You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ka...@apache.org on 2007/02/23 07:08:53 UTC
svn commit: r510844 - in /webservices/axis2/trunk/c/rampart: include/
src/omxmlsec/ test/omxmlsec/
Author: kaushalye
Date: Thu Feb 22 22:08:52 2007
New Revision: 510844
URL: http://svn.apache.org/viewvc?view=rev&rev=510844
Log:
Implementig XML Signature in OMXMLSecurity
Modified:
webservices/axis2/trunk/c/rampart/include/oxs_axiom.h
webservices/axis2/trunk/c/rampart/include/oxs_constants.h
webservices/axis2/trunk/c/rampart/include/oxs_sign_ctx.h
webservices/axis2/trunk/c/rampart/include/oxs_token_transform.h
webservices/axis2/trunk/c/rampart/src/omxmlsec/axiom.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/sign_ctx.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/transforms_factory.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c
webservices/axis2/trunk/c/rampart/test/omxmlsec/test.c
Modified: webservices/axis2/trunk/c/rampart/include/oxs_axiom.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_axiom.h?view=diff&rev=510844&r1=510843&r2=510844
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_axiom.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_axiom.h Thu Feb 22 22:08:52 2007
@@ -36,7 +36,13 @@
{
#endif
-
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_axiom_add_attribute(const axis2_env_t *env,
+ axiom_node_t* node,
+ axis2_char_t* attribute_ns,
+ axis2_char_t* attribute_ns_uri,
+ axis2_char_t* attribute,
+ axis2_char_t* value);
AXIS2_EXTERN int AXIS2_CALL
oxs_axiom_get_number_of_children_with_qname(const axis2_env_t *env,
Modified: webservices/axis2/trunk/c/rampart/include/oxs_constants.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_constants.h?view=diff&rev=510844&r1=510843&r2=510844
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_constants.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_constants.h Thu Feb 22 22:08:52 2007
@@ -36,12 +36,14 @@
#define OXS_XENC "xenc"
#define OXS_DS "ds"
#define OXS_WSSE "wsse"
-
+#define OXS_WSSE_XMLNS "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+#define OXS_WSU "wsu"
/****************************************************************
ID Prefixes
****************************************************************/
#define OXS_ENCDATA_ID "EncDataID"
#define OXS_ENCKEY_ID "EncKeyID"
+#define OXS_SIG_ID "SigID"
#define OXS_CERT_ID "CertID"
#define OXS_EMBEDDED_ID "EmbeddedID"
Modified: webservices/axis2/trunk/c/rampart/include/oxs_sign_ctx.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_sign_ctx.h?view=diff&rev=510844&r1=510843&r2=510844
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_sign_ctx.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_sign_ctx.h Thu Feb 22 22:08:52 2007
@@ -34,6 +34,13 @@
extern "C"
{
#endif
+
+ /*The type of operation*/
+ typedef enum {
+ OXS_SIGN_OPERATION_NONE = 0,
+ OXS_SIGN_OPERATION_SIGN,
+ OXS_SIGN_OPERATION_VERIFY
+ } oxs_sign_operation_t;
typedef struct oxs_sign_ctx_t oxs_sign_ctx_t;
@@ -79,6 +86,11 @@
const oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env);
+AXIS2_EXTERN oxs_sign_operation_t AXIS2_CALL
+oxs_sign_ctx_get_operation(
+ const oxs_sign_ctx_t *sign_ctx,
+ const axis2_env_t *env);
+
/**********************Setter functions******************************************/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_ctx_set_sign_mtd_algo(
@@ -116,7 +128,11 @@
const axis2_env_t *env,
openssl_pkey_t *pub_key);
-
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sign_ctx_set_operation(
+ oxs_sign_ctx_t *sign_ctx,
+ const axis2_env_t *env,
+ oxs_sign_operation_t operation);
/** @} */
#ifdef __cplusplus
}
Modified: webservices/axis2/trunk/c/rampart/include/oxs_token_transform.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_token_transform.h?view=diff&rev=510844&r1=510843&r2=510844
