwlqQugrbugy9upogbKMpOrz
+XFLfdzfQ5EfRBr2MaPvMkft2wBWfYOS437RNrKdd/MZxZjSPoFRAMBz4F6cVjDx5
+L3/I/3usuqoyYLNtjQTxcIt+sdtNMZnAyVxz/08vEGg=</CipherValue>
+</CipherData>
+</EncryptedKey>
+<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"> </EncryptionMethod>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>key2</KeyName>
+<X509Data>
+<X509Certificate>MIIDzzCCAzigAwIBAgIJAK+ii7kzrdqtMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEQMA4G
+A1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3
+DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMCAXDTE0MDUyMzE3NTIzOFoYDzIxMTQw
+NDI5MTc1MjM4WjCBnDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEx
+PTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtz
+ZXkuY29tL3htbHNlYykxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAfBgkqhkiG
+9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
+QQCyuvKJ2CuUPD33ghPt4Q8MilesHxVbbpyKfmabrYVpDGVDmOKKp337qJUZZ95K
+fwlXbR2j0zyKWJmvRxUx+PsTAgMBAAGjggFFMIIBQTAMBgNVHRMEBTADAQH/MCwG
+CWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNV
+HQ4EFgQU/uTsUyTwlZXHELXhRLVdOWVa434wgeMGA1UdIwSB2zCB2IAUBrWkrKeq
+dUTqFZxP3wWDT2oe/guhgbSkgbEwga4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpD
+YWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwgU2VjdXJpdHkgTGlicmFyeSAoaHR0cDov
+L3d3dy5hbGVrc2V5LmNvbS94bWxzZWMpMRAwDgYDVQQLEwdSb290IENBMRYwFAYD
+VQQDEw1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3Nl
+eS5jb22CCQCvoou5M63arDANBgkqhkiG9w0BAQUFAAOBgQBuTAW63AgWqqUDPGi8
+BiXbdKHhFP4J8qgkdv5WMa6SpSWVgNgOYXkK/BSg1aSmQtGv8/8UvBRPoJnO4y0N
+jWUFf1ubOgUNmedYNLq7YbTp8yTGWeogCyM2xdWELMP8BMgQL0sP+MDAFMKO3itY
+mEWnCEsP15HKSTms54RNj7oJ+A==
+</X509Certificate>
+</X509Data>
+</KeyInfo>
+<CipherData>
+<CipherValue>fDxlxg+iGPUl78ourojHao8/BcxY+A2IQXVghY/OqeQUUD9eT55jrGxgw5UEADoq
+ZD8I/KolksaZ1414NyOIIw==</CipherValue>
+</CipherData>
+</EncryptedKey>
+</KeyInfo>
+<CipherData>
+<CipherValue>ORyr/Fi6TMsMMfEWeDy9iPGl43zoKJLbTTukFwOqtfBi0nSdsMkGkmpQAs3a1PsG</CipherValue>
+</CipherData>
+</EncryptedData>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<note>
+ <to>Tove</to>
+ <from>Jani</from>
+ <heading>Reminder</heading>
+ <body>Don't forget me this weekend!</body>
+</note>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>pub1</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue/>
+ </CipherData>
+ </EncryptedKey>
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>pub2</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue/>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue/>
+ </CipherData>
+</EncryptedData>
+
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>pub1</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>T6kbZNTA14Fn7L6Amt6ryIULW7RazQtKWRo+TpXNqtuHQHNwz9mpg+r5YablgxAN
+KA4LRLMQjAwjxaKIWpgsfg==</CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>pub2</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>HPUbu+U/kjtKQzpSzFiVcNAdRsfu3CztlUJ/DZQnLdtZRkdy9dhR14pF3RPc18Z5
+1mYDpD0H8+rb9lRAC2j9I9X2dZfQj+Lm4hRvXuVwD9TL082IllRPWq4LAJ/cg4PL
+PyPFGH8kpSX6E2aJFkNwWh13f1aZLhwG/Jc0+1NxaU+OZh79ueSQbNp0V4FxEasa
+tBG6k/Y3k2ga5uQ96DTx7EdD5dLTSVpyrsnUjmtc3XwLdLQPrBmQY2GJok1kN5Wr
+r0bRnazhK4cUaqcxTw/QJ9Oxghc8sWDo1ES4ftC4gp19YqrCdkUqTcDRT+TcEKtR
+celmM1mXuQJUwOYqdO/8N2YPozGwXKDrcGIhiJdOpppiXcbShQjTUAAwkSfhjwl1
+A4PZ8JLjozZ1IS+kQ4+7r3KkZwVNbuD3ac/X0+vyAtwY7/yeRk+E2qadKnJc4Jak
+6/MwRXJ8PjMbGBJnraFpSyQ58yWvAqUvVecZV4PrJkQ2JoSaUkFHaInKe8LDDYus
+BA+bYGvudb7O/WK4EnsJNFT8faHuvmPkOH4skR6fbLnlV3cg1JFuvkenlqQfvqNN
++xOdigxWSt0fBN+tCmVOfXY/MOSKLmx8PLgUT/rLIM4ang0NDMK+uIcPkdfoz7bs
+gXihxtcmXtYgbRhwTQ19oYGcAlkQH8fueyM29aPSSGM=</CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>xRu54xo+Q/yA9sRkWg4eczD7t8BVonhhz+6l1JKJxnGo1GZPjo7oFepeKRIxoHMa
+weH+Epukhp1XX0NMilWSJndQDAk28YPUOaxZ8LDwHa547tm1tEZCN1RFsj+ler//
+sqAhHzvaP59y8OavMD6VoKeNpR9rPre7rhlxobCaERlc+lde7y71qg==</CipherValue>
+ </CipherData>
+</EncryptedData>
+++ /dev/null
-README
-
-0. Passwords
- For all files the password is "secret".
-
-1. Files list
-
- cakey.pem Root CA private key
- cacert.pem Root CA for cakey.pem
- ca2key.pem RSA private key
- ca2cert.pem Second-level RSA cert for ca2key.pem
- dsakey.pem DSA private key
- dsacert.pem Third level DSA cert for dsakey.pem
- dsa2048key.pem DSA private key (2048 bits)
- dsa3072key.pem DSA private key (3072 bits)
- rsakey.pem RSA private key
- rsacert.pem Third level RSA cert for rsacert.pem
- hmackey.bin HMAC key ('secret')
- expired.key key for expired cert
- expired.crt expired certificate
- rsa2key.pem RSA private key
- rsa2cert.pem Self signed RSA certificate with negative serial number
-
-2. How certificates were generated:
-
- A. Create new CA
- - Change DAYS and CADAYS in CA.pl to 3650 (10 years)
- > export SSLEAY_CONFIG="-config ./openssl.cnf"
- > CA.pl -newca
- > cp ./demoCA/cacert.pem .
- > cp ./demoCA/private/cakey.pem .
- > openssl x509 -text -in cacert.pem
-
- B. Generate RSA key and second level CA
- > openssl genrsa -out ca2key.pem
- > openssl req -config ./openssl.cnf -new -key ca2key.pem -out ca2req.pem
- > openssl ca -config ./openssl.cnf -cert cacert.pem -keyfile cakey.pem \
- -out ca2cert.pem -infiles ca2req.pem
- > openssl verify -CAfile cacert.pem ca2cert.pem
-
- C. Generate and sign DSA key with second level CA
- > openssl dsaparam -out dsakey.pem -genkey 1024
- > openssl req -config ./openssl.cnf -new -key dsakey.pem -out dsareq.pem
- > openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
- -out dsacert.pem -infiles dsareq.pem
- > openssl verify -CAfile cacert.pem -untrusted ca2cert.pem dsacert.pem
-
- > openssl dsaparam -out dsa2048key.pem -genkey 2048
- > openssl req -config ./openssl.cnf -new -key dsa2048key.pem -out dsa2048req.pem
- > openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
- -out dsa2048cert.pem -infiles dsa2048req.pem
- > openssl verify -CAfile cacert.pem -untrusted ca2cert.pem dsa2048cert.pem
-
- > openssl dsaparam -out dsa3072key.pem -genkey 3072
- > openssl req -config ./openssl.cnf -new -key dsa3072key.pem -out dsa3072req.pem
- > openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
- -out dsa3072cert.pem -infiles dsa3072req.pem
- > openssl verify -CAfile cacert.pem -untrusted ca2cert.pem dsa3072cert.pem
-
- D. Generate and sign RSA key with second level CA
- > openssl genrsa -out rsakey.pem
- > openssl req -config ./openssl.cnf -new -key rsakey.pem -out rsareq.pem
- > openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
- -out rsacert.pem -infiles rsareq.pem
- > openssl verify -CAfile cacert.pem -untrusted ca2cert.pem rsacert.pem
-
- E. Generate and sign large RSA key with second level CA
- > openssl genrsa -out largersakey.pem 4096
- > openssl req -config ./openssl.cnf -new -key largersakey.pem -out largersareq.pem
- > openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
- -out largersacert.pem -infiles largersareq.pem
- > openssl verify -CAfile cacert.pem -untrusted ca2cert.pem largersacert.pem
-
- F. Generate and sign short-live RSA cert for "expired cert" test
- > openssl genrsa -out expiredkey.pem
- > openssl req -config ./openssl.cnf -new -days 1 -key expiredkey.pem \
- -out expiredreq.pem
- > openssl ca -config ./openssl.cnf -days 1 -cert ca2cert.pem \
- -keyfile ca2key.pem -out expiredcert.pem -infiles expiredreq.pem
- > openssl verify -CAfile cacert.pem -untrusted ca2cert.pem expiredcert.pem
-
- G. Generate ECDSA key with second level CA
- > openssl ecparam -list_curves
- > openssl ecparam -name secp256r1 -genkey -noout -out ecdsa-secp256r1-key.pem
- Here use 'ECDSA secp256r1 Key' for Common Name:
- > openssl req -config ./openssl.cnf -new -key ecdsa-secp256r1-key.pem -out ecdsa-secp256r1-req.pem
- > openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
- -out ecdsa-secp256r1-cert.pem -infiles ecdsa-secp256r1-req.pem
- > openssl verify -CAfile cacert.pem -untrusted ca2cert.pem ecdsa-secp256r1-cert.pem
- > rm ecdsa-secp256r1-req.pem
-
-3. Converting key and certs between PEM and DER formats
-
- - Convert PEM private key file to DER file
- RSA keys:
- > openssl rsa -inform PEM -outform DER -in rsakey.pem -out rsakey.der
- > openssl rsa -inform PEM -outform DER -in largersakey.pem -out largersakey.der
- > openssl rsa -inform PEM -outform DER -in expiredkey.pem -out expiredkey.der
- DSA keys:
- > openssl dsa -inform PEM -outform DER -in dsakey.pem -out dsakey.der
- > openssl dsa -inform PEM -outform DER -in dsa2048key.pem -out dsa2048key.der
- > openssl dsa -inform PEM -outform DER -in dsa3072key.pem -out dsa3072key.der
-
- ECDSA keys:
- > openssl ec -inform PEM -outform DER -in ecdsa-secp256r1-key.pem -out ecdsa-secp256r1-key.der
-
- - Convert PEM cert file to DER file
- > openssl x509 -outform DER -in cacert.pem -out cacert.der
- > openssl x509 -outform DER -in ca2cert.pem -out ca2cert.der
- > openssl x509 -outform DER -in dsacert.pem -out dsacert.der
- > openssl x509 -outform DER -in dsa2048cert.pem -out dsa2048cert.der
- > openssl x509 -outform DER -in dsa3072cert.pem -out dsa3072cert.der
- > openssl x509 -outform DER -in rsacert.pem -out rsacert.der
- > openssl x509 -outform DER -in largersacert.pem -out largersacert.der
- > openssl x509 -outform DER -in expiredcert.pem -out expiredcert.der
- > openssl x509 -outform DER -in ecdsa-secp256r1-cert.pem -out ecdsa-secp256r1-cert.der
-
- - (optional) Convert PEM public key file to DER file
- RSA key:
- > openssl rsa -inform PEM -outform DER -pubin -pubout -in lugh.key -out lugh.der
- DSA key:
- > openssl dsa -inform PEM -outform DER -pubin -pubout -in lugh.key -out lugh.der
-
- If you aren't sure if the public key is RSA or DSA, just run one of
- the above commands, and the error messaging will make it clear :)
-
- - (optional) Convert DER cert file to PEM file
- > openssl x509 -inform DER -outform PEM -in ca2cert.der -out ca2cert.pem
-
-4. Converting an unencrypted PEM or DER file containing a private key
- to an encrypted PEM or DER file containing the same private key but
- encrypted (the tests password is secret123):
- > openssl pkcs8 -in dsakey.pem -inform pem -out dsakey.p8-pem -outform pem -topk8
- > openssl pkcs8 -in dsakey.der -inform der -out dsakey.p8-der -outform der -topk8
- > openssl pkcs8 -in dsa2048key.pem -inform pem -out dsa2048key.p8-pem -outform pem -topk8
- > openssl pkcs8 -in dsa2048key.der -inform der -out dsa2048key.p8-der -outform der -topk8
- > openssl pkcs8 -in dsa3072key.pem -inform pem -out dsa3072key.p8-pem -outform pem -topk8
- > openssl pkcs8 -in dsa3072key.der -inform der -out dsa3072key.p8-der -outform der -topk8
- > openssl pkcs8 -in rsakey.pem -inform pem -out rsakey.p8-pem -outform pem -topk8
- > openssl pkcs8 -in rsakey.der -inform der -out rsakey.p8-der -outform der -topk8
- > openssl pkcs8 -in largersakey.pem -inform pem -out largersakey.p8-pem \
- -outform pem -topk8
- > openssl pkcs8 -in largersakey.der -inform der -out largersakey.p8-der \
- -outform der -topk8
- > openssl pkcs8 -in ecdsa-secp256r1-key.der -inform der -out ecdsa-secp256r1-key.p8-der \
- -outform der -topk8
-
-5. NSS is unfriendly towards standalone private keys.
- This procedure helps convert raw private keys into PKCS12 form that is
- suitable for not only NSS but all crypto engines (the tests password is secret123):
-
- > cat dsakey.pem dsacert.pem ca2cert.pem cacert.pem > alldsa.pem
- > openssl pkcs12 -export -in alldsa.pem -name TestDsaKey -out dsakey.p12
-
- > cat dsa2048key.pem dsa2048cert.pem ca2cert.pem cacert.pem > alldsa2048.pem
- > openssl pkcs12 -export -in alldsa2048.pem -name TestDsa2048Key -out dsa2048key.p12
-
- > cat dsa3072key.pem dsa3072cert.pem ca2cert.pem cacert.pem > alldsa3072.pem
- > openssl pkcs12 -export -in alldsa3072.pem -name TestDsa3072Key -out dsa3072key.p12
-
- > cat rsakey.pem rsacert.pem ca2cert.pem cacert.pem > allrsa.pem
- > openssl pkcs12 -export -in allrsa.pem -name TestRsaKey -out rsakey.p12
-
- > cat largersakey.pem largersacert.pem ca2cert.pem cacert.pem > alllargersa.pem
- > openssl pkcs12 -export -in alllargersa.pem -name TestLargeRsaKey -out largersakey.p12
-
- > cat expiredkey.pem expiredcert.pem ca2cert.pem cacert.pem > allexpired.pem
- > openssl pkcs12 -export -in allexpired.pem -name TestExpiredRsaKey \
- -out expiredkey.p12
-
- > cat ecdsa-secp256r1-key.pem ecdsa-secp256r1-cert.pem ca2cert.pem cacert.pem > all-ecdsa-secp256r1.pem
- > openssl pkcs12 -export -in all-ecdsa-secp256r1.pem -name TestEcdsaSecp256k1Key -out ecdsa-secp256r1-key.p12
- > rm all-ecdsa-secp256r1.pem
-
- 5a.
- Input: DSA/RSA private key in PEM or DER format
- Output: A PKCS12 file containing the private key, and a self-signed
- certificate with the corresponding public key
-
- # first convert key file to PEM format, if not already in that format
- > openssl <dsa|rsa> -inform der -outform pem -in key.der -out key.pem
-
- # answer questions at the prompt
- # Note: use a unique subject (=issuer) for each self-signed cert you
- # create (since there is no way to specify serial # using the command
- # below)
- > openssl req -new -keyform <der|pem> -key key.<der|pem> -x509 -sha1 -days 999999 -outform pem -out cert.pem
-
- # now using the cert and key in PEM format, conver them to a PKCS12 file
- # enter some password on prompt
- > openssl pkcs12 -export -in cert.pem -inkey key.pem -name <nickname> -out keycert.p12
-
- # This pkcs12 file can be used directly on the xmlsec command line, or
- # can be pre-loaded into the crypto engine database (if any).
-
- # In the case of NSS, you can pre-load the key using pk12util.
- # The key and cert will have the nickname "nickname" (used in above step)
- > pk12util -d <nss_config_dir> -i keycert.p12
-
- 5b.
- Input: DSA/RSA private key in PEM or DER format
- KeyCert containing corresponding public key
- Other certs in the chain leading from KeyCert to the root
- Output: A PKCS12 file containing the private key, the KeyCert and the
- certs in the chain
-
- # first convert key file to PEM format, if not already in that format
- > openssl <dsa|rsa> -inform der -outform pem -in key.der -out key.pem
-
- # convert all cert files to PEM format, if not already in that format
- > openssl x509 -inform der -outform pem -in cert.der -out cert.pem
-
- # concatenate all cert.pem files created above to 1 file - allcerts.pem
- > cat keycert.pem cert1.pem cert2.pem .... > allcerts.pem
-
- # now using the certs and key in PEM format, conver them to a PKCS12 file
- # enter some password on prompt
- > openssl pkcs12 -export -in allcerts.pem -inkey key.pem \
- -name <nickname of key & keycert>
- [-caname <nickname of cert1> -caname <nickname of cert2>.... ]
- -out keycert.p12
-
- # This pkcs12 file can be used directly on the xmlsec command line, or
- # can be pre-loaded into the crypto engine database (if any).
-
- # In the case of NSS, you can pre-load the key using pk12util.
- # The key and certs will have the nickname "nickname"
- # (used in above step)
- > pk12util -d <nss_config_dir> -i keycert.p12
-
-6. On Windows, one needs to specify Crypto Service Provider (CSP) in the
-pkcs12 file to ensure it is loaded correctly to be used with SHA2 algorithms.
-Worse, the CSP is different for XP and older versions
-
-
- Input: DSA/RSA private key in PEM or DER format
- Output: A PKCS12 file containing the private key, and a self-signed
- certificate with the corresponding public key. Plus the CSP
- name to be used for this key/cert.
-
-
- > cat rsakey.pem rsacert.pem ca2cert.pem cacert.pem > allrsa.pem
- > openssl pkcs12 -export -in allrsa.pem -name TestRsaKey -out rsakey-winxp.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
- > openssl pkcs12 -export -in allrsa.pem -name TestRsaKey -out rsakey-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
-
-
- > cat largersakey.pem largersacert.pem ca2cert.pem cacert.pem > alllargersa.pem
- > openssl pkcs12 -export -in alllargersa.pem -name TestLargeRsaKey -out largersakey-winxp.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
- > openssl pkcs12 -export -in alllargersa.pem -name TestLargeRsaKey -out largersakey-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
-
- > cat dsa2048key.pem dsa2048cert.pem ca2cert.pem cacert.pem > alldsa2048.pem
- > openssl pkcs12 -export -in alldsa2048.pem -name TestDsa2048Key -out dsa2048key-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
-
- > cat dsa3072key.pem dsa3072cert.pem ca2cert.pem cacert.pem > alldsa3072.pem
- > openssl pkcs12 -export -in alldsa3072.pem -name TestDsa3072Key -out dsa3072key-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
-
-
-
--- /dev/null
+# XMLSec Library: Unit test keys
+
+## Passwords
+The same password `secret` should be used unless specified otherwise.
+
+## Creating keys and certificates
+
+### Create new CA
+Change DAYS and CADAYS in the OpenSSL `CA.pl` script to 36500 (100 years)
+
+```
+export SSLEAY_CONFIG="-config ./openssl.cnf"
+CA.pl -newca
+cp ./demoCA/cacert.pem .
+cp ./demoCA/private/cakey.pem .
