[xmlsec] add RSA/DSA support for xmlsec-gnutls
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec] add RSA/DSA support for xmlsec-gnutls
- Date: Fri, 14 May 2010 02:28:55 +0000 (UTC)
commit 3762a2e03ddcacd4e8444994f311d2c08272d53c
Author: Aleksey Sanin <aleksey aleksey com>
Date: Wed May 12 21:16:33 2010 -0700
add RSA/DSA support for xmlsec-gnutls
ChangeLog | 2 +
docs/xmldsig.html | 14 ++--
include/xmlsec/gnutls/crypto.h | 36 +++++-----
src/gnutls/Makefile.am | 2 +
src/gnutls/asymkeys.c | 149 ++++++++++++++++++++++++++++++++++++++++
src/gnutls/ciphers.c | 4 +-
src/gnutls/crypto.c | 8 --
src/gnutls/signatures.c | 148 +++++++++++++++++++++++++++++++++++++++
8 files changed, 330 insertions(+), 33 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 9db2952..df2422d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,8 @@
* Several patches from Roumen: support NSS/NSPR from seamonkey
package; reorder libxmlsec as dep. lib for mingw; fix gcrypt/src/asn1.h
include; fix Unicode build for mingw
+ * Added RSA/SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160 for xmlsec-gnutls
+ * Added DSA/SHA1 for xmlsec-gnutls
2010-05-10 Aleksey Sanin <aleksey aleksey com>
* Added RSA/SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160 for xmlsec-gcrypt
diff --git a/docs/xmldsig.html b/docs/xmldsig.html
index 4edc3b9..f69b36d 100644
--- a/docs/xmldsig.html
+++ b/docs/xmldsig.html
@@ -335,7 +335,7 @@ X509Data)<br>
<td align="left" valign="top">Y<a href="#dsa-sha1"><sup>(1)</sup></a>
<br>
</td>
- <td style="vertical-align: top;">N<br>
+ <td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
@@ -350,7 +350,7 @@ X509Data)<br>
</td>
<td align="left" valign="top">Y<br>
</td>
- <td style="vertical-align: top;">N<br>
+ <td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
@@ -620,7 +620,7 @@ MSCrypto</b> </td>
</td>
<td style="vertical-align: top;">Y<br>
</td>
- <td style="vertical-align: top;">N<br>
+ <td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
@@ -648,7 +648,7 @@ MSCrypto</b> </td>
</td>
<td style="vertical-align: top;">Y<br>
</td>
- <td style="vertical-align: top;">N<br>
+ <td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
@@ -662,7 +662,7 @@ MSCrypto</b> </td>
</td>
<td style="vertical-align: top;">Y<br>
</td>
- <td style="vertical-align: top;">N<br>
+ <td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
@@ -676,7 +676,7 @@ MSCrypto</b> </td>
</td>
<td style="vertical-align: top;">Y<br>
</td>
- <td style="vertical-align: top;">N<br>
+ <td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
@@ -689,7 +689,7 @@ MSCrypto</b> </td>
<td style="vertical-align: top; width: 40%;">RSA-RIPEMD160</td>
<td style="vertical-align: top;">Y<br>
</td>
- <td style="vertical-align: top;">N<br>
+ <td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
diff --git a/include/xmlsec/gnutls/crypto.h b/include/xmlsec/gnutls/crypto.h
index 107ee0d..09ac5b4 100644
--- a/include/xmlsec/gnutls/crypto.h
+++ b/include/xmlsec/gnutls/crypto.h
@@ -151,7 +151,9 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformKWDes3GetKlass(void)
*
*******************************************************************/
#ifndef XMLSEC_NO_DSA
-#include <gcrypt.h>
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
/**
* xmlSecGnuTLSKeyDataDsaId:
@@ -161,13 +163,13 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformKWDes3GetKlass(void)
#define xmlSecGnuTLSKeyDataDsaId \
xmlSecGnuTLSKeyDataDsaGetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecGnuTLSKeyDataDsaGetKlass (void);
-XMLSEC_CRYPTO_EXPORT int xmlSecGnuTLSKeyDataDsaAdoptKey (xmlSecKeyDataPtr data,
- gcry_sexp_t dsa_key);
-XMLSEC_CRYPTO_EXPORT int xmlSecGnuTLSKeyDataDsaAdoptKeyPair (xmlSecKeyDataPtr data,
