You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ma...@apache.org on 2007/03/19 09:24:41 UTC
svn commit: r519871 - in /webservices/axis2/trunk/c/rampart: include/
src/handlers/ src/omxmlsec/ src/omxmlsec/openssl/ src/util/
test/openssl/sign/
Author: manjula
Date: Mon Mar 19 01:24:38 2007
New Revision: 519871
URL: http://svn.apache.org/viewvc?view=rev&rev=519871
Log:
Uploading some of the changes done during the interop with
Axis2/java .
Modified:
webservices/axis2/trunk/c/rampart/include/oxs_utility.h
webservices/axis2/trunk/c/rampart/include/rampart_context.h
webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/digest.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/x509.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/transforms_factory.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/utility.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c
webservices/axis2/trunk/c/rampart/src/util/rampart_context.c
webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_builder.c
webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c
webservices/axis2/trunk/c/rampart/src/util/rampart_signature.c
webservices/axis2/trunk/c/rampart/test/openssl/sign/test.c
Modified: webservices/axis2/trunk/c/rampart/include/oxs_utility.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/oxs_utility.h?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/oxs_utility.h (original)
+++ webservices/axis2/trunk/c/rampart/include/oxs_utility.h Mon Mar 19 01:24:38 2007
@@ -53,6 +53,19 @@
AXIS2_EXTERN oxs_asym_ctx_format_t AXIS2_CALL
oxs_util_get_format_by_file_extension(const axis2_env_t *env,
axis2_char_t *file_name);
+
+
+/**
+ * Given string and returns new lined removed string
+ * @param env pointer to environment struct
+ * @param input a pointer to the string which has \n s.
+ * return the newline removed buffer.
+ **/
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_util_get_newline_removed_string(const axis2_env_t *env,
+ axis2_char_t *input);
+
+
/** @} */
#ifdef __cplusplus
}
Modified: webservices/axis2/trunk/c/rampart/include/rampart_context.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/rampart_context.h?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/rampart_context.h (original)
+++ webservices/axis2/trunk/c/rampart/include/rampart_context.h Mon Mar 19 01:24:38 2007
@@ -56,9 +56,25 @@
typedef struct rampart_context_t rampart_context_t;
+
+ /**
+ * Create a rampart_context.rampart_context is the wrapper
+ * of secpolicy and the main configuration for rampart.
+ * @env pointer to environment struct
+ * @return ramaprt_context_t* on successful creation.Else NULL;
+ */
+
AXIS2_EXTERN rampart_context_t *AXIS2_CALL
rampart_context_create(const axis2_env_t *env);
+
+ /**
+ * Frees a rampart_context.
+ * @rampart_context the rampart_context
+ * @env pointer to environment struct
+ * @return AXIS2_SUCCESS on success else AXIS2_FAILURE.
+ */
+
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_context_free(rampart_context_t *rampart_context,
const axis2_env_t *env);
@@ -66,11 +82,29 @@
/****************************************************************/
+ /**
+ * Sets the policy node which is an om_node containing policy.This om_node
+ * can be build outside rampart.
+ * @rampart_context the rampart_context
+ * @env pointer to environment struct
+ * @policy_node is an axiom_node.
+ * @return AXIS2_SUCCESS on success else AXIS2_FAILURE.
+ */
+
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_context_set_policy_node(rampart_context_t *rampart_context,
const axis2_env_t *env,
axiom_node_t *policy_node);
-
+
+ /**
+ * Sets private key of sender as a buffer.This can be
+ * set from outside rampart.
+ * @rampart_context the rampart_context
+ * @env pointer to environment struct
+ * @prv_key is a void buffer.
+ * @return AXIS2_SUCCESS on success else AXIS2_FAILURE.
