You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ka...@apache.org on 2007/02/27 06:31:21 UTC
svn commit: r512140 - in /webservices/axis2/trunk/c/rampart:
include/oxs_signature.h src/omxmlsec/openssl/sign.c src/omxmlsec/signature.c
Author: kaushalye
Date: Mon Feb 26 21:31:18 2007
New Revision: 512140
URL: http://svn.apache.org/viewvc?view=rev&rev=512140
Log:
Signature verification in OMXMLSecurity.
Modified:
webservices/axis2/trunk/c/rampart/include/oxs_signature.h
webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/sign.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/signature.c
Modified: webservices/axis2/trunk/c/rampart/include/oxs_signature.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_signature.h?view=diff&rev=512140&r1=512139&r2=512140
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_signature.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_signature.h Mon Feb 26 21:31:18 2007
@@ -52,7 +52,14 @@
oxs_buffer_t *input,
oxs_buffer_t *output);
-
+/**
+ * Verify
+ */
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sig_verify(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ axis2_char_t *content,
+ axis2_char_t *signature);
/** @} */
#ifdef __cplusplus
}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/sign.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/sign.c?view=diff&rev=512140&r1=512139&r2=512140
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/sign.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/sign.c Mon Feb 26 21:31:18 2007
@@ -57,10 +57,14 @@
ret = EVP_VerifyInit(&md_ctx, digest);
if(ret != 1) {
/*Error*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"EVP_VerifyInit failed" );
+ return AXIS2_FAILURE;
}
ret = EVP_VerifyUpdate(&md_ctx, OXS_BUFFER_GET_DATA(input_buf, env), OXS_BUFFER_GET_SIZE(input_buf, env));
if(ret != 1) {
/*Error*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"EVP_VerifyUpdate failed" );
+ return AXIS2_FAILURE;
}
ret = EVP_VerifyFinal(&md_ctx, OXS_BUFFER_GET_DATA(sig_buf, env),
@@ -68,12 +72,15 @@
pkey);
if(ret == 0){
/*Error. Signature verification FAILED */
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Signature verification FAILED." );
status = AXIS2_FAILURE;
}else if(ret < 0){
/*Erorr. Some other error*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Error occured while verifying the signature." );
status = AXIS2_FAILURE;
}else{
/*SUCCESS. Det ar bra :-)*/
+ AXIS2_LOG_INFO(env->log, "[openssl][sig] Signature verification SUCCESS " );
status = AXIS2_SUCCESS;
}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/signature.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/signature.c?view=diff&rev=512140&r1=512139&r2=512140
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/signature.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/signature.c Mon Feb 26 21:31:18 2007
@@ -27,7 +27,6 @@
#include <openssl_rsa.h>
#include <openssl_sign.h>
#include <openssl_digest.h>
-#include <openssl_sign.h>
/*Private functions*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -93,3 +92,47 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sig_verify(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ axis2_char_t *content,
+ axis2_char_t *signature)
+{
+ axis2_status_t status = AXIS2_FAILURE;
+ oxs_buffer_t *in_buf = NULL;
+ oxs_buffer_t *sig_buf = NULL;
+ unsigned char* decoded_data = NULL;
+ int decoded_len = -1;
+ int ret = -1;
+
+ /*Base64 decode the signature value and create the sig buffer*/
+ /*Allocate enough space*/
+ decoded_data = AXIS2_MALLOC(env->allocator, axis2_base64_decode_len(signature));
+ decoded_len = axis2_base64_decode_binary(decoded_data, signature );
+ if (decoded_len < 0)
+ {
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,
+ "axis2_base64_decode_binary failed");
+ return AXIS2_FAILURE;
+ }
+ /*Create the signature buffer*/
+ sig_buf = oxs_buffer_create(env);
+ ret = OXS_BUFFER_POPULATE(sig_buf, env, decoded_data, decoded_len);
+
+ /*Create the input buffer*/
+ in_buf = oxs_buffer_create(env);
+ status = OXS_BUFFER_POPULATE(in_buf, env, (unsigned char*)content, axis2_strlen(content));
+
+ /*Call OpenSSL function to verify the signature*/
+ status = openssl_sig_verify(env, sign_ctx, in_buf, sig_buf);
+ if(AXIS2_SUCCESS != status){
+ /*Error in signature processing*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Signature verification FAILED.");
+ return AXIS2_FAILURE;
+ }else{
+
+ AXIS2_LOG_INFO(env->log, "[oxs][sig] Signature verification SUCCESS " );
+ return AXIS2_SUCCESS;
+ }
+
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org