4 * This is free software; see Copyright file in the source
5 * distribution for preciese wording.
7 * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
8 * Copyright (c) 2003 America Online, Inc. All rights reserved.
10 #ifndef XMLSEC_NO_HMAC
20 #include <xmlsec/xmlsec.h>
21 #include <xmlsec/xmltree.h>
22 #include <xmlsec/keys.h>
23 #include <xmlsec/transforms.h>
24 #include <xmlsec/errors.h>
26 #include <xmlsec/nss/app.h>
27 #include <xmlsec/nss/crypto.h>
30 #define XMLSEC_NSS_MIN_HMAC_SIZE 80
31 #define XMLSEC_NSS_MAX_HMAC_SIZE (128 * 8)
33 /**************************************************************************
37 *****************************************************************************/
38 static int g_xmlsec_nss_hmac_min_length = XMLSEC_NSS_MIN_HMAC_SIZE;
41 * xmlSecNssHmacGetMinOutputLength:
43 * Gets the value of min HMAC length.
45 * Returns: the min HMAC output length
47 int xmlSecNssHmacGetMinOutputLength(void)
49 return g_xmlsec_nss_hmac_min_length;
53 * xmlSecNssHmacSetMinOutputLength:
54 * @min_length: the new min length
56 * Sets the min HMAC output length
58 void xmlSecNssHmacSetMinOutputLength(int min_length)
60 g_xmlsec_nss_hmac_min_length = min_length;
63 /**************************************************************************
65 * Internal NSS HMAC CTX
67 *****************************************************************************/
68 typedef struct _xmlSecNssHmacCtx xmlSecNssHmacCtx, *xmlSecNssHmacCtxPtr;
69 struct _xmlSecNssHmacCtx {
70 CK_MECHANISM_TYPE digestType;
71 PK11Context* digestCtx;
72 xmlSecByte dgst[XMLSEC_NSS_MAX_HMAC_SIZE / 8];
73 xmlSecSize dgstSize; /* dgst size in bits */
76 /******************************************************************************
80 * xmlSecNssHmacCtx is located after xmlSecTransform
82 *****************************************************************************/
83 #define xmlSecNssHmacGetCtx(transform) \
84 ((xmlSecNssHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
85 #define xmlSecNssHmacSize \
86 (sizeof(xmlSecTransform) + sizeof(xmlSecNssHmacCtx))
87 #define xmlSecNssHmacCheckId(transform) \
88 (xmlSecTransformCheckId((transform), xmlSecNssTransformHmacSha1Id) || \
89 xmlSecTransformCheckId((transform), xmlSecNssTransformHmacMd5Id) || \
90 xmlSecTransformCheckId((transform), xmlSecNssTransformHmacRipemd160Id))
92 static int xmlSecNssHmacInitialize (xmlSecTransformPtr transform);
93 static void xmlSecNssHmacFinalize (xmlSecTransformPtr transform);
94 static int xmlSecNssHmacNodeRead (xmlSecTransformPtr transform,
96 xmlSecTransformCtxPtr transformCtx);
97 static int xmlSecNssHmacSetKeyReq (xmlSecTransformPtr transform,
98 xmlSecKeyReqPtr keyReq);
99 static int xmlSecNssHmacSetKey (xmlSecTransformPtr transform,
101 static int xmlSecNssHmacVerify (xmlSecTransformPtr transform,
102 const xmlSecByte* data,
104 xmlSecTransformCtxPtr transformCtx);
105 static int xmlSecNssHmacExecute (xmlSecTransformPtr transform,
107 xmlSecTransformCtxPtr transformCtx);
110 xmlSecNssHmacInitialize(xmlSecTransformPtr transform) {
111 xmlSecNssHmacCtxPtr ctx;
113 xmlSecAssert2(xmlSecNssHmacCheckId(transform), -1);
114 xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
116 ctx = xmlSecNssHmacGetCtx(transform);
117 xmlSecAssert2(ctx != NULL, -1);
119 memset(ctx, 0, sizeof(xmlSecNssHmacCtx));
120 if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha1Id)) {
121 ctx->digestType = CKM_SHA_1_HMAC;
122 } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacMd5Id)) {
123 ctx->digestType = CKM_MD5_HMAC;
124 } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacRipemd160Id)) {
125 ctx->digestType = CKM_RIPEMD160_HMAC;
127 xmlSecError(XMLSEC_ERRORS_HERE,