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_token_transform.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_token_transform.h Thu Feb 22 22:08:52 2007
@@ -20,7 +20,7 @@
/**
- * @file oxs_token_c14n_method.h
+ * @file oxs_token_transform.h
* @brief
*/
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/axiom.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/axiom.c?view=diff&rev=510844&r1=510843&r2=510844
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/axiom.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/axiom.c Thu Feb 22 22:08:52 2007
@@ -29,6 +29,28 @@
#include <axiom_stax_builder.h>
#include <axiom_util.h>
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_axiom_add_attribute(const axis2_env_t *env,
+ axiom_node_t* node,
+ axis2_char_t* attribute_ns,
+ axis2_char_t* attribute_ns_uri,
+ axis2_char_t* attribute,
+ axis2_char_t* value)
+{
+ axiom_attribute_t *attr = NULL;
+ axiom_element_t *ele = NULL;
+ axis2_status_t status = AXIS2_FAILURE;
+ axiom_namespace_t *ns = NULL;
+
+ ns = axiom_namespace_create(env, attribute_ns_uri, attribute_ns);
+
+ ele = AXIOM_NODE_GET_DATA_ELEMENT(node, env);
+ attr = axiom_attribute_create(env, attribute , value, ns);
+ status = AXIOM_ELEMENT_ADD_ATTRIBUTE(ele, env, attr, node);
+
+ return status;
+}
+
AXIS2_EXTERN int AXIS2_CALL
oxs_axiom_get_number_of_children_with_qname(const axis2_env_t *env,
axiom_node_t* parent,
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/sign_ctx.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/sign_ctx.c?view=diff&rev=510844&r1=510843&r2=510844
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/sign_ctx.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/sign_ctx.c Thu Feb 22 22:08:52 2007
@@ -28,6 +28,7 @@
oxs_x509_cert_t *certificate ;
openssl_pkey_t *prv_key ;
openssl_pkey_t *pub_key ;
+ oxs_sign_operation_t operation;
};
/*Public functions*/
@@ -82,6 +83,13 @@
return sign_ctx->pub_key ;
}
+AXIS2_EXTERN oxs_sign_operation_t AXIS2_CALL
+oxs_sign_ctx_get_operation(
+ const oxs_sign_ctx_t *sign_ctx,
+ const axis2_env_t *env)
+{
+ return sign_ctx->operation;
+}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_ctx_set_certificate(
@@ -171,6 +179,17 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sign_ctx_set_operation(
+ oxs_sign_ctx_t *sign_ctx,
+ const axis2_env_t *env,
+ oxs_sign_operation_t operation
+)
+{
+ sign_ctx->operation = operation;
+ return AXIS2_SUCCESS;
+}
+
AXIS2_EXTERN oxs_sign_ctx_t *AXIS2_CALL
oxs_sign_ctx_create(const axis2_env_t *env)
{
@@ -191,7 +210,7 @@
sign_ctx->certificate = NULL;
sign_ctx->prv_key = NULL;
sign_ctx->pub_key = NULL;
-
+ sign_ctx->operation = OXS_SIGN_OPERATION_NONE;
return sign_ctx;
}
@@ -219,6 +238,7 @@
sign_ctx->certificate = NULL;
sign_ctx->prv_key = NULL;
sign_ctx->pub_key = NULL;
+ sign_ctx->operation = OXS_SIGN_OPERATION_NONE;
AXIS2_FREE(env->allocator, sign_ctx);
sign_ctx = NULL;
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/transforms_factory.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/transforms_factory.c?view=diff&rev=510844&r1=510843&r2=510844
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/transforms_factory.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/transforms_factory.c Thu Feb 22 22:08:52 2007
@@ -33,6 +33,7 @@
axis2_char_t **output)
{
axiom_document_t *doc = NULL;
+ axis2_char_t *algo = NULL;
axis2_char_t *c14nized = NULL;
oxs_tr_dtype_t output_dtype = OXS_TRANSFORM_TYPE_UNKNOWN;
@@ -40,9 +41,10 @@
oxs_error(env, ERROR_LOCATION, OXS_ERROR_TRANSFORM_FAILED,"Transform expects a NODE.");
return OXS_TRANSFORM_TYPE_UNKNOWN;
}
- doc = axiom_node_get_document((axiom_node_t*)input, env);
- oxs_c14n_apply(env, doc, AXIS2_FALSE, &c14nized, AXIS2_TRUE, NULL, (axiom_node_t*)input);
+ algo = OXS_HREF_TRANSFORM_XML_EXC_C14N;
