[xmlsec] XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN flag
Aleksey Sanin
aleksey at aleksey.com
Thu May 10 07:49:43 PDT 2012
Hm, I think this is exactly what "--enabled-key-data" xmlsec1
command line option does (see enabledKeyData member of KeyInfo).
Aleksey
On 5/10/12 2:07 AM, Frank Gross wrote:
> Hi, actually with that flag I want the xmlSecKeysMngrGetKey() to
> restrict the key lookup to the name only. For instance, I may have
> several keys of same type and key size in the key store but for
> different purpose. Without that flag, the manager tries to find a key
> that matches the key type and size, but then it may return a bad one, or
> am I wrong ?
>
> Regards,
> Frank
>
> Le 28/04/2012 05:55, Aleksey Sanin a écrit :
>> Sorry, I am not sure I understand what you are trying to do with
>> this patch. The xmlSecKeysMngrGetKey() already stops if the key
>> is not found.
>>
>> Aleksey
>>
>> On 4/27/12 1:45 AM, Frank Gross wrote:
>>> Hi, I modified the library to support that flag as following. It is
>>> working for me, but I don't know if it is ok. Could you have a look and
>>> tell me what you think ,thanks ?
>>>
>>> Modified:
>>> gws/branches/gws-ext-libs-2.50/lib-aleksey-xmlsec1/src/src/keys.c
>>> ===================================================================
>>> --- gws/branches/gws-ext-libs-2.50/lib-aleksey-xmlsec1/src/src/keys.c
>>> 2012-04-26 16:10:31 UTC (rev 114254)
>>> +++ gws/branches/gws-ext-libs-2.50/lib-aleksey-xmlsec1/src/src/keys.c
>>> 2012-04-26 16:15:18 UTC (rev 114255)
>>> @@ -1326,7 +1326,7 @@
>>> */
>>> xmlSecKeyPtr
>>> xmlSecKeysMngrGetKey(xmlNodePtr keyInfoNode, xmlSecKeyInfoCtxPtr
>>> keyInfoCtx) {
>>> - xmlSecKeyPtr key;
>>> + xmlSecKeyPtr key,key2;
>>> int ret;
>>>
>>> xmlSecAssert2(keyInfoCtx != NULL, NULL);
>>> @@ -1361,23 +1361,30 @@
>>> return(key);
>>> }
>>> }
>>> - xmlSecKeyDestroy(key);
>>>
>>> - /* if we have keys manager, try it */
>>> - if(keyInfoCtx->keysMngr != NULL) {
>>> - key = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, NULL,
>>> keyInfoCtx);
>>> - if(key == NULL) {
>>> + if (keyInfoCtx->keysMngr==NULL) {
>>> + xmlSecKeyDestroy(key);
>>> + } else {
>>> + /* if we have keys manager, try it */
>>> + if
>>> (keyInfoCtx->flags&XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN) {
>>> + key2 = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, key->name,
>>> keyInfoCtx);
>>> + } else {
>>> + key2 = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, NULL,
>>> keyInfoCtx);
>>> + }
>>> + xmlSecKeyDestroy(key);
>>> + if(key2 == NULL) {
>>> xmlSecError(XMLSEC_ERRORS_HERE,
>>> NULL,
>>> "xmlSecKeysMngrFindKey",
>>> XMLSEC_ERRORS_R_XMLSEC_FAILED,
>>> XMLSEC_ERRORS_NO_MESSAGE);
>>> +
>>> return(NULL);
>>> }
>>> - if(xmlSecKeyGetValue(key) != NULL) {
>>> - return(key);
>>> + if(xmlSecKeyGetValue(key2) != NULL) {
>>> + return(key2);
>>> }
>>> - xmlSecKeyDestroy(key);
>>> + xmlSecKeyDestroy(key2);
>>> }
>>>
>>> xmlSecError(XMLSEC_ERRORS_HERE,
>>>
>>>
>>> Frank
>>>
>>>
>>> Le 26/04/2012 17:19, Aleksey Sanin a écrit :
>>>> Probably not.
>>>>
>>>> Aleksey
>>>>
>>>> On 4/26/12 8:13 AM, Frank Gross wrote:
>>>>> Hi,
>>>>>
>>>>> I would like to use the flag called
>>>>> XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN, but it doesn't seem to
>>>>> work. It is defined in keyinfo.h but nowhere else. Is this flag
>>>>> active ?
>>>>>
>>>>> Regards,
>>>>>
>>>>> Frank
>>>>>
>
More information about the xmlsec
mailing list