[xmlsec] cleaned up stubs for rsa/oaep in nss (still waiting for nss changes)
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec] cleaned up stubs for rsa/oaep in nss (still waiting for nss changes)
- Date: Mon, 26 Apr 2010 07:26:40 +0000 (UTC)
commit 14ee16d98cb64adefbb360a9aa6b9477c3d3a590
Author: Aleksey Sanin <aleksey aleksey com>
Date: Sun Apr 25 19:40:51 2010 -0700
cleaned up stubs for rsa/oaep in nss (still waiting for nss changes)
include/xmlsec/mscrypto/crypto.h | 8 +-
include/xmlsec/nss/crypto.h | 11 +-
src/nss/crypto.c | 10 +-
src/nss/keytrans.c | 228 ++++++++++++++++++++-----------------
4 files changed, 140 insertions(+), 117 deletions(-)
---
diff --git a/include/xmlsec/mscrypto/crypto.h b/include/xmlsec/mscrypto/crypto.h
index d5a86da..0d69935 100644
--- a/include/xmlsec/mscrypto/crypto.h
+++ b/include/xmlsec/mscrypto/crypto.h
@@ -55,16 +55,16 @@ XMLSEC_CRYPTO_EXPORT LPWSTR xmlSecMSCryptoConvertLocaleToUnicode(con
/* We need to redefine both to ensure that we can pick the right one at runtime (instead of compile time) */
#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE_A "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE_W L"Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
-#ifdef UNICODE
-#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE_W
+#ifdef UNICODE
+#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE_W
#else
#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE_A
#endif
#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_A "Microsoft Enhanced RSA and AES Cryptographic Provider"
#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_W L"Microsoft Enhanced RSA and AES Cryptographic Provider"
-#ifdef UNICODE
-#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_W
+#ifdef UNICODE
+#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_W
#else
#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_A
#endif
diff --git a/include/xmlsec/nss/crypto.h b/include/xmlsec/nss/crypto.h
index 08b0d04..3873b5b 100644
--- a/include/xmlsec/nss/crypto.h
+++ b/include/xmlsec/nss/crypto.h
@@ -336,7 +336,6 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha384GetKlass(void)
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha512GetKlass(void);
#endif /* XMLSEC_NO_SHA512 */
-
/**
* xmlSecNssTransformRsaPkcs1Id:
*
@@ -346,19 +345,21 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha512GetKlass(void)
xmlSecNssTransformRsaPkcs1GetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaPkcs1GetKlass(void);
+/* aleksey, April 2010: NSS 3.12.6 has CKM_RSA_PKCS_OAEP algorithm but
+ it doesn't implement the SHA1 OAEP PKCS we need
-/* RSA OAEP is not supported by NSS yet */
-#ifdef TODO
+ https://bugzilla.mozilla.org/show_bug.cgi?id=158747
+*/
+#ifdef XMLSEC_NSS_RSA_OAEP_TODO
/**
* xmlSecNssTransformRsaOaepId:
*
* The RSA OAEP key transport transform klass.
