axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kausha...@apache.org
Subject svn commit: r503546 - in /webservices/axis2/scratch/c/security-policy/c/rampart: include/ src/secpolicy/builder/ src/secpolicy/model/ src/secpolicy/test-resources/ src/util/
Date Mon, 05 Feb 2007 04:14:25 GMT
Author: kaushalye
Date: Sun Feb  4 20:14:24 2007
New Revision: 503546

URL: http://svn.apache.org/viewvc?view=rev&rev=503546
Log:
Applying the patch in AXIS2C-488 Jira.

Modified:
    webservices/axis2/scratch/c/security-policy/c/rampart/include/oxs_constants.h
    webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_constants.h
    webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h
    webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h
    webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_secpolicy.h
    webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/algorithmsuite_builder.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/binding_commons_builder.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/layout_builder.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/asymmetric_binding.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/layout.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/x509_token.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/test-resources/2.xml
    webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_handler_util.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/oxs_constants.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/oxs_constants.h?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/oxs_constants.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/oxs_constants.h Sun Feb
 4 20:14:24 2007
@@ -318,7 +318,9 @@
 #define OXS_STR_KEY_IDENTIFIER "KeyIdentifier"
 #define OXS_STR_EMBEDDED "Embedded"
 #define OXS_STR_ISSUER_SERIAL "IssuerSerial"
-
+#define OXS_STR_THUMB_PRINT "ThumbPrint"    
+#define OXS_STR_EXTERNAL_URI "ExternalUri"
+#define OXS_STR_ENCRYPTED_KEY "Encryptedkey"
 /*************************************************************************/
 
 

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_constants.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_constants.h?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_constants.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_constants.h Sun
Feb  4 20:14:24 2007
@@ -24,6 +24,8 @@
   * @brief Holds constants for rampart
   */
 
+#include <oxs_constants.h>
+
 #ifdef __cplusplus
 extern "C"
 {
@@ -157,6 +159,9 @@
 #define RAMPART_STR_KEY_IDENTIFIER      OXS_STR_KEY_IDENTIFIER
 #define RAMPART_STR_EMBEDDED            OXS_STR_EMBEDDED
 #define RAMPART_STR_ISSUER_SERIAL       OXS_STR_ISSUER_SERIAL
+#define RAMPART_STR_THUMB_PRINT         OXS_STR_THUMB_PRINT
+#define RAMPART_STR_EXTERNAL_URI        OXS_STR_EXTERNAL_URI
+#define RAMPART_STR_ENCRYPTED_KEY       OXS_STR_ENCRYPTED_KEY
 
 #ifdef __cplusplus
 }

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h Sun Feb
 4 20:14:24 2007
@@ -96,12 +96,44 @@
             axiom_soap_envelope_t *soap_envelope,
             axis2_array_list_t *nodes_to_encrypt);
 
-    AXIS2_EXTERN int AXIS2_CALL 
-    rampart_context_check_token_type(
+    AXIS2_EXTERN rp_property_t *AXIS2_CALL 
+    rampart_context_get_token(
             rampart_context_t *rampart_context,
             const axis2_env_t *env,
             axis2_bool_t for_encryption,
             axis2_bool_t server_side);
+        
+    AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+    rampart_context_check_is_derived_keys(
+            const axis2_env_t *env,
+            rp_property_t *token);
+ 
+    AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+    rampart_context_get_enc_sym_algo(
+            rampart_context_t *rampart_context,
+            const axis2_env_t *env);
+
+    AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+    rampart_context_get_enc_asym_algo(
+            rampart_context_t *rampart_context,
+            const axis2_env_t *env);
+
+    AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+    rampart_context_get_encryption_prop_file(
+            rampart_context_t *rampart_context,
+            const axis2_env_t *env);
+
+    AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+    rampart_context_get_encryption_user(
+            rampart_context_t *rampart_context,
+            const axis2_env_t *env);
+
+    AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+    rampart_context_get_enc_key_identifier(
+            rampart_context_t *rampart_context,
+            rp_property_t *token,
+            axis2_bool_t server_side,
+            const axis2_env_t *env);
 