+ */
+
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_context_set_prv_key(rampart_context_t *rampart_context,
const axis2_env_t *env,
@@ -201,7 +235,6 @@
rampart_context_t *rampart_context,
const axis2_env_t *env);
-
/*End of Getters */
/*Rampart specific functions */
@@ -254,6 +287,16 @@
rampart_context_set_authn_provider(rampart_context_t *rampart_context,
const axis2_env_t *env,
rampart_authn_provider_t *authn_provider);
+
+ AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+ rampart_context_get_require_timestamp(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env);
+
+ AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+ rampart_context_get_require_ut(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env);
AXIS2_EXTERN int AXIS2_CALL
rampart_context_get_binding_type(
Modified: webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c (original)
+++ webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c Mon Mar 19 01:24:38 2007
@@ -131,6 +131,7 @@
AXIS2_LOG_INFO(env->log,
"[rampart][rampart_out_handler] Security header building failed ERROR");
rampart_engine_shutdown(env,rampart_context);
+ return AXIS2_FAILURE;
}
status = rampart_engine_shutdown(env,rampart_context);
}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/digest.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/digest.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/digest.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/digest.c Mon Mar 19 01:24:38 2007
@@ -40,6 +40,7 @@
encoded_str = AXIS2_MALLOC(env->allocator, axis2_base64_encode_len(SIZE_HASH));
axis2_base64_encode(encoded_str, (char*)md, SHA_DIGEST_LENGTH);
+ AXIS2_LOG_INFO(env->log, "[openssl][sha1-output]\n\n%s\n\n", encoded_str);
return encoded_str;
}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/x509.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/x509.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/x509.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/x509.c Mon Mar 19 01:24:38 2007
@@ -27,6 +27,7 @@
#include <oxs_error.h>
#include <openssl_pkcs12.h>
#include <openssl_x509.h>
+#include <oxs_utility.h>
/*Usefull when we have BinarySecurityTokn*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -199,32 +200,21 @@
axis2_char_t *core = NULL;
axis2_char_t *res = NULL;
axis2_char_t *buffer = NULL;
- int i = 0;
- int j = 0;
-
+
unformatted = openssl_x509_get_info(env, OPENSSL_X509_INFO_DATA_CERT, cert);
core_tail = axis2_strstr(unformatted, "\n");
- core_tail = core_tail+1;
res = axis2_strstr(core_tail,"-----END");
- res = res-1;
res[0] = '\0';
core = (axis2_char_t*)axis2_strdup(core_tail,env);
- buffer = (axis2_char_t*)axis2_strdup(core,env);
-
- while(core[i]!='\0')
+ if(core)
{
- if(core[i]!='\n')
- {
- buffer[j] = core[i];
- j++;
- }
- i++;
- }
- buffer[j]='\0';
-
- AXIS2_FREE(env->allocator,core);
- core = NULL;
- return buffer;
+ buffer = oxs_util_get_newline_removed_string(env,core);
+ AXIS2_FREE(env->allocator,core);
+ core = NULL;
+ return buffer;
+ }
+ else
+ return NULL;
}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/transforms_factory.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/transforms_factory.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/transforms_factory.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/transforms_factory.c Mon Mar 19 01:24:38 2007
@@ -46,7 +46,7 @@
algo = OXS_HREF_TRANSFORM_XML_EXC_C14N;
oxs_c14n_apply_algo(env, doc, &c14nized, NULL, input, algo);
/*oxs_c14n_apply(env, doc, AXIS2_FALSE, &c14nized, AXIS2_TRUE, NULL, (axiom_node_t*)input);*/
-
+ AXIS2_LOG_INFO(env->log, "[rampart][c14n-OutPut] is\n\n%s\n\n",c14nized);
*output= c14nized;
output_dtype = OXS_TRANSFORM_TYPE_CHAR;
return output_dtype;
