You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by su...@apache.org on 2008/03/31 15:58:54 UTC
svn commit: r642993 - in /webservices/rampart/scratch/c/pkcs/c: include/
src/omxmlsec/ src/trust/ src/util/
Author: supun
Date: Mon Mar 31 06:58:45 2008
New Revision: 642993
URL: http://svn.apache.org/viewvc?rev=642993&view=rev
Log: (empty)
Modified:
webservices/rampart/scratch/c/pkcs/c/include/oxs_key_mgr.h
webservices/rampart/scratch/c/pkcs/c/include/rampart_context.h
webservices/rampart/scratch/c/pkcs/c/include/trust_sts_client.h
webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/key_mgr.c
webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/transforms_factory.c
webservices/rampart/scratch/c/pkcs/c/src/trust/sts_client.c
webservices/rampart/scratch/c/pkcs/c/src/util/rampart_context.c
webservices/rampart/scratch/c/pkcs/c/src/util/rampart_signature.c
Modified: webservices/rampart/scratch/c/pkcs/c/include/oxs_key_mgr.h
URL: http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/include/oxs_key_mgr.h?rev=642993&r1=642992&r2=642993&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/include/oxs_key_mgr.h (original)
+++ webservices/rampart/scratch/c/pkcs/c/include/oxs_key_mgr.h Mon Mar 31 06:58:45 2008
@@ -38,12 +38,16 @@
#include <openssl_pkey.h>
#include <openssl_x509.h>
#include <openssl_pkcs12.h>
+#include <axis2_key_type.h>
+#include <openssl_pkcs12.h>
+#include <openssl_pkcs12_keystore.h>
#ifdef __cplusplus
extern "C"
{
#endif
+ typedef struct oxs_key_mgr_t oxs_key_mgr_t;
/**
* Loads keys/certificates from a keystore or a PEm file depending on information available in the @ctx
* @ctx pointer to the OMXMLSec asymmetric encryption context struct
@@ -120,6 +124,124 @@
oxs_x509_cert_t **cert,
openssl_pkey_t **prv_key);
+
+ AXIS2_EXTERN oxs_key_mgr_t * AXIS2_CALL
+ oxs_key_mgr_create(axutil_env_t *env);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_free(oxs_key_mgr_t *key_mgr,
+ axutil_env_t *env);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_set_prv_key_password(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_char_t *password);
+
+ AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+ oxs_key_mgr_get_prv_key_password(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
+ AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+ oxs_key_mgr_get_private_key_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
+ AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+ oxs_key_mgr_get_certificate_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
+ AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+ oxs_key_mgr_get_reciever_certificate_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_set_private_key_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_char_t *file_name);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_set_certificate_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_char_t *file_name);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_set_reciever_certificate_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_char_t *file_name);
+
+
+ AXIS2_EXTERN void *AXIS2_CALL
+ oxs_key_mgr_get_certificate(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
+ AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
+ oxs_key_mgr_get_certificate_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
+ AXIS2_EXTERN void *AXIS2_CALL
+ oxs_key_mgr_get_prv_key(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
+ AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
+ oxs_key_mgr_get_prv_key_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
+ AXIS2_EXTERN void *AXIS2_CALL
+ oxs_key_mgr_get_receiver_certificate(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
+ AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
