rampart_signature.c

kaushalye Thu, 01 Nov 2007 00:19:10 -0800

Author: kaushalye
Date: Thu Nov  1 01:18:48 2007
New Revision: 590926

URL: http://svn.apache.org/viewvc?rev=590926&view=rev
Log:
Instead of making the EncryptedKey the first elem, its safe to make it come 
earlier than Signature element in the Security Header


Modified:
    webservices/rampart/trunk/c/include/oxs_axiom.h
    webservices/rampart/trunk/c/src/omxmlsec/axiom.c
    webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c
    webservices/rampart/trunk/c/src/util/rampart_signature.c

Modified: webservices/rampart/trunk/c/include/oxs_axiom.h
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/oxs_axiom.h?rev=590926&r1=590925&r2=590926&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/oxs_axiom.h (original)
+++ webservices/rampart/trunk/c/include/oxs_axiom.h Thu Nov  1 01:18:48 2007
@@ -144,6 +144,11 @@
     AXIS2_EXTERN axis2_status_t AXIS2_CALL
     oxs_axiom_check_node_name(const axutil_env_t *env, axiom_node_t* node, 
axis2_char_t* name, axis2_char_t* ns);
 
+
+    AXIS2_EXTERN axis2_status_t AXIS2_CALL
+    oxs_axiom_interchange_nodes(const axutil_env_t *env,
+                          axiom_node_t *node_to_move,
+                          axiom_node_t *node_before); 
     /** @} */
 #ifdef __cplusplus
 }

Modified: webservices/rampart/trunk/c/src/omxmlsec/axiom.c
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/axiom.c?rev=590926&r1=590925&r2=590926&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/axiom.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/axiom.c Thu Nov  1 01:18:48 2007
@@ -411,3 +411,18 @@
 
 }
 
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_axiom_interchange_nodes(const axutil_env_t *env,
+                          axiom_node_t *node_to_move,
+                          axiom_node_t *node_before)
+{
+    axis2_status_t status = AXIS2_FAILURE;
+
+    axiom_node_t *temp_node = NULL;
+
+    temp_node = axiom_node_detach(node_to_move,env);
+    status = axiom_node_insert_sibling_before(node_before, env, temp_node);
+
+    return status;
+}
+

Modified: webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c?rev=590926&r1=590925&r2=590926&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c Thu Nov  
1 01:18:48 2007
@@ -37,44 +37,6 @@
 /*Private functions*/
 
 axis2_status_t AXIS2_CALL
-rampart_shb_make_enc_key_the_first_child(const axutil_env_t *env,
-    axiom_node_t *sec_node)
-{
-    axis2_status_t status = AXIS2_FAILURE;
-    axiom_node_t *enc_key_node = NULL;
-    axiom_node_t *first_child_node = NULL;
-
-    /*return AXIS2_SUCCESS;*/
-
-    enc_key_node = oxs_axiom_get_first_child_node_by_name(env, sec_node, 
OXS_NODE_ENCRYPTED_KEY , OXS_ENC_NS, NULL);
-    if(!enc_key_node){
-        /*Fine!!! There is no ENCRYPTED_KEY*/
-        return AXIS2_SUCCESS;
-    }
-    enc_key_node = axiom_node_detach(enc_key_node, env);
-    first_child_node = axiom_node_get_first_child(sec_node, env);
-
-    status = axiom_node_insert_sibling_before(first_child_node, env, 
enc_key_node);
-
-    return status;
-}
-
-axis2_status_t AXIS2_CALL
-rampart_interchange_nodes(const axutil_env_t *env,
-                          axiom_node_t *node_to_move,
-                          axiom_node_t *node_before)
-{
-    axis2_status_t status = AXIS2_FAILURE;
-
-    axiom_node_t *temp_node = NULL;
-
-    temp_node = axiom_node_detach(node_to_move,env);
-    status = axiom_node_insert_sibling_before(node_before,env,temp_node);
-
-    return status;
-}
-
-axis2_status_t AXIS2_CALL
 rampart_shb_do_symmetric_binding( const axutil_env_t *env,
                                   axis2_msg_ctx_t *msg_ctx,
                                   rampart_context_t *rampart_context,
@@ -130,7 +92,7 @@
     if(rampart_context_is_encrypt_before_sign(rampart_context, env))
     {
         is_encrypt_before_sign = AXIS2_TRUE;
-        /*TODO encrypt before sign. Complicated stuff...*/
+        /*Encrypt before sign. Complicated stuff...*/
         /**
          * 1. encrypt parts to be encrypted
          * 2. sign parts to be signed
@@ -182,7 +144,7 @@
         }
     }
     /*If there is an EncryptedKey attache it as the first child*/
-    status = rampart_shb_make_enc_key_the_first_child(env, sec_node);
+    /*status = rampart_shb_make_enc_key_the_first_child(env, sec_node);*/
 