+openssl x509 -text -in cacert.pem
+```
+
+### Generate RSA key and a second level certificate
+```
+openssl genrsa -out ca2key.pem
+openssl req -config ./openssl.cnf -new -key ca2key.pem -out ca2req.pem
+openssl ca -config ./openssl.cnf -cert cacert.pem -keyfile cakey.pem \
+ -out ca2cert.pem -infiles ca2req.pem
+openssl verify -CAfile cacert.pem ca2cert.pem
+rm ca2req.pem
+```
+
+### Generate and sign DSA keys with second level CA
+
+DSA 1024 bits:
+```
+openssl dsaparam -out dsakey.pem -genkey 1024
+openssl req -config ./openssl.cnf -new -key dsakey.pem -out dsareq.pem
+openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
+ -out dsacert.pem -infiles dsareq.pem
+openssl verify -CAfile cacert.pem -untrusted ca2cert.pem dsacert.pem
+rm dsareq.pem
+```
+
+DSA 2048 bits:
+```
+openssl dsaparam -out dsa2048key.pem -genkey 2048
+openssl req -config ./openssl.cnf -new -key dsa2048key.pem -out dsa2048req.pem
+openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
+ -out dsa2048cert.pem -infiles dsa2048req.pem
+openssl verify -CAfile cacert.pem -untrusted ca2cert.pem dsa2048cert.pem
+rm dsa2048req.pem
+```
+
+DSA 3072 bits:
+```
+openssl dsaparam -out dsa3072key.pem -genkey 3072
+openssl req -config ./openssl.cnf -new -key dsa3072key.pem -out dsa3072req.pem
+openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
+ -out dsa3072cert.pem -infiles dsa3072req.pem
+openssl verify -CAfile cacert.pem -untrusted ca2cert.pem dsa3072cert.pem
+rm dsa3072req.pem
+```
+
+### Generate and sign RSA keys with second level CA
+RSA 512 bits:
+```
+openssl genrsa -out rsakey.pem 512
+openssl req -config ./openssl.cnf -new -key rsakey.pem -out rsareq.pem
+openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
+ -out rsacert.pem -infiles rsareq.pem
+openssl verify -CAfile cacert.pem -untrusted ca2cert.pem rsacert.pem
+rm rsareq.pem
+```
+
+RSA 4096 bits:
+```
+openssl genrsa -out largersakey.pem 4096
+openssl req -config ./openssl.cnf -new -key largersakey.pem -out largersareq.pem
+openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
+ -out largersacert.pem -infiles largersareq.pem
+openssl verify -CAfile cacert.pem -untrusted ca2cert.pem largersacert.pem
+rm largersareq.pem
+```
+
+### Generate and sign short-live RSA cert for "expired cert" test
+```
+openssl genrsa -out expiredkey.pem
+openssl req -config ./openssl.cnf -new -days 1 -key expiredkey.pem \
+ -out expiredreq.pem
+openssl ca -config ./openssl.cnf -days 1 -cert ca2cert.pem \
+ -keyfile ca2key.pem -out expiredcert.pem -infiles expiredreq.pem
+openssl verify -CAfile cacert.pem -untrusted ca2cert.pem expiredcert.pem
+rm expiredreq.pem
+```
+
+### Generate ECDSA key with second level CA
+```
+openssl ecparam -list_curves
+openssl ecparam -name secp256r1 -genkey -noout -out ecdsa-secp256r1-key.pem
+ Here use 'ECDSA secp256r1 Key' for Common Name:
+openssl req -config ./openssl.cnf -new -key ecdsa-secp256r1-key.pem -out ecdsa-secp256r1-req.pem
+openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem \
+ -out ecdsa-secp256r1-cert.pem -infiles ecdsa-secp256r1-req.pem
+ openssl verify -CAfile cacert.pem -untrusted ca2cert.pem ecdsa-secp256r1-cert.pem
+ rm ecdsa-secp256r1-req.pem
+```
+
+### Generate and sign GOST2012 key with second level CA
+To enable GOST support, modify openssl.conf file:
+- uncomment the `# gost = gost_section` line'
+- specify correct path to `gost.so` in the `dynamic_path` variable in the `gost_section` section
+
+GOST2001:
+```
+openssl req -config ./openssl.cnf -newkey gost2001 -pkeyopt paramset:A -nodes -keyout gost2001key.pem -out gost2001req.pem
+openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem -out gost2001cert.pem -infiles gost2001req.pem
+OPENSSL_CONF=./openssl.cnf openssl verify -CAfile cacert.pem -untrusted ca2cert.pem gost2001cert.pem
+rm gost2001req.pem
+```
+
+GOST2001 256 bits:
+```
+openssl req -config ./openssl.cnf -newkey gost2012_256 -pkeyopt paramset:A -nodes -keyout gost2012_256key.pem -out gost2012_256req.pem
+openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem -out gost2012_256cert.pem -infiles gost2012_256req.pem
+OPENSSL_CONF=./openssl.cnf openssl verify -CAfile cacert.pem -untrusted ca2cert.pem gost2012_256cert.pem
+rm gost2012_256req.pem
+```
+
+GOST2001 512 bits:
+```
+openssl req -config ./openssl.cnf -newkey gost2012_512 -pkeyopt paramset:A -nodes -keyout gost2012_512key.pem -out gost2012_512req.pem
+openssl ca -config ./openssl.cnf -cert ca2cert.pem -keyfile ca2key.pem -out gost2012_512cert.pem -infiles gost2012_512req.pem
+OPENSSL_CONF=./openssl.cnf openssl verify -CAfile cacert.pem -untrusted ca2cert.pem gost2012_512cert.pem
+rm gost2012_512req.pem
+```
+
+## Converting key and certs between PEM and DER formats
+
+### Convert PEM private key file to DER file
+RSA keys:
+```
+openssl rsa -inform PEM -outform DER -in rsakey.pem -out rsakey.der
+openssl rsa -inform PEM -outform DER -in largersakey.pem -out largersakey.der
+openssl rsa -inform PEM -outform DER -in expiredkey.pem -out expiredkey.der
+```
+
+DSA keys:
+```
+openssl dsa -inform PEM -outform DER -in dsakey.pem -out dsakey.der
+openssl dsa -inform PEM -outform DER -in dsa2048key.pem -out dsa2048key.der
+openssl dsa -inform PEM -outform DER -in dsa3072key.pem -out dsa3072key.der
+```
+
+ECDSA keys:
+```
+openssl ec -inform PEM -outform DER -in ecdsa-secp256r1-key.pem -out ecdsa-secp256r1-key.der
+```
+
+### Convert PEM cert file to DER file
+```
+openssl x509 -outform DER -in cacert.pem -out cacert.der
+openssl x509 -outform DER -in ca2cert.pem -out ca2cert.der
+openssl x509 -outform DER -in dsacert.pem -out dsacert.der
+openssl x509 -outform DER -in dsa2048cert.pem -out dsa2048cert.der
+openssl x509 -outform DER -in dsa3072cert.pem -out dsa3072cert.der
+openssl x509 -outform DER -in rsacert.pem -out rsacert.der
+openssl x509 -outform DER -in largersacert.pem -out largersacert.der
+openssl x509 -outform DER -in expiredcert.pem -out expiredcert.der
+openssl x509 -outform DER -in ecdsa-secp256r1-cert.pem -out ecdsa-secp256r1-cert.der
+```
+
+Certs for GOST keys (see above the instructions to configure GOST engine):
+```
+openssl x509 -outform DER -in gost2001cert.pem -out gost2001cert.der
+openssl x509 -outform DER -in gost2012_256cert.pem -out gost2012_256cert.der
+openssl x509 -outform DER -in gost2012_512cert.pem -out gost2012_512cert.der
+```
+
+### (optional) Convert PEM public key file to DER file
+RSA key:
+```
+openssl rsa -inform PEM -outform DER -pubin -pubout -in lugh.key -out lugh.der
+```
+
+DSA key:
+```
+openssl dsa -inform PEM -outform DER -pubin -pubout -in lugh.key -out lugh.der
+```
+
+If you aren't sure if the public key is RSA or DSA, just run one of
+the above commands, and the error messaging will make it clear :)
+
+### (optional) Convert DER cert file to PEM file
+```
+openssl x509 -inform DER -outform PEM -in ca2cert.der -out ca2cert.pem
+```
+
+## Creating encrypted PEM or DER files
+Converting an unencrypted PEM or DER file containing a private key to an encrypted
+PEM or DER file containing the same private key but encrypted (the tests password
+is `secret123`):
+```
+ openssl pkcs8 -in dsakey.pem -inform pem -out dsakey.p8-pem -outform pem -topk8
+ openssl pkcs8 -in dsakey.der -inform der -out dsakey.p8-der -outform der -topk8
+ openssl pkcs8 -in dsa2048key.pem -inform pem -out dsa2048key.p8-pem -outform pem -topk8
+ openssl pkcs8 -in dsa2048key.der -inform der -out dsa2048key.p8-der -outform der -topk8
+ openssl pkcs8 -in dsa3072key.pem -inform pem -out dsa3072key.p8-pem -outform pem -topk8
+ openssl pkcs8 -in dsa3072key.der -inform der -out dsa3072key.p8-der -outform der -topk8
+ openssl pkcs8 -in rsakey.pem -inform pem -out rsakey.p8-pem -outform pem -topk8
+ openssl pkcs8 -in rsakey.der -inform der -out rsakey.p8-der -outform der -topk8
+ openssl pkcs8 -in largersakey.pem -inform pem -out largersakey.p8-pem \
+ -outform pem -topk8
+ openssl pkcs8 -in largersakey.der -inform der -out largersakey.p8-der \
+ -outform der -topk8
+ openssl pkcs8 -in ecdsa-secp256r1-key.der -inform der -out ecdsa-secp256r1-key.p8-der \
+ -outform der -topk8
+```
+
+GOST keys (see above the instructions to configure GOST engine):
+```
+OPENSSL_CONF=./openssl.cnf openssl pkcs8 -in gost2001key.pem -inform pem -out gost2001key.p8-pem -outform pem -topk8
+OPENSSL_CONF=./openssl.cnf openssl pkcs8 -in gost2012_256key.pem -inform pem -out gost2012_256key.p8-pem -outform pem -topk8
+OPENSSL_CONF=./openssl.cnf openssl pkcs8 -in gost2012_512key.pem -inform pem -out gost2012_512key.p8-pem -outform pem -topk8
+```
+
+## Creating PKCS12 private keys
+NSS is unfriendly towards standalone private keys. This procedure helps convert private
+keys into PKCS12 form that is suitable for not only NSS but all crypto engines (the tests
+password is `secret123`):
+
+```
+cat cakey.pem cacert.pem > allcakey.pem
+openssl pkcs12 -export -in allcakey.pem -name CARsaKey -out cakey.p12
+rm allcakey.pem
+
+cat ca2key.pem ca2cert.pem cacert.pem > allca2key.pem
+openssl pkcs12 -export -in allca2key.pem -name CA2RsaKey -out ca2key.p12
+rm allca2key.pem
+
+cat dsakey.pem dsacert.pem ca2cert.pem cacert.pem > alldsa.pem
+openssl pkcs12 -export -in alldsa.pem -name TestDsaKey -out dsakey.p12
+
+cat dsa2048key.pem dsa2048cert.pem ca2cert.pem cacert.pem > alldsa2048.pem
+openssl pkcs12 -export -in alldsa2048.pem -name TestDsa2048Key -out dsa2048key.p12
+
+cat dsa3072key.pem dsa3072cert.pem ca2cert.pem cacert.pem > alldsa3072.pem
+openssl pkcs12 -export -in alldsa3072.pem -name TestDsa3072Key -out dsa3072key.p12
+
+cat rsakey.pem rsacert.pem ca2cert.pem cacert.pem > allrsa.pem
+openssl pkcs12 -export -in allrsa.pem -name TestRsaKey -out rsakey.p12
+
+cat largersakey.pem largersacert.pem ca2cert.pem cacert.pem > alllargersa.pem
+openssl pkcs12 -export -in alllargersa.pem -name TestLargeRsaKey -out largersakey.p12
+
+cat expiredkey.pem expiredcert.pem ca2cert.pem cacert.pem > allexpired.pem
+openssl pkcs12 -export -in allexpired.pem -name TestExpiredRsaKey -out expiredkey.p12
+
+cat ecdsa-secp256r1-key.pem ecdsa-secp256r1-cert.pem ca2cert.pem cacert.pem > all-ecdsa-secp256r1.pem
+openssl pkcs12 -export -in all-ecdsa-secp256r1.pem -name TestEcdsaSecp256r1Key -out ecdsa-secp256r1-key.p12
+rm all-ecdsa-secp256r1.pem
+```
+
+GOST keys (see above the instructions to configure GOST engine):
+```
+cat gost2001key.pem gost2001cert.pem ca2cert.pem cacert.pem > all-gost2001.pem
+OPENSSL_CONF=./openssl.cnf openssl pkcs12 -export -in all-gost2001.pem -name TestGost2012_256Key -out gost2001key.p12
+rm all-gost2001.pem
+
+cat gost2012_256key.pem gost2012_256cert.pem ca2cert.pem cacert.pem > all-gost2012_256.pem
+OPENSSL_CONF=./openssl.cnf openssl pkcs12 -export -in all-gost2012_256.pem -name TestGost2012_256Key -out gost2012_256key.p12
+rm all-gost2012_256.pem
+
+cat gost2012_512key.pem gost2012_512cert.pem ca2cert.pem cacert.pem > all-gost2012_512.pem
+OPENSSL_CONF=./openssl.cnf openssl pkcs12 -export -in all-gost2012_512.pem -name TestGost2012_512Key -out gost2012_512key.p12
+rm all-gost2012_512.pem
+```
+
+### Creating self-signed cert for DSA/RSA private keys and loading it into NSS store
+The following process takes a DSA/RSA private key in PEM or DER format and
+creates a PKCS12 file containing the private key, and a self-signed
+certificate with the corresponding public key.
+
+```
+# first convert key file to PEM format, if not already in that format
+openssl <dsa|rsa> -inform der -outform pem -in key.der -out key.pem
+
+# answer questions at the prompt
+# Note: use a unique subject (=issuer) for each self-signed cert you
+# create (since there is no way to specify serial # using the command
+# below)
+openssl req -new -keyform <der|pem> -key key.<der|pem> -x509 -sha1 -days 999999 -outform pem -out cert.pem
+
+# now using the cert and key in PEM format, conver them to a PKCS12 file
+# enter some password on prompt
+openssl pkcs12 -export -in cert.pem -inkey key.pem -name <nickname> -out keycert.p12
+
+# This pkcs12 file can be used directly on the xmlsec command line, or
+# can be pre-loaded into the crypto engine database (if any).
+
+# In the case of NSS, you can pre-load the key using pk12util.
+# The key and cert will have the nickname "nickname" (used in above step)
+pk12util -d <nss_config_dir> -i keycert.p12
+```
+
+### Creating certs chain for DSA/RSA private keys and loading it into NSS store
+The following process takes a DSA/RSA private key in PEM or DER format
+plus all certs in the chain and creates a PKCS12 file containing the private key
+and certs chain.
+
+```
+# first convert key file to PEM format, if not already in that format
+openssl <dsa|rsa> -inform der -outform pem -in key.der -out key.pem
+
+# convert all cert files to PEM format, if not already in that format
+openssl x509 -inform der -outform pem -in cert.der -out cert.pem
+
+# concatenate all cert.pem files created above to 1 file - allcerts.pem
+cat keycert.pem cert1.pem cert2.pem .... > allcerts.pem
+
+# now using the certs and key in PEM format, conver them to a PKCS12 file
+# enter some password on prompt
+openssl pkcs12 -export -in allcerts.pem -inkey key.pem \
+ -name <nickname of key & keycert>
+[-caname <nickname of cert1> -caname <nickname of cert2>.... ]
+-out keycert.p12
+
+# This pkcs12 file can be used directly on the xmlsec command line, or
+# can be pre-loaded into the crypto engine database (if any).
+
+# In the case of NSS, you can pre-load the key using pk12util.
+# The key and certs will have the nickname "nickname"
+# (used in above step)
+pk12util -d <nss_config_dir> -i keycert.p12
+```
+
+## Add Crypto Service Provider (CSP) for Windows
+On Windows, one needs to specify Crypto Service Provider (CSP) in the pkcs12 file
+to ensure it is loaded correctly to be used with SHA2 algorithms. Worse, the CSP is
+different for XP and older versions.
