You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ka...@apache.org on 2006/11/28 07:37:08 UTC
svn commit: r479929 - in /webservices/axis2/trunk/c/rampart: include/
src/omxmlsec/ src/omxmlsec/openssl/ src/util/
Author: kaushalye
Date: Mon Nov 27 22:37:07 2006
New Revision: 479929
URL: http://svn.apache.org/viewvc?view=rev&rev=479929
Log:
-Adding suppoert for KeyIdentifier node
-Changes made in Key manager class to load the public key using the pkcs12
-Embedding base64 encoded x509 certificate to the security header
-Plus some other modifications.
Added:
webservices/axis2/trunk/c/rampart/include/oxs_token_key_identifier.h
webservices/axis2/trunk/c/rampart/src/omxmlsec/token_key_identifier.c
Modified:
webservices/axis2/trunk/c/rampart/include/openssl_pkcs12.h
webservices/axis2/trunk/c/rampart/include/oxs_asym_ctx.h
webservices/axis2/trunk/c/rampart/include/oxs_constants.h
webservices/axis2/trunk/c/rampart/include/oxs_x509_cert.h
webservices/axis2/trunk/c/rampart/src/omxmlsec/Makefile.am
webservices/axis2/trunk/c/rampart/src/omxmlsec/encryption.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/key_mgr.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/pkcs12.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/x509.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/x509_cert.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_encryption.c
webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c
Modified: webservices/axis2/trunk/c/rampart/include/openssl_pkcs12.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/openssl_pkcs12.h?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/openssl_pkcs12.h (original)
+++ webservices/axis2/trunk/c/rampart/include/openssl_pkcs12.h Mon Nov 27 22:37:07 2006
@@ -51,7 +51,7 @@
openssl_pkcs12_parse(const axis2_env_t *env,
axis2_char_t *password ,
PKCS12 *p12,
- EVP_PKEY **pkey,
+ EVP_PKEY **prvkey,
X509 **cert,
STACK_OF(X509) **ca);
Modified: webservices/axis2/trunk/c/rampart/include/oxs_asym_ctx.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_asym_ctx.h?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_asym_ctx.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_asym_ctx.h Mon Nov 27 22:37:07 2006
@@ -86,7 +86,7 @@
const axis2_env_t *env);
AXIS2_EXTERN openssl_pkey_t* AXIS2_CALL
-oxs_asym_ctx_private_key(const oxs_asym_ctx_t *ctx,
+oxs_asym_ctx_get_private_key(const oxs_asym_ctx_t *ctx,
const axis2_env_t *env);
AXIS2_EXTERN oxs_x509_cert_t* AXIS2_CALL
Modified: webservices/axis2/trunk/c/rampart/include/oxs_constants.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_constants.h?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_constants.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_constants.h Mon Nov 27 22:37:07 2006
@@ -40,6 +40,7 @@
****************************************************************/
#define OXS_ENCDATA_ID "EncDataID"
#define OXS_ENCKEY_ID "EncKeyID"
+#define OXS_CERT_ID "CertID"
/****************************************************************
Global namespaces
@@ -91,6 +92,7 @@
KeyInfo Nodes
****************************************************************/
#define OXS_NODE_BINARY_SECURITY_TOKEN "BinarySecurityToken"
+#define OXS_NODE_KEY_IDENTIFIER "KeyIdentifier"
/****************************************************************
@@ -297,6 +299,12 @@
#define OXS_SOAP_FAULT_CODE_RECEIVER "Receiver"
#define OXS_SOAP_FAULT_CODE_SENDER "Sender"
#define OXS_SOAP_FAULT_DATA_ENCODNING_UNKNOWN "DataEncodingUnknown"
+
+/****************************************************************
+ Ext
+****************************************************************/