+ oxs_key_mgr_get_receiver_certificate_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_set_certificate(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ void *certificate);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_set_certificate_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_key_type_t type);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_set_prv_key(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ void *key);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_set_prv_key_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_key_type_t type);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_set_receiver_certificate(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ void *certificate);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_set_receiver_certificate_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_key_type_t type);
/** @} */
#ifdef __cplusplus
}
Modified: webservices/rampart/scratch/c/pkcs/c/include/rampart_context.h
URL: http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/include/rampart_context.h?rev=642993&r1=642992&r2=642993&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/include/rampart_context.h (original)
+++ webservices/rampart/scratch/c/pkcs/c/include/rampart_context.h Mon Mar 31 06:58:45 2008
@@ -41,6 +41,7 @@
#include <axutil_array_list.h>
#include <rampart_saml_token.h>
#include <rampart_issued_token.h>
+#include <oxs_key_mgr.h>
#ifdef __cplusplus
extern "C"
Modified: webservices/rampart/scratch/c/pkcs/c/include/trust_sts_client.h
URL: http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/include/trust_sts_client.h?rev=642993&r1=642992&r2=642993&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/include/trust_sts_client.h (original)
+++ webservices/rampart/scratch/c/pkcs/c/include/trust_sts_client.h Mon Mar 31 06:58:45 2008
@@ -38,7 +38,7 @@
#include <trust_util.h>
#include <trust_policy_util.h>
#include <trust_token.h>
-
+#include <rampart_config.h>
#include <trust_rst.h>
#include <trust_rstr.h>
#include <trust_context.h>
@@ -126,6 +126,15 @@
trust_sts_client_t * sts_client,
const axutil_env_t * env,
axis2_char_t * file_path);
+
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ trust_sts_client_set_auth_info(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ axis2_char_t *username,
+ axis2_char_t *password,
+ axis2_char_t * auth_type);
Modified: webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/key_mgr.c
URL: http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/key_mgr.c?rev=642993&r1=642992&r2=642993&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/key_mgr.c (original)
+++ webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/key_mgr.c Mon Mar 31 06:58:45 2008
@@ -21,7 +21,241 @@
#include <oxs_key_mgr.h>
#include <openssl_pem.h>
+struct oxs_key_mgr_t
+{
+ axis2_char_t *private_key_file;
+ axis2_char_t *certificate_file;
+ axis2_char_t *reciever_certificate_file;
+ axis2_char_t *prv_key_password;
+ void *prv_key;
+ axis2_key_type_t prv_key_type;
+ void *certificate;
+ axis2_key_type_t certificate_type;
+ void *receiver_certificate;
+ axis2_key_type_t receiver_certificate_type;
+
+ pkcs12_keystore_t *key_store;
+};
+
+AXIS2_EXTERN oxs_key_mgr_t * AXIS2_CALL
+oxs_key_mgr_create(axutil_env_t *env)
+{
+ oxs_key_mgr_t *key_mgr = NULL;
+ key_mgr = AXIS2_MALLOC(env->allocator, sizeof(oxs_key_mgr_t));
+ if (key_mgr)
+ {
+ key_mgr->private_key_file = NULL;
+ key_mgr->certificate_file = NULL;
+ key_mgr->reciever_certificate_file = NULL;
+ key_mgr->prv_key_password = NULL;
+ key_mgr->prv_key = NULL;
+ key_mgr->prv_key_type = AXIS2_KEY_TYPE_UNKNOWN;
+ key_mgr->certificate = NULL;
+ key_mgr->certificate_type = AXIS2_KEY_TYPE_UNKNOWN;
+ key_mgr->receiver_certificate = NULL;
+ key_mgr->receiver_certificate_type = AXIS2_KEY_TYPE_UNKNOWN;
+ key_mgr->key_store = NULL;
+ }
+ return key_mgr;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_free(oxs_key_mgr_t *key_mgr, axutil_env_t *env)
+{
+ if(key_mgr->certificate)
+ {
+ oxs_x509_cert_free(key_mgr->certificate, env);
+ key_mgr->certificate = NULL;
+ }
+ if(key_mgr->receiver_certificate)
+ {
+ oxs_x509_cert_free(key_mgr->receiver_certificate, env);
+ key_mgr->receiver_certificate = NULL;
+ }
+ AXIS2_FREE(env->allocator, key_mgr);