+
+```
+cat rsakey.pem rsacert.pem ca2cert.pem cacert.pem > allrsa.pem
+openssl pkcs12 -export -in allrsa.pem -name TestRsaKey -out rsakey-winxp.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
+openssl pkcs12 -export -in allrsa.pem -name TestRsaKey -out rsakey-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
+rm allrsa.pem
+
+cat largersakey.pem largersacert.pem ca2cert.pem cacert.pem > alllargersa.pem
+openssl pkcs12 -export -in alllargersa.pem -name TestLargeRsaKey -out largersakey-winxp.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
+openssl pkcs12 -export -in alllargersa.pem -name TestLargeRsaKey -out largersakey-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
+rm alllargersa.pem
+
+cat dsa2048key.pem dsa2048cert.pem ca2cert.pem cacert.pem > alldsa2048.pem
+openssl pkcs12 -export -in alldsa2048.pem -name TestDsa2048Key -out dsa2048key-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
+rm alldsa2048.pem
+
+cat dsa3072key.pem dsa3072cert.pem ca2cert.pem cacert.pem > alldsa3072.pem
+openssl pkcs12 -export -in alldsa3072.pem -name TestDsa3072Key -out dsa3072key-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
+rm alldsa3072.pem
+```
+
V 21150209225453Z AFA28BB933ADDAB3 unknown /C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/OU=Test Third Level DSA 3072 Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
V 21160105172612Z AFA28BB933ADDAB4 unknown /C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/CN=ECDSA secp256k1 Key/emailAddress=xmlsec@aleksey.com
V 21170122220821Z AFA28BB933ADDAB5 unknown /C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/CN=ECDSA secp256r1 Key/emailAddress=xmlsec@aleksey.com
+V 21220529223446Z AFA28BB933ADDAB6 unknown /C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Test Third Level GOST2012 256 bits Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+V 21220529224030Z AFA28BB933ADDAB7 unknown /C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Test Third Level GOST2012 512 bits Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+V 21220529235043Z AFA28BB933ADDAB8 unknown /C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Test Third Level GOST2001 Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
V 21150209225409Z AFA28BB933ADDAB2 unknown /C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/OU=Test Third Level DSA 2048 Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
V 21150209225453Z AFA28BB933ADDAB3 unknown /C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/OU=Test Third Level DSA 3072 Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
V 21160105172612Z AFA28BB933ADDAB4 unknown /C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/CN=ECDSA secp256k1 Key/emailAddress=xmlsec@aleksey.com
+V 21170122220821Z AFA28BB933ADDAB5 unknown /C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/CN=ECDSA secp256r1 Key/emailAddress=xmlsec@aleksey.com
+V 21220529223446Z AFA28BB933ADDAB6 unknown /C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Test Third Level GOST2012 256 bits Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+V 21220529224030Z AFA28BB933ADDAB7 unknown /C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Test Third Level GOST2012 512 bits Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ af:a2:8b:b9:33:ad:da:b6
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Validity
+ Not Before: Jun 22 22:34:46 2022 GMT
+ Not After : May 29 22:34:46 2122 GMT
+ Subject: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), OU=Test Third Level GOST2012 256 bits Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Subject Public Key Info:
+ Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
+ Public key:
+ X:59C4C616CA4B2C894DB66407AFD220A6119D568FB7BF9DC0048C701F4DE1E590
+ Y:CE6E7B2D1CB6A282739A968D66E55E408DF0131BB5BE5B88F4C9169497BF26B
+ Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ 18:94:7C:CA:80:B1:05:BC:6A:5D:B2:C0:72:69:DA:47:26:2C:6F:81
+ X509v3 Authority Key Identifier:
+ keyid:FE:E4:EC:53:24:F0:95:95:C7:10:B5:E1:44:B5:5D:39:65:5A:E3:7E
+ DirName:/C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Root CA/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ serial:AF:A2:8B:B9:33:AD:DA:AD
+ Signature Algorithm: sha1WithRSAEncryption
+ Signature Value:
+ a0:e8:cd:61:c0:3b:ef:fa:07:e9:8d:61:54:df:9e:07:10:82:
+ fe:33:e6:b6:e1:33:28:56:89:2b:5e:ae:cd:35:0f:4d:5a:2f:
+ 82:95:1a:f4:07:e1:f8:6b:51:70:43:b8:40:39:a2:4b:fa:d8:
+ 88:46:82:86:eb:8d:77:f0:fb:68
+-----BEGIN CERTIFICATE-----
+MIIDvzCCA2mgAwIBAgIJAK+ii7kzrdq2MA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tMCAXDTIyMDYyMjIyMzQ0NloYDzIxMjIwNTI5MjIzNDQ2WjCB1TELMAkG
+A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1
+cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxNzA1
+BgNVBAsTLlRlc3QgVGhpcmQgTGV2ZWwgR09TVDIwMTIgMjU2IGJpdHMgQ2VydGlm
+aWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnht
+bHNlY0BhbGVrc2V5LmNvbTBmMB8GCCqFAwcBAQEBMBMGByqFAwICIwEGCCqFAwcB
+AQICA0MABECQ5eFNH3CMBMCdv7ePVp0RpiDSrwdktk2JLEvKFsbEWWvye0lpkUyP
+uOVbuzEB3wjkVW7WaKk5Jyhqy9Gy5+YMo4IBRTCCAUEwDAYDVR0TBAUwAwEB/zAs
+BglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYD
+VR0OBBYEFBiUfMqAsQW8al2ywHJp2kcmLG+BMIHjBgNVHSMEgdswgdiAFP7k7FMk
+8JWVxxC14US1XTllWuN+oYG0pIGxMIGuMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
+Q2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6
+Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEQMA4GA1UECxMHUm9vdCBDQTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tggkAr6KLuTOt2q0wDQYJKoZIhvcNAQEFBQADQQCg6M1hwDvv+gfpjWFU
+354HEIL+M+a24TMoVokrXq7NNQ9NWi+ClRr0B+H4a1FwQ7hAOaJL+tiIRoKG6413
+8Pto
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ af:a2:8b:b9:33:ad:da:b7
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Validity
+ Not Before: Jun 22 22:40:30 2022 GMT
+ Not After : May 29 22:40:30 2122 GMT
+ Subject: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), OU=Test Third Level GOST2012 512 bits Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Subject Public Key Info:
+ Public Key Algorithm: GOST R 34.10-2012 with 512 bit modulus
+ Public key:
+ X:AAD5A2F181F87CA5803D4A96817BADA3712DA1EA2E70F77B98099C35CACB32B44A28DAC1F244CCEAF053AB6A0D156DFE2D4539F0B58A597B2FEE33C7575CD2A1
+ Y:882394AFB41FED5D1A0B86B70FEC372AA29F8AA5C7EEA21837E41861CC361150AF5467145725A36CD5F7ED7FF503EC7B68AFEC8FD5F14F9CCE8293B7E657AD3A
+ Parameter set: GOST R 34.10-2012 (512 bit) ParamSet A
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ AB:16:35:14:93:82:06:45:75:59:CA:3A:88:7C:34:5F:67:D1:AB:AF
+ X509v3 Authority Key Identifier:
+ keyid:FE:E4:EC:53:24:F0:95:95:C7:10:B5:E1:44:B5:5D:39:65:5A:E3:7E
+ DirName:/C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Root CA/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ serial:AF:A2:8B:B9:33:AD:DA:AD
+ Signature Algorithm: sha1WithRSAEncryption
+ Signature Value:
+ 7b:75:f9:38:1f:0f:7a:f3:3f:d9:5e:8c:e8:11:33:8d:19:2c:
+ ee:79:95:57:36:d4:19:dd:0f:d1:61:29:e5:f5:29:6e:d8:36:
+ 65:8b:b3:de:6c:60:02:0c:99:80:b6:c7:88:cc:d4:e7:d2:d7:
+ 13:09:d8:d9:07:36:3a:d8:0c:7b
+-----BEGIN CERTIFICATE-----
+MIIEBDCCA66gAwIBAgIJAK+ii7kzrdq3MA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tMCAXDTIyMDYyMjIyNDAzMFoYDzIxMjIwNTI5MjI0MDMwWjCB1TELMAkG
+A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1
+cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxNzA1
+BgNVBAsTLlRlc3QgVGhpcmQgTGV2ZWwgR09TVDIwMTIgNTEyIGJpdHMgQ2VydGlm
+aWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnht
+bHNlY0BhbGVrc2V5LmNvbTCBqjAhBggqhQMHAQEBAjAVBgkqhQMHAQIBAgEGCCqF
+AwcBAQIDA4GEAASBgKHSXFfHM+4ve1mKtfA5RS3+bRUNaqtT8OrMRPLB2ihKtDLL
+yjWcCZh793Au6qEtcaOte4GWSj2ApXz4gfGi1ao6rVfmt5OCzpxP8dWP7K9oe+wD
+9X/t99VsoyVXFGdUr1ARNsxhGOQ3GKLux6WKn6IqN+wPt4YLGl3tH7SvlCOIo4IB
+RTCCAUEwDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5l
+cmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFKsWNRSTggZFdVnKOoh8NF9n0auv
+MIHjBgNVHSMEgdswgdiAFP7k7FMk8JWVxxC14US1XTllWuN+oYG0pIGxMIGuMQsw
+CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNl
+Y3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEQ
+MA4GA1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG
+SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkAr6KLuTOt2q0wDQYJKoZIhvcN
+AQEFBQADQQB7dfk4Hw968z/ZXozoETONGSzueZVXNtQZ3Q/RYSnl9Slu2DZli7Pe
+bGACDJmAtseIzNTn0tcTCdjZBzY62Ax7
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ af:a2:8b:b9:33:ad:da:b8
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Validity
+ Not Before: Jun 22 23:50:43 2022 GMT
+ Not After : May 29 23:50:43 2122 GMT
+ Subject: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), OU=Test Third Level GOST2001 Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Subject Public Key Info:
+ Public Key Algorithm: GOST R 34.10-2001
+ Public key:
+ X:E28926379D020AA6D129A798E91F5D3B648A280927BCF059152704FADE407C34
+ Y:6EACE45925A70CE205AC30494AC93E0583DE67951594CBEB16E5692758F2FE2F
+ Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ BF:C4:6D:51:3C:01:D6:66:11:21:73:CB:EC:3B:2A:0E:BD:D7:CF:FF
+ X509v3 Authority Key Identifier:
+ keyid:FE:E4:EC:53:24:F0:95:95:C7:10:B5:E1:44:B5:5D:39:65:5A:E3:7E
+ DirName:/C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Root CA/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ serial:AF:A2:8B:B9:33:AD:DA:AD
+ Signature Algorithm: sha1WithRSAEncryption
+ Signature Value:
+ 6e:52:fd:fd:73:ee:3c:e4:dd:9c:3b:42:96:77:8c:34:d3:26:
+ b0:bb:52:8c:b0:c8:3a:7a:2e:20:cf:94:fc:ce:a5:04:31:95:
+ 77:52:35:41:01:3d:78:81:e2:30:e5:9b:e3:73:b3:80:92:75:
+ 22:4a:41:6c:c9:08:33:be:9a:cb
+-----BEGIN CERTIFICATE-----
+MIIDszCCA12gAwIBAgIJAK+ii7kzrdq4MA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tMCAXDTIyMDYyMjIzNTA0M1oYDzIxMjIwNTI5MjM1MDQzWjCBzDELMAkG
+A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1
+cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxLjAs
+BgNVBAsTJVRlc3QgVGhpcmQgTGV2ZWwgR09TVDIwMDEgQ2VydGlmaWNhdGUxFjAU
+BgNVBAMTDUFsZWtzZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVr
+c2V5LmNvbTBjMBwGBiqFAwICEzASBgcqhQMCAiMBBgcqhQMCAh4BA0MABEA0fEDe
++gQnFVnwvCcJKIpkO10f6ZinKdGmCgKdNyaJ4i/+8lgnaeUW68uUFZVn3oMFPslK
+STCsBeIMpyVZ5Kxuo4IBRTCCAUEwDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0E
+HxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFL/EbVE8
+AdZmESFzy+w7Kg6918//MIHjBgNVHSMEgdswgdiAFP7k7FMk8JWVxxC14US1XTll
+WuN+oYG0pIGxMIGuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9
+MDsGA1UEChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3Nl
+eS5jb20veG1sc2VjKTEQMA4GA1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3Nl
+eSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkAr6KL
+uTOt2q0wDQYJKoZIhvcNAQEFBQADQQBuUv39c+485N2cO0KWd4w00yawu1KMsMg6
+ei4gz5T8zqUEMZV3UjVBAT14geIw5Zvjc7OAknUiSkFsyQgzvprL
+-----END CERTIFICATE-----
-AFA28BB933ADDAB6
+AFA28BB933ADDAB9
-AFA28BB933ADDAB5
+AFA28BB933ADDAB8
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12655831530416757428 (0xafa28bb933addab4)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
- Validity
- Not Before: Jan 29 17:26:12 2016 GMT
- Not After : Jan 5 17:26:12 2116 GMT
- Subject: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), CN=ECDSA secp256k1 Key/emailAddress=xmlsec@aleksey.com
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (256 bit)
- pub:
- 04:67:db:9d:7a:d1:ed:b8:c6:06:c2:ba:2c:8a:36:
- 2e:43:0f:cf:d3:a1:a9:6e:94:e0:45:30:84:0f:b4:
- c1:b5:db:2f:34:6e:7e:e6:9a:52:e1:87:92:19:7d:
- 2c:36:b9:d7:6f:1d:d7:6d:3d:8f:6e:62:5a:0c:8b:
- 42:8c:60:30:b3
- ASN1 OID: secp256k1
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:TRUE
- Netscape Comment:
- OpenSSL Generated Certificate
- X509v3 Subject Key Identifier:
- 3C:95:C7:89:6D:47:4A:A7:70:6E:E7:29:11:28:B5:25:E2:09:1C:A0
- X509v3 Authority Key Identifier:
- keyid:FE:E4:EC:53:24:F0:95:95:C7:10:B5:E1:44:B5:5D:39:65:5A:E3:7E
- DirName:/C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/OU=Root CA/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
- serial:AF:A2:8B:B9:33:AD:DA:AD
-
- Signature Algorithm: sha1WithRSAEncryption
- 5c:1e:03:4d:d0:a3:77:b7:06:f5:38:31:3d:f0:9e:c9:fb:55:
- 9b:a4:4c:8e:b5:7b:0c:ab:18:24:2c:84:e7:39:9e:0d:d3:b8:
- d7:cd:70:0b:b0:87:00:e7:4e:41:c4:6a:b6:f0:bc:6d:ce:98:
- 92:25:fb:20:ea:81:5b:53:0f:d3
------BEGIN CERTIFICATE-----
-MIIDfDCCAyagAwIBAgIJAK+ii7kzrdq0MA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEWMBQG
-A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
-ZXkuY29tMCAXDTE2MDEyOTE3MjYxMloYDzIxMTYwMTA1MTcyNjEyWjCBojELMAkG
-A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1
-cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHDAa
-BgNVBAMTE0VDRFNBIHNlY3AyNTZrMSBLZXkxITAfBgkqhkiG9w0BCQEWEnhtbHNl
-Y0BhbGVrc2V5LmNvbTBWMBAGByqGSM49AgEGBSuBBAAKA0IABGfbnXrR7bjGBsK6
-LIo2LkMPz9OhqW6U4EUwhA+0wbXbLzRufuaaUuGHkhl9LDa5128d1209j25iWgyL
-QoxgMLOjggFFMIIBQTAMBgNVHRMEBTADAQH/MCwGCWCGSAGG+EIBDQQfFh1PcGVu
-U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUPJXHiW1HSqdwbucp
-ESi1JeIJHKAwgeMGA1UdIwSB2zCB2IAU/uTsUyTwlZXHELXhRLVdOWVa436hgbSk
-gbEwga4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQK
-EzRYTUwgU2VjdXJpdHkgTGlicmFyeSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94
-bWxzZWMpMRAwDgYDVQQLEwdSb290IENBMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
-MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQCvoou5M63arTAN
-BgkqhkiG9w0BAQUFAANBAFweA03Qo3e3BvU4MT3wnsn7VZukTI61ewyrGCQshOc5
-ng3TuNfNcAuwhwDnTkHEarbwvG3OmJIl+yDqgVtTD9M=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN EC PRIVATE KEY-----
-MHQCAQEEINGkcANg91R1Kvm7ZZ5vmWCKK2SsZhGxYfVn4Px2S7xcoAcGBSuBBAAK
-oUQDQgAEZ9udetHtuMYGwrosijYuQw/P06GpbpTgRTCED7TBtdsvNG5+5ppS4YeS
-GX0sNrnXbx3XbT2PbmJaDItCjGAwsw==
------END EC PRIVATE KEY-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ af:a2:8b:b9:33:ad:da:b8
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Validity
+ Not Before: Jun 22 23:50:43 2022 GMT
+ Not After : May 29 23:50:43 2122 GMT
+ Subject: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), OU=Test Third Level GOST2001 Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Subject Public Key Info:
+ Public Key Algorithm: GOST R 34.10-2001
+ Public key:
+ X:E28926379D020AA6D129A798E91F5D3B648A280927BCF059152704FADE407C34
+ Y:6EACE45925A70CE205AC30494AC93E0583DE67951594CBEB16E5692758F2FE2F
+ Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ BF:C4:6D:51:3C:01:D6:66:11:21:73:CB:EC:3B:2A:0E:BD:D7:CF:FF
+ X509v3 Authority Key Identifier:
+ keyid:FE:E4:EC:53:24:F0:95:95:C7:10:B5:E1:44:B5:5D:39:65:5A:E3:7E
+ DirName:/C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Root CA/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ serial:AF:A2:8B:B9:33:AD:DA:AD
+ Signature Algorithm: sha1WithRSAEncryption
+ Signature Value:
+ 6e:52:fd:fd:73:ee:3c:e4:dd:9c:3b:42:96:77:8c:34:d3:26:
+ b0:bb:52:8c:b0:c8:3a:7a:2e:20:cf:94:fc:ce:a5:04:31:95:
+ 77:52:35:41:01:3d:78:81:e2:30:e5:9b:e3:73:b3:80:92:75:
+ 22:4a:41:6c:c9:08:33:be:9a:cb
+-----BEGIN CERTIFICATE-----
+MIIDszCCA12gAwIBAgIJAK+ii7kzrdq4MA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tMCAXDTIyMDYyMjIzNTA0M1oYDzIxMjIwNTI5MjM1MDQzWjCBzDELMAkG
+A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1
+cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxLjAs
+BgNVBAsTJVRlc3QgVGhpcmQgTGV2ZWwgR09TVDIwMDEgQ2VydGlmaWNhdGUxFjAU
+BgNVBAMTDUFsZWtzZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVr
+c2V5LmNvbTBjMBwGBiqFAwICEzASBgcqhQMCAiMBBgcqhQMCAh4BA0MABEA0fEDe
++gQnFVnwvCcJKIpkO10f6ZinKdGmCgKdNyaJ4i/+8lgnaeUW68uUFZVn3oMFPslK
+STCsBeIMpyVZ5Kxuo4IBRTCCAUEwDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0E
+HxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFL/EbVE8
+AdZmESFzy+w7Kg6918//MIHjBgNVHSMEgdswgdiAFP7k7FMk8JWVxxC14US1XTll
+WuN+oYG0pIGxMIGuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9
+MDsGA1UEChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3Nl
+eS5jb20veG1sc2VjKTEQMA4GA1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3Nl
+eSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkAr6KL
+uTOt2q0wDQYJKoZIhvcNAQEFBQADQQBuUv39c+485N2cO0KWd4w00yawu1KMsMg6
+ei4gz5T8zqUEMZV3UjVBAT14geIw5Zvjc7OAknUiSkFsyQgzvprL
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIGrMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAibGGi5uDrawAICCAAw
+DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEI+BTpgKXCRp1hlGeBCCG/wEUBdp
+xpawln5GIZ+W4uMT5njrw/R5HlX7uDuUTlPHl7bXxEMDLFnc/ReTZ4gfggxUIeTl
+GL/6jX/bxWAy6MSZw3+ndhYOi7cU0ek4BRdITt+C
+-----END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MEMCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIMeeeRUFpiFI+Gsw
+uLM7P2W4nvLBJesLkSkIe15bikt1
+-----END PRIVATE KEY-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ af:a2:8b:b9:33:ad:da:b6
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Validity
+ Not Before: Jun 22 22:34:46 2022 GMT
+ Not After : May 29 22:34:46 2122 GMT
+ Subject: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), OU=Test Third Level GOST2012 256 bits Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Subject Public Key Info:
+ Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
+ Public key:
+ X:59C4C616CA4B2C894DB66407AFD220A6119D568FB7BF9DC0048C701F4DE1E590
+ Y:CE6E7B2D1CB6A282739A968D66E55E408DF0131BB5BE5B88F4C9169497BF26B
+ Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ 18:94:7C:CA:80:B1:05:BC:6A:5D:B2:C0:72:69:DA:47:26:2C:6F:81
+ X509v3 Authority Key Identifier:
+ keyid:FE:E4:EC:53:24:F0:95:95:C7:10:B5:E1:44:B5:5D:39:65:5A:E3:7E
+ DirName:/C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Root CA/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ serial:AF:A2:8B:B9:33:AD:DA:AD
+ Signature Algorithm: sha1WithRSAEncryption
+ Signature Value:
+ a0:e8:cd:61:c0:3b:ef:fa:07:e9:8d:61:54:df:9e:07:10:82:
+ fe:33:e6:b6:e1:33:28:56:89:2b:5e:ae:cd:35:0f:4d:5a:2f:
+ 82:95:1a:f4:07:e1:f8:6b:51:70:43:b8:40:39:a2:4b:fa:d8:
+ 88:46:82:86:eb:8d:77:f0:fb:68
+-----BEGIN CERTIFICATE-----
+MIIDvzCCA2mgAwIBAgIJAK+ii7kzrdq2MA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tMCAXDTIyMDYyMjIyMzQ0NloYDzIxMjIwNTI5MjIzNDQ2WjCB1TELMAkG
+A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1
+cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxNzA1
+BgNVBAsTLlRlc3QgVGhpcmQgTGV2ZWwgR09TVDIwMTIgMjU2IGJpdHMgQ2VydGlm
+aWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnht
+bHNlY0BhbGVrc2V5LmNvbTBmMB8GCCqFAwcBAQEBMBMGByqFAwICIwEGCCqFAwcB
+AQICA0MABECQ5eFNH3CMBMCdv7ePVp0RpiDSrwdktk2JLEvKFsbEWWvye0lpkUyP
+uOVbuzEB3wjkVW7WaKk5Jyhqy9Gy5+YMo4IBRTCCAUEwDAYDVR0TBAUwAwEB/zAs
+BglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYD
+VR0OBBYEFBiUfMqAsQW8al2ywHJp2kcmLG+BMIHjBgNVHSMEgdswgdiAFP7k7FMk
+8JWVxxC14US1XTllWuN+oYG0pIGxMIGuMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
+Q2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6
+Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEQMA4GA1UECxMHUm9vdCBDQTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tggkAr6KLuTOt2q0wDQYJKoZIhvcNAQEFBQADQQCg6M1hwDvv+gfpjWFU
+354HEIL+M+a24TMoVokrXq7NNQ9NWi+ClRr0B+H4a1FwQ7hAOaJL+tiIRoKG6413
+8Pto
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIGrMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAgfe4QBVSkeWQICCAAw
+DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEIEWvhrRngKPI9Yf49cjHlAEUGQm
+S9UFfgOznE5eYwE+FPtlQ30rt1OEcqnLYnZzz+kvCXL7J0HK9Vp3xDj+EGUNe43G
+8Q3qDeonXvYMYWXIG7+ZwgFLE71mkI1Z4PDj2hFG
+-----END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MEYCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEIGaZZfWS0DN/
+PvWBD/f5oLFlpXwgKG1Ge2Yl2fh9ZUcH
+-----END PRIVATE KEY-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ af:a2:8b:b9:33:ad:da:b7
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Validity
+ Not Before: Jun 22 22:40:30 2022 GMT
+ Not After : May 29 22:40:30 2122 GMT
+ Subject: C=US, ST=California, O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec), OU=Test Third Level GOST2012 512 bits Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Subject Public Key Info:
+ Public Key Algorithm: GOST R 34.10-2012 with 512 bit modulus
+ Public key:
+ X:AAD5A2F181F87CA5803D4A96817BADA3712DA1EA2E70F77B98099C35CACB32B44A28DAC1F244CCEAF053AB6A0D156DFE2D4539F0B58A597B2FEE33C7575CD2A1
+ Y:882394AFB41FED5D1A0B86B70FEC372AA29F8AA5C7EEA21837E41861CC361150AF5467145725A36CD5F7ED7FF503EC7B68AFEC8FD5F14F9CCE8293B7E657AD3A
+ Parameter set: GOST R 34.10-2012 (512 bit) ParamSet A
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ AB:16:35:14:93:82:06:45:75:59:CA:3A:88:7C:34:5F:67:D1:AB:AF
+ X509v3 Authority Key Identifier:
+ keyid:FE:E4:EC:53:24:F0:95:95:C7:10:B5:E1:44:B5:5D:39:65:5A:E3:7E
+ DirName:/C=US/ST=California/O=XML Security Library (http:\/\/www.aleksey.com\/xmlsec)/OU=Root CA/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ serial:AF:A2:8B:B9:33:AD:DA:AD
+ Signature Algorithm: sha1WithRSAEncryption
+ Signature Value:
+ 7b:75:f9:38:1f:0f:7a:f3:3f:d9:5e:8c:e8:11:33:8d:19:2c:
+ ee:79:95:57:36:d4:19:dd:0f:d1:61:29:e5:f5:29:6e:d8:36:
+ 65:8b:b3:de:6c:60:02:0c:99:80:b6:c7:88:cc:d4:e7:d2:d7:
+ 13:09:d8:d9:07:36:3a:d8:0c:7b
+-----BEGIN CERTIFICATE-----
+MIIEBDCCA66gAwIBAgIJAK+ii7kzrdq3MA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tMCAXDTIyMDYyMjIyNDAzMFoYDzIxMjIwNTI5MjI0MDMwWjCB1TELMAkG
+A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1
+cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxNzA1
+BgNVBAsTLlRlc3QgVGhpcmQgTGV2ZWwgR09TVDIwMTIgNTEyIGJpdHMgQ2VydGlm
+aWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnht
+bHNlY0BhbGVrc2V5LmNvbTCBqjAhBggqhQMHAQEBAjAVBgkqhQMHAQIBAgEGCCqF
+AwcBAQIDA4GEAASBgKHSXFfHM+4ve1mKtfA5RS3+bRUNaqtT8OrMRPLB2ihKtDLL
+yjWcCZh793Au6qEtcaOte4GWSj2ApXz4gfGi1ao6rVfmt5OCzpxP8dWP7K9oe+wD
+9X/t99VsoyVXFGdUr1ARNsxhGOQ3GKLux6WKn6IqN+wPt4YLGl3tH7SvlCOIo4IB
+RTCCAUEwDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5l
+cmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFKsWNRSTggZFdVnKOoh8NF9n0auv
+MIHjBgNVHSMEgdswgdiAFP7k7FMk8JWVxxC14US1XTllWuN+oYG0pIGxMIGuMQsw
+CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNl
+Y3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEQ
+MA4GA1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG
+SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkAr6KLuTOt2q0wDQYJKoZIhvcN
+AQEFBQADQQB7dfk4Hw968z/ZXozoETONGSzueZVXNtQZ3Q/RYSnl9Slu2DZli7Pe
+bGACDJmAtseIzNTn0tcTCdjZBzY62Ax7
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIHLMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAhakEEScoUQGgICCAAw
+DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEMmZl63HC7PpwO7hUTECs8cEcJWJ
+uDwGflOEEdlZer7yjoAd09pujRm9401fCS7Sbjc6CbfDtTTIbxp4ooS7+n7gAn8G
+0LlwBqWOyPhv/di9bwpPKbRS5IU8iGEz7YYXyWC1RYuShyj87MjS69qOfawGrXUN
+fRO21A8NXt6oYx6/T5c=
+-----END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MGgCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRAstPS4q8w
+m01Yr0+J6lzPnCXJryZGtjxROpfadzSPKOhw0X2MkM1jGV85S1XpG5SSUMZuXhms
+XWkPxg4XYzq07w==
+-----END PRIVATE KEY-----
HOME = .
