[xmlsec] cleanup error reporting for gcrypt/gnutls
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec] cleanup error reporting for gcrypt/gnutls
- Date: Fri, 14 May 2010 02:28:30 +0000 (UTC)
commit b228667aac6f5f888397f2a51a9cc7ca02148ed3
Author: Aleksey Sanin <aleksey aleksey com>
Date: Wed May 12 15:00:03 2010 -0700
cleanup error reporting for gcrypt/gnutls
src/gcrypt/asn1.c | 14 ++++++------
src/gcrypt/asymkeys.c | 27 +++++++++++-----------
src/gcrypt/ciphers.c | 55 ++++++++++++++++++++++++---------------------
src/gcrypt/digests.c | 4 +-
src/gcrypt/globals.h | 4 ++-
src/gcrypt/hmac.c | 16 ++++++------
src/gcrypt/kw_aes.c | 52 +++++++++++++++++++++---------------------
src/gcrypt/kw_des.c | 48 +++++++++++++++++++---------------------
src/gcrypt/signatures.c | 40 ++++++++++++++++-----------------
src/gnutls/README | 10 ++------
src/gnutls/asymkeys.c | 28 +++++++++++-----------
src/gnutls/ciphers.c | 56 ++++++++++++++++++++++++----------------------
src/gnutls/crypto.c | 1 -
src/gnutls/digests.c | 9 +++----
src/gnutls/globals.h | 4 +++
src/gnutls/hmac.c | 17 ++++++-------
src/gnutls/kw_aes.c | 53 +++++++++++++++++++++----------------------
src/gnutls/kw_des.c | 49 +++++++++++++++++++---------------------
18 files changed, 241 insertions(+), 246 deletions(-)
---
diff --git a/src/gcrypt/asn1.c b/src/gcrypt/asn1.c
index 612fe72..b138842 100644
--- a/src/gcrypt/asn1.c
+++ b/src/gcrypt/asn1.c
@@ -232,7 +232,7 @@ xmlSecGCryptAsn1ParseIntegerSequence(xmlSecByte const **buffer, xmlSecSize *bufl
NULL,
"gcry_mpi_scan",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
buf += ti.length;
@@ -356,7 +356,7 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
NULL,
"gcry_sexp_build(private-key/dsa)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -369,7 +369,7 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
NULL,
"gcry_sexp_build(public-key/dsa)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -420,7 +420,7 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
NULL,
"gcry_sexp_build(public-key/dsa)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -481,7 +481,7 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
NULL,
"gcry_sexp_build(private-key/rsa)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -494,7 +494,7 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
NULL,
"gcry_sexp_build(public-key/rsa)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -545,7 +545,7 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
NULL,
"gcry_sexp_build(public-key/rsa)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
diff --git a/src/gcrypt/asymkeys.c b/src/gcrypt/asymkeys.c
index 3da050f..8f0cec8 100644
--- a/src/gcrypt/asymkeys.c
+++ b/src/gcrypt/asymkeys.c
@@ -290,7 +290,7 @@ xmlSecGCryptAsymKeyDataGenerate(xmlSecKeyDataPtr data, const char * alg, xmlSecS
NULL,
"gcry_sexp_build(genkey)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -300,7 +300,7 @@ xmlSecGCryptAsymKeyDataGenerate(xmlSecKeyDataPtr data, const char * alg, xmlSecS
NULL,
"gcry_pk_genkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -371,7 +371,7 @@ static gcry_sexp_t
xmlSecGCryptAsymSExpDup(gcry_sexp_t pKey) {
gcry_sexp_t res = NULL;
xmlSecByte *buf = NULL;
- gcry_error_t ret;
+ gcry_error_t err;
size_t size;
xmlSecAssert2(pKey != NULL, NULL);
@@ -406,13 +406,13 @@ xmlSecGCryptAsymSExpDup(gcry_sexp_t pKey) {
goto done;
}
- ret = gcry_sexp_new(&res, buf, size, 1);
- if((ret != GPG_ERR_NO_ERROR) || (res == NULL)) {
+ err = gcry_sexp_new(&res, buf, size, 1);
+ if((err != GPG_ERR_NO_ERROR) || (res == NULL)) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_sexp_new",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", (int)ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -474,7 +474,7 @@ xmlSecGCryptNodeGetMpiValue(const xmlNodePtr cur) {
NULL,
"gcry_mpi_scan",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
xmlSecBufferFinalize(&buf);
return(NULL);
}
@@ -517,7 +517,7 @@ xmlSecGCryptNodeSetMpiValue(xmlNodePtr cur, const gcry_mpi_t a, int addLineBreak
NULL,
"gcry_mpi_print",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
@@ -541,8 +541,7 @@ xmlSecGCryptNodeSetMpiValue(xmlNodePtr cur, const gcry_mpi_t a, int addLineBreak
NULL,
"gcry_mpi_print",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d,size=%d",
- (int)err, (int)xmlSecBufferGetMaxSize(&buf));
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
xmlSecBufferFinalize(&buf);
return(-1);
}
@@ -1093,7 +1092,7 @@ xmlSecGCryptKeyDataDsaXmlRead(xmlSecKeyDataId id,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
"gcry_sexp_build(public)",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
if(x != NULL) {
@@ -1105,7 +1104,7 @@ xmlSecGCryptKeyDataDsaXmlRead(xmlSecKeyDataId id,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
"gcry_sexp_build(private)",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
}
@@ -1706,7 +1705,7 @@ xmlSecGCryptKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
