[xmlsec] add SHA2 support for xmlsec-nss
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec] add SHA2 support for xmlsec-nss
- Date: Sun, 25 Apr 2010 21:29:40 +0000 (UTC)
commit a17e8da3a8f56348d71d325aa8d3e6366f13b512
Author: Aleksey Sanin <aleksey aleksey com>
Date: Sun Apr 25 14:31:37 2010 -0700
add SHA2 support for xmlsec-nss
ChangeLog | 26 +++--
configure.in | 4 +-
include/xmlsec/nss/crypto.h | 124 ++++++++++++++++++++
src/nss/crypto.c | 59 +++++++++-
src/nss/digests.c | 184 +++++++++++++++++++++++++++++-
src/nss/hmac.c | 266 ++++++++++++++++++++++++++++++++++++++-----
src/nss/signatures.c | 236 ++++++++++++++++++++++++++++++++++----
7 files changed, 836 insertions(+), 63 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 2169758..7c437c5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,16 +1,26 @@
+2010-04-25 Aleksey Sanin <aleksey aleksey com>
+ * Added support for SHA256/384/512 for digest, HMAC and RSA
+ (requires nss 3.8 + nspr 4.3 or greater)
+
+2010-04-24 Aleksey Sanin <aleksey aleksey com>
+ * Fix PK_CONFIG problem (reported by Roumen)
+ * Enable --crypto for transform checks
+ * Fix DSA support in xmlsec-nss (https://bugzilla.mozilla.org/show_bug.cgi?id=561598)
+
2010-04-23 Aleksey Sanin <aleksey aleksey com>
- Enable RSA/SHA2 support in xmlsec-mscrypto
- Misc. cleanups in xmlsec-mscrypto
- Fix PK_CONFIG problem (reported by Roumen)
+ * Enable RSA/SHA2 support in xmlsec-mscrypto
+ * Misc. cleanups in xmlsec-mscrypto
+ * Fix PK_CONFIG problem (reported by Roumen)
+ * Fix DSA support in xmlsec-nss (https://bugzilla.mozilla.org/show_bug.cgi?id=561598)
2010-04-23 Aleksey Sanin <aleksey aleksey com>
- Fix search for certificates with UTF-8 subject on Windows in xmlsec-mscrypto
- Remove spaces at the end of lines
+ * Fix search for certificates with UTF-8 subject on Windows in xmlsec-mscrypto
+ * Remove spaces at the end of lines
2010-04-22 Aleksey Sanin <aleksey aleksey com>
- Fix search for certificates with Unicode subject on Windows in xmlsec-mscrypto
- Copy *.manifest files to installation for Windows builds
- Convert tabs to spaces
+ * Fix search for certificates with Unicode subject on Windows in xmlsec-mscrypto
+ * Copy *.manifest files to installation for Windows builds
+ * Convert tabs to spaces
2010-04-21 Aleksey Sanin <aleksey aleksey com>
* Fix key name conversion to unicode problem in xmlsec-mscrypto
diff --git a/configure.in b/configure.in
index 898f128..18c5b4d 100644
--- a/configure.in
+++ b/configure.in
@@ -546,8 +546,8 @@ dnl ==========================================================================
XMLSEC_NO_NSS="1"
MOZILLA_MIN_VERSION="1.4"
-NSS_MIN_VERSION="3.2"
-NSPR_MIN_VERSION="4.0"
+NSS_MIN_VERSION="3.8"
+NSPR_MIN_VERSION="4.3"
NSS_CFLAGS=""
NSS_LIBS=""
NSS_LIBS_LIST="-lnss3 -lsmime3"
diff --git a/include/xmlsec/nss/crypto.h b/include/xmlsec/nss/crypto.h
index 4a35912..08b0d04 100644
--- a/include/xmlsec/nss/crypto.h
+++ b/include/xmlsec/nss/crypto.h
@@ -206,6 +206,7 @@ XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecNssKeyDataHmacGetKlass (void);
XMLSEC_CRYPTO_EXPORT int xmlSecNssKeyDataHmacSet (xmlSecKeyDataPtr data,
const xmlSecByte* buf,
xmlSecSize bufSize);
+#ifndef XMLSEC_NO_MD5
/**
* xmlSecNssTransformHmacMd5Id:
*
@@ -214,7 +215,9 @@ XMLSEC_CRYPTO_EXPORT int xmlSecNssKeyDataHmacSet (xmlSecK
#define xmlSecNssTransformHmacMd5Id \
xmlSecNssTransformHmacMd5GetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
+#ifndef XMLSEC_NO_RIPEMD160
/**
* xmlSecNssTransformHmacRipemd160Id:
*
@@ -223,7 +226,9 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacMd5GetKlass(void);
#define xmlSecNssTransformHmacRipemd160Id \
xmlSecNssTransformHmacRipemd160GetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacRipemd160GetKlass(void);
+#endif /* XMLSEC_NO_RIPEMD160 */
+#ifndef XMLSEC_NO_SHA1
/**
* xmlSecNssTransformHmacSha1Id:
*
@@ -232,6 +237,40 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacRipemd160GetKlass(v
#define xmlSecNssTransformHmacSha1Id \
xmlSecNssTransformHmacSha1GetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecNssTransformHmacSha256Id:
+ *
+ * The HMAC with SHA256 signature transform klass.