RANDFILE = $ENV::HOME/.rnd
+openssl_conf = openssl_init
+
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
+[openssl_init]
+engines = engine_section
+
+# List of engines to load
+[engine_section]
+# gost = gost_section
+
+[gost_section]
+engine_id = gost
+dynamic_path = (path to openssl)/gost.so
+default_algorithms = ALL
+init = 1
+
[ new_oids ]
# We can add new OIDs in here for use by 'ca' and 'req'.
--- /dev/null
+-----BEGIN PUBLIC KEY-----
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANPQbQ92nlbeg1Q5JNHSO1Yey46nZ7GJ
+ltLWw1ccSvp7pnvmfUm+M521CpFpfr4EAE3UVBMoU9j/hqq3dFAc2H0CAwEAAQ==
+-----END PUBLIC KEY-----
+++ /dev/null
-Manual test of the keysstore feature
-----------------------------------------------
-
-mscng backend:
-
-- import tests/keys/rsakey-win.p12 (double-click on it)
-- verify that the import happened, using certmgr.msc
-- sign: win32/binaries/xmlsec.exe sign --crypto mscng --output out.xml tests/keysstore/keysstore.xml
-- verify: win32/binaries/xmlsec.exe verify --crypto mscng out.xml
--- /dev/null
+# XMLSec Library: Manual test of the keysstore feature
+
+## xmlsec-mscng
+
+- Import `tests/keys/rsakey-win.p12` (double-click on the file in Windows Explorer).
+\r
+- Verify that the import happened, using `certmgr.msc`.\r
+
+- Sign a file:
+ ```
+ win32/binaries/xmlsec.exe sign --crypto mscng --output out.xml tests/keysstore/keysstore.xml
+ ```
+- Verify signed file:\r
+ ```
+ win32/binaries/xmlsec.exe verify --crypto mscng out.xml
+ ```
\ No newline at end of file
+++ /dev/null
-##----------------------------------------------------------------------##
-#
-# Errors to suppress by default with OpenSSL
-#
-# Format of this file is:
-# {
-# name_of_suppression
-# kind: one of Param Value1 Value2 Value4 Value8
-# Free Addr1 Addr2 Addr4 Addr8
-# Cond (previously known as Value0)
-# (if Param: name of system call param, if Free: name of free-ing fn)
-# caller0 name, or /name/of/so/file.so
-# caller1 name, or ditto
-# (optionally: caller2 name)
-# (optionally: caller3 name)
-# }
-
-##----------------------------------------------------------------------##
-{
- OpenSSL BN_*(Cond)
- Memcheck:Cond
- fun:BN_*
-}
-
-{
- OpenSSL BN_*(Value4)
- Memcheck:Value4
- fun:BN_*
-}
-
-{
- OpenSSL bn_*(Cond)
- Memcheck:Cond
- fun:bn_*
-}
-
-{
- OpenSSL bn_*(Value4)
- Memcheck:Value4
- fun:bn_*
-}
-
-{
- OpenSSL AES_encrypt(Value4)
- Memcheck:Value4
- fun:AES_encrypt
- fun:AES_cbc_encrypt
-}
-
-{
- OpenSSL DES_encrypt*(Value4)
- Memcheck:Value4
- fun:DES_encrypt2
- fun:DES_encrypt3
-}
-
-{
- OpenSSL RSA_padding_add_PKCS1_type_2(Cond)
- Memcheck:Cond
- fun:RSA_padding_add_PKCS1_type_2
- fun:RSA_eay_public_encrypt
-}
-
--- /dev/null
+# Use this in order to automatically load providers.
+openssl_conf = openssl_init
+
+# Comment out the next line to ignore configuration errors
+config_diagnostics = 1
+
+[openssl_init]
+providers = provider_sect
+engines = engine_section
+
+# List of providers to load
+[provider_sect]
+default = default_sect
+legacy = legacy_sect
+#null = null_sect
+
+[default_sect]
+activate = 1
+
+[legacy_sect]
+activate = 1
+
+[null_sect]
+activate = 1
+
+# List of engines to load
+[engine_section]
+# gost = gost_section
+
+[gost_section]
+engine_id = gost
+dynamic_path = (path to openssl)/gost.so
+# default_algorithms = ALL
+init = 1
+
#include <xmlsec/parser.h>
void ignore (void* ctx, const char* msg, ...) {
- // Error handler to avoid spam of error messages from libxml parser.
+ // Error handler to avoid spam of error messages from libxml parser.
}
int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
xmlSecBufferPtr buf = xmlSecBufferCreate(size);
xmlSecBufferSetData(buf, data, size);
xmlDocPtr doc = xmlSecParseMemory(xmlSecBufferGetData(buf),
- xmlSecBufferGetSize(buf), 0);
+ xmlSecBufferGetSize(buf), 0);
if (doc != NULL) xmlFreeDoc(doc);
xmlSecBufferDestroy(buf);
# "hmac" \
# "--hmackey $topfolder/keys/hmackey.bin" \
# "--hmackey $topfolder/keys/hmackey.bin" \
-# "--hmackey $topfolder/keys/hmackey.bin"
+# "--hmackey $topfolder/keys/hmackey.bin"
#
execDSigTest $res_success \
##########################################################################
execDSigTest $res_success \
"" \
+ "aleksey-xmldsig-01/enveloped-x509-subjectname" \
+ "sha512 rsa-sha512" \
+ "rsa x509" \
+ "--untrusted-$cert_format $topfolder/keys/largersacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
+ "$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret123" \
+ "--untrusted-$cert_format $topfolder/keys/largersacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
+
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloped-x509-issuerserial" \
+ "sha512 rsa-sha512" \
+ "rsa x509" \
+ "--untrusted-$cert_format $topfolder/keys/largersacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
+ "$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret123" \
+ "--untrusted-$cert_format $topfolder/keys/largersacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
+
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloped-x509-ski" \
+ "sha512 rsa-sha512" \
+ "rsa x509" \
+ "--untrusted-$cert_format $topfolder/keys/largersacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
+ "$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret123" \
+ "--untrusted-$cert_format $topfolder/keys/largersacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
+
+execDSigTest $res_success \
+ "" \
"aleksey-xmldsig-01/signature-two-keynames" \
"sha1 rsa-sha1" \
"rsa x509" \
"aleksey-xmldsig-01/enveloped-ecdsa-java-bug" \
"sha512 ecdsa-sha512" \
"ecdsa x509" \
- "--trusted-$cert_format $topfolder/keys/enveloped-ecdsa-java-bug-cert.$cert_format --enabled-key-data x509"
+ "--trusted-$cert_format $topfolder/keys/enveloped-ecdsa-java-bug-cert.$cert_format --enabled-key-data x509 --verification-gmt-time 2019-01-01+00:00:00"
fi
#
-# To generate expired cert run the following command
+# To generate output with an expired cert run the following command
# > xmlsec1 sign --pkcs12 tests/keys/expiredkey.p12 --pwd secret123 --output out.xml ./tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl
#
execDSigTest $res_success \
"aleksey-xmldsig-01/enveloping-expired-cert" \
"sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509 --verification-time 2014-05-24+00:00:00"
+ "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509 --verification-gmt-time 2014-05-24+00:00:00"
execDSigTest $res_success \
"hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
execDSigTest $res_success \
"" \
"hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
execDSigTest $res_success \
"" \
"merlin-xmldsig-twenty-three/signature-x509-crt" \
"sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --verification-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --verification-gmt-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123 $url_map_xml_stylesheet_2005"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format $url_map_xml_stylesheet_2005"
"merlin-xmldsig-twenty-three/signature-x509-sn" \
"sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/badb.$cert_format --verification-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/badb.$cert_format --verification-gmt-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123 $url_map_xml_stylesheet_2005"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format $url_map_xml_stylesheet_2005"
"merlin-xmldsig-twenty-three/signature-x509-is" \
"sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/macha.$cert_format --verification-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/macha.$cert_format --verification-gmt-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123 $url_map_xml_stylesheet_2005"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format $url_map_xml_stylesheet_2005"
"merlin-xmldsig-twenty-three/signature-x509-ski" \
"sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format --verification-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format --verification-gmt-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123 $url_map_xml_stylesheet_2005"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format $url_map_xml_stylesheet_2005"
"merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt" \
"sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format --verification-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format --verification-gmt-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123 $url_map_xml_stylesheet_2005"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --trusted-$cert_format $topfolder/keys/ca2cert.$cert_format $url_map_xml_stylesheet_2005"
"merlin-xmldsig-twenty-three/signature" \
"base64 xpath xslt enveloped-signature c14n-with-comments sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/merlin.$cert_format --verification-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005 $url_map_xml_stylesheet_b64_2005" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/merlin.$cert_format --verification-gmt-time 2005-01-01+10:00:00 $url_map_xml_stylesheet_2005 $url_map_xml_stylesheet_b64_2005" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret123 $url_map_xml_stylesheet_2005 $url_map_xml_stylesheet_b64_2005" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format $url_map_xml_stylesheet_2005 $url_map_xml_stylesheet_b64_2005"
#
# merlin-xmlenc-five
#
-# While the main operation is signature (and this is why we have these
+# While the main operation is signature (and this is why we have these
# tests here instead of testEnc.sh), these tests check the encryption
# key transport/wrapper algorightms
#
"hmac des" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml $url_map_xml_stylesheet_2005" \
"--session-key hmac-192 --keys-file $topfolder/merlin-xmlenc-five/keys.xml $url_map_xml_stylesheet_2005" \
- "--keys-file $topfolder/merlin-xmlenc-five/keys.xml $url_map_xml_stylesheet_2005"
+ "--keys-file $topfolder/merlin-xmlenc-five/keys.xml $url_map_xml_stylesheet_2005"
execDSigTest $res_success \
"" \
"merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128" \
"sha256 hmac-sha256 kw-aes128" \
"hmac aes" \
- "--keys-file $topfolder/merlin-xmlenc-five/keys.xml $url_map_xml_stylesheet_2005"
+ "--keys-file $topfolder/merlin-xmlenc-five/keys.xml $url_map_xml_stylesheet_2005"
execDSigTest $res_success \
"" \
"signature-big" \
"base64 xslt xpath sha1 rsa-sha1" \
"rsa x509" \
- "--pubkey-cert-$cert_format certs/rsa-cert.$cert_format $url_map_rfc3161"
+ "--pubkey-cert-$cert_format certs/rsa-cert.$cert_format $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-dsa-detached" \
"sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-dsa-enveloped" \
"enveloped-signature sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-dsa-enveloping" \
"sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-dsa-manifest" \
"sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-detached-b64-transform" \
"base64 sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-detached" \
"sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-detached-xpath-transform" \
"xpath sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-detached-xslt-transform-retrieval-method" \
"xslt sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-detached-xslt-transform" \
"xslt sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-enveloped" \
"enveloped-signature sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-enveloping" \
"sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-manifest-x509-data-cert-chain" \
"sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-manifest-x509-data-cert" \
"sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-manifest-x509-data-issuer-serial" \
"sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-manifest-x509-data-ski" \
"sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-manifest-x509-data-subject-name" \
"sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-manifest" \
"sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00 $url_map_rfc3161"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00 $url_map_rfc3161"
execDSigTest $res_success \
"phaos-xmldsig-three" \
"signature-rsa-xpath-transform-enveloped" \
"enveloped-signature xpath sha1 rsa-sha1" \
"rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --verification-gmt-time 2009-01-01+10:00:00"
##########################################################################
echo "--------- These tests CAN FAIL (extra OS config required) ----------"
execDSigTest $res_success \
"" \
- "aleksey-xmldsig-01/enveloped-gost" \
- "enveloped-signature gostr3411" \
- "gost2001" \
- "--trusted-$cert_format $topfolder/keys/gost2001ca.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --enabled-key-data x509 --verification-time 2007-01-01+10:00:00" \
+ "aleksey-xmldsig-01/enveloped-gost2001" \
+ "enveloped-signature gostr34102001-gostr3411" \
+ "gost2001 x509" \
+ "--trusted-$cert_format $topfolder/keys/gost2001ca.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --enabled-key-data x509 --verification-gmt-time 2007-01-01+10:00:00" \
+ "$priv_key_option $topfolder/keys/gost2001key$priv_key_suffix.$priv_key_format --pwd secret123" \
+ "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
+
+execDSigTest $res_success \
"" \
- ""
+ "aleksey-xmldsig-01/enveloped-gost2012-256" \
+ "enveloped-signature gostr34112012-256 gostr34102012-gostr34112012-256" \
+ "gostr34102012-256 x509" \
+ "--insecure --enabled-key-data x509" \
+ "$priv_key_option $topfolder/keys/gost2012_256key$priv_key_suffix.$priv_key_format --pwd secret123" \
+ "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
+
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloped-gost2012-512" \
+ "enveloped-signature gostr34112012-512 gostr34102012-gostr34112012-512" \
+ "gostr34102012-512 x509" \
+ "--insecure --enabled-key-data x509" \
+ "$priv_key_option $topfolder/keys/gost2012_512key$priv_key_suffix.$priv_key_format --pwd secret123" \
+ "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
+
##########################################################################
"aleksey-xmldsig-01/enveloping-expired-cert" \
"sha1 dsa-sha1" \
"dsa x509" \
- "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509 --verification-time 2014-05-25+00:00:00"
+ "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509 --verification-gmt-time 2014-05-25+00:00:00"
execDSigTest $res_fail \
"" \
"aleksey-xmldsig-01/dtd-hmac-91" \
"sha1 hmac-sha1" \
"hmac" \
- "--enabled-reference-uris empty --hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd"
+ "--enabled-reference-uris empty --hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd"
execDSigTest $res_fail \
"phaos-xmldsig-three" \
#
##########################################################################
+# same file is encrypted with two keys, test both
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-two-enc-keys" \
+ "aes256-cbc rsa-1_5" \
+ "$priv_key_option:key1 $topfolder/keys/cakey.$priv_key_format --pwd secret123" \
+ "--session-key aes-256 --xml-data $topfolder/aleksey-xmlenc-01/enc-two-enc-keys.data --pubkey-cert-$cert_format:key1 $topfolder/keys/cacert.$cert_format --pubkey-cert-$cert_format:key2 $topfolder/keys/ca2cert.$cert_format" \
+ "$priv_key_option:key1 $topfolder/keys/cakey.$priv_key_format --pwd secret123"
+
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-two-enc-keys" \
+ "aes256-cbc rsa-1_5" \
+ "$priv_key_option:key2 $topfolder/keys/ca2key.$priv_key_format --pwd secret123" \
+ "--session-key aes-256 --xml-data $topfolder/aleksey-xmlenc-01/enc-two-enc-keys.data --pubkey-cert-$cert_format:key1 $topfolder/keys/cacert.$cert_format --pubkey-cert-$cert_format:key2 $topfolder/keys/ca2cert.$cert_format" \
+ "$priv_key_option:key2 $topfolder/keys/ca2key.$priv_key_format --pwd secret123"
+
execEncTest $res_success \
"" \
"aleksey-xmlenc-01/enc-des3cbc-keyname" \
"$priv_key_option:my-rsa-key $topfolder/keys/largersakey.$priv_key_format --pwd secret123 --session-key aes-256 --enabled-key-data key-name --xml-data $topfolder/aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha1-params.data --node-name http://example.org/paymentv2:CreditCard" \
"$priv_key_option:my-rsa-key $topfolder/keys/largersakey.$priv_key_format --pwd secret123"
+# same test but decrypt using two different keys
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-two-recipients" \
+ "tripledes-cbc rsa-1_5" \
+ "$priv_key_option:pub1 $topfolder/keys/rsakey.$priv_key_format --pwd secret123" \
+ "--pubkey-cert-$cert_format:pub1 $topfolder/keys/rsacert.$cert_format --pubkey-cert-$cert_format:pub2 $topfolder/keys/largersacert.$cert_format --session-key des-192 --xml-data $topfolder/aleksey-xmlenc-01/enc-two-recipients.data" \
+ "$priv_key_option:pub1 $topfolder/keys/rsakey.$priv_key_format --pwd secret123"
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-two-recipients" \
+ "tripledes-cbc rsa-1_5" \
+ "$priv_key_option:pub1 $topfolder/keys/largersakey.$priv_key_format --pwd secret123" \
+ "--pubkey-cert-$cert_format:pub1 $topfolder/keys/rsacert.$cert_format --pubkey-cert-$cert_format:pub2 $topfolder/keys/largersacert.$cert_format --session-key des-192 --xml-data $topfolder/aleksey-xmlenc-01/enc-two-recipients.data" \
+ "$priv_key_option:pub1 $topfolder/keys/largersakey.$priv_key_format --pwd secret123"
+
##########################################################################
#
# merlin-xmlenc-five
"" \
"merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256" \
"aes256-cbc kw-aes256" \
- "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
+ "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
#merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
"tripledes-cbc kw-tripledes" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kw-3des.data --node-name http://example.org/paymentv2:CreditCard" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
+ "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest $res_success \
"" \
"aes128-cbc kw-tripledes" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.data --node-name http://example.org/paymentv2:CreditCard" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
+ "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest $res_success \
"" \
"aes128-cbc kw-aes128" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.data --node-name http://example.org/paymentv2:CreditCard" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
+ "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest $res_success \
"" \
"aes128-cbc kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
+ "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest $res_success \
"" \
"tripledes-cbc kw-aes192" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
+ "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest $res_success \
"" \
"aes192-cbc kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
+ "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest $res_success \
"" \
"aes192-cbc kw-aes192" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
+ "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest $res_success \
"" \
"aes256-cbc kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-256 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
+ "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest $res_success \
"" \
aesgcm_key_lengths="128 192 256"
aesgcm_plaintext_lengths="104 128 256 408"
aesgcm_vectors="01 02 03 04 05 06 07 08 09 10 11 12 13 14 15"
-for aesgcm_k_l in $aesgcm_key_lengths ; do
- for aesgcm_pt_l in $aesgcm_plaintext_lengths ; do
- for aesgcm_v in $aesgcm_vectors ; do
+for aesgcm_k_l in $aesgcm_key_lengths ; do
+ for aesgcm_pt_l in $aesgcm_plaintext_lengths ; do
+ for aesgcm_v in $aesgcm_vectors ; do
base_test_name="nist-aesgcm/aes${aesgcm_k_l}/aes${aesgcm_k_l}-gcm-96-${aesgcm_pt_l}-0-128-${aesgcm_v}"
- # If the corresponding *.data file is missing then we expect the test to fail
+ # If the corresponding *.data file is missing then we expect the test to fail
if [ -f "$topfolder/$base_test_name.xml" -a ! -f "$topfolder/$base_test_name.data" ] ; then
execEncTest "$res_fail" \
"" \
"" \
"aleksey-xmlenc-01/enc-aes192cbc-keyname-ref" \
"" \
- "--keys-file $topfolder/keys/keys.xml --enabled-cipher-reference-uris empty"
+ "--keys-file $topfolder/keys/keys.xml --enabled-cipher-reference-uris empty"
execEncTest $res_fail \
"" \
mkdir -p $crypto_config
rm -rf $crypto_config/*
-# remove old keys file and copy NSS DB files if needed
+# remove old keys file
rm -rf $keysfile
-if [ "z$crypto" = "znss" ] ; then
- cp -f $nssdbfolder/*.db $crypto_config
-fi
##########################################################################
##########################################################################
-#!/bin/sh
+#!/bin/sh
if [ "z$TMPFOLDER" = "z" ] ; then
TMPFOLDER=/tmp
sed 's/(suppressed: .*//' | \
sort -u
-
\ No newline at end of file
xmlsec_app="$4"
file_format="$5"
timestamp=`date +%Y%m%d_%H%M%S`
+exit_code=0
-if [ "z$OS_ARCH" = "zCygwin" ] ; then
+if test "z$OS_ARCH" = "zCygwin" || test "z$OS_ARCH" = "zMsys" ; then
topfolder=`cygpath -wa "$topfolder"`
xmlsec_app=`cygpath -a "$xmlsec_app"`
fi
TMPFOLDER=/tmp
fi
testname=`basename $testfile`
-if [ "z$OS_ARCH" = "zCygwin" ] ; then
+if test "z$OS_ARCH" = "zCygwin" || test "z$OS_ARCH" = "zMsys" ; then
tmpfile=`cygpath -wa $TMPFOLDER/$testname.$timestamp-$$.tmp`
logfile=`cygpath -wa $TMPFOLDER/$testname.$timestamp-$$.log`
curlogfile=`cygpath -wa $TMPFOLDER/$testname.$timestamp-$$.cur.log`
curlogfile=$TMPFOLDER/$testname.$timestamp-$$.cur.log
failedlogfile=$TMPFOLDER/$testname.$timestamp-$$.failed.log
fi
-nssdbfolder=$topfolder/nssdb
#
# Valgrind
#
-valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
-valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
-if [ -n "$DEBUG_MEMORY" ] ; then
- export VALGRIND="valgrind $valgrind_options"
+if [ "z$crypto" = "zopenssl" ] ; then
+ valgrind_suppression="--suppressions=$topfolder/valgrind-openssl.supp"
+elif [ "z$crypto" = "znss" ] ; then
+ valgrind_suppression="--suppressions=$topfolder/valgrind-nss.supp"
+elif [ "z$crypto" = "zgcrypt" ] ; then
+ valgrind_suppression="--suppressions=$topfolder/valgrind-gcrypt.supp"
+elif [ "z$crypto" = "zgnutls" ] ; then
+ valgrind_suppression="--suppressions=$topfolder/valgrind-gcrypt.supp"
+else
+ valgrind_suppression=""
+fi
+
+valgrind_options="--leak-check=full --show-reachable=yes --num-callers=32 --track-origins=yes -s"
+if [ -n "$DEBUG_MEMORY" ] ; then
+ export VALGRIND="valgrind $valgrind_options $valgrind_suppression"
export REPEAT=3
xmlsec_params="$xmlsec_params --repeat $REPEAT"
fi
xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
#
+# Setup extra vars
+#
+extra_vars=
+if [ "z$crypto" = "zopenssl" -a "z$XMLSEC_OPENSSL_TEST_CONFIG" != "z" ] ; then
+ if test "z$OS_ARCH" = "zCygwin" || test "z$OS_ARCH" = "zMsys" ; then
+ opensslconf=`cygpath -wa $topfolder/$XMLSEC_OPENSSL_TEST_CONFIG`
+ else
+ opensslconf=$topfolder/$XMLSEC_OPENSSL_TEST_CONFIG
+ fi
+ extra_vars="$extra_vars OPENSSL_CONF=$opensslconf"
+ export OPENSSL_CONF="$opensslconf"
+fi
+
+if [ "z$crypto" = "zopenssl" ] ; then
+ # phaos certs use RSA-MD5 which might be disabled
+ extra_vars="$extra_vars OPENSSL_ENABLE_MD5_VERIFY=1"
+ export OPENSSL_ENABLE_MD5_VERIFY=1
+fi
+
+#
# Setup keys config
#
pub_key_format=$file_format
# On Windows, one needs to specify Crypto Service Provider (CSP)
# in the pkcs12 file to ensure it is loaded correctly to be used
-# with SHA2 algorithms. Worse, the CSP is different for XP and older
+# with SHA2 algorithms. Worse, the CSP is different for XP and older
# versions
if test "z$OS_ARCH" = "zCygwin" || test "z$OS_ARCH" = "zMsys" ; then
# Samples:
#
# Misc
#
-if [ -n "$PERF_TEST" ] ; then
+if [ -n "$PERF_TEST" ] ; then
xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
fi
actual_res="$2"
# convert status to string
- if [ $actual_res = 0 ]; then
+ if [ $actual_res -eq 0 ]; then
actual_res_str=$res_success
else
actual_res_str=$res_fail
printCheckStatus() {
check_res="$1"
- if [ $check_res = 0 ]; then
+ if [ $check_res -eq 0 ]; then
echo " OK"
else
count_skip=`expr $count_skip + 1`
cd $old_pwd
return
fi
-
+
# starting test
echo "Test: $alg_name ($expected_res)"
echo "Test: $alg_name ($expected_res)" > $curlogfile
# check key data
if [ -n "$req_key_data" ] ; then
printf " Checking required key data "
- echo "$xmlsec_app check-key-data $xmlsec_params $req_key_data" >> $curlogfile
+ echo "$extra_vars $xmlsec_app check-key-data $xmlsec_params $req_key_data" >> $curlogfile
$xmlsec_app check-key-data $xmlsec_params $req_key_data >> $curlogfile 2>> $curlogfile
printCheckStatus $?
