You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by ka...@apache.org on 2007/10/15 08:27:33 UTC

svn commit: r584690 - in /webservices/rampart/trunk/c/src: omxmlsec/xml_encryption.c util/rampart_encryption.c

Author: kaushalye
Date: Sun Oct 14 23:27:32 2007
New Revision: 584690

URL: http://svn.apache.org/viewvc?rev=584690&view=rev
Log:
EncryptedKey for derived key encryption has the Id refered by the DerivedKeyToken
Building Reference List for the parts encrypted using derived keys

Modified:
    webservices/rampart/trunk/c/src/omxmlsec/xml_encryption.c
    webservices/rampart/trunk/c/src/util/rampart_encryption.c

Modified: webservices/rampart/trunk/c/src/omxmlsec/xml_encryption.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/xml_encryption.c?rev=584690&r1=584689&r2=584690&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/xml_encryption.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/xml_encryption.c Sun Oct 14 23:27:32 2007
@@ -492,9 +492,9 @@
         status = oxs_xml_enc_populate_stref_with_bst(env, asym_ctx, stref_node, parent);
     }else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_KEY_IDENTIFIER)){
         status = oxs_xml_enc_populate_stref_with_key_identifier(env, asym_ctx, stref_node);
+    }else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_THUMB_PRINT)){
+        /*TODO: Need to support Thumbprint Ref*/
     }
-
-
     cd_node = oxs_token_build_cipher_data_element(env, encrypted_key_node);
     cv_node = oxs_token_build_cipher_value_element(env, cd_node,  encrypted_key_data);
     /*If and only if the id_list the present, we create the reference list*/

Modified: webservices/rampart/trunk/c/src/util/rampart_encryption.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_encryption.c?rev=584690&r1=584689&r2=584690&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_encryption.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_encryption.c Sun Oct 14 23:27:32 2007
@@ -219,6 +219,8 @@
     axutil_array_list_t *id_list = NULL;
     axutil_array_list_t *dk_list = NULL;
     axis2_char_t *enc_sym_algo = NULL;
+    axis2_char_t *asym_key_id = NULL;
+    axiom_node_t *encrypted_key_node = NULL;
     int i = 0;
     int j = 0;
 
@@ -327,12 +329,31 @@
     nodes_to_encrypt = NULL;
 
     /* Encrypt the session key using the Public Key of the recipient*/
-    status = rampart_enc_encrypt_session_key(env, session_key, msg_ctx, rampart_context, soap_envelope, sec_node, id_list );
+    /* Note: Here we do not send the id_list to create a ReferenceList inside the encrypted key. Instead we create the 
+     *       ReferenceList as a child of Security element */
+    status = rampart_enc_encrypt_session_key(env, session_key, msg_ctx, rampart_context, soap_envelope, sec_node, NULL );
     if(AXIS2_FAILURE == status){
         AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
                                 "[rampart][rampart_encryption] Cannot encrypt the session key " );
         return AXIS2_FAILURE;
     }
+
+    /*Get the asym key Id*/
+    encrypted_key_node = oxs_axiom_get_node_by_local_name(
+                             env, sec_node,  OXS_NODE_ENCRYPTED_KEY);
+    if(!encrypted_key_node)
+    {
+        AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+                        "[rampart][rampart_encryption]Encrypting signature, EncryptedKey Not found");
+        return AXIS2_FAILURE;
+    }
+    asym_key_id = oxs_util_generate_id(env, (axis2_char_t*)OXS_ENCKEY_ID);
+    if(asym_key_id)
+    {
+        oxs_axiom_add_attribute(env, encrypted_key_node, NULL,
+                                NULL, OXS_ATTR_ID, asym_key_id);
+    }
+  
     /*Add used <wsc:DerivedKeyToken> elements to the header*/
     for(j=0 ; j < axutil_array_list_size(dk_list, env); j++){
         oxs_key_t *dk = NULL;
@@ -341,9 +362,13 @@
         
         /*TODO build the <wsc:DerivedKeyToken> element*/
         if(dk){
-            oxs_derivation_build_derived_key_token(env, dk, sec_node, OXS_WSS_11_VALUE_TYPE_ENCRYPTED_KEY, "fake_key_id");
+            oxs_derivation_build_derived_key_token(env, dk, sec_node, OXS_WSS_11_VALUE_TYPE_ENCRYPTED_KEY, asym_key_id);
         }
     }/*End of For loop of dk_list iteration*/
+
+    /*Add ReferenceList element to the Security header*/
+    status = oxs_token_build_data_reference_list(env, sec_node, id_list);
+
     return status;
 }