You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ka...@apache.org on 2007/02/23 13:13:49 UTC
svn commit: r510921 - in /webservices/axis2/trunk/c/rampart: include/
src/omxmlsec/ src/omxmlsec/tokens/ test/omxmlsec/
Author: kaushalye
Date: Fri Feb 23 04:13:47 2007
New Revision: 510921
URL: http://svn.apache.org/viewvc?view=rev&rev=510921
Log:
Implementing the XML Signature.
Modified:
webservices/axis2/trunk/c/rampart/include/oxs_axiom.h
webservices/axis2/trunk/c/rampart/include/oxs_error.h
webservices/axis2/trunk/c/rampart/include/oxs_sign_part.h
webservices/axis2/trunk/c/rampart/include/oxs_token_ds_reference.h
webservices/axis2/trunk/c/rampart/include/oxs_xml_signature.h
webservices/axis2/trunk/c/rampart/src/omxmlsec/error.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/sign_part.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/tokens/token_ds_reference.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c
webservices/axis2/trunk/c/rampart/test/omxmlsec/test.c
Modified: webservices/axis2/trunk/c/rampart/include/oxs_axiom.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_axiom.h?view=diff&rev=510921&r1=510920&r2=510921
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_axiom.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_axiom.h Fri Feb 23 04:13:47 2007
@@ -28,6 +28,7 @@
#include <axis2_env.h>
#include <axis2_util.h>
#include <axiom_node.h>
+#include <axiom_util.h>
#include <axiom_document.h>
#include <axiom.h>
Modified: webservices/axis2/trunk/c/rampart/include/oxs_error.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_error.h?view=diff&rev=510921&r1=510920&r2=510921
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_error.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_error.h Fri Feb 23 04:13:47 2007
@@ -57,6 +57,8 @@
#define OXS_ERROR_DATA_CONV_FAILED 10
#define OXS_ERROR_OPENSSL_FUNC_FAILED 11
#define OXS_ERROR_TRANSFORM_FAILED 12
+#define OXS_ERROR_SIGN_FAILED 13
+#define OXS_ERROR_SIG_VERIFICATION_FAILED 14
typedef struct _oxs_error_description oxs_error_description, *oxs_error_description_ptr;
Modified: webservices/axis2/trunk/c/rampart/include/oxs_sign_part.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_sign_part.h?view=diff&rev=510921&r1=510920&r2=510921
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_sign_part.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_sign_part.h Fri Feb 23 04:13:47 2007
@@ -57,6 +57,11 @@
const oxs_sign_part_t *sign_part,
const axis2_env_t *env);
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_sign_part_get_digest_val(
+ const oxs_sign_part_t *sign_part,
+ const axis2_env_t *env);
+
AXIS2_EXTERN axiom_node_t *AXIS2_CALL
oxs_sign_part_get_node(
const oxs_sign_part_t *sign_part,
@@ -79,6 +84,12 @@
oxs_sign_part_t *sign_part,
const axis2_env_t *env,
axis2_char_t *digest_mtd);
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sign_part_set_digest_val(
+ oxs_sign_part_t *sign_part,
+ const axis2_env_t *env,
+ axis2_char_t *digest_val);
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_part_set_node(
Modified: webservices/axis2/trunk/c/rampart/include/oxs_token_ds_reference.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_token_ds_reference.h?view=diff&rev=510921&r1=510920&r2=510921
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_token_ds_reference.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_token_ds_reference.h Fri Feb 23 04:13:47 2007
@@ -44,6 +44,9 @@
axis2_char_t *uri,
axis2_char_t *type);
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_token_get_ds_reference(const axis2_env_t *env, axiom_node_t *ref_node);
+
/** @} */
#ifdef __cplusplus
}
Modified: webservices/axis2/trunk/c/rampart/include/oxs_xml_signature.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_xml_signature.h?view=diff&rev=510921&r1=510920&r2=510921
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_xml_signature.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_xml_signature.h Fri Feb 23 04:13:47 2007
@@ -44,14 +44,28 @@
oxs_sign_ctx_t *sign_ctx,
axiom_node_t *parent);
+
+
/**
* Verify
*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_xml_sig_verify(const axis2_env_t *env,
oxs_sign_ctx_t *sign_ctx,
- axiom_node_t *signature_node);
+ axiom_node_t *signature_node,
+ axiom_node_t *scope_node);
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_xml_sig_process_ref_node(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ axiom_node_t *ref_node,
+ axiom_node_t *scope_node);