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_key_mgr_get_prv_key_password(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ return key_mgr->prv_key_password;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_set_prv_key_password(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_char_t *password)
+{
+ key_mgr->prv_key_password = password;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_key_mgr_get_private_key_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ return key_mgr->private_key_file;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_key_mgr_get_certificate_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ return key_mgr->certificate_file;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_key_mgr_get_reciever_certificate_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ return key_mgr->reciever_certificate_file;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_set_private_key_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_char_t *file_name)
+{
+ key_mgr->private_key_file = file_name;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_set_certificate_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_char_t *file_name)
+{
+ key_mgr->certificate_file = file_name;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_set_reciever_certificate_file(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_char_t *file_name)
+{
+ key_mgr->reciever_certificate_file = file_name;
+ return AXIS2_SUCCESS;
+}
+
+
+AXIS2_EXTERN void *AXIS2_CALL
+oxs_key_mgr_get_certificate(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ return key_mgr->certificate;
+}
+
+AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
+oxs_key_mgr_get_certificate_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ return key_mgr->certificate_type;
+}
+
+AXIS2_EXTERN void *AXIS2_CALL
+oxs_key_mgr_get_prv_key(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ return key_mgr->prv_key;
+}
+
+AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
+oxs_key_mgr_get_prv_key_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ return key_mgr->prv_key_type;
+}
+
+AXIS2_EXTERN void *AXIS2_CALL
+oxs_key_mgr_get_receiver_certificate(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ return key_mgr->receiver_certificate;
+}
+
+AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
+oxs_key_mgr_get_receiver_certificate_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ return key_mgr->receiver_certificate_type;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_set_certificate(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ void *certificate)
+{
+ key_mgr->certificate = certificate;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_set_certificate_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_key_type_t type)
+{
+ key_mgr->certificate_type = type;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_set_prv_key(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ void *key)
+{
+ key_mgr->prv_key = key;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_set_prv_key_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_key_type_t type)
+{
+ key_mgr->prv_key_type = type;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_set_receiver_certificate(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ void *certificate)
+{
+ key_mgr->receiver_certificate = certificate;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_set_receiver_certificate_type(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env,
+ axis2_key_type_t type)
+{
+ key_mgr->receiver_certificate_type = type;
+ return AXIS2_SUCCESS;
+}
/**
* Loads the key
Modified: webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/transforms_factory.c
URL: http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/transforms_factory.c?rev=642993&r1=642992&r2=642993&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/transforms_factory.c (original)
+++ webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/transforms_factory.c Mon Mar 31 06:58:45 2008
@@ -199,12 +199,13 @@
tr = oxs_transform_create(env);
oxs_transform_set_id(tr, env, id);
