You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by ka...@apache.org on 2007/10/24 15:54:28 UTC
svn commit: r587891 - in /webservices/rampart/trunk/c:
include/openssl_util.h include/oxs_utility.h src/omxmlsec/openssl/util.c
src/omxmlsec/utility.c src/util/rampart_encryption.c src/util/rampart_util.c
Author: kaushalye
Date: Wed Oct 24 06:54:25 2007
New Revision: 587891
URL: http://svn.apache.org/viewvc?rev=587891&view=rev
Log:
Moving nonce generation to the OMXMLSecurity level. (Reason: We need to use nonce in derrived keys)
Checking the token type for the derrived keys
Modified:
webservices/rampart/trunk/c/include/openssl_util.h
webservices/rampart/trunk/c/include/oxs_utility.h
webservices/rampart/trunk/c/src/omxmlsec/openssl/util.c
webservices/rampart/trunk/c/src/omxmlsec/utility.c
webservices/rampart/trunk/c/src/util/rampart_encryption.c
webservices/rampart/trunk/c/src/util/rampart_util.c
Modified: webservices/rampart/trunk/c/include/openssl_util.h
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/openssl_util.h?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/openssl_util.h (original)
+++ webservices/rampart/trunk/c/include/openssl_util.h Wed Oct 24 06:54:25 2007
@@ -36,7 +36,7 @@
/*Generate a random sgtring.*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
- generate_random_data(const axutil_env_t *env, oxs_buffer_t *buffer, int size);
+ openssl_generate_random_data(const axutil_env_t *env, oxs_buffer_t *buffer, int size);
/*Get the cipher property for a given cipher name
@see openssl_cipher_property.h*/
Modified: webservices/rampart/trunk/c/include/oxs_utility.h
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/oxs_utility.h?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/oxs_utility.h (original)
+++ webservices/rampart/trunk/c/include/oxs_utility.h Wed Oct 24 06:54:25 2007
@@ -37,6 +37,15 @@
extern "C"
{
#endif
+
+ /**
+ * Generate a nonce or a random text for a given length
+ * @param env pointer to environment struct
+ * @param length the length of the nonce
+ * @return the generated nonce
+ **/
+ AXIS2_EXTERN axis2_char_t* AXIS2_CALL
+ oxs_util_generate_nonce(const axutil_env_t *env, int length);
/**
* Generates an id for an element.
Modified: webservices/rampart/trunk/c/src/omxmlsec/openssl/util.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/openssl/util.c?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/openssl/util.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/openssl/util.c Wed Oct 24 06:54:25 2007
@@ -27,7 +27,7 @@
AXIS2_EXTERN axis2_status_t AXIS2_CALL
-generate_random_data(const axutil_env_t *env, oxs_buffer_t *buffer, int size)
+openssl_generate_random_data(const axutil_env_t *env, oxs_buffer_t *buffer, int size)
{
axis2_status_t status = AXIS2_FAILURE;
int ret;
Modified: webservices/rampart/trunk/c/src/omxmlsec/utility.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/utility.c?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/utility.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/utility.c Wed Oct 24 06:54:25 2007
@@ -19,7 +19,29 @@
#include <axis2_util.h>
#include <oxs_utility.h>
#include <oxs_error.h>
+#include <oxs_buffer.h>
#include <oxs_asym_ctx.h>
+#include <openssl_util.h>
+
+AXIS2_EXTERN axis2_char_t* AXIS2_CALL
+oxs_util_generate_nonce(const axutil_env_t *env, int length)
+{
+ oxs_buffer_t *buffer = NULL;
+ axis2_status_t status = AXIS2_FAILURE;
+ char *rand_str = NULL;
+ axis2_char_t* encoded_str = NULL;
+
+ buffer = oxs_buffer_create(env);
+ status = openssl_generate_random_data(env, buffer, length);
+ rand_str = (char*)oxs_buffer_get_data(buffer, env);
+ encoded_str = AXIS2_MALLOC(env->allocator, sizeof(char) * (axutil_base64_encode_len(length)+1));
+ axutil_base64_encode(encoded_str, rand_str, oxs_buffer_get_size(buffer, env));
+ oxs_buffer_free(buffer, env);
+
+ return encoded_str;
+}
+
+
/* Generates an id for an element.
* Specially used in xml encryption and signature references.
Modified: webservices/rampart/trunk/c/src/util/rampart_encryption.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_encryption.c?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_encryption.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_encryption.c Wed Oct 24 06:54:25 2007
@@ -224,6 +224,8 @@
axis2_char_t *asym_key_id = NULL;
axiom_node_t *encrypted_key_node = NULL;
axis2_bool_t use_derived_keys = AXIS2_TRUE;
+ axis2_bool_t server_side = AXIS2_FALSE;
+ rp_property_t *token = NULL;
int i = 0;
int j = 0;
@@ -274,8 +276,10 @@
2. Encrypt using that key
*/
- /*TODO: We need to take the decision whether to use derived keys or not*/
- /*use_derived_keys = rampart_context_check_is_derived_keys (env, token??);*/
+ /*We need to take the decision whether to use derived keys or not*/
+ server_side = axis2_msg_ctx_get_server_side(msg_ctx, env);
+ token = rampart_context_get_token(rampart_context, env, AXIS2_TRUE, server_side, AXIS2_FALSE);
+ use_derived_keys = rampart_context_check_is_derived_keys (env, token);
/*Repeat until all encryption parts are encrypted*/
for(i=0 ; i < axutil_array_list_size(nodes_to_encrypt, env); i++)
Modified: webservices/rampart/trunk/c/src/util/rampart_util.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_util.c?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_util.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_util.c Wed Oct 24 06:54:25 2007
@@ -24,13 +24,13 @@
#include <axutil_base64.h>
#include <axutil_property.h>
#include <time.h>
-#include <oxs_buffer.h>
-#include <openssl_util.h>
#include <axis2_msg_ctx.h>
#include <rampart_constants.h>
#include <rampart_callback.h>
#include <rampart_credentials.h>
#include <rampart_replay_detector.h>
+#include <oxs_buffer.h>
+#include <oxs_utility.h>
/*Calculate the hash of concatenated string of
* nonce, created and the password.
@@ -214,7 +214,7 @@
AXIS2_EXTERN axis2_char_t* AXIS2_CALL
rampart_generate_nonce(const axutil_env_t *env, int length)
{
- oxs_buffer_t *buffer = NULL;
+ /*oxs_buffer_t *buffer = NULL;
axis2_status_t status = AXIS2_FAILURE;
char *rand_str = NULL;
axis2_char_t* encoded_str = NULL;
@@ -225,8 +225,8 @@
encoded_str = AXIS2_MALLOC(env->allocator, sizeof(char) * (axutil_base64_encode_len(length)+1));
axutil_base64_encode(encoded_str, rand_str, oxs_buffer_get_size(buffer, env));
oxs_buffer_free(buffer, env);
-
- return encoded_str;
+ */
+ return oxs_util_generate_nonce(env, length);
}