- gcry_sexp_t pub_key,
- gcry_sexp_t priv_key);
-XMLSEC_CRYPTO_EXPORT gcry_sexp_t xmlSecGnuTLSKeyDataDsaGetPublicKey (xmlSecKeyDataPtr data);
-XMLSEC_CRYPTO_EXPORT gcry_sexp_t xmlSecGnuTLSKeyDataDsaGetPrivateKey (xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int xmlSecGnuTLSKeyDataDsaAdoptPrivateKey (xmlSecKeyDataPtr data,
+ gnutls_x509_privkey_t dsa_key);
+XMLSEC_CRYPTO_EXPORT int xmlSecGnuTLSKeyDataDsaAdoptPublicKey (xmlSecKeyDataPtr data,
+ gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * g,
+ gnutls_datum_t * y);
#ifndef XMLSEC_NO_SHA1
/**
@@ -281,7 +283,9 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformHmacSha512GetKlass(v
*
*******************************************************************/
#ifndef XMLSEC_NO_RSA
-#include <gcrypt.h>
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
/**
* xmlSecGnuTLSKeyDataRsaId:
@@ -290,14 +294,12 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformHmacSha512GetKlass(v
*/
#define xmlSecGnuTLSKeyDataRsaId \
xmlSecGnuTLSKeyDataRsaGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecGnuTLSKeyDataRsaGetKlass (void);
-XMLSEC_CRYPTO_EXPORT int xmlSecGnuTLSKeyDataRsaAdoptKey (xmlSecKeyDataPtr data,
- gcry_sexp_t rsa_key);
-XMLSEC_CRYPTO_EXPORT int xmlSecGnuTLSKeyDataRsaAdoptKeyPair (xmlSecKeyDataPtr data,
- gcry_sexp_t pub_key,
- gcry_sexp_t priv_key);
-XMLSEC_CRYPTO_EXPORT gcry_sexp_t xmlSecGnuTLSKeyDataRsaGetPublicKey (xmlSecKeyDataPtr data);
-XMLSEC_CRYPTO_EXPORT gcry_sexp_t xmlSecGnuTLSKeyDataRsaGetPrivateKey (xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecGnuTLSKeyDataRsaGetKlass (void);
+XMLSEC_CRYPTO_EXPORT int xmlSecGnuTLSKeyDataRsaAdoptPrivateKey (xmlSecKeyDataPtr data,
+ gnutls_x509_privkey_t rsa_key);
+XMLSEC_CRYPTO_EXPORT int xmlSecGnuTLSKeyDataRsaAdoptPublicKey (xmlSecKeyDataPtr data,
+ gnutls_datum_t * m,
+ gnutls_datum_t * e);
#ifndef XMLSEC_NO_MD5
/**
diff --git a/src/gnutls/Makefile.am b/src/gnutls/Makefile.am
index a96571b..bfbf2d8 100644
--- a/src/gnutls/Makefile.am
+++ b/src/gnutls/Makefile.am
@@ -27,6 +27,8 @@ libxmlsec1_gnutls_la_SOURCES =\
kw_aes.c \
kw_des.c \
symkeys.c \
+ asymkeys.c \
+ signatures.c \
globals.h \
$(NULL)
diff --git a/src/gnutls/asymkeys.c b/src/gnutls/asymkeys.c
new file mode 100644
index 0000000..cbb43ae
--- /dev/null
+++ b/src/gnutls/asymkeys.c
@@ -0,0 +1,149 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey aleksey com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/base64.h>
+#include <xmlsec/keyinfo.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gnutls/crypto.h>
+
+/**************************************************************************
+ *
+ * We use xmlsec-gcrypt for all the basic crypto ops
+ *
+ *****************************************************************************/
+#include <xmlsec/gcrypt/crypto.h>
+#include <gcrypt.h>
+
+#ifndef XMLSEC_NO_DSA
+
+/**
+ * xmlSecGnuTLSKeyDataDsaGetKlass:
+ *
+ * The DSA key data klass.
+ *
+ * Returns: pointer to DSA key data klass.
+ */
+xmlSecKeyDataId
+xmlSecGnuTLSKeyDataDsaGetKlass(void) {
+ return (xmlSecGCryptKeyDataDsaGetKlass());
+}
+
+/**
+ * xmlSecGnuTLSKeyDataDsaAdoptPrivateKey:
+ * @data: the pointer to DSA key data.
+ * @dsa_key: the pointer to GnuTLS DSA private key.
+ *
+ * Sets the value of DSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGnuTLSKeyDataDsaAdoptPrivateKey(xmlSecKeyDataPtr data, gnutls_x509_privkey_t dsa_key) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataDsaId), -1);
+ xmlSecAssert2(dsa_key != NULL, -1);
+
+ /* ALEKSEY_TODO */
+ return(0);
+}
+
+
+/**
+ * xmlSecGnuTLSKeyDataDsaAdoptPublicKey:
+ * @data: the pointer to DSA key data.
