You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by ka...@apache.org on 2007/10/24 15:54:28 UTC

svn commit: r587891 - in /webservices/rampart/trunk/c: include/openssl_util.h include/oxs_utility.h src/omxmlsec/openssl/util.c src/omxmlsec/utility.c src/util/rampart_encryption.c src/util/rampart_util.c

Author: kaushalye
Date: Wed Oct 24 06:54:25 2007
New Revision: 587891

URL: http://svn.apache.org/viewvc?rev=587891&view=rev
Log:
Moving nonce generation to the OMXMLSecurity level. (Reason: We need to use nonce in derrived keys)
Checking the token type for the derrived keys


Modified:
    webservices/rampart/trunk/c/include/openssl_util.h
    webservices/rampart/trunk/c/include/oxs_utility.h
    webservices/rampart/trunk/c/src/omxmlsec/openssl/util.c
    webservices/rampart/trunk/c/src/omxmlsec/utility.c
    webservices/rampart/trunk/c/src/util/rampart_encryption.c
    webservices/rampart/trunk/c/src/util/rampart_util.c

Modified: webservices/rampart/trunk/c/include/openssl_util.h
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/openssl_util.h?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/openssl_util.h (original)
+++ webservices/rampart/trunk/c/include/openssl_util.h Wed Oct 24 06:54:25 2007
@@ -36,7 +36,7 @@
 
     /*Generate a random sgtring.*/
     AXIS2_EXTERN axis2_status_t AXIS2_CALL
-    generate_random_data(const axutil_env_t *env, oxs_buffer_t *buffer, int size);
+    openssl_generate_random_data(const axutil_env_t *env, oxs_buffer_t *buffer, int size);
 
     /*Get the cipher property for a given cipher name
       @see openssl_cipher_property.h*/

Modified: webservices/rampart/trunk/c/include/oxs_utility.h
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/oxs_utility.h?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/oxs_utility.h (original)
+++ webservices/rampart/trunk/c/include/oxs_utility.h Wed Oct 24 06:54:25 2007
@@ -37,6 +37,15 @@
 extern "C"
 {
 #endif
+    
+    /**
+     * Generate a nonce or a random text for a given length
+     * @param env pointer to environment struct
+     * @param length the length of the nonce 
+     * @return the generated nonce
+     **/
+    AXIS2_EXTERN axis2_char_t* AXIS2_CALL
+    oxs_util_generate_nonce(const axutil_env_t *env, int length);
 
     /**
      * Generates an id for an element.

Modified: webservices/rampart/trunk/c/src/omxmlsec/openssl/util.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/openssl/util.c?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/openssl/util.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/openssl/util.c Wed Oct 24 06:54:25 2007
@@ -27,7 +27,7 @@
 
 
 AXIS2_EXTERN axis2_status_t AXIS2_CALL
-generate_random_data(const axutil_env_t *env, oxs_buffer_t *buffer, int size)
+openssl_generate_random_data(const axutil_env_t *env, oxs_buffer_t *buffer, int size)
 {
     axis2_status_t status =  AXIS2_FAILURE;
     int ret;

Modified: webservices/rampart/trunk/c/src/omxmlsec/utility.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/utility.c?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/utility.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/utility.c Wed Oct 24 06:54:25 2007
@@ -19,7 +19,29 @@
 #include <axis2_util.h>
 #include <oxs_utility.h>
 #include <oxs_error.h>
+#include <oxs_buffer.h>
 #include <oxs_asym_ctx.h>
+#include <openssl_util.h>
+
+AXIS2_EXTERN axis2_char_t* AXIS2_CALL
+oxs_util_generate_nonce(const axutil_env_t *env, int length)
+{
+    oxs_buffer_t *buffer = NULL;
+    axis2_status_t status = AXIS2_FAILURE;
+    char *rand_str = NULL;
+    axis2_char_t* encoded_str = NULL;
+
+    buffer = oxs_buffer_create(env);
+    status = openssl_generate_random_data(env, buffer, length);
+    rand_str = (char*)oxs_buffer_get_data(buffer, env);
+    encoded_str = AXIS2_MALLOC(env->allocator, sizeof(char) * (axutil_base64_encode_len(length)+1));
+    axutil_base64_encode(encoded_str, rand_str, oxs_buffer_get_size(buffer, env));
+    oxs_buffer_free(buffer, env);
+
+    return encoded_str;
+}
+
+
 
 /* Generates an id for an element.
  * Specially used in xml encryption and signature references.

Modified: webservices/rampart/trunk/c/src/util/rampart_encryption.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_encryption.c?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_encryption.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_encryption.c Wed Oct 24 06:54:25 2007
@@ -224,6 +224,8 @@
     axis2_char_t *asym_key_id = NULL;
     axiom_node_t *encrypted_key_node = NULL;
     axis2_bool_t use_derived_keys = AXIS2_TRUE;
+    axis2_bool_t server_side = AXIS2_FALSE;
+    rp_property_t *token = NULL;
     int i = 0;
     int j = 0;
 
@@ -274,8 +276,10 @@
         2. Encrypt using that key       
      */
    
-    /*TODO: We need to take the decision whether to use derived keys or not*/
-    /*use_derived_keys = rampart_context_check_is_derived_keys (env, token??);*/
+    /*We need to take the decision whether to use derived keys or not*/
+    server_side = axis2_msg_ctx_get_server_side(msg_ctx, env);
+    token = rampart_context_get_token(rampart_context, env, AXIS2_TRUE, server_side, AXIS2_FALSE);
+    use_derived_keys = rampart_context_check_is_derived_keys (env, token);
 
     /*Repeat until all encryption parts are encrypted*/
     for(i=0 ; i < axutil_array_list_size(nodes_to_encrypt, env); i++)

Modified: webservices/rampart/trunk/c/src/util/rampart_util.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_util.c?rev=587891&r1=587890&r2=587891&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_util.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_util.c Wed Oct 24 06:54:25 2007
@@ -24,13 +24,13 @@
 #include <axutil_base64.h>
 #include <axutil_property.h>
 #include <time.h>
-#include <oxs_buffer.h>
-#include <openssl_util.h>
 #include <axis2_msg_ctx.h>
 #include <rampart_constants.h>
 #include <rampart_callback.h>
 #include <rampart_credentials.h>
 #include <rampart_replay_detector.h>
+#include <oxs_buffer.h>
+#include <oxs_utility.h>
 
 /*Calculate the hash of concatenated string of
  * nonce, created and the password.
@@ -214,7 +214,7 @@
 AXIS2_EXTERN axis2_char_t* AXIS2_CALL
 rampart_generate_nonce(const axutil_env_t *env, int length)
 {
-    oxs_buffer_t *buffer = NULL;
+    /*oxs_buffer_t *buffer = NULL;
     axis2_status_t status = AXIS2_FAILURE;
     char *rand_str = NULL;
     axis2_char_t* encoded_str = NULL;
@@ -225,8 +225,8 @@
     encoded_str = AXIS2_MALLOC(env->allocator, sizeof(char) * (axutil_base64_encode_len(length)+1));
     axutil_base64_encode(encoded_str, rand_str, oxs_buffer_get_size(buffer, env));
     oxs_buffer_free(buffer, env);
-
-    return encoded_str;
+    */
+    return oxs_util_generate_nonce(env, length);
 }