oxs_transform_set_input_data_type(tr, env, OXS_TRANSFORM_TYPE_NODE);
- oxs_transform_set_output_data_type(tr, env, OXS_TRANSFORM_TYPE_NODE);
+ oxs_transform_set_output_data_type(tr, env, OXS_TRANSFORM_TYPE_CHAR);
oxs_transform_set_transform_func(tr, env, (oxs_transform_tr_func)oxs_transforms_STR);
return tr;
}
else
return NULL;
}
+
Modified: webservices/rampart/scratch/c/pkcs/c/src/trust/sts_client.c
URL: http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/src/trust/sts_client.c?rev=642993&r1=642992&r2=642993&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/src/trust/sts_client.c (original)
+++ webservices/rampart/scratch/c/pkcs/c/src/trust/sts_client.c Mon Mar 31 06:58:45 2008
@@ -66,7 +66,12 @@
axis2_msg_ctx_t *received_in_msg_ctx;
rp_secpolicy_t *sec_policy;
+
+ axis2_char_t *username;
+ axis2_char_t *password;
+
+ axis2_char_t *auth_type;
};
@@ -86,6 +91,9 @@
sts_client->service_policy_location = NULL;
sts_client->svc_client = NULL;
sts_client->sec_policy = NULL;
+ sts_client->username = NULL;
+ sts_client->password = NULL;
+ sts_client->auth_type = NULL;
return sts_client;
}
@@ -236,6 +244,8 @@
axis2_endpoint_ref_t *endpoint_ref = NULL;
axis2_options_t *options = NULL;
axis2_svc_client_t *svc_client = NULL;
+ rampart_config_t* client_config = NULL;
+ axutil_property_t *property = NULL;
endpoint_ref = axis2_endpoint_ref_create(env, sts_client->issuer_address);
@@ -244,10 +254,26 @@
axis2_options_set_action(options, env, action);
if(is_soap11)
{
- axis2_options_set_soap_action(options, env, axutil_string_create(env, action));
+ axis2_options_set_soap_action(options, env, axutil_string_create(env, action));
axis2_options_set_soap_version(options, env, AXIOM_SOAP11);
}
+ client_config = rampart_config_create(env);
+ if(!client_config)
+ {
+ printf("Cannot create rampart config\n");
+ return 0;
+ }
+
+ rampart_config_set_username(client_config, env, sts_client->username);
+ rampart_config_set_password(client_config, env, sts_client->password);
+ rampart_config_set_password_type(client_config, env, sts_client->auth_type);
+ rampart_config_set_ttl(client_config, env, 360);
+
+ property = axutil_property_create_with_args(env, AXIS2_SCOPE_REQUEST ,
+ AXIS2_TRUE, (void *)rampart_config_free, client_config);
+ axis2_options_set_property(options, env, RAMPART_CLIENT_CONFIGURATION, property);
+
if(!(sts_client->svc_client))
{
svc_client = axis2_svc_client_create(env, sts_client->home_dir);
@@ -272,13 +298,13 @@
axis2_svc_client_engage_module(svc_client, env, AXIS2_MODULE_ADDRESSING);
/*set the address version*/
- if(address_version)
- {
- axutil_property_t *property = NULL;
-
- property = axutil_property_create(env);
- axutil_property_set_scope(property, env, AXIS2_SCOPE_APPLICATION);
- axutil_property_set_value(property, env, axutil_strdup(env, address_version));
+ if(address_version)
+ {
+ axutil_property_t *property = NULL;
+
+ property = axutil_property_create(env);
+ axutil_property_set_scope(property, env, AXIS2_SCOPE_APPLICATION);
+ axutil_property_set_value(property, env, axutil_strdup(env, address_version));
axis2_options_set_property(options, env, AXIS2_WSA_VERSION, property);
}
@@ -357,6 +383,22 @@
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
+trust_sts_client_set_auth_info(
+ trust_sts_client_t * sts_client,
+ const axutil_env_t * env,
+ axis2_char_t *username,
+ axis2_char_t *password,
+ axis2_char_t * auth_type)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ sts_client->username = username;
+ sts_client->password = password;
+ sts_client->auth_type = auth_type;
+ return AXIS2_SUCCESS;
+
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
trust_sts_client_set_issuer_policy_location(
trust_sts_client_t * sts_client,
const axutil_env_t * env,
@@ -592,17 +634,17 @@
if(!proof_token)
{
oxs_buffer_t *buffer = NULL;
- int decoded_len = 0;
- axis2_char_t *decoded_shared_secret = NULL;
- axis2_char_t* shared_secret = NULL;
-
- shared_secret = trust_entropy_get_binary_secret(requester_entropy, env);
- decoded_len = axutil_base64_decode_len(shared_secret);
