Author: supun
Date: Thu Apr 3 22:12:03 2008
New Revision: 644610
URL: http://svn.apache.org/viewvc?rev=644610&view=rev
Log: (empty)
Modified:
webservices/rampart/scratch/c/pkcs/c/include/oxs_asym_ctx.h
webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/asym_ctx.c
webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/key_mgr.c
webservices/rampart/scratch/c/pkcs/c/src/util/rampart_encryption.c
webservices/rampart/scratch/c/pkcs/c/src/util/rampart_engine.c
webservices/rampart/scratch/c/pkcs/c/src/util/rampart_sec_header_processor.c
Modified: webservices/rampart/scratch/c/pkcs/c/include/oxs_asym_ctx.h
URL:
http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/include/oxs_asym_ctx.h?rev=644610&r1=644609&r2=644610&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/include/oxs_asym_ctx.h (original)
+++ webservices/rampart/scratch/c/pkcs/c/include/oxs_asym_ctx.h Thu Apr 3
22:12:03 2008
@@ -83,9 +83,9 @@
[EMAIL PROTECTED] pointer to environment struct
[EMAIL PROTECTED] AXIS2_SUCCESS on success, else AXIS2_FAILURE
*/
- AXIS2_EXTERN oxs_asym_ctx_format_t AXIS2_CALL
+ /*AXIS2_EXTERN oxs_asym_ctx_format_t AXIS2_CALL
oxs_asym_ctx_get_format(const oxs_asym_ctx_t *ctx,
- const axutil_env_t *env);
+ const axutil_env_t *env);*/
/**
*Get the algorithm used to encrypt
Modified: webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/asym_ctx.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/asym_ctx.c?rev=644610&r1=644609&r2=644610&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/asym_ctx.c (original)
+++ webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/asym_ctx.c Thu Apr 3
22:12:03 2008
@@ -26,7 +26,6 @@
axis2_char_t *algorithm;
axis2_char_t *st_ref_pattern;
oxs_asym_ctx_operation_t operation;
- oxs_asym_ctx_format_t format;
oxs_x509_cert_t *certificate;
openssl_pkey_t *private_key;
};
Modified: webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/key_mgr.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/key_mgr.c?rev=644610&r1=644609&r2=644610&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/key_mgr.c (original)
+++ webservices/rampart/scratch/c/pkcs/c/src/omxmlsec/key_mgr.c Thu Apr 3
22:12:03 2008
@@ -103,6 +103,7 @@
key_mgr->receiver_certificate = NULL;
}
AXIS2_FREE(env->allocator, key_mgr);
+ return AXIS2_SUCCESS;
}
AXIS2_EXTERN axis2_char_t *AXIS2_CALL
@@ -189,7 +190,7 @@
{
AXIS2_FREE(env->allocator, key_mgr->reciever_certificate_file);
}
- key_mgr->reciever_certificate_file = axutil_strdup(env,
key_mgr->reciever_certificate_file);
+ key_mgr->reciever_certificate_file = axutil_strdup(env, file_name);
return AXIS2_SUCCESS;
}
@@ -257,7 +258,7 @@
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
"[rampart][rampart_signature] Cannot load the
private key from pfx file.");
- return AXIS2_FAILURE;
+ return NULL;
}
}
else if(oxs_util_get_format_by_file_extension(env, prv_key_file)
@@ -269,16 +270,17 @@
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
"[rampart][rampart_signature] Cannot load the
private key from file.");
- return AXIS2_FAILURE;
+ return NULL;
}
}
else
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
"[rampart][rampart_signature] Unknown Private key
format.");
- return AXIS2_FAILURE;
+ return NULL;
}
}
+ return prvkey;
}
AXIS2_EXTERN axis2_key_type_t AXIS2_CALL
