libxmlsec/src/akmngr_mscrypto.c

   1 /**
   2  * XMLSec library
   3  *
   4  * This is free software; see Copyright file in the source
   5  * distribution for preciese wording.
   6  *
   7  * Copyright.........................
   8  */
   9 #include "globals.h"
  10
  11 #include <xmlsec/xmlsec.h>
  12 #include <xmlsec/keys.h>
  13 #include <xmlsec/keysmngr.h>
  14 #include <xmlsec/transforms.h>
  15 #include <xmlsec/errors.h>
  16
  17 #include <xmlsec/mscrypto/crypto.h>
  18 #include <xmlsec/mscrypto/keysstore.h>
  19 #include <xmlsec/mscrypto/akmngr.h>
  20 #include <xmlsec/mscrypto/x509.h>
  21
  22 /**
  23  * xmlSecMSCryptoAppliedKeysMngrCreate:
  24  * @hKeyStore:      the pointer to key store.
  25  * @hCertStore:     the pointer to certificate database.
  26  *
  27  * Create and load key store and certificate database into keys manager
  28  *
  29  * Returns keys manager pointer on success or NULL otherwise.
  30  */
  31 xmlSecKeysMngrPtr
  32 xmlSecMSCryptoAppliedKeysMngrCreate(
  33     HCERTSTORE hKeyStore ,
  34     HCERTSTORE hCertStore
  35 ) {
  36     xmlSecKeyDataStorePtr   certStore = NULL ;
  37     xmlSecKeysMngrPtr       keyMngr = NULL ;
  38     xmlSecKeyStorePtr       keyStore = NULL ;
  39
  40     keyStore = xmlSecKeyStoreCreate( xmlSecMSCryptoKeysStoreId ) ;
  41     if( keyStore == NULL ) {
  42         xmlSecError( XMLSEC_ERRORS_HERE ,
  43             NULL ,
  44             "xmlSecKeyStoreCreate" ,
  45             XMLSEC_ERRORS_R_XMLSEC_FAILED ,
  46             XMLSEC_ERRORS_NO_MESSAGE ) ;
  47         return NULL ;
  48     }
  49
  50     /*-
  51      * At present, MS Crypto engine do not provide a way to setup a key store.
  52      */
  53     if( keyStore != NULL ) {
  54         /*TODO: binding key store.*/
  55     }
  56
  57     keyMngr = xmlSecKeysMngrCreate() ;
  58     if( keyMngr == NULL ) {
  59         xmlSecError( XMLSEC_ERRORS_HERE ,
  60             NULL ,
  61             "xmlSecKeysMngrCreate" ,
  62             XMLSEC_ERRORS_R_XMLSEC_FAILED ,
  63             XMLSEC_ERRORS_NO_MESSAGE ) ;
  64
  65         xmlSecKeyStoreDestroy( keyStore ) ;
  66         return NULL ;
  67     }
  68
  69     /*-
  70      * Add key store to manager, from now on keys manager destroys the store if
  71      * needed
  72      */
  73     if( xmlSecKeysMngrAdoptKeysStore( keyMngr, keyStore ) < 0 ) {
  74         xmlSecError( XMLSEC_ERRORS_HERE ,
  75             xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
  76             "xmlSecKeysMngrAdoptKeyStore" ,
  77             XMLSEC_ERRORS_R_XMLSEC_FAILED ,
  78             XMLSEC_ERRORS_NO_MESSAGE ) ;
  79
  80         xmlSecKeyStoreDestroy( keyStore ) ;
  81         xmlSecKeysMngrDestroy( keyMngr ) ;
  82         return NULL ;
  83     }
  84
  85     /*-
  86      * Initialize crypto library specific data in keys manager
  87      */
  88     if( xmlSecMSCryptoKeysMngrInit( keyMngr ) < 0 ) {
  89         xmlSecError( XMLSEC_ERRORS_HERE ,
  90             NULL ,
  91             "xmlSecMSCryptoKeysMngrInit" ,
  92             XMLSEC_ERRORS_R_XMLSEC_FAILED ,
  93             XMLSEC_ERRORS_NO_MESSAGE ) ;
  94
  95         xmlSecKeysMngrDestroy( keyMngr ) ;
  96         return NULL ;
  97     }
  98
  99     /*-
 100      * Set certificate databse to X509 key data store
 101      */
 102     /*-
 103      * At present, MS Crypto engine do not provide a way to setup a cert store.