+#define OXS_ENCODING_BASE64BINARY "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
+#define OXS_VALUE_X509V3 "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
/*************************************************************************/
Added: webservices/axis2/trunk/c/rampart/include/oxs_token_key_identifier.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_token_key_identifier.h?view=auto&rev=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_token_key_identifier.h (added)
+++ webservices/axis2/trunk/c/rampart/include/oxs_token_key_identifier.h Mon Nov 27 22:37:07 2006
@@ -0,0 +1,54 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef OXS_KEY_IDENTIFIER_H
+#define OXS_KEY_IDENTIFIER_H
+
+
+/**
+ * @file oxs_token_binary_security_token.h
+ * @brief
+ */
+
+#include <axis2_defines.h>
+#include <axis2_env.h>
+#include <axiom_node.h>
+#include <axiom_element.h>
+#include <axis2_qname.h>
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/**
+* KeyIdentifier
+*/
+AXIS2_EXTERN axiom_node_t* AXIS2_CALL
+oxs_token_build_key_identifier_element(const axis2_env_t *env,
+ axiom_node_t *parent,
+ axis2_char_t* encoding_type,
+ axis2_char_t* value_type,
+ axis2_char_t* value
+ );
+
+
+/*TODO write free method*/
+/** @} */
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* OXS_KEY_IDENTIFIER_H */
Modified: webservices/axis2/trunk/c/rampart/include/oxs_x509_cert.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_x509_cert.h?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_x509_cert.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_x509_cert.h Mon Nov 27 22:37:07 2006
@@ -26,6 +26,7 @@
#include <axis2_defines.h>
#include <axis2_env.h>
#include <axiom_node.h>
+#include <openssl_pkey.h>
#ifdef __cplusplus
extern "C"
@@ -56,7 +57,7 @@
const axis2_env_t *env);
/*Getters*/
-AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+AXIS2_EXTERN int AXIS2_CALL
oxs_x509_cert_get_serial_number(oxs_x509_cert_t *x509_cert,
const axis2_env_t *env);
AXIS2_EXTERN axis2_char_t *AXIS2_CALL
@@ -80,12 +81,15 @@
AXIS2_EXTERN axis2_char_t *AXIS2_CALL
oxs_x509_cert_get_data(oxs_x509_cert_t *x509_cert,
const axis2_env_t *env);
+AXIS2_EXTERN openssl_pkey_t *AXIS2_CALL
+oxs_x509_cert_get_public_key(oxs_x509_cert_t *x509_cert,
+ const axis2_env_t *env);
/*Setters*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_x509_cert_set_serial_number(oxs_x509_cert_t *x509_cert,
const axis2_env_t *env,
- axis2_char_t *value);
+ int value);
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_x509_cert_set_issuer(oxs_x509_cert_t *x509_cert,
@@ -117,6 +121,10 @@
const axis2_env_t *env,
axis2_char_t *value);
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_x509_cert_set_public_key(oxs_x509_cert_t *x509_cert,
+ const axis2_env_t *env,
+ openssl_pkey_t *public_key);
/** @} */
#ifdef __cplusplus
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/Makefile.am
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/Makefile.am?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/Makefile.am (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/Makefile.am Mon Nov 27 22:37:07 2006
@@ -5,7 +5,7 @@
token_encrypted_data.c token_encryption_method.c token_cipher_value.c \
token_cipher_data.c token_key_name.c token_key_info.c token_binary_security_token.c \
token_reference_list.c token_data_reference.c token_encrypted_key.c iv.c xml_encryption.c encryption.c\
- utility.c asym_ctx.c x509_cert.c key_mgr.c
+ utility.c asym_ctx.c x509_cert.c key_mgr.c token_key_identifier.c
libomxmlsec_la_LIBADD = -lssl\
../../../util/src/libaxis2_util.la \