@@ -449,44 +451,51 @@
}
else
{
+ oxs_asym_ctx_operation_t operation = oxs_asym_ctx_get_operation(ctx,
env);
+ if((operation == OXS_ASYM_CTX_OPERATION_PRV_DECRYPT) || (operation ==
OXS_ASYM_CTX_OPERATION_PRV_ENCRYPT))
+ {
+ filename = oxs_key_mgr_get_private_key_file(key_mgr, env);
+ }
+ else if(operation == OXS_ASYM_CTX_OPERATION_PUB_DECRYPT)
+ {
+ filename = oxs_key_mgr_get_reciever_certificate_file(key_mgr, env);
+ }
+ else if(operation == OXS_ASYM_CTX_OPERATION_PUB_ENCRYPT)
+ {
+ filename = oxs_key_mgr_get_reciever_certificate_file(key_mgr, env);
+ }
/* pem_buf is NULL. So we have to fetch the key in a file*/
- /* Get file to be loaded. Can be either in PEM or PKCS12 format*/
- if(OXS_KEY_MGR_FORMAT_PEM == oxs_key_mgr_get_format(key_mgr, env))
- {
- oxs_asym_ctx_operation_t operation ;
+ /* Get file to be loaded. Can be either in PEM or PKCS12 format*/
+ if(!filename){
+ return AXIS2_FAILURE;
+ }
+
+ if(OXS_ASYM_CTX_FORMAT_PEM == oxs_key_mgr_get_format(key_mgr, env)){
+ format = OPENSSL_X509_FORMAT_PEM;
+
+
+ /*First let's check if this is a file containing a certificate*/
+ status = openssl_x509_load_from_pem(env, filename, &cert);
+
+ if((status == AXIS2_FAILURE) || (!cert)){
+
+ /* If we cannot get the certificate then the file might
contain either a public key or a private key*/
+ /* The type depends on the operation*/
operation = oxs_asym_ctx_get_operation(ctx, env);
- if((operation == OXS_ASYM_CTX_OPERATION_PRV_DECRYPT) ||
(operation == OXS_ASYM_CTX_OPERATION_PRV_ENCRYPT))
- {
- filename = oxs_key_mgr_get_private_key_file(key_mgr,
env);
- if(!filename)
- return AXIS2_FAILURE;
+ if((operation == OXS_ASYM_CTX_OPERATION_PRV_DECRYPT) ||
(operation == OXS_ASYM_CTX_OPERATION_PRV_ENCRYPT)){
status = openssl_pem_read_pkey(env, filename,
key_mgr->prv_key_password, OPENSSL_PEM_PKEY_TYPE_PRIVATE_KEY, &prvkey);
- if(status == AXIS2_FAILURE)
- {
+ if(status == AXIS2_FAILURE){
prvkey = NULL;
}
- }
- else if(operation == OXS_ASYM_CTX_OPERATION_PUB_DECRYPT)
- {
- filename =
oxs_key_mgr_get_reciever_certificate_file(key_mgr, env);
- status = openssl_pem_read_pkey(env, filename,
key_mgr->prv_key_password, OPENSSL_PEM_PKEY_TYPE_PUBLIC_KEY, &pubkey);
- if(status == AXIS2_FAILURE)
- {
- pubkey = NULL;
- }
- }
- else if(operation == OXS_ASYM_CTX_OPERATION_PUB_ENCRYPT)
- {
- filename =
oxs_key_mgr_get_reciever_certificate_file(key_mgr, env);
+ } else if((operation == OXS_ASYM_CTX_OPERATION_PUB_DECRYPT) ||
(operation == OXS_ASYM_CTX_OPERATION_PUB_ENCRYPT)){
status = openssl_pem_read_pkey(env, filename,
key_mgr->prv_key_password, OPENSSL_PEM_PKEY_TYPE_PUBLIC_KEY, &pubkey);
- if(status == AXIS2_FAILURE)
- {
+ if(status == AXIS2_FAILURE){
pubkey = NULL;
}
}
-
- }else if(OXS_ASYM_CTX_FORMAT_PKCS12 == oxs_asym_ctx_get_format(ctx,
env)){
+ }
+ }else if(OXS_ASYM_CTX_FORMAT_PKCS12 == oxs_key_mgr_get_format(key_mgr,
env)){
format = OPENSSL_X509_FORMAT_PKCS12;
/* Here we load both key and the certificate*/
Modified: webservices/rampart/scratch/c/pkcs/c/src/util/rampart_encryption.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/src/util/rampart_encryption.c?rev=644610&r1=644609&r2=644610&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/src/util/rampart_encryption.c
(original)
+++ webservices/rampart/scratch/c/pkcs/c/src/util/rampart_encryption.c Thu Apr