128 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
130 XMLSEC_ERRORS_R_INVALID_TRANSFORM,
131 XMLSEC_ERRORS_NO_MESSAGE);
138 xmlSecNssHmacFinalize(xmlSecTransformPtr transform) {
139 xmlSecNssHmacCtxPtr ctx;
141 xmlSecAssert(xmlSecNssHmacCheckId(transform));
142 xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize));
144 ctx = xmlSecNssHmacGetCtx(transform);
145 xmlSecAssert(ctx != NULL);
147 if(ctx->digestCtx != NULL) {
148 PK11_DestroyContext(ctx->digestCtx, PR_TRUE);
150 memset(ctx, 0, sizeof(xmlSecNssHmacCtx));
154 * xmlSecNssHmacNodeRead:
156 * HMAC (http://www.w3.org/TR/xmldsig-core/#sec-HMAC):
158 * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits
159 * as a parameter; if the parameter is not specified then all the bits of the
160 * hash are output. An example of an HMAC SignatureMethod element:
161 * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
162 * <HMACOutputLength>128</HMACOutputLength>
167 * <simpleType name="HMACOutputLengthType">
168 * <restriction base="integer"/>
173 * <!ELEMENT HMACOutputLength (#PCDATA)>
176 xmlSecNssHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
177 xmlSecNssHmacCtxPtr ctx;
180 xmlSecAssert2(xmlSecNssHmacCheckId(transform), -1);
181 xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
182 xmlSecAssert2(node!= NULL, -1);
183 xmlSecAssert2(transformCtx!= NULL, -1);
185 ctx = xmlSecNssHmacGetCtx(transform);
186 xmlSecAssert2(ctx != NULL, -1);
188 cur = xmlSecGetNextElementNode(node->children);
189 if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
192 content = xmlNodeGetContent(cur);
193 if(content != NULL) {
194 ctx->dgstSize = atoi((char*)content);
198 /* Ensure that HMAC length is greater than min specified.
199 Otherwise, an attacker can set this lenght to 0 or very
202 if((int)ctx->dgstSize < xmlSecNssHmacGetMinOutputLength()) {
203 xmlSecError(XMLSEC_ERRORS_HERE,
204 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
205 xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
206 XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
207 "HMAC output length is too small");
211 cur = xmlSecGetNextElementNode(cur->next);
215 xmlSecError(XMLSEC_ERRORS_HERE,
216 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
217 xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
218 XMLSEC_ERRORS_R_INVALID_NODE,
219 "no nodes expected");
227 xmlSecNssHmacSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
228 xmlSecNssHmacCtxPtr ctx;
230 xmlSecAssert2(xmlSecNssHmacCheckId(transform), -1);
231 xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
232 xmlSecAssert2(keyReq != NULL, -1);
233 xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
235 ctx = xmlSecNssHmacGetCtx(transform);
236 xmlSecAssert2(ctx != NULL, -1);
238 keyReq->keyId = xmlSecNssKeyDataHmacId;
239 keyReq->keyType= xmlSecKeyDataTypeSymmetric;
240 if(transform->operation == xmlSecTransformOperationSign) {
241 keyReq->keyUsage = xmlSecKeyUsageSign;
243 keyReq->keyUsage = xmlSecKeyUsageVerify;
250 xmlSecNssHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
251 xmlSecNssHmacCtxPtr ctx;
252 xmlSecKeyDataPtr value;
253 xmlSecBufferPtr buffer;
259 xmlSecAssert2(xmlSecNssHmacCheckId(transform), -1);
260 xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
261 xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
262 xmlSecAssert2(key != NULL, -1);
264 ctx = xmlSecNssHmacGetCtx(transform);
265 xmlSecAssert2(ctx != NULL, -1);
266 xmlSecAssert2(ctx->digestType != 0, -1);
267 xmlSecAssert2(ctx->digestCtx == NULL, -1);
269 value = xmlSecKeyGetValue(key);
270 xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecNssKeyDataHmacId), -1);
272 buffer = xmlSecKeyDataBinaryValueGetBuffer(value);
273 xmlSecAssert2(buffer != NULL, -1);