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/encryption.c?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/encryption.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/encryption.c Mon Nov 27 22:37:07 2006
@@ -27,6 +27,7 @@
#include <openssl_constants.h>
#include <openssl_rsa.h>
#include <openssl_util.h>
+#include <oxs_key_mgr.h>
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -160,28 +161,39 @@
openssl_pkey_t *pkey = NULL;
openssl_rsa_t *rsa = NULL;
oxs_asym_ctx_operation_t operation = -1;
- axis2_char_t *file_name = NULL;
axis2_status_t status = AXIS2_FAILURE;
+
/*TODO We support RSA encryption only. If any other algorithm is specified, reject*/
- /*1. Try to get the pkey from the asy_ctx*/
-
+ /*Load the key using key manager*/
+ status = oxs_key_mgr_load_key(env, ctx);
+
+
+#if 0
+ /*1. Try to get the pkey from the asy_ctx*/
+ axis2_char_t *file_name = NULL;
/*2. If not try to load the key from the dec_prop_file*/
file_name = oxs_asym_ctx_get_file_name(ctx, env);
pkey = openssl_pkey_create(env);
status = OPENSSL_PKEY_LOAD(pkey, env, file_name, "");/*TODO password*/
-
+#endif
+
/*Check for the operation and call appropriate method*/
operation = oxs_asym_ctx_get_operation(ctx, env);
rsa = openssl_rsa_create(env);
if( OXS_ASYM_CTX_OPERATION_PUB_ENCRYPT == operation ){
axis2_char_t *encoded_str = NULL;
+ oxs_x509_cert_t *x509_cert = NULL;
unsigned char *encrypted = NULL;
int enclen = -1;
int encodedlen = -1;
int ret = -1;
-
+
+ /*Operation is PUB ENCRYPT; Get the public key from the context*/
+ x509_cert = oxs_asym_ctx_get_certificate(ctx, env);
+ pkey = oxs_x509_cert_get_public_key(x509_cert, env);
+
/*Encrypt using the public key. Then base64 encode and populate the buffer */
enclen = OPENSSL_RSA_PUB_ENCRYPT(rsa, env, pkey, OXS_BUFFER_GET_DATA(input, env), &encrypted);
encodedlen = axis2_base64_encode_len(enclen);
@@ -195,6 +207,8 @@
int ret = -1;
int declen = -1;
+ /*Operation id PRV DECRYPT; Get the private key from the context*/
+ pkey = oxs_asym_ctx_get_private_key(ctx, env);
/*Base64 decode first. Then do the decryption and populate the buffer*/
decoded_encrypted_str = AXIS2_MALLOC(env->allocator, axis2_base64_decode_len((char*)OXS_BUFFER_GET_DATA(input, env)));
ret = axis2_base64_decode((char*)decoded_encrypted_str, (char*)OXS_BUFFER_GET_DATA(input, env));
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/key_mgr.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/key_mgr.c?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/key_mgr.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/key_mgr.c Mon Nov 27 22:37:07 2006
@@ -27,12 +27,14 @@
axis2_char_t *password = "1234";
axis2_status_t status = AXIS2_FAILURE;
openssl_x509_format_t format;
- openssl_pkey_t *open_pkey = NULL;
+ openssl_pkey_t *open_prvkey = NULL;
+ openssl_pkey_t *open_pubkey = NULL;
oxs_x509_cert_t *oxs_cert = NULL;
X509 *cert = NULL;
STACK_OF(X509) *ca = NULL;
- EVP_PKEY *pkey = NULL;
+ EVP_PKEY *prvkey = NULL;
+ EVP_PKEY *pubkey = NULL;
/*Get file to be loaded. Can be either in PEM or PKCS12 format*/
filename = oxs_asym_ctx_get_file_name(ctx, env);
@@ -42,40 +44,42 @@
if(OXS_ASYM_CTX_FORMAT_PEM == oxs_asym_ctx_get_format(ctx, env)){
format = OPENSSL_X509_FORMAT_PEM;
+
}else if(OXS_ASYM_CTX_FORMAT_PKCS12 == oxs_asym_ctx_get_format(ctx, env)){
format = OPENSSL_X509_FORMAT_PKCS12;
- status = openssl_x509_load_from_pkcs12(env, filename, password, &cert, &pkey, &ca);
+ status = openssl_x509_load_from_pkcs12(env, filename, password, &cert, &prvkey, &ca);
}
- /**
- * Now we have X509 and/or Pkey. If the format is PKCS12, then we have a chance to get both certificate and pkey.
- * If the format is PEM only, we might have only the pkey.