3 22:12:03 2008
@@ -89,6 +89,8 @@
axis2_char_t *certificate_file = NULL;
axis2_char_t *password = NULL;
axis2_char_t *enc_user = NULL;
+ oxs_key_mgr_t *key_mgr = NULL;
+ oxs_x509_cert_t *certificate = NULL;
token = rampart_context_get_token(rampart_context, env,
AXIS2_TRUE, server_side, AXIS2_FALSE);
token_type = rp_property_get_type(token, env);
@@ -107,7 +109,6 @@
/*Get encryption key identifier*/
/*First we should check whether we include the token in the
*message.*/
-
if(rampart_context_is_token_include(rampart_context,
token, token_type, server_side,
AXIS2_FALSE, env))
{
@@ -123,11 +124,14 @@
"[rampart][rampart_encryption] No mechanism for
attaching the certificate info.");
return AXIS2_FAILURE;
}
-
+ key_mgr = rampart_context_get_key_mgr(rampart_context, env);
/*Create asymmetric encryption context*/
asym_ctx = oxs_asym_ctx_create(env);
- oxs_asym_ctx_set_algorithm(asym_ctx, env, enc_asym_algo);
-
+ oxs_asym_ctx_set_algorithm(asym_ctx, env, enc_asym_algo);
+ certificate_file = oxs_key_mgr_get_reciever_certificate_file(
+ key_mgr, env);
+ oxs_key_mgr_set_format(key_mgr, env,
+ oxs_util_get_format_by_file_extension(env,
certificate_file));
/*First check whether the public key is set*/
key_buf = rampart_context_get_receiver_certificate(rampart_context, env);
if(key_buf)
@@ -136,63 +140,17 @@
type = rampart_context_get_receiver_certificate_type(rampart_context,
env);
if(type == AXIS2_KEY_TYPE_PEM)
{
- oxs_asym_ctx_set_format(asym_ctx, env, OXS_ASYM_CTX_FORMAT_PEM);
- oxs_asym_ctx_set_pem_buf(asym_ctx, env, (axis2_char_t *)key_buf);
- }
- }
-
- /*Buffer is null load from the file*/
- else
- {
- certificate_file = rampart_context_get_receiver_certificate_file(
- rampart_context, env);
- oxs_asym_ctx_set_file_name(asym_ctx, env, certificate_file);
- oxs_asym_ctx_set_format(asym_ctx, env,
- oxs_util_get_format_by_file_extension(env,
certificate_file));
-
- /*Get the password to retrieve the key from key store*/
- password = rampart_context_get_prv_key_password(rampart_context, env);
-
- if(!password)
- {
- enc_user = rampart_context_get_encryption_user(rampart_context,
env);
-
- if(!enc_user)
- {
- enc_user = rampart_context_get_user(rampart_context, env);
- }
-
- if(enc_user)
- {
- password_function =
rampart_context_get_pwcb_function(rampart_context, env);
- if(password_function)
- {
- password = (*password_function)(env, enc_user, param);
- }
-
- else
- {
- password_callback = rampart_context_get_password_callback
- (rampart_context, env);
- if(!password_callback)
- {
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_encryption]
Password call back module is not loaded.");
- return AXIS2_FAILURE;
- }
- password = rampart_callback_password(env,
password_callback, enc_user);
- if(password)
- {
- oxs_asym_ctx_set_password(asym_ctx, env, password);
- }
- }
- }
+ oxs_key_mgr_set_format(key_mgr, env, OXS_ASYM_CTX_FORMAT_PEM);
+ oxs_key_mgr_set_pem_buf(key_mgr, env, (axis2_char_t *)key_buf);
}
}
+
+ oxs_asym_ctx_set_certificate(asym_ctx, env, certificate);
oxs_asym_ctx_set_operation(asym_ctx, env,
OXS_ASYM_CTX_OPERATION_PUB_ENCRYPT);
oxs_asym_ctx_set_st_ref_pattern(asym_ctx, env, eki);
+ oxs_key_mgr_load_key(key_mgr, env, asym_ctx);
/*Encrypt the session key*/
status = oxs_xml_enc_encrypt_key(env, asym_ctx,