- decoded_shared_secret = AXIS2_MALLOC(env->allocator, decoded_len);
- axutil_base64_decode_binary((unsigned char*)decoded_shared_secret, shared_secret);
- buffer = oxs_buffer_create(env);
- oxs_buffer_populate(buffer, env, (unsigned char*)decoded_shared_secret, decoded_len);
- AXIS2_FREE(env->allocator, decoded_shared_secret);
+ int decoded_len = 0;
+ axis2_char_t *decoded_shared_secret = NULL;
+ axis2_char_t* shared_secret = NULL;
+
+ shared_secret = trust_entropy_get_binary_secret(requester_entropy, env);
+ decoded_len = axutil_base64_decode_len(shared_secret);
+ decoded_shared_secret = AXIS2_MALLOC(env->allocator, decoded_len);
+ axutil_base64_decode_binary((unsigned char*)decoded_shared_secret, shared_secret);
+ buffer = oxs_buffer_create(env);
+ oxs_buffer_populate(buffer, env, (unsigned char*)decoded_shared_secret, decoded_len);
+ AXIS2_FREE(env->allocator, decoded_shared_secret);
return buffer;
}
else
@@ -615,43 +657,43 @@
axis2_char_t *output = NULL;
oxs_buffer_t *buffer = NULL;
- int requester_entropy_len = 0;
- axis2_char_t *decoded_requester_entropy = NULL;
- axis2_char_t *requester_nonce = NULL;
- int issuer_entropy_len = 0;
- axis2_char_t *decoded_issuer_entropy = NULL;
- axis2_char_t *issuer_nonce = NULL;
+ int requester_entropy_len = 0;
+ axis2_char_t *decoded_requester_entropy = NULL;
+ axis2_char_t *requester_nonce = NULL;
+ int issuer_entropy_len = 0;
+ axis2_char_t *decoded_issuer_entropy = NULL;
+ axis2_char_t *issuer_nonce = NULL;
- local_name = axiom_util_get_localname(proof_token, env);
- /*if local name is not ComputedKey, then we can return*/
- if(axutil_strcmp(local_name, TRUST_COMPUTED_KEY) != 0)
- return NULL;
-
- key_size = trust_rst_get_key_size(rst, env)/8;
- if(key_size <= 0)
- return NULL;
-
- compute_key_algo = oxs_axiom_get_node_content(env, proof_token);
-
- buffer = oxs_buffer_create(env);
- requester_nonce = trust_entropy_get_binary_secret(requester_entropy, env);
- requester_entropy_len = axutil_base64_decode_len(requester_nonce);
- decoded_requester_entropy = AXIS2_MALLOC(env->allocator, requester_entropy_len);
- axutil_base64_decode_binary((unsigned char*)decoded_requester_entropy, requester_nonce);
-
- issuer_entropy = trust_rstr_get_entropy(rstr, env);
-
- /*if issuer doesn't provide entropy, we can take requester entropy as key*/
- if((!requester_entropy) || (!trust_entropy_get_binary_secret(requester_entropy, env)))
- {
- oxs_buffer_populate(buffer, env, (unsigned char*)decoded_requester_entropy, requester_entropy_len);
- AXIS2_FREE(env->allocator, decoded_requester_entropy);
- return buffer;
- }
-
- issuer_nonce = trust_entropy_get_binary_secret(issuer_entropy, env);
- issuer_entropy_len = axutil_base64_decode_len(issuer_nonce);
- decoded_issuer_entropy = AXIS2_MALLOC(env->allocator, issuer_entropy_len);
+ local_name = axiom_util_get_localname(proof_token, env);
+ /*if local name is not ComputedKey, then we can return*/
+ if(axutil_strcmp(local_name, TRUST_COMPUTED_KEY) != 0)
+ return NULL;
+
+ key_size = trust_rst_get_key_size(rst, env)/8;
+ if(key_size <= 0)
+ return NULL;
+
+ compute_key_algo = oxs_axiom_get_node_content(env, proof_token);
+
+ buffer = oxs_buffer_create(env);
+ requester_nonce = trust_entropy_get_binary_secret(requester_entropy, env);
+ requester_entropy_len = axutil_base64_decode_len(requester_nonce);
+ decoded_requester_entropy = AXIS2_MALLOC(env->allocator, requester_entropy_len);
+ axutil_base64_decode_binary((unsigned char*)decoded_requester_entropy, requester_nonce);
+
+ issuer_entropy = trust_rstr_get_entropy(rstr, env);
+
+ /*if issuer doesn't provide entropy, we can take requester entropy as key*/
+ if((!requester_entropy) || (!trust_entropy_get_binary_secret(requester_entropy, env)))
+ {
+ oxs_buffer_populate(buffer, env, (unsigned char*)decoded_requester_entropy, requester_entropy_len);
+ AXIS2_FREE(env->allocator, decoded_requester_entropy);
+ return buffer;
+ }
+
+ issuer_nonce = trust_entropy_get_binary_secret(issuer_entropy, env);
+ issuer_entropy_len = axutil_base64_decode_len(issuer_nonce);