275 if(xmlSecBufferGetSize(buffer) == 0) {
276 xmlSecError(XMLSEC_ERRORS_HERE,
277 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
279 XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
284 memset(&ignore, 0, sizeof(ignore));
285 memset(&keyItem, 0, sizeof(keyItem));
286 keyItem.data = xmlSecBufferGetData(buffer);
287 keyItem.len = xmlSecBufferGetSize(buffer);
289 slot = PK11_GetBestSlot(ctx->digestType, NULL);
291 xmlSecError(XMLSEC_ERRORS_HERE,
292 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
294 XMLSEC_ERRORS_R_CRYPTO_FAILED,
295 XMLSEC_ERRORS_NO_MESSAGE);
299 symKey = PK11_ImportSymKey(slot, ctx->digestType, PK11_OriginDerive,
300 CKA_SIGN, &keyItem, NULL);
302 xmlSecError(XMLSEC_ERRORS_HERE,
303 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
305 XMLSEC_ERRORS_R_CRYPTO_FAILED,
306 "error code=%d", PORT_GetError());
311 ctx->digestCtx = PK11_CreateContextBySymKey(ctx->digestType, CKA_SIGN, symKey, &ignore);
312 if(ctx->digestCtx == NULL) {
313 xmlSecError(XMLSEC_ERRORS_HERE,
314 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
315 "PK11_CreateContextBySymKey",
316 XMLSEC_ERRORS_R_CRYPTO_FAILED,
317 "error code=%d", PORT_GetError());
318 PK11_FreeSymKey(symKey);
323 PK11_FreeSymKey(symKey);
329 xmlSecNssHmacVerify(xmlSecTransformPtr transform,
330 const xmlSecByte* data, xmlSecSize dataSize,
331 xmlSecTransformCtxPtr transformCtx) {
332 static xmlSecByte last_byte_masks[] =
333 { 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
335 xmlSecNssHmacCtxPtr ctx;
338 xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
339 xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
340 xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
341 xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
342 xmlSecAssert2(data != NULL, -1);
343 xmlSecAssert2(transformCtx != NULL, -1);
345 ctx = xmlSecNssHmacGetCtx(transform);
346 xmlSecAssert2(ctx != NULL, -1);
347 xmlSecAssert2(ctx->digestCtx != NULL, -1);
348 xmlSecAssert2(ctx->dgstSize > 0, -1);
350 /* compare the digest size in bytes */
351 if(dataSize != ((ctx->dgstSize + 7) / 8)){
352 xmlSecError(XMLSEC_ERRORS_HERE,
353 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
355 XMLSEC_ERRORS_R_INVALID_SIZE,
357 dataSize, ((ctx->dgstSize + 7) / 8));
358 transform->status = xmlSecTransformStatusFail;
362 /* we check the last byte separatelly */
363 xmlSecAssert2(dataSize > 0, -1);
364 mask = last_byte_masks[ctx->dgstSize % 8];
365 if((ctx->dgst[dataSize - 1] & mask) != (data[dataSize - 1] & mask)) {
366 xmlSecError(XMLSEC_ERRORS_HERE,
367 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
369 XMLSEC_ERRORS_R_DATA_NOT_MATCH,
370 "data and digest do not match (last byte)");
371 transform->status = xmlSecTransformStatusFail;
375 /* now check the rest of the digest */
376 if((dataSize > 1) && (memcmp(ctx->dgst, data, dataSize - 1) != 0)) {
377 xmlSecError(XMLSEC_ERRORS_HERE,
378 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
380 XMLSEC_ERRORS_R_DATA_NOT_MATCH,
381 "data and digest do not match");
382 transform->status = xmlSecTransformStatusFail;
386 transform->status = xmlSecTransformStatusOk;
391 xmlSecNssHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
392 xmlSecNssHmacCtxPtr ctx;
393 xmlSecBufferPtr in, out;
397 xmlSecAssert2(xmlSecNssHmacCheckId(transform), -1);
398 xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
399 xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
400 xmlSecAssert2(transformCtx != NULL, -1);
402 ctx = xmlSecNssHmacGetCtx(transform);
403 xmlSecAssert2(ctx != NULL, -1);
404 xmlSecAssert2(ctx->digestCtx != NULL, -1);
406 in = &(transform->inBuf);
407 out = &(transform->outBuf);
409 if(transform->status == xmlSecTransformStatusNone) {
