4 * This is free software; see Copyright file in the source
5 * distribution for preciese wording.
7 * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
13 #include <gnutls/gnutls.h>
15 #include <xmlsec/xmlsec.h>
16 #include <xmlsec/keys.h>
17 #include <xmlsec/transforms.h>
18 #include <xmlsec/errors.h>
20 #include <xmlsec/gnutls/app.h>
21 #include <xmlsec/gnutls/crypto.h>
24 * xmlSecGnuTLSAppInit:
25 * @config: the path to GnuTLS configuration (unused).
27 * General crypto engine initialization. This function is used
28 * by XMLSec command line utility and called before
29 * @xmlSecInit function.
31 * Returns: 0 on success or a negative value otherwise.
34 xmlSecGnuTLSAppInit(const char* config ATTRIBUTE_UNUSED) {
37 ret = gnutls_global_init();
39 xmlSecError(XMLSEC_ERRORS_HERE,
42 XMLSEC_ERRORS_R_CRYPTO_FAILED,
50 * xmlSecGnuTLSAppShutdown:
52 * General crypto engine shutdown. This function is used
53 * by XMLSec command line utility and called after
54 * @xmlSecShutdown function.
56 * Returns: 0 on success or a negative value otherwise.
59 xmlSecGnuTLSAppShutdown(void) {
60 gnutls_global_deinit();
65 * xmlSecGnuTLSAppKeyLoad:
66 * @filename: the key filename.
67 * @format: the key file format.
68 * @pwd: the key file password.
69 * @pwdCallback: the key password callback.
70 * @pwdCallbackCtx: the user context for password callback.
72 * Reads key from the a file (not implemented yet).
74 * Returns: pointer to the key or NULL if an error occurs.
77 xmlSecGnuTLSAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
80 void* pwdCallbackCtx) {
81 xmlSecAssert2(filename != NULL, NULL);
82 xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
85 if (format == xmlSecKeyDataFormatPkcs12) {
86 return (xmlSecGnuTLSAppPkcs12Load(filename, pwd, pwdCallback,
91 xmlSecError(XMLSEC_ERRORS_HERE,
93 "xmlSecGnuTLSAppKeyLoad",
94 XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
95 XMLSEC_ERRORS_NO_MESSAGE);
100 * xmlSecGnuTLSAppKeyLoadMemory:
101 * @data: the binary key data.
102 * @dataSize: the size of binary key.
103 * @format: the key file format.
104 * @pwd: the key file password.
105 * @pwdCallback: the key password callback.
106 * @pwdCallbackCtx: the user context for password callback.
108 * Reads key from the memory buffer (not implemented yet).
110 * Returns: pointer to the key or NULL if an error occurs.
113 xmlSecGnuTLSAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
114 xmlSecKeyDataFormat format, const char *pwd,
115 void* pwdCallback, void* pwdCallbackCtx) {
116 xmlSecAssert2(data != NULL, NULL);
117 xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
119 if (format == xmlSecKeyDataFormatPkcs12) {
120 return (xmlSecGnuTLSAppPkcs12LoadMemory(data, dataSize, pwd,
121 pwdCallback, pwdCallbackCtx));
125 xmlSecError(XMLSEC_ERRORS_HERE,
127 "xmlSecGnuTLSAppKeyLoadMemory",
128 XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
129 XMLSEC_ERRORS_NO_MESSAGE);
133 #ifndef XMLSEC_NO_X509
135 * xmlSecGnuTLSAppKeyCertLoad:
136 * @key: the pointer to key.
137 * @filename: the certificate filename.
138 * @format: the certificate file format.
140 * Reads the certificate from $@filename and adds it to key
141 * (not implemented yet).
143 * Returns: 0 on success or a negative value otherwise.
146 xmlSecGnuTLSAppKeyCertLoad(xmlSecKeyPtr key, const char* filename,
147 xmlSecKeyDataFormat format) {
148 xmlSecAssert2(key != NULL, -1);
149 xmlSecAssert2(filename != NULL, -1);
150 xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
153 xmlSecError(XMLSEC_ERRORS_HERE,
155 "xmlSecGnuTLSAppKeyCertLoad",
156 XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
157 XMLSEC_ERRORS_NO_MESSAGE);
162 * xmlSecGnuTLSAppKeyCertLoadMemory:
163 * @key: the pointer to key.
164 * @data: the certificate binary data.
165 * @dataSize: the certificate binary data size.
166 * @format: the certificate file format.
168 * Reads the certificate from memory buffer and adds it to key (not implemented yet).
170 * Returns: 0 on success or a negative value otherwise.
173 xmlSecGnuTLSAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize,
174 xmlSecKeyDataFormat format) {
175 xmlSecAssert2(key != NULL, -1);
176 xmlSecAssert2(data != NULL, -1);
177 xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
180 xmlSecError(XMLSEC_ERRORS_HERE,
182 "xmlSecGnuTLSAppKeyCertLoadMemory",
183 XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
184 XMLSEC_ERRORS_NO_MESSAGE);
189 * xmlSecGnuTLSAppPkcs12Load:
190 * @filename: the PKCS12 key filename.