*/
-
#define xmlSecNssTransformRsaOaepId \
xmlSecNssTransformRsaOaepGetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaOaepGetKlass(void);
-#endif /* TODO: RSA OAEP is not supported by NSS yet */
+#endif /* XMLSEC_NSS_RSA_OAEP_TODO */
#endif /* XMLSEC_NO_RSA */
diff --git a/src/nss/crypto.c b/src/nss/crypto.c
index 712ff59..9609dc1 100644
--- a/src/nss/crypto.c
+++ b/src/nss/crypto.c
@@ -166,10 +166,14 @@ xmlSecCryptoGetFunctions_nss(void) {
gXmlSecNssFunctions->transformRsaPkcs1GetKlass = xmlSecNssTransformRsaPkcs1GetKlass;
-/* RSA OAEP is not supported by NSS yet */
-#ifdef TODO
+/* aleksey, April 2010: NSS 3.12.6 has CKM_RSA_PKCS_OAEP algorithm but
+ it doesn't implement the SHA1 OAEP PKCS we need
+
+ https://bugzilla.mozilla.org/show_bug.cgi?id=158747
+*/
+#ifdef XMLSEC_NSS_RSA_OAEP_TODO
gXmlSecNssFunctions->transformRsaOaepGetKlass = xmlSecNssTransformRsaOaepGetKlass;
-#endif /* TODO: RSA OAEP is not supported by NSS yet */
+#endif /* XMLSEC_NSS_RSA_OAEP_TODO */
#endif /* XMLSEC_NO_RSA */
diff --git a/src/nss/keytrans.c b/src/nss/keytrans.c
index 14caf5b..6afa599 100644
--- a/src/nss/keytrans.c
+++ b/src/nss/keytrans.c
@@ -51,116 +51,132 @@ struct _xmlSecNssKeyTransportCtx {
xmlSecBufferPtr material ; /* to be encrypted/decrypted material */
} ;
-static int xmlSecNssKeyTransportInitialize(xmlSecTransformPtr transform);
-static void xmlSecNssKeyTransportFinalize(xmlSecTransformPtr transform);
-static int xmlSecNssKeyTransportSetKeyReq(xmlSecTransformPtr transform,
+static int xmlSecNssKeyTransportInitialize (xmlSecTransformPtr transform);
+static void xmlSecNssKeyTransportFinalize (xmlSecTransformPtr transform);
+static int xmlSecNssKeyTransportSetKeyReq (xmlSecTransformPtr transform,
xmlSecKeyReqPtr keyReq);
-static int xmlSecNssKeyTransportSetKey(xmlSecTransformPtr transform,
+static int xmlSecNssKeyTransportSetKey (xmlSecTransformPtr transform,
xmlSecKeyPtr key);
-static int xmlSecNssKeyTransportExecute(xmlSecTransformPtr transform,
+static int xmlSecNssKeyTransportExecute (xmlSecTransformPtr transform,
int last,
xmlSecTransformCtxPtr transformCtx);
static int
xmlSecNssKeyTransportCheckId(xmlSecTransformPtr transform) {
+
#ifndef XMLSEC_NO_RSA
- if( xmlSecTransformCheckId( transform, xmlSecNssTransformRsaPkcs1Id )
-/* RSA OAEP is not supported by NSS yet */
-#ifdef TODO
- || xmlSecTransformCheckId( transform, xmlSecNssTransformRsaOaepId )
-#endif /* TODO: RSA OAEP is not supported by NSS yet */
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaPkcs1Id)) {
+ return(1);
+ }
+#endif /* XMLSEC_NO_RSA */
- ) {
+/* aleksey, April 2010: NSS 3.12.6 has CKM_RSA_PKCS_OAEP algorithm but
+ it doesn't implement the SHA1 OAEP PKCS we need
- return(1);
+ https://bugzilla.mozilla.org/show_bug.cgi?id=158747
+*/
+#ifdef XMLSEC_NSS_RSA_OAEP_TODO
+#ifndef XMLSEC_NO_RSA
+ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaOaepId)) {
+ return (1);
}
#endif /* XMLSEC_NO_RSA */
+#endif /* XMLSEC_NSS_RSA_OAEP_TODO */
+ /* not found */
return(0);
}
static int
xmlSecNssKeyTransportInitialize(xmlSecTransformPtr transform) {
- xmlSecNssKeyTransportCtxPtr context ;
+ xmlSecNssKeyTransportCtxPtr context ;
xmlSecAssert2(xmlSecNssKeyTransportCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyTransportSize), -1);
- context = xmlSecNssKeyTransportGetCtx( transform ) ;
- xmlSecAssert2( context != NULL , -1 ) ;
+ context = xmlSecNssKeyTransportGetCtx( transform ) ;
+ xmlSecAssert2( context != NULL , -1 ) ;
+
+ /* initialize context */
+ memset(context, 0, sizeof(xmlSecNssKeyTransportCtx));
#ifndef XMLSEC_NO_RSA
- if( transform->id == xmlSecNssTransformRsaPkcs1Id ) {
