2 * XML Security Library (http://www.aleksey.com/xmlsec).
4 * These are internal private declarations. You don't want to use this file
5 * unless you are building xmlsec or xmlsec-<crypto> library
7 * This is free software; see Copyright file in the source
8 * distribution for preciese wording.
10 * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
12 #ifndef __XMLSEC_PRIVATE_H__
13 #define __XMLSEC_PRIVATE_H__
15 #ifndef XMLSEC_PRIVATE
16 #error "xmlsec/private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
17 #endif /* XMLSEC_PRIVATE */
21 #endif /* __cplusplus */
23 #include <libxml/tree.h>
24 #include <libxml/xmlIO.h>
26 #include <xmlsec/xmlsec.h>
27 #include <xmlsec/keysdata.h>
28 #include <xmlsec/keys.h>
29 #include <xmlsec/keysmngr.h>
30 #include <xmlsec/transforms.h>
33 /*****************************************************************************
35 * Crypto Init/shutdown
37 ****************************************************************************/
39 * xmlSecCryptoInitMethod:
41 * xmlsec-crypto libraryinitialization method.
43 * Returns: 0 on success or a negative value otherwise.
45 typedef int (*xmlSecCryptoInitMethod) (void);
47 * xmlSecCryptoShutdownMethod:
49 * xmlsec-crypto library shutdown method.
51 * Returns: 0 on success or a negative value otherwise.
53 typedef int (*xmlSecCryptoShutdownMethod) (void);
55 * xmlSecCryptoKeysMngrInitMethod:
56 * @mngr: the pointer to keys manager.
58 * Initializes @mngr with xmlsec-crypto library specific data.
60 * Returns: 0 on success or a negative value otherwise.
62 typedef int (*xmlSecCryptoKeysMngrInitMethod) (xmlSecKeysMngrPtr mngr);
64 /*****************************************************************************
68 ****************************************************************************/
70 * xmlSecCryptoKeyDataGetKlassMethod:
72 * Gets the key data klass.
74 * Returns: pointer to key data klass or NULL if an error occurs
75 * (the xmlsec-crypto library is not loaded or this key data klass is not
78 typedef xmlSecKeyDataId (*xmlSecCryptoKeyDataGetKlassMethod) (void);
80 /*****************************************************************************
84 ****************************************************************************/
86 * xmlSecCryptoKeyDataStoreGetKlassMethod:
88 * Gets the key data store klass.
90 * Returns: pointer to key data store klass or NULL if an error occurs
91 * (the xmlsec-crypto library is not loaded or this key data store klass is not
94 typedef xmlSecKeyDataStoreId (*xmlSecCryptoKeyDataStoreGetKlassMethod)(void);
96 /*****************************************************************************
98 * Crypto transforms ids
100 ****************************************************************************/
102 * xmlSecCryptoTransformGetKlassMethod:
104 * Gets the transform klass.
106 * Returns: pointer to transform klass or NULL if an error occurs
107 * (the xmlsec-crypto library is not loaded or this transform is not
110 typedef xmlSecTransformId (*xmlSecCryptoTransformGetKlassMethod) (void);
112 /*****************************************************************************
114 * High level routines form xmlsec command line utility
116 ****************************************************************************/
118 * xmlSecCryptoAppInitMethod:
119 * @config: the path to crypto library configuration.
121 * General crypto engine initialization. This function is used
122 * by XMLSec command line utility and called before
123 * @xmlSecInit function.
125 * Returns: 0 on success or a negative value otherwise.
127 typedef int (*xmlSecCryptoAppInitMethod) (const char* config);
129 * xmlSecCryptoAppShutdownMethod:
131 * General crypto engine shutdown. This function is used
132 * by XMLSec command line utility and called after
133 * @xmlSecShutdown function.
135 * Returns: 0 on success or a negative value otherwise.
137 typedef int (*xmlSecCryptoAppShutdownMethod) (void);
139 * xmlSecCryptoAppDefaultKeysMngrInitMethod:
140 * @mngr: the pointer to keys manager.
142 * Initializes @mngr with simple keys store #xmlSecSimpleKeysStoreId
143 * and a default crypto key data stores.
145 * Returns: 0 on success or a negative value otherwise.
147 typedef int (*xmlSecCryptoAppDefaultKeysMngrInitMethod)
148 (xmlSecKeysMngrPtr mngr);
150 * xmlSecCryptoAppDefaultKeysMngrAdoptKeyMethod:
151 * @mngr: the pointer to keys manager.
152 * @key: the pointer to key.