+ decoded_issuer_entropy = AXIS2_MALLOC(env->allocator, issuer_entropy_len);
axutil_base64_decode_binary((unsigned char*)decoded_issuer_entropy, issuer_nonce);
output = AXIS2_MALLOC(env->allocator, key_size);
Modified: webservices/rampart/scratch/c/pkcs/c/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/src/util/rampart_context.c?rev=642993&r1=642992&r2=642993&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/src/util/rampart_context.c (original)
+++ webservices/rampart/scratch/c/pkcs/c/src/util/rampart_context.c Mon Mar 31 06:58:45 2008
@@ -25,17 +25,18 @@
#include <rp_saml_token.h>
#include <rp_issued_token.h>
#include <rampart_saml_token.h>
+#include <oxs_key_mgr.h>
struct rampart_context_t
{
/*****************************/
axiom_node_t *policy_node;
- void *prv_key;
+ /*void *prv_key;
axis2_key_type_t prv_key_type;
void *certificate;
axis2_key_type_t certificate_type;
void *receiver_certificate;
- axis2_key_type_t receiver_certificate_type;
+ axis2_key_type_t receiver_certificate_type;*/
axis2_char_t *user;
axis2_char_t *password;
axis2_char_t *password_type;
@@ -44,13 +45,13 @@
rampart_is_replayed_fn is_replayed_function;
int ttl;
axis2_char_t *rd_val;
- axis2_char_t *private_key_file;
+ /*axis2_char_t *private_key_file;
axis2_char_t *certificate_file;
- axis2_char_t *reciever_certificate_file;
+ axis2_char_t *reciever_certificate_file;*/
int ref;
-
+ oxs_key_mgr_t *key_mgr;
/****************************/
- /* Set true when the issued token is aquired and set to the rampart conext*/
+ /* Callback function for aquiring the issued token */
issued_token_callback_func aquire_issued_token;
/* SAML tokens. */
@@ -166,23 +167,23 @@
return NULL;
}
rampart_context->policy_node = NULL;
- rampart_context->prv_key = NULL;
+ /*rampart_context->prv_key = NULL;
rampart_context->prv_key_type = 0;
rampart_context->certificate = NULL;
rampart_context->certificate_type = 0;
rampart_context->receiver_certificate = NULL;
- rampart_context->receiver_certificate_type = 0;
+ rampart_context->receiver_certificate_type = 0;*/
rampart_context->user = 0;
rampart_context->password = NULL;
- rampart_context->prv_key_password = NULL;
+ /*rampart_context->prv_key_password = NULL;*/
rampart_context->pwcb_function = NULL;
rampart_context->is_replayed_function = NULL;
rampart_context->ttl = 300;
rampart_context->rd_val = NULL;
rampart_context->password_type = NULL;
- rampart_context->private_key_file = NULL;
+ /*rampart_context->private_key_file = NULL;
rampart_context->certificate_file = NULL;
- rampart_context->reciever_certificate_file = NULL;
+ rampart_context->reciever_certificate_file = NULL;*/
rampart_context->saml_tokens = NULL;
rampart_context->aquire_issued_token = NULL;
@@ -202,7 +203,7 @@
rampart_context->signature_token_id = NULL;
rampart_context->key_list = axutil_array_list_create(env, 2);
-
+ rampart_context->key_mgr = oxs_key_mgr_create(env);
return rampart_context;
}
@@ -308,14 +309,14 @@
rampart_context->key_list = NULL;
}
- if(rampart_context->certificate){
+ /*if(rampart_context->certificate){
oxs_x509_cert_free(rampart_context->certificate, env);
rampart_context->certificate = NULL;
}
if(rampart_context->receiver_certificate){
oxs_x509_cert_free(rampart_context->receiver_certificate, env);
rampart_context->receiver_certificate = NULL;
- }
+ }*/
if(rampart_context->key_list){
/*Need to free data of the list*/
@@ -365,9 +366,12 @@
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
AXIS2_PARAM_CHECK(env->error,prv_key,AXIS2_FAILURE);
-
- rampart_context->prv_key = prv_key;
- return AXIS2_SUCCESS;
+ if (rampart_context->key_mgr)
+ {
+ oxs_key_mgr_set_prv_key(rampart_context->key_mgr, env, prv_key);
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -377,9 +381,12 @@
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
AXIS2_PARAM_CHECK(env->error,type,AXIS2_FAILURE);
-
- rampart_context->prv_key_type = type;
- return AXIS2_SUCCESS;
+ if (rampart_context->key_mgr)
+ {
+ oxs_key_mgr_set_prv_key_type(rampart_context->key_mgr, env, type);
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -389,9 +396,12 @@