"gcry_sexp_build(public)",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
if(d != NULL) {
@@ -1718,7 +1717,7 @@ xmlSecGCryptKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
"gcry_sexp_build(private)",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
}
diff --git a/src/gcrypt/ciphers.c b/src/gcrypt/ciphers.c
index 70d5cff..6192b8b 100644
--- a/src/gcrypt/ciphers.c
+++ b/src/gcrypt/ciphers.c
@@ -59,6 +59,7 @@ xmlSecGCryptBlockCipherCtxInit(xmlSecGCryptBlockCipherCtxPtr ctx,
int encrypt,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
+ gcry_err_code_t err;
int blockLen;
int ret;
@@ -94,13 +95,13 @@ xmlSecGCryptBlockCipherCtxInit(xmlSecGCryptBlockCipherCtxPtr ctx,
/* generate and use random iv */
gcry_randomize(iv, blockLen, GCRY_STRONG_RANDOM);
- ret = gcry_cipher_setiv(ctx->cipherCtx, iv, blockLen);
- if(ret != 0) {
+ err = gcry_cipher_setiv(ctx->cipherCtx, iv, blockLen);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_setiv",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
} else {
@@ -112,13 +113,13 @@ xmlSecGCryptBlockCipherCtxInit(xmlSecGCryptBlockCipherCtxPtr ctx,
xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
/* set iv */
- ret = gcry_cipher_setiv(ctx->cipherCtx, xmlSecBufferGetData(in), blockLen);
- if(ret != 0) {
+ err = gcry_cipher_setiv(ctx->cipherCtx, xmlSecBufferGetData(in), blockLen);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_setiv",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
@@ -147,6 +148,7 @@ xmlSecGCryptBlockCipherCtxUpdate(xmlSecGCryptBlockCipherCtxPtr ctx,
xmlSecSize inSize, inBlocks, outSize;
int blockLen;
xmlSecByte* outBuf;
+ gcry_err_code_t err;
int ret;
xmlSecAssert2(ctx != NULL, -1);
@@ -189,25 +191,25 @@ xmlSecGCryptBlockCipherCtxUpdate(xmlSecGCryptBlockCipherCtxPtr ctx,
outBuf = xmlSecBufferGetData(out) + outSize;
if(encrypt) {
- ret = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+ err = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
- if(ret != 0) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_encrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
} else {
- ret = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+ err = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
- if(ret != 0) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_decrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
}
@@ -247,6 +249,7 @@ xmlSecGCryptBlockCipherCtxFinal(xmlSecGCryptBlockCipherCtxPtr ctx,
int blockLen, outLen = 0;
xmlSecByte* inBuf;
xmlSecByte* outBuf;
+ gcry_err_code_t err;
int ret;
xmlSecAssert2(ctx != NULL, -1);
@@ -309,25 +312,25 @@ xmlSecGCryptBlockCipherCtxFinal(xmlSecGCryptBlockCipherCtxPtr ctx,
outBuf = xmlSecBufferGetData(out) + outSize;
if(encrypt) {
- ret = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+ err = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
- if(ret != 0) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_encrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
} else {
- ret = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+ err = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
- if(ret != 0) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_decrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
}
@@ -445,7 +448,7 @@ xmlSecGCryptBlockCipherCheckId(xmlSecTransformPtr transform) {
static int
xmlSecGCryptBlockCipherInitialize(xmlSecTransformPtr transform) {
xmlSecGCryptBlockCipherCtxPtr ctx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(xmlSecGCryptBlockCipherCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptBlockCipherSize), -1);
@@ -488,13 +491,13 @@ xmlSecGCryptBlockCipherInitialize(xmlSecTransformPtr transform) {
return(-1);
}
- ret = gcry_cipher_open(&ctx->cipherCtx, ctx->cipher, ctx->mode, GCRY_CIPHER_SECURE); /* we are paranoid */
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_open(&ctx->cipherCtx, ctx->cipher, ctx->mode, GCRY_CIPHER_SECURE); /* we are paranoid */
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_cipher_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
return(0);
@@ -548,7 +551,7 @@ xmlSecGCryptBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecGCryptBlockCipherCtxPtr ctx;
xmlSecBufferPtr buffer;
xmlSecSize keySize;
- int ret;
+ gcry_err_code_t err;
xmlSecAssert2(xmlSecGCryptBlockCipherCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
@@ -580,13 +583,13 @@ xmlSecGCryptBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
}
xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
- ret = gcry_cipher_setkey(ctx->cipherCtx, xmlSecBufferGetData(buffer), keySize);
- if(ret != 0) {
+ err = gcry_cipher_setkey(ctx->cipherCtx, xmlSecBufferGetData(buffer), keySize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_cipher_setkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
diff --git a/src/gcrypt/digests.c b/src/gcrypt/digests.c
index 0a14646..dcbe4c7 100644
--- a/src/gcrypt/digests.c
+++ b/src/gcrypt/digests.c
@@ -107,7 +107,7 @@ xmlSecGCryptDigestCheckId(xmlSecTransformPtr transform) {