154 * Adds @key to the keys manager @mngr created with #xmlSecCryptoAppDefaultKeysMngrInit
157 * Returns: 0 on success or a negative value otherwise.
159 typedef int (*xmlSecCryptoAppDefaultKeysMngrAdoptKeyMethod)
160 (xmlSecKeysMngrPtr mngr,
163 * xmlSecCryptoAppDefaultKeysMngrLoadMethod:
164 * @mngr: the pointer to keys manager.
167 * Loads XML keys file from @uri to the keys manager @mngr created
168 * with #xmlSecCryptoAppDefaultKeysMngrInit function.
170 * Returns: 0 on success or a negative value otherwise.
172 typedef int (*xmlSecCryptoAppDefaultKeysMngrLoadMethod)
173 (xmlSecKeysMngrPtr mngr,
176 * xmlSecCryptoAppDefaultKeysMngrSaveMethod:
177 * @mngr: the pointer to keys manager.
178 * @filename: the destination filename.
179 * @type: the type of keys to save (public/private/symmetric).
181 * Saves keys from @mngr to XML keys file.
183 * Returns: 0 on success or a negative value otherwise.
185 typedef int (*xmlSecCryptoAppDefaultKeysMngrSaveMethod)
186 (xmlSecKeysMngrPtr mngr,
187 const char* filename,
188 xmlSecKeyDataType type);
190 * xmlSecCryptoAppKeysMngrCertLoadMethod:
191 * @mngr: the keys manager.
192 * @filename: the certificate file.
193 * @format: the certificate file format.
194 * @type: the flag that indicates is the certificate in @filename
197 * Reads cert from @filename and adds to the list of trusted or known
198 * untrusted certs in @store.
200 * Returns: 0 on success or a negative value otherwise.
202 typedef int (*xmlSecCryptoAppKeysMngrCertLoadMethod)(xmlSecKeysMngrPtr mngr,
203 const char *filename,
204 xmlSecKeyDataFormat format,
205 xmlSecKeyDataType type);
207 * xmlSecCryptoAppKeysMngrCertLoadMemoryMethod:
208 * @mngr: the keys manager.
209 * @data: the key data.
210 * @dataSize: the key data size.
211 * @format: the certificate format.
212 * @type: the flag that indicates is the certificate in @data
215 * Reads cert from @data and adds to the list of trusted or known
216 * untrusted certs in @store.
218 * Returns: 0 on success or a negative value otherwise.
220 typedef int (*xmlSecCryptoAppKeysMngrCertLoadMemoryMethod)(xmlSecKeysMngrPtr mngr,
221 const xmlSecByte* data,
223 xmlSecKeyDataFormat format,
224 xmlSecKeyDataType type);
226 * xmlSecCryptoAppKeyLoadMethod:
227 * @filename: the key filename.
228 * @format: the key file format.
229 * @pwd: the key file password.
230 * @pwdCallback: the key password callback.
231 * @pwdCallbackCtx: the user context for password callback.
233 * Reads key from the a file.
235 * Returns: pointer to the key or NULL if an error occurs.
237 typedef xmlSecKeyPtr (*xmlSecCryptoAppKeyLoadMethod) (const char *filename,
238 xmlSecKeyDataFormat format,
241 void* pwdCallbackCtx);
244 * xmlSecCryptoAppKeyLoadMemoryMethod:
245 * @data: the key data.
246 * @dataSize: the key data size.
247 * @format: the key data format.
248 * @pwd: the key data password.
249 * @pwdCallback: the key password callback.
250 * @pwdCallbackCtx: the user context for password callback.
252 * Reads key from the binary data buffer.
254 * Returns: pointer to the key or NULL if an error occurs.
256 typedef xmlSecKeyPtr (*xmlSecCryptoAppKeyLoadMemoryMethod) (const xmlSecByte* data,
258 xmlSecKeyDataFormat format,
261 void* pwdCallbackCtx);
265 * xmlSecCryptoAppPkcs12LoadMethod:
266 * @filename: the PKCS12 key filename.
267 * @pwd: the PKCS12 file password.
268 * @pwdCallback: the password callback.
269 * @pwdCallbackCtx: the user context for password callback.
271 * Reads key and all associated certificates from the PKCS12 file.
272 * For uniformity, call xmlSecCryptoAppKeyLoad instead of this function. Pass
273 * in format=xmlSecKeyDataFormatPkcs12.
275 * Returns: pointer to the key or NULL if an error occurs.
277 typedef xmlSecKeyPtr (*xmlSecCryptoAppPkcs12LoadMethod) (const char* filename,
280 void* pwdCallbackCtx);
282 * xmlSecCryptoAppPkcs12LoadMemoryMethod:
283 * @data: the pkcs12 data.
