Return-Path: Delivered-To: apmail-ws-axis-dev-archive@www.apache.org Received: (qmail 58213 invoked from network); 10 Aug 2006 05:01:55 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 10 Aug 2006 05:01:55 -0000 Received: (qmail 53644 invoked by uid 500); 10 Aug 2006 05:01:55 -0000 Delivered-To: apmail-ws-axis-dev-archive@ws.apache.org Received: (qmail 53395 invoked by uid 500); 10 Aug 2006 05:01:54 -0000 Mailing-List: contact axis-cvs-help@ws.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list axis-cvs@ws.apache.org Received: (qmail 53384 invoked by uid 500); 10 Aug 2006 05:01:54 -0000 Delivered-To: apmail-ws-axis2-cvs@ws.apache.org Received: (qmail 53381 invoked by uid 99); 10 Aug 2006 05:01:54 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Aug 2006 22:01:54 -0700 X-ASF-Spam-Status: No, hits=-9.4 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [140.211.166.113] (HELO eris.apache.org) (140.211.166.113) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Aug 2006 22:01:53 -0700 Received: by eris.apache.org (Postfix, from userid 65534) id 092E71A981A; Wed, 9 Aug 2006 22:01:33 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r430242 - in /webservices/axis2/trunk/c/rampart/src: handlers/ omxmlsec/ omxmlsec/openssl/ util/ Date: Thu, 10 Aug 2006 05:01:29 -0000 To: axis2-cvs@ws.apache.org From: damitha@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20060810050133.092E71A981A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Author: damitha Date: Wed Aug 9 22:01:27 2006 New Revision: 430242 URL: http://svn.apache.org/viewvc?rev=430242&view=rev Log: Applying patch and deleting oxs_enc.c and oxs_ctx.c files Removed: webservices/axis2/trunk/c/rampart/src/omxmlsec/oxs_ctx.c webservices/axis2/trunk/c/rampart/src/omxmlsec/oxs_enc.c Modified: webservices/axis2/trunk/c/rampart/src/handlers/rampart_in_handler.c webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c webservices/axis2/trunk/c/rampart/src/omxmlsec/axiom.c webservices/axis2/trunk/c/rampart/src/omxmlsec/buffer.c webservices/axis2/trunk/c/rampart/src/omxmlsec/enc_engine.c webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/rsa.c webservices/axis2/trunk/c/rampart/src/omxmlsec/token_encrypted_key.c webservices/axis2/trunk/c/rampart/src/omxmlsec/token_reference_list.c webservices/axis2/trunk/c/rampart/src/util/rampart_crypto_engine.c webservices/axis2/trunk/c/rampart/src/util/rampart_util.c Modified: webservices/axis2/trunk/c/rampart/src/handlers/rampart_in_handler.c URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/handlers/rampart_in_handler.c?rev=430242&r1=430241&r2=430242&view=diff ============================================================================== --- webservices/axis2/trunk/c/rampart/src/handlers/rampart_in_handler.c (original) +++ webservices/axis2/trunk/c/rampart/src/handlers/rampart_in_handler.c Wed Aug 9 22:01:27 2006 @@ -140,6 +140,10 @@ item = strtok (items," "); while (item != NULL) { + sec_node = rampart_get_security_token(env, msg_ctx, soap_header); + sec_ele = AXIOM_NODE_GET_DATA_ELEMENT(sec_node, env); + printf("\n::Items %s -> %s\n", items, item); + if( 0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_USERNAMETOKEN, AXIS2_STRTRIM(env, item, NULL)) ) { axis2_status_t valid_user = AXIS2_FAILURE; @@ -156,9 +160,15 @@ }else if( 0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_ENCRYPT, AXIS2_STRTRIM(env, item, NULL)) ){ /*Do useful to verify encrypt*/ - printf("InHandler : Decrypt\n"); + printf("InHandler : Decrypt..............................