external/libxmlsec/xmlsec1-customkeymanage.patch.1 | 327
----------
xmlsecurity/Library_xsec_xmlsec.mk | 1
xmlsecurity/source/xmlsec/mscrypt/akmngr.cxx | 233
+++++++
xmlsecurity/source/xmlsec/mscrypt/akmngr.hxx | 55 +
xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx | 2
xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.cxx | 2
6 files changed, 291 insertions(+), 329 deletions(-)
New commits:
commit a4bebdf80e8d4cb897b746f41a14100948c4d59b
Author: Miklos Vajna <vmik...@collabora.co.uk>
Date: Thu Jul 20 09:14:30 2017 +0200
xmlsecurity mscrypt: turn akmngr patch into plain code
This is just a set of C functions accessing public libxmlsec API, it's
perfectly OK to have this in xmlsecurity/ instead of patching the
bundled libxmlsec for this.
Change-Id: Ib3e746883a47b80626fdcd64149ce50aa0588395
Reviewed-on: https://gerrit.libreoffice.org/40209
Reviewed-by: Miklos Vajna <vmik...@collabora.co.uk>
Tested-by: Jenkins <c...@libreoffice.org>
diff --git a/external/libxmlsec/xmlsec1-customkeymanage.patch.1
b/external/libxmlsec/xmlsec1-customkeymanage.patch.1
index 0bf999079970..d0984cfc06c1 100644
--- a/external/libxmlsec/xmlsec1-customkeymanage.patch.1
+++ b/external/libxmlsec/xmlsec1-customkeymanage.patch.1
@@ -14,9 +14,6 @@ Conflicts:
src/nss/x509.c
src/nss/x509vfy.c
---
- include/xmlsec/mscrypto/Makefile.am | 1 +
- include/xmlsec/mscrypto/Makefile.in | 1 +
- include/xmlsec/mscrypto/akmngr.h | 53 +++
include/xmlsec/nss/Makefile.am | 3 +
include/xmlsec/nss/Makefile.in | 3 +
include/xmlsec/nss/akmngr.h | 56 +++
@@ -24,7 +21,6 @@ Conflicts:
include/xmlsec/nss/ciphers.h | 35 ++
include/xmlsec/nss/keysstore.h | 4 +
include/xmlsec/nss/tokens.h | 182 +++++++++
- src/mscrypto/akmngr.c | 209 ++++++++++
src/nss/Makefile.am | 2 +
src/nss/Makefile.in | 20 +
src/nss/akmngr.c | 384 ++++++++++++++++++
@@ -35,99 +31,13 @@ Conflicts:
src/nss/tokens.c | 544 +++++++++++++++++++++++++
src/nss/x509.c | 491 ++++++-----------------
src/nss/x509vfy.c | 248 ++++--------
- win32/Makefile.msvc | 4 +
22 files changed, 2971 insertions(+), 838 deletions(-)
- create mode 100644 include/xmlsec/mscrypto/akmngr.h
create mode 100644 include/xmlsec/nss/akmngr.h
create mode 100644 include/xmlsec/nss/ciphers.h
create mode 100644 include/xmlsec/nss/tokens.h
- create mode 100644 src/mscrypto/akmngr.c
create mode 100644 src/nss/akmngr.c
create mode 100644 src/nss/tokens.c
-diff --git a/include/xmlsec/mscrypto/Makefile.am
b/include/xmlsec/mscrypto/Makefile.am
-index 18dff94c..44837b62 100644
---- a/include/xmlsec/mscrypto/Makefile.am
-+++ b/include/xmlsec/mscrypto/Makefile.am
-@@ -3,6 +3,7 @@ NULL =
- xmlsecmscryptoincdir = $(includedir)/xmlsec1/xmlsec/mscrypto
-
- xmlsecmscryptoinc_HEADERS = \
-+akmngr.h \
- app.h \
- certkeys.h \
- crypto.h \
-diff --git a/include/xmlsec/mscrypto/Makefile.in
b/include/xmlsec/mscrypto/Makefile.in
-index e613f83c..07923cc7 100644
---- a/include/xmlsec/mscrypto/Makefile.in
-+++ b/include/xmlsec/mscrypto/Makefile.in
-@@ -400,6 +400,7 @@ top_srcdir = @top_srcdir@
- NULL =
- xmlsecmscryptoincdir = $(includedir)/xmlsec1/xmlsec/mscrypto
- xmlsecmscryptoinc_HEADERS = \
-+akmngr.h \
- app.h \
- certkeys.h \
- crypto.h \
-diff --git a/include/xmlsec/mscrypto/akmngr.h
b/include/xmlsec/mscrypto/akmngr.h
-new file mode 100644
-index 00000000..dca7b016
---- /dev/null
-+++ b/include/xmlsec/mscrypto/akmngr.h
-@@ -0,0 +1,53 @@
-+/**
-+ * XMLSec library
-+ *
-+ * This is free software; see Copyright file in the source
-+ * distribution for preciese wording.