- */
- /*Alright if the pkey is available, populate the openssl_pkey*/
- if(pkey){
- open_pkey = openssl_pkey_create(env);
- OPENSSL_PKEY_POPULATE(open_pkey, env, pkey, filename, OPENSSL_PKEY_TYPE_PRIVATE_KEY);
-
+ /*Alright if the prvkey is available, populate the openssl_pkey*/
+ if(prvkey){
+ open_prvkey = openssl_pkey_create(env);
+ OPENSSL_PKEY_POPULATE(open_prvkey, env, prvkey, filename, OPENSSL_PKEY_TYPE_PRIVATE_KEY);
+ oxs_asym_ctx_set_private_key(ctx, env, open_prvkey);
}
/*If the X509 certificate is available, populate oxs_x509_cert*/
if(cert){
- axis2_char_t *serial = NULL;
- int serial_num = 0;
+ /*Create certificate*/
oxs_cert = oxs_x509_cert_create(env);
+ /*And populate it*/
oxs_x509_cert_set_data(oxs_cert, env, openssl_x509_get_cert_data(env, cert));
oxs_x509_cert_set_date(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_VALID_TO ,cert));
oxs_x509_cert_set_issuer(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_ISSUER ,cert));
oxs_x509_cert_set_subject(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_SUBJECT ,cert));
oxs_x509_cert_set_fingerprint(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_FINGER,cert));
- serial_num = openssl_x509_get_serial(env, cert);
- sprintf(serial, "%d" ,serial_num);
- oxs_x509_cert_set_serial_number(oxs_cert, env, serial);
+ oxs_x509_cert_set_serial_number(oxs_cert, env, openssl_x509_get_serial(env, cert));
/*TODO Subject hash*/
-
+ /*Additionally we need to set the public key*/
+ openssl_x509_get_pubkey(env, cert, &pubkey);
+ open_pubkey = openssl_pkey_create(env);
+ OPENSSL_PKEY_POPULATE(open_pubkey, env, pubkey, openssl_x509_get_info(env, OPENSSL_X509_INFO_FINGER,cert), OPENSSL_PKEY_TYPE_PUBLIC_KEY);
+ /*Set the public key to the x509 certificate*/
+ oxs_x509_cert_set_public_key(oxs_cert, env, open_pubkey);
+ /*Set the x509 certificate to the asym ctx*/
+ oxs_asym_ctx_set_certificate(ctx, env, oxs_cert);
}
return AXIS2_SUCCESS;
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/pkcs12.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/pkcs12.c?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/pkcs12.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/pkcs12.c Mon Nov 27 22:37:07 2006
@@ -54,12 +54,12 @@
openssl_pkcs12_parse(const axis2_env_t *env,
axis2_char_t *password ,
PKCS12 *p12,
- EVP_PKEY **pkey,
+ EVP_PKEY **prvkey,
X509 **cert,
STACK_OF(X509) **ca)
{
/*Parse the pkcs store*/
- if (!PKCS12_parse(p12, password, pkey, cert, ca)) {
+ if (!PKCS12_parse(p12, password, prvkey, cert, ca)) {
fprintf(stderr, "Error parsing PKCS#12 file\n");
ERR_print_errors_fp(stderr);
return AXIS2_FAILURE;
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/x509.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/x509.c?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/x509.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/x509.c Mon Nov 27 22:37:07 2006
@@ -83,6 +83,16 @@
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
+openssl_x509_load_from_pem(const axis2_env_t *env,
+ axis2_char_t *filename,
+ axis2_char_t *password,
+ X509 **cert)
+{
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
openssl_x509_load_from_pkcs12(const axis2_env_t *env,
axis2_char_t *filename,
axis2_char_t *password,
@@ -125,7 +135,6 @@
if(OPENSSL_X509_FORMAT_PEM == format){
/*Load from PEM*/
-
}else if(OPENSSL_X509_FORMAT_PKCS12 == format){
/*Load from PKCS12*/
EVP_PKEY *pkey = NULL;
@@ -174,6 +183,7 @@
{
axis2_char_t *serial = NULL;
int no = 0;
+ /*WARN: Do not use the serial number without converting it to the integer.*/
serial = (axis2_char_t*)i2s_ASN1_INTEGER(NULL,X509_get_serialNumber(cert));
no = atoi(serial);
