You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by di...@apache.org on 2007/03/01 06:58:08 UTC
svn commit: r513155 [3/5] - in /webservices/axis2/scratch/c/dinesh/532/c: ./
axiom/ axiom/src/attachments/ axiom/test/om/ axiom/test/soap/ build/win32/
ides/studio/ ides/vc/axis2c/ ides/vc/axis2c/axis2_engine/
ides/vc/axis2c/axis2_http_common/ ides/vc/...
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/handlers/rampart_out_handler.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/handlers/rampart_out_handler.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/handlers/rampart_out_handler.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/handlers/rampart_out_handler.c Wed Feb 28 21:58:03 2007
@@ -75,23 +75,12 @@
axiom_element_t *soap_header_ele = NULL;
axis2_status_t status = AXIS2_FAILURE;
rampart_context_t *rampart_context = NULL;
-/* rp_secpolicy_t *secpolicy = NULL;*/
-/* axis2_char_t *file_name = "/home/manjula/axis2/scratch/security-policy/c/rampart/src/secpolicy/test-resources/2.xml";*/
-/* axis2_char_t *file_name = NULL;*/
axis2_bool_t serverside = AXIS2_FALSE;
-
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
AXIS2_PARAM_CHECK(env->error, msg_ctx, AXIS2_FAILURE);
serverside = axis2_msg_ctx_get_server_side(msg_ctx,env);
-/*
- if(serverside)
- file_name = "/home/manjula/axis2/scratch/security-policy/c/rampart/src/secpolicy/test-resources/outgoing_policy.xml";
-
- else
- file_name = "/home/manjula/axis2/scratch/security-policy/c/deploy/client_repo/outgoing_policy.xml";
-*/
soap_envelope = AXIS2_MSG_CTX_GET_SOAP_ENVELOPE(msg_ctx, env);
if (!soap_envelope)
{
@@ -121,7 +110,18 @@
}
soap_header_ele = (axiom_element_t *)AXIOM_NODE_GET_DATA_ELEMENT(soap_header_node,env);
- rampart_context = rampart_engine_init(env,msg_ctx,RAMPART_OUTFLOW_SECURITY_POLICY);
+ /*since rampart in handler is a global handler we should
+ first check whether the rampart module is engaged.If not engaged we
+ should not process the message but return success.*/
+
+ /*This method is implemented in rampart_handler utils.*/
+ if(!rampart_is_rampart_engaged(env,msg_ctx))
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_out_handler] Not intended for processing in Rampart");
+ return AXIS2_SUCCESS;
+ }
+
+ rampart_context = rampart_engine_init(env,msg_ctx,AXIS2_FALSE);
if(!rampart_context)
return AXIS2_FAILURE;
@@ -130,9 +130,9 @@
if(AXIS2_FAILURE == status){
AXIS2_LOG_INFO(env->log,
"[rampart][rampart_out_handler] Security header building failed ERROR");
+ rampart_engine_shutdown(env,rampart_context);
}
+ status = rampart_engine_shutdown(env,rampart_context);
}
-
return status;
-
}
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/Makefile.am
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/Makefile.am?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/Makefile.am (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/Makefile.am Wed Feb 28 21:58:03 2007
@@ -4,7 +4,7 @@
libomxmlsec_la_SOURCES = ctx.c buffer.c key.c cipher.c error.c axis2_utils.c axiom.c \
iv.c xml_encryption.c encryption.c\
utility.c asym_ctx.c x509_cert.c key_mgr.c sign_part.c sign_ctx.c \
- xml_signature.c signature.c
+ xml_signature.c signature.c transform.c transforms_factory.c
libomxmlsec_la_LIBADD = -lssl\
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/asym_ctx.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/asym_ctx.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/asym_ctx.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/asym_ctx.c Wed Feb 28 21:58:03 2007
@@ -38,6 +38,7 @@
/*Public functions*/
+AXIS2_EXTERN
axis2_char_t *AXIS2_CALL
oxs_asym_ctx_get_file_name(
const oxs_asym_ctx_t *asym_ctx,
@@ -46,6 +47,7 @@
return asym_ctx->file_name;
}
+AXIS2_EXTERN
axis2_char_t *AXIS2_CALL
oxs_asym_ctx_get_pem_buf(
const oxs_asym_ctx_t *asym_ctx,
@@ -53,6 +55,7 @@
{
return asym_ctx->pem_buf;
}
+AXIS2_EXTERN
axis2_char_t *AXIS2_CALL
oxs_asym_ctx_get_password(
const oxs_asym_ctx_t *asym_ctx,
@@ -60,6 +63,7 @@
{
return asym_ctx->password;
}
+AXIS2_EXTERN
oxs_asym_ctx_format_t AXIS2_CALL
oxs_asym_ctx_get_format(
const oxs_asym_ctx_t *asym_ctx,
@@ -68,6 +72,7 @@
return asym_ctx->format;
}
+AXIS2_EXTERN
axis2_char_t *AXIS2_CALL
oxs_asym_ctx_get_algorithm(
const oxs_asym_ctx_t *asym_ctx,
@@ -76,6 +81,7 @@
return asym_ctx->algorithm;
}
+AXIS2_EXTERN
axis2_char_t *AXIS2_CALL
oxs_asym_ctx_get_st_ref_pattern(
const oxs_asym_ctx_t *asym_ctx,
@@ -84,6 +90,7 @@
return asym_ctx->st_ref_pattern;
}
+AXIS2_EXTERN
oxs_asym_ctx_operation_t AXIS2_CALL
oxs_asym_ctx_get_operation(
const oxs_asym_ctx_t *asym_ctx,
@@ -92,6 +99,7 @@
return asym_ctx->operation;
}
+AXIS2_EXTERN
openssl_pkey_t *AXIS2_CALL
oxs_asym_ctx_get_private_key(
const oxs_asym_ctx_t *asym_ctx,
@@ -101,6 +109,7 @@
return asym_ctx->private_key;
}
+AXIS2_EXTERN
oxs_x509_cert_t *AXIS2_CALL
oxs_asym_ctx_get_certificate(
const oxs_asym_ctx_t *asym_ctx,
@@ -110,6 +119,7 @@
return asym_ctx->certificate;
}
+AXIS2_EXTERN
axis2_status_t AXIS2_CALL
oxs_asym_ctx_set_file_name(
oxs_asym_ctx_t *asym_ctx,
@@ -126,6 +136,7 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN
axis2_status_t AXIS2_CALL
oxs_asym_ctx_set_pem_buf(
oxs_asym_ctx_t *asym_ctx,
@@ -142,6 +153,7 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN
axis2_status_t AXIS2_CALL
oxs_asym_ctx_set_password(
oxs_asym_ctx_t *asym_ctx,
@@ -158,6 +170,7 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN
axis2_status_t AXIS2_CALL
oxs_asym_ctx_set_format(
oxs_asym_ctx_t *asym_ctx,
@@ -169,6 +182,7 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN
axis2_status_t AXIS2_CALL
oxs_asym_ctx_set_algorithm(
oxs_asym_ctx_t *asym_ctx,
@@ -185,6 +199,7 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN
axis2_status_t AXIS2_CALL
oxs_asym_ctx_set_st_ref_pattern(
oxs_asym_ctx_t *asym_ctx,
@@ -200,6 +215,7 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN
axis2_status_t AXIS2_CALL
oxs_asym_ctx_set_operation(
oxs_asym_ctx_t *asym_ctx,
@@ -212,6 +228,7 @@
}
+AXIS2_EXTERN
axis2_status_t AXIS2_CALL
oxs_asym_ctx_set_certificate(
oxs_asym_ctx_t *asym_ctx,
@@ -228,6 +245,7 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN
axis2_status_t AXIS2_CALL
oxs_asym_ctx_set_private_key(
oxs_asym_ctx_t *asym_ctx,
@@ -245,7 +263,8 @@
}
-AXIS2_EXTERN oxs_asym_ctx_t *AXIS2_CALL
+AXIS2_EXTERN
+oxs_asym_ctx_t *AXIS2_CALL
oxs_asym_ctx_create(const axis2_env_t *env)
{
oxs_asym_ctx_t *asym_ctx = NULL;
@@ -272,6 +291,7 @@
}
+AXIS2_EXTERN
axis2_status_t AXIS2_CALL
oxs_asym_ctx_free(oxs_asym_ctx_t *asym_ctx,
const axis2_env_t *env)
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/axiom.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/axiom.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/axiom.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/axiom.c Wed Feb 28 21:58:03 2007
@@ -29,6 +29,28 @@
#include <axiom_stax_builder.h>
#include <axiom_util.h>
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_axiom_add_attribute(const axis2_env_t *env,
+ axiom_node_t* node,
+ axis2_char_t* attribute_ns,
+ axis2_char_t* attribute_ns_uri,
+ axis2_char_t* attribute,
+ axis2_char_t* value)
+{
+ axiom_attribute_t *attr = NULL;
+ axiom_element_t *ele = NULL;
+ axis2_status_t status = AXIS2_FAILURE;
+ axiom_namespace_t *ns = NULL;
+
+ ns = axiom_namespace_create(env, attribute_ns_uri, attribute_ns);
+
+ ele = AXIOM_NODE_GET_DATA_ELEMENT(node, env);
+ attr = axiom_attribute_create(env, attribute , value, ns);
+ status = AXIOM_ELEMENT_ADD_ATTRIBUTE(ele, env, attr, node);
+
+ return status;
+}
+
AXIS2_EXTERN int AXIS2_CALL
oxs_axiom_get_number_of_children_with_qname(const axis2_env_t *env,
axiom_node_t* parent,
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/c14n/c14n.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/c14n/c14n.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/c14n/c14n.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/c14n/c14n.c Wed Feb 28 21:58:03 2007
@@ -29,6 +29,7 @@
#include <axiom_children_iterator.h>
#include <axiom_document.h>
#include <axiom_comment.h>
+#include <oxs_constants.h>
#include <oxs_c14n.h>
#include "c14n_sorted_list.h"
@@ -54,6 +55,12 @@
((doc) ? AXIOM_DOCUMENT_GET_ROOT_ELEMENT((axiom_document_t *)(doc), \
(ctx)->env) : c14n_get_root_node((node), (ctx)))
+typedef enum {
+ C14N_XML_C14N = 1,
+ C14N_XML_C14N_WITH_COMMENTS,
+ C14N_XML_EXC_C14N,
+ C14N_XML_EXC_C14N_WITH_COMMENTS,
+} c14n_algo_t;
typedef struct c14n_ns_stack {
int head; /*index of the currnt stack TOP*/
@@ -377,6 +384,11 @@
