You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ka...@apache.org on 2006/12/07 11:52:48 UTC
svn commit: r483414 - in /webservices/axis2/trunk/c/rampart:
include/rampart_constants.h src/omxmlsec/buffer.c src/omxmlsec/encryption.c
src/omxmlsec/tokens/token_encryption_method.c src/omxmlsec/xml_encryption.c
src/util/rampart_sec_header_processor.c
Author: kaushalye
Date: Thu Dec 7 02:52:47 2006
New Revision: 483414
URL: http://svn.apache.org/viewvc?view=rev&rev=483414
Log:
This commit includes
1. Fault handling in EncryptedKey and EncryptedData element processing
2. Removing AXIS2_REALLOC form the buffer. (JIRA AXIS2C-441)
Modified:
webservices/axis2/trunk/c/rampart/include/rampart_constants.h
webservices/axis2/trunk/c/rampart/src/omxmlsec/buffer.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/encryption.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/tokens/token_encryption_method.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_encryption.c
webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c
Modified: webservices/axis2/trunk/c/rampart/include/rampart_constants.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/rampart_constants.h?view=diff&rev=483414&r1=483413&r2=483414
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/rampart_constants.h (original)
+++ webservices/axis2/trunk/c/rampart/include/rampart_constants.h Thu Dec 7 02:52:47 2006
@@ -123,6 +123,8 @@
/***********fault related strings*********/
#define RAMPART_FAULT_IN_TIMESTAMP "wsse:Timestamp"
#define RAMPART_FAULT_IN_USERNAMETOKEN "wsse:UsernameToken"
+#define RAMPART_FAULT_IN_ENCRYPTED_KEY "xenc:EncryptedKey"
+#define RAMPART_FAULT_IN_ENCRYPTED_DATA "xenc:EncryptedData"
/*Dynamically set values*/
#define RAMPART_ACTION_PASSWORD "password"
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/buffer.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/buffer.c?view=diff&rev=483414&r1=483413&r2=483414
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/buffer.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/buffer.c Thu Dec 7 02:52:47 2006
@@ -511,7 +511,17 @@
/*If there are data already then use realloc instead of malloc*/
if (buffer_impl->data)
{
+#if 0
new_data = (unsigned char*)AXIS2_REALLOC(env->allocator, buffer_impl->data, new_size);
+#else
+
+ /*Assign extra amnt of memory*/
+ new_data = (unsigned char*)AXIS2_MALLOC(env->allocator, new_size + buffer_impl->max_size);
+
+ /*Copy to newdata*/
+ new_data = memcpy(new_data, buffer_impl->data, buffer_impl->size);
+
+#endif
}
else
{
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/encryption.c?view=diff&rev=483414&r1=483413&r2=483414
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/encryption.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/encryption.c Thu Dec 7 02:52:47 2006
@@ -44,7 +44,11 @@
/*Get cipher property*/
cprop = oxs_get_cipher_property_for_url(env, OXS_CTX_GET_ENC_MTD_ALGORITHM(enc_ctx, env));
-
+ if(!cprop){
+ oxs_error(ERROR_LOCATION, OXS_ERROR_INVALID_DATA,
+ "Cipher property is NULL");
+ return AXIS2_FAILURE;
+ }
/*Get the IV*/
iv = AXIS2_STRNDUP((axis2_char_t*)oxs_iv_generate_for_algo(
env,
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/tokens/token_encryption_method.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/tokens/token_encryption_method.c?view=diff&rev=483414&r1=483413&r2=483414
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/tokens/token_encryption_method.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/tokens/token_encryption_method.c Thu Dec 7 02:52:47 2006
@@ -66,6 +66,10 @@
axis2_char_t *enc_mtd = NULL;
axiom_element_t *enc_mtd_ele = NULL;
+ if(!enc_mtd_node){
+ return NULL;
+ }
+
enc_mtd_ele = AXIOM_NODE_GET_DATA_ELEMENT(enc_mtd_node, env);
if (!enc_mtd_ele)
{
@@ -75,6 +79,9 @@
}
enc_mtd = AXIOM_ELEMENT_GET_ATTRIBUTE_VALUE_BY_NAME(enc_mtd_ele, env, OXS_ATTR_ALGORITHM);