\n"); enc_status = rampart_crypto_decrypt_message(env, msg_ctx, param_action, soap_envelope, sec_node); - + if(enc_status == AXIS2_SUCCESS){ + rampart_print_info(env, "Decryption success"); + status = AXIS2_SUCCESS; + }else{ + rampart_print_info(env, "Decryption failed"); + return AXIS2_FAILURE; + } }else if( 0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_SIGNATURE, AXIS2_STRTRIM(env, item, NULL)) ){ /*Do useful to verify sign*/ printf("InHandler : Signature\n"); @@ -167,8 +177,6 @@ axis2_qname_t *qname = NULL; axis2_status_t valid_ts = AXIS2_FAILURE; rampart_print_info(env,"Validate timestamp "); - sec_node = rampart_get_security_token(env, msg_ctx, soap_header); - sec_ele = AXIOM_NODE_GET_DATA_ELEMENT(sec_node, env); qname = axis2_qname_create(env, Modified: webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c?rev=430242&r1=430241&r2=430242&view=diff ============================================================================== --- webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c (original) +++ webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c Wed Aug 9 22:01:27 2006 @@ -221,11 +221,16 @@ AXIS2_STRTRIM(env, item, NULL))){ printf("OUtHandler : Item is Encrypt\n"); enc_status = rampart_crypto_encrypt_message(env,msg_ctx, param_action, soap_envelope, sec_node); - + if(enc_status == AXIS2_SUCCESS){ + rampart_print_info(env, "Encryption success"); + }else{ + rampart_print_info(env, "Encryption failed"); + return AXIS2_FAILURE; + } /*Signature*/ }else if(0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_SIGNATURE, AXIS2_STRTRIM(env, item, NULL))){ - printf("OutHandler : Item is SignatureSignature. Sorry we dont support\n"); + printf("OutHandler : Item is Signature. Sorry we dont support\n"); /*Any other type of action*/ }else Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/axiom.c URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/axiom.c?rev=430242&r1=430241&r2=430242&view=diff ============================================================================== --- webservices/axis2/trunk/c/rampart/src/omxmlsec/axiom.c (original) +++ webservices/axis2/trunk/c/rampart/src/omxmlsec/axiom.c Wed Aug 9 22:01:27 2006 @@ -89,7 +89,6 @@ namestr = AXIS2_QNAME_GET_LOCALPART(qname, env); ret_name = AXIS2_STRCMP(namestr, name) ; - printf("oxs_axiom_check_node_name\n Node: %s\n Name: %s\n",namestr, name); if(ret_name < 0) return 0; Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/buffer.c URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/buffer.c?rev=430242&r1=430241&r2=430242&view=diff ============================================================================== --- webservices/axis2/trunk/c/rampart/src/omxmlsec/buffer.c (original) +++ webservices/axis2/trunk/c/rampart/src/omxmlsec/buffer.c Wed Aug 9 22:01:27 2006 @@ -228,7 +228,7 @@ ret = oxs_buffer_set_max_size(env, buf, size); if(ret < 0) { oxs_error(ERROR_LOCATION, OXS_ERROR_INVALID_DATA, - ""); + "oxs_buffer_set_max_size failed"); return(-1); } buf->size = size; @@ -248,8 +248,6 @@ } if(size <= buf->max_size) { - oxs_error(ERROR_LOCATION, OXS_ERROR_INVALID_DATA, - ""); return(0); } Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/enc_engine.c URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/enc_engine.c?rev=430242&r1=430241&r2=430242&view=diff ============================================================================== --- webservices/axis2/trunk/c/rampart/src/omxmlsec/enc_engine.c (original) +++ webservices/axis2/trunk/c/rampart/src/omxmlsec/enc_engine.c Wed Aug 9 22:01:27 2006 @@ -21,6 +21,9 @@ #include #include #include +#include +#include +#include #include #include #include @@ -31,6 +34,111 @@ #include #include +AXIS2_EXTERN axis2_status_t AXIS2_CALL +oxs_get_encrypted_key(const