+ */
+#define xmlSecNssTransformHmacSha256Id \
+ xmlSecNssTransformHmacSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecNssTransformHmacSha384Id:
+ *
+ * The HMAC with SHA384 signature transform klass.
+ */
+#define xmlSecNssTransformHmacSha384Id \
+ xmlSecNssTransformHmacSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecNssTransformHmacSha512Id:
+ *
+ * The HMAC with SHA512 signature transform klass.
+ */
+#define xmlSecNssTransformHmacSha512Id \
+ xmlSecNssTransformHmacSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
#endif /* XMLSEC_NO_HMAC */
@@ -253,6 +292,7 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha1GetKlass(void);
xmlSecNssKeyDataRsaGetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecNssKeyDataRsaGetKlass (void);
+#ifndef XMLSEC_NO_SHA1
/**
* xmlSecNssTransformRsaSha1Id:
*
@@ -261,6 +301,41 @@ XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecNssKeyDataRsaGetKlass (void);
#define xmlSecNssTransformRsaSha1Id \
xmlSecNssTransformRsaSha1GetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecNssTransformRsaSha256Id:
+ *
+ * The RSA-SHA256 signature transform klass.
+ */
+#define xmlSecNssTransformRsaSha256Id \
+ xmlSecNssTransformRsaSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecNssTransformRsaSha384Id:
+ *
+ * The RSA-SHA384 signature transform klass.
+ */
+#define xmlSecNssTransformRsaSha384Id \
+ xmlSecNssTransformRsaSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecNssTransformRsaSha512Id:
+ *
+ * The RSA-SHA512 signature transform klass.
+ */
+#define xmlSecNssTransformRsaSha512Id \
+ xmlSecNssTransformRsaSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
/**
* xmlSecNssTransformRsaPkcs1Id:
@@ -304,6 +379,55 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaOaepGetKlass(void);
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha1GetKlass (void);
#endif /* XMLSEC_NO_SHA1 */
+/********************************************************************
+ *
+ * SHA256 transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecNssTransformSha256Id:
+ *
+ * The SHA256 digest transform klass.
+ */
+#define xmlSecNssTransformSha256Id \
+ xmlSecNssTransformSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+/********************************************************************
+ *
+ * SHA384 transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecNssTransformSha384Id:
+ *
+ * The SHA384 digest transform klass.
+ */
+#define xmlSecNssTransformSha384Id \
+ xmlSecNssTransformSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+/********************************************************************
+ *
+ * SHA512 transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecNssTransformSha512Id:
+ *
+ * The SHA512 digest transform klass.