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
AXIS2_PARAM_CHECK(env->error,certificate,AXIS2_FAILURE);
-
- rampart_context->certificate = certificate;
- return AXIS2_SUCCESS;
+ if (rampart_context->key_mgr)
+ {
+ oxs_key_mgr_set_certificate(rampart_context->key_mgr, env, certificate);
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -401,9 +411,12 @@
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
AXIS2_PARAM_CHECK(env->error,type,AXIS2_FAILURE);
-
- rampart_context->certificate_type = type;
- return AXIS2_SUCCESS;
+ if (rampart_context->key_mgr)
+ {
+ oxs_key_mgr_set_certificate_type(rampart_context->key_mgr, env, type);
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -413,9 +426,12 @@
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
AXIS2_PARAM_CHECK(env->error,receiver_certificate,AXIS2_FAILURE);
-
- rampart_context->receiver_certificate = receiver_certificate;
- return AXIS2_SUCCESS;
+ if (rampart_context->key_mgr)
+ {
+ oxs_key_mgr_set_receiver_certificate(rampart_context->key_mgr, env, receiver_certificate);
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -425,9 +441,12 @@
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
AXIS2_PARAM_CHECK(env->error,type,AXIS2_FAILURE);
-
- rampart_context->receiver_certificate_type = type;
- return AXIS2_SUCCESS;
+ if (rampart_context->key_mgr)
+ {
+ oxs_key_mgr_set_receiver_certificate_type(rampart_context->key_mgr, env, type);
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -467,8 +486,12 @@
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
AXIS2_PARAM_CHECK(env->error,prv_key_password,AXIS2_FAILURE);
- rampart_context->prv_key_password = prv_key_password;
- return AXIS2_SUCCESS;
+ if (rampart_context->key_mgr)
+ {
+ oxs_key_mgr_set_prv_key_password(rampart_context->key_mgr, env, prv_key_password);
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -529,7 +552,6 @@
const axutil_env_t *env,
axis2_char_t *rd_val)
{
-
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
AXIS2_PARAM_CHECK(env->error, rd_val, AXIS2_FAILURE);
@@ -542,11 +564,13 @@
const axutil_env_t *env,
axis2_char_t *private_key_file)
{
-
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
-
- rampart_context->private_key_file = private_key_file;
- return AXIS2_SUCCESS;
+ if (rampart_context->key_mgr)
+ {
+ oxs_key_mgr_set_private_key_file(rampart_context->key_mgr, env, private_key_file);
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -554,11 +578,13 @@
const axutil_env_t *env,
axis2_char_t *certificate_file)
{
-
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
-
- rampart_context->certificate_file = certificate_file;
- return AXIS2_SUCCESS;
+ if (rampart_context->key_mgr)
+ {
+ oxs_key_mgr_set_certificate_file(rampart_context->key_mgr, env, certificate_file);
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -566,11 +592,13 @@
const axutil_env_t *env,
axis2_char_t *reciever_certificate_file)
{
-
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
-
- rampart_context->reciever_certificate_file = reciever_certificate_file;
- return AXIS2_SUCCESS;
+ if (rampart_context->key_mgr)
+ {
+ oxs_key_mgr_set_reciever_certificate_file(rampart_context->key_mgr, env, reciever_certificate_file);
+ return AXIS2_SUCCESS;
+ }
+ return AXIS2_FAILURE;
}
/*End of implementation*/
@@ -593,8 +621,11 @@
const axutil_env_t *env)
{
AXIS2_ENV_CHECK(env, NULL);
-
- return rampart_context->prv_key;
+ if (rampart_context->key_mgr)
+ {
+ return oxs_key_mgr_get_prv_key(rampart_context->key_mgr, env);
+ }
+ return NULL;
}
AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
@@ -603,8 +634,11 @@
const axutil_env_t *env)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
-
- return rampart_context->prv_key_type;
+ if (rampart_context->key_mgr)
+ {
+ return oxs_key_mgr_get_prv_key_type(rampart_context->key_mgr, env);
+ }
+ return AXIS2_KEY_TYPE_UNKNOWN;
}
AXIS2_EXTERN void *AXIS2_CALL
@@ -614,7 +648,11 @@
{
AXIS2_ENV_CHECK(env, NULL);
- return rampart_context->certificate;
+ if (rampart_context->key_mgr)
+ {
+ return oxs_key_mgr_get_certificate(rampart_context->key_mgr, env);