+ oxs_c14n_apply_algo(env, doc, &c14nized, NULL, (axiom_node_t*)input, algo);
+ /*oxs_c14n_apply(env, doc, AXIS2_FALSE, &c14nized, AXIS2_TRUE, NULL, (axiom_node_t*)input);*/
*output= c14nized;
output_dtype = OXS_TRANSFORM_TYPE_CHAR;
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c?view=diff&rev=510844&r1=510843&r2=510844
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c Thu Feb 22 22:08:52 2007
@@ -22,6 +22,8 @@
#include <oxs_buffer.h>
#include <oxs_cipher.h>
#include <oxs_c14n.h>
+#include <oxs_axiom.h>
+#include <oxs_utility.h>
#include <openssl_rsa.h>
#include <openssl_digest.h>
#include <oxs_sign_ctx.h>
@@ -83,10 +85,11 @@
axiom_node_t *parent,
oxs_sign_part_t *sign_part)
{
- axis2_char_t *uri = NULL;
axis2_char_t *serialized_node = NULL;
axis2_char_t *digest = NULL;
axis2_char_t *digest_mtd = NULL;
+ axis2_char_t *ref_id = NULL;
+ axis2_char_t *id = NULL;
axis2_array_list_t *transforms = NULL;
axiom_node_t *node = NULL;
axiom_node_t *reference_node = NULL;
@@ -97,9 +100,11 @@
/*Get the node to digest*/
node = oxs_sign_part_get_node(sign_part, env);
- /*Add the reference ID to the node and hence to the ds:Reference node*/
-
- reference_node = oxs_token_build_ds_reference_element(env, parent ,NULL, uri, NULL);
+ /*Get the reference ID from the node and hence to the ds:Reference node*/
+ id = oxs_axiom_get_attribute_value_of_node_by_name(env, node, "wsu:Id");
+
+ ref_id = AXIS2_STRACAT("#", id, env);/* <ds:Reference URI="#id">*/
+ reference_node = oxs_token_build_ds_reference_element(env, parent ,NULL, ref_id, NULL);
/*Get transforms if any*/
transforms = oxs_sign_part_get_transforms(sign_part, env);
Modified: webservices/axis2/trunk/c/rampart/test/omxmlsec/test.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/test/omxmlsec/test.c?view=diff&rev=510844&r1=510843&r2=510844
==============================================================================
--- webservices/axis2/trunk/c/rampart/test/omxmlsec/test.c (original)
+++ webservices/axis2/trunk/c/rampart/test/omxmlsec/test.c Thu Feb 22 22:08:52 2007
@@ -77,19 +77,29 @@
axis2_char_t *signed_result = NULL;
axis2_status_t status = AXIS2_FAILURE;
axiom_node_t *tmpl = NULL;
+ axiom_node_t *node = NULL;
oxs_sign_part_t *sign_part = NULL;
oxs_sign_ctx_t *sign_ctx = NULL;
oxs_transform_t *tr = NULL;
axis2_array_list_t *sign_parts = NULL;
axis2_array_list_t *tr_list = NULL;
+ axis2_char_t *id = NULL;
FILE *outf;
- env = axis2_env_create_all("echo.log", AXIS2_LOG_LEVEL_TRACE);
- printf("--Testing started--------------------------------------------\n");
- if (argc > 1)
+ if (argc > 3){
filename = argv[1];
-
+ prvkeyfile = argv[2];
+ certfile = argv[3];
+ printf("Signing %s with %s. Certificate file is %s", filename, prvkeyfile, certfile);
+ }else{
+ printf("Usage ./test inputfile prvkey certificate\n");
+ return -1;
+ }
+
+ env = axis2_env_create_all("echo.log", AXIS2_LOG_LEVEL_TRACE);
+ printf("--Testing started--------------------------------------------\n");
+
tmpl = load_sample_xml(env , tmpl, filename);
if (tmpl)
@@ -110,10 +120,13 @@
/*We need C14N transform*/
tr = oxs_transforms_factory_produce_transform(env, OXS_HREF_TRANSFORM_XML_EXC_C14N);
axis2_array_list_add(tr_list, env, tr);
- /*oxs_sign_part_set_transforms(sign_part, env, tr_list);*/
+ oxs_sign_part_set_transforms(sign_part, env, tr_list);
- /*We need to sign this node*/
- status = oxs_sign_part_set_node(sign_part, env, axiom_node_get_first_element(tmpl, env));
+ /*We need to sign this node add an ID to it*/
+ node = axiom_node_get_first_element(tmpl, env);
+ id = "Sig-ID-EFG"; /*oxs_util_generate_id(env,(axis2_char_t*)OXS_SIG_ID);*/
+ oxs_axiom_add_attribute(env, node, OXS_WSU, OXS_WSSE_XMLNS, OXS_ATTR_ID, id);
+ status = oxs_sign_part_set_node(sign_part, env,node);
sign_parts = axis2_array_list_create(env, 1);
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org