+ */
+#define xmlSecNssTransformSha512Id \
+ xmlSecNssTransformSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+
#ifdef __cplusplus
}
#endif /* __cplusplus */
diff --git a/src/nss/crypto.c b/src/nss/crypto.c
index f075b55..712ff59 100644
--- a/src/nss/crypto.c
+++ b/src/nss/crypto.c
@@ -94,6 +94,8 @@ xmlSecCryptoGetFunctions_nss(void) {
/**
* Crypto transforms ids
*/
+
+ /******************************* AES ********************************/
#ifndef XMLSEC_NO_AES
gXmlSecNssFunctions->transformAes128CbcGetKlass = xmlSecNssTransformAes128CbcGetKlass;
gXmlSecNssFunctions->transformAes192CbcGetKlass = xmlSecNssTransformAes192CbcGetKlass;
@@ -103,23 +105,65 @@ xmlSecCryptoGetFunctions_nss(void) {
gXmlSecNssFunctions->transformKWAes256GetKlass = xmlSecNssTransformKWAes256GetKlass;
#endif /* XMLSEC_NO_AES */
+ /******************************* DES ********************************/
#ifndef XMLSEC_NO_DES
gXmlSecNssFunctions->transformDes3CbcGetKlass = xmlSecNssTransformDes3CbcGetKlass;
gXmlSecNssFunctions->transformKWDes3GetKlass = xmlSecNssTransformKWDes3GetKlass;
#endif /* XMLSEC_NO_DES */
+ /******************************* DSA ********************************/
#ifndef XMLSEC_NO_DSA
gXmlSecNssFunctions->transformDsaSha1GetKlass = xmlSecNssTransformDsaSha1GetKlass;
#endif /* XMLSEC_NO_DSA */
+ /******************************* HMAC ********************************/
#ifndef XMLSEC_NO_HMAC
- gXmlSecNssFunctions->transformHmacSha1GetKlass = xmlSecNssTransformHmacSha1GetKlass;
- gXmlSecNssFunctions->transformHmacRipemd160GetKlass = xmlSecNssTransformHmacRipemd160GetKlass;
+
+#ifndef XMLSEC_NO_MD5
gXmlSecNssFunctions->transformHmacMd5GetKlass = xmlSecNssTransformHmacMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+ gXmlSecNssFunctions->transformHmacRipemd160GetKlass = xmlSecNssTransformHmacRipemd160GetKlass;
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+ gXmlSecNssFunctions->transformHmacSha1GetKlass = xmlSecNssTransformHmacSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+ gXmlSecNssFunctions->transformHmacSha256GetKlass = xmlSecNssTransformHmacSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+ gXmlSecNssFunctions->transformHmacSha384GetKlass = xmlSecNssTransformHmacSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+ gXmlSecNssFunctions->transformHmacSha512GetKlass = xmlSecNssTransformHmacSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
#endif /* XMLSEC_NO_HMAC */
+ /******************************* RSA ********************************/
#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_SHA1
gXmlSecNssFunctions->transformRsaSha1GetKlass = xmlSecNssTransformRsaSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+ gXmlSecNssFunctions->transformRsaSha256GetKlass = xmlSecNssTransformRsaSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+ gXmlSecNssFunctions->transformRsaSha384GetKlass = xmlSecNssTransformRsaSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+ gXmlSecNssFunctions->transformRsaSha512GetKlass = xmlSecNssTransformRsaSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
gXmlSecNssFunctions->transformRsaPkcs1GetKlass = xmlSecNssTransformRsaPkcs1GetKlass;
/* RSA OAEP is not supported by NSS yet */
@@ -129,9 +173,20 @@ xmlSecCryptoGetFunctions_nss(void) {
#endif /* XMLSEC_NO_RSA */
+ /******************************* SHA ********************************/
#ifndef XMLSEC_NO_SHA1
gXmlSecNssFunctions->transformSha1GetKlass = xmlSecNssTransformSha1GetKlass;
#endif /* XMLSEC_NO_SHA1 */
+#ifndef XMLSEC_NO_SHA256
+ gXmlSecNssFunctions->transformSha256GetKlass = xmlSecNssTransformSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+#ifndef XMLSEC_NO_SHA384
+ gXmlSecNssFunctions->transformSha384GetKlass = xmlSecNssTransformSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+#ifndef XMLSEC_NO_SHA512
+ gXmlSecNssFunctions->transformSha512GetKlass = xmlSecNssTransformSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
/**
* High level routines form xmlsec command line utility
diff --git a/src/nss/digests.c b/src/nss/digests.c
index a10005d..93f7f66 100644
--- a/src/nss/digests.c
+++ b/src/nss/digests.c
@@ -24,7 +24,7 @@
#include <xmlsec/nss/app.h>
#include <xmlsec/nss/crypto.h>
-#define XMLSEC_NSS_MAX_DIGEST_SIZE 32
+#define XMLSEC_NSS_MAX_DIGEST_SIZE 64
/**************************************************************************
*
@@ -51,6 +51,7 @@ struct _xmlSecNssDigestCtx {
#define xmlSecNssDigestGetCtx(transform) \
((xmlSecNssDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+static int xmlSecNssDigestCheckId (xmlSecTransformPtr transform);