-+ *
-+ * Copyright ..........................
-+ */
-+#ifndef __XMLSEC_MSCRYPTO_AKMNGR_H__
-+#define __XMLSEC_MSCRYPTO_AKMNGR_H__
-+
-+#include <windows.h>
-+#include <wincrypt.h>
-+
-+#include <xmlsec/xmlsec.h>
-+#include <xmlsec/keys.h>
-+#include <xmlsec/transforms.h>
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif /* __cplusplus */
-+
-+XMLSEC_CRYPTO_EXPORT xmlSecKeysMngrPtr
-+xmlSecMSCryptoAppliedKeysMngrCreate(
-+ HCERTSTORE keyStore ,
-+ HCERTSTORE certStore
-+) ;
-+
-+XMLSEC_CRYPTO_EXPORT int
-+xmlSecMSCryptoAppliedKeysMngrAdoptKeyStore (
-+ xmlSecKeysMngrPtr mngr ,
-+ HCERTSTORE keyStore
-+) ;
-+
-+XMLSEC_CRYPTO_EXPORT int
-+xmlSecMSCryptoAppliedKeysMngrAdoptTrustedStore (
-+ xmlSecKeysMngrPtr mngr ,
-+ HCERTSTORE trustedStore
-+) ;
-+
-+XMLSEC_CRYPTO_EXPORT int
-+xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore (
-+ xmlSecKeysMngrPtr mngr ,
-+ HCERTSTORE untrustedStore
-+) ;
-+
-+#ifdef __cplusplus
-+}
-+#endif /* __cplusplus */
-+
-+#endif /* __XMLSEC_MSCRYPTO_AKMNGR_H__ */
-+
-+
diff --git a/include/xmlsec/nss/Makefile.am b/include/xmlsec/nss/Makefile.am
index e3521622..997ca7fd 100644
--- a/include/xmlsec/nss/Makefile.am
@@ -492,221 +402,6 @@ index 00000000..444c5614
+
+#endif /* __XMLSEC_NSS_TOKENS_H__ */
+
-diff --git a/src/mscrypto/akmngr.c b/src/mscrypto/akmngr.c
-new file mode 100644
-index 00000000..6d33e706
---- /dev/null
-+++ b/src/mscrypto/akmngr.c
-@@ -0,0 +1,209 @@
-+/**
-+ * XMLSec library
-+ *
-+ * This is free software; see Copyright file in the source
-+ * distribution for preciese wording.
-+ *
-+ * Copyright.........................
-+ */
-+#include "globals.h"
-+
-+#include <xmlsec/xmlsec.h>
-+#include <xmlsec/keys.h>
-+#include <xmlsec/keysmngr.h>
-+#include <xmlsec/transforms.h>
-+#include <xmlsec/errors.h>
-+
-+#include <xmlsec/mscrypto/crypto.h>
-+#include <xmlsec/mscrypto/keysstore.h>
-+#include <xmlsec/mscrypto/akmngr.h>
-+#include <xmlsec/mscrypto/x509.h>
-+
-+/**
-+ * xmlSecMSCryptoAppliedKeysMngrCreate:
-+ * @hKeyStore: the pointer to key store.
-+ * @hCertStore: the pointer to certificate database.
-+ *
-+ * Create and load key store and certificate database into keys manager
-+ *
-+ * Returns keys manager pointer on success or NULL otherwise.
-+ */
-+xmlSecKeysMngrPtr
-+xmlSecMSCryptoAppliedKeysMngrCreate(
-+ HCERTSTORE hKeyStore ,
-+ HCERTSTORE hCertStore
-+) {
-+ xmlSecKeyDataStorePtr certStore = NULL ;
-+ xmlSecKeysMngrPtr keyMngr = NULL ;
-+ xmlSecKeyStorePtr keyStore = NULL ;
-+
-+ keyStore = xmlSecKeyStoreCreate( xmlSecMSCryptoKeysStoreId ) ;
-+ if( keyStore == NULL ) {
-+ xmlSecError( XMLSEC_ERRORS_HERE ,
-+ NULL ,
-+ "xmlSecKeyStoreCreate" ,
-+ XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-+ XMLSEC_ERRORS_NO_MESSAGE ) ;
-+ return NULL ;
-+ }
-+
-+ /*-
-+ * At present, MS Crypto engine do not provide a way to setup a key
store.