410 rv = PK11_DigestBegin(ctx->digestCtx);
411 if(rv != SECSuccess) {
412 xmlSecError(XMLSEC_ERRORS_HERE,
413 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
415 XMLSEC_ERRORS_R_CRYPTO_FAILED,
416 "error code=%d", PORT_GetError());
419 transform->status = xmlSecTransformStatusWorking;
422 if(transform->status == xmlSecTransformStatusWorking) {
425 inSize = xmlSecBufferGetSize(in);
427 rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
428 if (rv != SECSuccess) {
429 xmlSecError(XMLSEC_ERRORS_HERE,
430 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
432 XMLSEC_ERRORS_R_CRYPTO_FAILED,
433 "error code=%d", PORT_GetError());
437 ret = xmlSecBufferRemoveHead(in, inSize);
439 xmlSecError(XMLSEC_ERRORS_HERE,
440 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
441 "xmlSecBufferRemoveHead",
442 XMLSEC_ERRORS_R_XMLSEC_FAILED,
450 rv = PK11_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstSize, sizeof(ctx->dgst));
451 if(rv != SECSuccess) {
452 xmlSecError(XMLSEC_ERRORS_HERE,
453 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
455 XMLSEC_ERRORS_R_CRYPTO_FAILED,
456 "error code=%d", PORT_GetError());
459 xmlSecAssert2(dgstSize > 0, -1);
461 /* check/set the result digest size */
462 if(ctx->dgstSize == 0) {
463 ctx->dgstSize = dgstSize * 8; /* no dgst size specified, use all we have */
464 } else if(ctx->dgstSize <= 8 * dgstSize) {
465 dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
467 xmlSecError(XMLSEC_ERRORS_HERE,
468 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
470 XMLSEC_ERRORS_R_INVALID_SIZE,
471 "result-bits=%d;required-bits=%d",
472 8 * dgstSize, ctx->dgstSize);
476 if(transform->operation == xmlSecTransformOperationSign) {
477 ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
479 xmlSecError(XMLSEC_ERRORS_HERE,
480 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
481 "xmlSecBufferAppend",
482 XMLSEC_ERRORS_R_XMLSEC_FAILED,
483 "size=%d", dgstSize);
487 transform->status = xmlSecTransformStatusFinished;
489 } else if(transform->status == xmlSecTransformStatusFinished) {
490 /* the only way we can get here is if there is no input */
491 xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
493 xmlSecError(XMLSEC_ERRORS_HERE,
494 xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
496 XMLSEC_ERRORS_R_INVALID_STATUS,
497 "size=%d", transform->status);
507 static xmlSecTransformKlass xmlSecNssHmacSha1Klass = {
508 /* klass/object sizes */
509 sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
510 xmlSecNssHmacSize, /* xmlSecSize objSize */
512 xmlSecNameHmacSha1, /* const xmlChar* name; */
513 xmlSecHrefHmacSha1, /* const xmlChar* href; */
514 xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
516 xmlSecNssHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */
517 xmlSecNssHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */
518 xmlSecNssHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */
519 NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
520 xmlSecNssHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
521 xmlSecNssHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */
522 xmlSecNssHmacVerify, /* xmlSecTransformValidateMethod validate; */
523 xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
524 xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
525 xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
526 NULL, /* xmlSecTransformPushXmlMethod pushXml; */
527 NULL, /* xmlSecTransformPopXmlMethod popXml; */
528 xmlSecNssHmacExecute, /* xmlSecTransformExecuteMethod execute; */
530 NULL, /* void* reserved0; */
531 NULL, /* void* reserved1; */
535 * xmlSecNssTransformHmacSha1GetKlass:
537 * The HMAC-SHA1 transform klass.