const c14n_ctx_t *ctx
);
+static c14n_algo_t
+c14n_get_algorithm(
+ const axis2_char_t* algo
+ );
+
/*static axis2_bool_t
c14n_in_nodeset(
const axiom_node_t *node,
@@ -464,6 +476,86 @@
return (axiom_node_t *)prv_parent;
}
+static c14n_algo_t
+c14n_get_algorithm(
+ const axis2_char_t* algo
+ )
+{
+ if (axis2_strcmp(algo, OXS_HREF_XML_C14N))
+ return C14N_XML_C14N;
+
+ if (axis2_strcmp(algo, OXS_HREF_XML_C14N_WITH_COMMENTS))
+ return C14N_XML_C14N_WITH_COMMENTS;
+
+ if (axis2_strcmp(algo, OXS_HREF_XML_EXC_C14N))
+ return C14N_XML_EXC_C14N;
+
+ if (axis2_strcmp(algo, OXS_HREF_XML_EXC_C14N_WITH_COMMENTS))
+ return C14N_XML_EXC_C14N_WITH_COMMENTS;
+
+ return 0; /*c14n_algo_t enum starts with 1*/
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_c14n_apply_stream_algo(
+ const axis2_env_t *env,
+ const axiom_document_t *doc,
+ axis2_stream_t *stream,
+ const axis2_array_list_t *ns_prefixes,
+ const axiom_node_t *node,
+ const axis2_char_t* algo
+ )
+{
+ switch (c14n_get_algorithm(algo))
+ {
+ case C14N_XML_C14N:
+ return oxs_c14n_apply_stream(env, doc, AXIS2_FALSE, stream, AXIS2_FALSE,
+ ns_prefixes, node);
+ case C14N_XML_C14N_WITH_COMMENTS:
+ return oxs_c14n_apply_stream(env, doc, AXIS2_TRUE, stream, AXIS2_FALSE,
+ ns_prefixes, node);
+ case C14N_XML_EXC_C14N:
+ return oxs_c14n_apply_stream(env, doc, AXIS2_FALSE, stream, AXIS2_TRUE,
+ ns_prefixes, node);
+ case C14N_XML_EXC_C14N_WITH_COMMENTS:
+ return oxs_c14n_apply_stream(env, doc, AXIS2_TRUE, stream, AXIS2_TRUE,
+ ns_prefixes, node);
+ default:
+ /*TODO: set the error*/
+ return AXIS2_FAILURE;
+ }
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_c14n_apply_algo(
+ const axis2_env_t *env,
+ const axiom_document_t *doc,
+ axis2_char_t **outbuf,
+ const axis2_array_list_t *ns_prefixes,
+ const axiom_node_t *node,
+ const axis2_char_t *algo
+ )
+{
+ switch (c14n_get_algorithm(algo))
+ {
+ case C14N_XML_C14N:
+ return oxs_c14n_apply(env, doc, AXIS2_FALSE, outbuf, AXIS2_FALSE,
+ ns_prefixes, node);
+ case C14N_XML_C14N_WITH_COMMENTS:
+ return oxs_c14n_apply(env, doc, AXIS2_TRUE, outbuf, AXIS2_FALSE,
+ ns_prefixes, node);
+ case C14N_XML_EXC_C14N:
+ return oxs_c14n_apply(env, doc, AXIS2_FALSE, outbuf, AXIS2_TRUE,
+ ns_prefixes, node);
+ case C14N_XML_EXC_C14N_WITH_COMMENTS:
+ return oxs_c14n_apply(env, doc, AXIS2_TRUE, outbuf, AXIS2_TRUE,
+ ns_prefixes, node);
+ default:
+ /*TODO:set the error*/
+ return AXIS2_FAILURE;
+ }
+}
+
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_c14n_apply_stream(
const axis2_env_t *env,
@@ -680,6 +772,7 @@
axiom_namespace_t *ns = NULL;
/*axiom_children_iterator_t *child_itr = NULL;*/
c14n_ns_stack_t *save_stack = NULL;
+ axiom_node_t *child_node = NULL;
ele = (axiom_element_t *)AXIOM_NODE_GET_DATA_ELEMENT((axiom_node_t *)node,
ctx->env);
@@ -730,7 +823,6 @@
/*process child elements*/
- axiom_node_t *child_node = NULL;
child_node = AXIOM_NODE_GET_FIRST_CHILD((axiom_node_t *)node, ctx->env);
while (child_node)
@@ -1218,9 +1310,10 @@
if (v)
{
+ axis2_char_t *pfx = NULL;
ns = (axiom_namespace_t *) v;
- axis2_char_t *pfx = AXIOM_NAMESPACE_GET_PREFIX(ns, ctx->env);
+ pfx = AXIOM_NAMESPACE_GET_PREFIX(ns, ctx->env);
/*axis2_char_t *uri = AXIOM_NAMESPACE_GET_URI(ns, ctx->env);*/
if (AXIS2_STRLEN(pfx) == 0)
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/error.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/error.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/error.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/error.c Wed Feb 28 21:58:03 2007
@@ -34,6 +34,9 @@
{OXS_ERROR_INVALID_SIZE , "invalid size"},
{OXS_ERROR_INVALID_FORMAT , "invalid format"},
{OXS_ERROR_ELEMENT_FAILED , "element failed"},
+ {OXS_ERROR_TRANSFORM_FAILED , "Transformation failed"},
+ {OXS_ERROR_SIGN_FAILED , "Signing failed"},
+ {OXS_ERROR_SIG_VERIFICATION_FAILED , "Signature verification failed"},
};
AXIS2_EXTERN const char* AXIS2_CALL
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/key_mgr.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/key_mgr.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/key_mgr.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/key_mgr.c Wed Feb 28 21:58:03 2007
@@ -258,5 +258,4 @@
oxs_cert = oxs_key_mgr_convert_to_x509(env, cert);
return oxs_cert;
-
}
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/openssl/sign.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/openssl/sign.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/openssl/sign.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/openssl/sign.c Wed Feb 28 21:58:03 2007
@@ -31,29 +31,37 @@
#include <openssl/bio.h>
#define BUFSIZE 64
+
+
+
AXIS2_EXTERN int AXIS2_CALL
-openssl_sign(const axis2_env_t *env,
- oxs_sign_ctx_t *sign_ctx,
+openssl_sig_sign(const axis2_env_t *env,
+ openssl_pkey_t *prvkey,
oxs_buffer_t *input_buf,
oxs_buffer_t *output_buf)
{
- openssl_pkey_t *open_pkey = NULL;
- unsigned char sig_buf[4096]; /*Allocate enough memory dynamically*/
+ unsigned char sig_buf[4096]; /*Enough for the signature*/
unsigned int sig_len;
const EVP_MD* digest;
EVP_MD_CTX md_ctx;
- EVP_PKEY* pkey;
+ EVP_PKEY* pkey = NULL;
int err, ret;
/*Get the key*/
- open_pkey = oxs_sign_ctx_get_private_key(sign_ctx, env);
- pkey = OPENSSL_PKEY_GET_KEY(open_pkey, env);
+ /*open_pkey = oxs_sign_ctx_get_private_key(sign_ctx, env);*/
+ pkey = OPENSSL_PKEY_GET_KEY(prvkey, env);
+ if(!pkey){
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIGN_FAILED,"Cannot load the private key" );
+ }
- /*Set the digest according to the signature method*/
+ /*TODO: Set the digest according to the signature method*/
digest = EVP_sha1();
+
+ /*MD Ctx init*/
+ EVP_MD_CTX_init(&md_ctx);
+
/*Sign init*/
-
ret = EVP_SignInit(&md_ctx, digest);
-
+ AXIS2_LOG_INFO(env->log, "[openssl][sig] Signing content %s", OXS_BUFFER_GET_DATA(input_buf, env) );
EVP_SignUpdate (&md_ctx, OXS_BUFFER_GET_DATA(input_buf, env), OXS_BUFFER_GET_SIZE(input_buf, env));
sig_len = sizeof(sig_buf);
err = EVP_SignFinal (&md_ctx,
@@ -67,5 +75,65 @@
OXS_BUFFER_POPULATE(output_buf, env, sig_buf, sig_len);
return sig_len;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+openssl_sig_verify(const axis2_env_t *env,
+ openssl_pkey_t *pubkey,
+ oxs_buffer_t *input_buf,
+ oxs_buffer_t *sig_buf)
+{
+ axis2_status_t status = AXIS2_FAILURE;
+ const EVP_MD* digest;
+ EVP_MD_CTX md_ctx;
+ EVP_PKEY* pkey = NULL;
+ int ret;
+
+ /*Get the publickey*/
+ /*cert = oxs_sign_ctx_get_certificate(sign_ctx, env);
+ open_pubkey = oxs_x509_cert_get_public_key(cert, env);*/
+ pkey = OPENSSL_PKEY_GET_KEY(pubkey, env);
+ if(!pkey){
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Cannot load the public key" );
+ }
+ /*TODO Set the digest according to the signature method*/
+ digest = EVP_sha1();
+
+ /*Init MD Ctx*/
+ EVP_MD_CTX_init(&md_ctx);
+
+ /*Intialize verification*/
+ ret = EVP_VerifyInit(&md_ctx, digest);
+ if(ret != 1) {
+ /*Error*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"EVP_VerifyInit failed" );
+ return AXIS2_FAILURE;
+ }
+ ret = EVP_VerifyUpdate(&md_ctx, OXS_BUFFER_GET_DATA(input_buf, env), OXS_BUFFER_GET_SIZE(input_buf, env));
+ if(ret != 1) {
+ /*Error*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"EVP_VerifyUpdate failed" );
+ return AXIS2_FAILURE;
+ }
+
+ ret = EVP_VerifyFinal(&md_ctx, OXS_BUFFER_GET_DATA(sig_buf, env),
+ OXS_BUFFER_GET_SIZE(sig_buf, env),
+ pkey);
+ if(ret == 0){
+ /*Error. Signature verification FAILED */
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Signature verification FAILED." );
+ status = AXIS2_FAILURE;
+ }else if(ret < 0){
+ /*Erorr. Some other error*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Error occured while verifying the signature." );
+ status = AXIS2_FAILURE;
+ }else{
+ /*SUCCESS. Det ar bra :-)*/
+ AXIS2_LOG_INFO(env->log, "[openssl][sig] Signature verification SUCCESS " );
+ status = AXIS2_SUCCESS;
+ }
+
+ return status;
+
}
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/sign_ctx.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/sign_ctx.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/sign_ctx.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/sign_ctx.c Wed Feb 28 21:58:03 2007
@@ -24,16 +24,18 @@
{
axis2_char_t *sign_mtd_algo;
axis2_char_t *c14n_mtd ;
+ axis2_char_t *sig_val ;
axis2_array_list_t *sign_parts;
oxs_x509_cert_t *certificate ;
openssl_pkey_t *prv_key ;
openssl_pkey_t *pub_key ;
+ oxs_sign_operation_t operation;
};
/*Public functions*/
-axis2_char_t *AXIS2_CALL