-+ */
-+ if( keyStore != NULL ) {
-+ /*TODO: binding key store.*/
-+ }
-+
-+ keyMngr = xmlSecKeysMngrCreate() ;
-+ if( keyMngr == NULL ) {
-+ xmlSecError( XMLSEC_ERRORS_HERE ,
-+ NULL ,
-+ "xmlSecKeysMngrCreate" ,
-+ XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-+ XMLSEC_ERRORS_NO_MESSAGE ) ;
-+
-+ xmlSecKeyStoreDestroy( keyStore ) ;
-+ return NULL ;
-+ }
-+
-+ /*-
-+ * Add key store to manager, from now on keys manager destroys the
store if
-+ * needed
-+ */
-+ if( xmlSecKeysMngrAdoptKeysStore( keyMngr, keyStore ) < 0 ) {
-+ xmlSecError( XMLSEC_ERRORS_HERE ,
-+ xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore
) ) ,
-+ "xmlSecKeysMngrAdoptKeyStore" ,
-+ XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-+ XMLSEC_ERRORS_NO_MESSAGE ) ;
-+
-+ xmlSecKeyStoreDestroy( keyStore ) ;
-+ xmlSecKeysMngrDestroy( keyMngr ) ;
-+ return NULL ;
-+ }
-+
-+ /*-
-+ * Initialize crypto library specific data in keys manager
-+ */
-+ if( xmlSecMSCryptoKeysMngrInit( keyMngr ) < 0 ) {
-+ xmlSecError( XMLSEC_ERRORS_HERE ,
-+ NULL ,
-+ "xmlSecMSCryptoKeysMngrInit" ,
-+ XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-+ XMLSEC_ERRORS_NO_MESSAGE ) ;
-+
-+ xmlSecKeysMngrDestroy( keyMngr ) ;
-+ return NULL ;
-+ }
-+
-+ /*-
-+ * Set certificate databse to X509 key data store
-+ */
-+ /*-
-+ * At present, MS Crypto engine do not provide a way to setup a cert
store.
-+ */
-+
-+ /*-
-+ * Set the getKey callback
-+ */
-+ keyMngr->getKey = xmlSecKeysMngrGetKey ;
-+
-+ return keyMngr ;
-+}
-+
-+int
-+xmlSecMSCryptoAppliedKeysMngrAdoptKeyStore (
-+ xmlSecKeysMngrPtr mngr ,
-+ HCERTSTORE keyStore
-+) {
-+ xmlSecKeyDataStorePtr x509Store ;
-+
-+ xmlSecAssert2( mngr != NULL, -1 ) ;
-+ xmlSecAssert2( keyStore != NULL, -1 ) ;
-+
-+ x509Store = xmlSecKeysMngrGetDataStore( mngr, xmlSecMSCryptoX509StoreId )
;
-+ if( x509Store == NULL ) {
-+ xmlSecError( XMLSEC_ERRORS_HERE ,
-+ NULL ,
-+ "xmlSecKeysMngrGetDataStore" ,
-+ XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-+ XMLSEC_ERRORS_NO_MESSAGE ) ;
-+ return( -1 ) ;
-+ }
-+
-+ if( xmlSecMSCryptoX509StoreAdoptKeyStore( x509Store, keyStore ) < 0 ) {
-+ xmlSecError( XMLSEC_ERRORS_HERE ,
-+ xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName(
x509Store ) ) ,
-+ "xmlSecMSCryptoX509StoreAdoptKeyStore" ,
-+ XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-+ XMLSEC_ERRORS_NO_MESSAGE ) ;
-+ return( -1 ) ;
-+ }
-+
-+ return( 0 ) ;
-+}
-+
-+int
-+xmlSecMSCryptoAppliedKeysMngrAdoptTrustedStore (
-+ xmlSecKeysMngrPtr mngr ,
-+ HCERTSTORE trustedStore
-+) {
-+ xmlSecKeyDataStorePtr x509Store ;
-+
-+ xmlSecAssert2( mngr != NULL, -1 ) ;
-+ xmlSecAssert2( trustedStore != NULL, -1 ) ;
-+
-+ x509Store = xmlSecKeysMngrGetDataStore( mngr, xmlSecMSCryptoX509StoreId )
;
-+ if( x509Store == NULL ) {
-+ xmlSecError( XMLSEC_ERRORS_HERE ,
-+ NULL ,
-+ "xmlSecKeysMngrGetDataStore" ,
-+ XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-+ XMLSEC_ERRORS_NO_MESSAGE ) ;
-+ return( -1 ) ;
-+ }
-+
-+ if( xmlSecMSCryptoX509StoreAdoptTrustedStore( x509Store, trustedStore )
< 0 ) {
-+ xmlSecError( XMLSEC_ERRORS_HERE ,
-+ xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName(
x509Store ) ) ,
-+ "xmlSecMSCryptoX509StoreAdoptKeyStore" ,