+ * @p: the pointer to p component of the DSA public key
+ * @q: the pointer to q component of the DSA public key
+ * @g: the pointer to g component of the DSA public key
+ * @y: the pointer to y component of the DSA public key
+ *
+ * Sets the value of DSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGnuTLSKeyDataDsaAdoptPublicKey(xmlSecKeyDataPtr data,
+ gnutls_datum_t * p, gnutls_datum_t * q,
+ gnutls_datum_t * g, gnutls_datum_t * y) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataDsaId), -1);
+ xmlSecAssert2(p != NULL, -1);
+ xmlSecAssert2(q != NULL, -1);
+ xmlSecAssert2(g != NULL, -1);
+ xmlSecAssert2(y != NULL, -1);
+
+ /* ALEKSEY_TODO */
+ return(0);
+}
+
+#endif /* XMLSEC_NO_DSA */
+
+
+#ifndef XMLSEC_NO_RSA
+
+/**
+ * xmlSecGnuTLSKeyDataRsaGetKlass:
+ *
+ * The GnuTLS RSA key data klass.
+ *
+ * Returns: pointer to GnuTLS RSA key data klass.
+ */
+xmlSecKeyDataId
+xmlSecGnuTLSKeyDataRsaGetKlass(void) {
+ return (xmlSecGCryptKeyDataRsaGetKlass());
+}
+
+/**
+ * xmlSecGnuTLSKeyDataRsaAdoptPrivateKey:
+ * @data: the pointer to RSA key data.
+ * @rsa_key: the pointer to GnuTLS RSA private key.
+ *
+ * Sets the value of RSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGnuTLSKeyDataRsaAdoptPrivateKey(xmlSecKeyDataPtr data, gnutls_x509_privkey_t rsa_key) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataRsaId), -1);
+ xmlSecAssert2(rsa_key != NULL, -1);
+
+ /* ALEKSEY_TODO */
+ return(0);
+}
+
+
+/**
+ * xmlSecGnuTLSKeyDataRsaAdoptPublicKey:
+ * @data: the pointer to RSA key data.
+ * @m: the pointer to m component of the RSA public key
+ * @e: the pointer to e component of the RSA public key
+ *
+ * Sets the value of RSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGnuTLSKeyDataRsaAdoptPublicKey(xmlSecKeyDataPtr data,
+ gnutls_datum_t * m, gnutls_datum_t * e) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataRsaId), -1);
+ xmlSecAssert2(m != NULL, -1);
+ xmlSecAssert2(e != NULL, -1);
+
+ /* ALEKSEY_TODO */
+ return(0);
+}
+#endif /* XMLSEC_NO_RSA */
diff --git a/src/gnutls/ciphers.c b/src/gnutls/ciphers.c
index 0ea5d6c..eacfede 100644
--- a/src/gnutls/ciphers.c
+++ b/src/gnutls/ciphers.c
@@ -17,7 +17,6 @@
#include <xmlsec/gnutls/crypto.h>
-
/**************************************************************************
*
* We use xmlsec-gcrypt for all the basic crypto ops
@@ -25,6 +24,9 @@
*****************************************************************************/
#include <xmlsec/gcrypt/crypto.h>
+
+
+
#ifndef XMLSEC_NO_AES
/**
diff --git a/src/gnutls/crypto.c b/src/gnutls/crypto.c
index 77107fa..15f349d 100644
--- a/src/gnutls/crypto.c
+++ b/src/gnutls/crypto.c
@@ -64,21 +64,17 @@ xmlSecCryptoGetFunctions_gnutls(void) {
gXmlSecGnuTLSFunctions->keyDataDesGetKlass = xmlSecGnuTLSKeyDataDesGetKlass;
#endif /* XMLSEC_NO_DES */
-#ifdef ALEKSEY_TODO
#ifndef XMLSEC_NO_DSA
gXmlSecGnuTLSFunctions->keyDataDsaGetKlass = xmlSecGnuTLSKeyDataDsaGetKlass;
#endif /* XMLSEC_NO_DSA */
-#endif /* ALEKSEY_TODO */
#ifndef XMLSEC_NO_HMAC
gXmlSecGnuTLSFunctions->keyDataHmacGetKlass = xmlSecGnuTLSKeyDataHmacGetKlass;
#endif /* XMLSEC_NO_HMAC */
-#ifdef ALEKSEY_TODO
#ifndef XMLSEC_NO_RSA
gXmlSecGnuTLSFunctions->keyDataRsaGetKlass = xmlSecGnuTLSKeyDataRsaGetKlass;
#endif /* XMLSEC_NO_RSA */
-#endif /* ALEKSEY_TODO */
/********************************************************************
*
@@ -109,7 +105,6 @@ xmlSecCryptoGetFunctions_gnutls(void) {
#endif /* XMLSEC_NO_DES */
/******************************* DSA ********************************/
-#ifdef ALEKSEY_TODO
#ifndef XMLSEC_NO_DSA
#ifndef XMLSEC_NO_SHA1