284 * @dataSize: the pkcs12 data size.
285 * @pwd: the PKCS12 data password.
286 * @pwdCallback: the password callback.
287 * @pwdCallbackCtx: the user context for password callback.
289 * Reads key and all associated certificates from the PKCS12 binary data.
290 * For uniformity, call xmlSecCryptoAppKeyLoad instead of this function. Pass
291 * in format=xmlSecKeyDataFormatPkcs12.
293 * Returns: pointer to the key or NULL if an error occurs.
295 typedef xmlSecKeyPtr (*xmlSecCryptoAppPkcs12LoadMemoryMethod)(const xmlSecByte* data,
299 void* pwdCallbackCtx);
301 * xmlSecCryptoAppKeyCertLoadMethod:
302 * @key: the pointer to key.
303 * @filename: the certificate filename.
304 * @format: the certificate file format.
306 * Reads the certificate from $@filename and adds it to key.
308 * Returns: 0 on success or a negative value otherwise.
310 typedef int (*xmlSecCryptoAppKeyCertLoadMethod) (xmlSecKeyPtr key,
311 const char* filename,
312 xmlSecKeyDataFormat format);
315 * xmlSecCryptoAppKeyCertLoadMemoryMethod:
316 * @key: the pointer to key.
317 * @data: the cert data.
318 * @dataSize: the cert data size.
319 * @format: the certificate data format.
321 * Reads the certificate from binary @data buffer and adds it to key.
323 * Returns: 0 on success or a negative value otherwise.
325 typedef int (*xmlSecCryptoAppKeyCertLoadMemoryMethod)(xmlSecKeyPtr key,
326 const xmlSecByte* data,
328 xmlSecKeyDataFormat format);
330 * xmlSecCryptoDLFunctions:
331 * @cryptoInit: the xmlsec-crypto library initialization method.
332 * @cryptoShutdown: the xmlsec-crypto library shutdown method.
333 * @cryptoKeysMngrInit: the xmlsec-crypto library keys manager init method.
334 * @keyDataAesGetKlass: the method to get pointer to AES key data klass.
335 * @keyDataDesGetKlass: the method to get pointer to DES key data klass.
336 * @keyDataDsaGetKlass: the method to get pointer to DSA key data klass.
337 * @keyDataGost2001GetKlass: the method to get pointer to GOST 2001 key data klass.
338 * @keyDataHmacGetKlass: the method to get pointer to HMAC key data klass.
339 * @keyDataRsaGetKlass: the method to get pointer to RSA key data klass.
340 * @keyDataX509GetKlass: the method to get pointer to X509 key data klass.
341 * @keyDataRawX509CertGetKlass: the method to get pointer to raw X509 cert key data klass.
342 * @x509StoreGetKlass: the method to get pointer to X509 key data store.
343 * @transformAes128CbcGetKlass: the method to get pointer to AES 128 encryption transform.
344 * @transformAes192CbcGetKlass: the method to get pointer to AES 192 encryption transform.
345 * @transformAes256CbcGetKlass: the method to get pointer to AES 256 encryption transform.
346 * @transformKWAes128GetKlass: the method to get pointer to AES 128 key wrapper transform.
347 * @transformKWAes192GetKlass: the method to get pointer to AES 192 key wrapper transform.
348 * @transformKWAes256GetKlass: the method to get pointer to AES 256 key wrapper transform.
349 * @transformDes3CbcGetKlass: the method to get pointer to Triple DES encryption transform.
350 * @transformKWDes3GetKlass: the method to get pointer to Triple DES key wrapper transform.
351 * @transformDsaSha1GetKlass: the method to get pointer to DSA-SHA1 signature transform.
352 * @transformGost2001GostR3411_94GetKlass: the method to get pointer to GOST2001 transform.
353 * @transformHmacMd5GetKlass: the method to get pointer to HMAC-MD5 transform.
354 * @transformHmacRipemd160GetKlass: the method to get pointer to HMAC-RIPEMD160 transform.
355 * @transformHmacSha1GetKlass: the method to get pointer to HMAC-SHA1 transform.
356 * @transformHmacSha224GetKlass: the method to get pointer to HMAC-SHA224 transform.
357 * @transformHmacSha256GetKlass: the method to get pointer to HMAC-SHA256 transform.
358 * @transformHmacSha384GetKlass: the method to get pointer to HMAC-SHA384 transform.
359 * @transformHmacSha512GetKlass: the method to get pointer to HMAC-SHA512 transform.
360 * @transformMd5GetKlass: the method to get pointer to MD5 digest transform.
