[xmlsec] add oaepparams support
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec] add oaepparams support
- Date: Fri, 30 Apr 2010 07:21:56 +0000 (UTC)
commit 22da871aff1eb4cb4ec017e1ff89a4d55c768390
Author: Aleksey Sanin <aleksey aleksey com>
Date: Fri Apr 30 00:21:49 2010 -0700
add oaepparams support
src/mscrypto/crypto.c | 2 +-
src/mscrypto/kt_rsa.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 49 insertions(+), 1 deletions(-)
---
diff --git a/src/mscrypto/crypto.c b/src/mscrypto/crypto.c
index d006df5..3fe8d4f 100644
--- a/src/mscrypto/crypto.c
+++ b/src/mscrypto/crypto.c
@@ -196,7 +196,7 @@ xmlSecCryptoGetFunctions_mscrypto(void) {
#endif /* XMLSEC_NO_SHA512 */
gXmlSecMSCryptoFunctions->transformRsaPkcs1GetKlass = xmlSecMSCryptoTransformRsaPkcs1GetKlass;
- gXmlSecMSCryptoFunctions->transformRsaOaepGetKlass = xmlSecMSCryptoTransformRsaOaepGetKlass;
+ gXmlSecMSCryptoFunctions->transformRsaOaepGetKlass = xmlSecMSCryptoTransformRsaOaepGetKlass;
#endif /* XMLSEC_NO_RSA */
/******************************* SHA ********************************/
diff --git a/src/mscrypto/kt_rsa.c b/src/mscrypto/kt_rsa.c
index f0d84ee..9b4908f 100644
--- a/src/mscrypto/kt_rsa.c
+++ b/src/mscrypto/kt_rsa.c
@@ -346,6 +346,30 @@ xmlSecMSCryptoRsaPkcs1OaepProcess(xmlSecTransformPtr transform, xmlSecTransformC
outBuf = xmlSecBufferGetData(out);
xmlSecAssert2(outBuf != NULL, -1);
+
+ /* set OAEP parameter for the key
+ *
+ * aleksey: I don't understand how this would work in multi-threaded
+ * environment or when key can be re-used multiple times
+ */
+ if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaOaepId) && xmlSecBufferGetSize(&(ctx->oaepParams)) > 0) {
+ CRYPT_DATA_BLOB oaepParams;
+
+ memset(&oaepParams, 0, sizeof(oaepParams));
+ oaepParams.pbData = xmlSecBufferGetData(&(ctx->oaepParams));
+ oaepParams.cbData = xmlSecBufferGetSize(&(ctx->oaepParams));
+
+ if (!CryptSetKeyParam(hKey, KP_OAEP_PARAMS, (const BYTE*)&oaepParams, 0)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "CryptSetKeyParam",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return (-1);
+ }
+ }
+
+ /* encrypt */
if (!CryptEncrypt(hKey, 0, TRUE, ctx->dwFlags, outBuf, &dwInLen, dwBufLen)) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
@@ -377,6 +401,30 @@ xmlSecMSCryptoRsaPkcs1OaepProcess(xmlSecTransformPtr transform, xmlSecTransformC
XMLSEC_ERRORS_NO_MESSAGE);
return (-1);
}
+
+ /* set OAEP parameter for the key
+ *
+ * aleksey: I don't understand how this would work in multi-threaded
+ * environment or when key can be re-used multiple times
+ */
+ if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaOaepId) && xmlSecBufferGetSize(&(ctx->oaepParams)) > 0) {
+ CRYPT_DATA_BLOB oaepParams;
+
+ memset(&oaepParams, 0, sizeof(oaepParams));
+ oaepParams.pbData = xmlSecBufferGetData(&(ctx->oaepParams));
+ oaepParams.cbData = xmlSecBufferGetSize(&(ctx->oaepParams));
+
+ if (!CryptSetKeyParam(hKey, KP_OAEP_PARAMS, (const BYTE*)&oaepParams, 0)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "CryptSetKeyParam",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return (-1);
+ }
+ }
+
+ /* decrypt */
if (!CryptDecrypt(hKey, 0, TRUE, ctx->dwFlags, outBuf, &dwOutLen)) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