static int
xmlSecGCryptDigestInitialize(xmlSecTransformPtr transform) {
xmlSecGCryptDigestCtxPtr ctx;
- gpg_err_code_t err;
+ gcry_error_t err;
xmlSecAssert2(xmlSecGCryptDigestCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptDigestSize), -1);
@@ -170,7 +170,7 @@ xmlSecGCryptDigestInitialize(xmlSecTransformPtr transform) {
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_md_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
return(0);
diff --git a/src/gcrypt/globals.h b/src/gcrypt/globals.h
index 13204ad..7bc03c1 100644
--- a/src/gcrypt/globals.h
+++ b/src/gcrypt/globals.h
@@ -23,6 +23,8 @@
#define XMLSEC_GCRYPT_MAX_DIGEST_SIZE 256
-
+#define XMLSEC_GCRYPT_REPORT_ERROR(err) \
+ "error code=%d; error message='%s'", \
+ (int)err, xmlSecErrorsSafeString(gcry_strerror((err)))
#endif /* ! __XMLSEC_GLOBALS_H__ */
diff --git a/src/gcrypt/hmac.c b/src/gcrypt/hmac.c
index a2e164e..60a7a11 100644
--- a/src/gcrypt/hmac.c
+++ b/src/gcrypt/hmac.c
@@ -151,7 +151,7 @@ xmlSecGCryptHmacCheckId(xmlSecTransformPtr transform) {
static int
xmlSecGCryptHmacInitialize(xmlSecTransformPtr transform) {
xmlSecGCryptHmacCtxPtr ctx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1);
@@ -208,13 +208,13 @@ xmlSecGCryptHmacInitialize(xmlSecTransformPtr transform) {
}
/* open context */
- ret = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_HMAC | GCRY_MD_FLAG_SECURE); /* we are paranoid */
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_HMAC | GCRY_MD_FLAG_SECURE); /* we are paranoid */
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_md_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
@@ -338,7 +338,7 @@ xmlSecGCryptHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecGCryptHmacCtxPtr ctx;
xmlSecKeyDataPtr value;
xmlSecBufferPtr buffer;
- int ret;
+ gcry_error_t err;
xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
@@ -364,14 +364,14 @@ xmlSecGCryptHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
return(-1);
}
- ret = gcry_md_setkey(ctx->digestCtx, xmlSecBufferGetData(buffer),
+ err = gcry_md_setkey(ctx->digestCtx, xmlSecBufferGetData(buffer),
xmlSecBufferGetSize(buffer));
- if(ret != 0) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_md_setkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
return(0);
diff --git a/src/gcrypt/kw_aes.c b/src/gcrypt/kw_aes.c
index 7864b80..38ac895 100644
--- a/src/gcrypt/kw_aes.c
+++ b/src/gcrypt/kw_aes.c
@@ -472,7 +472,7 @@ xmlSecGCryptKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
void * context) {
xmlSecGCryptKWAesCtxPtr ctx = (xmlSecGCryptKWAesCtxPtr)context;
gcry_cipher_hd_t cipherCtx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(in != NULL, -1);
@@ -480,46 +480,46 @@ xmlSecGCryptKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= ctx->blockSize, -1);
- ret = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_setkey(cipherCtx,
+ err = gcry_cipher_setkey(cipherCtx,
xmlSecBufferGetData(&ctx->keyBuffer),
xmlSecBufferGetSize(&ctx->keyBuffer));
- if(ret != GPG_ERR_NO_ERROR) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
/* use zero IV and CBC mode to ensure we get result as-is */
- ret = gcry_cipher_setiv(cipherCtx, g_zero_iv, sizeof(g_zero_iv));
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_setiv(cipherCtx, g_zero_iv, sizeof(g_zero_iv));
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setiv",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_encrypt(cipherCtx, out, outSize, in, inSize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_encrypt(cipherCtx, out, outSize, in, inSize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_encrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
gcry_cipher_close(cipherCtx);
return(-1);
}
@@ -534,7 +534,7 @@ xmlSecGCryptKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
void * context) {
xmlSecGCryptKWAesCtxPtr ctx = (xmlSecGCryptKWAesCtxPtr)context;
gcry_cipher_hd_t cipherCtx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(in != NULL, -1);
@@ -542,46 +542,46 @@ xmlSecGCryptKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= ctx->blockSize, -1);
- ret = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_setkey(cipherCtx,
+ err = gcry_cipher_setkey(cipherCtx,
xmlSecBufferGetData(&ctx->keyBuffer),
xmlSecBufferGetSize(&ctx->keyBuffer));
- if(ret != GPG_ERR_NO_ERROR) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
/* use zero IV and CBC mode to ensure we get result as-is */
- ret = gcry_cipher_setiv(cipherCtx, g_zero_iv, sizeof(g_zero_iv));
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_setiv(cipherCtx, g_zero_iv, sizeof(g_zero_iv));
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setiv",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_decrypt(cipherCtx, out, outSize, in, inSize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_decrypt(cipherCtx, out, outSize, in, inSize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_decrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