res=$?
- if [ $res != 0 ]; then
+ if [ $res -ne 0 ]; then
cat $curlogfile >> $logfile
cd $old_pwd
return
if [ -f $keysfile ] ; then
params="$params --keys-file $keysfile"
fi
- echo "$VALGRIND $xmlsec_app keys $params $xmlsec_params $keysfile" >> $curlogfile
+ echo "$extra_vars $VALGRIND $xmlsec_app keys $params $xmlsec_params $keysfile" >> $curlogfile
$VALGRIND $xmlsec_app keys $params $xmlsec_params $keysfile >> $curlogfile 2>> $curlogfile
printRes $expected_res $?
- if [ $? != 0 ]; then
+ if [ $? -ne 0 ]; then
failures=`expr $failures + 1`
fi
# save logs
cat $curlogfile >> $logfile
- if [ $failures != 0 ] ; then
+ if [ $failures -ne 0 ] ; then
cat $curlogfile >> $failedlogfile
fi
# check transforms
if [ -n "$req_transforms" ] ; then
printf " Checking required transforms "
- echo "$xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $curlogfile
+ echo "$extra_vars $xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $curlogfile
$xmlsec_app check-transforms $xmlsec_params $req_transforms >> $curlogfile 2>> $curlogfile
printCheckStatus $?
res=$?
- if [ $res != 0 ]; then
+ if [ $res -ne 0 ]; then
cat $curlogfile >> $logfile
cd $old_pwd
return
# check key data
if [ -n "$req_key_data" ] ; then
printf " Checking required key data "
- echo "$xmlsec_app check-key-data $xmlsec_params $req_key_data" >> $curlogfile
+ echo "$extra_vars $xmlsec_app check-key-data $xmlsec_params $req_key_data" >> $curlogfile
$xmlsec_app check-key-data $xmlsec_params $req_key_data >> $curlogfile 2>> $curlogfile
printCheckStatus $?
res=$?
- if [ $res != 0 ]; then
+ if [ $res -ne 0 ]; then
cat $curlogfile >> $logfile
cd $old_pwd
return
# run tests
if [ -n "$params1" ] ; then
printf " Verify existing signature "
- echo "$VALGRIND $xmlsec_app verify --X509-skip-strict-checks $xmlsec_params $params1 $full_file.xml" >> $curlogfile
+ echo "$extra_vars $VALGRIND $xmlsec_app verify --X509-skip-strict-checks $xmlsec_params $params1 $full_file.xml" >> $curlogfile
$VALGRIND $xmlsec_app verify --X509-skip-strict-checks $xmlsec_params $params1 $full_file.xml >> $curlogfile 2>> $curlogfile
printRes $expected_res $?
- if [ $? != 0 ]; then
+ if [ $? -ne 0 ]; then
failures=`expr $failures + 1`
fi
fi
if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
printf " Create new signature "
- echo "$VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $curlogfile
+ echo "$extra_vars $VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $curlogfile
$VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $curlogfile 2>> $curlogfile
printRes $res_success $?
- if [ $? != 0 ]; then
+ if [ $? -ne 0 ]; then
failures=`expr $failures + 1`
fi
fi
if [ -n "$params3" -a -z "$PERF_TEST" ] ; then
printf " Verify new signature "
- echo "$VALGRIND $xmlsec_app verify --X509-skip-strict-checks $xmlsec_params $params3 $tmpfile" >> $curlogfile
+ echo "$extra_vars $VALGRIND $xmlsec_app verify --X509-skip-strict-checks $xmlsec_params $params3 $tmpfile" >> $curlogfile
$VALGRIND $xmlsec_app verify --X509-skip-strict-checks $xmlsec_params $params3 $tmpfile >> $curlogfile 2>> $curlogfile
printRes $res_success $?
- if [ $? != 0 ]; then
+ if [ $? -ne 0 ]; then
failures=`expr $failures + 1`
fi
fi
# save logs
cat $curlogfile >> $logfile
- if [ $failures != 0 ] ; then
+ if [ $failures -ne 0 ] ; then
cat $curlogfile >> $failedlogfile
fi
# check transforms
if [ -n "$req_transforms" ] ; then
printf " Checking required transforms "
- echo "$xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $curlogfile
+ echo "$extra_vars $xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $curlogfile
$xmlsec_app check-transforms $xmlsec_params $req_transforms >> $curlogfile 2>> $curlogfile
printCheckStatus $?
res=$?
- if [ $res != 0 ]; then
+ if [ $res -ne 0 ]; then
cat $curlogfile >> $logfile
cd $old_pwd
return
if [ -n "$params1" ] ; then
rm -f $tmpfile
printf " Decrypt existing document "
- echo "$VALGRIND $xmlsec_app decrypt $xmlsec_params $params1 $full_file.xml" >> $curlogfile
+ echo "$extra_vars $VALGRIND $xmlsec_app decrypt $xmlsec_params $params1 $full_file.xml" >> $curlogfile
$VALGRIND $xmlsec_app decrypt $xmlsec_params $params1 --output $tmpfile $full_file.xml >> $curlogfile 2>> $curlogfile
res=$?
echo "=== TEST RESULT: $res; expected: $expected_res" >> $curlogfile
- if [ $res = 0 -a "$expected_res" = "$res_success" ]; then
+ if [ $res -eq 0 -a "$expected_res" = "$res_success" ]; then
if [ "z$outputTransform" != "z" ] ; then
cat $tmpfile | $outputTransform > $tmpfile.2
mv $tmpfile.2 $tmpfile
else
printRes $expected_res $res
fi
- if [ $? != 0 ]; then
+ if [ $? -ne 0 ]; then
failures=`expr $failures + 1`
fi
fi
if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
rm -f $tmpfile
printf " Encrypt document "
- echo "$VALGRIND $xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $curlogfile
+ echo "$extra_vars $VALGRIND $xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $curlogfile
$VALGRIND $xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $curlogfile 2>> $curlogfile
printRes $res_success $?
- if [ $? != 0 ]; then
+ if [ $? -ne 0 ]; then
failures=`expr $failures + 1`
fi
fi
- if [ -n "$params3" -a -z "$PERF_TEST" ] ; then
+ if [ -n "$params3" -a -z "$PERF_TEST" ] ; then
rm -f $tmpfile.2
printf " Decrypt new document "
- echo "$VALGRIND $xmlsec_app decrypt $xmlsec_params $params3 --output $tmpfile.2 $tmpfile" >> $curlogfile
+ echo "$extra_vars $VALGRIND $xmlsec_app decrypt $xmlsec_params $params3 --output $tmpfile.2 $tmpfile" >> $curlogfile
$VALGRIND $xmlsec_app decrypt $xmlsec_params $params3 --output $tmpfile.2 $tmpfile >> $curlogfile 2>> $curlogfile
res=$?
- if [ $res = 0 ]; then
+ if [ $res -eq 0 ]; then
if [ "z$outputTransform" != "z" ] ; then
cat $tmpfile.2 | $outputTransform > $tmpfile
mv $tmpfile $tmpfile.2
else
printRes $res_success $res
fi
- if [ $? != 0 ]; then
+ if [ $? -ne 0 ]; then
failures=`expr $failures + 1`
fi
fi
# save logs
cat $curlogfile >> $logfile
- if [ $failures != 0 ] ; then
+ if [ $failures -ne 0 ] ; then
cat $curlogfile >> $failedlogfile
fi
# cleanup
cd $old_pwd
- rm -f $tmpfile $tmpfile.2
+ rm -f $tmpfile $tmpfile.2
}
# prepare
echo "--- TOTAL OK: $count_success; TOTAL FAILED: $count_fail; TOTAL SKIPPED: $count_skip" >> $logfile
echo "--- TOTAL OK: $count_success; TOTAL FAILED: $count_fail; TOTAL SKIPPED: $count_skip"
-# print log file if failed
-if [ $count_fail != 0 ] ; then
+# print log file if failed (we have to have at least some good tests)
+if [ $count_fail -ne 0 ] ; then
cat $failedlogfile
+ exit_code=$count_fail
+elif [ $count_success -eq 0 ] ; then
+ cat $logfile
+ exit_code=1
fi
# cleanup
rm -rf $tmpfile $tmpfile.2 tmpfile.3 $curlogfile
-exit $count_fail
+exit $exit_code
--- /dev/null
+##----------------------------------------------------------------------##
+#
+# Errors to suppress by default with GCrypt
+#
+# Format of this file is:
+# {
+# name_of_suppression
+# kind: one of Param Value1 Value2 Value4 Value8
+# Free Addr1 Addr2 Addr4 Addr8
+# Cond (previously known as Value0)
+# (if Param: name of system call param, if Free: name of free-ing fn)
+# caller0 name, or /name/of/so/file.so
+# caller1 name, or ditto
+# (optionally: caller2 name)
+# (optionally: caller3 name)
+# }
+
+##----------------------------------------------------------------------##
+
+{
+ global_init -> malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:global_init
+ ...
+ fun:main
+}
+
+{
+ gcry_check_version -> malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:gcry_check_version
+ ...
+ fun:main
+}
+
+{
+ gcry_randomize -> malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:gcry_randomize
+ ...
+ fun:main
+}
+
+{
+ gcry_pk_genkey -> malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:gcry_pk_genkey
+ ...
+ fun:main
+}
+
+{
+ xmlSecGCryptGenerateRandom -> malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:_gcry_rngcsprng_randomize
+ fun:xmlSecGCryptGenerateRandom
+ ...
+ fun:main
+}
+
+{
+ xmlSecGCryptDsaPkSign -> do_randomize -> malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:do_randomize
+ ...
+ fun:xmlSecGCryptDsaPkSign
+ ...
+ fun:main
+}
+
+{
+ xmlSecGCryptRsaPkcs1PkSign -> _gcry_mpi_randomize -> malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:_gcry_mpi_randomize
+ ...
+ fun:xmlSecGCryptRsaPkcs1PkSign
+ ...
+ fun:main
+}
+
+{
+ xmlSecGCryptBlockCipherCtxInit -> _gcry_rngcsprng_randomize -> malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:_gcry_rngcsprng_randomize
+ ...
+ fun:xmlSecGCryptBlockCipherCtxInit
+ ...
+ fun:main
+}
fun:rijndael*
}
+{
+ NSS_InitReadWrite -> malloc (definite)
+ Memcheck:Leak
+ match-leak-kinds: definite
+ fun:malloc
+ ...
+ fun:NSS_InitReadWrite
+ ...
+ fun:main
+}
+
+{
+ NSS_InitReadWrite -> malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:NSS_InitReadWrite
+ ...
+ fun:main
+}
+
+
+{
+ NSS_InitReadWrite -> calloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:calloc
+ ...
+ fun:NSS_InitReadWrite
+ ...
+ fun:main
+}
+
+{
+ PK11_ConfigurePKCS11 -> malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:PK11_ConfigurePKCS11
+ ...
+ fun:main
+}
+
+{
+ PK11_ConfigurePKCS11 -> realloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:realloc
+ ...
+ fun:PK11_ConfigurePKCS11
+ ...
+ fun:main
+}
+
--- /dev/null
+##----------------------------------------------------------------------##
+#
+# Errors to suppress by default with OpenSSL
+#
+# Format of this file is:
+# {
+# name_of_suppression
+# kind: one of Param Value1 Value2 Value4 Value8
+# Free Addr1 Addr2 Addr4 Addr8
+# Cond (previously known as Value0)
+# (if Param: name of system call param, if Free: name of free-ing fn)
+# caller0 name, or /name/of/so/file.so
+# caller1 name, or ditto
+# (optionally: caller2 name)
+# (optionally: caller3 name)
+# }
+
+##----------------------------------------------------------------------##
+{
+ OpenSSL BN_*(Cond)
+ Memcheck:Cond
+ fun:BN_*
+}
+
+{
+ OpenSSL BN_*(Value4)
+ Memcheck:Value4
+ fun:BN_*
+}
+
+{
+ OpenSSL bn_*(Cond)
+ Memcheck:Cond
+ fun:bn_*
+}
+
+{
+ OpenSSL bn_*(Value4)
+ Memcheck:Value4
+ fun:bn_*
+}
+
+{
+ OpenSSL AES_encrypt(Value4)
+ Memcheck:Value4
+ fun:AES_encrypt
+ fun:AES_cbc_encrypt
+}
+
+{
+ OpenSSL DES_encrypt*(Value4)
+ Memcheck:Value4
+ fun:DES_encrypt2
+ fun:DES_encrypt3
+}
+
+{
+ OpenSSL RSA_padding_add_PKCS1_type_2(Cond)
+ Memcheck:Cond
+ fun:RSA_padding_add_PKCS1_type_2
+ fun:RSA_eay_public_encrypt
+}
+{
+ ossl_provider_set_operation_bit->malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ fun:ossl_provider_set_operation_bit
+ ...
+}
+{
+ ossl_provider_set_operation_bit->calloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:calloc
+ fun:ossl_provider_set_operation_bit
+ ...
+}
+{
+ ossl_provider_set_operation_bit->realloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:realloc
+ fun:ossl_provider_set_operation_bit
+ ...
+}
+{
+ OSSL_PROVIDER_try_load->malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:OSSL_PROVIDER_try_load
+ ...
+ fun:main
+}
+{
+ OSSL_PROVIDER_try_load->realloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:realloc
+ ...
+ fun:OSSL_PROVIDER_try_load
+ ...
+ fun:main
+}
+{
+ OSSL_PROVIDER_try_load->calloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:calloc
+ ...
+ fun:OSSL_PROVIDER_try_load
+ ...
+ fun:main
+}
+{
+ OPENSSL_init_crypto->malloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:malloc
+ ...
+ fun:OPENSSL_init_crypto
+ ...
+ fun:main
+}
+{
+ OPENSSL_init_crypto->realloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:realloc
+ ...
+ fun:OPENSSL_init_crypto
+ ...
+ fun:main
+}
+{
+ OPENSSL_init_crypto->calloc
+ Memcheck:Leak
+ match-leak-kinds: reachable
+ fun:calloc
+ ...
+ fun:OPENSSL_init_crypto
+ ...
+ fun:main
+}
+
#WITH_DEFAULT_CRYPTO=openssl
#WITH_OPENSSL=1
#WITH_OPENSSL_VERSION=
+#WITH_OPENSSL3_ENGINES=0
#WITH_NSS=0
#WITH_MSCRYPTO=0
#WITH_MSCNG=0
#WITH_LIBXSLT=1
#STATIC = 0
#WITH_DL = 1
+#WERROR = 0
+#PEDANTIC = 1
#PREFIX = . # set this to the right value.