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
oxs_sign_ctx_get_sign_mtd_algo(
const oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env)
@@ -41,7 +43,7 @@
return sign_ctx->sign_mtd_algo;
}
-axis2_char_t *AXIS2_CALL
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
oxs_sign_ctx_get_c14n_mtd(
const oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env)
@@ -49,8 +51,16 @@
return sign_ctx->c14n_mtd;
}
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_sign_ctx_get_sig_val(
+ const oxs_sign_ctx_t *sign_ctx,
+ const axis2_env_t *env)
+{
+ return sign_ctx->sig_val;
+}
-axis2_array_list_t *AXIS2_CALL
+
+AXIS2_EXTERN axis2_array_list_t *AXIS2_CALL
oxs_sign_ctx_get_sign_parts(
const oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env)
@@ -58,7 +68,7 @@
return sign_ctx->sign_parts;
}
-oxs_x509_cert_t *AXIS2_CALL
+AXIS2_EXTERN oxs_x509_cert_t *AXIS2_CALL
oxs_sign_ctx_get_certificate(
const oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env)
@@ -66,7 +76,7 @@
return sign_ctx->certificate ;
}
-openssl_pkey_t *AXIS2_CALL
+AXIS2_EXTERN openssl_pkey_t *AXIS2_CALL
oxs_sign_ctx_get_private_key(
const oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env)
@@ -74,16 +84,30 @@
return sign_ctx->prv_key ;
}
-openssl_pkey_t *AXIS2_CALL
+AXIS2_EXTERN openssl_pkey_t *AXIS2_CALL
oxs_sign_ctx_get_public_key(
const oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env)
{
- return sign_ctx->pub_key ;
+ /*If the public key is set then use it. Else get the public key from the certificate.*/
+ if(sign_ctx->pub_key){
+ return sign_ctx->pub_key ;
+ }else if(sign_ctx->certificate){
+ return oxs_x509_cert_get_public_key(sign_ctx->certificate, env);
+ }else{
+ return NULL;
+ }
}
+AXIS2_EXTERN oxs_sign_operation_t AXIS2_CALL
+oxs_sign_ctx_get_operation(
+ const oxs_sign_ctx_t *sign_ctx,
+ const axis2_env_t *env)
+{
+ return sign_ctx->operation;
+}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_ctx_set_certificate(
oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env,
@@ -97,7 +121,7 @@
return AXIS2_SUCCESS;
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_ctx_set_private_key(
oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env,
@@ -111,7 +135,7 @@
return AXIS2_SUCCESS;
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_ctx_set_public_key(
oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env,
@@ -125,7 +149,7 @@
return AXIS2_SUCCESS;
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_ctx_set_sign_mtd_algo(
oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env,
@@ -141,7 +165,8 @@
return AXIS2_SUCCESS;
}
-axis2_status_t AXIS2_CALL
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_ctx_set_c14n_mtd(
oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env,
@@ -157,8 +182,23 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sign_ctx_set_sig_val(
+ oxs_sign_ctx_t *sign_ctx,
+ const axis2_env_t *env,
+ axis2_char_t *sig_val)
+{
-axis2_status_t AXIS2_CALL
+ if (sign_ctx->sig_val)
+ {
+ AXIS2_FREE(env->allocator, sign_ctx->sig_val);
+ sign_ctx->sig_val = NULL;
+ }
+ sign_ctx->sig_val = AXIS2_STRDUP(sig_val, env);
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_ctx_set_sign_parts(
oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env,
@@ -171,6 +211,17 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sign_ctx_set_operation(
+ oxs_sign_ctx_t *sign_ctx,
+ const axis2_env_t *env,
+ oxs_sign_operation_t operation
+)
+{
+ sign_ctx->operation = operation;
+ return AXIS2_SUCCESS;
+}
+
AXIS2_EXTERN oxs_sign_ctx_t *AXIS2_CALL
oxs_sign_ctx_create(const axis2_env_t *env)
{
@@ -187,16 +238,17 @@
sign_ctx->sign_mtd_algo= NULL;
sign_ctx->c14n_mtd = NULL;
+ sign_ctx->sig_val = NULL;
sign_ctx->sign_parts = NULL;
sign_ctx->certificate = NULL;
sign_ctx->prv_key = NULL;
sign_ctx->pub_key = NULL;
-
+ sign_ctx->operation = OXS_SIGN_OPERATION_NONE;
return sign_ctx;
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_ctx_free(oxs_sign_ctx_t *sign_ctx,
const axis2_env_t *env)
{
@@ -215,10 +267,17 @@
sign_ctx->c14n_mtd = NULL;
}
+ if (sign_ctx->sig_val)
+ {
+ AXIS2_FREE(env->allocator, sign_ctx->sig_val);
+ sign_ctx->sig_val = NULL;
+ }
+
sign_ctx->sign_parts = NULL;
sign_ctx->certificate = NULL;
sign_ctx->prv_key = NULL;
sign_ctx->pub_key = NULL;
+ sign_ctx->operation = OXS_SIGN_OPERATION_NONE;
AXIS2_FREE(env->allocator, sign_ctx);
sign_ctx = NULL;
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/sign_part.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/sign_part.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/sign_part.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/sign_part.c Wed Feb 28 21:58:03 2007
@@ -24,13 +24,14 @@
{
axis2_char_t *id;
axis2_char_t *digest_mtd;
+ axis2_char_t *digest_val;
axiom_node_t *node ; /*Shallow copies*/
axis2_array_list_t *transforms; /*Shallow copies*/
};
/*Public functions*/
-axis2_char_t *AXIS2_CALL
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
oxs_sign_part_get_id(
const oxs_sign_part_t *sign_part,
const axis2_env_t *env)
@@ -38,7 +39,7 @@
return sign_part->id;
}
-axis2_char_t *AXIS2_CALL
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
oxs_sign_part_get_digest_mtd(
const oxs_sign_part_t *sign_part,
const axis2_env_t *env)
@@ -46,7 +47,15 @@
return sign_part->digest_mtd;
}
-axiom_node_t *AXIS2_CALL
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_sign_part_get_digest_val(
+ const oxs_sign_part_t *sign_part,
+ const axis2_env_t *env)
+{
+ return sign_part->digest_val;
+}
+
+AXIS2_EXTERN axiom_node_t *AXIS2_CALL
oxs_sign_part_get_node(
const oxs_sign_part_t *sign_part,
const axis2_env_t *env)
@@ -54,7 +63,7 @@
return sign_part->node;
}
-axis2_array_list_t *AXIS2_CALL
+AXIS2_EXTERN axis2_array_list_t *AXIS2_CALL
oxs_sign_part_get_transforms(
const oxs_sign_part_t *sign_part,
const axis2_env_t *env)
@@ -62,7 +71,7 @@
return sign_part->transforms;
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_part_set_id(
oxs_sign_part_t *sign_part,
const axis2_env_t *env,
@@ -78,7 +87,7 @@
return AXIS2_SUCCESS;
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_part_set_digest_mtd(
oxs_sign_part_t *sign_part,
const axis2_env_t *env,
@@ -94,7 +103,23 @@
return AXIS2_SUCCESS;
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sign_part_set_digest_val(
+ oxs_sign_part_t *sign_part,
+ const axis2_env_t *env,
+ axis2_char_t *digest_val)
+{
+
+ if (sign_part->digest_val)
+ {
+ AXIS2_FREE(env->allocator, sign_part->digest_val);
+ sign_part->digest_val = NULL;
+ }
+ sign_part->digest_val = AXIS2_STRDUP(digest_val, env);
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_part_set_node(
oxs_sign_part_t *sign_part,
const axis2_env_t *env,
@@ -107,7 +132,7 @@
return AXIS2_SUCCESS;
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_part_set_transforms(
oxs_sign_part_t *sign_part,
const axis2_env_t *env,
@@ -143,7 +168,7 @@
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sign_part_free(oxs_sign_part_t *sign_part,
const axis2_env_t *env)
{
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/signature.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/signature.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/signature.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/signature.c Wed Feb 28 21:58:03 2007
@@ -25,7 +25,9 @@
#include <oxs_signature.h>
#include <oxs_buffer.h>
#include <openssl_rsa.h>
+#include <openssl_sign.h>
#include <openssl_digest.h>
+
/*Private functions*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sig_sign_rsa_sha1(const axis2_env_t *env,
@@ -36,15 +38,19 @@
axis2_char_t *encoded_str = NULL;
axis2_status_t status = AXIS2_FAILURE;
oxs_buffer_t *signed_result_buf = NULL;
+ openssl_pkey_t *prvkey = NULL;
int signedlen = -1, encodedlen = -1, ret = -1;
/*Create output buffer to store signed data*/
signed_result_buf = oxs_buffer_create(env);
/*Sign */
- signedlen = openssl_sign(env, sign_ctx, input, signed_result_buf);
+ prvkey = oxs_sign_ctx_get_private_key(sign_ctx, env);
+ signedlen = openssl_sig_sign(env, prvkey, input, signed_result_buf);
if(signedlen < 0){
/*Error*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIGN_FAILED,
+ "Signature failed. The length of signature is %d", signedlen);
}
/*Base64 encode*/
@@ -90,3 +96,53 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sig_verify(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ axis2_char_t *content,
+ axis2_char_t *signature)
+{
+ axis2_status_t status = AXIS2_FAILURE;
+ oxs_buffer_t *in_buf = NULL;