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/utility.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/utility.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/utility.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/utility.c Mon Mar 19 01:24:38 2007
@@ -62,3 +62,25 @@
}
}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+oxs_util_get_newline_removed_string(const axis2_env_t *env,
+ axis2_char_t *input)
+{
+ axis2_char_t *output = NULL;
+ int i = 0;
+
+ output = AXIS2_MALLOC(env->allocator, axis2_strlen(input)+1);
+
+ while(*input!='\0')
+ {
+ if(*input!='\n')
+ {
+ output[i] = *input;
+ i++;
+ }
+ input++;
+ }
+ output[i]='\0';
+ return output;
+}
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/xml_signature.c Mon Mar 19 01:24:38 2007
@@ -47,7 +47,6 @@
axis2_char_t *digest = NULL;
int i = 0;
- /* printf("oxs_xml_sig_transform_n_digest\n %s", axiom_node_to_string(node, env));*/
if((transforms) && (0 < axis2_array_list_size(transforms, env))){
oxs_tr_dtype_t output_dtype = OXS_TRANSFORM_TYPE_UNKNOWN;/*This will always be the current dtype*/
void *tr_output = NULL;
@@ -73,12 +72,10 @@
/*If the required input type is CHAR and what we have is a NODE*/
if((input_dtype == OXS_TRANSFORM_TYPE_CHAR) && (output_dtype == OXS_TRANSFORM_TYPE_NODE)){
/*Serialize*/
- printf("Serialize before the transformation\n");
tr_input = axiom_node_to_string((axiom_node_t*)tr_output, env);
/*If the required input type is NODE and what we have is a CHAR*/
}else if((input_dtype == OXS_TRANSFORM_TYPE_NODE) && (output_dtype == OXS_TRANSFORM_TYPE_CHAR)){
/*De-serialize*/
- printf("De-serialize before the transformation\n");
tr_input = oxs_axiom_deserialize_node(env, (axis2_char_t *)tr_output);
}else{
/*Let it go as it is. */
@@ -403,9 +400,12 @@
axis2_status_t status = AXIS2_FAILURE;
axis2_array_list_t *sign_part_list = NULL;
+ /*signed_info_node = oxs_axiom_get_first_child_node_by_name(env, signature_node,
+ OXS_NODE_SIGNEDINFO, OXS_DSIG_NS, OXS_DS );*/
+
signed_info_node = oxs_axiom_get_first_child_node_by_name(env, signature_node,
- OXS_NODE_SIGNEDINFO, OXS_DSIG_NS, OXS_DS );
-
+ OXS_NODE_SIGNEDINFO, NULL,NULL);
+
if(!signed_info_node){
oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Cannot find <ds:SignedInfo> " );
return AXIS2_FAILURE;
@@ -442,7 +442,7 @@
oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"<ds:Reference> node processing failed " );
return AXIS2_FAILURE;
}
-
+
/*Now we have a new sign_part. Add it to the list.*/
axis2_array_list_add(sign_part_list, env, sign_part);
@@ -451,16 +451,29 @@
}
cur_node = AXIOM_NODE_GET_NEXT_SIBLING(cur_node, env);
}
-
+
oxs_sign_ctx_set_sign_parts(sign_ctx, env, sign_part_list);
/*Finished processing SignedInfo. Now we are processing the Signature Value element*/
/*The very next child of SignedInfo Should be the ds:SignatureValue*/
sig_val_node = AXIOM_NODE_GET_NEXT_SIBLING(signed_info_node, env);
if(0 == axis2_strcmp( OXS_NODE_SIGNATURE_VALUE, axiom_util_get_localname(sig_val_node, env))){
axis2_char_t *sig_val = NULL;
+ axis2_char_t *newline_removed = NULL;
sig_val = oxs_token_get_signature_value(env, sig_val_node);
- oxs_sign_ctx_set_sig_val(sign_ctx, env, sig_val);
+ if(!sig_val)
+ {
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Cannot find signature value. " );
+ return AXIS2_FAILURE;
+ }
+ /*We now remove \n in this text.Otherwise verifications failed.*/
+ newline_removed = oxs_util_get_newline_removed_string(env,sig_val);
+ if(!newline_removed)
+ {
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"Cannot Remove new lines. " );
+ return AXIS2_FAILURE;
+ }
+ oxs_sign_ctx_set_sig_val(sign_ctx, env, newline_removed);
}else{
/*Error the node should be the ds:SignatureValue*/
@@ -522,7 +535,10 @@
/*Get ith sign_part*/