#BINPREFIX = $(PREFIX)\bin
#INCPREFIX = $(PREFIX)\include
#
# Names of various input and output components.
#
-!if "$(STATIC)" == "1"
-APP_NAME = xmlseca.exe
-!else
+!if "$(WITH_DL)" == "1"
APP_NAME = xmlsec.exe
+!else
+APP_NAME = xmlseca.exe
!endif
APP_NAME_MANIFEST = $(APP_NAME).manifest
#
# The preprocessor and its options.
#
-CPP = cl.exe /EP
-CPPFLAGS = /nologo
+CPP = cl.exe /EP
+CPPFLAGS = /nologo
#
# The compiler and its options.
#
-CFLAGS = $(CFLAGS) /nologo /D "WIN32" /D "_WINDOWS" /D inline=__inline
-# C4130: '!=': logical operation on address of string constant:
-# this generates a false warning inside macros
+CFLAGS = $(CFLAGS) /nologo /D "WIN32" /D "_WINDOWS" /D inline=__inline
+CFLAGS = $(CFLAGS) /D "_MBCS" /D "_REENTRANT"
+CFLAGS = $(CFLAGS) /D PACKAGE=\"$(XMLSEC_NAME)\"
+CFLAGS = $(CFLAGS) /D "HAVE_STDIO_H" /D "HAVE_STDLIB_H"
+CFLAGS = $(CFLAGS) /D "HAVE_STRING_H" /D "HAVE_CTYPE_H"
+CFLAGS = $(CFLAGS) /D "HAVE_MALLOC_H" /D "HAVE_MEMORY_H"
+CFLAGS = $(CFLAGS) /D "XMLSEC_NO_GOST" /D "XMLSEC_NO_GOST2012"
+CFLAGS = $(CFLAGS) /D "XMLSEC_NO_SIZE_T"
+CFLAGS = $(CFLAGS) /I$(BASEDIR) /I$(BASEDIR)\include
+CFLAGS = $(CFLAGS) /I$(INCPREFIX)
+
+!if "$(PEDANTIC)" == "1"
+CFLAGS = $(CFLAGS) /W4
+!else
+CFLAGS = $(CFLAGS) /W1
+!endif
+
# C4127: conditional expression is constant
# this generates a false warning inside asserts
+# C4130: '!=': logical operation on address of string constant:
+# this generates a false warning inside macros
# C4152: nonstandard extension, function/data pointer conversion in expression
# this generates a false warning for XMLSEC_PTR_TO_FUNC
-CFLAGS = $(CFLAGS) /D "_MBCS" /D "_REENTRANT" /W4 /wd4130
-CFLAGS = $(CFLAGS) /wd4127 /wd4152
+# C4232: nonstandard extension, address of dllimport is not static
+# this generates a false warning for functions used in structs
+CFLAGS = $(CFLAGS) /wd4127 /wd4130 /wd4152 /wd4232
!if "$(WERROR)" == "1"
-CFLAGS = $(CFLAGS) /WX
+CFLAGS = $(CFLAGS) /WX
!endif
-CFLAGS = $(CFLAGS) /I$(BASEDIR) /I$(BASEDIR)\include
-CFLAGS = $(CFLAGS) /I$(INCPREFIX)
-CFLAGS = $(CFLAGS) /D PACKAGE=\"$(XMLSEC_NAME)\"
-CFLAGS = $(CFLAGS) /D "HAVE_STDIO_H" /D "HAVE_STDLIB_H"
-CFLAGS = $(CFLAGS) /D "HAVE_STRING_H" /D "HAVE_CTYPE_H"
-CFLAGS = $(CFLAGS) /D "HAVE_MALLOC_H" /D "HAVE_MEMORY_H"
-CFLAGS = $(CFLAGS) /D "XMLSEC_NO_GOST" /D "XMLSEC_NO_GOST2012"
-CFLAGS = $(CFLAGS) /D "XMLSEC_NO_SIZE_T"
-
-
!if "$(UNICODE)" == "1"
-CFLAGS = $(CFLAGS) /D "UNICODE" /D "_UNICODE"
+CFLAGS = $(CFLAGS) /D "UNICODE" /D "_UNICODE"
!endif
# Optimisation and debug symbols.
!if "$(DEBUG)" == "1"
-CFLAGS = $(CFLAGS) /D "_DEBUG" /Od /Zi
+CFLAGS = $(CFLAGS) /D "_DEBUG" /Od /Zi
!else
-CFLAGS = $(CFLAGS) /D "NDEBUG" /O2 /Zi
+CFLAGS = $(CFLAGS) /D "NDEBUG" /O2 /Zi
!endif
-CFLAGS = $(CFLAGS) $(CRUNTIME)
+CFLAGS = $(CFLAGS) $(CRUNTIME)
# configurable options
!if "$(WITH_LIBXSLT)" == "1"
!else
-CFLAGS = $(CFLAGS) /DXMLSEC_NO_XSLT=1
+CFLAGS = $(CFLAGS) /DXMLSEC_NO_XSLT=1
!endif
!if "$(WITH_NT4)" == "1"
-CFLAGS = $(CFLAGS) /DXMLSEC_MSCRYPTO_NT4=1
+CFLAGS = $(CFLAGS) /DXMLSEC_MSCRYPTO_NT4=1
!else
!endif
-CFLAGS = $(CFLAGS) /D "XMLSEC_DEFAULT_CRYPTO=\"$(XMLSEC_DEFAULT_CRYPTO)\""
+CFLAGS = $(CFLAGS) /D "XMLSEC_DEFAULT_CRYPTO=\"$(XMLSEC_DEFAULT_CRYPTO)\""
!if "$(WITH_DL)" == "1"
-CFLAGS = $(CFLAGS) /D "XMLSEC_DL_WIN32"
-APP_CFLAGS = $(APP_CFLAGS) /D "XMLSEC_CRYPTO_DYNAMIC_LOADING"
+CFLAGS = $(CFLAGS) /D "XMLSEC_DL_WIN32"
+APP_CFLAGS = $(APP_CFLAGS) /D "XMLSEC_CRYPTO_DYNAMIC_LOADING"
!else
-CFLAGS = $(CFLAGS) /D "XMLSEC_NO_CRYPTO_DYNAMIC_LOADING"
-APP_CFLAGS = $(APP_CFLAGS) $(XMLSEC_CRYPTO_CFLAGS)
+CFLAGS = $(CFLAGS) /D "XMLSEC_NO_CRYPTO_DYNAMIC_LOADING"
+APP_CFLAGS = $(APP_CFLAGS) $(XMLSEC_CRYPTO_CFLAGS)
# this disables TEMPLATE tests and helps with missing algorithms (hmac) in mscrypto
-APP_CFLAGS = $(APP_CFLAGS) /D "XMLSEC_NO_TMPL_TEST"
+APP_CFLAGS = $(APP_CFLAGS) /D "XMLSEC_NO_TMPL_TEST"
!endif
XMLSEC_OPENSSL_CFLAGS = /D "XMLSEC_CRYPTO_OPENSSL" /D "XMLSEC_DEFAULT_CRYPTO=\"openssl\""
XMLSEC_MSCRYPTO_CFLAGS = /D "XMLSEC_CRYPTO_MSCRYPTO" /D "XMLSEC_DEFAULT_CRYPTO=\"mscrypto\""
XMLSEC_MSCNG_CFLAGS = /D "XMLSEC_CRYPTO_MSCNG" /D "XMLSEC_DEFAULT_CRYPTO=\"mscng\""
+# Crytpo options
+!if "$(WITH_OPENSSL_VERSION)" == "XMLSEC_OPENSSL_300"
+!if "$(WITH_OPENSSL3_ENGINES)" == "1"
+XMLSEC_OPENSSL_CFLAGS = $(XMLSEC_OPENSSL_CFLAGS) /D "XMLSEC_OPENSSL3_ENGINES=1"
+!endif
+!endif
+
#
# The linker and its options.
#
# Optimisation and debug symbols.
!if "$(DEBUG)" == "1"
-LDFLAGS = $(LDFLAGS)
+LDFLAGS = $(LDFLAGS) /DEBUG /OPT:ICF
!else
-LDFLAGS = $(LDFLAGS) /opt:ref,icf
+LDFLAGS = $(LDFLAGS) /OPT:REF,ICF
+!endif
+
+!if "$(PEDANTIC)" == "1"
+LDFLAGS = $(LDFLAGS) /WX
!endif
SOLIBS = $(LIBS) libxml2.lib ws2_32.lib
ALIBS = $(ALIBS) libxslt_a.lib
!endif
-!if "$(STATIC)" == "1"
-APP_LIBS = $(ALIBS) $(XMLSEC_CRYPTO_ALIBS)
-!else
-APP_LIBS = $(SOLIBS) $(XMLSEC_CRYPTO_SOLIBS)
-!endif
-
!if "$(WITH_DL)" == "1"
+APP_LIBS = $(SOLIBS) $(XMLSEC_CRYPTO_SOLIBS)
!else
+APP_LIBS = $(ALIBS) $(XMLSEC_CRYPTO_ALIBS)
!endif
-!if "$(WITH_OPENSSL_VERSION)" == "XMLSEC_OPENSSL_110"
+!if "$(WITH_OPENSSL_VERSION)" == "XMLSEC_OPENSSL_300"
+XMLSEC_OPENSSL_SOLIBS = libcrypto.lib wsock32.lib kernel32.lib user32.lib gdi32.lib crypt32.lib advapi32.lib ws2_32.lib
+XMLSEC_OPENSSL_ALIBS = libcrypto.lib wsock32.lib kernel32.lib user32.lib gdi32.lib crypt32.lib advapi32.lib ws2_32.lib
+!elseif "$(WITH_OPENSSL_VERSION)" == "XMLSEC_OPENSSL_110"
XMLSEC_OPENSSL_SOLIBS = libcrypto.lib wsock32.lib kernel32.lib user32.lib gdi32.lib crypt32.lib advapi32.lib ws2_32.lib
XMLSEC_OPENSSL_ALIBS = libcrypto.lib wsock32.lib kernel32.lib user32.lib gdi32.lib crypt32.lib advapi32.lib ws2_32.lib
!else
AR = link.exe /lib
ARFLAGS = /nologo
+!if "$(PEDANTIC)" == "1"
+ARFLAGS = $(ARFLAGS) /WX
+!endif
+
#
# xmlsec-<default-crypto> options
#
XMLSEC_CRYPTO_A = $(XMLSEC_MSCNG_A)
!endif
+
+!if "$(WITH_OPENSSL_VERSION)" == "XMLSEC_OPENSSL_300"
+XMLSEC_OPENSSL_TEST_CONFIG = openssl3.cnf
+!else
+XMLSEC_OPENSSL_TEST_CONFIG =
+!endif
+
+!if "$(STATIC)" == "1"
+EXTRA_ALL_TARGETS=xmlseca
+EXTRA_OPENSSL_TARGETS=openssla
+EXTRA_NSS_TARGETS=nssa
+EXTRA_MSCRYPTO_TARGETS=mscryptoa
+EXTRA_MSCNG_TARGETS=mscnga
+!else
+EXTRA_ALL_TARGETS=
+EXTRA_OPENSSL_TARGETS=
+EXTRA_NSS_TARGETS=
+EXTRA_MSCRYPTO_TARGETS=
+EXTRA_MSCNG_TARGETS=
+!endif
+
#
# Build rules
#
-all : xmlsec xmlseca $(WITH_CRYPTO) apps
+all: apps $(EXTRA_ALL_TARGETS)
-xmlsec : $(XMLSEC_APPS_INTDIR) $(BINDIR)\$(XMLSEC_SO) $(XMLSEC_DEFAULT_CRYPTO)
+apps: $(BINDIR)\$(APP_NAME)
-xmlseca : $(XMLSEC_APPS_INTDIR_A) $(BINDIR)\$(XMLSEC_A) $(XMLSEC_DEFAULT_CRYPTO_A)
+xmlseca: $(XMLSEC_APPS_INTDIR_A) $(BINDIR)\$(XMLSEC_A) $(XMLSEC_DEFAULT_CRYPTO_A)
+xmlsec: $(XMLSEC_APPS_INTDIR) $(BINDIR)\$(XMLSEC_SO) $(XMLSEC_DEFAULT_CRYPTO)
openssla: $(BINDIR)\$(XMLSEC_OPENSSL_A)
-openssl: $(BINDIR)\$(XMLSEC_OPENSSL_SO) openssla
+openssl: $(BINDIR)\$(XMLSEC_OPENSSL_SO) $(EXTRA_OPENSSL_TARGETS)
nssa: $(BINDIR)\$(XMLSEC_NSS_A)
-nss: $(BINDIR)\$(XMLSEC_NSS_SO) nssa
+nss: $(BINDIR)\$(XMLSEC_NSS_SO) $(EXTRA_NSS_TARGETS)
mscryptoa: $(BINDIR)\$(XMLSEC_MSCRYPTO_A)
-mscrypto: $(BINDIR)\$(XMLSEC_MSCRYPTO_SO) $(BINDIR)\$(XMLSEC_MSCRYPTO_A)
+mscrypto: $(BINDIR)\$(XMLSEC_MSCRYPTO_SO) $(EXTRA_MSCRYPTO_TARGETS)
mscnga: $(BINDIR)\$(XMLSEC_MSCNG_A)
-mscng: $(BINDIR)\$(XMLSEC_MSCNG_SO) $(BINDIR)\$(XMLSEC_MSCNG_A)
-
-apps : $(BINDIR)\$(APP_NAME)
+mscng: $(BINDIR)\$(XMLSEC_MSCNG_SO) $(EXTRA_MSCNG_TARGETS)
check : check-keys check-dsig check-enc
cd ..
if not exist %MAKEDIR%\tmp mkdir %MAKEDIR%\tmp
set TMPFOLDER=%MAKEDIR%\tmp
+ set XMLSEC_OPENSSL_TEST_CONFIG=$(XMLSEC_OPENSSL_TEST_CONFIG)
sh ./tests/testrun.sh ./tests/testKeys.sh "$(WITH_DEFAULT_CRYPTO)" ./tests win32/$(BINDIR)/$(APP_NAME) der
cd win32
cd ..
if not exist %MAKEDIR%\tmp mkdir %MAKEDIR%\tmp
set TMPFOLDER=%MAKEDIR%\tmp
+ set XMLSEC_OPENSSL_TEST_CONFIG=$(XMLSEC_OPENSSL_TEST_CONFIG)
sh ./tests/testrun.sh ./tests/testDSig.sh "$(WITH_DEFAULT_CRYPTO)" ./tests win32/$(BINDIR)/$(APP_NAME) der
cd win32
cd ..
if not exist %MAKEDIR%\tmp mkdir %MAKEDIR%\tmp
set TMPFOLDER=%MAKEDIR%\tmp
+ set XMLSEC_OPENSSL_TEST_CONFIG=$(XMLSEC_OPENSSL_TEST_CONFIG)
sh ./tests/testrun.sh ./tests/testEnc.sh "$(WITH_DEFAULT_CRYPTO)" ./tests win32/$(BINDIR)/$(APP_NAME) der
cd win32
rebuild : clean all
install : all
+ :: directoreies
if not exist $(INCPREFIX)\$(XMLSEC_NAME) mkdir $(INCPREFIX)\$(XMLSEC_NAME)
if not exist $(BINPREFIX) mkdir $(BINPREFIX)
if not exist $(LIBPREFIX) mkdir $(LIBPREFIX)
- if exist $(BINDIR)\$(XMLSEC_OPENSSL_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\openssl mkdir $(INCPREFIX)\$(XMLSEC_NAME)\openssl
- if exist $(BINDIR)\$(XMLSEC_NSS_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\nss mkdir $(INCPREFIX)\$(XMLSEC_NAME)\nss
- if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto mkdir $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto
- if exist $(BINDIR)\$(XMLSEC_MSCNG_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\mscng mkdir $(INCPREFIX)\$(XMLSEC_NAME)\mscng
+
+ :: include files
if exist $(BASEDIR)\include\$(XMLSEC_NAME) copy $(BASEDIR)\include\$(XMLSEC_NAME)\*.h $(INCPREFIX)\$(XMLSEC_NAME)
+ if exist $(BINDIR)\$(XMLSEC_OPENSSL_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\openssl mkdir $(INCPREFIX)\$(XMLSEC_NAME)\openssl
+ if exist $(BINDIR)\$(XMLSEC_OPENSSL_A) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\openssl mkdir $(INCPREFIX)\$(XMLSEC_NAME)\openssl
if exist $(BINDIR)\$(XMLSEC_OPENSSL_SO) copy $(BASEDIR)\include\$(XMLSEC_NAME)\openssl\*.h $(INCPREFIX)\$(XMLSEC_NAME)\openssl
+ if exist $(BINDIR)\$(XMLSEC_OPENSSL_A) copy $(BASEDIR)\include\$(XMLSEC_NAME)\openssl\*.h $(INCPREFIX)\$(XMLSEC_NAME)\openssl
+ if exist $(BINDIR)\$(XMLSEC_NSS_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\nss mkdir $(INCPREFIX)\$(XMLSEC_NAME)\nss
+ if exist $(BINDIR)\$(XMLSEC_NSS_A) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\nss mkdir $(INCPREFIX)\$(XMLSEC_NAME)\nss
if exist $(BINDIR)\$(XMLSEC_NSS_SO) copy $(BASEDIR)\include\$(XMLSEC_NAME)\nss\*.h $(INCPREFIX)\$(XMLSEC_NAME)\nss
+ if exist $(BINDIR)\$(XMLSEC_NSS_A) copy $(BASEDIR)\include\$(XMLSEC_NAME)\nss\*.h $(INCPREFIX)\$(XMLSEC_NAME)\nss
+ if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto mkdir $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto
+ if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_A) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto mkdir $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto
if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_SO) copy $(BASEDIR)\include\$(XMLSEC_NAME)\mscrypto\*.h $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto
+ if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_A) copy $(BASEDIR)\include\$(XMLSEC_NAME)\mscrypto\*.h $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto
+ if exist $(BINDIR)\$(XMLSEC_MSCNG_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\mscng mkdir $(INCPREFIX)\$(XMLSEC_NAME)\mscng
+ if exist $(BINDIR)\$(XMLSEC_MSCNG_A) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\mscng mkdir $(INCPREFIX)\$(XMLSEC_NAME)\mscng
if exist $(BINDIR)\$(XMLSEC_MSCNG_SO) copy $(BASEDIR)\include\$(XMLSEC_NAME)\mscng\*.h $(INCPREFIX)\$(XMLSEC_NAME)\mscng
+ if exist $(BINDIR)\$(XMLSEC_MSCNG_A) copy $(BASEDIR)\include\$(XMLSEC_NAME)\mscng\*.h $(INCPREFIX)\$(XMLSEC_NAME)\mscng
+
+ :: shared and static libs
if exist $(BINDIR)\$(XMLSEC_SO) copy $(BINDIR)\$(XMLSEC_SO) $(SOPREFIX)
if exist $(BINDIR)\$(XMLSEC_SO_MANIFEST) copy $(BINDIR)\$(XMLSEC_SO_MANIFEST) $(SOPREFIX)
if exist $(BINDIR)\$(XMLSEC_PDB) copy $(BINDIR)\$(XMLSEC_PDB) $(SOPREFIX)
if exist $(BINDIR)\$(XMLSEC_MSCNG_PDB) copy $(BINDIR)\$(XMLSEC_MSCNG_PDB) $(SOPREFIX)
if exist $(BINDIR)\$(XMLSEC_MSCNG_A) copy $(BINDIR)\$(XMLSEC_MSCNG_A) $(LIBPREFIX)
if exist $(BINDIR)\$(XMLSEC_MSCNG_IMP) copy $(BINDIR)\$(XMLSEC_MSCNG_IMP) $(LIBPREFIX)
+
+ :: apps
if exist $(BINDIR)\$(APP_NAME) copy $(BINDIR)\$(APP_NAME) $(BINPREFIX)
if exist $(BINDIR)\$(APP_NAME_MANIFEST) copy $(BINDIR)\$(APP_NAME_MANIFEST) $(BINPREFIX)
if exist $(BINPREFIX)\$(APP_NAME) del /F /S /Q $(BINPREFIX)\$(APP_NAME)
if exist $(BINPREFIX)\$(APP_NAME_MANIFEST) del /F /S /Q $(BINPREFIX)\$(APP_NAME_MANIFEST)
-# This is a target for me, to make a binary distribution. Not for the public use,
-# keep your hands off :-)
-BDVERSION = $(XMLSEC_VERSION_MAJOR).$(XMLSEC_VERSION_MINOR).$(XMLSEC_VERSION_SUBMINOR)
-BDPREFIX = $(XMLSEC_BASENAME)-$(BDVERSION).win32
-bindist : all
- $(MAKE) /nologo PREFIX=$(BDPREFIX) SOPREFIX=$(BDPREFIX)\bin install
- cscript //NoLogo configure.js genreadme $(XMLSEC_BASENAME) $(BDVERSION) $(BDPREFIX)\readme.txt
-
+#
# Makes the compiler output directory.
+#
$(BINDIR) :
if not exist $(BINDIR) mkdir $(BINDIR)
+#
# Makes intermediate directories.
+#
$(XMLSEC_APPS_INTDIR) :
if not exist $(XMLSEC_APPS_INTDIR) mkdir $(XMLSEC_APPS_INTDIR)
$(XMLSEC_APPS_INTDIR_A) :
$(XMLSEC_MSCNG_INTDIR_A) :
if not exist $(XMLSEC_MSCNG_INTDIR_A) mkdir $(XMLSEC_MSCNG_INTDIR_A)
+#
# An implicit rule for xmlsec compilation.
+#
{$(APPS_SRCDIR)}.c{$(XMLSEC_APPS_INTDIR)}.obj::
$(CC) $(CFLAGS) $(APP_CFLAGS) /Fo$(XMLSEC_APPS_INTDIR)\ /c $<
{$(XMLSEC_MSCNG_SRCDIR)}.c{$(XMLSEC_MSCNG_INTDIR)}.obj::
$(CC) $(CFLAGS) $(XMLSEC_MSCNG_CFLAGS) /Fo$(XMLSEC_MSCNG_INTDIR)\ /c $<
+#
# An implicit rule for static xmlsec compilation.
+#
{$(APPS_SRCDIR)}.c{$(XMLSEC_APPS_INTDIR_A)}.obj::
$(CC) /D "LIBXML_STATIC" /D "LIBXSLT_STATIC" /D "XMLSEC_STATIC" \
$(CFLAGS) $(APP_CFLAGS) /Fo$(XMLSEC_APPS_INTDIR_A)\ /c $<
$(CC) /D "LIBXML_STATIC" /D "LIBXSLT_STATIC" /D "XMLSEC_STATIC" \
$(CFLAGS) $(XMLSEC_MSCNG_CFLAGS) /Fo$(XMLSEC_MSCNG_INTDIR_A)\ /c $<
+#
# Compiles xmlsec source. Uses the implicit rule for commands.
+#
$(XMLSEC_OBJS) : $(XMLSEC_INTDIR)
$(XMLSEC_OBJS_A) : $(XMLSEC_INTDIR_A)
$(XMLSEC_MSCNG_OBJS) : $(XMLSEC_MSCNG_INTDIR)
$(XMLSEC_MSCNG_OBJS_A) : $(XMLSEC_MSCNG_INTDIR_A)
+#
# Creates the shared objects and archives.
+#
$(BINDIR)\$(XMLSEC_SO) : $(BINDIR) $(XMLSEC_OBJS)
$(LD) $(LDFLAGS) /DLL /VERSION:$(XMLSEC_VERSION_MAJOR).$(XMLSEC_VERSION_MINOR) \
/IMPLIB:$(BINDIR)\$(XMLSEC_IMP) /OUT:$(BINDIR)\$(XMLSEC_SO) \
$(BINDIR)\$(XMLSEC_MSCNG_A) : $(BINDIR) $(XMLSEC_MSCNG_OBJS_A)
$(AR) $(ARFLAGS) /OUT:$(BINDIR)\$(XMLSEC_MSCNG_A) $(XMLSEC_MSCNG_OBJS_A)
+#
# An implicit rule for xmlsec command line tool
-$(BINDIR)\xmlseca.exe: $(BINDIR) $(XMLSEC_APPS_OBJS_A)
+#
+$(BINDIR)\xmlseca.exe: xmlseca $(BINDIR) $(XMLSEC_APPS_OBJS_A)
$(LD) $(LDFLAGS) /OUT:$@ $(XMLSEC_A) $(XMLSEC_CRYPTO_A) $(APP_LIBS) $(XMLSEC_APPS_OBJS_A)
-$(BINDIR)\xmlsec.exe: $(BINDIR) $(XMLSEC_APPS_OBJS)
+$(BINDIR)\xmlsec.exe: xmlsec $(BINDIR) $(XMLSEC_APPS_OBJS)
$(LD) $(LDFLAGS) /OUT:$@ $(XMLSEC_IMP) $(XMLSEC_CRYPTO_IMP) $(APP_LIBS) $(XMLSEC_APPS_OBJS)
-# Builds xmlsec and friends. Uses the implicit rule for commands.