static int xmlSecNssDigestInitialize (xmlSecTransformPtr transform);
static void xmlSecNssDigestFinalize (xmlSecTransformPtr transform);
static int xmlSecNssDigestVerify (xmlSecTransformPtr transform,
@@ -60,7 +61,6 @@ static int xmlSecNssDigestVerify (xmlSecTransformPtr tran
static int xmlSecNssDigestExecute (xmlSecTransformPtr transform,
int last,
xmlSecTransformCtxPtr transformCtx);
-static int xmlSecNssDigestCheckId (xmlSecTransformPtr transform);
static int
xmlSecNssDigestCheckId(xmlSecTransformPtr transform) {
@@ -71,6 +71,24 @@ xmlSecNssDigestCheckId(xmlSecTransformPtr transform) {
}
#endif /* XMLSEC_NO_SHA1 */
+#ifndef XMLSEC_NO_SHA256
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha256Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha384Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha512Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_SHA512 */
+
return(0);
}
@@ -93,6 +111,24 @@ xmlSecNssDigestInitialize(xmlSecTransformPtr transform) {
} else
#endif /* XMLSEC_NO_SHA1 */
+#ifndef XMLSEC_NO_SHA256
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha256Id)) {
+ ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA256);
+ } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha384Id)) {
+ ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA384);
+ } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha512Id)) {
+ ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA512);
+ } else
+#endif /* XMLSEC_NO_SHA512 */
+
if(1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
@@ -328,4 +364,148 @@ xmlSecNssTransformSha1GetKlass(void) {
#endif /* XMLSEC_NO_SHA1 */
+#ifndef XMLSEC_NO_SHA256
+/******************************************************************************
+ *
+ * SHA256 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecNssSha256Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssDigestSize, /* xmlSecSize objSize */
+
+ /* data */
+ xmlSecNameSha256, /* const xmlChar* name; */
+ xmlSecHrefSha256, /* const xmlChar* href; */
+ xmlSecTransformUsageDigestMethod, /* xmlSecTransformUsage usage; */
+
+ /* methods */
+ xmlSecNssDigestInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssDigestFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ NULL, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssDigestVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssDigestExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformSha256GetKlass:
+ *
+ * SHA256 digest transform klass.
+ *
+ * Returns: pointer to SHA256 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformSha256GetKlass(void) {
+ return(&xmlSecNssSha256Klass);
+}
+#endif /* XMLSEC_NO_SHA256 */
+
+
+#ifndef XMLSEC_NO_SHA384
+/******************************************************************************
+ *
+ * SHA384 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecNssSha384Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssDigestSize, /* xmlSecSize objSize */
+
+ /* data */
+ xmlSecNameSha384, /* const xmlChar* name; */
+ xmlSecHrefSha384, /* const xmlChar* href; */
+ xmlSecTransformUsageDigestMethod, /* xmlSecTransformUsage usage; */
+
+ /* methods */
+ xmlSecNssDigestInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssDigestFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ NULL, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssDigestVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssDigestExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformSha384GetKlass:
+ *
+ * SHA384 digest transform klass.
+ *
+ * Returns: pointer to SHA384 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformSha384GetKlass(void) {
+ return(&xmlSecNssSha384Klass);
+}
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/******************************************************************************
+ *
+ * SHA512 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecNssSha512Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssDigestSize, /* xmlSecSize objSize */
+
+ /* data */
+ xmlSecNameSha512, /* const xmlChar* name; */
+ xmlSecHrefSha512, /* const xmlChar* href; */
+ xmlSecTransformUsageDigestMethod, /* xmlSecTransformUsage usage; */
+
+ /* methods */
+ xmlSecNssDigestInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssDigestFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ NULL, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssDigestVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssDigestExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformSha512GetKlass:
+ *
+ * SHA512 digest transform klass.