-+ XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-+ XMLSEC_ERRORS_NO_MESSAGE ) ;
-+ return( -1 ) ;
-+ }
-+
-+ return( 0 ) ;
-+}
-+
-+int
-+xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore (
-+ xmlSecKeysMngrPtr mngr ,
-+ HCERTSTORE untrustedStore
-+) {
-+ xmlSecKeyDataStorePtr x509Store ;
-+
-+ xmlSecAssert2( mngr != NULL, -1 ) ;
-+ xmlSecAssert2( untrustedStore != NULL, -1 ) ;
-+
-+ x509Store = xmlSecKeysMngrGetDataStore( mngr, xmlSecMSCryptoX509StoreId )
;
-+ if( x509Store == NULL ) {
-+ xmlSecError( XMLSEC_ERRORS_HERE ,
-+ NULL ,
-+ "xmlSecKeysMngrGetDataStore" ,
-+ XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-+ XMLSEC_ERRORS_NO_MESSAGE ) ;
-+ return( -1 ) ;
-+ }
-+
-+ if( xmlSecMSCryptoX509StoreAdoptUntrustedStore( x509Store,
untrustedStore ) < 0 ) {
-+ xmlSecError( XMLSEC_ERRORS_HERE ,
-+ xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName(
x509Store ) ) ,
-+ "xmlSecMSCryptoX509StoreAdoptKeyStore" ,
-+ XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-+ XMLSEC_ERRORS_NO_MESSAGE ) ;
-+ return( -1 ) ;
-+ }
-+
-+ return( 0 ) ;
-+}
-+
diff --git a/src/nss/Makefile.am b/src/nss/Makefile.am
index e666f33c..ec9e7896 100644
--- a/src/nss/Makefile.am
@@ -4621,28 +4316,6 @@ index b28a37e1..39574fdd 100644
#endif /* XMLSEC_NO_X509 */
-diff --git a/win32/Makefile.msvc b/win32/Makefile.msvc
-index ef1909ce..5ea58000 100644
---- a/win32/Makefile.msvc
-+++ b/win32/Makefile.msvc
-@@ -225,6 +225,9 @@ XMLSEC_OPENSSL_OBJS_A = \
- $(XMLSEC_OPENSSL_INTDIR_A)\x509vfy.obj
-
- XMLSEC_NSS_OBJS = \
-+ $(XMLSEC_NSS_INTDIR)\akmngr.obj\
-+ $(XMLSEC_NSS_INTDIR)\keywrapers.obj\
-+ $(XMLSEC_NSS_INTDIR)\tokens.obj\
- $(XMLSEC_NSS_INTDIR)\app.obj\
- $(XMLSEC_NSS_INTDIR)\bignum.obj\
- $(XMLSEC_NSS_INTDIR)\ciphers.obj \
-@@ -260,6 +263,7 @@ XMLSEC_NSS_OBJS_A = \
- $(XMLSEC_NSS_INTDIR_A)\strings.obj
-
- XMLSEC_MSCRYPTO_OBJS = \
-+ $(XMLSEC_MSCRYPTO_INTDIR)\akmngr.obj\
- $(XMLSEC_MSCRYPTO_INTDIR)\app.obj\
- $(XMLSEC_MSCRYPTO_INTDIR)\crypto.obj \
- $(XMLSEC_MSCRYPTO_INTDIR)\ciphers.obj \
--
2.12.0
diff --git a/xmlsecurity/Library_xsec_xmlsec.mk
b/xmlsecurity/Library_xsec_xmlsec.mk
index 41f6d81e169e..659a0651457b 100644
--- a/xmlsecurity/Library_xsec_xmlsec.mk
+++ b/xmlsecurity/Library_xsec_xmlsec.mk
@@ -110,6 +110,7 @@ $(eval $(call gb_Library_use_system_win32_libs,xsec_xmlsec,\
))
$(eval $(call gb_Library_add_exception_objects,xsec_xmlsec,\
+ xmlsecurity/source/xmlsec/mscrypt/akmngr \
xmlsecurity/source/xmlsec/mscrypt/sanextension_mscryptimpl \
xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl \
xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl \
diff --git a/xmlsecurity/source/xmlsec/mscrypt/akmngr.cxx
b/xmlsecurity/source/xmlsec/mscrypt/akmngr.cxx
new file mode 100644
index 000000000000..bcaefa671dfc
--- /dev/null
+++ b/xmlsecurity/source/xmlsec/mscrypt/akmngr.cxx
@@ -0,0 +1,233 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4;
fill-column: 100 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+#include <akmngr.hxx>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/keysmngr.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/mscrypto/crypto.h>
+#include <xmlsec/mscrypto/keysstore.h>
+#include <xmlsec/mscrypto/x509.h>
+
+/**
+ * xmlSecMSCryptoAppliedKeysMngrCreate:
+ * @hKeyStore: the pointer to key store.