axis2_env_t *env, + axiom_node_t *enc_key_node, + oxs_key_ptr session_key) +{ + axis2_char_t *key_enc_algo = NULL, *encrypted_key_value = NULL, *decoded_encrypted_key = NULL; + axiom_node_t *enc_method_node = NULL, *cd_node = NULL, *cv_node = NULL; + axis2_status_t status = AXIS2_FAILURE; + oxs_buffer_ptr encrypted_key_buf = NULL, decrypted_key_buf = NULL; + /*Verify*/ + if(!enc_key_node){ + oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, + "Passed encrypted key is NULL"); + return AXIS2_FAILURE; + } + + enc_method_node = oxs_axiom_get_first_child_node_by_name(env, enc_key_node, OXS_NodeEncryptionMethod, NULL, NULL); + if(!enc_method_node){ + oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, + "Cannot find EncryptionMethodElement"); + return AXIS2_FAILURE; + } + + key_enc_algo = oxs_token_get_encryption_method(env, enc_method_node); + if(!key_enc_algo){ + /*If not found use default*/ + key_enc_algo = OXS_DEFAULT_KT_ALGO_HREF; + } + + cd_node = oxs_axiom_get_first_child_node_by_name(env, enc_key_node, OXS_NodeCipherData, NULL, NULL); + if(!cd_node){ + oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, + "Cannot find CipherData element"); + return AXIS2_FAILURE; + } + + cv_node = oxs_axiom_get_first_child_node_by_name(env, cd_node, OXS_NodeCipherValue, NULL, NULL); + if(!cv_node){ + oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, + "Cannot find CipherValue element"); + return AXIS2_FAILURE; + } + /*Encrypted key*/ + encrypted_key_value = oxs_token_get_cipher_value(env, cv_node); + + /*Create buffers for decryption*/ + encrypted_key_buf = oxs_create_buffer(env, AXIS2_STRLEN(encrypted_key_value)); + encrypted_key_buf->data = (unsigned char *)encrypted_key_value; + decrypted_key_buf = oxs_create_buffer(env, OXS_BUFFER_INITIAL_SIZE); + + /*Decrypt the encrypted key*/ + status = oxs_prvkey_decrypt_data(env, encrypted_key_buf, decrypted_key_buf, session_key->name); + if(status == AXIS2_FAILURE){ + oxs_error(ERROR_LOCATION, OXS_ERROR_INVALID_DATA, + "oxs_prvkey_decrypt_data failed"); + return AXIS2_FAILURE; + } + /*Create the session key*/ + /*Trim data to the key size*/ + session_key->data = AXIS2_STRMEMDUP(decrypted_key_buf->data, decrypted_key_buf->size, env); + session_key->size = decrypted_key_buf->size; + session_key->usage = OXS_KEY_USAGE_DECRYPT; + + /*printf("\n>>>>>>>>decrypted session_key %s\n", session_key->data);*/ + return session_key; +} + +/*Decrypt data using the private key*/ +AXIS2_EXTERN axis2_status_t AXIS2_CALL +oxs_prvkey_decrypt_data(const axis2_env_t *env, oxs_buffer_ptr input, oxs_buffer_ptr result, axis2_char_t *filename) +{ + evp_pkey_ptr prvk = NULL; + axis2_char_t *encoded_encrypted_str = NULL, *decoded_encrypted_str = NULL; + unsigned char *decrypted = NULL; + int ret, declen; + + /*First do base64 decode*/ + decoded_encrypted_str = AXIS2_MALLOC(env->allocator, axis2_base64_decode_len( (char*)(input->data))); + ret = axis2_base64_decode(decoded_encrypted_str, (char*)(input->data)); + + + /*Load the private _key*/ + prvk = evp_pkey_load(env, filename, ""); + if(!prvk){ + oxs_error(ERROR_LOCATION, OXS_ERROR_INVALID_DATA, + "cannot load the private key from the file %s", filename); + return AXIS2_FAILURE; + + } + + /*Now we support only rsa*/ + declen = openssl_rsa_prv_decrypt(env, prvk, (unsigned char *)decoded_encrypted_str, &decrypted); + if(declen < 0 ){ + oxs_error(ERROR_LOCATION, OXS_ERROR_INVALID_DATA, + "decryption failed"); + return AXIS2_FAILURE; + + } + + result->data = decrypted; + result->size = declen; + + return AXIS2_SUCCESS; +} + /*TODO better to have pk_ctx instead of individual parameters like filename, algorithm*/ AXIS2_EXTERN axis2_status_t AXIS2_CALL @@ -192,7 +300,8 @@ result->data = (unsigned char*)AXIS2_STRDUP(encoded_str, env); }else if(enc_ctx->operation == oxs_operation_decrypt){ result->size = enclen; - result->data = (unsigned char*)AXIS2_STRDUP(out_main_buf, env); + result->data = AXIS2_STRMEMDUP(out_main_buf, enclen, env); + }else{ oxs_error(ERROR_LOCATION, OXS_ERROR_INVALID_DATA, "Invalid operation type %d", enc_ctx->operation); @@ -273,7 +382,7 @@ ret = oxs_enc_encryption_data_node_read(env, enc_ctx, template_node); if(ret != AXIS2_SUCCESS){ oxs_error(ERROR_LOCATION, OXS_ERROR_INVALID_DATA, - "openssl_block_cipher_crypt failed"); + "reading encrypted data failed"); return ret; } @@ -287,8 +396,8 @@ ret = oxs_enc_crypt(env, enc_ctx, input, result ); if(ret != AXIS2_SUCCESS){ - oxs_error(ERROR_LOCATION, OXS_ERROR_INVALID_DATA, - "oxs_enc_encrypt failed"); + oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, + "oxs_enc_decrypt failed"); return ret; } Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/rsa.c URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/rsa.c?rev=430242&r1=430241&r2=430242&view=diff ============================================================================== --- webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/rsa.c (original) +++ webservices/axis2/trunk/c/rampart/src/omxmlsec/openssl/rsa.c Wed Aug 9 22:01:27 2006 @@ -50,6 +50,12 @@ OXS_ERROR_DEFAULT, "RAND_bytes failed %d",size ); return AXIS2_FAILURE; } +/**************REMOVE TODO***/ +#if 0 + buf->data = "012345670123456701234567"; + buf->size = 24; +#endif +/***************************/ return AXIS2_SUCCESS; } @@ -94,6 +100,9 @@ pk = PEM_read_bio_PUBKEY(bio, NULL, 0 , password); if(!pk){ /*If there is no key by now its an error*/ + oxs_error(ERROR_LOCATION, OXS_ERROR_ENCRYPT_FAILED, + "Cannot load key from %s", filename); + return NULL; } type = OPENSSL_EVP_KEY_TYPE_PUBLIC_KEY; Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/token_encrypted_key.c URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/token_encrypted_key.c?rev=430242&r1=430241&r2=430242&view=diff ============================================================================== --- webservices/axis2/trunk/c/rampart/src/omxmlsec/token_encrypted_key.c (original) +++ webservices/axis2/trunk/c/rampart/src/omxmlsec/token_encrypted_key.c Wed Aug 9 22:01:27 2006 @@ -51,7 +51,7 @@ AXIS2_EXTERN axiom_node_t* AXIS2_CALL -oxs_token_get_encrypted_key(const axis2_env_t *env, +oxs_token_get_encrypted_key_node(const axis2_env_t *env, axiom_node_t *parent) { axiom_node_t *enc_key_node = NULL; Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/token_reference_list.c URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/token_reference_list.c?rev=430242&r1=430241&r2=430242&view=diff ============================================================================== --- webservices/axis2/trunk/c/rampart/src/omxmlsec/token_reference_list.c (original) +++ webservices/axis2/trunk/c/rampart/src/omxmlsec/token_reference_list.c Wed Aug 9 22:01:27 2006 @@ -19,7 +19,8 @@ #include #include #include - +#include +#include AXIS2_EXTERN axiom_node_t* AXIS2_CALL oxs_token_build_reference_list_element(const axis2_env_t *env, @@ -44,5 +45,42 @@ } return reference_list_node; +} + +AXIS2_EXTERN axis2_array_list_t *AXIS2_CALL +oxs_token_get_reference_list_data(const axis2_env_t *env, axiom_node_t *ref_list_node) +{ + axis2_array_list_t *list = NULL; + axiom_children_qname_iterator_t *iter = NULL; + axiom_element_t *ref_list_ele = NULL; + axis2_qname_t *qname = NULL; + + if(!ref_list_node){ + oxs_error(ERROR_LOCATION, OXS_ERROR_INVALID_DATA, + "reference