@@ -218,7 +228,7 @@
}else if(OPENSSL_X509_INFO_VALID_TO == type){
ASN1_TIME_print(out, X509_get_notAfter(cert));
}else if(OPENSSL_X509_INFO_DATA_CERT == type){
- if(!PEM_write_bio_X509(out, cert)){
+ if(!PEM_write_bio_X509_AUX(out, cert)){
return NULL;
}
}else if(OPENSSL_X509_INFO_FINGER == type){
Added: webservices/axis2/trunk/c/rampart/src/omxmlsec/token_key_identifier.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/token_key_identifier.c?view=auto&rev=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/token_key_identifier.c (added)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/token_key_identifier.c Mon Nov 27 22:37:07 2006
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2003-2004 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <oxs_constants.h>
+#include <oxs_error.h>
+#include <oxs_token_key_identifier.h>
+#include <axiom_attribute.h>
+#include <axiom_element.h>
+
+
+AXIS2_EXTERN axiom_node_t* AXIS2_CALL
+oxs_token_build_key_identifier_element(const axis2_env_t *env,
+ axiom_node_t *parent,
+ axis2_char_t* encoding_type,
+ axis2_char_t* value_type,
+ axis2_char_t* value )
+{
+ axiom_node_t *ki_node = NULL;
+ axiom_element_t *ki_ele = NULL;
+ axiom_attribute_t *encoding_type_att = NULL;
+ axiom_attribute_t *value_type_att = NULL;
+ int ret;
+ axiom_namespace_t *ns_obj = NULL;
+
+ ns_obj = axiom_namespace_create(env, OXS_WSSE_NS,
+ OXS_WSSE);
+
+ ki_ele = axiom_element_create(env, parent, OXS_NODE_KEY_IDENTIFIER, ns_obj, &ki_node);
+ if (!ki_ele)
+ {
+ oxs_error(ERROR_LOCATION,
+ OXS_ERROR_ELEMENT_FAILED, "Error creating KeyIdentifier element");
+ return NULL;
+ }
+
+ encoding_type_att = axiom_attribute_create(env, OXS_ATTR_ENCODING_TYPE, encoding_type, NULL);
+ value_type_att = axiom_attribute_create(env, OXS_ATTR_VALUE_TYPE, value_type, NULL);
+
+ ret = AXIOM_ELEMENT_ADD_ATTRIBUTE(ki_ele, env, encoding_type_att, ki_node);
+ ret = AXIOM_ELEMENT_ADD_ATTRIBUTE(ki_ele, env, value_type_att, ki_node);
+
+ if (value)
+ {
+ ret = AXIOM_ELEMENT_SET_TEXT(ki_ele, env, value, ki_node);
+ }
+
+
+ return ki_node;
+
+}
+
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/x509_cert.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/x509_cert.c?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/x509_cert.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/x509_cert.c Mon Nov 27 22:37:07 2006
@@ -22,13 +22,14 @@
struct oxs_x509_cert_t
{
- axis2_char_t *serial_number;
+ int serial_number;
axis2_char_t *subject;
axis2_char_t *issuer;
axis2_char_t *fingerprint;
axis2_char_t *date;
axis2_char_t *hash;
axis2_char_t *data;
+ openssl_pkey_t *public_key;
};
AXIS2_EXTERN oxs_x509_cert_t *AXIS2_CALL
@@ -47,13 +48,14 @@
}
/* initialize properties */
- x509_cert->serial_number =NULL;
+ x509_cert->serial_number = 0;
x509_cert->subject =NULL;
x509_cert->issuer =NULL;
x509_cert->fingerprint =NULL;
x509_cert->date =NULL;
x509_cert->hash =NULL;
x509_cert->data =NULL;
+ x509_cert->public_key =NULL;
return x509_cert;
}
@@ -62,10 +64,6 @@
oxs_x509_cert_free(oxs_x509_cert_t *x509_cert,
const axis2_env_t *env)
{
- if(x509_cert->serial_number ){
- AXIS2_FREE(env->allocator, x509_cert->serial_number );
- x509_cert->serial_number =NULL;
- }
if(x509_cert->subject ){
AXIS2_FREE(env->allocator, x509_cert->subject );
x509_cert->subject =NULL;
@@ -94,7 +92,7 @@
return AXIS2_SUCCESS;
}
-AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+AXIS2_EXTERN int AXIS2_CALL
oxs_x509_cert_get_serial_number(oxs_x509_cert_t *x509_cert,
const axis2_env_t *env)
{
@@ -137,17 +135,21 @@
return x509_cert->data;
}
+AXIS2_EXTERN openssl_pkey_t *AXIS2_CALL