+ * @hCertStore: the pointer to certificate database.
+ *
+ * Create and load key store and certificate database into keys manager
+ *
+ * Returns keys manager pointer on success or NULL otherwise.
+ */
+xmlSecKeysMngrPtr
+xmlSecMSCryptoAppliedKeysMngrCreate(
+ HCERTSTORE /*hKeyStore*/,
+ HCERTSTORE /*hCertStore*/
+)
+{
+ xmlSecKeysMngrPtr keyMngr = NULL ;
+ xmlSecKeyStorePtr keyStore = NULL ;
+
+ keyStore = xmlSecKeyStoreCreate(xmlSecMSCryptoKeysStoreId) ;
+ if (keyStore == NULL)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyStoreCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE) ;
+ return NULL ;
+ }
+
+ /*-
+ * At present, MS Crypto engine do not provide a way to setup a key store.
+ */
+ if (keyStore != NULL)
+ {
+ /*TODO: binding key store.*/
+ }
+
+ keyMngr = xmlSecKeysMngrCreate() ;
+ if (keyMngr == NULL)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeysMngrCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE) ;
+
+ xmlSecKeyStoreDestroy(keyStore) ;
+ return NULL ;
+ }
+
+ /*-
+ * Add key store to manager, from now on keys manager destroys the store if
+ * needed
+ */
+ if (xmlSecKeysMngrAdoptKeysStore(keyMngr, keyStore) < 0)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyStoreGetName(keyStore)),
+ "xmlSecKeysMngrAdoptKeyStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE) ;
+
+ xmlSecKeyStoreDestroy(keyStore) ;
+ xmlSecKeysMngrDestroy(keyMngr) ;
+ return NULL ;
+ }
+
+ /*-
+ * Initialize crypto library specific data in keys manager
+ */
+ if (xmlSecMSCryptoKeysMngrInit(keyMngr) < 0)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecMSCryptoKeysMngrInit",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE) ;
+
+ xmlSecKeysMngrDestroy(keyMngr) ;
+ return NULL ;
+ }
+
+ /*-
+ * Set certificate databse to X509 key data store
+ */
+ /*-
+ * At present, MS Crypto engine do not provide a way to setup a cert store.