sign_part = (oxs_sign_part_t*)axis2_array_list_get(sign_parts, env, i);
- status = oxs_xml_sig_verify_sign_part(env, sign_part);
+ status = oxs_xml_sig_verify_sign_part(env, sign_part);
+ if(AXIS2_FAILURE == status){
+ return AXIS2_FAILURE;
+ }
}
return status;
@@ -572,16 +588,21 @@
signature_val = oxs_sign_ctx_get_sig_val(sign_ctx, env);
/*Then we apply the C14N for the ds:SignedInfo*/
+ /*signed_info_node = oxs_axiom_get_first_child_node_by_name(env, signature_node,
+ OXS_NODE_SIGNEDINFO, OXS_DSIG_NS, OXS_DS );*/
+
signed_info_node = oxs_axiom_get_first_child_node_by_name(env, signature_node,
- OXS_NODE_SIGNEDINFO, OXS_DSIG_NS, OXS_DS );
+ OXS_NODE_SIGNEDINFO, NULL,NULL );
+
c14n_mtd = oxs_sign_ctx_get_c14n_mtd(sign_ctx, env);
doc = axiom_node_get_document(signed_info_node, env);
AXIS2_LOG_INFO(env->log, "[oxs][xml_sig] C14N (verif1)= %s ", axiom_node_to_string(signed_info_node, env) );
/* oxs_c14n_apply(env, doc, AXIS2_FALSE, &content, AXIS2_TRUE, NULL, signed_info_node);*/
+
oxs_c14n_apply_algo(env, doc, &content, NULL, signed_info_node, c14n_mtd);
- AXIS2_LOG_INFO(env->log, "[oxs][xml_sig] C14N (verif2)= %s ", content );
+ AXIS2_LOG_INFO(env->log, "[oxs][xml_sig] C14N (verif2)=\n\n%s\n\n", content );
/*In the final step we Verify*/
status = oxs_sig_verify(env, sign_ctx, content , signature_val);
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_context.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_context.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_context.c Mon Mar 19 01:24:38 2007
@@ -44,6 +44,9 @@
rampart_authn_provider_t *authn_provider;
auth_password_func authenticate_with_password;
auth_digest_func authenticate_with_digest;
+
+ axis2_bool_t require_timestamp;
+ axis2_bool_t require_ut;
};
@@ -141,7 +144,9 @@
rampart_context->authn_provider = NULL;
rampart_context->authenticate_with_password = NULL;
rampart_context->authenticate_with_digest = NULL;
-
+ rampart_context->require_ut = AXIS2_FALSE;
+ rampart_context->require_timestamp = AXIS2_FALSE;
+
return rampart_context;
}
@@ -167,7 +172,6 @@
/* Implementations */
-/*Implementation of PHP-rampart interface */
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_context_set_policy_node(rampart_context_t *rampart_context,
@@ -507,6 +511,7 @@
return rampart_context->password_callback_module;
}
+
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_context_set_password_callback(rampart_context_t *rampart_context,
const axis2_env_t *env,
@@ -592,7 +597,25 @@
return AXIS2_SUCCESS;
}
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_get_require_timestamp(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FALSE);
+
+ return rampart_context->require_timestamp;
+}
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_get_require_ut(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ AXIS2_ENV_CHECK(env, AXIS2_FALSE);
+
+ return rampart_context->require_ut;
+}
AXIS2_EXTERN int AXIS2_CALL
rampart_context_get_binding_type(
@@ -764,100 +787,6 @@
}
return bvalidate;
}
-/*
-
-axis2_status_t rampart_context_set_nodes_to_encrypt(
- rp_header_t *header,
- const axis2_env_t *env,
- axiom_soap_envelope_t *soap_envelope,
- axis2_array_list_t *nodes_to_encrypt)
-{
- axis2_char_t *namespace = NULL;
- axis2_char_t *local_name = NULL;
- axiom_soap_header_t *soap_header = NULL;
- axiom_node_t *header_node = NULL;
-
- soap_header = AXIOM_SOAP_ENVELOPE_GET_HEADER(soap_envelope,env);
- if(!soap_header)
- return AXIS2_FAILURE;
-
- namespace = (axis2_char_t *) rp_header_get_namespace(header,env);
- if(!namespace)
- return AXIS2_FAILURE;
-
- if(axis2_strcmp(namespace,RP_SECURITY_NS)==0)
- {
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] We do not encrypt security namespace headers");
- return AXIS2_FAILURE;
- }
-