gcry_cipher_close(cipherCtx);
return(-1);
}
diff --git a/src/gcrypt/kw_des.c b/src/gcrypt/kw_des.c
index ae541b2..b93eb9f 100644
--- a/src/gcrypt/kw_des.c
+++ b/src/gcrypt/kw_des.c
@@ -387,7 +387,7 @@ xmlSecGCryptKWDes3Sha1(void * context,
gcry_md_hd_t digestCtx;
unsigned char * res;
unsigned int len;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(in != NULL, -1);
@@ -398,25 +398,25 @@ xmlSecGCryptKWDes3Sha1(void * context,
len = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
xmlSecAssert2(outSize >= len, -1);
- ret = gcry_md_open(&digestCtx, GCRY_MD_SHA1, GCRY_MD_FLAG_SECURE); /* we are paranoid */
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_md_open(&digestCtx, GCRY_MD_SHA1, GCRY_MD_FLAG_SECURE); /* we are paranoid */
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_md_open(GCRY_MD_SHA1)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
gcry_md_write(digestCtx, in, inSize);
- ret = gcry_md_final(digestCtx);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_md_final(digestCtx);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_md_final",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
gcry_md_close(digestCtx);
return(-1);
}
@@ -532,7 +532,7 @@ xmlSecGCryptKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
size_t key_len = gcry_cipher_get_algo_keylen(GCRY_CIPHER_3DES);
size_t block_len = gcry_cipher_get_algo_blklen(GCRY_CIPHER_3DES);
gcry_cipher_hd_t cipherCtx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(keySize >= key_len, -1);
@@ -543,57 +543,55 @@ xmlSecGCryptKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
- ret = gcry_cipher_open(&cipherCtx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_SECURE); /* we are paranoid */
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_open(&cipherCtx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_SECURE); /* we are paranoid */
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_open(GCRY_CIPHER_3DES)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_setkey(cipherCtx, key, keySize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_setkey(cipherCtx, key, keySize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "keySize=%d,ret=%d",
- keySize, ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_setiv(cipherCtx, iv, ivSize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_setiv(cipherCtx, iv, ivSize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setiv",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ivSize=%d,ret=%d",
- ivSize, ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
if(enc) {
- ret = gcry_cipher_encrypt(cipherCtx, out, outSize, in, inSize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_encrypt(cipherCtx, out, outSize, in, inSize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_encrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
gcry_cipher_close(cipherCtx);
return(-1);
}
} else {
- ret = gcry_cipher_decrypt(cipherCtx, out, outSize, in, inSize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_decrypt(cipherCtx, out, outSize, in, inSize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_decrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
gcry_cipher_close(cipherCtx);
return(-1);
}
diff --git a/src/gcrypt/signatures.c b/src/gcrypt/signatures.c
index cc8cf14..16e38ab 100644
--- a/src/gcrypt/signatures.c
+++ b/src/gcrypt/signatures.c
@@ -178,7 +178,7 @@ xmlSecGCryptPkSignatureCheckId(xmlSecTransformPtr transform) {
static int
xmlSecGCryptPkSignatureInitialize(xmlSecTransformPtr transform) {
xmlSecGCryptPkSignatureCtxPtr ctx;
- gpg_err_code_t err;
+ gcry_error_t err;
xmlSecAssert2(xmlSecGCryptPkSignatureCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptPkSignatureSize), -1);
@@ -275,7 +275,7 @@ xmlSecGCryptPkSignatureInitialize(xmlSecTransformPtr transform) {
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_md_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
@@ -541,7 +541,7 @@ xmlSecGCryptAppendMpi(gcry_mpi_t a, xmlSecBufferPtr out) {
NULL,
"gcry_mpi_print",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
@@ -568,9 +568,7 @@ xmlSecGCryptAppendMpi(gcry_mpi_t a, xmlSecBufferPtr out) {
NULL,
"gcry_mpi_print",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d,size=%d",
- (int)err,
- (int)(xmlSecBufferGetMaxSize(out) - outSize));
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
@@ -645,7 +643,7 @@ xmlSecGCryptDsaPkSign(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
NULL,
"gcry_mpi_scan(hash)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -657,7 +655,7 @@ xmlSecGCryptDsaPkSign(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
NULL,
"gcry_sexp_build(data)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -668,7 +666,7 @@ xmlSecGCryptDsaPkSign(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
NULL,
"gcry_pk_sign",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -817,7 +815,7 @@ xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
NULL,
