From 67af552ad1ee79c6b39897ac935bfbe44eac6692 Mon Sep 17 00:00:00 2001 From: Ross Kinder Date: Wed, 23 Dec 2015 15:08:05 -0500 Subject: [PATCH] =?UTF-8?q?move=20all=20invocations=20of=20CString=20to=20?= =?UTF-8?q?globals=20where=20the=20fact=20that=20it=20leaks=20memory=20doe?= =?UTF-8?q?sn=E2=80=99t=20matter?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit bug #5 --- encrypt.go | 32 ++++++++++++++++++++++---------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/encrypt.go b/encrypt.go index 9e5cfd6..438d49f 100644 --- a/encrypt.go +++ b/encrypt.go @@ -88,6 +88,20 @@ type EncryptOptions struct { var errInvalidAlgorithm = errors.New("invalid algorithm") +// global string constants +// Note: the invocations of C.CString() here return a pointer to a string +// allocated from the C heap that would normally need to freed by calling +// C.free, but because these are global, we can just leak them. +var ( + constDsigNamespace = (*C.xmlChar)(unsafe.Pointer(C.CString("http://www.w3.org/2000/09/xmldsig#"))) + constDigestMethod = (*C.xmlChar)(unsafe.Pointer(C.CString("DigestMethod"))) + constAlgorithm = (*C.xmlChar)(unsafe.Pointer(C.CString("Algorithm"))) + constSha512 = (*C.xmlChar)(unsafe.Pointer(C.CString("http://www.w3.org/2001/04/xmlenc#sha512"))) + constSha384 = (*C.xmlChar)(unsafe.Pointer(C.CString("http://www.w3.org/2001/04/xmldsig-more#sha384"))) + constSha256 = (*C.xmlChar)(unsafe.Pointer(C.CString("http://www.w3.org/2001/04/xmlenc#sha256"))) + constSha1 = (*C.xmlChar)(unsafe.Pointer(C.CString("http://www.w3.org/2000/09/xmldsig#sha1"))) +) + // Encrypt encrypts the XML document to publicKey and returns the encrypted // document. func Encrypt(publicKey, doc []byte, opts EncryptOptions) ([]byte, error) { @@ -197,29 +211,27 @@ func Encrypt(publicKey, doc []byte, opts EncryptOptions) ([]byte, error) { if keyInfoNode2 == nil { return nil, mustPopError() } + // Add a DigestMethod element to the encryption method node { encKeyMethod := C.xmlSecTmplEncDataGetEncMethodNode(encKeyNode) - var ns = constXMLChar("http://www.w3.org/2000/09/xmldsig#") - var strDigestMethod = constXMLChar("DigestMethod") - var strAlgorithm = constXMLChar("Algorithm") var algorithm *C.xmlChar switch opts.DigestAlgorithm { case Sha512: - algorithm = constXMLChar("http://www.w3.org/2001/04/xmlenc#sha512") + algorithm = constSha512 case Sha384: - algorithm = constXMLChar("http://www.w3.org/2001/04/xmldsig-more#sha384") + algorithm = constSha384 case Sha256: - algorithm = constXMLChar("http://www.w3.org/2001/04/xmlenc#sha256") + algorithm = constSha256 case Sha1: - algorithm = constXMLChar("http://www.w3.org/2000/09/xmldsig#sha1") + algorithm = constSha1 case DefaultDigestAlgorithm: - algorithm = constXMLChar("http://www.w3.org/2000/09/xmldsig#sha1") + algorithm = constSha1 default: return nil, errInvalidAlgorithm } - node := C.xmlSecAddChild(encKeyMethod, strDigestMethod, ns) - C.xmlSetProp(node, strAlgorithm, algorithm) + node := C.xmlSecAddChild(encKeyMethod, constDigestMethod, constDsigNamespace) + C.xmlSetProp(node, constAlgorithm, algorithm) } // add our certificate to KeyInfoNode