diff -uNr xml-security-c-1.7.3/xsec/dsig/DSIGKeyInfoValue.hpp xml-security-c-1.7.3p/xsec/dsig/DSIGKeyInfoValue.hpp --- xml-security-c-1.7.3/xsec/dsig/DSIGKeyInfoValue.hpp 2012-07-23 19:56:11.000000000 +0300 +++ xml-security-c-1.7.3p/xsec/dsig/DSIGKeyInfoValue.hpp 2018-09-12 11:03:08.866767893 +0300 @@ -109,7 +109,7 @@ * a DOM structure */ - virtual void load(void); + virtual void load(); /** * \brief Get P value @@ -117,7 +117,7 @@ * @returns a pointer to the DSA P string value. */ - const XMLCh * getDSAP(void) const {return mp_PTextNode->getNodeValue();} + const XMLCh * getDSAP() const {return mp_PTextNode ? mp_PTextNode->getNodeValue() : NULL;} /** * \brief Get Q value @@ -125,7 +125,7 @@ * @returns a pointer to the DSA Q string value. */ - const XMLCh * getDSAQ(void) const {return mp_QTextNode->getNodeValue();} + const XMLCh * getDSAQ() const {return mp_QTextNode ? mp_QTextNode->getNodeValue() : NULL;} /** * \brief Get G value @@ -133,7 +133,7 @@ * @returns a pointer to the DSA G string value. */ - const XMLCh * getDSAG(void) const {return mp_GTextNode->getNodeValue();} + const XMLCh * getDSAG() const {return mp_GTextNode ? mp_GTextNode->getNodeValue() : NULL;} /** * \brief Get Y value @@ -141,7 +141,7 @@ * @returns a pointer to the DSA Y string value. */ - const XMLCh * getDSAY(void) const {return mp_YTextNode->getNodeValue();} + const XMLCh * getDSAY() const {return mp_YTextNode ? mp_YTextNode->getNodeValue() : NULL;} /** * \brief Get Modulus @@ -149,7 +149,7 @@ * @returns A pointer to the RSA Modulus */ - const XMLCh * getRSAModulus(void) const; + const XMLCh * getRSAModulus() const; /** * \brief Get Exponent @@ -157,7 +157,7 @@ * @returns A pointer to the buffer containing the RSA Modulus string */ - const XMLCh * getRSAExponent(void) const; + const XMLCh * getRSAExponent() const; /** * \brief Get NamedCurve URI @@ -165,7 +165,7 @@ * @returns A pointer to the EC NamedCurve URI */ - const XMLCh * getECNamedCurve(void) const; + const XMLCh * getECNamedCurve() const; /** * \brief Get EC Public Key @@ -173,7 +173,7 @@ * @returns A pointer to the buffer containing the EC public key */ - const XMLCh * getECPublicKey(void) const; + const XMLCh * getECPublicKey() const; //@} diff -uNr xml-security-c-1.7.3/xsec/enc/XSECKeyInfoResolverDefault.cpp xml-security-c-1.7.3p/xsec/enc/XSECKeyInfoResolverDefault.cpp --- xml-security-c-1.7.3/xsec/enc/XSECKeyInfoResolverDefault.cpp 2012-07-23 19:56:11.000000000 +0300 +++ xml-security-c-1.7.3p/xsec/enc/XSECKeyInfoResolverDefault.cpp 2018-09-12 11:16:15.384411782 +0300 @@ -63,12 +63,12 @@ // -------------------------------------------------------------------------------- -XSECCryptoKey * XSECKeyInfoResolverDefault::resolveKey(DSIGKeyInfoList * lst) { +XSECCryptoKey* XSECKeyInfoResolverDefault::resolveKey(DSIGKeyInfoList* lst) { // Try to find a key from the KeyInfo list as best we can // NOTE: No validation is performed (i.e. no cert/CRL checks etc.) - XSECCryptoKey * ret = NULL; + XSECCryptoKey* ret = NULL; DSIGKeyInfoList::size_type sz = lst->getSize(); @@ -79,13 +79,11 @@ case (DSIGKeyInfo::KEYINFO_X509) : { ret = NULL; - const XMLCh * x509Str; - XSECCryptoX509 * x509 = XSECPlatformUtils::g_cryptoProvider->X509(); - Janitor<XSECCryptoX509> j_x509(x509); - - x509Str = ((DSIGKeyInfoX509 *) lst->item(i))->getCertificateItem(0); + const XMLCh* x509Str = ((const DSIGKeyInfoX509 *) lst->item(i))->getCertificateItem(0); - if (x509Str != 0) { + if (x509Str) { + XSECCryptoX509 * x509 = XSECPlatformUtils::g_cryptoProvider->X509(); + Janitor<XSECCryptoX509> j_x509(x509); // The crypto interface classes work UTF-8 safeBuffer transX509; @@ -104,66 +102,90 @@ case (DSIGKeyInfo::KEYINFO_VALUE_DSA) : { - XSECCryptoKeyDSA * dsa = XSECPlatformUtils::g_cryptoProvider->keyDSA(); - Janitor<XSECCryptoKeyDSA> j_dsa(dsa); + const DSIGKeyInfoValue* dsaval = (const DSIGKeyInfoValue *) lst->item(i); + if (dsaval->getDSAP() || dsaval->getDSAQ() || dsaval->getDSAG() || dsaval->getDSAY()) { + + XSECCryptoKeyDSA * dsa = XSECPlatformUtils::g_cryptoProvider->keyDSA(); + Janitor<XSECCryptoKeyDSA> j_dsa(dsa); - safeBuffer value; + safeBuffer value; - value << (*mp_formatter << ((DSIGKeyInfoValue *) lst->item(i))->getDSAP()); - dsa->loadPBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); - value << (*mp_formatter << ((DSIGKeyInfoValue *) lst->item(i))->getDSAQ()); - dsa->loadQBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); - value << (*mp_formatter << ((DSIGKeyInfoValue *) lst->item(i))->getDSAG()); - dsa->loadGBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); - value << (*mp_formatter << ((DSIGKeyInfoValue *) lst->item(i))->getDSAY()); - dsa->loadYBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); + if (dsaval->getDSAP()) { + value << (*mp_formatter << dsaval->getDSAP()); + dsa->loadPBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); + } + if (dsaval->getDSAQ()) { + value << (*mp_formatter << dsaval->getDSAQ()); + dsa->loadQBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); + } + if (dsaval->getDSAG()) { + value << (*mp_formatter << dsaval->getDSAG()); + dsa->loadGBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); + } + if (dsaval->getDSAY()) { + value << (*mp_formatter << dsaval->getDSAY()); + dsa->loadYBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); + } - j_dsa.release(); - return dsa; + j_dsa.release(); + return dsa; + } } break; case (DSIGKeyInfo::KEYINFO_VALUE_RSA) : { + const DSIGKeyInfoValue* rsaval = (const DSIGKeyInfoValue *) lst->item(i); + if (rsaval->getRSAModulus() && rsaval->getRSAExponent()) { - XSECCryptoKeyRSA * rsa = XSECPlatformUtils::g_cryptoProvider->keyRSA(); - Janitor<XSECCryptoKeyRSA> j_rsa(rsa); - - safeBuffer value; + XSECCryptoKeyRSA* rsa = XSECPlatformUtils::g_cryptoProvider->keyRSA(); + Janitor<XSECCryptoKeyRSA> j_rsa(rsa); - value << (*mp_formatter << ((DSIGKeyInfoValue *) lst->item(i))->getRSAModulus()); - rsa->loadPublicModulusBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); - value << (*mp_formatter << ((DSIGKeyInfoValue *) lst->item(i))->getRSAExponent()); - rsa->loadPublicExponentBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); + safeBuffer value; - j_rsa.release(); - return rsa; + value << (*mp_formatter << rsaval->getRSAModulus()); + rsa->loadPublicModulusBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); + value << (*mp_formatter << rsaval->getRSAExponent()); + rsa->loadPublicExponentBase64BigNums(value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); + + j_rsa.release(); + return rsa; + } } break; case (DSIGKeyInfo::KEYINFO_VALUE_EC) : { + const DSIGKeyInfoValue* ecval = (const DSIGKeyInfoValue *) lst->item(i); + if (ecval->getECPublicKey() && ecval->getECNamedCurve()) { - XSECCryptoKeyEC* ec = XSECPlatformUtils::g_cryptoProvider->keyEC(); - Janitor<XSECCryptoKeyEC> j_ec(ec); + XSECCryptoKeyEC* ec = XSECPlatformUtils::g_cryptoProvider->keyEC(); + Janitor<XSECCryptoKeyEC> j_ec(ec); - safeBuffer value; - value << (*mp_formatter << ((DSIGKeyInfoValue *) lst->item(i))->getECPublicKey()); - XSECAutoPtrChar curve(((DSIGKeyInfoValue *) lst->item(i))->getECNamedCurve()); - if (curve.get()) { - ec->loadPublicKeyBase64(curve.get(), value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); - j_ec.release(); - return ec; + safeBuffer value; + + value << (*mp_formatter << ecval->getECPublicKey()); + XSECAutoPtrChar curve(ecval->getECNamedCurve()); + if (curve.get()) { + ec->loadPublicKeyBase64(curve.get(), value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer())); + j_ec.release(); + return ec; + } } } break; case (DSIGKeyInfo::KEYINFO_DERENCODED) : { - safeBuffer value; - value << (*mp_formatter << ((DSIGKeyInfoDEREncoded *) lst->item(i))->getData()); - return XSECPlatformUtils::g_cryptoProvider->keyDER(value.rawCharBuffer(), (unsigned int)strlen(value.rawCharBuffer()), true); + const DSIGKeyInfoDEREncoded* derval = (const DSIGKeyInfoDEREncoded *) lst->item(i); + if (derval->getData()) { + + safeBuffer value; + + value << (*mp_formatter << derval->getData()); + return XSECPlatformUtils::g_cryptoProvider->keyDER(value.rawCharBuffer(), (unsigned int)strlen(value.rawCharBuffer()), true); + } } break; @@ -178,7 +200,7 @@ } -XSECKeyInfoResolver * XSECKeyInfoResolverDefault::clone(void) const { +XSECKeyInfoResolver* XSECKeyInfoResolverDefault::clone() const { return new XSECKeyInfoResolverDefault();