You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ka...@apache.org on 2007/02/16 09:10:36 UTC

svn commit: r508340 - in /webservices/axis2/trunk/c/rampart: include/oxs_key_mgr.h src/omxmlsec/key_mgr.c

Author: kaushalye
Date: Fri Feb 16 00:10:36 2007
New Revision: 508340

URL: http://svn.apache.org/viewvc?view=rev&rev=508340
Log:
Function for Key Manage in OMXMLSec to load certificates from a PEM buffer.

Modified:
    webservices/axis2/trunk/c/rampart/include/oxs_key_mgr.h
    webservices/axis2/trunk/c/rampart/src/omxmlsec/key_mgr.c

Modified: webservices/axis2/trunk/c/rampart/include/oxs_key_mgr.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_key_mgr.h?view=diff&rev=508340&r1=508339&r2=508340
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_key_mgr.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_key_mgr.h Fri Feb 16 00:10:36 2007
@@ -53,13 +53,21 @@
 
 AXIS2_EXTERN openssl_pkey_t* AXIS2_CALL
 oxs_key_mgr_load_private_key_from_string(const axis2_env_t *env,
-    axis2_char_t *string_buffer, /*in PEM format*/
+    axis2_char_t *pem_buf, /*in PEM format*/
     axis2_char_t *password);
 
 AXIS2_EXTERN openssl_pkey_t* AXIS2_CALL
 oxs_key_mgr_load_private_key_from_file(const axis2_env_t *env,
     axis2_char_t *file_name,
     axis2_char_t *password);
+
+AXIS2_EXTERN oxs_x509_cert_t* AXIS2_CALL
+oxs_key_mgr_load_x509_cert_from_pem_file(const axis2_env_t *env,
+    axis2_char_t *filename);
+
+AXIS2_EXTERN oxs_x509_cert_t* AXIS2_CALL
+oxs_key_mgr_load_x509_cert_from_buf(const axis2_env_t *env,
+    axis2_char_t *pem_buf);
 /** @} */
 #ifdef __cplusplus
 }

Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/key_mgr.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/key_mgr.c?view=diff&rev=508340&r1=508339&r2=508340
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/key_mgr.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/key_mgr.c Fri Feb 16 00:10:36 2007
@@ -76,7 +76,7 @@
             status = openssl_x509_load_from_pem(env, filename,  &cert);
 
             if((status == AXIS2_FAILURE) || (!cert)){/*>>*/
-                /*If we cannot get the certificate then the file might contain aither a public key or a private key*/
+                /*If we cannot get the certificate then the file might contain either a public key or a private key*/
                 /*The type depends on the operation*/
                 operation = oxs_asym_ctx_get_operation(ctx, env);
 
@@ -158,7 +158,7 @@
 
 AXIS2_EXTERN openssl_pkey_t* AXIS2_CALL
 oxs_key_mgr_load_private_key_from_string(const axis2_env_t *env, 
-    axis2_char_t *string_buffer, /*in PEM format*/
+    axis2_char_t *pem_buf, /*in PEM format*/
     axis2_char_t *password)
 {
     openssl_pkey_t *open_prvkey = NULL;
@@ -166,7 +166,7 @@
     EVP_PKEY *prvkey = NULL;
  
     /*load private key from buf*/
-    status = openssl_pem_buf_read_pkey(env, string_buffer, password, OPENSSL_PEM_PKEY_TYPE_PRIVATE_KEY, &prvkey); 
+    status = openssl_pem_buf_read_pkey(env, pem_buf, password, OPENSSL_PEM_PKEY_TYPE_PRIVATE_KEY, &prvkey); 
     /*Populate*/
     if(prvkey){
         open_prvkey = openssl_pkey_create(env);
@@ -201,3 +201,81 @@
     return open_prvkey;
 }
 