"gcry_mpi_scan(hash)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -829,7 +827,7 @@ xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
NULL,
"gcry_sexp_build(data)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -840,7 +838,7 @@ xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
NULL,
"gcry_mpi_scan(r)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
err = gcry_mpi_scan(&m_sig_s, GCRYMPI_FMT_USG, data + 20, 20, NULL);
@@ -849,7 +847,7 @@ xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
NULL,
"gcry_mpi_scan(s)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -861,7 +859,7 @@ xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
NULL,
"gcry_sexp_build(sig-val)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -876,7 +874,7 @@ xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
NULL,
"gcry_pk_verify",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -1011,7 +1009,7 @@ xmlSecGCryptRsaPkcs1PkSign(int digest, xmlSecKeyDataPtr key_data,
NULL,
"gcry_sexp_build(data)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -1022,7 +1020,7 @@ xmlSecGCryptRsaPkcs1PkSign(int digest, xmlSecKeyDataPtr key_data,
NULL,
"gcry_pk_sign",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -1129,7 +1127,7 @@ xmlSecGCryptRsaPkcs1PkVerify(int digest, xmlSecKeyDataPtr key_data,
NULL,
"gcry_sexp_build(data)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -1140,7 +1138,7 @@ xmlSecGCryptRsaPkcs1PkVerify(int digest, xmlSecKeyDataPtr key_data,
NULL,
"gcry_mpi_scan",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -1152,7 +1150,7 @@ xmlSecGCryptRsaPkcs1PkVerify(int digest, xmlSecKeyDataPtr key_data,
NULL,
"gcry_sexp_build(sig-val)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -1167,7 +1165,7 @@ xmlSecGCryptRsaPkcs1PkVerify(int digest, xmlSecKeyDataPtr key_data,
NULL,
"gcry_pk_verify",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GCRYPT_REPORT_ERROR(err));
goto done;
}
diff --git a/src/gnutls/README b/src/gnutls/README
index 23f7d8a..62e8da5 100644
--- a/src/gnutls/README
+++ b/src/gnutls/README
@@ -1,9 +1,5 @@
-The xmlsec-gnutls implementation is really limited and is not ready
-for production use. The only supported crypto transforms are:
-
- - HMAC
- - Tripple DES
- - AES [128|192|256]
- - SHA1
+The xmlsec-gnutls uses both libgcrypt and libgnutls because GnuTLS
+does not provide direct access to low-level crypto operations (digests,
+hmac, aes, des, etc.).
diff --git a/src/gnutls/asymkeys.c b/src/gnutls/asymkeys.c
index 992374b..715426f 100644
--- a/src/gnutls/asymkeys.c
+++ b/src/gnutls/asymkeys.c
@@ -291,7 +291,7 @@ xmlSecGnuTLSAsymKeyDataGenerate(xmlSecKeyDataPtr data, const char * alg, xmlSecS
NULL,
"gcry_sexp_build(genkey)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -301,7 +301,7 @@ xmlSecGnuTLSAsymKeyDataGenerate(xmlSecKeyDataPtr data, const char * alg, xmlSecS
NULL,
"gcry_pk_genkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -372,7 +372,7 @@ static gcry_sexp_t
xmlSecGnuTLSAsymSExpDup(gcry_sexp_t pKey) {
gcry_sexp_t res = NULL;
xmlSecByte *buf = NULL;
- gcry_error_t ret;
+ gcry_error_t err;
size_t size;
xmlSecAssert2(pKey != NULL, NULL);
@@ -407,13 +407,13 @@ xmlSecGnuTLSAsymSExpDup(gcry_sexp_t pKey) {
goto done;
}
- ret = gcry_sexp_new(&res, buf, size, 1);
- if((ret != GPG_ERR_NO_ERROR) || (res == NULL)) {
+ err = gcry_sexp_new(&res, buf, size, 1);
+ if((err != GPG_ERR_NO_ERROR) || (res == NULL)) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_sexp_new",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", (int)ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
goto done;
}
@@ -475,7 +475,7 @@ xmlSecGnuTLSNodeGetMpiValue(const xmlNodePtr cur) {
NULL,
"gcry_mpi_scan",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
xmlSecBufferFinalize(&buf);
return(NULL);
}
@@ -518,7 +518,7 @@ xmlSecGnuTLSNodeSetMpiValue(xmlNodePtr cur, const gcry_mpi_t a, int addLineBreak
NULL,
"gcry_mpi_print",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d", (int)err);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
@@ -533,6 +533,7 @@ xmlSecGnuTLSNodeSetMpiValue(xmlNodePtr cur, const gcry_mpi_t a, int addLineBreak
}
written = 0;
+
err = gcry_mpi_print(GCRYMPI_FMT_USG,
xmlSecBufferGetData(&buf),
xmlSecBufferGetMaxSize(&buf),
@@ -542,8 +543,7 @@ xmlSecGnuTLSNodeSetMpiValue(xmlNodePtr cur, const gcry_mpi_t a, int addLineBreak
NULL,
"gcry_mpi_print",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "err=%d,size=%d",
- (int)err, (int)xmlSecBufferGetMaxSize(&buf));
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
xmlSecBufferFinalize(&buf);
return(-1);
}
@@ -1094,7 +1094,7 @@ xmlSecGnuTLSKeyDataDsaXmlRead(xmlSecKeyDataId id,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
"gcry_sexp_build(public)",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
goto done;
}
if(x != NULL) {
@@ -1106,7 +1106,7 @@ xmlSecGnuTLSKeyDataDsaXmlRead(xmlSecKeyDataId id,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
"gcry_sexp_build(private)",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