-$(BINDIR)\$(APP_NAME) : $(BINDIR) xmlsec xmlseca
-
-# Source dependences should be autogenerated somehow here, but how to
-# do it? I have no clue.
+# This is a target for me, to make a binary distribution. Not for the public use,
+# keep your hands off :-)
+BDVERSION = $(XMLSEC_VERSION_MAJOR).$(XMLSEC_VERSION_MINOR).$(XMLSEC_VERSION_SUBMINOR)
+BDPREFIX = $(XMLSEC_BASENAME)-$(BDVERSION).win32
+bindist : all
+ $(MAKE) /nologo PREFIX=$(BDPREFIX) SOPREFIX=$(BDPREFIX)\bin install
+ cscript //NoLogo configure.js genreadme $(XMLSEC_BASENAME) $(BDVERSION) $(BDPREFIX)\readme.txt
-\r
- Windows port\r
- ------------\r
+# XMLSec Library: Windows port\r
\r
This directory contains the files required to build this software on the\r
native Windows platform.\r
\r
-As a rule of thumb, the root of this directory contains files needed\r
-to build the library using the command-line tools, while various\r
-subdirectories contain project files for various IDEs.\r
-\r
-\r
- 1. Building the library
- =================================\r============
+## Building the library\r
\r
-Building from command line is the easiest, preferred and the only
-currently supported method. \r
+Building from command line is the only supported method.\r
\r
In order to build from the command-line you need to make sure that\r
your compiler works from the command line. This is not always the\r
The second step is compiling the source and, optionally, installing it\r
to the location of your choosing.\r
\r
-\r
- 1.1 Configuring the source automatically\r
- ----------------------------------------\r
+### Configuring the source automatically\r
\r
The configuration script accepts numerous options. Some of these\r
affect features which will be available in the compiled software,\r
others affect the way the software is built and installed. To see a\r
full list of options supported by the configuration script, run\r
\r
- cscript configure.js help\r
+```\r
+cscript configure.js help\r
+```\r
\r
-from the win32 subdirectory. The configuration script will present you\r
+from the `win32` subdirectory. The configuration script will present you\r
the options it accepts and give a biref explanation of these. In every\r
case you will have two sets of options. The first set is specific to\r
the software you are building and the second one is specific to the\r
Once you have decided which options suit you, run the script with that\r
options. Here is an example:\r
\r
- cscript configure.js prefix=c:\opt include=c:\opt\include \r
- lib=c:\opt\lib debug=yes\r
+```\r
+cscript configure.js prefix=c:\opt include=c:\opt\include lib=c:\opt\lib debug=yes\r
+```\r
\r
The previous example will configure the process to install the library\r
-in c:\opt, use c:\opt\include and c:\opt\lib as additional search\r
+in `c:\opt`, use `c:\opt\include` and `c:\opt\lib` as additional search\r
paths for the compiler and the linker and build executables with debug\r
symbols.\r
\r
Note: Please do not use path names which contain spaces. This will\r
-fail. Allowing this would require me to put almost everything in the\r
-Makefile in quotas and that looks quite ugly with my\r
-syntax-highlighting engine. If you absolutely must use spaces in paths\r
-send me an email and tell me why. If there are enough of you out there\r
-who need this, or if a single one has a very good reason, I will\r
-modify the Makefile to allow spaces in paths.\r
-\r
+fail.\r
\r
- 1.2 (Not) Configuring the source manually\r
- -----------------------------------------\r
+### Configuring the source manually\r
\r
The manual configuration is pretty straightforward, but I would\r
suggest rather to get a JScript engine and let the configure script do\r
suit your needs, as well as manually generating certain *.h files from\r
their *.h.in sources.\r
\r
-If you really have no idea what I am talking about and ask yourself\r
-what in Gods name do I mean with '*.h files and their *.h.in sources',\r
-then you really should do an automatic configuration. Which files must\r
-be generated and what needs to be done with their sources in order to\r
-generate them is something people who have built this software before\r
-allready know. You will not find any explanations for that\r
-here. Please configure the source manually only if you allready know\r
-what you must do. Otherwise, you have the choice of either getting a\r
-precompiled binary distribution, or performing the automatic\r
-configuration.\r
-\r\r
- 1.3 Compiling\r
- -------------\r
+### Compiling\r
\r
After the configuration stage has been completed, you want to build\r
the software. To do that, type\r
\r
- nmake\r
+```\r
+nmake\r
+```\r
+\r
+in the `win32` subdirectory.When the building completes, you will find\r
+the executable files in `win32\binaries` directory.\r
\r
-in the win32 subdirectory.When the building completes, you will find\r
-the executable files in win32\binaries directory.\r
- \r
You can install the software into the directory you specified to the\r
configure script during the configure stage by typing\r
\r
- nmake install\r
-\r
-That would be it, enjoy.\r
-\r
- 2. Building your appliation
- =================================\r============
-
-On Windows there is no easy way to automatically configure compilation
-options or paths. You have to do everything manualy. Start up your
-favorite IDE or text editor and read on.
-
- 2.1 Global Defines.
- -------------\r-------------\r-------------\r------
-
-If you want to use automatic crypto library configuration (xmlsec/crypto.h file)
-you need to add one of the following global defines:
-
- #define XMLSEC_CRYPTO_OPENSSL
- #define XMLSEC_CRYPTO_GNUTLS
- #define XMLSEC_CRYPTO_NSS
-
-Also you'll need to define all configuration parameters used during XML Security
-Library compilation (XMLSEC_NO_AES, XMLSEC_NO_X509,...).
-
- 2.1 Additional Global Defines for static linking.
- -------------\r-------------\r-------------\r------\r
-
-Also if you (*and only if*) are linking libraries staticaly, you'll need to add following
-global defines:
-
- 2.2 Setting include and library paths.
- -------------\r-------------\r-------------\r------\r
-
-As usual, you need to have correct include and library paths to xmlsec, libxml,
-libxslt, iconv, openssl or any other library used in your application.
-
- 2.3 Selecting correct Windows runtime libraries.
- -------------\r-------------\r-------------\r------\r
-
-Windows basically has 6 different C runtimes. The first one is called libc.lib
-and can only be linked to statically and used only in single-threaded mode.
-The second one is also can only be linked staticaly and used in multi-threaded
-mode. The third one is called msvcrt.dll and can only be linked to dynamically.
-These three then live in their debug and release incarnations, which results in
-six C runtimes. The rule is simple: exactly the same runtime must be used
-throughout the application. Client code *MUST* use the same runtime as XMLSec,
-LibXML, LibXSLT, OpenSSL or any other library used.
-
-If you downloaded XMLSec, LibXML, LibXSLT and OpenSSL binaries from Igor's
-page then all libraries are all linked to msvcrt.dll ("Multithreaded DLL"
-(NOT DEBUG!); /MD compiler switch). The click-next click-finish wizardry
-from Visual Studio chooses the single-threaded libc.lib as the default
-when you create a new project. And this causes great problems because
-you program crashes on first IO operation, first malloc/free from different
-runtimes or something even more trivial.
-
-Do not forget that if you need a different runtime for some reason, then
-you MUST recompile not only XMLSec, but LibXML, LibXSLT and OpenSSL as well.
-
-\r
-March 2002, Igor Zlatkovic <igor@stud.fh-frankfurt.de>\r
+```\r
+nmake install\r
+```\r
+\r
+## Building your appliation\r
+\r
+On Windows there is no easy way to automatically configure compilation\r
+options or paths. You have to do everything manualy. Start up your\r
+favorite IDE or text editor and read on.\r
+\r
+### Global Defines\r
+\r
+If you want to use automatic crypto library configuration (`xmlsec/crypto.h` file)\r
+you need to add one of the following global defines:\r
+\r
+```\r
+ #define XMLSEC_CRYPTO_OPENSSL\r
+ #define XMLSEC_CRYPTO_GNUTLS\r
+ #define XMLSEC_CRYPTO_NSS\r
+```\r
+\r
+Also you'll need to define all configuration parameters used during XML Security\r
+Library compilation (`XMLSEC_NO_AES`, `XMLSEC_NO_X509`,...).\r
+\r
+### Setting include and library paths.\r
+\r
+As usual, you need to have correct include and library paths to xmlsec, libxml,\r
+libxslt, iconv, openssl or any other library used in your application.\r
+\r
+### Selecting correct Windows runtime libraries.\r
+\r
+Windows basically has 6 different C runtimes. The first one is called libc.lib\r
+and can only be linked to statically and used only in single-threaded mode.\r
+The second one is also can only be linked staticaly and used in multi-threaded\r
+mode. The third one is called msvcrt.dll and can only be linked to dynamically.\r
+These three then live in their debug and release incarnations, which results in\r
+six C runtimes. The rule is simple: exactly the same runtime must be used\r
+throughout the application. Client code *MUST* use the same runtime as XMLSec,\r
+LibXML, LibXSLT, OpenSSL or any other library used.\r
+\r
+If you downloaded XMLSec, LibXML, LibXSLT and OpenSSL binaries from Igor's\r
+page then all libraries are all linked to msvcrt.dll ("Multithreaded DLL"\r
+(NOT DEBUG!); /MD compiler switch). The click-next click-finish wizardry\r
+from Visual Studio chooses the single-threaded libc.lib as the default\r
+when you create a new project. And this causes great problems because\r
+you program crashes on first IO operation, first malloc/free from different\r
+runtimes or something even more trivial.\r
+\r
+Do not forget that if you need a different runtime for some reason, then\r
+you MUST recompile not only XMLSec, but LibXML, LibXSLT and OpenSSL as well.\r
+\r
+## Authors\r
+- March 2002, Igor Zlatkovic <igor@stud.fh-frankfurt.de>\r
+- July, 2022, Aleksey Sanin <aleksey@aleksey.com>\r
--- /dev/null
+*** Pre-requisites
+1) Install Cygwin with git, vim, wget, ...
+2) Add c:\Cygwin64\bin and c:\Cygwin64\lib to the PATH environment variable
+3) Install Strawberry Perl
+4) Install Visual Studio with C++
+
+
+*** LibXML2
+1) Inside Cygwin prompt:
+$ cd /cygdrive/c/local/dev
+$ git clone git@github.com:GNOME/libxml2.git
+
+2) Inside "x64 Native tools command prompt":
+> cd c:\local\dev\libxml2\win32
+> cscript configure.js prefix=c:\local static=no iconv=no debug=yes
+> nmake
+> nmake install
+
+*** LibXSLT
+1) Inside Cygwin prompt:
+$ cd /cygdrive/c/local/dev
+$ git clone git@github.com:GNOME/libxslt.git
+
+2) Inside "x64 Native tools command prompt":
+> cd c:\local\dev\libxslt\win32
+> cscript configure.js prefix=c:\local static=no iconv=no debug=yes include=c:\local\include\libxml2 lib=c:\local\lib
+> nmake
+> nmake install
+
+
+*** OpenSSL
+----------
+1) Inside Cygwin prompt:
+$ cd /cygdrive/c/local/dev
+$ wget <openssl-source-url>
+$ tar xfvz <openssl-tar-file>
+
+2) Inside "x64 Native tools command prompt":
+> cd c:\local\dev\<openssl-dir>
+> perl Configure no-asm --prefix=c:\local\openssl-<version> VC-WIN64A
+> nmake
+> nmake install
+
var buildUnicode = 1;
var buildDebug = 0;
var buildWerror = 0;
+var buildPedantic = 1;
var buildCc = "cl.exe";
var buildCflags = "";
var buildStatic = 1;
var buildLib = ".";
var cruntime = "/MD";
+/* Crypto options */
+var withOpenSSL3Engines = 0;
+
/* Local stuff */
var error = 0;
txt += "either 'yes' or 'no'.\n\n";
txt += "XmlSec Library options, default value given in parentheses:\n\n";
txt += " crypto: Crypto engines list, first is default: \"openssl\",\n";
- txt += " \"openssl=100\", \"openssl=110\", \n";
+ txt += " \"openssl=100\", \"openssl=100\", \"openssl=110\",\n";
+ txt += " \"openssl-110\", \"openssl=300\", \"openssl-300\",\n";
txt += " \"nss\", \"mscrypto\", \"mscng\" (\"" + withCrypto + "\");\n"
txt += " xslt: LibXSLT is used (" + (withLibXSLT? "yes" : "no") + ")\n";
txt += " iconv: Use the iconv library (" + (withIconv? "yes" : "no") + ")\n";
txt += "\nWin32 build options, default value given in parentheses:\n\n";
txt += " unicode: Build Unicode version (" + (buildUnicode? "yes" : "no") + ")\n";
txt += " debug: Build unoptimised debug executables (" + (buildDebug? "yes" : "no") + ")\n";
- txt += " werror: Build with warnings as errors(" + (buildWerror? "yes" : "no") + ")\n";
+ txt += " werror: Build with warnings as errors (" + (buildWerror? "yes" : "no") + ")\n";
+ txt += " pedantic: Build with more warnings enabled (" + (buildPedantic? "yes" : "no") + ")\n";
txt += " cc: Build with the specified compiler(" + buildCc + ")\n";
txt += " cflags: Build with the specified compiler flags('" + buildCflags + "')\n";
- txt += " static: Link libxmlsec statically to xmlsec (" + (buildStatic? "yes" : "no") + ")\n";
- txt += " with-dl: Enable dynamic loading of xmlsec-crypto libraries (" + (buildWithDLSupport? "yes" : "no") + ")\n";
+ txt += " static: Build static xmlsec libraries (" + (buildStatic? "yes" : "no") + ")\n";
+ txt += " with-dl: Enable dynamic loading of xmlsec-crypto libraries (" + (buildWithDLSupport ? "yes" : "no") + ")\n";
txt += " prefix: Base directory for the installation (" + buildPrefix + ")\n";
txt += " bindir: Directory where xmlsec and friends should be installed\n";
txt += " (" + buildBinPrefix + ")\n";
txt += " where libxml headers can be found (" + buildInclude + ")\n";
txt += " lib: Additional search path for the linker, particularily\n";
txt += " where libxml library can be found (" + buildLib + ")\n";
+ txt += "\nCrypto options, default value given in parentheses:\n\n";
+ txt += " with-openssl3-engines: Enable dynamic loading of xmlsec-crypto libraries (" + (withOpenSSL3Engines ? "yes" : "no") + ")\n";
WScript.Echo(txt);
}
vf.WriteLine("WITH_DEFAULT_CRYPTO=" + withDefaultCrypto);
vf.WriteLine("WITH_OPENSSL=" + withOpenSSL);
vf.WriteLine("WITH_OPENSSL_VERSION=XMLSEC_OPENSSL_" + withOpenSSLVersion);
+ vf.WriteLine("WITH_OPENSSL3_ENGINES=" + (withOpenSSL3Engines ? "1" : "0") );
vf.WriteLine("WITH_NSS=" + withNss);
vf.WriteLine("WITH_MSCRYPTO=" + withMSCrypto);
vf.WriteLine("WITH_MSCNG=" + withMSCng);
vf.WriteLine("UNICODE=" + (buildUnicode? "1" : "0"));
vf.WriteLine("DEBUG=" + (buildDebug? "1" : "0"));
vf.WriteLine("WERROR=" + (buildWerror? "1" : "0"));
+ vf.WriteLine("PEDANTIC=" + (buildPedantic? "1" : "0"));
vf.WriteLine("CC=" + buildCc);
vf.WriteLine("CFLAGS=" + buildCflags);
vf.WriteLine("STATIC=" + (buildStatic? "1" : "0"));
buildDebug = strToBool(arg.substring(opt.length + 1, arg.length));
else if (opt == "werror")
buildWerror = strToBool(arg.substring(opt.length + 1, arg.length));
+ else if (opt == "pedantic")
+ buildPedantic = strToBool(arg.substring(opt.length + 1, arg.length));
else if (opt == "cc")
buildCc = arg.substring(opt.length + 1, arg.length);
else if (opt == "cflags")
buildLib = arg.substring(opt.length + 1, arg.length);
else if (opt == "cruntime")
cruntime = arg.substring(opt.length + 1, arg.length);
+ else if (opt == "with-openssl3-engines")
+ withOpenSSL3Engines = strToBool(arg.substring(opt.length + 1, arg.length));
else
error = 1;
} else if (i == 0) {
curcrypto="openssl";
withOpenSSL = 1;
withOpenSSLVersion = "110"; /* default */
- } else if (crlist[j] == "openssl=100") {
+ } else if (crlist[j] == "openssl=100" || crlist[j] == "openssl-100") {
curcrypto="openssl";
withOpenSSL = 1;
withOpenSSLVersion = "100";
- } else if (crlist[j] == "openssl=110") {
+ } else if (crlist[j] == "openssl=110" || crlist[j] == "openssl-110") {
curcrypto="openssl";
withOpenSSL = 1;
withOpenSSLVersion = "110";
+ } else if (crlist[j] == "openssl=300" || crlist[j] == "openssl-300") {
+ curcrypto="openssl";
+ withOpenSSL = 1;
+ withOpenSSLVersion = "300";
} else if (crlist[j] == "nss") {
curcrypto="nss";
withNss = 1;
txtOut += " Unicode: " + boolToStr(buildUnicode) + "\n";
txtOut += " Debug symbols: " + boolToStr(buildDebug) + "\n";
txtOut += "Warnings as errors: " + boolToStr(buildWerror) + "\n";
+txtOut += " Pedantic: " + boolToStr(buildPedantic) + "\n";
txtOut += " C compiler: " + buildCc + "\n";
txtOut += " C compiler flags: " + buildCflags + "\n";
-txtOut += " Static xmlsec: " + boolToStr(buildStatic) + "\n";
+txtOut += "Static xmlsec libs: " + boolToStr(buildStatic) + "\n";
txtOut += " Enable DL support: " + boolToStr(buildWithDLSupport) + "\n";
txtOut += " Install prefix: " + buildPrefix + "\n";
txtOut += " Put tools in: " + buildBinPrefix + "\n";
txtOut += "Put shared libs in: " + buildSoPrefix + "\n";
txtOut += " Include path: " + buildInclude + "\n";
txtOut += " Lib path: " + buildLib + "\n";
+txtOut += "\n";
+txtOut += "Crypto configuration\n";
+txtOut += "-------------------------\n";
+txtOut += "Use OpenSSL3 Engine: " + boolToStr(withOpenSSL3Engines) + "\n";
WScript.Echo(txtOut);
// Done.
@echo on
-REM
-REM This is my personal configuration file.
+REM
+REM This is my personal configuration file.
REM I am lazy to type all this crap again and again
REM You are welcome to customize this file for your
REM needs but do not check it into the GitHub, please.
REM
REM Aleksey Sanin <aleksey@aleksey.com>
-REM
+REM
SET PREFIX=C:\local
-SET XMLSEC_CRYPTO=openssl
-SET XMLSEC_INCLUDE=%PREFIX%\include;%MSSDK_INCLUDE%
-SET XMLSEC_LIB=%PREFIX%\lib;%MSSDK_LIB%
-SET XMLSEC_OPTIONS=static=yes iconv=no debug=yes xslt=yes crypto=%XMLSEC_CRYPTO% unicode=yes
+SET XMLSEC_CRYPTO=mscrypto
+SET OPENSSL_PREFIX=%PREFIX%\openssl-3.0.3
+SET XMLSEC_INCLUDE=%PREFIX%\include;%PREFIX%\include\libxml2;%OPENSSL_PREFIX%\include;%MSSDK_INCLUDE%
+SET XMLSEC_LIB=%PREFIX%\lib;%OPENSSL_PREFIX%\lib;%MSSDK_LIB%
+SET XMLSEC_OPTIONS=pedantic=yes static=yes with-dl=yes iconv=no debug=yes xslt=yes crypto=%XMLSEC_CRYPTO% unicode=no
+nmake clean
del /F Makefile configure.txt
cscript configure.js prefix=%PREFIX% %XMLSEC_OPTIONS% include=%XMLSEC_INCLUDE% lib=%XMLSEC_LIB%
mkdir binaries
copy %PREFIX%\bin\*.dll binaries
copy %PREFIX%\lib\*.dll binaries
+copy %OPENSSL_PREFIX%\bin\*.dll binaries
+copy %OPENSSL_PREFIX%\lib\*.dll binaries
echo @VERSION@
exit 0
;;
-
+
--crypto)
echo @XMLSEC_DEFAULT_CRYPTO@
exit 0
;;
-
+
--help)
usage 0
;;
--libs)
libs=true
;;
-
+
*)
usage 1
;;
the_xslt_flags=""
the_xslt_libs=""
if test "@XMLSEC_NO_LIBXSLT@" = "0" ;
-then
+then
the_xslt_flags="`@LIBXSLT_CONFIG@ --cflags`"
the_xslt_libs="`@LIBXSLT_CONFIG@ --libs`"
-fi
+fi
#
# Get crypto library settings
fi
;;
-default)
+default)
the_crypto_flags="@XMLSEC_CRYPTO_CFLAGS@"
the_crypto_libs="@XMLSEC_CRYPTO_LIBS@"
the_xmlsec_crypto_lib="-l@XMLSEC_CRYPTO_LIB@"
;;
-
+
openssl)
if test "@XMLSEC_NO_OPENSSL@" = "0" ;
then
usage 1
fi
;;
-
+
*)
echo "Error: the \"$crypto\" cryptographic library is not supported"
usage 1
;;
-
+
esac
#
*)
case " $other_flags " in
*\ $i\ *)
- # already there
+ # already there
;;
*)
# add it to output
other_flags="$other_flags $i"
;;
- esac
+ esac
;;
esac
done
;;
*)
# add it to output in reverse order
- ord_libs="$i $ord_libs"
+ ord_libs="$i $ord_libs"
;;
esac
done
Name: xmlsec1
Version: @VERSION@
Description: XML Security Library implements XML Signature and XML Encryption standards
-Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_PC_FILE_COND@
+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_PC_FILE_COND@
Cflags: -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1 @XMLSEC_CORE_CFLAGS@
-Libs: -L${libdir} @XMLSEC_CORE_LIBS@
+Libs: -L${libdir} @XMLSEC_CORE_LIBS@
Prefix: %{_prefix}
Docdir: %{_docdir}
-%define _unpackaged_files_terminate_build 0
+%define _unpackaged_files_terminate_build 0
%define _missing_doc_files_terminate_build 0
%description
-XML Security Library is a C library based on LibXML2 and OpenSSL.