+ *
+ * Returns: pointer to SHA512 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformSha512GetKlass(void) {
+ return(&xmlSecNssSha512Klass);
+}
+#endif /* XMLSEC_NO_SHA512 */
diff --git a/src/nss/hmac.c b/src/nss/hmac.c
index 9237765..bcea9df 100644
--- a/src/nss/hmac.c
+++ b/src/nss/hmac.c
@@ -84,11 +84,8 @@ struct _xmlSecNssHmacCtx {
((xmlSecNssHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
#define xmlSecNssHmacSize \
(sizeof(xmlSecTransform) + sizeof(xmlSecNssHmacCtx))
-#define xmlSecNssHmacCheckId(transform) \
- (xmlSecTransformCheckId((transform), xmlSecNssTransformHmacSha1Id) || \
- xmlSecTransformCheckId((transform), xmlSecNssTransformHmacMd5Id) || \
- xmlSecTransformCheckId((transform), xmlSecNssTransformHmacRipemd160Id))
+static int xmlSecNssHmacCheckId (xmlSecTransformPtr transform);
static int xmlSecNssHmacInitialize (xmlSecTransformPtr transform);
static void xmlSecNssHmacFinalize (xmlSecTransformPtr transform);
static int xmlSecNssHmacNodeRead (xmlSecTransformPtr transform,
@@ -106,6 +103,50 @@ static int xmlSecNssHmacExecute (xmlSecTransformPtr tran
int last,
xmlSecTransformCtxPtr transformCtx);
+
+static int
+xmlSecNssHmacCheckId(xmlSecTransformPtr transform) {
+
+#ifndef XMLSEC_NO_MD5
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacMd5Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacRipemd160Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha1Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha256Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha384Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha512Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_SHA512 */
+
+ /* not found */
+ return(0);
+}
+
static int
xmlSecNssHmacInitialize(xmlSecTransformPtr transform) {
xmlSecNssHmacCtxPtr ctx;
@@ -115,15 +156,46 @@ xmlSecNssHmacInitialize(xmlSecTransformPtr transform) {
ctx = xmlSecNssHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
-
memset(ctx, 0, sizeof(xmlSecNssHmacCtx));
- if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha1Id)) {
- ctx->digestType = CKM_SHA_1_HMAC;
- } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacMd5Id)) {
+
+#ifndef XMLSEC_NO_MD5
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacMd5Id)) {
ctx->digestType = CKM_MD5_HMAC;
- } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacRipemd160Id)) {
+ } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacRipemd160Id)) {
ctx->digestType = CKM_RIPEMD160_HMAC;
- } else {
+ } else
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha1Id)) {
+ ctx->digestType = CKM_SHA_1_HMAC;
+ } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha256Id)) {
+ ctx->digestType = CKM_SHA256_HMAC;
+ } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha384Id)) {
+ ctx->digestType = CKM_SHA384_HMAC;
+ } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha512Id)) {
+ ctx->digestType = CKM_SHA512_HMAC;
+ } else
+#endif /* XMLSEC_NO_SHA512 */
+
+ /* not found */
+ {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
NULL,
@@ -501,6 +573,96 @@ xmlSecNssHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxP
return(0);
}
+
+#ifndef XMLSEC_NO_RIPEMD160
+/**
+ * HMAC Ripemd160
+ */
+static xmlSecTransformKlass xmlSecNssHmacRipemd160Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssHmacSize, /* xmlSecSize objSize */
+
+ xmlSecNameHmacRipemd160, /* const xmlChar* name; */
+ xmlSecHrefHmacRipemd160, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecNssHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecNssHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecNssHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecNssHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssHmacVerify, /* xmlSecTransformValidateMethod validate; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssHmacExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformHmacRipemd160GetKlass:
+ *
+ * The HMAC-RIPEMD160 transform klass.
+ *
+ * Returns: the HMAC-RIPEMD160 transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformHmacRipemd160GetKlass(void) {
+ return(&xmlSecNssHmacRipemd160Klass);
+}
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_MD5
+/**
+ * HMAC Md5
+ */
+static xmlSecTransformKlass xmlSecNssHmacMd5Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssHmacSize, /* xmlSecSize objSize */
+
+ xmlSecNameHmacMd5, /* const xmlChar* name; */
+ xmlSecHrefHmacMd5, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecNssHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecNssHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecNssHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecNssHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssHmacVerify, /* xmlSecTransformValidateMethod validate; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssHmacExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformHmacMd5GetKlass:
+ *
+ * The HMAC-MD5 transform klass.