+ oxs_buffer_t *sig_buf = NULL;
+ openssl_pkey_t *pubkey = NULL;
+
+ unsigned char* decoded_data = NULL;
+ int decoded_len = -1;
+ int ret = -1;
+
+ /*Base64 decode the signature value and create the sig buffer*/
+ /*Allocate enough space*/
+ decoded_data = AXIS2_MALLOC(env->allocator, axis2_base64_decode_len(signature));
+ decoded_len = axis2_base64_decode_binary(decoded_data, signature );
+ if (decoded_len < 0)
+ {
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,
+ "axis2_base64_decode_binary failed");
+ return AXIS2_FAILURE;
+ }
+ /*Create the signature buffer*/
+ sig_buf = oxs_buffer_create(env);
+ ret = OXS_BUFFER_POPULATE(sig_buf, env, decoded_data, decoded_len);
+
+ /*Create the input buffer*/
+ in_buf = oxs_buffer_create(env);
+ status = OXS_BUFFER_POPULATE(in_buf, env, (unsigned char*)content, axis2_strlen(content));
+
+ /*Get the public key. See.. this method is tricky. It might take the public key from the certificate if
+ * the public key is not available directly*/
+ pubkey = oxs_sign_ctx_get_public_key(sign_ctx, env);
+
+ /*Call OpenSSL function to verify the signature*/
+ status = openssl_sig_verify(env, pubkey, in_buf, sig_buf);
+ if(AXIS2_SUCCESS != status){
+ /*Error in signature processing*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Signature verification FAILED.");
+ return AXIS2_FAILURE;
+ }else{
+
+ AXIS2_LOG_INFO(env->log, "[oxs][sig] Signature verification SUCCESS " );
+ return AXIS2_SUCCESS;
+ }
+
+}
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_c14n_method.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_c14n_method.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_c14n_method.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_c14n_method.c Wed Feb 28 21:58:03 2007
@@ -48,7 +48,7 @@
/*If c14n algorithm is NULL then use the default*/
if (!algorithm)
{
- algorithm = (axis2_char_t*)OXS_HREF_C14N;
+ algorithm = (axis2_char_t*)OXS_HREF_XML_EXC_C14N;
}
algo_attr = axiom_attribute_create(env, OXS_ATTR_ALGORITHM, algorithm, NULL);
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_ds_reference.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_ds_reference.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_ds_reference.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_ds_reference.c Wed Feb 28 21:58:03 2007
@@ -67,4 +67,22 @@
return ds_reference_node;
}
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_token_get_ds_reference(const axis2_env_t *env, axiom_node_t *ref_node)
+{
+ axis2_char_t *ref = NULL;
+ axiom_element_t *reference_ele = NULL;
+
+ reference_ele = AXIOM_NODE_GET_DATA_ELEMENT(ref_node, env);
+ if (!reference_ele)
+ {
+ oxs_error(env, ERROR_LOCATION,
+ OXS_ERROR_ELEMENT_FAILED, "Error retrieving data reference element");
+ return NULL;
+ }
+
+ ref = AXIOM_ELEMENT_GET_ATTRIBUTE_VALUE_BY_NAME(reference_ele, env, OXS_ATTR_URI);
+ return ref;
+
+}
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_transform.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_transform.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_transform.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/tokens/token_transform.c Wed Feb 28 21:58:03 2007
@@ -48,7 +48,7 @@
/*If transform algorithm is NULL then use the default*/
if (!algorithm)
{
- algorithm = (axis2_char_t*)OXS_HREF_C14N;
+ algorithm = (axis2_char_t*)OXS_HREF_XML_EXC_C14N;
}
algo_attr = axiom_attribute_create(env, OXS_ATTR_ALGORITHM, algorithm, NULL);
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/xml_signature.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/xml_signature.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/xml_signature.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/omxmlsec/xml_signature.c Wed Feb 28 21:58:03 2007
@@ -22,12 +22,16 @@
#include <oxs_buffer.h>
#include <oxs_cipher.h>
#include <oxs_c14n.h>
+#include <oxs_axiom.h>
+#include <oxs_utility.h>
#include <openssl_rsa.h>
#include <openssl_digest.h>
#include <oxs_sign_ctx.h>
#include <oxs_sign_part.h>
#include <oxs_xml_signature.h>
#include <oxs_signature.h>
+#include <oxs_transform.h>
+#include <oxs_transforms_factory.h>
#include <oxs_token_ds_reference.h>
#include <oxs_token_digest_method.h>
#include <oxs_token_digest_value.h>
@@ -61,6 +65,7 @@
/*TODO: Right now we support only X509Data. But should support other patterns as well*/
cert = oxs_sign_ctx_get_certificate(sign_ctx, env);
if(!cert){
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIGN_FAILED,"Cannot get the certificate to build <ds:KeyInfo> element" );
return AXIS2_FAILURE;
}
@@ -76,16 +81,93 @@
return AXIS2_SUCCESS;
}
+/*This method is common for both signing and verification*/
+static axis2_char_t *
+oxs_xml_sig_transform_n_digest(const axis2_env_t *env,
+ axiom_node_t *node,
+ axis2_array_list_t *transforms,
+ axis2_char_t *digest_mtd)
+{
+ axis2_char_t *serialized_node = NULL;
+ axis2_char_t *digest = NULL;
+ int i = 0;
+
+ printf("oxs_xml_sig_transform_n_digest\n");
+ if((transforms) && (0 < AXIS2_ARRAY_LIST_SIZE(transforms, env))){
+ oxs_tr_dtype_t output_dtype = OXS_TRANSFORM_TYPE_UNKNOWN;/*This will always be the current dtype*/
+ void *tr_output = NULL;
+ output_dtype = OXS_TRANSFORM_TYPE_NODE; /*We always begin with a node*/
+
+ tr_output = node; /*The first transformation is applied to the node*/
+
+ /*LOOP: Apply transforms. For example exclusive C14N*/
+ for (i = 0; i < AXIS2_ARRAY_LIST_SIZE(transforms, env); i++){
+ oxs_transform_t *tr = NULL;
+ oxs_transform_tr_func tr_func = NULL;
+ oxs_tr_dtype_t input_dtype = OXS_TRANSFORM_TYPE_UNKNOWN;
+ void *tr_input = NULL;
+ axis2_char_t *tr_id = NULL;
+
+ /*Get the ith transform*/
+ tr = (oxs_transform_t*)AXIS2_ARRAY_LIST_GET(transforms, env, i);
+ tr_id = oxs_transform_get_id(tr, env);
+ tr_func = oxs_transform_get_transform_function(tr, env);
+ input_dtype = oxs_transform_get_input_data_type(tr, env);
+
+ printf("Transform required = %s", tr_id);
+ /*Prepare the input*/
+ /*If the required input type is CHAR and what we have is a NODE*/
+ if((input_dtype == OXS_TRANSFORM_TYPE_CHAR) && (output_dtype == OXS_TRANSFORM_TYPE_NODE)){
+ /*Serialize*/
+ tr_input = axiom_node_to_string((axiom_node_t*)tr_output, env);
+ /*If the required input type is NODE and what we have is a CHAR*/
+ }else if((input_dtype == OXS_TRANSFORM_TYPE_NODE) && (output_dtype == OXS_TRANSFORM_TYPE_CHAR)){
+ /*TODO De-serialize*/
+ }else{
+ /*Let it go as it is. */
+ tr_input = tr_output;
+ }
+ /*Apply transform*/
+ if(tr_func){
+ output_dtype = (*tr_func)(env, tr_input, input_dtype, &tr_output);
+ }else{
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_TRANSFORM_FAILED,"Cannot get the transform implementation for %s", tr_id);
+ }
+ /*If the output data type is unknown OR the output is NULL its an error*/
+ if((output_dtype == OXS_TRANSFORM_TYPE_UNKNOWN) || (!tr_output)){
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_TRANSFORM_FAILED,"Transform failed for %s", tr_id);
+ /*return AXIS2_FAILURE*/
+ }
+ }/*eof for loop*/
+ /*We have applied all our transforms now*/
+ /*Serialize node*/
+ if(OXS_TRANSFORM_TYPE_NODE == output_dtype ){
+ serialized_node = AXIOM_NODE_TO_STRING((axiom_node_t*)tr_output, env);
+ }else if(OXS_TRANSFORM_TYPE_CHAR == output_dtype){
+ serialized_node = (axis2_char_t*)tr_output;
+ }else{
+ /*Error*/
+ }
+ }else{
+ /*No transforms defined. Thus we simply direct the node, to make the digest*/
+ serialized_node = AXIOM_NODE_TO_STRING(node, env);
+ }
+ /*TODO Check digest type. We support SHA-1 only*/
+ digest = openssl_sha1(env, serialized_node, axis2_strlen(serialized_node));
+
+ return digest;
+}
+
/*parent is ds:SignedInfo*/
static axis2_status_t
oxs_xml_sig_build_reference(const axis2_env_t *env,
axiom_node_t *parent,
oxs_sign_part_t *sign_part)
{
- axis2_char_t *uri = NULL;
- axis2_char_t *serialized_node = NULL;
axis2_char_t *digest = NULL;
axis2_char_t *digest_mtd = NULL;
+ axis2_char_t *ref_id = NULL;
+ axis2_char_t *id = NULL;
axis2_array_list_t *transforms = NULL;
axiom_node_t *node = NULL;
axiom_node_t *reference_node = NULL;
@@ -95,30 +177,36 @@
/*Get the node to digest*/
node = oxs_sign_part_get_node(sign_part, env);
-
- reference_node = oxs_token_build_ds_reference_element(env, parent ,NULL, uri, NULL);
+
+ /*Get the reference ID from the node and hence to the ds:Reference node*/
+ id = oxs_axiom_get_attribute_value_of_node_by_name(env, node, "wsu:Id");
+
+ ref_id = AXIS2_STRACAT("#", id, env);/* <ds:Reference URI="#id">*/