goto done;
}
}
@@ -1707,7 +1707,7 @@ xmlSecGnuTLSKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
"gcry_sexp_build(public)",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
goto done;
}
if(d != NULL) {
@@ -1719,7 +1719,7 @@ xmlSecGnuTLSKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
"gcry_sexp_build(private)",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
goto done;
}
}
diff --git a/src/gnutls/ciphers.c b/src/gnutls/ciphers.c
index a137ac8..dd94b6a 100644
--- a/src/gnutls/ciphers.c
+++ b/src/gnutls/ciphers.c
@@ -10,7 +10,6 @@
#include <string.h>
-#include <gnutls/gnutls.h>
#include <gcrypt.h>
#include <xmlsec/xmlsec.h>
@@ -60,6 +59,7 @@ xmlSecGnuTLSBlockCipherCtxInit(xmlSecGnuTLSBlockCipherCtxPtr ctx,
int encrypt,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
+ gcry_err_code_t err;
int blockLen;
int ret;
@@ -95,13 +95,13 @@ xmlSecGnuTLSBlockCipherCtxInit(xmlSecGnuTLSBlockCipherCtxPtr ctx,
/* generate and use random iv */
gcry_randomize(iv, blockLen, GCRY_STRONG_RANDOM);
- ret = gcry_cipher_setiv(ctx->cipherCtx, iv, blockLen);
- if(ret != 0) {
+ err = gcry_cipher_setiv(ctx->cipherCtx, iv, blockLen);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_setiv",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
} else {
@@ -113,13 +113,13 @@ xmlSecGnuTLSBlockCipherCtxInit(xmlSecGnuTLSBlockCipherCtxPtr ctx,
xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
/* set iv */
- ret = gcry_cipher_setiv(ctx->cipherCtx, xmlSecBufferGetData(in), blockLen);
- if(ret != 0) {
+ err = gcry_cipher_setiv(ctx->cipherCtx, xmlSecBufferGetData(in), blockLen);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_setiv",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
@@ -148,6 +148,7 @@ xmlSecGnuTLSBlockCipherCtxUpdate(xmlSecGnuTLSBlockCipherCtxPtr ctx,
xmlSecSize inSize, inBlocks, outSize;
int blockLen;
xmlSecByte* outBuf;
+ gcry_err_code_t err;
int ret;
xmlSecAssert2(ctx != NULL, -1);
@@ -190,25 +191,25 @@ xmlSecGnuTLSBlockCipherCtxUpdate(xmlSecGnuTLSBlockCipherCtxPtr ctx,
outBuf = xmlSecBufferGetData(out) + outSize;
if(encrypt) {
- ret = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+ err = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
- if(ret != 0) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_encrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
} else {
- ret = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+ err = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
- if(ret != 0) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_decrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
}
@@ -248,6 +249,7 @@ xmlSecGnuTLSBlockCipherCtxFinal(xmlSecGnuTLSBlockCipherCtxPtr ctx,
int blockLen, outLen = 0;
xmlSecByte* inBuf;
xmlSecByte* outBuf;
+ gcry_err_code_t err;
int ret;
xmlSecAssert2(ctx != NULL, -1);
@@ -310,25 +312,25 @@ xmlSecGnuTLSBlockCipherCtxFinal(xmlSecGnuTLSBlockCipherCtxPtr ctx,
outBuf = xmlSecBufferGetData(out) + outSize;
if(encrypt) {
- ret = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+ err = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
- if(ret != 0) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_encrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
} else {
- ret = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+ err = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
xmlSecBufferGetData(in), inSize);
- if(ret != 0) {
+ if(err != 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"gcry_cipher_decrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
}
@@ -446,7 +448,7 @@ xmlSecGnuTLSBlockCipherCheckId(xmlSecTransformPtr transform) {
static int
xmlSecGnuTLSBlockCipherInitialize(xmlSecTransformPtr transform) {
xmlSecGnuTLSBlockCipherCtxPtr ctx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(xmlSecGnuTLSBlockCipherCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSBlockCipherSize), -1);
@@ -489,13 +491,13 @@ xmlSecGnuTLSBlockCipherInitialize(xmlSecTransformPtr transform) {
return(-1);
}
- ret = gcry_cipher_open(&ctx->cipherCtx, ctx->cipher, ctx->mode, GCRY_CIPHER_SECURE); /* we are paranoid */
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_open(&ctx->cipherCtx, ctx->cipher, ctx->mode, GCRY_CIPHER_SECURE); /* we are paranoid */
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_cipher_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
return(0);
@@ -549,7 +551,7 @@ xmlSecGnuTLSBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecGnuTLSBlockCipherCtxPtr ctx;
xmlSecBufferPtr buffer;
xmlSecSize keySize;
- int ret;
+ gcry_err_code_t err;
xmlSecAssert2(xmlSecGnuTLSBlockCipherCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
@@ -581,13 +583,13 @@ xmlSecGnuTLSBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
}
xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
- ret = gcry_cipher_setkey(ctx->cipherCtx, xmlSecBufferGetData(buffer), keySize);
- if(ret != 0) {