+/*Private function to convert X509* -> oxs_x509_cert_t* */
+static oxs_x509_cert_t*
+oxs_key_mgr_convert_to_x509(const axis2_env_t *env,
+    X509 *cert)
+{
+    oxs_x509_cert_t *oxs_cert = NULL;
+        
+    if(cert){
+        EVP_PKEY *pubkey = NULL;
+        openssl_pkey_t *open_pubkey = NULL;
+
+        oxs_cert = oxs_x509_cert_create(env);
+
+        oxs_x509_cert_set_data(oxs_cert, env, openssl_x509_get_cert_data(env, cert));
+        oxs_x509_cert_set_date(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_VALID_TO ,cert));
+        oxs_x509_cert_set_issuer(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_ISSUER ,cert));
+        oxs_x509_cert_set_subject(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_SUBJECT ,cert));
+        oxs_x509_cert_set_fingerprint(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_FINGER,cert));
+        oxs_x509_cert_set_serial_number(oxs_cert, env, openssl_x509_get_serial(env, cert));
+        oxs_x509_cert_set_key_identifier(oxs_cert, env, openssl_x509_get_subject_key_identifier(env, cert));
+
+        /*Additionally we need to set the public key*/
+        openssl_x509_get_pubkey(env, cert, &pubkey);
+        open_pubkey = openssl_pkey_create(env);
+        OPENSSL_PKEY_POPULATE(open_pubkey, env, pubkey, openssl_x509_get_info(env, OPENSSL_X509_INFO_FINGER,cert), OPENSSL_PKEY_TYPE_PUBLIC_KEY);
+        /*Set the public key to the x509 certificate*/
+        oxs_x509_cert_set_public_key(oxs_cert, env, open_pubkey);
+    }
+
+    return oxs_cert;
+}
+
+AXIS2_EXTERN oxs_x509_cert_t* AXIS2_CALL
+oxs_key_mgr_load_x509_cert_from_pem_file(const axis2_env_t *env,
+    axis2_char_t *filename)
+{
+    X509 *cert = NULL;
+    oxs_x509_cert_t *oxs_cert = NULL;
+    openssl_x509_load_from_pem(env, filename,  &cert);
+
+    oxs_cert = oxs_key_mgr_convert_to_x509(env, cert);
+
+    return oxs_cert;
+}
+
+AXIS2_EXTERN oxs_x509_cert_t* AXIS2_CALL
+oxs_key_mgr_load_x509_cert_from_buf(const axis2_env_t *env,
+    axis2_char_t *pem_buf)
+{
+    X509 *cert = NULL;
+    oxs_x509_cert_t *oxs_cert = NULL;
+    openssl_x509_load_from_buffer(env, pem_buf, &cert);
+  
+    if(cert){
+        EVP_PKEY *pubkey = NULL;
+        openssl_pkey_t *open_pubkey = NULL;
+
+        oxs_cert = oxs_x509_cert_create(env);
+
+        oxs_x509_cert_set_data(oxs_cert, env, openssl_x509_get_cert_data(env, cert));
+        oxs_x509_cert_set_date(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_VALID_TO ,cert));
+        oxs_x509_cert_set_issuer(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_ISSUER ,cert));
+        oxs_x509_cert_set_subject(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_SUBJECT ,cert));
+        oxs_x509_cert_set_fingerprint(oxs_cert, env, openssl_x509_get_info(env, OPENSSL_X509_INFO_FINGER,cert));
+        oxs_x509_cert_set_serial_number(oxs_cert, env, openssl_x509_get_serial(env, cert));
+        oxs_x509_cert_set_key_identifier(oxs_cert, env, openssl_x509_get_subject_key_identifier(env, cert));
+
+        /*Additionally we need to set the public key*/
+        openssl_x509_get_pubkey(env, cert, &pubkey);
+        open_pubkey = openssl_pkey_create(env);
+        OPENSSL_PKEY_POPULATE(open_pubkey, env, pubkey, openssl_x509_get_info(env, OPENSSL_X509_INFO_FINGER,cert), OPENSSL_PKEY_TYPE_PUBLIC_KEY);
+        /*Set the public key to the x509 certificate*/
+        oxs_x509_cert_set_public_key(oxs_cert, env, open_pubkey);
+    }
+
+    return oxs_cert; 
+
+}



---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org