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_xml_sig_process_signature_node(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ axiom_node_t *signature_node,
+ axiom_node_t *scope_node);
/** @} */
#ifdef __cplusplus
}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/error.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/error.c?view=diff&rev=510921&r1=510920&r2=510921
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/error.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/error.c Fri Feb 23 04:13:47 2007
@@ -35,6 +35,8 @@
{OXS_ERROR_INVALID_FORMAT , "invalid format"},
{OXS_ERROR_ELEMENT_FAILED , "element failed"},
{OXS_ERROR_TRANSFORM_FAILED , "Transformation failed"},
+ {OXS_ERROR_SIGN_FAILED , "Signing failed"},
+ {OXS_ERROR_SIG_VERIFICATION_FAILED , "Signature verification failed"},
};
AXIS2_EXTERN const char* AXIS2_CALL
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/sign_part.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/sign_part.c?view=diff&rev=510921&r1=510920&r2=510921
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/sign_part.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/sign_part.c Fri Feb 23 04:13:47 2007
@@ -24,6 +24,7 @@
{
axis2_char_t *id;
axis2_char_t *digest_mtd;
+ axis2_char_t *digest_val;
axiom_node_t *node ; /*Shallow copies*/
axis2_array_list_t *transforms; /*Shallow copies*/
};
@@ -46,6 +47,14 @@
return sign_part->digest_mtd;
}
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_sign_part_get_digest_val(
+ const oxs_sign_part_t *sign_part,
+ const axis2_env_t *env)
+{
+ return sign_part->digest_val;
+}
+
AXIS2_EXTERN axiom_node_t *AXIS2_CALL
oxs_sign_part_get_node(
const oxs_sign_part_t *sign_part,
@@ -91,6 +100,22 @@
sign_part->digest_mtd = NULL;
}
sign_part->digest_mtd = AXIS2_STRDUP(digest_mtd, env);
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sign_part_set_digest_val(
+ oxs_sign_part_t *sign_part,
+ const axis2_env_t *env,
+ axis2_char_t *digest_val)
+{
+
+ if (sign_part->digest_val)
+ {
+ AXIS2_FREE(env->allocator, sign_part->digest_val);
+ sign_part->digest_val = NULL;
+ }
+ sign_part->digest_val = AXIS2_STRDUP(digest_val, env);
return AXIS2_SUCCESS;
}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/tokens/token_ds_reference.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/tokens/token_ds_reference.c?view=diff&rev=510921&r1=510920&r2=510921
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/tokens/token_ds_reference.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/tokens/token_ds_reference.c Fri Feb 23 04:13:47 2007
@@ -67,4 +67,22 @@
return ds_reference_node;
}
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_token_get_ds_reference(const axis2_env_t *env, axiom_node_t *ref_node)
+{
+ axis2_char_t *ref = NULL;
+ axiom_element_t *reference_ele = NULL;
+
+ reference_ele = AXIOM_NODE_GET_DATA_ELEMENT(ref_node, env);
+ if (!reference_ele)
+ {
+ oxs_error(env, ERROR_LOCATION,
+ OXS_ERROR_ELEMENT_FAILED, "Error retrieving data reference element");
+ return NULL;
+ }
+
+ ref = AXIOM_ELEMENT_GET_ATTRIBUTE_VALUE_BY_NAME(reference_ele, env, OXS_ATTR_URI);
+ return ref;
+
+}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c?view=diff&rev=510921&r1=510920&r2=510921
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c Fri Feb 23 04:13:47 2007
@@ -269,10 +269,151 @@
return AXIS2_SUCCESS;
}
+/*******************************Verification specific*****************************/
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_xml_sig_process_ref_node(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ axiom_node_t *ref_node,
+ axiom_node_t *scope_node)
+{
+ axis2_char_t *ref_id = NULL;
+ axis2_char_t *child_node_name = NULL;
+ oxs_sign_part_t *sign_part = NULL;
+ axiom_node_t *reffed_node = NULL;
+ axiom_node_t *child_node = NULL;
+
+ /*Create a sign part and populate it*/
+ sign_part = oxs_sign_part_create(env);
+
+ ref_id = oxs_token_get_ds_reference(env, ref_node);
+ oxs_sign_part_set_id(sign_part, env, ref_id);
+
+ /*Find the node refered by this ref_id and set to the sign part*/
+ reffed_node = oxs_axiom_get_node_by_id(env, scope_node, "wsu:Id", ref_id );
+ if(reffed_node){
+ oxs_sign_part_set_node(sign_part, env, reffed_node);
+ }else{
+ return AXIS2_FAILURE; /*No such node. Its an error*/
+ }
+
+ /*First child is optional Transforms element*/
+ child_node = AXIOM_NODE_GET_FIRST_CHILD(ref_node, env);
+ child_node_name = axiom_util_get_localname(child_node, env);