- local_name = (axis2_char_t*) rp_header_get_name(header,env);
- if(!local_name)
- {
- axis2_array_list_t *soap_header_blocks = NULL;
- int i = 0;
- soap_header_blocks = AXIOM_SOAP_HEADER_GET_HEADER_BLOCKS_WITH_NAMESPACE_URI(soap_header,env,namespace);
- if(!soap_header_blocks)
- return AXIS2_FAILURE;
-
- for(i=0 ; i<axis2_array_list_size(soap_header_blocks,env); i++)
- {
- axiom_soap_header_block_t *header_block = NULL;
- axiom_node_t *node = NULL;
- header_block = (axiom_soap_header_block_t *)axis2_array_list_get(soap_header_blocks,env,i);
- if(header_block)
- {
- node = AXIOM_SOAP_HEADER_BLOCK_GET_BASE_NODE(header_block,env);
- if(node)
- {
- axis2_array_list_add(nodes_to_encrypt,env,node);
- return AXIS2_SUCCESS;
- }
- }
-
- }
- }
- else if(axis2_strcmp(local_name,"Security")==0)
- {
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] We do not encrypt %s", local_name);
- return AXIS2_FAILURE;
- }
- else
- {
- axiom_node_t *ret_node = NULL;
- header_node = AXIOM_SOAP_HEADER_GET_BASE_NODE(soap_header,env);
- if(header_node)
- {
- ret_node = oxs_axiom_get_node_by_local_name(env,header_node,local_name);
- if(ret_node)
- {
- axiom_element_t *ret_node_ele = NULL;
- ret_node_ele = (axiom_element_t *)
- AXIOM_NODE_GET_DATA_ELEMENT(ret_node, env);
- if(ret_node_ele)
- {
- axiom_namespace_t *ns = NULL;
- axis2_char_t *namespace_uri = NULL;
- ns = axiom_element_get_namespace(ret_node_ele, env,ret_node);
- if(ns)
- {
- namespace_uri = axiom_namespace_get_uri(ns, env);
- if (axis2_strcmp(namespace_uri,namespace) == 0)
- {
- axis2_array_list_add(nodes_to_encrypt,env,ret_node);
- return AXIS2_SUCCESS;
- }
-
- }
-
- }
-
- }
- }
- }
- return AXIS2_FAILURE;
-}
-*/
axis2_status_t rampart_context_set_nodes_to_encrypt_or_sign(
rp_header_t *header,
@@ -1045,8 +974,10 @@
if(!binding_commons)
return AXIS2_FALSE;
+
+ rampart_context->require_timestamp = rp_binding_commons_get_include_timestamp(binding_commons,env);
- return rp_binding_commons_get_include_timestamp(binding_commons,env);
+ return rampart_context->require_timestamp;
}
AXIS2_EXTERN axis2_bool_t AXIS2_CALL
@@ -1070,7 +1001,8 @@
}
/*Now we have signed supporting tokens*/
/*Get the user name token if available and check the validity*/
- return rampart_context_use_username_token(signed_supporting,env);
+ rampart_context->require_ut = rampart_context_use_username_token(signed_supporting,env);
+ return rampart_context->require_ut;
}
@@ -1173,79 +1105,8 @@
return AXIS2_FALSE;
}
-/*This method will return all the parts in the soap message
-outside the security header which needs to be encrypted.*/
-/*
-AXIS2_EXTERN axis2_status_t AXIS2_CALL
-rampart_context_get_nodes_to_encrypt(
- rampart_context_t *rampart_context,
- const axis2_env_t *env,
- axiom_soap_envelope_t *soap_envelope,
- axis2_array_list_t *nodes_to_encrypt)
-{
- rp_signed_encrypted_parts_t *encrypted_parts = NULL;
- axis2_array_list_t *parts = NULL;
- axis2_status_t status = AXIS2_FAILURE;
-
- encrypted_parts = rp_secpolicy_get_encrypted_parts(rampart_context->secpolicy,env);
- if(!encrypted_parts)
- return AXIS2_FAILURE;
-
- parts = rp_signed_encrypted_parts_get_headers(encrypted_parts,env);
- if(!parts || (axis2_array_list_size(parts,env)==0))
- {
- if(rp_signed_encrypted_parts_get_body(encrypted_parts,env))
- {
- axiom_soap_body_t *body = NULL;
- axiom_node_t *body_node = NULL;
- axiom_node_t *body_child_node = NULL;
-
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] No encryption parts specified. Using the body.");
- body = AXIOM_SOAP_ENVELOPE_GET_BODY(soap_envelope, env);
- body_node = AXIOM_SOAP_BODY_GET_BASE_NODE(body, env);
- body_child_node = axiom_node_get_first_element(body_node, env);
- axis2_array_list_add(nodes_to_encrypt, env, body_child_node);
- return AXIS2_SUCCESS;
- }
- else
- {
