You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ka...@apache.org on 2007/02/26 15:59:01 UTC
svn commit: r511838 - in /webservices/axis2/trunk/c/rampart:
include/openssl_sign.h src/omxmlsec/openssl/sign.c
Author: kaushalye
Date: Mon Feb 26 06:59:00 2007
New Revision: 511838
URL: http://svn.apache.org/viewvc?view=rev&rev=511838
Log:
Adding signature verification for the OpenSSL wrapper layer in OMXMLSecurity
Modified:
webservices/axis2/trunk/c/rampart/include/openssl_sign.h
webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/sign.c
Modified: webservices/axis2/trunk/c/rampart/include/openssl_sign.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/openssl_sign.h?view=diff&rev=511838&r1=511837&r2=511838
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/openssl_sign.h (original)
+++ webservices/axis2/trunk/c/rampart/include/openssl_sign.h Mon Feb 26 06:59:00 2007
@@ -42,7 +42,11 @@
oxs_buffer_t *input_buf,
oxs_buffer_t *output_buf);
-
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+openssl_sig_verify(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ oxs_buffer_t *input_buf,
+ oxs_buffer_t *sig_buf);
/** @} */
#ifdef __cplusplus
}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/sign.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/sign.c?view=diff&rev=511838&r1=511837&r2=511838
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/sign.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/sign.c Mon Feb 26 06:59:00 2007
@@ -31,6 +31,56 @@
#include <openssl/bio.h>
#define BUFSIZE 64
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+openssl_sig_verify(const axis2_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ oxs_buffer_t *input_buf,
+ oxs_buffer_t *sig_buf)
+{
+ axis2_status_t status = AXIS2_FAILURE;
+ openssl_pkey_t *open_pubkey = NULL;
+ oxs_x509_cert_t *cert = NULL;
+ const EVP_MD* digest;
+ EVP_MD_CTX md_ctx;
+ EVP_PKEY* pkey;
+ int ret;
+
+ /*Get the publickey*/
+ cert = oxs_sign_ctx_get_certificate(sign_ctx, env);
+ open_pubkey = oxs_x509_cert_get_public_key(cert, env);
+ pkey = OPENSSL_PKEY_GET_KEY(open_pubkey, env);
+
+ /*Set the digest according to the signature method*/
+ digest = EVP_sha1();
+
+ ret = EVP_VerifyInit(&md_ctx, digest);
+ if(ret != 1) {
+ /*Error*/
+ }
+ ret = EVP_VerifyUpdate(&md_ctx, OXS_BUFFER_GET_DATA(input_buf, env), OXS_BUFFER_GET_SIZE(input_buf, env));
+ if(ret != 1) {
+ /*Error*/
+ }
+
+ ret = EVP_VerifyFinal(&md_ctx, OXS_BUFFER_GET_DATA(sig_buf, env),
+ OXS_BUFFER_GET_SIZE(sig_buf, env),
+ pkey);
+ if(ret == 0){
+ /*Error. Signature verification FAILED */
+ status = AXIS2_FAILURE;
+ }else if(ret < 0){
+ /*Erorr. Some other error*/
+ status = AXIS2_FAILURE;
+ }else{
+ /*SUCCESS. Det ar bra :-)*/
+ status = AXIS2_SUCCESS;
+ }
+
+ return status;
+
+}
+
AXIS2_EXTERN int AXIS2_CALL
openssl_sign(const axis2_env_t *env,
oxs_sign_ctx_t *sign_ctx,
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org