- context->cipher = CKM_RSA_PKCS ;
- context->keyId = xmlSecNssKeyDataRsaId ;
-/* RSA OAEP is not supported by NSS yet */
-#ifdef TODO
- } else if( transform->id == xmlSecNssTransformRsaOaepId ) {
- context->cipher = CKM_RSA_PKCS_OAEP ;
- context->keyId = xmlSecNssKeyDataRsaId ;
-#endif /* TODO: RSA OAEP is not supported by NSS yet */
- } else
-#endif /* XMLSEC_NO_RSA */
-
- if( 1 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
+ if(transform->id == xmlSecNssTransformRsaPkcs1Id) {
+ context->cipher = CKM_RSA_PKCS;
+ context->keyId = xmlSecNssKeyDataRsaId;
+ } else
+#endif /* XMLSEC_NO_RSA */
+
+/* aleksey, April 2010: NSS 3.12.6 has CKM_RSA_PKCS_OAEP algorithm but
+ it doesn't implement the SHA1 OAEP PKCS we need
+
+ https://bugzilla.mozilla.org/show_bug.cgi?id=158747
+*/
+#ifdef XMLSEC_NSS_RSA_OAEP_TODO
+#ifndef XMLSEC_NO_RSA
+ if(transform->id == xmlSecNssTransformRsaOaepId) {
+ context->cipher = CKM_RSA_PKCS_OAEP;
+ context->keyId = xmlSecNssKeyDataRsaId;
+ } else
+#endif /* XMLSEC_NO_RSA */
+#endif /* XMLSEC_NSS_RSA_OAEP_TODO */
+
+ /* not found */
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
NULL ,
XMLSEC_ERRORS_R_CRYPTO_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- context->pubkey = NULL ;
- context->prikey = NULL ;
- context->material = NULL ;
+ return(-1);
+ }
return(0);
}
static void
xmlSecNssKeyTransportFinalize(xmlSecTransformPtr transform) {
- xmlSecNssKeyTransportCtxPtr context ;
+ xmlSecNssKeyTransportCtxPtr context ;
xmlSecAssert(xmlSecNssKeyTransportCheckId(transform));
xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecNssKeyTransportSize));
- context = xmlSecNssKeyTransportGetCtx( transform ) ;
- xmlSecAssert( context != NULL ) ;
+ context = xmlSecNssKeyTransportGetCtx( transform ) ;
+ xmlSecAssert( context != NULL ) ;
- if( context->pubkey != NULL ) {
- SECKEY_DestroyPublicKey( context->pubkey ) ;
- context->pubkey = NULL ;
- }
+ if( context->pubkey != NULL ) {
+ SECKEY_DestroyPublicKey( context->pubkey ) ;
+ context->pubkey = NULL ;
+ }
- if( context->prikey != NULL ) {
- SECKEY_DestroyPrivateKey( context->prikey ) ;
- context->prikey = NULL ;
- }
+ if( context->prikey != NULL ) {
+ SECKEY_DestroyPrivateKey( context->prikey ) ;
+ context->prikey = NULL ;
+ }
- if( context->material != NULL ) {
- xmlSecBufferDestroy(context->material);
- context->material = NULL ;
- }
+ if( context->material != NULL ) {
+ xmlSecBufferDestroy(context->material);
+ context->material = NULL ;
+ }
}
static int
xmlSecNssKeyTransportSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
- xmlSecNssKeyTransportCtxPtr context ;
+ xmlSecNssKeyTransportCtxPtr context ;
xmlSecAssert2(xmlSecNssKeyTransportCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyTransportSize), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(keyReq != NULL, -1);
- context = xmlSecNssKeyTransportGetCtx( transform ) ;
- xmlSecAssert2( context != NULL , -1 ) ;
+ context = xmlSecNssKeyTransportGetCtx( transform ) ;
+ xmlSecAssert2( context != NULL , -1 ) ;
keyReq->keyId = context->keyId;
if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+ keyReq->keyUsage = xmlSecKeyUsageEncrypt;
keyReq->keyType = xmlSecKeyDataTypePublic;
} else {
- keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+ keyReq->keyUsage = xmlSecKeyUsageDecrypt;
keyReq->keyType = xmlSecKeyDataTypePrivate;
}
@@ -169,62 +185,62 @@ xmlSecNssKeyTransportSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr ke
static int
xmlSecNssKeyTransportSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
- xmlSecNssKeyTransportCtxPtr context = NULL ;
- xmlSecKeyDataPtr keyData = NULL ;
- SECKEYPublicKey* pubkey = NULL ;