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] Nothing to encrypt");
- return AXIS2_FAILURE;
- }
- }
- else
- {
- int i = 0;
- for(i=0; i<axis2_array_list_size(parts,env); i++)
- {
- rp_header_t *header = NULL;
- header = (rp_header_t *)axis2_array_list_get(parts,env,i);
- if(header)
- {
- status = rampart_context_set_nodes_to_encrypt(header,env,soap_envelope,nodes_to_encrypt);
- if(status!=AXIS2_FAILURE)
- return AXIS2_FAILURE;
- }
-
- }
- if(rp_signed_encrypted_parts_get_body(encrypted_parts,env))
- {
- axiom_soap_body_t *body = NULL;
- axiom_node_t *body_node = NULL;
- axiom_node_t *body_child_node = NULL;
-
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] Including the body the body.");
- body = AXIOM_SOAP_ENVELOPE_GET_BODY(soap_envelope, env);
- body_node = AXIOM_SOAP_BODY_GET_BASE_NODE(body, env);
- body_child_node = axiom_node_get_first_element(body_node, env);
- axis2_array_list_add(nodes_to_encrypt, env, body_child_node);
- return AXIS2_SUCCESS;
- }
-
- }
- return AXIS2_FAILURE;
-}
-*/
+/*Following methods will return all the parts in the soap message
+outside the security header which needs to be encrypted or signed.*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_context_get_nodes_to_encrypt(
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_builder.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_builder.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_builder.c Mon Mar 19 01:24:38 2007
@@ -34,6 +34,7 @@
#include <axis2_utils.h>
#include <axis2_array_list.h>
#include <rampart_signature.h>
+
/*Private functions*/
axis2_status_t AXIS2_CALL
rampart_interchange_nodes(const axis2_env_t *env,
@@ -182,7 +183,7 @@
return AXIS2_FAILURE;
}
- /*If both encryption and signature is done we should intercgange them.
+ /*If both encryption and signature is done we should interchange them.
* because the action done last should appear first in the header. */
sig_node = oxs_axiom_get_node_by_local_name(env,sec_node,OXS_NODE_SIGNATURE);
enc_key_node = oxs_axiom_get_node_by_local_name(env,sec_node,OXS_NODE_ENCRYPTED_KEY);
@@ -223,11 +224,4 @@
}
else
return AXIS2_FAILURE;
- /*Timestamp Inclusion*/
-
- /*username Token inclusion*/
-
- /*check the protection order*/
-
-
}
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c Mon Mar 19 01:24:38 2007
@@ -462,8 +462,11 @@
return AXIS2_FAILURE;
}
- sign_info_node = oxs_axiom_get_first_child_node_by_name(env, sig_node,
+ /*sign_info_node = oxs_axiom_get_first_child_node_by_name(env, sig_node,
OXS_NODE_SIGNEDINFO, OXS_DSIG_NS, OXS_DS );
+ */
+ sign_info_node = oxs_axiom_get_first_child_node_by_name(env, sig_node,
+ OXS_NODE_SIGNEDINFO, NULL, NULL);
if(!sign_info_node)
{
@@ -496,8 +499,10 @@
/*Verify each digest method with policy*/
axiom_node_t *digest_mtd_node = NULL;
axis2_char_t *digest_mtd = NULL;
+ /*digest_mtd_node = oxs_axiom_get_first_child_node_by_name(env,cur_node,
+ OXS_NODE_DIGEST_METHOD, OXS_DSIG_NS, OXS_DS);*/
digest_mtd_node = oxs_axiom_get_first_child_node_by_name(env,cur_node,
- OXS_NODE_DIGEST_METHOD, OXS_DSIG_NS, OXS_DS);
+ OXS_NODE_DIGEST_METHOD, NULL,NULL);
if(digest_mtd_node)
{
digest_mtd = oxs_token_get_digest_method(env, digest_mtd_node);
@@ -547,15 +552,22 @@
AXIS2_LOG_INFO(env->log, "[rampart][shp] No way of gettting the token.");
return AXIS2_FAILURE;
}
+ /*key_info_node = oxs_axiom_get_first_child_node_by_name(env, sig_node,
+ OXS_NODE_KEY_INFO,OXS_DSIG_NS, OXS_DS );*/
+
key_info_node = oxs_axiom_get_first_child_node_by_name(env, sig_node,
- OXS_NODE_KEY_INFO,OXS_DSIG_NS, OXS_DS );
+ OXS_NODE_KEY_INFO,NULL,NULL);
+
if(!key_info_node)
{
AXIS2_LOG_INFO(env->log, "[rampart][shp]Verify failed. Key Info node is not in the message.");
return AXIS2_FAILURE;
}
