[xmlsec] adding MD5 and RSA/MD5 to xmlsec-nss
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec] adding MD5 and RSA/MD5 to xmlsec-nss
- Date: Mon, 26 Apr 2010 07:26:45 +0000 (UTC)
commit af993478257ed08d7cacff1db9589ed27774edcc
Author: Aleksey Sanin <aleksey aleksey com>
Date: Sun Apr 25 20:02:43 2010 -0700
adding MD5 and RSA/MD5 to xmlsec-nss
ChangeLog | 3 +-
docs/xmldsig.html | 4 +-
include/xmlsec/nss/crypto.h | 29 ++++++++++++++++++++
src/nss/crypto.c | 9 ++++++
src/nss/digests.c | 62 +++++++++++++++++++++++++++++++++++++++++++
src/nss/signatures.c | 61 ++++++++++++++++++++++++++++++++++++++++++
src/openssl/crypto.c | 1 +
7 files changed, 166 insertions(+), 3 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 7c437c5..c08430a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,7 @@
2010-04-25 Aleksey Sanin <aleksey aleksey com>
- * Added support for SHA256/384/512 for digest, HMAC and RSA
+ * Added support for SHA256/384/512 for digest, HMAC and RSA in xmlsec-nss
(requires nss 3.8 + nspr 4.3 or greater)
+ * Added support for MD5 for digest and RSA in xmlsec-nss
2010-04-24 Aleksey Sanin <aleksey aleksey com>
* Fix PK_CONFIG problem (reported by Roumen)
diff --git a/docs/xmldsig.html b/docs/xmldsig.html
index d52a0fc..b70a00f 100644
--- a/docs/xmldsig.html
+++ b/docs/xmldsig.html
@@ -419,7 +419,7 @@ MSCrypto</b> </td>
</td>
<td style="vertical-align: top;">Y<br>
</td>
- <td style="vertical-align: top;">N<br>
+ <td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
@@ -548,7 +548,7 @@ MSCrypto</b> </td>
</td>
<td style="vertical-align: top;">Y<br>
</td>
- <td style="vertical-align: top;">N<br>
+ <td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
diff --git a/include/xmlsec/nss/crypto.h b/include/xmlsec/nss/crypto.h
index 3873b5b..8563ffe 100644
--- a/include/xmlsec/nss/crypto.h
+++ b/include/xmlsec/nss/crypto.h
@@ -292,6 +292,17 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha512GetKlass(void
xmlSecNssKeyDataRsaGetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecNssKeyDataRsaGetKlass (void);
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecNssTransformRsaMd5Id:
+ *
+ * The RSA-MD5 signature transform klass.
+ */
+#define xmlSecNssTransformRsaMd5Id \
+ xmlSecNssTransformRsaMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
+
#ifndef XMLSEC_NO_SHA1
/**
* xmlSecNssTransformRsaSha1Id:
@@ -428,6 +439,24 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha384GetKlass(void);
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha512GetKlass(void);
#endif /* XMLSEC_NO_SHA512 */
+/********************************************************************
+ *
+ * Md5 transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecNssTransformMd5Id:
+ *
+ * The MD5 digest transform klass.
+ */
+#define xmlSecNssTransformMd5Id \
+ xmlSecNssTransformMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
+
+
+
#ifdef __cplusplus
}
diff --git a/src/nss/crypto.c b/src/nss/crypto.c
index 9609dc1..7f8c6f0 100644
--- a/src/nss/crypto.c
+++ b/src/nss/crypto.c
@@ -148,6 +148,10 @@ xmlSecCryptoGetFunctions_nss(void) {
/******************************* RSA ********************************/
#ifndef XMLSEC_NO_RSA
+#ifndef XMLSEC_NO_MD5
+ gXmlSecNssFunctions->transformRsaMd5GetKlass = xmlSecNssTransformRsaMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
#ifndef XMLSEC_NO_SHA1
gXmlSecNssFunctions->transformRsaSha1GetKlass = xmlSecNssTransformRsaSha1GetKlass;
#endif /* XMLSEC_NO_SHA1 */
@@ -191,6 +195,11 @@ xmlSecCryptoGetFunctions_nss(void) {
gXmlSecNssFunctions->transformSha512GetKlass = xmlSecNssTransformSha512GetKlass;
#endif /* XMLSEC_NO_SHA512 */
+ /******************************* MD5 ********************************/
+#ifndef XMLSEC_NO_MD5
+ gXmlSecNssFunctions->transformMd5GetKlass = xmlSecNssTransformMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
/**
* High level routines form xmlsec command line utility
diff --git a/src/nss/digests.c b/src/nss/digests.c
index 93f7f66..9cc1b91 100644
--- a/src/nss/digests.c
+++ b/src/nss/digests.c
@@ -65,6 +65,12 @@ static int xmlSecNssDigestExecute (xmlSecTransformPtr tran
static int
xmlSecNssDigestCheckId(xmlSecTransformPtr transform) {
+#ifndef XMLSEC_NO_MD5