 104      */
 105
 106     /*-
 107      * Set the getKey callback
 108      */
 109     keyMngr->getKey = xmlSecKeysMngrGetKey ;
 110
 111     return keyMngr ;
 112 }
 113
 114 int
 115 xmlSecMSCryptoAppliedKeysMngrSymKeyLoad(
 116     xmlSecKeysMngrPtr   mngr ,
 117     HCRYPTKEY           symKey
 118 ) {
 119     /*TODO: import the key into keys manager.*/
 120     return(0) ;
 121 }
 122
 123 int
 124 xmlSecMSCryptoAppliedKeysMngrPubKeyLoad(
 125     xmlSecKeysMngrPtr   mngr ,
 126     HCRYPTKEY   pubKey
 127 ) {
 128     /*TODO: import the key into keys manager.*/
 129     return(0) ;
 130 }
 131
 132 int
 133 xmlSecMSCryptoAppliedKeysMngrPriKeyLoad(
 134     xmlSecKeysMngrPtr   mngr ,
 135     HCRYPTKEY   priKey
 136 ) {
 137     /*TODO: import the key into keys manager.*/
 138     return(0) ;
 139 }
 140
 141 int
 142 xmlSecMSCryptoAppliedKeysMngrAdoptKeyStore (
 143     xmlSecKeysMngrPtr   mngr ,
 144     HCERTSTORE keyStore
 145 ) {
 146     xmlSecKeyDataStorePtr x509Store ;
 147
 148     xmlSecAssert2( mngr != NULL, -1 ) ;
 149     xmlSecAssert2( keyStore != NULL, -1 ) ;
 150
 151     x509Store = xmlSecKeysMngrGetDataStore( mngr, xmlSecMSCryptoX509StoreId ) ;
 152     if( x509Store == NULL ) {
 153         xmlSecError( XMLSEC_ERRORS_HERE ,
 154             NULL ,
 155             "xmlSecKeysMngrGetDataStore" ,
 156             XMLSEC_ERRORS_R_XMLSEC_FAILED ,
 157             XMLSEC_ERRORS_NO_MESSAGE ) ;
 158         return( -1 ) ;
 159     }
 160
 161     if( xmlSecMSCryptoX509StoreAdoptKeyStore( x509Store, keyStore ) < 0 ) {
 162         xmlSecError( XMLSEC_ERRORS_HERE ,
 163             xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName( x509Store ) ) ,
 164             "xmlSecMSCryptoX509StoreAdoptKeyStore" ,
 165             XMLSEC_ERRORS_R_XMLSEC_FAILED ,
 166             XMLSEC_ERRORS_NO_MESSAGE ) ;
 167         return( -1 ) ;
 168     }
 169
 170     return( 0 ) ;
 171 }
 172
 173 int
 174 xmlSecMSCryptoAppliedKeysMngrAdoptTrustedStore (
 175     xmlSecKeysMngrPtr   mngr ,
 176     HCERTSTORE trustedStore
 177 ) {
 178     xmlSecKeyDataStorePtr x509Store ;
 179
 180     xmlSecAssert2( mngr != NULL, -1 ) ;
 181     xmlSecAssert2( trustedStore != NULL, -1 ) ;
 182
 183     x509Store = xmlSecKeysMngrGetDataStore( mngr, xmlSecMSCryptoX509StoreId ) ;
 184     if( x509Store == NULL ) {
 185         xmlSecError( XMLSEC_ERRORS_HERE ,
 186             NULL ,
 187             "xmlSecKeysMngrGetDataStore" ,
 188             XMLSEC_ERRORS_R_XMLSEC_FAILED ,
 189             XMLSEC_ERRORS_NO_MESSAGE ) ;
 190         return( -1 ) ;
 191     }
 192
 193     if( xmlSecMSCryptoX509StoreAdoptTrustedStore( x509Store, trustedStore ) < 0 ) {
 194         xmlSecError( XMLSEC_ERRORS_HERE ,
 195             xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName( x509Store ) ) ,
 196             "xmlSecMSCryptoX509StoreAdoptKeyStore" ,
 197             XMLSEC_ERRORS_R_XMLSEC_FAILED ,
 198             XMLSEC_ERRORS_NO_MESSAGE ) ;
 199         return( -1 ) ;
 200     }
 201
 202     return( 0 ) ;
 203 }
 204
 205 int
 206 xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore (
 207     xmlSecKeysMngrPtr   mngr ,
 208     HCERTSTORE untrustedStore
 209 ) {
 210     xmlSecKeyDataStorePtr x509Store ;
 211
 212     xmlSecAssert2( mngr != NULL, -1 ) ;
 213     xmlSecAssert2( untrustedStore != NULL, -1 ) ;
 214
 215     x509Store = xmlSecKeysMngrGetDataStore( mngr, xmlSecMSCryptoX509StoreId ) ;
 216     if( x509Store == NULL ) {
 217         xmlSecError( XMLSEC_ERRORS_HERE ,
 218             NULL ,
 219             "xmlSecKeysMngrGetDataStore" ,
 220             XMLSEC_ERRORS_R_XMLSEC_FAILED ,
 221             XMLSEC_ERRORS_NO_MESSAGE ) ;
 222         return( -1 ) ;
 223     }
 224
 225     if( xmlSecMSCryptoX509StoreAdoptUntrustedStore( x509Store, untrustedStore ) < 0 ) {
 226         xmlSecError( XMLSEC_ERRORS_HERE ,
 227             xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName( x509Store ) ) ,
 228             "xmlSecMSCryptoX509StoreAdoptKeyStore" ,
 229             XMLSEC_ERRORS_R_XMLSEC_FAILED ,
 230             XMLSEC_ERRORS_NO_MESSAGE ) ;
 231         return( -1 ) ;
 232     }
 233
 234     return( 0 ) ;
 235 }
 236
 237