list node is NULL"); + return NULL; + } + ref_list_ele = AXIOM_NODE_GET_DATA_ELEMENT(ref_list_node, env); + + /*Get children*/ + qname = axis2_qname_create(env, OXS_NodeDataReference, NULL, NULL); + iter = AXIOM_ELEMENT_GET_CHILDREN_WITH_QNAME(ref_list_ele, env, qname, ref_list_node); + AXIS2_QNAME_FREE(qname, env); + qname= NULL; + + list = axis2_array_list_create(env, 0); + + while(AXIS2_TRUE == AXIOM_CHILDREN_QNAME_ITERATOR_HAS_NEXT(iter, env)) + { + axiom_node_t *dref_node = NULL; + axis2_char_t *dref_val = NULL; + + dref_node = AXIOM_CHILDREN_QNAME_ITERATOR_NEXT(iter, env); + dref_val = oxs_token_get_data_reference(env, dref_node); + + AXIS2_ARRAY_LIST_ADD(list, env, dref_val); + } + + return list; } Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_crypto_engine.c URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_crypto_engine.c?rev=430242&r1=430241&r2=430242&view=diff ============================================================================== --- webservices/axis2/trunk/c/rampart/src/util/rampart_crypto_engine.c (original) +++ webservices/axis2/trunk/c/rampart/src/util/rampart_crypto_engine.c Wed Aug 9 22:01:27 2006 @@ -33,59 +33,8 @@ #include #include #include - -AXIS2_EXTERN oxs_key_ptr AXIS2_CALL -rampart_crypto_get_encrypted_key(const axis2_env_t *env, - axiom_node_t *enc_key_node) -{ - oxs_key_ptr session_key = NULL; - axis2_char_t *key_enc_algo = NULL, *encrypted_key_value = NULL; - axiom_node_t *enc_method_node = NULL, *cd_node = NULL, *cv_node = NULL; - - /*Verify*/ - if(!enc_key_node){ - oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, - "Passed encrypted key is NULL"); - return NULL; - } - - - enc_method_node = oxs_axiom_get_first_child_node_by_name(env, enc_key_node, OXS_NodeEncryptionMethod, NULL, NULL); - if(!enc_method_node){ - oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, - "Cannot find EncryptionMethodElement"); - return NULL; - } - - key_enc_algo = oxs_token_get_encryption_method(env, enc_method_node); - if(!key_enc_algo){ - /*If not found use default*/ - key_enc_algo = RAMPART_DEFAULT_KT_ALGO_HREF; - } - - cd_node = oxs_axiom_get_first_child_node_by_name(env, enc_method_node, OXS_NodeCipherData, NULL, NULL); - if(!cd_node){ - oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, - "Cannot find CipherData element"); - return NULL; - } - - cv_node = oxs_axiom_get_first_child_node_by_name(env, cd_node, OXS_NodeCipherValue, NULL, NULL); - if(!cv_node){ - oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, - "Cannot find CipherValue element"); - return NULL; - } - /*Encrypted key*/ - encrypted_key_value = oxs_token_get_cipher_value(env, cv_node); - - /*Decode the encrypted_key_value*/ - - /*Decrypt the encrypted key*/ - - - return session_key; -} +#include +#include AXIS2_EXTERN axis2_status_t AXIS2_CALL @@ -95,21 +44,21 @@ axiom_soap_envelope_t *soap_envelope , axiom_node_t *sec_node) { - axis2_char_t *key = NULL, *key_name = NULL; axis2_status_t ret = AXIS2_FAILURE; axiom_node_t *enc_data_node = NULL; axiom_node_t *body_node = NULL, *header_node = NULL; + axiom_node_t *ref_list_node = NULL; axiom_soap_body_t *body = NULL; axiom_soap_header_t *header = NULL; axis2_char_t *decrypted_data = NULL; enc_ctx_ptr enc_ctx = NULL; axiom_node_t *enc_key_node = NULL; oxs_key_ptr session_key = NULL; + axis2_array_list_t *uuid_list = NULL; + axis2_array_list_t *enc_data_node_list = NULL; ret = AXIS2_SUCCESS;/*TODO Remove*/ /*TODO get the key using callbacks*/ - key = "0123456701234567"; - key_name = "KauKey"; body = AXIOM_SOAP_ENVELOPE_GET_BODY(soap_envelope, env); header = AXIOM_SOAP_ENVELOPE_GET_HEADER(soap_envelope, env); @@ -121,29 +70,36 @@ enc_key_node = oxs_axiom_get_first_child_node_by_name(env, sec_node, OXS_NodeEncryptedKey, NULL, NULL); /*We support only one Encrypted Key element at the moment*/ - session_key = rampart_crypto_get_encrypted_key(env, enc_key_node); - - /*TODO Get the encrypted Node*/ + session_key = oxs_key_create_key(env, "keys/rsakey.pem", NULL, 0, OXS_KEY_USAGE_DECRYPT); + ret = oxs_get_encrypted_key(env, enc_key_node, session_key); + if(ret == AXIS2_FAILURE){ + oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, + "Cannot get the encrypted key"); + return ret; + } + /*Ohh yeah... now we got the seesion key, which is used encrypt data referred by the reference list*/ + ref_list_node = oxs_axiom_get_first_child_node_by_name(env, enc_key_node, OXS_NodeReferenceList, NULL, NULL); + if(!ref_list_node){ + oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, + "Cannot get the ReferenceList node"); + return ret; - /*TODO Decrypt the encrypted data using the decrypted session key*/ + } + uuid_list = oxs_token_get_reference_list_data(env, ref_list_node); + + /*TODO Get the encrypted node(s). Right now we support only one. To support more than one EncryptedData element use the uuid_list*/ + + enc_data_node = oxs_axiom_get_first_child_node_by_name(env, body_node, OXS_NodeEncryptedData, NULL, NULL); + /*TODO We assume that the very first element of bpody is encrypted data. This might be different if a sub element is encrypted*/ - enc_data_node = AXIOM_NODE_GET_FIRST_CHILD(body_node, env); -/* ret = oxs_axiom_check_node_name(env, enc_data_node, OXS_NodeEncryptedData, NULL); - if(ret){ - oxs_error(ERROR_LOCATION, OXS_ERROR_DECRYPT_FAILED, - "EncryptedData node searching failed." ); - return ret; - - } -*/ /*Build the encryption ctx*/ enc_ctx = oxs_ctx_create_ctx(env); /*Set the key*/ - enc_ctx->key = oxs_key_create_key(env, key_name, (unsigned char*)key, AXIS2_STRLEN(key), OXS_KEY_USAGE_DECRYPT); + enc_ctx->key = session_key ; /*oxs_key_create_key(env, "noname", "012345670123456701234567", 24, OXS_KEY_USAGE_DECRYPT);*/ ret = oxs_enc_decrypt_template(env, enc_data_node, &decrypted_data, enc_ctx); if(ret == AXIS2_FAILURE){ @@ -151,7 +107,7 @@ "oxs_enc_decrypt_template failed"); return ret; }else{ - printf("Decrypted data is \n %s", decrypted_data); + printf("\nDecrypted data is \n %s\n\n", decrypted_data); } /*Create a stream reader and then build the node using decrypted text*/ @@ -171,7 +127,7 @@ axiom_node_t *node_to_enc = NULL, *body_node = NULL, *header_node = NULL; /*EncryptedData*/ axiom_node_t *enc_data_node = NULL, *enc_mtd_node = NULL, *key_info_node = NULL, *key_name_node = NULL; - axiom_node_t *cv_node = NULL, *cd_node = NULL; + axiom_node_t *cv_node = NULL, *cd_node = NULL, *enc_key_ref_list_node = NULL, *enc_key_data_ref_node = NULL; /*EncryptedKey*/ axiom_node_t *enc_key_node = NULL, *enc_key_enc_mtd_node = NULL, *enc_key_key_info_node = NULL, *enc_key_key_name_node = NULL; axiom_node_t *enc_key_cv_node = NULL, *enc_key_cd_node = NULL; @@ -182,7 +138,7 @@ actions_ptr actions= NULL; oxs_key_ptr sessionkey = NULL; oxs_buffer_ptr session_key_buf_plain = NULL, session_key_buf_encrypted = NULL; - + axis2_char_t* uuid = NULL; /*Populate actions*/ actions = oxs_ctx_create_actions_ptr(env); @@ -201,12 +157,8 @@ return AXIS2_FAILURE; } sessionkey->name = "sessionkey"; + /*printf("\nsession_key for encryption = %s\n", sessionkey->data);*/ - - /*TODO get the key using callbacks*/ -/* key = "0123456701234567"; - key_name = "KauKey"; -*/ body = AXIOM_SOAP_ENVELOPE_GET_BODY(soap_envelope, env); header = AXIOM_SOAP_ENVELOPE_GET_HEADER(soap_envelope, env); @@ -214,7 +166,11 @@ header_node = AXIOM_SOAP_HEADER_GET_BASE_NODE(header, env); - /*TODO Get the node to be encrypted*/ + /*TODO Get the node to be encrypted. As per encryptionParts in the OutflowSecurity*/ + + /*TODO Generate uuid for the EncryptedDataNode*/ + uuid = "EncDataId-34526"; + /*If non is specified we encrypt the first element of the Body element*/ if(!node_to_enc){ node_to_enc = AXIOM_NODE_GET_FIRST_CHILD(body_node, env); @@ -223,11 +179,11 @@ str_to_enc = AXIOM_NODE_TO_STRING(node_to_enc, env); /*Build the template*/ - /*NOTE : Here I pass body_node as the parent. Might be a prob :(*/ + enc_data_node = oxs_token_build_encrypted_data_element(env, AXIOM_NODE_GET_PARENT(node_to_enc, env), OXS_TypeEncElement, - "EncDataId-12345" ); + uuid ); enc_mtd_node = oxs_token_build_encryption_method_element(env, enc_data_node, OXS_HrefDes3Cbc); key_info_node = oxs_token_build_key_info_element(env, enc_data_node); key_name_node = oxs_token_build_key_name_element(env, key_info_node, sessionkey->name ); @@ -247,9 +203,11 @@ "oxs_enc_encrypt_template failed"); return ret; }else{ - printf("Encryption template is \n %s", AXIOM_NODE_TO_STRING(enc_data_node, env)); + /*printf("Encryption template is \n %s", AXIOM_NODE_TO_STRING(enc_data_node, env));*/ } + + /*Encrypt the session key using the public key TODO*/ /*Here u have the key file name or the key store name. Right now we support only the key file name*/ session_key_buf_plain = oxs_string_to_buffer(env, (axis2_char_t*)sessionkey->data); @@ -263,17 +221,17 @@ } - /*Create the key info*/ - /*axiom_node_t *enc_key_node = NULL, *enc_key_enc_mtd_node = NULL, *enc_key_key_info_node = NULL, *enc_key_key_name_node = NULL; - axiom_node_t *enc_key_cv_node = NULL, *enc_key_cd_node = NULL;*/ enc_key_node = oxs_token_build_encrypted_key_element(env,sec_node ); enc_key_enc_mtd_node = oxs_token_build_encryption_method_element(env, enc_key_node, actions->encryption_key_transport_algorithm); enc_key_key_info_node = oxs_token_build_key_info_element(env, enc_key_node ); enc_key_key_name_node = oxs_token_build_key_name_element(env, enc_key_key_info_node,"hard-coded-key-name" ); enc_key_cd_node = oxs_token_build_cipher_data_element(env, enc_key_node); enc_key_cv_node = oxs_token_build_cipher_value_element(env, enc_key_cd_node, (axis2_char_t*)session_key_buf_encrypted->data); - + enc_key_ref_list_node = oxs_token_build_reference_list_element(env, enc_key_node); + /*TODO If there are multiple elements encrypted by the same session key, enqueue those here*/ + enc_key_data_ref_node = oxs_token_build_data_reference_element(env, enc_key_ref_list_node, uuid); + /*Remove the encrypted node*/ /*temp = AXIOM_NODE_DETACH(node_to_enc, env); if(!temp){ @@ -283,7 +241,9 @@ } */ /*Now arrange this encrypted nodes in a suitable manner to the envelope*/ - + + /*FREE*/ + oxs_ctx_free_ctx(enc_ctx); return ret; } Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_util.c URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_util.c?rev=430242&r1=430241&r2=430242&view=diff ============================================================================== --- webservices/axis2/trunk/c/rampart/src/util/rampart_util.c (original) +++ webservices/axis2/trunk/c/rampart/src/util/rampart_util.c Wed Aug 9 22:01:27 2006 @@ -76,6 +76,6 @@ AXIS2_EXTERN axis2_status_t AXIS2_CALL rampart_print_info(const axis2_env_t *env, axis2_char_t* info) { - /*printf("[rampart]: %s\n", info);*/ + printf("[rampart]: %s\n", info); return AXIS2_SUCCESS; } --------------------------------------------------------------------- To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org For additional commands, e-mail: axis-cvs-help@ws.apache.org