+ *
+ * Returns: the HMAC-MD5 transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformHmacMd5GetKlass(void) {
+ return(&xmlSecNssHmacMd5Klass);
+}
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_SHA1
/**
* HMAC SHA1
*/
@@ -542,17 +704,19 @@ xmlSecTransformId
xmlSecNssTransformHmacSha1GetKlass(void) {
return(&xmlSecNssHmacSha1Klass);
}
+#endif /* XMLSEC_NO_SHA1 */
+#ifndef XMLSEC_NO_SHA256
/**
- * HMAC Ripemd160
+ * HMAC SHA256
*/
-static xmlSecTransformKlass xmlSecNssHmacRipemd160Klass = {
+static xmlSecTransformKlass xmlSecNssHmacSha256Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
xmlSecNssHmacSize, /* xmlSecSize objSize */
- xmlSecNameHmacRipemd160, /* const xmlChar* name; */
- xmlSecHrefHmacRipemd160, /* const xmlChar* href; */
+ xmlSecNameHmacSha256, /* const xmlChar* name; */
+ xmlSecHrefHmacSha256, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
xmlSecNssHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */
@@ -574,27 +738,29 @@ static xmlSecTransformKlass xmlSecNssHmacRipemd160Klass = {
};
/**
- * xmlSecNssTransformHmacRipemd160GetKlass:
+ * xmlSecNssTransformHmacSha256GetKlass:
*
- * The HMAC-RIPEMD160 transform klass.
+ * The HMAC-SHA256 transform klass.
*
- * Returns: the HMAC-RIPEMD160 transform klass.
+ * Returns: the HMAC-SHA256 transform klass.
*/
xmlSecTransformId
-xmlSecNssTransformHmacRipemd160GetKlass(void) {
- return(&xmlSecNssHmacRipemd160Klass);
+xmlSecNssTransformHmacSha256GetKlass(void) {
+ return(&xmlSecNssHmacSha256Klass);
}
+#endif /* XMLSEC_NO_SHA256 */
+#ifndef XMLSEC_NO_SHA384
/**
- * HMAC Md5
+ * HMAC SHA384
*/
-static xmlSecTransformKlass xmlSecNssHmacMd5Klass = {
+static xmlSecTransformKlass xmlSecNssHmacSha384Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
xmlSecNssHmacSize, /* xmlSecSize objSize */
- xmlSecNameHmacMd5, /* const xmlChar* name; */
- xmlSecHrefHmacMd5, /* const xmlChar* href; */
+ xmlSecNameHmacSha384, /* const xmlChar* name; */
+ xmlSecHrefHmacSha384, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
xmlSecNssHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */
@@ -616,17 +782,61 @@ static xmlSecTransformKlass xmlSecNssHmacMd5Klass = {
};
/**
- * xmlSecNssTransformHmacMd5GetKlass:
+ * xmlSecNssTransformHmacSha384GetKlass:
*
- * The HMAC-MD5 transform klass.
+ * The HMAC-SHA384 transform klass.
*
- * Returns: the HMAC-MD5 transform klass.
+ * Returns: the HMAC-SHA384 transform klass.
*/
xmlSecTransformId
-xmlSecNssTransformHmacMd5GetKlass(void) {
- return(&xmlSecNssHmacMd5Klass);
+xmlSecNssTransformHmacSha384GetKlass(void) {
+ return(&xmlSecNssHmacSha384Klass);
}
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * HMAC SHA512
+ */
+static xmlSecTransformKlass xmlSecNssHmacSha512Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssHmacSize, /* xmlSecSize objSize */
+
+ xmlSecNameHmacSha512, /* const xmlChar* name; */
+ xmlSecHrefHmacSha512, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecNssHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecNssHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecNssHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecNssHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssHmacVerify, /* xmlSecTransformValidateMethod validate; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssHmacExecute, /* xmlSecTransformExecuteMethod execute; */
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformHmacSha512GetKlass:
+ *
+ * The HMAC-SHA512 transform klass.