     status = AXIS2_SUCCESS;
 
@@ -386,7 +348,7 @@
         {
             if(is_encrypt_before_sign)
             {
-                status = rampart_interchange_nodes(env, sig_node, 
enc_key_node);
+                status = oxs_axiom_interchange_nodes(env, sig_node, 
enc_key_node);
                 if(status!=AXIS2_SUCCESS)
                 {
                     AXIS2_LOG_INFO(env->log,"[rampart][shb] Node interchange 
failed.");
@@ -395,7 +357,7 @@
             }
             else /*Sign before encryption*/
             {
-                status = rampart_interchange_nodes(env, enc_key_node, 
sig_node);
+                status = oxa_axiom_interchange_nodes(env, enc_key_node, 
sig_node);
                 if(status!=AXIS2_SUCCESS)
                 {
                     AXIS2_LOG_INFO(env->log,"[rampart][shb] Node interchange 
failed.");
@@ -415,7 +377,7 @@
                 }
                 else
                 {
-                    status = rampart_interchange_nodes(env, enc_key_node, 
enc_data_node);
+                    status = oxs_axiom_interchange_nodes(env, enc_key_node, 
enc_data_node);
                     if(status != AXIS2_SUCCESS)
                     {
                         AXIS2_LOG_ERROR(env->log, 
AXIS2_LOG_SI,"[rampart][shb]Cannot interchange enc_key and enc_data nodes");

Modified: webservices/rampart/trunk/c/src/util/rampart_signature.c
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_signature.c?rev=590926&r1=590925&r2=590926&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_signature.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_signature.c Thu Nov  1 
01:18:48 2007
@@ -30,7 +30,7 @@
 #include <oxs_key.h>
 #include <oxs_key_mgr.h>
 #include <openssl_pkey.h>
-#include <oxs_error.h>
+#include <oxs_axiom.h>
 #include <oxs_transform.h>
 #include <oxs_transforms_factory.h>
 #include <oxs_sign_ctx.h>
@@ -660,6 +660,8 @@
             /*Add Id attribute*/
             enc_key_id = oxs_util_generate_id(env, 
(axis2_char_t*)OXS_ENCKEY_ID);
             oxs_axiom_add_attribute(env, encrypted_key_node, NULL, NULL, 
OXS_ATTR_ID, enc_key_id);
+            /*And we have to make sure that we place this newly generated 
EncryptedKey node above the Signature node*/
+            oxs_axiom_interchange_nodes(env, encrypted_key_node, sig_node);
         }else{
             /*There is the encrypted key. May be used by the encryption 
process. So get the Id and use it*/
             enc_key_id = oxs_axiom_get_attribute_value_of_node_by_name(env, 
encrypted_key_node, OXS_ATTR_ID, NULL);

svn commit: r590926 - in /webservices/rampart/trunk/c: include/oxs_axiom.h src/omxmlsec/axiom.c src/util/rampart_sec_header_builder.c src/util/rampart_signature.c

Reply via email to