+ */
+
+ /*-
+ * Set the getKey callback
+ */
+ keyMngr->getKey = xmlSecKeysMngrGetKey ;
+
+ return keyMngr ;
+}
+
+int
+xmlSecMSCryptoAppliedKeysMngrAdoptKeyStore(
+ xmlSecKeysMngrPtr mngr,
+ HCERTSTORE keyStore
+)
+{
+ xmlSecKeyDataStorePtr x509Store ;
+
+ xmlSecAssert2(mngr != NULL, -1) ;
+ xmlSecAssert2(keyStore != NULL, -1) ;
+
+ x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecMSCryptoX509StoreId) ;
+ if (x509Store == NULL)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeysMngrGetDataStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE) ;
+ return (-1) ;
+ }
+
+ if (xmlSecMSCryptoX509StoreAdoptKeyStore(x509Store, keyStore) < 0)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+
xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(x509Store)),
+ "xmlSecMSCryptoX509StoreAdoptKeyStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE) ;
+ return (-1) ;
+ }
+
+ return (0) ;
+}
+
+int
+xmlSecMSCryptoAppliedKeysMngrAdoptTrustedStore(
+ xmlSecKeysMngrPtr mngr,
+ HCERTSTORE trustedStore
+)
+{
+ xmlSecKeyDataStorePtr x509Store ;
+
+ xmlSecAssert2(mngr != NULL, -1) ;
+ xmlSecAssert2(trustedStore != NULL, -1) ;
+
+ x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecMSCryptoX509StoreId) ;
+ if (x509Store == NULL)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeysMngrGetDataStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE) ;
+ return (-1) ;
+ }
+
+ if (xmlSecMSCryptoX509StoreAdoptTrustedStore(x509Store, trustedStore) < 0)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+
xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(x509Store)),
+ "xmlSecMSCryptoX509StoreAdoptKeyStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE) ;
+ return (-1) ;
+ }
+
+ return (0) ;
+}
+
+int
+xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore(
+ xmlSecKeysMngrPtr mngr,
+ HCERTSTORE untrustedStore
+)
+{
+ xmlSecKeyDataStorePtr x509Store ;
+
+ xmlSecAssert2(mngr != NULL, -1) ;
+ xmlSecAssert2(untrustedStore != NULL, -1) ;
+
+ x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecMSCryptoX509StoreId) ;
+ if (x509Store == NULL)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeysMngrGetDataStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE) ;
+ return (-1) ;
+ }
+
+ if (xmlSecMSCryptoX509StoreAdoptUntrustedStore(x509Store, untrustedStore)
< 0)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+
xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(x509Store)),
+ "xmlSecMSCryptoX509StoreAdoptKeyStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE) ;
+ return (-1) ;
+ }
+
+ return (0) ;
+}
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab cinoptions=b1,g0,N-s
cinkeys+=0=break: */
diff --git a/xmlsecurity/source/xmlsec/mscrypt/akmngr.hxx
b/xmlsecurity/source/xmlsec/mscrypt/akmngr.hxx
new file mode 100644
index 000000000000..5f7b1a023ba7
--- /dev/null
+++ b/xmlsecurity/source/xmlsec/mscrypt/akmngr.hxx
@@ -0,0 +1,55 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4;
fill-column: 100 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+#ifndef INCLUDED_XMLSECURITY_SOURCE_XMLSEC_MSCRYPT_AKMNGR_HXX
+#define INCLUDED_XMLSECURITY_SOURCE_XMLSEC_MSCRYPT_AKMNGR_HXX
+
+#include <windows.h>
+#include <wincrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+
+xmlSecKeysMngrPtr
+xmlSecMSCryptoAppliedKeysMngrCreate(
+ HCERTSTORE keyStore,
+ HCERTSTORE certStore
+) ;
+
+int
+xmlSecMSCryptoAppliedKeysMngrAdoptKeyStore(
+ xmlSecKeysMngrPtr mngr,
+ HCERTSTORE keyStore
+) ;
+
+int
+xmlSecMSCryptoAppliedKeysMngrAdoptTrustedStore(
+ xmlSecKeysMngrPtr mngr,
+ HCERTSTORE trustedStore
+) ;
+
+int
+xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore(
+ xmlSecKeysMngrPtr mngr,
+ HCERTSTORE untrustedStore
+) ;
+
+#endif // INCLUDED_XMLSECURITY_SOURCE_XMLSEC_MSCRYPT_AKMNGR_HXX
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab cinoptions=b1,g0,N-s
cinkeys+=0=break: */
diff --git
a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
index 8de01fa987e8..7a202de19962 100644
--- a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
+++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
@@ -38,7 +38,7 @@
#include <comphelper/servicehelper.hxx>
#include "xmlsec-wrapper.h"
-#include "xmlsec/mscrypto/akmngr.h"
+#include "akmngr.hxx"
#include <biginteger.hxx>
diff --git
a/xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.cxx
b/xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.cxx
index b0797f092a7c..762054fa05dc 100644
--- a/xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.cxx
+++ b/xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.cxx
@@ -22,7 +22,7 @@
#include "xmlsecuritycontext_mscryptimpl.hxx"
#include "xmlsec/xmlstreamio.hxx"
-#include "xmlsec/mscrypto/akmngr.h"
+#include "akmngr.hxx"
#include "xmlsec-wrapper.h"
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