361 * @transformRipemd160GetKlass: the method to get pointer to RIPEMD160 digest transform.
362 * @transformRsaMd5GetKlass: the method to get pointer to RSA-MD5 signature transform.
363 * @transformRsaRipemd160GetKlass: the method to get pointer to RSA-RIPEMD160 signature transform.
364 * @transformRsaSha1GetKlass: the method to get pointer to RSA-SHA1 signature transform.
365 * @transformRsaSha224GetKlass: the method to get pointer to RSA-SHA224 signature transform.
366 * @transformRsaSha256GetKlass: the method to get pointer to RSA-SHA256 signature transform.
367 * @transformRsaSha384GetKlass: the method to get pointer to RSA-SHA384 signature transform.
368 * @transformRsaSha512GetKlass: the method to get pointer to RSA-SHA512 signature transform.
369 * @transformRsaPkcs1GetKlass: the method to get pointer to RSA-PKCS1_5 key transport transform.
370 * @transformRsaOaepGetKlass: the method to get pointer to RSA-OAEP key transport transform.
371 * @transformGostR3411_94GetKlass: the method to get pointer to GOST R3411 transform.
372 * @transformSha1GetKlass: the method to get pointer to SHA1 digest transform.
373 * @transformSha224GetKlass: the method to get pointer to SHA224 digest transform.
374 * @transformSha256GetKlass: the method to get pointer to SHA256 digest transform.
375 * @transformSha384GetKlass: the method to get pointer to SHA384 digest transform.
376 * @transformSha512GetKlass: the method to get pointer to SHA512 digest transform.
377 * @cryptoAppInit: the default crypto engine initialization method.
378 * @cryptoAppShutdown: the default crypto engine shutdown method.
379 * @cryptoAppDefaultKeysMngrInit: the default keys manager init method.
380 * @cryptoAppDefaultKeysMngrAdoptKey: the default keys manager adopt key method.
381 * @cryptoAppDefaultKeysMngrLoad: the default keys manager load method.
382 * @cryptoAppDefaultKeysMngrSave: the default keys manager save method.
383 * @cryptoAppKeysMngrCertLoad: the default keys manager file cert load method.
384 * @cryptoAppKeysMngrCertLoadMemory: the default keys manager memory cert load method.
385 * @cryptoAppKeyLoad: the key file load method.
386 * @cryptoAppKeyLoadMemory: the meory key load method.
387 * @cryptoAppPkcs12Load: the pkcs12 file load method.
388 * @cryptoAppPkcs12LoadMemory: the memory pkcs12 load method.
389 * @cryptoAppKeyCertLoad: the cert file load method.
390 * @cryptoAppKeyCertLoadMemory: the memory cert load method.
391 * @cryptoAppDefaultPwdCallback:the default password callback.
393 * The list of crypto engine functions, key data and transform classes.
395 struct _xmlSecCryptoDLFunctions {
397 * Crypto Init/shutdown
399 xmlSecCryptoInitMethod cryptoInit;
400 xmlSecCryptoShutdownMethod cryptoShutdown;
401 xmlSecCryptoKeysMngrInitMethod cryptoKeysMngrInit;
406 xmlSecCryptoKeyDataGetKlassMethod keyDataAesGetKlass;
407 xmlSecCryptoKeyDataGetKlassMethod keyDataDesGetKlass;
408 xmlSecCryptoKeyDataGetKlassMethod keyDataDsaGetKlass;
409 xmlSecCryptoKeyDataGetKlassMethod keyDataGost2001GetKlass;
410 xmlSecCryptoKeyDataGetKlassMethod keyDataHmacGetKlass;
411 xmlSecCryptoKeyDataGetKlassMethod keyDataRsaGetKlass;
412 xmlSecCryptoKeyDataGetKlassMethod keyDataX509GetKlass;
413 xmlSecCryptoKeyDataGetKlassMethod keyDataRawX509CertGetKlass;
418 xmlSecCryptoKeyDataStoreGetKlassMethod x509StoreGetKlass;
421 * Crypto transforms ids
423 xmlSecCryptoTransformGetKlassMethod transformAes128CbcGetKlass;
424 xmlSecCryptoTransformGetKlassMethod transformAes192CbcGetKlass;