+ }
+ return NULL;
}
AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
@@ -624,7 +662,11 @@
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- return rampart_context->certificate_type;
+ if (rampart_context->key_mgr)
+ {
+ return oxs_key_mgr_get_certificate_type(rampart_context->key_mgr, env);
+ }
+ return AXIS2_KEY_TYPE_UNKNOWN;
}
@@ -635,7 +677,11 @@
{
AXIS2_ENV_CHECK(env, NULL);
- return rampart_context->receiver_certificate;
+ if (rampart_context->key_mgr)
+ {
+ return oxs_key_mgr_get_receiver_certificate(rampart_context->key_mgr, env);
+ }
+ return NULL;
}
AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
@@ -645,7 +691,11 @@
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- return rampart_context->receiver_certificate_type;
+ if (rampart_context->key_mgr)
+ {
+ return oxs_key_mgr_get_receiver_certificate_type(rampart_context->key_mgr, env);
+ }
+ return AXIS2_KEY_TYPE_UNKNOWN;
}
@@ -677,7 +727,11 @@
{
AXIS2_ENV_CHECK(env, NULL);
- return rampart_context->prv_key_password;
+ if (rampart_context->key_mgr)
+ {
+ return oxs_key_mgr_get_prv_key_password(rampart_context->key_mgr, env);
+ }
+ return NULL;
}
AXIS2_EXTERN password_callback_fn AXIS2_CALL
@@ -2530,9 +2584,9 @@
{
rp_rampart_config_t *rampart_config = NULL;
- if(rampart_context->certificate_file)
+ if(rampart_context->key_mgr && oxs_key_mgr_get_certificate_file(rampart_context->key_mgr, env))
{
- return rampart_context->certificate_file;
+ return oxs_key_mgr_get_certificate_file(rampart_context->key_mgr, env);
}
rampart_config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
@@ -2551,9 +2605,9 @@
{
rp_rampart_config_t *rampart_config = NULL;
- if(rampart_context->reciever_certificate_file)
+ if(rampart_context->key_mgr && oxs_key_mgr_get_reciever_certificate_file(rampart_context->key_mgr, env))
{
- return rampart_context->reciever_certificate_file;
+ return oxs_key_mgr_get_reciever_certificate_file(rampart_context->key_mgr, env);
}
rampart_config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
@@ -2573,9 +2627,9 @@
{
rp_rampart_config_t *rampart_config = NULL;
- if(rampart_context->private_key_file)
+ if(rampart_context->key_mgr && oxs_key_mgr_get_private_key_file(rampart_context->key_mgr, env))
{
- return rampart_context->private_key_file;
+ return oxs_key_mgr_get_private_key_file(rampart_context->key_mgr, env);
}
rampart_config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
Modified: webservices/rampart/scratch/c/pkcs/c/src/util/rampart_signature.c
URL: http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/src/util/rampart_signature.c?rev=642993&r1=642992&r2=642993&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/src/util/rampart_signature.c (original)
+++ webservices/rampart/scratch/c/pkcs/c/src/util/rampart_signature.c Mon Mar 31 06:58:45 2008
@@ -756,12 +756,12 @@
{
/*have to send EncryptedKeySHA1*/
axis2_char_t *encrypted_key_hash = NULL;
- axiom_node_t *identifier_token = NULL;
- encrypted_key_hash = oxs_key_get_key_sha(session_key, env);
- key_reference_node = oxs_token_build_security_token_reference_element(env, NULL);
- identifier_token = oxs_token_build_key_identifier_element(env, key_reference_node,
- OXS_ENCODING_BASE64BINARY, OXS_X509_ENCRYPTED_KEY_SHA1, encrypted_key_hash);
-
+ axiom_node_t *identifier_token = NULL;
+ encrypted_key_hash = oxs_key_get_key_sha(session_key, env);
+ key_reference_node = oxs_token_build_security_token_reference_element(env, NULL);
+ identifier_token = oxs_token_build_key_identifier_element(env, key_reference_node,
+ OXS_ENCODING_BASE64BINARY, OXS_X509_ENCRYPTED_KEY_SHA1, encrypted_key_hash);
+
if(0 == axutil_strcmp(oxs_key_get_name(session_key, env), oxs_key_get_name(signed_key, env)))
{
/*Now then... we have used the session key to sign*/
@@ -778,7 +778,7 @@
dk_token = oxs_derivation_build_derived_key_token_with_stre(env, signed_key, sec_node, key_reference_node);
/*We need to make DerivedKeyToken to appear before the sginature node*/
oxs_axiom_interchange_nodes(env, dk_token, sig_node);
- }
+ }
}
else
{