sec_node, session_key, id_list);
Modified: webservices/rampart/scratch/c/pkcs/c/src/util/rampart_engine.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/src/util/rampart_engine.c?rev=644610&r1=644609&r2=644610&view=diff
==============================================================================
--- webservices/rampart/scratch/c/pkcs/c/src/util/rampart_engine.c (original)
+++ webservices/rampart/scratch/c/pkcs/c/src/util/rampart_engine.c Thu Apr 3
22:12:03 2008
@@ -193,7 +193,7 @@
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
"[rampart][engine] Key mgr
creation failed.");
- return AXIS2_FAILURE;
+ return NULL;
}
if (password)
{
Modified:
webservices/rampart/scratch/c/pkcs/c/src/util/rampart_sec_header_processor.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/scratch/c/pkcs/c/src/util/rampart_sec_header_processor.c?rev=644610&r1=644609&r2=644610&view=diff
==============================================================================
---
webservices/rampart/scratch/c/pkcs/c/src/util/rampart_sec_header_processor.c
(original)
+++
webservices/rampart/scratch/c/pkcs/c/src/util/rampart_sec_header_processor.c
Thu Apr 3 22:12:03 2008
@@ -641,63 +641,10 @@
oxs_key_mgr_set_pem_buf(key_mgr, env, key_buf);
}
}
- else
- {
- prv_key_file = rampart_context_get_private_key_file(rampart_context,
env);
- if(!prv_key_file)
- {
- rampart_create_fault_envelope(env, RAMPART_FAULT_FAILED_CHECK,
- "Error in the policy. No private
key", RAMPART_FAULT_IN_POLICY, msg_ctx);
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][shp] Private Key is not specified.");
- return AXIS2_FAILURE;
- }
- oxs_key_mgr_set_private_key_file(key_mgr, env, prv_key_file);
- oxs_key_mgr_set_format(key_mgr, env,
oxs_util_get_format_by_file_extension(env, prv_key_file));
-
-
- /*Get the password to retrieve the key from key store*/
- /* password = rampart_callback_encuser_password(env, actions,
msg_ctx);*/
-
- password = rampart_context_get_prv_key_password(rampart_context, env);
-
- if(!password)
- {
- enc_user = rampart_context_get_encryption_user(rampart_context,
env);
-
- if(!enc_user)
- {
- enc_user = rampart_context_get_user(rampart_context, env);
- }
-
- if(enc_user)
- {
- password_function =
rampart_context_get_pwcb_function(rampart_context, env);
- if(password_function)
- {
- password = (*password_function)(env, enc_user, param);
- }
-
- else
- {
- password_callback =
rampart_context_get_password_callback(rampart_context, env);
- if(!password_callback)
- {
- rampart_create_fault_envelope(env,
RAMPART_FAULT_FAILED_CHECK,
- "Error in the policy. No
password callback", RAMPART_FAULT_IN_POLICY, msg_ctx);
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][shp] Password call back
module is not specified.");
-
- return AXIS2_FAILURE;
- }
- password = rampart_callback_password(env,
password_callback, enc_user);
- }
- }
- }
- oxs_key_mgr_set_prv_key_password(key_mgr, env, password);
- }
oxs_asym_ctx_set_operation(asym_ctx, env,
OXS_ASYM_CTX_OPERATION_PRV_DECRYPT);
-
+ prv_key_file = rampart_context_get_private_key_file(rampart_context, env);
+ oxs_key_mgr_set_format(key_mgr, env,
+ oxs_util_get_format_by_file_extension(env,
prv_key_file));
/* TODO:Populate assymetric context */
oxs_key_mgr_load_key(key_mgr, env, asym_ctx);
