samael 0.0.21

A SAML2 library for Rust
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100

//!
//! Wrapper for XmlSec Key and Certificate management Context
//!
use crate::crypto::xmlsec::wrapper::bindings;

use super::backend;
use super::error::XmlSecError;
use super::error::XmlSecResult;
use super::xmlsec_internal;

use std::ptr::null;
use std::ptr::null_mut;

/// x509 key format.
#[allow(dead_code)]
#[allow(missing_docs)]
#[repr(u32)]
pub enum XmlSecKeyFormat {
    Unknown = bindings::xmlSecKeyDataFormat_xmlSecKeyDataFormatUnknown,
    Binary = bindings::xmlSecKeyDataFormat_xmlSecKeyDataFormatBinary,
    Pem = bindings::xmlSecKeyDataFormat_xmlSecKeyDataFormatPem,
    Der = bindings::xmlSecKeyDataFormat_xmlSecKeyDataFormatDer,
    Pkcs8Pem = bindings::xmlSecKeyDataFormat_xmlSecKeyDataFormatPkcs8Pem,
    Pkcs8Der = bindings::xmlSecKeyDataFormat_xmlSecKeyDataFormatPkcs8Der,
    Pkcs12 = bindings::xmlSecKeyDataFormat_xmlSecKeyDataFormatPkcs12,
    CertPem = bindings::xmlSecKeyDataFormat_xmlSecKeyDataFormatCertPem,
    CertDer = bindings::xmlSecKeyDataFormat_xmlSecKeyDataFormatCertDer,
}

/// Key with which we sign/verify signatures or encrypt data. Used by [`XmlSecSignatureContext`][sigctx].
///
/// [sigctx]: struct.XmlSecSignatureContext.html
#[derive(Debug)]
pub struct XmlSecKey(*mut bindings::xmlSecKey);

impl XmlSecKey {
    /// Load key from buffer in memory, specifying format and optionally the password required to decrypt/unlock.
    pub fn from_memory(buffer: &[u8], format: XmlSecKeyFormat) -> XmlSecResult<Self> {
        xmlsec_internal::guarantee_xmlsec_init()?;

        // Load key from buffer
        let key = unsafe {
            backend::xmlSecCryptoAppKeyLoadMemory(
                buffer.as_ptr(),
                buffer.len().try_into().expect("Key buffer length overflow"),
                format as u32,
                null(),
                null_mut(),
                null_mut(),
            )
        };

        if key.is_null() {
            return Err(XmlSecError::KeyLoadError);
        }

        Ok(Self(key))
    }

    /// Create from raw pointer to an underlying wrapper key structure. Henceforth its lifetime will be managed by this
    /// object.
    pub unsafe fn from_ptr(ptr: *mut bindings::xmlSecKey) -> Self {
        Self(ptr)
    }

    /// Leak the internal resource. This is needed by [`XmlSecSignatureContext`][sigctx], since wrapper takes over the
    /// lifetime management of the underlying resource when setting it as the active key for signature signing or
    /// verification.
    ///
    /// [sigctx]: struct.XmlSecSignatureContext.html
    pub unsafe fn leak(key: Self) -> *mut bindings::xmlSecKey {
        let ptr = key.0;

        std::mem::forget(key);

        ptr
    }
}

impl PartialEq for XmlSecKey {
    fn eq(&self, other: &Self) -> bool {
        self.0 == other.0 // compare pointer addresses
    }
}

impl Eq for XmlSecKey {}

impl Clone for XmlSecKey {
    fn clone(&self) -> Self {
        let new = unsafe { bindings::xmlSecKeyDuplicate(self.0) };

        Self(new)
    }
}

impl Drop for XmlSecKey {
    fn drop(&mut self) {
        unsafe { bindings::xmlSecKeyDestroy(self.0) };
    }
}