Author: shankar
Date: Wed Jul 2 04:35:15 2008
New Revision: 673365
URL: http://svn.apache.org/viewvc?rev=673365&view=rev
Log:
key manager bug fixes.
Modified:
webservices/rampart/trunk/c/include/axis2_key_type.h
webservices/rampart/trunk/c/include/oxs_key_mgr.h
webservices/rampart/trunk/c/src/omxmlsec/key_mgr.c
webservices/rampart/trunk/c/src/secconv/sct_provider_utility.c
webservices/rampart/trunk/c/src/util/rampart_sec_header_processor.c
webservices/rampart/trunk/c/src/util/rampart_signature.c
Modified: webservices/rampart/trunk/c/include/axis2_key_type.h
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/axis2_key_type.h?rev=673365&r1=673364&r2=673365&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/axis2_key_type.h (original)
+++ webservices/rampart/trunk/c/include/axis2_key_type.h Wed Jul 2 04:35:15
2008
@@ -41,6 +41,7 @@
{
AXIS2_KEY_TYPE_UNKNOWN = 0,
AXIS2_KEY_TYPE_PEM,
+ AXIS2_KEY_TYPE_CERT,
AXIS2_KEY_TYPE_DER,
AXIS2_KEY_TYPE_OTHER
}axis2_key_type_t;
Modified: webservices/rampart/trunk/c/include/oxs_key_mgr.h
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/oxs_key_mgr.h?rev=673365&r1=673364&r2=673365&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/oxs_key_mgr.h (original)
+++ webservices/rampart/trunk/c/include/oxs_key_mgr.h Wed Jul 2 04:35:15 2008
@@ -343,6 +343,11 @@
void *key_store_buf,
int len);
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_key_mgr_increment_ref(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env);
+
/** @} */
#ifdef __cplusplus
Modified: webservices/rampart/trunk/c/src/omxmlsec/key_mgr.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/key_mgr.c?rev=673365&r1=673364&r2=673365&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/key_mgr.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/key_mgr.c Wed Jul 2 04:35:15 2008
@@ -66,6 +66,9 @@
/* Format of the current key */
oxs_key_mgr_format_t format;
+
+ /* ref count to monitor when to free */
+ int ref;
};
AXIS2_EXTERN oxs_key_mgr_t * AXIS2_CALL
@@ -89,6 +92,7 @@
key_mgr->pem_buf = NULL;
key_mgr->format = -1;
key_mgr->pkcs12_buf = NULL;
+ key_mgr->ref = 1;
}
return key_mgr;
}
@@ -97,17 +101,34 @@
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_mgr_free(oxs_key_mgr_t *key_mgr, const axutil_env_t *env)
{
- if(key_mgr->certificate)
- {
- oxs_x509_cert_free(key_mgr->certificate, env);
- key_mgr->certificate = NULL;
- }
- if(key_mgr->receiver_certificate)
- {
- oxs_x509_cert_free(key_mgr->receiver_certificate, env);
- key_mgr->receiver_certificate = NULL;
+ if(--(key_mgr->ref) < 1)
+ {
+ if(key_mgr->certificate)
+ {
+ if(key_mgr->certificate_type == AXIS2_KEY_TYPE_PEM)
+ {
+ AXIS2_FREE(env->allocator, key_mgr->certificate);
+ }
+ else
+ {
+ oxs_x509_cert_free(key_mgr->certificate, env);
+ }
+ key_mgr->certificate = NULL;
+ }
+ if(key_mgr->receiver_certificate)
+ {
+ if(key_mgr->receiver_certificate_type == AXIS2_KEY_TYPE_PEM)
+ {
+ AXIS2_FREE(env->allocator, key_mgr->receiver_certificate);
+ }
+ else
+ {
+ oxs_x509_cert_free(key_mgr->receiver_certificate, env);
+ }
+ key_mgr->receiver_certificate = NULL;
+ }
+ AXIS2_FREE(env->allocator, key_mgr);
}
- AXIS2_FREE(env->allocator, key_mgr);
return AXIS2_SUCCESS;
}
@@ -233,9 +254,14 @@
else
{
key_mgr->certificate = cert;
+ key_mgr->certificate_type = AXIS2_KEY_TYPE_CERT;
return cert;
}
}
+ else if(key_mgr->certificate_type == AXIS2_KEY_TYPE_CERT)
+ {
+ return key_mgr->certificate;
+ }
else
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
@@ -390,9 +416,14 @@
else
{
key_mgr->receiver_certificate = oxs_cert;
+ key_mgr->receiver_certificate_type = AXIS2_KEY_TYPE_CERT;
return oxs_cert;
}
}
+ else if(key_mgr->receiver_certificate_type == AXIS2_KEY_TYPE_CERT)
+ {
+ return key_mgr->receiver_certificate;
+ }
else
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
@@ -968,4 +999,11 @@
return NULL;
}
-
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_key_mgr_increment_ref(
+ oxs_key_mgr_t *key_mgr,
+ const axutil_env_t *env)
+{
+ key_mgr->ref++;
+ return AXIS2_SUCCESS;
+}
Modified: webservices/rampart/trunk/c/src/secconv/sct_provider_utility.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/secconv/sct_provider_utility.c?rev=673365&r1=673364&r2=673365&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/secconv/sct_provider_utility.c (original)
+++ webservices/rampart/trunk/c/src/secconv/sct_provider_utility.c Wed Jul 2
04:35:15 2008
@@ -776,6 +776,7 @@
{
rampart_context_t *in_rampart_ctx = NULL;
rampart_context_t *out_rampart_ctx = NULL;
+ oxs_key_mgr_t *key_mgr = NULL;