+ reference_node = oxs_token_build_ds_reference_element(env, parent ,NULL, ref_id, NULL);
/*Get transforms if any*/
transforms = oxs_sign_part_get_transforms(sign_part, env);
+ /*Get the digest method*/
+ digest_mtd = oxs_sign_part_get_digest_mtd(sign_part, env);
+
+ /*Transform and Digest*/
+ digest = oxs_xml_sig_transform_n_digest(env, node, transforms, digest_mtd);
+ /*Build ds:Transforms node and its children*/
if((transforms) && (0 < AXIS2_ARRAY_LIST_SIZE(transforms, env))){
axiom_node_t *transforms_node = NULL;
- /*Add ds:Transforms element*/
+
transforms_node = oxs_token_build_transforms_element(env, reference_node);
- /*LOOP: Apply transforms. This usually C14N*/
for (i = 0; i < AXIS2_ARRAY_LIST_SIZE(transforms, env); i++){
- /*Apply transform*/
+ oxs_transform_t *tr = NULL;
+ axis2_char_t *tr_id = NULL;
- /*Add to ds:Transforms*/
+ /*Get the ith transform*/
+ tr = (oxs_transform_t*)AXIS2_ARRAY_LIST_GET(transforms, env, i);
+ tr_id = oxs_transform_get_id(tr, env);
+ oxs_token_build_transform_element(env, transforms_node, tr_id);
}
}
- /*Serialize node*/
- serialized_node = AXIOM_NODE_TO_STRING(node, env);
- printf("serialized_node %s\n", serialized_node);
- /*Make digest.*/
- digest_mtd = oxs_sign_part_get_digest_mtd(sign_part, env);
- digest = openssl_sha1(env, serialized_node, axis2_strlen(serialized_node));
-
/*Construct nodes*/
digest_mtd_node = oxs_token_build_digest_method_element(env, reference_node, digest_mtd);
digest_value_node = oxs_token_build_digest_value_element(env, reference_node, digest);
@@ -151,7 +239,6 @@
/*Then serialize <SignedInfo>*/
serialized_signed_info = c14nized; /*AXIOM_NODE_TO_STRING(signed_info_node, env);*/
- printf("serialized_signed_info %s\n",serialized_signed_info);
/*Make the input and out put buffers*/
input_buf = oxs_buffer_create(env);
@@ -190,14 +277,14 @@
/*Construct the <SignedInfo> */
signed_info_node = oxs_token_build_signed_info_element(env, signature_node);
- /*Construct the <SignatureMethod> */
- sign_algo = oxs_sign_ctx_get_sign_mtd_algo(sign_ctx, env);
- signature_mtd_node = oxs_token_build_signature_method_element(env, signed_info_node, sign_algo);
-
/*Construct the <CanonicalizationMethod> */
c14n_algo = oxs_sign_ctx_get_c14n_mtd(sign_ctx, env);
c14n_mtd_node = oxs_token_build_c14n_method_element(env, signed_info_node, c14n_algo);
+ /*Construct the <SignatureMethod> */
+ sign_algo = oxs_sign_ctx_get_sign_mtd_algo(sign_ctx, env);
+ signature_mtd_node = oxs_token_build_signature_method_element(env, signed_info_node, sign_algo);
+
/*Look for signature parts*/
sign_parts = oxs_sign_ctx_get_sign_parts(sign_ctx , env);
@@ -220,10 +307,314 @@
return AXIS2_SUCCESS;
}
+/*******************************Verification specific*****************************/
+
+/*Populates a sign_part according to the <ds:Reference> node*/
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_xml_sig_process_ref_node(const axis2_env_t *env,
+ oxs_sign_part_t *sign_part,
+ axiom_node_t *ref_node,
+ axiom_node_t *scope_node)
+{
+ axis2_char_t *ref_id = NULL;
+ axis2_char_t *child_node_name = NULL;
+ axiom_node_t *reffed_node = NULL;
+ axiom_node_t *child_node = NULL;
+
+ ref_id = oxs_token_get_ds_reference(env, ref_node);
+ oxs_sign_part_set_id(sign_part, env, ref_id);
+
+ /*Remove the # from the id*/
+ ref_id = axis2_string_substring_starting_at(ref_id, 1);
+
+ /*Find the node refered by this ref_id and set to the sign part*/
+ reffed_node = oxs_axiom_get_node_by_id(env, scope_node, "wsu:Id", ref_id );
+ if(reffed_node){
+ oxs_sign_part_set_node(sign_part, env, reffed_node);
+ }else{
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Cannot find node with Id=%s ", ref_id );
+ return AXIS2_FAILURE; /*No such node. Its an error*/
+ }
+
+ /*First child is optional Transforms element*/
+ child_node = AXIOM_NODE_GET_FIRST_CHILD(ref_node, env);
+ child_node_name = axiom_util_get_localname(child_node, env);
+ if(0 == axis2_strcmp(child_node_name, OXS_NODE_TRANSFORMS)){
+ /*Transforms found*/
+ /*TODO*/
+ axiom_node_t *tr_node = NULL;
+ axis2_array_list_t *tr_list = NULL;
+
+ /*Create a list to hold transforms*/
+ tr_list = axis2_array_list_create(env, 1);
+ tr_node = AXIOM_NODE_GET_FIRST_CHILD(child_node, env);
+ /*Iterate thru all the <ds:Transform> nodes in <ds:Transforms>*/
+ while(tr_node)
+ {
+ axis2_char_t *node_name = NULL;
+
+ node_name = axiom_util_get_localname(tr_node, env);
+ if( 0 == axis2_strcmp(OXS_NODE_TRANSFORM, node_name)){
+ axis2_char_t *tr_id = NULL;
+ oxs_transform_t *tr = NULL;
+
+ tr_id = oxs_token_get_transform(env, tr_node);
+ /*Get the transform given the id*/
+ tr = oxs_transforms_factory_produce_transform(env, tr_id);
+ if(!tr) {
+ /*The transform not supported*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_TRANSFORM_FAILED,"Cannot produce the transform for %s", tr_id);
+ return AXIS2_FAILURE;
+ }
+ /*Add the transform to the list*/
+ AXIS2_ARRAY_LIST_ADD(tr_list, env, tr);
+ }else{
+ /*<ds:Transforms> cant have any other element*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_TRANSFORM_FAILED,"<ds:Transforms> cannot have node %s ", node_name );
+ return AXIS2_FAILURE;
+ }
+ /*Set the next node to be precessed*/
+ tr_node = AXIOM_NODE_GET_NEXT_SIBLING(tr_node, env);
+ }/*eof while*/
+ /*Set transforms for this signature part*/
+ oxs_sign_part_set_transforms(sign_part, env, tr_list);
+
+ /*At the end, set the next node as the child node*/
+ child_node = AXIOM_NODE_GET_NEXT_SIBLING(child_node, env);
+ }else{
+ /*There are no transforms for this sign part*/
+ }
+
+ /* Process mandatory ds:DigestMethod*/
+ child_node_name = axiom_util_get_localname(child_node, env);
+ if(0 == axis2_strcmp(child_node_name, OXS_NODE_DIGEST_METHOD)){
+ axis2_char_t *digest_mtd = NULL;
+ /*ds:DigestMethod found*/
+ digest_mtd = oxs_token_get_digest_method(env, child_node);
+ oxs_sign_part_set_digest_mtd(sign_part, env, digest_mtd);
+
+ /*At the end, set the next node as the child node*/
+ child_node = AXIOM_NODE_GET_NEXT_SIBLING(child_node, env);
+ }else{
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Cannot find <ds:DigestMethod> " );
+ return AXIS2_FAILURE;
+ }
+
+ /* Process mandatory ds:DigestValue*/
+ child_node_name = axiom_util_get_localname(child_node, env);
+ if(0 == axis2_strcmp(child_node_name, OXS_NODE_DIGEST_VALUE)){
+ /*ds:DigestValue found*/
+ axis2_char_t *digest_val = NULL;
+ digest_val = oxs_token_get_digest_value(env, child_node);
+ oxs_sign_part_set_digest_val(sign_part, env, digest_val);
+ }else{
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Cannot find <ds:DigestValue> " );
+ return AXIS2_FAILURE;
+ }
+
+ return AXIS2_SUCCESS;
+
+}
+
+ /*Process Signature Node along with its most loving child ds:SignedInfo.
+ * We need to populate
+ * 1. Sig_mtd
+ * 2. C14N Mtd
+ * 3. Sign parts
+ * 3.1. Id
+ * 3.2 Digest mtd
+ * 3.3. Transforms*/
+
AXIS2_EXTERN axis2_status_t AXIS2_CALL
-oxs_xml_sig_verify(const axis2_env_t *env,
+oxs_xml_sig_process_signature_node(const axis2_env_t *env,
oxs_sign_ctx_t *sign_ctx,
- axiom_node_t *signature_node)
+ axiom_node_t *signature_node,
+ axiom_node_t *scope_node)
{
+ axiom_node_t *cur_node = NULL;
+ axiom_node_t *signed_info_node = NULL;
+ axiom_node_t *sig_val_node = NULL;
+ axis2_status_t status = AXIS2_FAILURE;
+ axis2_array_list_t *sign_part_list = NULL;
+
+ signed_info_node = oxs_axiom_get_first_child_node_by_name(env, signature_node,
+ OXS_NODE_SIGNEDINFO, OXS_DSIG_NS, OXS_DS );
+
+ if(!signed_info_node){
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Cannot find <ds:SignedInfo> " );
+ return AXIS2_FAILURE;
+ }
+ /*Create the list for sign parts*/
+ sign_part_list = axis2_array_list_create(env,5);
+
+ /*Process signed info element*/
+ cur_node = AXIOM_NODE_GET_FIRST_CHILD(signed_info_node, env);
+ /*Iterate thru children of <SignedInfo>*/
+ while(cur_node){
+ axis2_char_t *localname = NULL;
+
+ localname = axiom_util_get_localname(cur_node, env);
+
+ if(0 == axis2_strcmp(localname, OXS_NODE_CANONICALIZATION_METHOD)){
+ axis2_char_t *c14n_mtd = NULL;
+ c14n_mtd = oxs_token_get_c14n_method(env, cur_node);
+ oxs_sign_ctx_set_c14n_mtd(sign_ctx, env, c14n_mtd);
+
+ }else if(0 == axis2_strcmp(localname, OXS_NODE_SIGNATURE_METHOD)){
+ axis2_char_t *sig_mtd = NULL;
+ sig_mtd = oxs_token_get_signature_method(env, cur_node);
+ oxs_sign_ctx_set_sign_mtd_algo(sign_ctx, env, sig_mtd);
+
+ }else if(0 == axis2_strcmp(localname, OXS_NODE_REFERENCE)){
+ oxs_sign_part_t *sign_part = NULL;
+
+ /* There might be multiple references.