191 * @pwd: the PKCS12 file password.
192 * @pwdCallback: the password callback.
193 * @pwdCallbackCtx: the user context for password callback.
195 * Reads key and all associated certificates from the PKCS12 file
196 * (not implemented yet).
197 * For uniformity, call xmlSecGnuTLSAppKeyLoad instead of this function. Pass
198 * in format=xmlSecKeyDataFormatPkcs12.
200 * Returns: pointer to the key or NULL if an error occurs.
203 xmlSecGnuTLSAppPkcs12Load(const char *filename,
204 const char *pwd ATTRIBUTE_UNUSED,
205 void* pwdCallback ATTRIBUTE_UNUSED,
206 void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
207 xmlSecAssert2(filename != NULL, NULL);
210 xmlSecError(XMLSEC_ERRORS_HERE,
212 "xmlSecGnuTLSAppPkcs12Load",
213 XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
214 XMLSEC_ERRORS_NO_MESSAGE);
219 * xmlSecGnuTLSAppPkcs12LoadMemory:
220 * @data: the PKCS12 binary data.
221 * @dataSize: the PKCS12 binary data size.
222 * @pwd: the PKCS12 file password.
223 * @pwdCallback: the password callback.
224 * @pwdCallbackCtx: the user context for password callback.
226 * Reads key and all associated certificates from the PKCS12 data in memory buffer.
227 * For uniformity, call xmlSecGnuTLSAppKeyLoadMemory instead of this function. Pass
228 * in format=xmlSecKeyDataFormatPkcs12 (not implemented yet).
230 * Returns: pointer to the key or NULL if an error occurs.
233 xmlSecGnuTLSAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
234 const char *pwd, void* pwdCallback,
235 void* pwdCallbackCtx) {
236 xmlSecAssert2(data != NULL, NULL);
238 xmlSecError(XMLSEC_ERRORS_HERE,
240 "xmlSecGnuTLSAppPkcs12LoadMemory",
241 XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
242 XMLSEC_ERRORS_NO_MESSAGE);
247 * xmlSecGnuTLSAppKeysMngrCertLoad:
248 * @mngr: the keys manager.
249 * @filename: the certificate file.
250 * @format: the certificate file format.
251 * @type: the flag that indicates is the certificate in @filename
254 * Reads cert from @filename and adds to the list of trusted or known
255 * untrusted certs in @store (not implemented yet).
257 * Returns: 0 on success or a negative value otherwise.
260 xmlSecGnuTLSAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
261 xmlSecKeyDataFormat format,
262 xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
263 xmlSecAssert2(mngr != NULL, -1);
264 xmlSecAssert2(filename != NULL, -1);
265 xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
268 xmlSecError(XMLSEC_ERRORS_HERE,
270 "xmlSecGnuTLSAppKeysMngrCertLoad",
271 XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
272 XMLSEC_ERRORS_NO_MESSAGE);
277 * xmlSecGnuTLSAppKeysMngrCertLoadMemory:
278 * @mngr: the keys manager.
279 * @data: the certificate binary data.
280 * @dataSize: the certificate binary data size.
281 * @format: the certificate file format.
282 * @type: the flag that indicates is the certificate trusted or not.
284 * Reads cert from binary buffer @data and adds to the list of trusted or known
285 * untrusted certs in @store (not implemented yet).
287 * Returns: 0 on success or a negative value otherwise.
290 xmlSecGnuTLSAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data,
291 xmlSecSize dataSize, xmlSecKeyDataFormat format,
292 xmlSecKeyDataType type) {
293 xmlSecAssert2(mngr != NULL, -1);
294 xmlSecAssert2(data != NULL, -1);
295 xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
298 xmlSecError(XMLSEC_ERRORS_HERE,
300 "xmlSecGnuTLSAppKeysMngrCertLoadMemory",
301 XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
302 XMLSEC_ERRORS_NO_MESSAGE);
306 #endif /* XMLSEC_NO_X509 */
309 * xmlSecGnuTLSAppDefaultKeysMngrInit:
310 * @mngr: the pointer to keys manager.
312 * Initializes @mngr with simple keys store #xmlSecSimpleKeysStoreId
313 * and a default GnuTLS crypto key data stores.
315 * Returns: 0 on success or a negative value otherwise.