- SECKEYPrivateKey* prikey = NULL ;
+ xmlSecNssKeyTransportCtxPtr context = NULL ;
+ xmlSecKeyDataPtr keyData = NULL ;
+ SECKEYPublicKey* pubkey = NULL ;
+ SECKEYPrivateKey* prikey = NULL ;
xmlSecAssert2(xmlSecNssKeyTransportCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyTransportSize), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(key != NULL, -1);
- context = xmlSecNssKeyTransportGetCtx( transform ) ;
- if( (context == NULL) || (context->keyId == NULL) || (context->pubkey != NULL) ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
+ context = xmlSecNssKeyTransportGetCtx( transform ) ;
+ if( (context == NULL) || (context->keyId == NULL) || (context->pubkey != NULL) ) {
+ xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
"xmlSecNssKeyTransportGetCtx" ,
XMLSEC_ERRORS_R_CRYPTO_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
- xmlSecAssert2( xmlSecKeyCheckId( key, context->keyId ), -1 ) ;
+ return(-1);
+ }
+ xmlSecAssert2( xmlSecKeyCheckId( key, context->keyId ), -1 ) ;
- keyData = xmlSecKeyGetValue( key ) ;
- if( keyData == NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
+ keyData = xmlSecKeyGetValue( key ) ;
+ if( keyData == NULL ) {
+ xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyGetName( key ) ) ,
"xmlSecKeyGetValue" ,
XMLSEC_ERRORS_R_CRYPTO_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
+ return(-1);
+ }
if(transform->operation == xmlSecTransformOperationEncrypt) {
- if( ( pubkey = xmlSecNssPKIKeyDataGetPubKey( keyData ) ) == NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
+ if( ( pubkey = xmlSecNssPKIKeyDataGetPubKey( keyData ) ) == NULL ) {
+ xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyDataGetName( keyData ) ) ,
"xmlSecNssPKIKeyDataGetPubKey" ,
XMLSEC_ERRORS_R_CRYPTO_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
+ return(-1);
+ }
- context->pubkey = pubkey ;
- } else {
- if( ( prikey = xmlSecNssPKIKeyDataGetPrivKey( keyData ) ) == NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
+ context->pubkey = pubkey ;
+ } else {
+ if( ( prikey = xmlSecNssPKIKeyDataGetPrivKey( keyData ) ) == NULL ) {
+ xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyDataGetName( keyData ) ) ,
"xmlSecNssPKIKeyDataGetPrivKey" ,
XMLSEC_ERRORS_R_CRYPTO_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- context->prikey = prikey ;
+ return(-1);
}
- return(0) ;
+ context->prikey = prikey ;
+ }
+
+ return(0) ;
}
/**
@@ -422,7 +438,7 @@ xmlSecNssKeyTransportCtxFinal(xmlSecNssKeyTransportCtxPtr ctx, xmlSecBufferPtr
SECItem wrpskv ;
/* Create template symmetric key from material */
- slot = ctx->pubkey->pkcs11Slot;
+ slot = ctx->pubkey->pkcs11Slot;
if( slot == NULL ) {
slot = PK11_GetBestSlot( ctx->cipher, NULL ) ;
if( slot == NULL ) {
@@ -494,7 +510,7 @@ xmlSecNssKeyTransportCtxFinal(xmlSecNssKeyTransportCtxPtr ctx, xmlSecBufferPtr
SECItem* keyItem ;
/* pay attention to mechanism */
- symKey = PK11_PubUnwrapSymKey( ctx->prikey, &oriskv, ctx->cipher, CKA_UNWRAP, 0 );
+ symKey = PK11_PubUnwrapSymKey( ctx->prikey, &oriskv, ctx->cipher, CKA_UNWRAP, 0 );
if( symKey == NULL ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
NULL ,
@@ -517,7 +533,7 @@ xmlSecNssKeyTransportCtxFinal(xmlSecNssKeyTransportCtxPtr ctx, xmlSecBufferPtr
return(-1);
}
- keyItem = PK11_GetKeyData( symKey );
+ keyItem = PK11_GetKeyData( symKey );
if( keyItem == NULL ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
NULL ,
@@ -566,7 +582,7 @@ xmlSecNssKeyTransportExecute(xmlSecTransformPtr transform, int last, xmlSecTrans
xmlSecAssert2( xmlSecNssKeyTransportCheckId( transform ), -1 ) ;
xmlSecAssert2( xmlSecTransformCheckSize( transform, xmlSecNssKeyTransportSize ), -1 ) ;