+oxs_x509_cert_get_public_key(oxs_x509_cert_t *x509_cert,
+ const axis2_env_t *env)
+{
+ return x509_cert->public_key;
+}
+
/*Setters*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_x509_cert_set_serial_number(oxs_x509_cert_t *x509_cert,
const axis2_env_t *env,
- axis2_char_t *value)
-{ if(x509_cert->serial_number)
- {
- AXIS2_FREE(env->allocator, x509_cert->serial_number);
- x509_cert->serial_number = NULL;
- }
- x509_cert->serial_number= (axis2_char_t *)AXIS2_STRDUP(value, env);
+ int value)
+{
+ x509_cert->serial_number= value;
+
return AXIS2_SUCCESS;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -229,3 +231,17 @@
x509_cert->data = (axis2_char_t *)AXIS2_STRDUP(value, env);
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_x509_cert_set_public_key(oxs_x509_cert_t *x509_cert,
+ const axis2_env_t *env,
+ openssl_pkey_t *public_key)
+{
+ if(x509_cert->public_key)
+ {
+ AXIS2_FREE(env->allocator, x509_cert->public_key);
+ x509_cert->public_key = NULL;
+ }
+ x509_cert->public_key = public_key;
+ return AXIS2_SUCCESS;
+}
+
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_encryption.c?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_encryption.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_encryption.c Mon Nov 27 22:37:07 2006
@@ -26,6 +26,7 @@
#include <oxs_token_cipher_data.h>
#include <oxs_token_reference_list.h>
#include <oxs_token_key_info.h>
+#include <oxs_token_key_identifier.h>
#include <oxs_constants.h>
#include <oxs_axiom.h>
#include <oxs_ctx.h>
@@ -194,14 +195,16 @@
{
axis2_char_t *algorithm = NULL;
axis2_char_t *encrypted_key_data = NULL;
+ axis2_char_t *bst_data = NULL;
oxs_buffer_t *input = NULL;
oxs_buffer_t *result = NULL;
axiom_node_t *encrypted_key_node = NULL;
axiom_node_t *enc_mtd_node = NULL;
- axiom_node_t *key_info_node = NULL;
+ axiom_node_t *kifier_node = NULL;
axiom_node_t *cd_node = NULL;
axiom_node_t *cv_node = NULL;
axis2_status_t status = AXIS2_FAILURE;
+ oxs_x509_cert_t *cert = NULL;
/*Create input buffer*/
input = oxs_buffer_create(env);
@@ -216,14 +219,19 @@
/*Get the encrypted key*/
encrypted_key_data = (axis2_char_t *)OXS_BUFFER_GET_DATA(result, env);
+ /*Get binary securty token data to be set to the KeyIdentifierNode*/
+ cert = oxs_asym_ctx_get_certificate(asym_ctx, env);
+ bst_data = oxs_x509_cert_get_data(cert, env);
+
/*Build nodes*/
encrypted_key_node = oxs_token_build_encrypted_key_element(env, parent);
algorithm = oxs_asym_ctx_get_algorithm(asym_ctx, env);
enc_mtd_node = oxs_token_build_encryption_method_element(env, encrypted_key_node, algorithm);
- key_info_node = oxs_token_build_key_info_element(env, encrypted_key_node);
+ kifier_node = oxs_token_build_key_identifier_element(env, encrypted_key_node, OXS_ENCODING_BASE64BINARY, OXS_VALUE_X509V3, bst_data);
cd_node = oxs_token_build_cipher_data_element(env, encrypted_key_node);
cv_node = oxs_token_build_cipher_value_element(env, cd_node, encrypted_key_data);
-
+
+
/*TODO SecurityTokenReference*/
oxs_token_build_data_reference_list(env, encrypted_key_node, id_list);
return AXIS2_SUCCESS;
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c?view=diff&rev=479929&r1=479928&r2=479929
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c Mon Nov 27 22:37:07 2006
@@ -68,6 +68,7 @@
axis2_char_t *certificate_file = NULL;
oxs_key_t *session_key = NULL;
oxs_asym_ctx_t *asym_ctx = NULL;
+
int i = 0;
/*Get nodes to be encrypted*/
nodes_to_encrypt = axis2_array_list_create(env, 5);
@@ -124,7 +125,7 @@
/*Encrypt the session key*/
oxs_xml_enc_encrypt_key(env, asym_ctx, sec_node,session_key, id_list);
-
+
return AXIS2_SUCCESS;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org