318 xmlSecGnuTLSAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
321 xmlSecAssert2(mngr != NULL, -1);
323 /* create simple keys store if needed */
324 if(xmlSecKeysMngrGetKeysStore(mngr) == NULL) {
325 xmlSecKeyStorePtr keysStore;
327 keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
328 if(keysStore == NULL) {
329 xmlSecError(XMLSEC_ERRORS_HERE,
331 "xmlSecKeyStoreCreate",
332 XMLSEC_ERRORS_R_XMLSEC_FAILED,
333 "xmlSecSimpleKeysStoreId");
337 ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
339 xmlSecError(XMLSEC_ERRORS_HERE,
341 "xmlSecKeysMngrAdoptKeysStore",
342 XMLSEC_ERRORS_R_XMLSEC_FAILED,
343 XMLSEC_ERRORS_NO_MESSAGE);
344 xmlSecKeyStoreDestroy(keysStore);
349 ret = xmlSecGnuTLSKeysMngrInit(mngr);
351 xmlSecError(XMLSEC_ERRORS_HERE,
353 "xmlSecGnuTLSKeysMngrInit",
354 XMLSEC_ERRORS_R_XMLSEC_FAILED,
355 XMLSEC_ERRORS_NO_MESSAGE);
360 mngr->getKey = xmlSecKeysMngrGetKey;
365 * xmlSecGnuTLSAppDefaultKeysMngrAdoptKey:
366 * @mngr: the pointer to keys manager.
367 * @key: the pointer to key.
369 * Adds @key to the keys manager @mngr created with #xmlSecGnuTLSAppDefaultKeysMngrInit
372 * Returns: 0 on success or a negative value otherwise.
375 xmlSecGnuTLSAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) {
376 xmlSecKeyStorePtr store;
379 xmlSecAssert2(mngr != NULL, -1);
380 xmlSecAssert2(key != NULL, -1);
382 store = xmlSecKeysMngrGetKeysStore(mngr);
384 xmlSecError(XMLSEC_ERRORS_HERE,
386 "xmlSecKeysMngrGetKeysStore",
387 XMLSEC_ERRORS_R_XMLSEC_FAILED,
388 XMLSEC_ERRORS_NO_MESSAGE);
392 ret = xmlSecSimpleKeysStoreAdoptKey(store, key);
394 xmlSecError(XMLSEC_ERRORS_HERE,
396 "xmlSecSimpleKeysStoreAdoptKey",
397 XMLSEC_ERRORS_R_XMLSEC_FAILED,
398 XMLSEC_ERRORS_NO_MESSAGE);
406 * xmlSecGnuTLSAppDefaultKeysMngrLoad:
407 * @mngr: the pointer to keys manager.
410 * Loads XML keys file from @uri to the keys manager @mngr created
411 * with #xmlSecGnuTLSAppDefaultKeysMngrInit function.
413 * Returns: 0 on success or a negative value otherwise.
416 xmlSecGnuTLSAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) {
417 xmlSecKeyStorePtr store;
420 xmlSecAssert2(mngr != NULL, -1);
421 xmlSecAssert2(uri != NULL, -1);
423 store = xmlSecKeysMngrGetKeysStore(mngr);
425 xmlSecError(XMLSEC_ERRORS_HERE,
427 "xmlSecKeysMngrGetKeysStore",
428 XMLSEC_ERRORS_R_XMLSEC_FAILED,
429 XMLSEC_ERRORS_NO_MESSAGE);
433 ret = xmlSecSimpleKeysStoreLoad(store, uri, mngr);
435 xmlSecError(XMLSEC_ERRORS_HERE,
437 "xmlSecSimpleKeysStoreLoad",
438 XMLSEC_ERRORS_R_XMLSEC_FAILED,
439 "uri=%s", xmlSecErrorsSafeString(uri));
447 * xmlSecGnuTLSAppDefaultKeysMngrSave:
448 * @mngr: the pointer to keys manager.
449 * @filename: the destination filename.
450 * @type: the type of keys to save (public/private/symmetric).
452 * Saves keys from @mngr to XML keys file.
454 * Returns: 0 on success or a negative value otherwise.
457 xmlSecGnuTLSAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename, xmlSecKeyDataType type) {
458 xmlSecKeyStorePtr store;
461 xmlSecAssert2(mngr != NULL, -1);
462 xmlSecAssert2(filename != NULL, -1);
464 store = xmlSecKeysMngrGetKeysStore(mngr);
466 xmlSecError(XMLSEC_ERRORS_HERE,
468 "xmlSecKeysMngrGetKeysStore",
469 XMLSEC_ERRORS_R_XMLSEC_FAILED,
470 XMLSEC_ERRORS_NO_MESSAGE);
474 ret = xmlSecSimpleKeysStoreSave(store, filename, type);
476 xmlSecError(XMLSEC_ERRORS_HERE,
478 "xmlSecSimpleKeysStoreSave",
479 XMLSEC_ERRORS_R_XMLSEC_FAILED,
481 xmlSecErrorsSafeString(filename));
489 * xmlSecGnuTLSAppGetDefaultPwdCallback:
491 * Gets default password callback.
493 * Returns: default password callback.
496 xmlSecGnuTLSAppGetDefaultPwdCallback(void) {