425 xmlSecCryptoTransformGetKlassMethod transformAes256CbcGetKlass;
426 xmlSecCryptoTransformGetKlassMethod transformKWAes128GetKlass;
427 xmlSecCryptoTransformGetKlassMethod transformKWAes192GetKlass;
428 xmlSecCryptoTransformGetKlassMethod transformKWAes256GetKlass;
429 xmlSecCryptoTransformGetKlassMethod transformDes3CbcGetKlass;
430 xmlSecCryptoTransformGetKlassMethod transformKWDes3GetKlass;
431 xmlSecCryptoTransformGetKlassMethod transformDsaSha1GetKlass;
432 xmlSecCryptoTransformGetKlassMethod transformGost2001GostR3411_94GetKlass;
433 xmlSecCryptoTransformGetKlassMethod transformHmacMd5GetKlass;
434 xmlSecCryptoTransformGetKlassMethod transformHmacRipemd160GetKlass;
435 xmlSecCryptoTransformGetKlassMethod transformHmacSha1GetKlass;
436 xmlSecCryptoTransformGetKlassMethod transformHmacSha224GetKlass;
437 xmlSecCryptoTransformGetKlassMethod transformHmacSha256GetKlass;
438 xmlSecCryptoTransformGetKlassMethod transformHmacSha384GetKlass;
439 xmlSecCryptoTransformGetKlassMethod transformHmacSha512GetKlass;
440 xmlSecCryptoTransformGetKlassMethod transformMd5GetKlass;
441 xmlSecCryptoTransformGetKlassMethod transformRipemd160GetKlass;
442 xmlSecCryptoTransformGetKlassMethod transformRsaMd5GetKlass;
443 xmlSecCryptoTransformGetKlassMethod transformRsaRipemd160GetKlass;
444 xmlSecCryptoTransformGetKlassMethod transformRsaSha1GetKlass;
445 xmlSecCryptoTransformGetKlassMethod transformRsaSha224GetKlass;
446 xmlSecCryptoTransformGetKlassMethod transformRsaSha256GetKlass;
447 xmlSecCryptoTransformGetKlassMethod transformRsaSha384GetKlass;
448 xmlSecCryptoTransformGetKlassMethod transformRsaSha512GetKlass;
449 xmlSecCryptoTransformGetKlassMethod transformRsaPkcs1GetKlass;
450 xmlSecCryptoTransformGetKlassMethod transformRsaOaepGetKlass;
451 xmlSecCryptoTransformGetKlassMethod transformGostR3411_94GetKlass;
452 xmlSecCryptoTransformGetKlassMethod transformSha1GetKlass;
453 xmlSecCryptoTransformGetKlassMethod transformSha224GetKlass;
454 xmlSecCryptoTransformGetKlassMethod transformSha256GetKlass;
455 xmlSecCryptoTransformGetKlassMethod transformSha384GetKlass;
456 xmlSecCryptoTransformGetKlassMethod transformSha512GetKlass;
459 * High level routines form xmlsec command line utility
461 xmlSecCryptoAppInitMethod cryptoAppInit;
462 xmlSecCryptoAppShutdownMethod cryptoAppShutdown;
463 xmlSecCryptoAppDefaultKeysMngrInitMethod cryptoAppDefaultKeysMngrInit;
464 xmlSecCryptoAppDefaultKeysMngrAdoptKeyMethod cryptoAppDefaultKeysMngrAdoptKey;
465 xmlSecCryptoAppDefaultKeysMngrLoadMethod cryptoAppDefaultKeysMngrLoad;
466 xmlSecCryptoAppDefaultKeysMngrSaveMethod cryptoAppDefaultKeysMngrSave;
467 xmlSecCryptoAppKeysMngrCertLoadMethod cryptoAppKeysMngrCertLoad;
468 xmlSecCryptoAppKeysMngrCertLoadMemoryMethod cryptoAppKeysMngrCertLoadMemory;
469 xmlSecCryptoAppKeyLoadMethod cryptoAppKeyLoad;
470 xmlSecCryptoAppKeyLoadMemoryMethod cryptoAppKeyLoadMemory;
471 xmlSecCryptoAppPkcs12LoadMethod cryptoAppPkcs12Load;
472 xmlSecCryptoAppPkcs12LoadMemoryMethod cryptoAppPkcs12LoadMemory;
473 xmlSecCryptoAppKeyCertLoadMethod cryptoAppKeyCertLoad;
474 xmlSecCryptoAppKeyCertLoadMemoryMethod cryptoAppKeyCertLoadMemory;
475 void* cryptoAppDefaultPwdCallback;
478 #include <libxml/xmlstring.h>
483 * Prints a string (see @xmlStrPrintf).
485 #define xmlSecStrPrintf xmlStrPrintf
490 * Prints a string (see @xmlStrVPrintf).
492 #define xmlSecStrVPrintf xmlStrVPrintf
496 #endif /* __cplusplus */
498 #endif /* __XMLSEC_PRIVATE_H__ */