+ /*str_node = oxs_axiom_get_first_child_node_by_name(env,key_info_node,
+ OXS_NODE_SECURITY_TOKEN_REFRENCE,OXS_WSSE_XMLNS,OXS_WSSE);*/
+
str_node = oxs_axiom_get_first_child_node_by_name(env,key_info_node,
- OXS_NODE_SECURITY_TOKEN_REFRENCE,OXS_WSSE_XMLNS,OXS_WSSE);
+ OXS_NODE_SECURITY_TOKEN_REFRENCE,NULL,NULL);
if(str_node)
{
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_signature.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_signature.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_signature.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_signature.c Mon Mar 19 01:24:38 2007
@@ -134,8 +134,32 @@
{
AXIS2_LOG_INFO(env->log, "[rampart][rampart_signature] No parts specified or specified parts can't be found for Signature.");
return AXIS2_SUCCESS;
- }
- /*Now we have to check whether a token is specified.*/
+ }
+ /*If Timestamp and usernametoken are in the message we should sign them.*/
+
+/* if(rampart_context_get_require_timestamp(rampart_context,env))
+ {
+ axiom_node_t *ts_node = NULL;
+ ts_node = oxs_axiom_get_node_by_local_name(env,sec_node,RAMPART_SECURITY_TIMESTAMP);
+ if(!ts_node)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_signature] Required timestamp cannot be found.");
+ return AXIS2_FAILURE;
+ }
+ axis2_array_list_add(nodes_to_sign,env,ts_node);
+ }
+ if(rampart_context_get_require_ut(rampart_context,env))
+ {
+ axiom_node_t *ut_node = NULL;
+ ut_node = oxs_axiom_get_node_by_local_name(env,sec_node,RAMPART_SECURITY_USERNAMETOKEN);
+ if(!ut_node)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_signature] Required username token cannot be found.");
+ return AXIS2_FAILURE;
+ }
+ axis2_array_list_add(nodes_to_sign,env,ut_node);
+ }
+*/ /*Now we have to check whether a token is specified.*/
token = rampart_context_get_token(rampart_context,env,AXIS2_FALSE,server_side);
if(!token)
{
Modified: webservices/axis2/trunk/c/rampart/test/openssl/sign/test.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/test/openssl/sign/test.c?view=diff&rev=519871&r1=519870&r2=519871
==============================================================================
--- webservices/axis2/trunk/c/rampart/test/openssl/sign/test.c (original)
+++ webservices/axis2/trunk/c/rampart/test/openssl/sign/test.c Mon Mar 19 01:24:38 2007
@@ -72,7 +72,8 @@
return tmpl;
}
-void c14n(axis2_env_t *env, axis2_char_t* filename)
+axis2_char_t *
+c14n(axis2_env_t *env, axis2_char_t* filename)
{
axiom_document_t *doc = NULL;
axis2_char_t *algo = NULL;
@@ -86,10 +87,10 @@
oxs_c14n_apply_algo(env, doc, &c14nized, NULL, (axiom_node_t*)input, algo);
outf = fopen("c14n.txt", "w");
fwrite(c14nized, 1, strlen(c14nized), outf);
-
+ return c14nized;
}
-void digest(axis2_env_t *env, axis2_char_t *in){
+axis2_char_t* digest(axis2_env_t *env, axis2_char_t *in){
axis2_char_t *dg = NULL;
FILE *outf = NULL;
@@ -97,6 +98,7 @@
outf = fopen("digest.txt", "w");
fwrite(dg, 1, strlen(dg), outf);
printf("DIGEST = %s", dg);
+ return dg;
}
int main()
@@ -114,9 +116,18 @@
env = axis2_env_create_all("./openssl.log", AXIS2_LOG_LEVEL_TRACE);
/*new code*/
- c14n(env, "input.xml");
- digest(env, "ABCDABCDABCDABCD");
- return 0;
+ {
+ axis2_char_t *c14op = NULL;
+ axis2_char_t *digestop = NULL;
+ /*FILE *inf = NULL;*/
+ /*c14op = c14n(env, "input.xml");*/
+ /*inf = fopen("c14n.txt", "r");
+ c14op = malloc(2000);
+ fread(c14op, 1, 1999, inf);*/
+ c14op = "<soapenv:Body xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" wsu:Id=\"Id-26953436\"><example1:echo xmlns:example1=\"http://example1.org/example1\"><example1:Text>Testing Rampart with WS-SecPolicy</example1:Text></example1:echo></soapenv:Body>";
+ digestop = digest(env, c14op);
+ return 0;
+ }
/*eof new code*/
/*Load private key*/
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org