+ * For each create a sign_part and add to sign_part_list in the sign_ctx*/
+ sign_part = oxs_sign_part_create(env);
+ status = oxs_xml_sig_process_ref_node(env, sign_part, cur_node, scope_node);
+ if(status == AXIS2_FAILURE){
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"<ds:Reference> node processing failed " );
+ return AXIS2_FAILURE;
+ }
+
+ /*Now we have a new sign_part. Add it to the list.*/
+ axis2_array_list_add(sign_part_list, env, sign_part);
+
+ }else{
+ printf("oxs_sig : We do not process cur node name %s", localname);
+ }
+ cur_node = AXIOM_NODE_GET_NEXT_SIBLING(cur_node, env);
+ }
+
+ oxs_sign_ctx_set_sign_parts(sign_ctx, env, sign_part_list);
+ /*Finished processing SignedInfo. Now we are processing the Signature Value element*/
+ /*The very next child of SignedInfo Should be the ds:SignatureValue*/
+ sig_val_node = AXIOM_NODE_GET_NEXT_SIBLING(signed_info_node, env);
+ if(0 == axis2_strcmp( OXS_NODE_SIGNATURE_VALUE, axiom_util_get_localname(sig_val_node, env))){
+ axis2_char_t *sig_val = NULL;
+
+ sig_val = oxs_token_get_signature_value(env, sig_val_node);
+ oxs_sign_ctx_set_sig_val(sign_ctx, env, sig_val);
+
+ }else{
+ /*Error the node should be the ds:SignatureValue*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Cannot find <ds:SignatureValue> " );
+ return AXIS2_FAILURE;
+ }
+
+ /*We need to process the KeyInfo node. Do we???*/
+ /*TODO*/
return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_xml_sig_verify_sign_part(const axis2_env_t *env,
+ oxs_sign_part_t *sign_part)
+{
+ axis2_char_t *id = NULL;
+ axis2_char_t *digest_mtd = NULL;
+ axis2_char_t *digest_val = NULL;
+ axis2_char_t *new_digest = NULL;
+ axiom_node_t *node = NULL;
+ axis2_array_list_t *transforms = NULL;
+ axis2_status_t status = AXIS2_FAILURE;
+
+ id = oxs_sign_part_get_id(sign_part, env);
+ digest_mtd = oxs_sign_part_get_digest_mtd(sign_part, env);
+ digest_val = oxs_sign_part_get_digest_val(sign_part, env);
+ node = oxs_sign_part_get_node(sign_part, env);
+ transforms = oxs_sign_part_get_transforms(sign_part, env);
+
+ AXIS2_LOG_INFO(env->log, "[oxs][xml_sig] Verifying signature part %s ", id );
+
+ /*Do transforms to the node*/
+ new_digest = oxs_xml_sig_transform_n_digest(env, node, transforms, digest_mtd);
+
+ /*Compare values*/
+ if(0 == axis2_strcmp(new_digest, digest_val)){
+ AXIS2_LOG_INFO(env->log, "[oxs][xml_sig] Digest verification success for node Id= %s ", id );
+ status = AXIS2_SUCCESS;
+ }else{
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Digest verification failed for node Id= %s ", id );
+ status = AXIS2_FAILURE;
+ }
+
+ return status;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_xml_sig_verify_digests(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx)
+{
+ axis2_status_t status = AXIS2_FAILURE;
+ axis2_array_list_t *sign_parts = NULL;
+ int i = 0 ;
+
+ /*Get the sign_part list*/
+ sign_parts = oxs_sign_ctx_get_sign_parts(sign_ctx, env);
+ /*For each and every signature part in sig ctx,*/
+ for (i = 0; i < AXIS2_ARRAY_LIST_SIZE(sign_parts, env); i++){
+ oxs_sign_part_t *sign_part = NULL;
+
+ /*Get ith sign_part*/
+ sign_part = (oxs_sign_part_t*)axis2_array_list_get(sign_parts, env, i);
+ status = oxs_xml_sig_verify_sign_part(env, sign_part);
+ }
+
+ return status;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_xml_sig_verify(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ axiom_node_t *signature_node,
+ axiom_node_t *scope_node)
+{
+ axis2_status_t status = AXIS2_FAILURE;
+ axiom_node_t *signed_info_node = NULL;
+ axiom_document_t *doc = NULL;
+ axis2_char_t *c14n_mtd = NULL;
+ axis2_char_t *content = NULL;
+ axis2_char_t *signature_val = NULL;
+
+ /*Set operation to verify*/
+ oxs_sign_ctx_set_operation(sign_ctx, env, OXS_SIGN_OPERATION_VERIFY);
+
+ /*Populate the sign_ctx by inspecting the ds:Signature node*/
+ status = oxs_xml_sig_process_signature_node(env, sign_ctx, signature_node, scope_node);
+ if(status != AXIS2_SUCCESS){
+ /*Something went wrong while processing the Signature node!!! :(*/
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"<ds:Signature> node processing failed " );
+ return AXIS2_FAILURE;
+ }
+ /*At this point we have a ready to process signature context. So start verification process*/
+
+ /*Verify the integrity of the signed parts by comparing the digest values of each and every reference.*/
+ status = oxs_xml_sig_verify_digests(env, sign_ctx);
+
+ if(AXIS2_FAILURE == status){
+ return AXIS2_FAILURE;
+ }
+
+ /*At this point we have compared the digest. Next step is to compare the Signature value */
+ /*First get the signature value from the context*/
+ signature_val = oxs_sign_ctx_get_sig_val(sign_ctx, env);
+
+ /*Then we apply the C14N for the ds:SignedInfo*/
+ signed_info_node = oxs_axiom_get_first_child_node_by_name(env, signature_node,
+ OXS_NODE_SIGNEDINFO, OXS_DSIG_NS, OXS_DS );
+ c14n_mtd = oxs_sign_ctx_get_c14n_mtd(sign_ctx, env);
+ doc = axiom_node_get_document(signed_info_node, env);
+ oxs_c14n_apply(env, doc, AXIS2_FALSE, &content, AXIS2_TRUE, NULL, signed_info_node);
+
+ /*In the final step we Verify*/
+ status = oxs_sig_verify(env, sign_ctx, content , signature_val);
+ if(AXIS2_FAILURE == status){
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Signature is not valid " );
+ return AXIS2_FAILURE;
+ }else{
+ return AXIS2_SUCCESS;
+ }
+
+
}
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/Makefile.am
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/Makefile.am?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/Makefile.am (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/Makefile.am Wed Feb 28 21:58:03 2007
@@ -2,9 +2,9 @@
noinst_LTLIBRARIES = librp_builder.la
-librp_builder_la_SOURCES = algorithmsuite_builder.c asymmetric_binding_builder.c binding_commons_builder.c encryption_crypto_builder.c \
+librp_builder_la_SOURCES = algorithmsuite_builder.c asymmetric_binding_builder.c binding_commons_builder.c \
https_token_builder.c layout_builder.c qname_matcher.c rampart_config_builder.c secpolicy_builder.c \
- security_context_token_builder.c signature_crypto_builder.c signed_encrypted_elements_builder.c \
+ security_context_token_builder.c signed_encrypted_elements_builder.c \
signed_encrypted_parts_builder.c supporting_tokens_builder.c symmetric_asymmetric_commons_builder.c \
symmetric_binding_builder.c token_builder.c transport_binding_builder.c username_token_builder.c \
wss10_builder.c wss11_builder.c x509_token_builder.c policy_creator.c
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/policy_creator.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/policy_creator.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/policy_creator.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/policy_creator.c Wed Feb 28 21:58:03 2007
@@ -1,8 +1,7 @@
#include <rp_layout.h>
-/*#include <rp_secpolicy.h>*/
#include <rp_secpolicy_builder.h>
#include <rp_policy_creator.h>
-
+#include <rp_qname_matcher.h>
AXIS2_EXTERN rp_secpolicy_t *AXIS2_CALL
rp_policy_create_from_file(
@@ -14,11 +13,7 @@
axiom_stax_builder_t *builder = NULL;
axiom_document_t *document = NULL;
axiom_node_t *root = NULL;
- axiom_element_t *all_ele = NULL;
axiom_element_t *root_ele = NULL;
- axiom_node_t *exat_node = NULL;
- axiom_element_t *exat_ele = NULL;
- axiom_node_t *all_node = NULL;
rp_secpolicy_t *secpolicy = NULL;
reader = axiom_xml_reader_create_for_file(env,filename,NULL);
@@ -62,6 +57,38 @@
else
return NULL;
}
+ secpolicy = rp_policy_create_from_om_node(env,root);
+
+ return secpolicy;
+
+}
+
+
+AXIS2_EXTERN rp_secpolicy_t *AXIS2_CALL
+rp_policy_create_from_om_node(
+ const axis2_env_t *env,
+ axiom_node_t *root)
+{
+
+ axiom_element_t *all_ele = NULL;
+ axiom_element_t *root_ele = NULL;
+ axiom_node_t *exat_node = NULL;
+ axiom_element_t *exat_ele = NULL;
+ axiom_node_t *all_node = NULL;
+ rp_secpolicy_t *secpolicy = NULL;
+
+
+ if(AXIOM_NODE_GET_NODE_TYPE(root, env) == AXIOM_ELEMENT)
+ {
+ root_ele = (axiom_element_t*)AXIOM_NODE_GET_DATA_ELEMENT (root, env);
+ if(root_ele)
+ {
+
+ }
+ }
+ else
+ return NULL;
+
exat_node = AXIOM_NODE_GET_FIRST_CHILD(root,env);
if(exat_node)
{
@@ -95,3 +122,5 @@
return secpolicy;
}
+
+
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/qname_matcher.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/qname_matcher.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/qname_matcher.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/qname_matcher.c Wed Feb 28 21:58:03 2007
@@ -51,6 +51,43 @@
}
AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rp_match_policy_qname(
+ const axis2_env_t *env,
+ const axis2_char_t *local_name,
+ axiom_node_t *node,
+ axiom_element_t *element)
+{
+
+ axis2_qname_t *qname = NULL;
+ axis2_qname_t *node_qname = NULL;
+
+ AXIS2_ENV_CHECK(env,AXIS2_FALSE);
+
+ qname = axis2_qname_create(env,local_name,RP_POLICY_NS,RP_POLICY_PREFIX);
+ if(!qname)
+ return AXIS2_FALSE;
+
+ node_qname = AXIOM_ELEMENT_GET_QNAME(element,env,node);
+
+ if(!node_qname)
+ {
+ AXIS2_QNAME_FREE(qname,env);
+ qname = NULL;
+ return AXIS2_FALSE;
+ }
+
+ if(AXIS2_QNAME_EQUALS(qname,env,node_qname))
+ {
+ AXIS2_QNAME_FREE(qname,env);
+ qname = NULL;
+ return AXIS2_TRUE;
+ }
+
+ return AXIS2_FALSE;
+}
+
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
rp_match_rampart_config_qname(
const axis2_env_t *env,
const axis2_char_t *local_name,
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/rampart_config_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/rampart_config_builder.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/rampart_config_builder.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/builder/rampart_config_builder.c Wed Feb 28 21:58:03 2007
@@ -146,30 +146,35 @@
return AXIS2_FAILURE;
}
- else if(AXIS2_STRCMP(local_name,RP_SIGNATURE_CRYPTO)==0)
+ else if(AXIS2_STRCMP(local_name,RP_PUBLIC_KEY)==0)
{
- if(rp_match_rampart_config_qname(env,RP_SIGNATURE_CRYPTO,node,element))
+ if(rp_match_rampart_config_qname(env,RP_PUBLIC_KEY,node,element))
{
- rp_signature_crypto_t *signature_crypto = NULL;
- signature_crypto = rp_signature_crypto_builder_build(env,node);