+ *
+ * Returns: the HMAC-SHA512 transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformHmacSha512GetKlass(void) {
+ return(&xmlSecNssHmacSha512Klass);
+}
+#endif /* XMLSEC_NO_SHA512 */
#endif /* XMLSEC_NO_HMAC */
diff --git a/src/nss/signatures.c b/src/nss/signatures.c
index 17e5c97..1be7b74 100644
--- a/src/nss/signatures.c
+++ b/src/nss/signatures.c
@@ -84,9 +84,31 @@ xmlSecNssSignatureCheckId(xmlSecTransformPtr transform) {
#endif /* XMLSEC_NO_DSA */
#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha1Id)) {
return(1);
}
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha256Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha384Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha512Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_SHA512 */
+
#endif /* XMLSEC_NO_RSA */
return(0);
@@ -112,19 +134,45 @@ xmlSecNssSignatureInitialize(xmlSecTransformPtr transform) {
#endif /* XMLSEC_NO_DSA */
#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha1Id)) {
ctx->keyId = xmlSecNssKeyDataRsaId;
ctx->alg = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
} else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha256Id)) {
+ ctx->keyId = xmlSecNssKeyDataRsaId;
+ ctx->alg = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
+ } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha384Id)) {
+ ctx->keyId = xmlSecNssKeyDataRsaId;
+ ctx->alg = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
+ } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha512Id)) {
+ ctx->keyId = xmlSecNssKeyDataRsaId;
+ ctx->alg = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
+ } else
+#endif /* XMLSEC_NO_SHA512 */
+
#endif /* XMLSEC_NO_RSA */
- if(1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- NULL,
- XMLSEC_ERRORS_R_INVALID_TRANSFORM,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
+
+ if(1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
return(0);
}
@@ -498,25 +546,25 @@ xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransfor
static xmlSecTransformKlass xmlSecNssDsaSha1Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecNssSignatureSize, /* xmlSecSize objSize */
+ xmlSecNssSignatureSize, /* xmlSecSize objSize */
xmlSecNameDsaSha1, /* const xmlChar* name; */
xmlSecHrefDsaSha1, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
- xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -537,6 +585,9 @@ xmlSecNssTransformDsaSha1GetKlass(void) {
#endif /* XMLSEC_NO_DSA */
#ifndef XMLSEC_NO_RSA
+
+
+#ifndef XMLSEC_NO_SHA1
/****************************************************************************
*
* RSA-SHA1 signature transform
@@ -545,25 +596,25 @@ xmlSecNssTransformDsaSha1GetKlass(void) {
static xmlSecTransformKlass xmlSecNssRsaSha1Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecNssSignatureSize, /* xmlSecSize objSize */
+ xmlSecNssSignatureSize, /* xmlSecSize objSize */
xmlSecNameRsaSha1, /* const xmlChar* name; */
xmlSecHrefRsaSha1, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
- xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -581,6 +632,149 @@ xmlSecNssTransformRsaSha1GetKlass(void) {
return(&xmlSecNssRsaSha1Klass);
}
-#endif /* XMLSEC_NO_DSA */
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/****************************************************************************
+ *
+ * RSA-SHA256 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecNssRsaSha256Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaSha256, /* const xmlChar* name; */
+ xmlSecHrefRsaSha256, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformRsaSha256GetKlass:
+ *
+ * The RSA-SHA256 signature transform klass.
+ *
+ * Returns: RSA-SHA256 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformRsaSha256GetKlass(void) {
+ return(&xmlSecNssRsaSha256Klass);
+}
+
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/****************************************************************************
+ *
+ * RSA-SHA384 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecNssRsaSha384Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaSha384, /* const xmlChar* name; */
+ xmlSecHrefRsaSha384, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformRsaSha384GetKlass:
+ *
+ * The RSA-SHA384 signature transform klass.
+ *
+ * Returns: RSA-SHA384 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformRsaSha384GetKlass(void) {
+ return(&xmlSecNssRsaSha384Klass);
+}
+
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/****************************************************************************
+ *
+ * RSA-SHA512 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecNssRsaSha512Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaSha512, /* const xmlChar* name; */
+ xmlSecHrefRsaSha512, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformRsaSha512GetKlass:
+ *
+ * The RSA-SHA512 signature transform klass.
+ *
+ * Returns: RSA-SHA512 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformRsaSha512GetKlass(void) {
+ return(&xmlSecNssRsaSha512Klass);
+}
+
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