+ if((!enc_mtd) ||(0 == AXIS2_STRCMP("", enc_mtd))){
+ return NULL;
+ }
return enc_mtd;
}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_encryption.c?view=diff&rev=483414&r1=483413&r2=483414
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_encryption.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_encryption.c Thu Dec 7 02:52:47 2006
@@ -313,12 +313,18 @@
axiom_node_t *parent_of_enc_node = NULL;
oxs_buffer_t *result_buf = NULL;
axis2_char_t *decrypted_data = NULL;/*Can be either am XML-Element or XML-Content*/
+ axis2_status_t status = AXIS2_FAILURE;
/*Create an empty buffer for results*/
result_buf = oxs_buffer_create(env);
/*Decrypt*/
- oxs_xml_enc_decrypt_data(env, enc_ctx, enc_type_node, result_buf);
+ status = oxs_xml_enc_decrypt_data(env, enc_ctx, enc_type_node, result_buf);
+ if(AXIS2_FAILURE == status){
+ oxs_error(ERROR_LOCATION, OXS_ERROR_DEFAULT,
+ "Data encryption failed");
+ return AXIS2_FAILURE;
+ }
decrypted_data = (axis2_char_t *)OXS_BUFFER_GET_DATA(result_buf, env);
/*De-serialize the decrypted content to build the node*/
deserialized_node = (axiom_node_t*)oxs_axiom_deserialize_node(env, decrypted_data);
@@ -355,7 +361,9 @@
/*Get the symmetric encryption algorithm*/
enc_mtd_node = oxs_axiom_get_first_child_node_by_name(env, enc_type_node, OXS_NODE_ENCRYPTION_METHOD, NULL, NULL);
sym_algo = oxs_token_get_encryption_method(env, enc_mtd_node);
-
+ if(!sym_algo){
+ return AXIS2_FAILURE;
+ }
/*Get ID, Type, MimeType attributes from the EncryptedDataNode*/
id = oxs_axiom_get_attribute_value_of_node_by_name(env, enc_type_node, OXS_ATTR_ID);
type = oxs_axiom_get_attribute_value_of_node_by_name(env, enc_type_node, OXS_ATTR_TYPE);
@@ -470,11 +478,16 @@
/*Get encryption method algorithm*/
enc_mtd_node = oxs_axiom_get_first_child_node_by_name(env, encrypted_key_node, OXS_NODE_ENCRYPTION_METHOD, NULL, NULL);
enc_mtd_algo = oxs_token_get_encryption_method(env, enc_mtd_node);
-
+ if(!enc_mtd_algo){
+ return AXIS2_FAILURE;
+ }
/*Get cipher data*/
cd_node = oxs_axiom_get_first_child_node_by_name(env, encrypted_key_node, OXS_NODE_CIPHER_DATA, NULL, NULL);
cipher_val = oxs_token_get_cipher_value_from_cipher_data(env, cd_node);
-
+ if(!cipher_val){
+ return AXIS2_FAILURE;
+ }
+
/*Get key used to encrypt*/
key_info_node = oxs_axiom_get_first_child_node_by_name(env, encrypted_key_node, OXS_NODE_KEY_INFO, NULL, NULL);
status = oxs_xml_enc_process_key_info(env, asym_ctx, key_info_node, parent);
@@ -492,6 +505,9 @@
/*Call decryption*/
status = oxs_encryption_asymmetric_crypt(env, asym_ctx, input_buf, result_buf);
+ if(AXIS2_FAILURE == status){
+ return AXIS2_FAILURE;
+ }
/*Populate the key with the data in the result buffer*/
OXS_KEY_POPULATE(key, env,
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c?view=diff&rev=483414&r1=483413&r2=483414
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c Thu Dec 7 02:52:47 2006
@@ -146,6 +146,8 @@
status = oxs_xml_enc_decrypt_key(env, asym_ctx, sec_node, encrypted_key_node, decrypted_sym_key);
if(AXIS2_FAILURE == status){
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart][shp] Cannot decrypt the EncryptedKey");
+ rampart_create_fault_envelope(env, RAMPART_FAULT_FAILED_CHECK,
+ "Key decryption failed", RAMPART_FAULT_IN_ENCRYPTED_KEY, msg_ctx);
return AXIS2_FAILURE;
}
/*Alright now we have the key used to encrypt the elements in the reference_list*/
@@ -178,6 +180,8 @@
status = oxs_xml_enc_decrypt_node(env, ctx, enc_data_node, &decrypted_node);
if(AXIS2_FAILURE == status){
+ rampart_create_fault_envelope(env, RAMPART_FAULT_FAILED_CHECK,
+ "Data decryption failed", RAMPART_FAULT_IN_ENCRYPTED_DATA, msg_ctx);
return AXIS2_FAILURE;
}
AXIS2_LOG_INFO(env->log, "[rampart][shp] Node ID=%s decrypted successfuly", id);
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org