@@ -117,7 +112,6 @@ xmlSecCryptoGetFunctions_gnutls(void) {
#endif /* XMLSEC_NO_SHA1 */
#endif /* XMLSEC_NO_DSA */
-#endif /* ALEKSEY_TODO */
/******************************* HMAC ********************************/
#ifndef XMLSEC_NO_HMAC
@@ -159,7 +153,6 @@ xmlSecCryptoGetFunctions_gnutls(void) {
#endif /* XMLSEC_NO_RIPEMD160 */
/******************************* RSA ********************************/
-#ifdef ALEKSEY_TODO
#ifndef XMLSEC_NO_RSA
#ifndef XMLSEC_NO_MD5
@@ -187,7 +180,6 @@ xmlSecCryptoGetFunctions_gnutls(void) {
#endif /* XMLSEC_NO_SHA512 */
#endif /* XMLSEC_NO_RSA */
-#endif /* ALEKSEY_TODO */
/******************************* SHA ********************************/
#ifndef XMLSEC_NO_SHA1
diff --git a/src/gnutls/signatures.c b/src/gnutls/signatures.c
new file mode 100644
index 0000000..98d1f83
--- /dev/null
+++ b/src/gnutls/signatures.c
@@ -0,0 +1,148 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey aleksey com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gnutls/crypto.h>
+
+/**************************************************************************
+ *
+ * We use xmlsec-gcrypt for all the basic crypto ops
+ *
+ *****************************************************************************/
+#include <xmlsec/gcrypt/crypto.h>
+#include <gcrypt.h>
+
+
+#ifndef XMLSEC_NO_DSA
+
+#ifndef XMLSEC_NO_SHA1
+
+/**
+ * xmlSecGnuTLSTransformDsaSha1GetKlass:
+ *
+ * The DSA-SHA1 signature transform klass.
+ *
+ * Returns: DSA-SHA1 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformDsaSha1GetKlass(void) {
+ return (xmlSecGCryptTransformDsaSha1GetKlass());
+}
+
+#endif /* XMLSEC_NO_SHA1 */
+
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+
+/**
+ * xmlSecGnuTLSTransformRsaMd5GetKlass:
+ *
+ * The RSA-MD5 signature transform klass.
+ *
+ * Returns: RSA-MD5 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaMd5GetKlass(void) {
+ return (xmlSecGCryptTransformRsaMd5GetKlass());
+}
+
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+
+/**
+ * xmlSecGnuTLSTransformRsaRipemd160GetKlass:
+ *
+ * The RSA-RIPEMD160 signature transform klass.
+ *
+ * Returns: RSA-RIPEMD160 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaRipemd160GetKlass(void) {
+ return (xmlSecGCryptTransformRsaRipemd160GetKlass());
+}
+
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecGnuTLSTransformRsaSha1GetKlass:
+ *
+ * The RSA-SHA1 signature transform klass.
+ *
+ * Returns: RSA-SHA1 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaSha1GetKlass(void) {
+ return (xmlSecGCryptTransformRsaSha1GetKlass());
+}
+
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+
+/**
+ * xmlSecGnuTLSTransformRsaSha256GetKlass:
+ *
+ * The RSA-SHA256 signature transform klass.
+ *
+ * Returns: RSA-SHA256 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaSha256GetKlass(void) {
+ return (xmlSecGCryptTransformRsaSha256GetKlass());
+}
+
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+
+/**
+ * xmlSecGnuTLSTransformRsaSha384GetKlass:
+ *
+ * The RSA-SHA384 signature transform klass.
+ *
+ * Returns: RSA-SHA384 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaSha384GetKlass(void) {
+ return (xmlSecGCryptTransformRsaSha384GetKlass());
+}
+
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecGnuTLSTransformRsaSha512GetKlass:
+ *
+ * The RSA-SHA512 signature transform klass.
+ *
+ * Returns: RSA-SHA512 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaSha512GetKlass(void) {
+ return (xmlSecGCryptTransformRsaSha512GetKlass());
+}
+
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+
+
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