+ if(0 == axis2_strcmp(child_node_name, OXS_NODE_TRANSFORMS)){
+ /*Transforms found*/
+ /*TODO*/
+
+ /*At the end, set the next node as the child node*/
+ child_node = AXIOM_NODE_GET_NEXT_SIBLING(child_node, env);
+ }else{
+ /*There are no transforms for this sign part*/
+ }
+ /* mandatory ds:DigestMethod*/
+ child_node_name = axiom_util_get_localname(child_node, env);
+ if(0 == axis2_strcmp(child_node_name, OXS_NODE_DIGEST_METHOD)){
+ axis2_char_t *digest_mtd = NULL;
+ /*ds:DigestMethod found*/
+ digest_mtd = oxs_token_get_digest_method(env, child_node);
+ oxs_sign_part_set_digest_mtd(sign_part, env, digest_mtd);
+
+ /*At the end, set the next node as the child node*/
+ child_node = AXIOM_NODE_GET_NEXT_SIBLING(child_node, env);
+ }else{
+ return AXIS2_FAILURE;
+ }
+
+ /* mandatory ds:DigestValue*/
+ child_node_name = axiom_util_get_localname(child_node, env);
+ if(0 == axis2_strcmp(child_node_name, OXS_NODE_DIGEST_VALUE)){
+ /*ds:DigestValue found*/
+ axis2_char_t *digest_val = NULL;
+ digest_val = oxs_token_get_digest_value(env, child_node);
+ oxs_sign_part_set_digest_val(sign_part, env, digest_val);
+ }else{
+ return AXIS2_FAILURE;
+ }
+
+ return AXIS2_SUCCESS;
+
+}
+
+ /*Process Signature Node. We need to populate
+ * 1. Sig_mtd
+ * 2. C14N Mtd
+ * 3. Sign parts
+ * 3.1. Id
+ * 3.2 Digest mtd
+ * 3.3. Transforms*/
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_xml_sig_process_signature_node(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ axiom_node_t *signature_node,
+ axiom_node_t *scope_node)
+{
+ axiom_node_t *cur_node = NULL;
+ axiom_node_t *signed_info_node = NULL;
+ axis2_status_t status = AXIS2_FAILURE;
+
+ signed_info_node = oxs_axiom_get_first_child_node_by_name(env, signature_node,
+ OXS_NODE_SIGNEDINFO, OXS_DSIG_NS, OXS_DS );
+ if(!signed_info_node){
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Cannot find <ds:SignedInfo> " );
+ return AXIS2_FAILURE;
+ }
+
+ /*Process signed info element*/
+ cur_node = AXIOM_NODE_GET_FIRST_CHILD(signed_info_node, env);
+ /*Iterate thru children of <SignedInfo>*/
+ while(cur_node){
+ axis2_char_t *localname = NULL;
+
+ localname = axiom_util_get_localname(cur_node, env);
+
+ if(0 == axis2_strcmp(localname, OXS_NODE_CANONICALIZATION_METHOD)){
+ axis2_char_t *c14n_mtd = NULL;
+ c14n_mtd = oxs_token_get_c14n_method(env, cur_node);
+ oxs_sign_ctx_set_c14n_mtd(sign_ctx, env, c14n_mtd);
+
+ }else if(0 == axis2_strcmp(localname, OXS_NODE_SIGNATURE_METHOD)){
+ axis2_char_t *sig_mtd = NULL;
+ sig_mtd = oxs_token_get_signature_method(env, cur_node);
+ oxs_sign_ctx_set_sign_mtd_algo(sign_ctx, env, sig_mtd);
+
+ }else if(0 == axis2_strcmp(localname, OXS_NODE_REFERENCE)){
+ /*There might be multiple references*/
+ status = oxs_xml_sig_process_ref_node(env, sign_ctx, cur_node, scope_node);
+ if(status == AXIS2_FAILURE){
+ return AXIS2_FAILURE;
+ }
+
+ }else{
+ printf("oxs_sig : We do not process cur node name %s", localname);
+ }
+
+ cur_node = AXIOM_NODE_GET_NEXT_SIBLING(cur_node, env);
+ }
+ return AXIS2_SUCCESS;
+}
+
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_xml_sig_verify(const axis2_env_t *env,
oxs_sign_ctx_t *sign_ctx,
- axiom_node_t *signature_node)
+ axiom_node_t *signature_node,
+ axiom_node_t *scope_node)
{
+ axis2_status_t status = AXIS2_FAILURE;
+
+ /*Set operation to verify*/
+ oxs_sign_ctx_set_operation(sign_ctx, env, OXS_SIGN_OPERATION_VERIFY);
+ /*Populate the sign_ctx by inspecting the ds:Signature node*/
+ status = oxs_xml_sig_process_signature_node(env, sign_ctx, signature_node, scope_node);
+ if(status != AXIS2_SUCCESS){
+ /*Something went wrong in the Signature node!!! :(*/
+ return AXIS2_FAILURE;
+ }
+
+ /*Verify*/
return AXIS2_SUCCESS;
}
Modified: webservices/axis2/trunk/c/rampart/test/omxmlsec/test.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/test/omxmlsec/test.c?view=diff&rev=510921&r1=510920&r2=510921
==============================================================================
--- webservices/axis2/trunk/c/rampart/test/omxmlsec/test.c (original)
+++ webservices/axis2/trunk/c/rampart/test/omxmlsec/test.c Fri Feb 23 04:13:47 2007
@@ -156,6 +156,8 @@
oxs_sign_ctx_set_c14n_mtd(sign_ctx, env, OXS_HREF_XML_EXC_C14N);
/*Set sig parts*/
oxs_sign_ctx_set_sign_parts(sign_ctx, env, sign_parts);
+ /*Set the operation*/
+ oxs_sign_ctx_set_operation(sign_ctx, env, OXS_SIGN_OPERATION_SIGN);
/*Sign*/
oxs_xml_sig_sign(env, sign_ctx, tmpl);
}else{
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org