-The library was created with a goal to support major XML security
-standards "XML Digital Signature" and "XML Encryption".
+XML Security Library is a C library based on LibXML2 and OpenSSL.
+The library was created with a goal to support major XML security
+standards "XML Digital Signature" and "XML Encryption".
-%package devel
+%package devel
Summary: Libraries, includes, etc. to develop applications with XML Digital Signatures and XML Encryption support.
-Group: Development/Libraries
+Group: Development/Libraries
Requires: xmlsec1 = %{version}
Requires: libxml2-devel >= @LIBXML_MIN_VERSION@
Requires: libxslt-devel >= @LIBXSLT_MIN_VERSION@
Requires: libtool-ltdl-devel
%description devel
-Libraries, includes, etc. you can use to develop applications with XML Digital
+Libraries, includes, etc. you can use to develop applications with XML Digital
Signatures and XML Encryption support.
%package openssl
Summary: OpenSSL crypto plugin for XML Security Library
-Group: Development/Libraries
+Group: Development/Libraries
Requires: xmlsec1 = %{version}
Requires: libxml2 >= @LIBXML_MIN_VERSION@
Requires: libxslt >= @LIBXSLT_MIN_VERSION@
%package openssl-devel
Summary: OpenSSL crypto plugin for XML Security Library
-Group: Development/Libraries
+Group: Development/Libraries
Requires: xmlsec1 = %{version}
Requires: xmlsec1-devel = %{version}
Requires: xmlsec1-openssl = %{version}
%package nss
Summary: NSS crypto plugin for XML Security Library
-Group: Development/Libraries
+Group: Development/Libraries
Requires: xmlsec1 = %{version}
Requires: libxml2 >= @LIBXML_MIN_VERSION@
Requires: libxslt >= @LIBXSLT_MIN_VERSION@
%package nss-devel
Summary: NSS crypto plugin for XML Security Library
-Group: Development/Libraries
+Group: Development/Libraries
Requires: xmlsec1 = %{version}
Requires: xmlsec1-devel = %{version}
Requires: xmlsec1-nss = %{version}
%postun -p /sbin/ldconfig
-%files
+%files
%defattr(-, root, root)
%doc AUTHORS ChangeLog NEWS README Copyright
%{prefix}/bin/xmlsec1
%files devel
-%defattr(-, root, root)
+%defattr(-, root, root)
%{prefix}/bin/xmlsec1-config
%{prefix}/include/xmlsec1/xmlsec/*.h
%{prefix}/lib/libxmlsec1.*a
%{prefix}/lib/pkgconfig/xmlsec1.pc
%{prefix}/lib/xmlsec1Conf.sh
-%{prefix}/share/doc/xmlsec1/*
+%{prefix}/share/doc/xmlsec1/*
%{prefix}/share/aclocal/xmlsec1.m4
%doc AUTHORS HACKING ChangeLog NEWS README Copyright
%doc %{_mandir}/man1/xmlsec1-config.1*
%files openssl
-%defattr(-, root, root)
+%defattr(-, root, root)
%{prefix}/lib/libxmlsec1-openssl.so.*
%{prefix}/lib/libxmlsec1-openssl.so
%files openssl-devel
-%defattr(-, root, root)
+%defattr(-, root, root)
%{prefix}/include/xmlsec1/xmlsec/openssl/*.h
%{prefix}/lib/libxmlsec1-openssl.*a
%{prefix}/lib/pkgconfig/xmlsec1-openssl.pc
%files nss
-%defattr(-, root, root)
+%defattr(-, root, root)
%{prefix}/lib/libxmlsec1-nss.so.*
%{prefix}/lib/libxmlsec1-nss.so
%files nss-devel
-%defattr(-, root, root)
+%defattr(-, root, root)
%{prefix}/include/xmlsec1/xmlsec/nss/*.h
%{prefix}/lib/libxmlsec1-nss.*a
--- /dev/null
+#! /bin/sh
+
+prefix="/usr"
+package="xmlsec1"
+exec_prefix="${prefix}"
+exec_prefix_set=no
+libdir="${exec_prefix}/lib"
+
+usage()
+{
+ cat <<EOF
+Usage: $package-config [OPTION]...
+
+Known values for OPTION are:
+
+ --cflags print pre-processor and compiler flags
+ --libs print library linking information
+ --prefix print the default XMLSEC prefix folder
+ --exec-prefix print the default XMLSEC executable prefix folder
+ --libdir print the default XMLSEC libraries folder
+ --crypto print the default crypto library name
+ --prefix=DIR change XMLSEC prefix folder
+ --exec-prefix=DIR change XMLSEC executable prefix folder
+ --libdir=DIR change XMLSEC libraries folder
+ --crypto=LIB configure with XMLSEC crypto library (one of the
+ following: none default openssl nss gnutls gcrypt)
+ --help display this help and exit
+ --version output version information
+EOF
+
+ exit $1
+}
+
+
+#
+# first parse command line aruments
+#
+if [ $# -eq 0 ]
+then
+ usage 1 1>&2
+fi
+
+cflags=false
+libs=false
+if [ "z0" = "z1" ] ;
+then
+ crypto="default"
+else
+ crypto="none"
+fi
+
+while [ $# -gt 0 ]
+do
+ case "$1" in
+ -*=*)
+ optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'`
+ ;;
+ *)
+ optarg=
+ ;;
+ esac
+
+ case "$1" in
+ --crypto=*)
+ crypto=$optarg
+ ;;
+
+ --prefix=*)
+ prefix=$optarg
+ if [ $exec_prefix_set = no ] ;
+ then
+ exec_prefix=$optarg
+ fi
+ ;;
+
+ --prefix)
+ echo $prefix
+ ;;
+
+ --exec-prefix=*)
+ exec_prefix=$optarg
+ exec_prefix_set=yes
+ ;;
+
+ --exec-prefix)
+ echo $exec_prefix
+ ;;
+
+ --libdir=*)
+ libdir=$optarg
+ ;;
+
+ --libdir)
+ echo $libdir
+ ;;
+
+ --version)
+ echo 1.2.39
+ exit 0
+ ;;
+
+ --crypto)
+ echo openssl
+ exit 0
+ ;;
+
+ --help)
+ usage 0
+ ;;
+
+ --cflags)
+ cflags=true
+ ;;
+
+ --libs)
+ libs=true
+ ;;
+
+ *)
+ usage 1
+ ;;
+ esac
+
+ shift
+done
+
+#
+# Get LibXML2 settings
+#
+the_xml_flags="`xml2-config --cflags`"
+the_xml_libs="`xml2-config --libs`"
+
+#
+# Get LibXSLT settings
+#
+the_xslt_flags=""
+the_xslt_libs=""
+if test "0" = "0" ;
+then
+ the_xslt_flags="`xslt-config --cflags`"
+ the_xslt_libs="`xslt-config --libs`"
+fi
+
+#
+# Get crypto library settings
+#
+the_crypto_flags=""
+the_crypto_libs=""
+the_xmlsec_crypto_lib=""
+case "$crypto" in
+none)
+ # no crypto, just the core xmlsec engine (useful when more
+ # than one crypto engine i sused by application)
+ if [ "z0" != "z1" ] ;
+ then
+ the_crypto_flags="-DXMLSEC_CRYPTO_DYNAMIC_LOADING=1"
+ fi
+ ;;
+
+default)
+ the_crypto_flags=" -DXMLSEC_CRYPTO_OPENSSL=1"
+ the_crypto_libs="-lssl -lcrypto "
+ the_xmlsec_crypto_lib="-lxmlsec1-openssl"
+ ;;
+
+openssl)
+ if test "0" = "0" ;
+ then
+ the_crypto_flags=" -DXMLSEC_CRYPTO_OPENSSL=1"
+ the_crypto_libs="-lssl -lcrypto "
+ the_xmlsec_crypto_lib="-lxmlsec1-openssl"
+ else
+ echo "Error: the \"$crypto\" cryptographic library is not supported"
+ usage 1
+ fi
+ ;;
+
+gnutls)
+ if test "0" = "0" ;
+ then
+ the_crypto_flags="-I/usr/include/p11-kit-1 -DXMLSEC_CRYPTO_GNUTLS=1"
+ the_crypto_libs="-lgnutls "
+ the_xmlsec_crypto_lib="-lxmlsec1-gnutls"
+ else
+ echo "Error: the \"$crypto\" cryptographic library is not supported"
+ usage 1
+ fi
+ ;;
+
+gcrypt)
+ if test "0" = "0" ;
+ then
+ the_crypto_flags=" -DXMLSEC_CRYPTO_GCRYPT=1L"
+ the_crypto_libs="-lgcrypt "
+ the_xmlsec_crypto_lib="-lxmlsec1-gcrypt"
+ else
+ echo "Error: the \"$crypto\" cryptographic library is not supported"
+ usage 1
+ fi
+ ;;
+
+nss)
+ if test "0" = "0";
+ then
+ the_crypto_flags="-I/usr/include/nss -I/usr/include/nspr -I/usr/include/nspr -DXMLSEC_CRYPTO_NSS=1"
+ the_crypto_libs="-lnss3 -lnssutil3 -lsmime3 -lssl3 -lplds4 -lplc4 -lnspr4 -lplds4 -lplc4 -lnspr4 "
+ the_xmlsec_crypto_lib="-lxmlsec1-nss"
+ else
+ echo "Error: the \"$crypto\" cryptographic library is not supported"
+ usage 1
+ fi
+ ;;
+
+*)
+ echo "Error: the \"$crypto\" cryptographic library is not supported"
+ usage 1
+ ;;
+
+esac
+
+#
+# Assemble all the settings together
+#
+the_flags="$the_flags -D__XMLSEC_FUNCTION__=__func__ -DXMLSEC_NO_SIZE_T -DXMLSEC_NO_FTP=1 -DXMLSEC_NO_MD5=1 -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_GOST2012=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1 $the_xml_flags $the_xslt_flags $the_crypto_flags"
+the_libs="$the_libs -L${libdir} -lxmlsec1 -lltdl $the_xmlsec_crypto_lib -lxmlsec1 $the_xml_libs $the_xslt_libs $the_crypto_libs"
+
+if $cflags ;
+then
+ all_flags="$the_flags"
+fi
+
+if $libs ;
+then
+ all_flags="$all_flags $services $the_libs"
+fi
+
+if test -z "$all_flags" || test "x$all_flags" = "x " ;
+then
+ exit 1
+fi
+
+# Straight out any possible duplicates, but be careful to
+# get `-lfoo -lbar -lbaz' for `-lfoo -lbaz -lbar -lbaz'
+other_flags=
+rev_libs=
+for i in $all_flags; do
+ case "$i" in
+ # a library, save it for later, in reverse order
+ -l*)
+ rev_libs="$i $rev_libs"
+ ;;
+ *)
+ case " $other_flags " in
+ *\ $i\ *)
+ # already there
+ ;;
+ *)
+ # add it to output
+ other_flags="$other_flags $i"
+ ;;
+ esac
+ ;;
+ esac
+done
+
+ord_libs=
+for i in $rev_libs; do
+ case " $ord_libs " in
+ *\ $i\ *)
+ # already there
+ ;;
+ *)
+ # add it to output in reverse order
+ ord_libs="$i $ord_libs"
+ ;;
+ esac
+done
+
+echo $other_flags $ord_libs
+
+exit 0
--- /dev/null
+prefix=/usr
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name: xmlsec1-gcrypt
+Version: 1.2.39
+Description: XML Security Library implements XML Signature and XML Encryption standards
+Requires: libxml-2.0 >= 2.8.0 libxslt >= 1.0.20
+Cflags: -D__XMLSEC_FUNCTION__=__func__ -DXMLSEC_NO_SIZE_T -DXMLSEC_NO_FTP=1 -DXMLSEC_NO_MD5=1 -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_GOST2012=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1 -DXMLSEC_CRYPTO_GCRYPT=1
+Cflags.private: -DXMLSEC_STATIC
+Libs: -L${exec_prefix}/lib -lxmlsec1-gcrypt -lxmlsec1 -lltdl -lgcrypt
--- /dev/null
+prefix=/usr
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name: xmlsec1-gnutls
+Version: 1.2.39
+Description: XML Security Library implements XML Signature and XML Encryption standards
+Requires: libxml-2.0 >= 2.8.0 libxslt >= 1.0.20
+Cflags: -D__XMLSEC_FUNCTION__=__func__ -DXMLSEC_NO_SIZE_T -DXMLSEC_NO_FTP=1 -DXMLSEC_NO_MD5=1 -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_GOST2012=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1 -I/usr/include/p11-kit-1 -DXMLSEC_CRYPTO_GNUTLS=1
+Cflags.private: -DXMLSEC_STATIC
+Libs: -L${exec_prefix}/lib -lxmlsec1-gnutls -lxmlsec1-gcrypt -lxmlsec1 -lltdl -lgnutls
--- /dev/null
+prefix=/usr
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name: xmlsec1-nss
+Version: 1.2.39
+Description: XML Security Library implements XML Signature and XML Encryption standards
+Requires: libxml-2.0 >= 2.8.0 libxslt >= 1.0.20 nspr >= 1.4 nss >= 1.4
+Cflags: -DXMLSEC_CRYPTO_NSS=1 -D__XMLSEC_FUNCTION__=__func__ -DXMLSEC_NO_SIZE_T -DXMLSEC_NO_FTP=1 -DXMLSEC_NO_MD5=1 -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_GOST2012=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1
+Cflags.private: -DXMLSEC_STATIC
+Libs: -L${libdir} -lxmlsec1-nss -lxmlsec1 -lltdl
--- /dev/null
+prefix=/usr
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name: xmlsec1-openssl
+Version: 1.2.39
+Description: XML Security Library implements XML Signature and XML Encryption standards
+Requires: libxml-2.0 >= 2.8.0 libxslt >= 1.0.20
+Cflags: -D__XMLSEC_FUNCTION__=__func__ -DXMLSEC_NO_SIZE_T -DXMLSEC_NO_FTP=1 -DXMLSEC_NO_MD5=1 -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_GOST2012=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1 -DXMLSEC_CRYPTO_OPENSSL=1
+Cflags.private: -DXMLSEC_STATIC
+Libs: -L${exec_prefix}/lib -lxmlsec1-openssl -lxmlsec1 -lltdl -lssl -lcrypto
--- /dev/null
+prefix=/usr
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name: xmlsec1
+Version: 1.2.39
+Description: XML Security Library implements XML Signature and XML Encryption standards
+Requires: libxml-2.0 >= 2.8.0 libxslt >= 1.0.20
+Cflags: -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1 -D__XMLSEC_FUNCTION__=__func__ -DXMLSEC_NO_SIZE_T -DXMLSEC_NO_FTP=1 -DXMLSEC_NO_MD5=1 -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_GOST2012=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1
+Libs: -L${libdir} -lxmlsec1 -lltdl
Summary: Library providing support for "XML Signature" and "XML Encryption" standards
Name: xmlsec1
-Version: 1.2.28
+Version: 1.2.39
Release: 1
License: MIT
Group: Development/Libraries
Prefix: %{_prefix}
Docdir: %{_docdir}
-%define _unpackaged_files_terminate_build 0
+%define _unpackaged_files_terminate_build 0
%define _missing_doc_files_terminate_build 0
%description
-XML Security Library is a C library based on LibXML2 and OpenSSL.
-The library was created with a goal to support major XML security
-standards "XML Digital Signature" and "XML Encryption".
+XML Security Library is a C library based on LibXML2 and OpenSSL.
+The library was created with a goal to support major XML security
+standards "XML Digital Signature" and "XML Encryption".
-%package devel
+%package devel
Summary: Libraries, includes, etc. to develop applications with XML Digital Signatures and XML Encryption support.
-Group: Development/Libraries
+Group: Development/Libraries
Requires: xmlsec1 = %{version}
Requires: libxml2-devel >= 2.8.0
Requires: libxslt-devel >= 1.0.20
Requires: libtool-ltdl-devel
%description devel
-Libraries, includes, etc. you can use to develop applications with XML Digital
+Libraries, includes, etc. you can use to develop applications with XML Digital
Signatures and XML Encryption support.
%package openssl
Summary: OpenSSL crypto plugin for XML Security Library
-Group: Development/Libraries
+Group: Development/Libraries
Requires: xmlsec1 = %{version}
Requires: libxml2 >= 2.8.0
Requires: libxslt >= 1.0.20
%package openssl-devel
Summary: OpenSSL crypto plugin for XML Security Library
-Group: Development/Libraries
+Group: Development/Libraries
Requires: xmlsec1 = %{version}
Requires: xmlsec1-devel = %{version}
Requires: xmlsec1-openssl = %{version}
%package nss
Summary: NSS crypto plugin for XML Security Library
-Group: Development/Libraries
+Group: Development/Libraries
Requires: xmlsec1 = %{version}
Requires: libxml2 >= 2.8.0
Requires: libxslt >= 1.0.20
%package nss-devel
Summary: NSS crypto plugin for XML Security Library
-Group: Development/Libraries
+Group: Development/Libraries
Requires: xmlsec1 = %{version}
Requires: xmlsec1-devel = %{version}
Requires: xmlsec1-nss = %{version}
%postun -p /sbin/ldconfig
-%files
+%files
%defattr(-, root, root)
%doc AUTHORS ChangeLog NEWS README Copyright
%{prefix}/bin/xmlsec1
%files devel
-%defattr(-, root, root)
+%defattr(-, root, root)
%{prefix}/bin/xmlsec1-config
%{prefix}/include/xmlsec1/xmlsec/*.h
%{prefix}/lib/libxmlsec1.*a
%{prefix}/lib/pkgconfig/xmlsec1.pc
%{prefix}/lib/xmlsec1Conf.sh
-%{prefix}/share/doc/xmlsec1/*
+%{prefix}/share/doc/xmlsec1/*
%{prefix}/share/aclocal/xmlsec1.m4
%doc AUTHORS HACKING ChangeLog NEWS README Copyright
%doc %{_mandir}/man1/xmlsec1-config.1*
%files openssl
-%defattr(-, root, root)
+%defattr(-, root, root)
%{prefix}/lib/libxmlsec1-openssl.so.*
%{prefix}/lib/libxmlsec1-openssl.so
%files openssl-devel
-%defattr(-, root, root)
+%defattr(-, root, root)
%{prefix}/include/xmlsec1/xmlsec/openssl/*.h
%{prefix}/lib/libxmlsec1-openssl.*a
%{prefix}/lib/pkgconfig/xmlsec1-openssl.pc
%files nss
-%defattr(-, root, root)
+%defattr(-, root, root)
%{prefix}/lib/libxmlsec1-nss.so.*
%{prefix}/lib/libxmlsec1-nss.so
%files nss-devel
-%defattr(-, root, root)
+%defattr(-, root, root)
%{prefix}/include/xmlsec1/xmlsec/nss/*.h
%{prefix}/lib/libxmlsec1-nss.*a
--- /dev/null
+#
+# Configuration file for using the XML library in GNOME applications
+#
+prefix="/usr"
+exec_prefix="${prefix}"
+libdir="${exec_prefix}/lib"
+includedir="${prefix}/include"
+
+XMLSEC_LIBDIR="${exec_prefix}/lib"
+XMLSEC_INCLUDEDIR=" -D__XMLSEC_FUNCTION__=__func__ -DXMLSEC_NO_SIZE_T -DXMLSEC_NO_FTP=1 -DXMLSEC_NO_MD5=1 -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_GOST2012=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1 -I/usr/include/libxml2 -I/usr/include/libxml2 -DXMLSEC_CRYPTO_OPENSSL=1"
+XMLSEC_LIBS="-L${exec_prefix}/lib -lxmlsec1-openssl -lxmlsec1 -lltdl -lxml2 -lxslt -lxml2 -lssl -lcrypto "
+MODULE_VERSION="xmlsec-1.2.39-openssl"
+
projects / platform / upstream / xmlsec1.git / commitdiff