[xmlsec] XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN flag
Frank Gross
fg at 4js.com
Thu May 10 02:07:40 PDT 2012
Hi, actually with that flag I want the xmlSecKeysMngrGetKey() to
restrict the key lookup to the name only. For instance, I may have
several keys of same type and key size in the key store but for
different purpose. Without that flag, the manager tries to find a key
that matches the key type and size, but then it may return a bad one, or
am I wrong ?
Regards,
Frank
Le 28/04/2012 05:55, Aleksey Sanin a écrit :
> Sorry, I am not sure I understand what you are trying to do with
> this patch. The xmlSecKeysMngrGetKey() already stops if the key
> is not found.
>
> Aleksey
>
> On 4/27/12 1:45 AM, Frank Gross wrote:
>> Hi, I modified the library to support that flag as following. It is
>> working for me, but I don't know if it is ok. Could you have a look and
>> tell me what you think ,thanks ?
>>
>> Modified: gws/branches/gws-ext-libs-2.50/lib-aleksey-xmlsec1/src/src/keys.c
>> ===================================================================
>> --- gws/branches/gws-ext-libs-2.50/lib-aleksey-xmlsec1/src/src/keys.c
>> 2012-04-26 16:10:31 UTC (rev 114254)
>> +++ gws/branches/gws-ext-libs-2.50/lib-aleksey-xmlsec1/src/src/keys.c
>> 2012-04-26 16:15:18 UTC (rev 114255)
>> @@ -1326,7 +1326,7 @@
>> */
>> xmlSecKeyPtr
>> xmlSecKeysMngrGetKey(xmlNodePtr keyInfoNode, xmlSecKeyInfoCtxPtr
>> keyInfoCtx) {
>> - xmlSecKeyPtr key;
>> + xmlSecKeyPtr key,key2;
>> int ret;
>>
>> xmlSecAssert2(keyInfoCtx != NULL, NULL);
>> @@ -1361,23 +1361,30 @@
>> return(key);
>> }
>> }
>> - xmlSecKeyDestroy(key);
>>
>> - /* if we have keys manager, try it */
>> - if(keyInfoCtx->keysMngr != NULL) {
>> - key = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, NULL,
>> keyInfoCtx);
>> - if(key == NULL) {
>> + if (keyInfoCtx->keysMngr==NULL) {
>> + xmlSecKeyDestroy(key);
>> + } else {
>> + /* if we have keys manager, try it */
>> + if
>> (keyInfoCtx->flags&XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN) {
>> + key2 = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, key->name,
>> keyInfoCtx);
>> + } else {
>> + key2 = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, NULL,
>> keyInfoCtx);
>> + }
>> + xmlSecKeyDestroy(key);
>> + if(key2 == NULL) {
>> xmlSecError(XMLSEC_ERRORS_HERE,
>> NULL,
>> "xmlSecKeysMngrFindKey",
>> XMLSEC_ERRORS_R_XMLSEC_FAILED,
>> XMLSEC_ERRORS_NO_MESSAGE);
>> +
>> return(NULL);
>> }
>> - if(xmlSecKeyGetValue(key) != NULL) {
>> - return(key);
>> + if(xmlSecKeyGetValue(key2) != NULL) {
>> + return(key2);
>> }
>> - xmlSecKeyDestroy(key);
>> + xmlSecKeyDestroy(key2);
>> }
>>
>> xmlSecError(XMLSEC_ERRORS_HERE,
>>
>>
>> Frank
>>
>>
>> Le 26/04/2012 17:19, Aleksey Sanin a écrit :
>>> Probably not.
>>>
>>> Aleksey
>>>
>>> On 4/26/12 8:13 AM, Frank Gross wrote:
>>>> Hi,
>>>>
>>>> I would like to use the flag called
>>>> XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN, but it doesn't seem to
>>>> work. It is defined in keyinfo.h but nowhere else. Is this flag active ?
>>>>
>>>> Regards,
>>>>
>>>> Frank
>>>>
--
Frank GROSS
Software Engineer - Web Services
Four J's Development Tools - http://www.4js.com
More information about the xmlsec
mailing list