+ err = gcry_cipher_setkey(ctx->cipherCtx, xmlSecBufferGetData(buffer), keySize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_cipher_setkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
diff --git a/src/gnutls/crypto.c b/src/gnutls/crypto.c
index 25d8f65..c4e3be8 100644
--- a/src/gnutls/crypto.c
+++ b/src/gnutls/crypto.c
@@ -10,7 +10,6 @@
#include <string.h>
-#include <gnutls/gnutls.h>
#include <gcrypt.h>
#include <xmlsec/xmlsec.h>
diff --git a/src/gnutls/digests.c b/src/gnutls/digests.c
index c43cd08..b18c130 100644
--- a/src/gnutls/digests.c
+++ b/src/gnutls/digests.c
@@ -10,7 +10,6 @@
#include <string.h>
-#include <gnutls/gnutls.h>
#include <gcrypt.h>
#include <xmlsec/xmlsec.h>
@@ -110,7 +109,7 @@ xmlSecGnuTLSDigestCheckId(xmlSecTransformPtr transform) {
static int
xmlSecGnuTLSDigestInitialize(xmlSecTransformPtr transform) {
xmlSecGnuTLSDigestCtxPtr ctx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(xmlSecGnuTLSDigestCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSDigestSize), -1);
@@ -166,13 +165,13 @@ xmlSecGnuTLSDigestInitialize(xmlSecTransformPtr transform) {
return(-1);
}
- ret = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_SECURE); /* we are paranoid */
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_SECURE); /* we are paranoid */
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_md_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
return(0);
diff --git a/src/gnutls/globals.h b/src/gnutls/globals.h
index 770b6db..8436900 100644
--- a/src/gnutls/globals.h
+++ b/src/gnutls/globals.h
@@ -21,4 +21,8 @@
#define IN_XMLSEC_CRYPTO
#define XMLSEC_PRIVATE
+#define XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err) \
+ "error code=%d; error message='%s'", \
+ (int)err, xmlSecErrorsSafeString(gcry_strerror((err)))
+
#endif /* ! __XMLSEC_GLOBALS_H__ */
diff --git a/src/gnutls/hmac.c b/src/gnutls/hmac.c
index f965b8d..89bc227 100644
--- a/src/gnutls/hmac.c
+++ b/src/gnutls/hmac.c
@@ -11,7 +11,6 @@
#include <string.h>
-#include <gnutls/gnutls.h>
#include <gcrypt.h>
#include <xmlsec/xmlsec.h>
@@ -152,7 +151,7 @@ xmlSecGnuTLSHmacCheckId(xmlSecTransformPtr transform) {
static int
xmlSecGnuTLSHmacInitialize(xmlSecTransformPtr transform) {
xmlSecGnuTLSHmacCtxPtr ctx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(xmlSecGnuTLSHmacCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSHmacSize), -1);
@@ -209,13 +208,13 @@ xmlSecGnuTLSHmacInitialize(xmlSecTransformPtr transform) {
}
/* open context */
- ret = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_HMAC | GCRY_MD_FLAG_SECURE); /* we are paranoid */
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_HMAC | GCRY_MD_FLAG_SECURE); /* we are paranoid */
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_md_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
@@ -339,7 +338,7 @@ xmlSecGnuTLSHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecGnuTLSHmacCtxPtr ctx;
xmlSecKeyDataPtr value;
xmlSecBufferPtr buffer;
- int ret;
+ gcry_err_code_t err;
xmlSecAssert2(xmlSecGnuTLSHmacCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
@@ -365,14 +364,14 @@ xmlSecGnuTLSHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
return(-1);
}
- ret = gcry_md_setkey(ctx->digestCtx, xmlSecBufferGetData(buffer),
+ err = gcry_md_setkey(ctx->digestCtx, xmlSecBufferGetData(buffer),
xmlSecBufferGetSize(buffer));
- if(ret != 0) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"gcry_md_setkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
return(0);
diff --git a/src/gnutls/kw_aes.c b/src/gnutls/kw_aes.c
index b47eec4..78baf6d 100644
--- a/src/gnutls/kw_aes.c
+++ b/src/gnutls/kw_aes.c
@@ -16,7 +16,6 @@
#include <stdio.h>
#include <string.h>
-#include <gnutls/gnutls.h>
#include <gcrypt.h>
#include <xmlsec/xmlsec.h>
@@ -473,7 +472,7 @@ xmlSecGnuTLSKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
void * context) {
xmlSecGnuTLSKWAesCtxPtr ctx = (xmlSecGnuTLSKWAesCtxPtr)context;
gcry_cipher_hd_t cipherCtx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(in != NULL, -1);
@@ -481,46 +480,46 @@ xmlSecGnuTLSKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= ctx->blockSize, -1);
- ret = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_setkey(cipherCtx,
+ err = gcry_cipher_setkey(cipherCtx,
xmlSecBufferGetData(&ctx->keyBuffer),
xmlSecBufferGetSize(&ctx->keyBuffer));
- if(ret != GPG_ERR_NO_ERROR) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
/* use zero IV and CBC mode to ensure we get result as-is */
- ret = gcry_cipher_setiv(cipherCtx, g_zero_iv, sizeof(g_zero_iv));
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_setiv(cipherCtx, g_zero_iv, sizeof(g_zero_iv));
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setiv",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_encrypt(cipherCtx, out, outSize, in, inSize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_encrypt(cipherCtx, out, outSize, in, inSize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_encrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