- if(!signature_crypto)
- return AXIS2_FAILURE;
-
- return rp_rampart_config_set_signature_crypto(rampart_config,env,signature_crypto);
+ axis2_char_t *public_key_file = NULL;
+ public_key_file = AXIOM_ELEMENT_GET_TEXT(element,env,node);
+ return rp_rampart_config_set_public_key_file(rampart_config,env,public_key_file);
}
else
return AXIS2_FAILURE;
}
- else if(AXIS2_STRCMP(local_name,RP_ENCRYPTION_CRYPTO)==0)
+ else if(AXIS2_STRCMP(local_name,RP_PRIVATE_KEY)==0)
{
- if(rp_match_rampart_config_qname(env,RP_ENCRYPTION_CRYPTO,node,element))
+ if(rp_match_rampart_config_qname(env,RP_PRIVATE_KEY,node,element))
{
- rp_encryption_crypto_t *encryption_crypto = NULL;
- encryption_crypto = rp_encryption_crypto_builder_build(env,node);
- if(!encryption_crypto)
- return AXIS2_FAILURE;
-
- return rp_rampart_config_set_encryption_crypto(rampart_config,env,encryption_crypto);
+ axis2_char_t *private_key_file = NULL;
+ private_key_file = AXIOM_ELEMENT_GET_TEXT(element,env,node);
+ return rp_rampart_config_set_private_key_file(rampart_config,env,private_key_file);
+ }
+ else
+ return AXIS2_FAILURE;
+ }
+ else if(AXIS2_STRCMP(local_name,RP_TIME_TO_LIVE)==0)
+ {
+ if(rp_match_rampart_config_qname(env,RP_TIME_TO_LIVE,node,element))
+ {
+ axis2_char_t *time_to_live = NULL;
+ time_to_live = AXIOM_ELEMENT_GET_TEXT(element,env,node);
+ return rp_rampart_config_set_time_to_live(rampart_config,env,time_to_live);
}
else
return AXIS2_FAILURE;
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/model/Makefile.am
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/model/Makefile.am?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/model/Makefile.am (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/model/Makefile.am Wed Feb 28 21:58:03 2007
@@ -3,8 +3,8 @@
noinst_LTLIBRARIES = librp_model.la
librp_model_la_SOURCES = algorithmsuite.c asymmetric_binding.c \
- binding_commons.c encryption_crypto.c header.c https_token.c layout.c \
- property.c rampart_config.c secpolicy.c security_context_token.c signature_crypto.c \
+ binding_commons.c header.c https_token.c layout.c \
+ property.c rampart_config.c secpolicy.c security_context_token.c \
signed_encrypted_elements.c signed_encrypted_parts.c supporting_tokens.c symmetric_asymmetric_binding_commons.c \
symmetric_binding.c transport_binding.c ut.c wss10.c wss11.c x509_token.c
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/model/rampart_config.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/model/rampart_config.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/model/rampart_config.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/secpolicy/model/rampart_config.c Wed Feb 28 21:58:03 2007
@@ -25,8 +25,9 @@
axis2_char_t *password_callback_class;
axis2_char_t *authenticate_module;
axis2_char_t *password_type;
- rp_signature_crypto_t *signature_crypto;
- rp_encryption_crypto_t *encryption_crypto;
+ axis2_char_t *time_to_live;
+ axis2_char_t *public_key_file;
+ axis2_char_t *private_key_file;
};
AXIS2_EXTERN rp_rampart_config_t *AXIS2_CALL
@@ -47,10 +48,11 @@
rampart_config->user = NULL;
rampart_config->encryption_user = NULL;
rampart_config->password_callback_class = NULL;
- rampart_config->signature_crypto = NULL;
- rampart_config->encryption_crypto = NULL;
+ rampart_config->private_key_file = NULL;
+ rampart_config->public_key_file = NULL;
rampart_config->authenticate_module = NULL;
rampart_config->password_type = NULL;
+ rampart_config->time_to_live = NULL;
return rampart_config;
}
@@ -62,16 +64,6 @@
if(rampart_config)
{
- if(rampart_config->encryption_crypto)
- {
- rp_encryption_crypto_free(rampart_config->encryption_crypto,env);
- rampart_config->encryption_crypto = NULL;
- }
- if(rampart_config->signature_crypto)
- {
- rp_signature_crypto_free(rampart_config->signature_crypto,env);
- rampart_config->signature_crypto = NULL;
- }
AXIS2_FREE(env->allocator,rampart_config);
rampart_config = NULL;
}
@@ -193,46 +185,69 @@
}
-AXIS2_EXTERN rp_signature_crypto_t *AXIS2_CALL
-rp_rampart_config_get_signature_crypto(
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rp_rampart_config_get_private_key_file(
rp_rampart_config_t *rampart_config,
const axis2_env_t *env)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- return rampart_config->signature_crypto;
+ return rampart_config->private_key_file;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
-rp_rampart_config_set_signature_crypto(rp_rampart_config_t *rampart_config,
+rp_rampart_config_set_private_key_file(rp_rampart_config_t *rampart_config,
const axis2_env_t *env,
- rp_signature_crypto_t *signature_crypto)
+ axis2_char_t *private_key_file)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- AXIS2_PARAM_CHECK(env->error,signature_crypto,AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,private_key_file,AXIS2_FAILURE);
- rampart_config->signature_crypto = signature_crypto;
+ rampart_config->private_key_file = private_key_file;
return AXIS2_SUCCESS;
}
-AXIS2_EXTERN rp_encryption_crypto_t *AXIS2_CALL
-rp_rampart_config_get_encryption_crypto(
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rp_rampart_config_get_public_key_file(
+ rp_rampart_config_t *rampart_config,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ return rampart_config->public_key_file;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rp_rampart_config_set_public_key_file(rp_rampart_config_t *rampart_config,
+ const axis2_env_t *env,
+ axis2_char_t *public_key_file)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,public_key_file,AXIS2_FAILURE);
+
+ rampart_config->public_key_file = public_key_file;
+ return AXIS2_SUCCESS;
+}
+
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rp_rampart_config_get_time_to_live(
rp_rampart_config_t *rampart_config,
const axis2_env_t *env)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- return rampart_config->encryption_crypto;
+ return rampart_config->time_to_live;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
-rp_rampart_config_set_encryption_crypto(rp_rampart_config_t *rampart_config,
+rp_rampart_config_set_time_to_live(rp_rampart_config_t *rampart_config,
const axis2_env_t *env,
- rp_encryption_crypto_t *encryption_crypto)
+ axis2_char_t *time_to_live)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- AXIS2_PARAM_CHECK(env->error,encryption_crypto,AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,time_to_live,AXIS2_FAILURE);
- rampart_config->encryption_crypto = encryption_crypto;
+ rampart_config->time_to_live = time_to_live;
return AXIS2_SUCCESS;
}
Modified: webservices/axis2/scratch/c/dinesh/532/c/rampart/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/dinesh/532/c/rampart/src/util/rampart_context.c?view=diff&rev=513155&r1=513154&r2=513155
==============================================================================
--- webservices/axis2/scratch/c/dinesh/532/c/rampart/src/util/rampart_context.c (original)
+++ webservices/axis2/scratch/c/dinesh/532/c/rampart/src/util/rampart_context.c Wed Feb 28 21:58:03 2007
@@ -20,21 +20,48 @@
#include <oxs_axiom.h>
-
-
+/*
struct rampart_context_t
{
rp_secpolicy_t *secpolicy;
rampart_callback_t* password_callback_module;
rampart_authn_provider_t *authn_provider;
-
- /*Function pointers for php extension to assign*/
pfunc password_func;
auth_password_func authenticate_with_password;
auth_digest_func authenticate_with_digest;
};
+*/
+struct rampart_context_t
+{
+ /*PHP extension will set these members*/
+ axiom_node_t *policy_node;
+ void *prv_key;
+ axis2_key_type_t prv_key_type;
+ void *pub_key;
+ axis2_key_type_t pub_key_type;
+ axis2_char_t *user;
+ axis2_char_t *password;
+ axis2_char_t *prv_key_password;
+ password_callback_fn pwcb_function;
+ int ttl;
+ axis2_char_t *password_type;
+ /*Rampart specific members*/
+ rp_secpolicy_t *secpolicy;
+ rampart_callback_t *password_callback_module;
+ rampart_authn_provider_t *authn_provider;
+ auth_password_func authenticate_with_password;
+ auth_digest_func authenticate_with_digest;
+
+};
+
+/*void rampart_context_set_callback_fn(axis2_env_t *env,
+ axis2_char_t *(*callback)(
+ axis2_env_t *env,
+ axis2_char_t *user ,
+ void *ctx), void *ctx);
+*/
/*private functions*/
rp_symmetric_asymmetric_binding_commons_t
@@ -87,13 +114,24 @@
AXIS2_ERROR_SET(env->error, AXIS2_ERROR_NO_MEMORY, AXIS2_FAILURE);
return NULL;
}
+ rampart_context->policy_node = NULL;
+ rampart_context->prv_key = NULL;
+ rampart_context->prv_key_type = 0;
+ rampart_context->pub_key = NULL;
+ rampart_context->pub_key_type = 0;
+ rampart_context->user = 0;
+ rampart_context->password = NULL;
+ rampart_context->prv_key_password = NULL;
+ rampart_context->pwcb_function = NULL;
+ rampart_context->ttl = 0;
+ rampart_context->password_type = NULL;
+
rampart_context->secpolicy = NULL;
- rampart_context->password_callback_module = NULL;
+ rampart_context->password_callback_module = NULL;
rampart_context->authn_provider = NULL;
- rampart_context->password_func = NULL;
rampart_context->authenticate_with_password = NULL;
rampart_context->authenticate_with_digest = NULL;
-
+
return rampart_context;
}
@@ -119,74 +157,308 @@
/* Implementations */
-AXIS2_EXTERN rp_secpolicy_t *AXIS2_CALL
-rampart_context_get_secpolicy(
- rampart_context_t *rampart_context,
- const axis2_env_t *env)
+/*Implementation of PHP-rampart interface */
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_policy_node(rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ axiom_node_t *policy_node)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,policy_node,AXIS2_FAILURE);
+
+ rampart_context->policy_node = policy_node;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_prv_key(rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ void *prv_key)
+{
- return rampart_context->secpolicy;
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,prv_key,AXIS2_FAILURE);
+
+ rampart_context->prv_key = prv_key;
+ return AXIS2_SUCCESS;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
-rampart_context_set_secpolicy(rampart_context_t *rampart_context,
+rampart_context_set_prv_key_type(rampart_context_t *rampart_context,
const axis2_env_t *env,
