You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by ka...@apache.org on 2007/10/19 16:13:48 UTC
svn commit: r586465 - in /webservices/rampart/trunk/c/src/util:
rampart_encryption.c rampart_signature.c
Author: kaushalye
Date: Fri Oct 19 07:13:48 2007
New Revision: 586465
URL: http://svn.apache.org/viewvc?rev=586465&view=rev
Log:
In the encryption process, if there is already encrypted key, we must use it.
Modified:
webservices/rampart/trunk/c/src/util/rampart_encryption.c
webservices/rampart/trunk/c/src/util/rampart_signature.c
Modified: webservices/rampart/trunk/c/src/util/rampart_encryption.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_encryption.c?rev=586465&r1=586464&r2=586465&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_encryption.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_encryption.c Fri Oct 19 07:13:48 2007
@@ -335,32 +335,39 @@
axutil_array_list_free(nodes_to_encrypt, env);
nodes_to_encrypt = NULL;
- /* Encrypt the session key using the Public Key of the recipient*/
+ /* If not done already, Encrypt the session key using the Public Key of the recipient*/
/* Note: Here we do not send the id_list to create a ReferenceList inside the encrypted key. Instead we create the
* ReferenceList as a child of Security element */
- status = rampart_enc_encrypt_session_key(env, session_key, msg_ctx, rampart_context, soap_envelope, sec_node, NULL );
- if(AXIS2_FAILURE == status){
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+
+ encrypted_key_node = oxs_axiom_get_node_by_local_name(env, sec_node, OXS_NODE_ENCRYPTED_KEY);
+ if(!encrypted_key_node){
+ /*Create EncryptedKey element*/
+ status = rampart_enc_encrypt_session_key(env, session_key, msg_ctx, rampart_context, soap_envelope, sec_node, NULL );
+ if(AXIS2_FAILURE == status){
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
"[rampart][rampart_encryption] Cannot encrypt the session key " );
- return AXIS2_FAILURE;
- }
+ return AXIS2_FAILURE;
+ }
+ /*Now we have en EncryptedKey Node*/
+ encrypted_key_node = oxs_axiom_get_node_by_local_name(env, sec_node, OXS_NODE_ENCRYPTED_KEY);
- /*Get the asym key Id*/
- encrypted_key_node = oxs_axiom_get_node_by_local_name(
- env, sec_node, OXS_NODE_ENCRYPTED_KEY);
- if(!encrypted_key_node)
- {
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ /*Get the asym key Id*/
+ if(!encrypted_key_node)
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
"[rampart][rampart_encryption]Encrypting signature, EncryptedKey Not found");
- return AXIS2_FAILURE;
- }
- asym_key_id = oxs_util_generate_id(env, (axis2_char_t*)OXS_ENCKEY_ID);
- if(asym_key_id)
- {
- oxs_axiom_add_attribute(env, encrypted_key_node, NULL,
+ return AXIS2_FAILURE;
+ }
+ asym_key_id = oxs_util_generate_id(env, (axis2_char_t*)OXS_ENCKEY_ID);
+ if(asym_key_id)
+ {
+ oxs_axiom_add_attribute(env, encrypted_key_node, NULL,
NULL, OXS_ATTR_ID, asym_key_id);
+ }
+ }else{
+ /*OK Buddy we have already created EncryptedKey node. Get the Id */
+ asym_key_id = oxs_axiom_get_attribute_value_of_node_by_name(env, encrypted_key_node, OXS_ATTR_ID, NULL);
}
-
/*Add used <wsc:DerivedKeyToken> elements to the header*/
for(j=0 ; j < axutil_array_list_size(dk_list, env); j++){
oxs_key_t *dk = NULL;
Modified: webservices/rampart/trunk/c/src/util/rampart_signature.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_signature.c?rev=586465&r1=586464&r2=586465&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_signature.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_signature.c Fri Oct 19 07:13:48 2007
@@ -640,12 +640,28 @@
if(RP_PROPERTY_ASYMMETRIC_BINDING == binding_type){
rampart_sig_prepare_key_info_for_asym_binding(env, rampart_context, sign_ctx, sig_node , cert_id, eki);
}else if(RP_PROPERTY_SYMMETRIC_BINDING == binding_type){
+ axiom_node_t *encrypted_key_node = NULL;
oxs_key_t *signed_key = NULL;
axis2_char_t *enc_key_id = NULL;
- /*TODO get encrypted key id*/
-
- signed_key = oxs_sign_ctx_get_secret(sign_ctx, env);
+ signed_key = oxs_sign_ctx_get_secret(sign_ctx, env);
+ /*If there is an EncryptedKey element use the Id. If not, generate an Id and use it*/
+ encrypted_key_node = oxs_axiom_get_node_by_local_name(env, sec_node, OXS_NODE_ENCRYPTED_KEY);
+ if(!encrypted_key_node){
+ /*There is no EncryptedKey so generate one*/
+ status = rampart_enc_encrypt_session_key(env, signed_key, msg_ctx, rampart_context, soap_envelope, sec_node, NULL );
+ if(AXIS2_FAILURE == status){
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart][rampart_signature] Cannot encrypt the session key " );
+ return AXIS2_FAILURE;
+ }
+ encrypted_key_node = oxs_axiom_get_node_by_local_name(env, sec_node, OXS_NODE_ENCRYPTED_KEY);
+ /*Add Id attribute*/
+ enc_key_id = oxs_util_generate_id(env, (axis2_char_t*)OXS_ENCKEY_ID);
+ oxs_axiom_add_attribute(env, encrypted_key_node, NULL, NULL, OXS_ATTR_ID, enc_key_id);
+ }else{
+ /*There is the encrypted key. May be used by the encryption process. So get the Id and use it*/
+ enc_key_id = oxs_axiom_get_attribute_value_of_node_by_name(env, encrypted_key_node, OXS_ATTR_ID, NULL);
+ }
rampart_sig_prepare_key_info_for_sym_binding(env, rampart_context, sign_ctx, sig_node, signed_key, enc_key_id );
}