gcry_cipher_close(cipherCtx);
return(-1);
}
@@ -535,7 +534,7 @@ xmlSecGnuTLSKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
void * context) {
xmlSecGnuTLSKWAesCtxPtr ctx = (xmlSecGnuTLSKWAesCtxPtr)context;
gcry_cipher_hd_t cipherCtx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(in != NULL, -1);
@@ -543,46 +542,46 @@ xmlSecGnuTLSKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= ctx->blockSize, -1);
- ret = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_open",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_setkey(cipherCtx,
+ err = gcry_cipher_setkey(cipherCtx,
xmlSecBufferGetData(&ctx->keyBuffer),
xmlSecBufferGetSize(&ctx->keyBuffer));
- if(ret != GPG_ERR_NO_ERROR) {
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
/* use zero IV and CBC mode to ensure we get result as-is */
- ret = gcry_cipher_setiv(cipherCtx, g_zero_iv, sizeof(g_zero_iv));
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_setiv(cipherCtx, g_zero_iv, sizeof(g_zero_iv));
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setiv",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_decrypt(cipherCtx, out, outSize, in, inSize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_decrypt(cipherCtx, out, outSize, in, inSize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_decrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
gcry_cipher_close(cipherCtx);
return(-1);
}
diff --git a/src/gnutls/kw_des.c b/src/gnutls/kw_des.c
index d6af1ef..c46e5d9 100644
--- a/src/gnutls/kw_des.c
+++ b/src/gnutls/kw_des.c
@@ -16,7 +16,6 @@
#include <stdio.h>
#include <string.h>
-#include <gnutls/gnutls.h>
#include <gcrypt.h>
@@ -388,7 +387,7 @@ xmlSecGnuTLSKWDes3Sha1(void * context,
gcry_md_hd_t digestCtx;
unsigned char * res;
unsigned int len;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(in != NULL, -1);
@@ -399,25 +398,25 @@ xmlSecGnuTLSKWDes3Sha1(void * context,
len = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
xmlSecAssert2(outSize >= len, -1);
- ret = gcry_md_open(&digestCtx, GCRY_MD_SHA1, GCRY_MD_FLAG_SECURE); /* we are paranoid */
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_md_open(&digestCtx, GCRY_MD_SHA1, GCRY_MD_FLAG_SECURE); /* we are paranoid */
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_md_open(GCRY_MD_SHA1)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
gcry_md_write(digestCtx, in, inSize);
- ret = gcry_md_final(digestCtx);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_md_final(digestCtx);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_md_final",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
gcry_md_close(digestCtx);
return(-1);
}
@@ -533,7 +532,7 @@ xmlSecGnuTLSKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
size_t key_len = gcry_cipher_get_algo_keylen(GCRY_CIPHER_3DES);
size_t block_len = gcry_cipher_get_algo_blklen(GCRY_CIPHER_3DES);
gcry_cipher_hd_t cipherCtx;
- gpg_err_code_t ret;
+ gcry_error_t err;
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(keySize >= key_len, -1);
@@ -544,57 +543,55 @@ xmlSecGnuTLSKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
- ret = gcry_cipher_open(&cipherCtx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_SECURE); /* we are paranoid */
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_open(&cipherCtx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_SECURE); /* we are paranoid */
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_open(GCRY_CIPHER_3DES)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_setkey(cipherCtx, key, keySize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_setkey(cipherCtx, key, keySize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setkey",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "keySize=%d,ret=%d",
- keySize, ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
- ret = gcry_cipher_setiv(cipherCtx, iv, ivSize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_setiv(cipherCtx, iv, ivSize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_setiv",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ivSize=%d,ret=%d",
- ivSize, ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
return(-1);
}
if(enc) {
- ret = gcry_cipher_encrypt(cipherCtx, out, outSize, in, inSize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_encrypt(cipherCtx, out, outSize, in, inSize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_encrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
gcry_cipher_close(cipherCtx);
return(-1);
}
} else {
- ret = gcry_cipher_decrypt(cipherCtx, out, outSize, in, inSize);
- if(ret != GPG_ERR_NO_ERROR) {
+ err = gcry_cipher_decrypt(cipherCtx, out, outSize, in, inSize);
+ if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_cipher_decrypt",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "ret=%d", ret);
+ XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err));
gcry_cipher_close(cipherCtx);
return(-1);
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