- rp_secpolicy_t *secpolicy)
+ axis2_key_type_t type)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- AXIS2_PARAM_CHECK(env->error,secpolicy,AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,type,AXIS2_FAILURE);
- rampart_context->secpolicy = secpolicy;
+ rampart_context->prv_key_type = type;
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_pub_key(rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ void *pub_key)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,pub_key,AXIS2_FAILURE);
-AXIS2_EXTERN rampart_callback_t *AXIS2_CALL
-rampart_context_get_password_callback(
+ rampart_context->pub_key = pub_key;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_pub_key_type(rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ axis2_key_type_t type)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,type,AXIS2_FAILURE);
+
+ rampart_context->pub_key_type = type;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_user(rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ axis2_char_t *user)
+{
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,user,AXIS2_FAILURE);
+
+ rampart_context->user = user;
+ return AXIS2_SUCCESS;
+
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_password(rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ axis2_char_t *password)
+{
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,password,AXIS2_FAILURE);
+
+ rampart_context->password = password;
+ return AXIS2_SUCCESS;
+}
+
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_prv_key_password(rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ axis2_char_t *prv_key_password)
+{
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,prv_key_password,AXIS2_FAILURE);
+
+ rampart_context->prv_key_password = prv_key_password;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_pwcb_function(rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ password_callback_fn pwcb_function,
+ void *ctx)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,pwcb_function,AXIS2_FAILURE);
+
+ rampart_context->pwcb_function = pwcb_function;
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_password_type(rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ axis2_char_t *password_type)
+{
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,password_type,AXIS2_FAILURE);
+
+ rampart_context->password_type = password_type;
+ return AXIS2_SUCCESS;
+
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_ttl(rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ int ttl)
+{
+
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,ttl,AXIS2_FAILURE);
+
+ rampart_context->ttl = ttl;
+ return AXIS2_SUCCESS;
+}
+
+/*End of implementation*/
+
+/*Getters of the PHP-RAMPART interface*/
+
+AXIS2_EXTERN axiom_node_t *AXIS2_CALL
+rampart_context_get_policy_node(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, NULL);
+
+ return rampart_context->policy_node;
+}
+
+AXIS2_EXTERN void *AXIS2_CALL
+rampart_context_get_prv_key(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, NULL);
+
+ return rampart_context->prv_key;
+}
+
+AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
+rampart_context_get_prv_key_type(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ return rampart_context->prv_key_type;
+}
+
+AXIS2_EXTERN void *AXIS2_CALL
+rampart_context_get_pub_key(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, NULL);
+
+ return rampart_context->pub_key;
+}
+
+AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
+rampart_context_get_pub_key_type(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ return rampart_context->pub_key_type;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_user(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+ return rampart_context->user;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_password(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, NULL);
+
+ return rampart_context->password;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_prv_key_password(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, NULL);
+
+ return rampart_context->prv_key_password;
+}
+
+AXIS2_EXTERN password_callback_fn AXIS2_CALL
+rampart_context_get_pwcb_function(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, NULL);
+
+ return rampart_context->pwcb_function;
+}
+
+AXIS2_EXTERN int AXIS2_CALL
+rampart_context_get_ttl(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env,AXIS2_FAILURE);
+
+ return rampart_context->ttl;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_password_type(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env,NULL);
+
+ return rampart_context->password_type;
+}
+
+/*End of getters*/
+
+AXIS2_EXTERN rp_secpolicy_t *AXIS2_CALL
+rampart_context_get_secpolicy(
rampart_context_t *rampart_context,
const axis2_env_t *env)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- return rampart_context->password_callback_module;
+ return rampart_context->secpolicy;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
-rampart_context_set_password_callback(rampart_context_t *rampart_context,
+rampart_context_set_secpolicy(rampart_context_t *rampart_context,
const axis2_env_t *env,
- rampart_callback_t *password_callback_module)
+ rp_secpolicy_t *secpolicy)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- AXIS2_PARAM_CHECK(env->error,password_callback_module,AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,secpolicy,AXIS2_FAILURE);
- rampart_context->password_callback_module = password_callback_module;
+ rampart_context->secpolicy = secpolicy;
return AXIS2_SUCCESS;
}
-/*This function get the function pointer of the password callback function*/
-AXIS2_EXTERN pfunc AXIS2_CALL
-rampart_context_get_password_function(
+AXIS2_EXTERN rampart_callback_t *AXIS2_CALL
+rampart_context_get_password_callback(
rampart_context_t *rampart_context,
const axis2_env_t *env)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- return rampart_context->password_func;
+ return rampart_context->password_callback_module;
}
-/*set the password callback function*/
-
AXIS2_EXTERN axis2_status_t AXIS2_CALL
-rampart_context_set_password_function(rampart_context_t *rampart_context,
+rampart_context_set_password_callback(rampart_context_t *rampart_context,
const axis2_env_t *env,
- pfunc password_func)
+ rampart_callback_t *password_callback_module)
{
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
- AXIS2_PARAM_CHECK(env->error,password_func,AXIS2_FAILURE);
+ AXIS2_PARAM_CHECK(env->error,password_callback_module,AXIS2_FAILURE);
- rampart_context->password_func = password_func;
+ rampart_context->password_callback_module = password_callback_module;
return AXIS2_SUCCESS;
}
@@ -649,8 +921,9 @@
return rampart_context_use_username_token(signed_supporting,env);
}
-AXIS2_EXTERN axis2_char_t *AXIS2_CALL
-rampart_context_get_user(
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_user_from_file(
rampart_context_t *rampart_context,
const axis2_env_t *env)
{
@@ -658,11 +931,13 @@
rp_rampart_config_t *config = NULL;
config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
if(!config)
- return NULL;
+ return AXIS2_FAILURE;
- return rp_rampart_config_get_user(config,env);
+ rampart_context->user = rp_rampart_config_get_user(config,env);
+ return AXIS2_SUCCESS;
}
+
AXIS2_EXTERN axis2_char_t *AXIS2_CALL
rampart_context_get_password_callback_class(
rampart_context_t *rampart_context,
@@ -689,27 +964,38 @@
return rp_rampart_config_get_authenticate_module(config,env);
}
-AXIS2_EXTERN axis2_bool_t AXIS2_CALL
-rampart_context_get_password_type(
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_password_type_from_file(
rampart_context_t *rampart_context,
const axis2_env_t *env)
{
- axis2_bool_t digest = AXIS2_FALSE;
- axis2_char_t *type = NULL;
rp_rampart_config_t *config = NULL;
-
config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
if(!config)
- return AXIS2_FALSE;
+ return AXIS2_FAILURE;
- type = rp_rampart_config_get_password_type(config,env);
- if(AXIS2_STRCMP(type,RP_DIGEST)==0)
- {
- digest = AXIS2_TRUE;
- return digest;
- }
+ rampart_context->password_type = rp_rampart_config_get_password_type(config,env);
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_ttl_from_file(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ rp_rampart_config_t *config = NULL;
+ axis2_char_t *time_to_live = NULL;
+ config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
+ if(!config)
+ return AXIS2_FAILURE;
+
+ time_to_live = rp_rampart_config_get_time_to_live(config,env);
+ if(!time_to_live)
+ rampart_context->ttl = 300;
else
- return digest;
+ rampart_context->ttl = axis2_atoi(time_to_live);
+
+ return AXIS2_SUCCESS;
}
AXIS2_EXTERN axis2_bool_t AXIS2_CALL
@@ -957,53 +1243,36 @@
}
AXIS2_EXTERN axis2_char_t *AXIS2_CALL
-rampart_context_get_encryption_prop_file(
+rampart_context_get_public_key_file(
rampart_context_t *rampart_context,
const axis2_env_t *env)
{
rp_rampart_config_t *rampart_config = NULL;
- rp_encryption_crypto_t *enc_crypto = NULL;
rampart_config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
if(rampart_config)
{
- enc_crypto = rp_rampart_config_get_encryption_crypto(rampart_config,env);
- if(enc_crypto)
- {
- return rp_encryption_crypto_get_encryption_prop_file(enc_crypto,env);
- }
- else
- return NULL;
+ return rp_rampart_config_get_public_key_file(rampart_config,env);
}
else
return NULL;
}
AXIS2_EXTERN axis2_char_t *AXIS2_CALL
-rampart_context_get_decryption_prop_file(
+rampart_context_get_private_key_file(
rampart_context_t *rampart_context,
const axis2_env_t *env)
{
rp_rampart_config_t *rampart_config = NULL;
- rp_encryption_crypto_t *enc_crypto = NULL;
rampart_config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
if(rampart_config)
{
- enc_crypto = rp_rampart_config_get_encryption_crypto(rampart_config,env);
- if(enc_crypto)
- {
- return rp_encryption_crypto_get_decryption_prop_file(enc_crypto,env);
- }
- else
- return NULL;
+ return rp_rampart_config_get_private_key_file(rampart_config,env);
}
else
return NULL;
}
-
-
-
AXIS2_EXTERN axis2_char_t *AXIS2_CALL
rampart_context_get_encryption_user(
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org