539 * Returns: the HMAC-SHA1 transform klass.
542 xmlSecNssTransformHmacSha1GetKlass(void) {
543 return(&xmlSecNssHmacSha1Klass);
549 static xmlSecTransformKlass xmlSecNssHmacRipemd160Klass = {
550 /* klass/object sizes */
551 sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
552 xmlSecNssHmacSize, /* xmlSecSize objSize */
554 xmlSecNameHmacRipemd160, /* const xmlChar* name; */
555 xmlSecHrefHmacRipemd160, /* const xmlChar* href; */
556 xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
558 xmlSecNssHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */
559 xmlSecNssHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */
560 xmlSecNssHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */
561 NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
562 xmlSecNssHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
563 xmlSecNssHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */
564 xmlSecNssHmacVerify, /* xmlSecTransformValidateMethod validate; */
565 xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
566 xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
567 xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
568 NULL, /* xmlSecTransformPushXmlMethod pushXml; */
569 NULL, /* xmlSecTransformPopXmlMethod popXml; */
570 xmlSecNssHmacExecute, /* xmlSecTransformExecuteMethod execute; */
572 NULL, /* void* reserved0; */
573 NULL, /* void* reserved1; */
577 * xmlSecNssTransformHmacRipemd160GetKlass:
579 * The HMAC-RIPEMD160 transform klass.
581 * Returns: the HMAC-RIPEMD160 transform klass.
584 xmlSecNssTransformHmacRipemd160GetKlass(void) {
585 return(&xmlSecNssHmacRipemd160Klass);
591 static xmlSecTransformKlass xmlSecNssHmacMd5Klass = {
592 /* klass/object sizes */
593 sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
594 xmlSecNssHmacSize, /* xmlSecSize objSize */
596 xmlSecNameHmacMd5, /* const xmlChar* name; */
597 xmlSecHrefHmacMd5, /* const xmlChar* href; */
598 xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
600 xmlSecNssHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */
601 xmlSecNssHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */
602 xmlSecNssHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */
603 NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
604 xmlSecNssHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
605 xmlSecNssHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */
606 xmlSecNssHmacVerify, /* xmlSecTransformValidateMethod validate; */
607 xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
608 xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
609 xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
610 NULL, /* xmlSecTransformPushXmlMethod pushXml; */
611 NULL, /* xmlSecTransformPopXmlMethod popXml; */
612 xmlSecNssHmacExecute, /* xmlSecTransformExecuteMethod execute; */
614 NULL, /* void* reserved0; */
615 NULL, /* void* reserved1; */
619 * xmlSecNssTransformHmacMd5GetKlass:
621 * The HMAC-MD5 transform klass.
623 * Returns: the HMAC-MD5 transform klass.
626 xmlSecNssTransformHmacMd5GetKlass(void) {
627 return(&xmlSecNssHmacMd5Klass);
631 #endif /* XMLSEC_NO_HMAC */