- xmlSecAssert2( ( transform->operation == xmlSecTransformOperationEncrypt ) || ( transform->operation == xmlSecTransformOperationDecrypt ), -1 ) ;
+ xmlSecAssert2( ( transform->operation == xmlSecTransformOperationEncrypt ) || ( transform->operation == xmlSecTransformOperationDecrypt ), -1 ) ;
xmlSecAssert2( transformCtx != NULL , -1 ) ;
context = xmlSecNssKeyTransportGetCtx( transform ) ;
@@ -656,29 +672,28 @@ xmlSecNssKeyTransportExecute(xmlSecTransformPtr transform, int last, xmlSecTrans
#ifndef XMLSEC_NO_RSA
-
static xmlSecTransformKlass xmlSecNssRsaPkcs1Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecNssKeyTransportSize, /* xmlSecSize objSize */
+ xmlSecNssKeyTransportSize, /* xmlSecSize objSize */
xmlSecNameRsaPkcs1, /* const xmlChar* name; */
xmlSecHrefRsaPkcs1, /* const xmlChar* href; */
xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */
- xmlSecNssKeyTransportInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecNssKeyTransportFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecNssKeyTransportInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssKeyTransportFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecNssKeyTransportSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
- xmlSecNssKeyTransportSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssKeyTransportSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
+ xmlSecNssKeyTransportSetKey, /* xmlSecTransformSetKeyMethod setKey; */
NULL, /* xmlSecTransformValidateMethod validate; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecNssKeyTransportExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecNssKeyTransportExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -695,33 +710,37 @@ xmlSecTransformId
xmlSecNssTransformRsaPkcs1GetKlass(void) {
return(&xmlSecNssRsaPkcs1Klass);
}
+#endif /* XMLSEC_NO_RSA */
+/* aleksey, April 2010: NSS 3.12.6 has CKM_RSA_PKCS_OAEP algorithm but
+ it doesn't implement the SHA1 OAEP PKCS we need
-/* RSA OAEP is not supported by NSS yet */
-#ifdef TODO
-
+ https://bugzilla.mozilla.org/show_bug.cgi?id=158747
+*/
+#ifdef XMLSEC_NSS_RSA_OAEP_TODO
+#ifndef XMLSEC_NO_RSA
static xmlSecTransformKlass xmlSecNssRsaOaepKlass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecNssKeyTransportSize, /* xmlSecSize objSize */
+ xmlSecNssKeyTransportSize, /* xmlSecSize objSize */
xmlSecNameRsaOaep, /* const xmlChar* name; */
xmlSecHrefRsaOaep, /* const xmlChar* href; */
xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */
- xmlSecNssKeyTransportInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecNssKeyTransportFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecNssKeyTransportInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecNssKeyTransportFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecNssKeyTransportSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
- xmlSecNssKeyTransportSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecNssKeyTransportSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
+ xmlSecNssKeyTransportSetKey, /* xmlSecTransformSetKeyMethod setKey; */
NULL, /* xmlSecTransformValidateMethod validate; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecNssKeyTransportExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecNssKeyTransportExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -738,7 +757,6 @@ xmlSecTransformId
xmlSecNssTransformRsaOaepGetKlass(void) {
return(&xmlSecNssRsaOaepKlass);
}
-#endif /* TODO: RSA OAEP is not supported by NSS yet */
-
#endif /* XMLSEC_NO_RSA */
+#endif /* XMLSEC_NSS_RSA_OAEP_TODO */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