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformMd5Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_MD5 */
+
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha1Id)) {
return(1);
@@ -105,12 +111,19 @@ xmlSecNssDigestInitialize(xmlSecTransformPtr transform) {
/* initialize context */
memset(ctx, 0, sizeof(xmlSecNssDigestCtx));
+#ifndef XMLSEC_NO_MD5
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformMd5Id)) {
+ ctx->digest = SECOID_FindOIDByTag(SEC_OID_MD5);
+ } else
+#endif /* XMLSEC_NO_MD5 */
+
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha1Id)) {
ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA1);
} else
#endif /* XMLSEC_NO_SHA1 */
+
#ifndef XMLSEC_NO_SHA256
if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha256Id)) {
ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA256);
@@ -315,6 +328,55 @@ xmlSecNssDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCt
return(0);
}
+#ifndef XMLSEC_NO_MD5
+/******************************************************************************
+ *
+ * Md5 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecNssMd5Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssDigestSize, /* xmlSecSize objSize */
+
+ /* data */
+ xmlSecNameMd5, /* const xmlChar* name; */
+ xmlSecHrefMd5, /* const xmlChar* href; */
+ xmlSecTransformUsageDigestMethod, /* xmlSecTransformUsage usage; */
+
+ /* methods */
+ xmlSecNssDigestInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssDigestFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ NULL, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssDigestVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssDigestExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformMd5GetKlass:
+ *
+ * MD5 digest transform klass.
+ *
+ * Returns: pointer to MD5 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformMd5GetKlass(void) {
+ return(&xmlSecNssMd5Klass);
+}
+#endif /* XMLSEC_NO_MD5 */
+
+
#ifndef XMLSEC_NO_SHA1
/******************************************************************************
*
diff --git a/src/nss/signatures.c b/src/nss/signatures.c
index 1be7b74..4f54170 100644
--- a/src/nss/signatures.c
+++ b/src/nss/signatures.c
@@ -85,6 +85,12 @@ xmlSecNssSignatureCheckId(xmlSecTransformPtr transform) {
#ifndef XMLSEC_NO_RSA
+#ifndef XMLSEC_NO_MD5
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaMd5Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_MD5 */
+
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha1Id)) {
return(1);
@@ -135,6 +141,14 @@ xmlSecNssSignatureInitialize(xmlSecTransformPtr transform) {
#ifndef XMLSEC_NO_RSA
+#ifndef XMLSEC_NO_MD5
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaMd5Id)) {
+ ctx->keyId = xmlSecNssKeyDataRsaId;
+ ctx->alg = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
+ } else
+#endif /* XMLSEC_NO_MD5 */
+
+
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha1Id)) {
ctx->keyId = xmlSecNssKeyDataRsaId;
@@ -586,6 +600,53 @@ xmlSecNssTransformDsaSha1GetKlass(void) {
#ifndef XMLSEC_NO_RSA
+#ifndef XMLSEC_NO_MD5
+/****************************************************************************
+ *
+ * RSA-MD5 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecNssRsaMd5Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecNssSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaMd5, /* const xmlChar* name; */
+ xmlSecHrefRsaMd5, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformRsaMd5GetKlass:
+ *
+ * The RSA-MD5 signature transform klass.
+ *
+ * Returns: RSA-MD5 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformRsaMd5GetKlass(void) {
+ return(&xmlSecNssRsaMd5Klass);
+}
+
+#endif /* XMLSEC_NO_MD5 */
+
#ifndef XMLSEC_NO_SHA1
/****************************************************************************
diff --git a/src/openssl/crypto.c b/src/openssl/crypto.c
index 4c9219e..9bb2886 100644
--- a/src/openssl/crypto.c
+++ b/src/openssl/crypto.c
@@ -162,6 +162,7 @@ xmlSecCryptoGetFunctions_openssl(void) {
/******************************* RSA ********************************/
#ifndef XMLSEC_NO_RSA
+
#ifndef XMLSEC_NO_MD5
gXmlSecOpenSSLFunctions->transformRsaMd5GetKlass = xmlSecOpenSSLTransformRsaMd5GetKlass;
#endif /* XMLSEC_NO_MD5 */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