in_rampart_ctx = (rampart_context_t*)rampart_get_rampart_configuration(
env, msg_ctx, RAMPART_CONFIGURATION);
@@ -797,18 +798,6 @@
rampart_context_set_ttl(out_rampart_ctx, env,
rampart_context_get_ttl(in_rampart_ctx, env));
rampart_context_set_user(out_rampart_ctx, env,
axutil_strdup(env, rampart_context_get_user(in_rampart_ctx, env)));
- rampart_context_set_certificate(out_rampart_ctx, env,
- rampart_context_get_certificate(in_rampart_ctx, env));
- rampart_context_set_certificate_type(out_rampart_ctx, env,
- rampart_context_get_certificate_type(in_rampart_ctx, env));
- rampart_context_set_receiver_certificate(out_rampart_ctx, env,
- rampart_context_get_receiver_certificate(in_rampart_ctx, env));
- rampart_context_set_receiver_certificate_type(out_rampart_ctx, env,
- rampart_context_get_receiver_certificate_type(in_rampart_ctx, env));
- rampart_context_set_prv_key(out_rampart_ctx, env,
- rampart_context_get_prv_key(in_rampart_ctx, env));
- rampart_context_set_prv_key_type(out_rampart_ctx, env,
- rampart_context_get_prv_key_type(in_rampart_ctx, env));
rampart_context_set_password_type(out_rampart_ctx, env,
rampart_context_get_password_type(in_rampart_ctx, env));
rampart_context_set_password(out_rampart_ctx, env,
@@ -822,5 +811,13 @@
rampart_context_set_rd_val(out_rampart_ctx, env,
rampart_context_get_rd_val(in_rampart_ctx, env));
+ /* set key manager as well */
+ key_mgr = rampart_context_get_key_mgr(in_rampart_ctx, env);
+ if(key_mgr)
+ {
+ oxs_key_mgr_increment_ref(key_mgr, env);
+ rampart_context_set_key_mgr(out_rampart_ctx, env, key_mgr);
+ }
+
return out_rampart_ctx;
}
Modified: webservices/rampart/trunk/c/src/util/rampart_sec_header_processor.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_sec_header_processor.c?rev=673365&r1=673364&r2=673365&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_sec_header_processor.c
(original)
+++ webservices/rampart/trunk/c/src/util/rampart_sec_header_processor.c Wed Jul
2 04:35:15 2008
@@ -1728,23 +1728,6 @@
}
return AXIS2_SUCCESS;
}
-#if 0
-static axis2_status_t
-rampart_shp_process_bst(const axutil_env_t *env,
- axis2_msg_ctx_t *msg_ctx,
- rampart_context_t *rampart_context,
- axiom_node_t *sec_node,
- axiom_node_t *bst_node)
-{
- axis2_char_t *cert_buf = NULL;
-
- cert_buf = (axis2_char_t*)oxs_axiom_get_node_content(env, bst_node);
- /*Set to Rampart Context*/
- rampart_context_set_certificate(rampart_context, env, cert_buf);
- rampart_context_set_certificate_type(rampart_context, env,
AXIS2_KEY_TYPE_PEM);
- return AXIS2_SUCCESS;
-}
-#endif
static axis2_status_t
rampart_shp_process_derived_key(const axutil_env_t *env,
Modified: webservices/rampart/trunk/c/src/util/rampart_signature.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_signature.c?rev=673365&r1=673364&r2=673365&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_signature.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_signature.c Wed Jul 2
04:35:15 2008
@@ -67,68 +67,6 @@
axiom_soap_envelope_t *soap_envelope,
axiom_node_t *sec_node);
-
-oxs_x509_cert_t *AXIS2_CALL
-rampart_sig_get_cert(const axutil_env_t *env,
- rampart_context_t *rampart_context)
-{
- void *key_buf = NULL;
- axis2_key_type_t type = 0;
- oxs_x509_cert_t *cert = NULL;
- axis2_char_t *certificate_file = NULL;
-
- key_buf = rampart_context_get_certificate(rampart_context, env);
- if(key_buf)
- {
- type = rampart_context_get_certificate_type(rampart_context, env);
- if(type == AXIS2_KEY_TYPE_PEM)
- {
- cert = oxs_key_mgr_load_x509_cert_from_string(env,
- (axis2_char_t *)key_buf);
- if(!cert)
- {
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_signature] Certificate
cannot be loaded from the buffer.");
- return NULL;
- }
- else
- {
- return cert;
- }
- }
- else
- {
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_signature] Key file type
unknown.");
- return NULL;
- }
- }
- else
- {
- certificate_file =
rampart_context_get_certificate_file(rampart_context, env);
- if(certificate_file)
- {
- cert = oxs_key_mgr_load_x509_cert_from_pem_file(env,
certificate_file);
- if(!cert)
- {
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_signature] Certificate
cannot be loaded from the file.");
- return NULL;
- }
- else
- {
- return cert;
- }
- }
- else
- {
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_signature] Public key
certificate file is not specified.");
- return NULL;
- }
- }
-}
-
axis2_status_t AXIS2_CALL
rampart_sig_prepare_key_info_for_sym_binding(const axutil_env_t *env,
rampart_context_t *rampart_context,