 
 #ifdef __cplusplus

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h Sun
Feb  4 20:14:24 2007
@@ -46,7 +46,6 @@
 rampart_enc_encrypt_message(const axis2_env_t *env,
     axis2_msg_ctx_t *msg_ctx,
     rampart_context_t *rampart_context,
-    rampart_actions_t *actions,
     axiom_soap_envelope_t *soap_envelope,
     axiom_node_t *sec_node);
 

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_secpolicy.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_secpolicy.h?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_secpolicy.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_secpolicy.h Sun Feb 
4 20:14:24 2007
@@ -31,6 +31,8 @@
 #include <rp_signed_encrypted_elements.h>
 #include <rp_supporting_tokens.h>
 #include <rp_rampart_config.h>
+#include <rp_wss10.h>
+#include <rp_wss11.h>
 
 #ifdef __cplusplus
 extern "C"

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/algorithmsuite_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/algorithmsuite_builder.c?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/algorithmsuite_builder.c
(original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/algorithmsuite_builder.c
Sun Feb  4 20:14:24 2007
@@ -46,9 +46,6 @@
 
     if(algorithmsuite)
     {
-        algorithm_suite = rp_algorithmsuite_create(env);
-        if(!algorithm_suite)
-            return NULL;
         policy = AXIOM_NODE_GET_FIRST_CHILD(algorithmsuite,env);
         if(policy)
         {
@@ -62,7 +59,11 @@
                     {
                         algosuite_string = AXIOM_ELEMENT_GET_LOCALNAME(name_ele, env);
                         if(algosuite_string)
-                        {                            
+                        {   
+                            algorithm_suite = rp_algorithmsuite_create(env);
+                            if(!algorithm_suite)
+                                return NULL;
+                            
                             status = rp_algorithmsuite_builder_set_algosuite(name,name_ele,algosuite_string,algorithm_suite,env);
                                      if(status!=AXIS2_SUCCESS)
                             {
                                 rp_algorithmsuite_free(algorithm_suite,env);

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/binding_commons_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/binding_commons_builder.c?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/binding_commons_builder.c
(original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/binding_commons_builder.c
Sun Feb  4 20:14:24 2007
@@ -45,7 +45,8 @@
                 rp_binding_commons_set_algorithmsuite(commons,env,algo_suite);
                 printf("%s\n",local_name);    
                 return AXIS2_SUCCESS;
-            }                
+            } 
+            else return AXIS2_FAILURE;
         }
         return AXIS2_FAILURE;
     }        
@@ -60,7 +61,8 @@
                 rp_binding_commons_set_layout(commons,env,layout);
                 printf("%s\n",local_name);
                 return AXIS2_SUCCESS;
-            }                
+            } 
+            else return AXIS2_FAILURE;
         }
         return AXIS2_FAILURE;
     }        

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/layout_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/layout_builder.c?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/layout_builder.c
(original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/builder/layout_builder.c
Sun Feb  4 20:14:24 2007
@@ -28,14 +28,12 @@
     axiom_node_t *name = NULL;
     axiom_element_t *name_ele = NULL;
     axis2_char_t * value = NULL;
+    axis2_status_t status = AXIS2_SUCCESS;
 
     AXIS2_ENV_CHECK(env,NULL);
 
     if(layout)
     {
-        lay_out = rp_layout_create(env);
-        if(!lay_out)
-            return NULL;
         policy = AXIOM_NODE_GET_FIRST_CHILD(layout,env);
         if(policy)
         {
@@ -49,7 +47,18 @@
                     {
                         value = AXIOM_ELEMENT_GET_LOCALNAME(name_ele, env);
                         if(value)
-                            rp_layout_builder_set_value(name,name_ele,value,lay_out,env);

+                        {
+                            lay_out = rp_layout_create(env);
+                            if(!lay_out)
+                                return NULL;
+                           
+                            status = rp_layout_builder_set_value(name,name_ele,value,lay_out,env);

+                            if(status!=AXIS2_SUCCESS)
+                            {
+                                rp_layout_free(lay_out,env);
+                                layout = NULL;
+                            }
+                        }                            
                     }
                 }
             }

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/asymmetric_binding.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/asymmetric_binding.c?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/asymmetric_binding.c
(original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/asymmetric_binding.c
Sun Feb  4 20:14:24 2007
@@ -126,14 +126,9 @@
 {
     AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
     AXIS2_PARAM_CHECK(env->error,initiator_token,AXIS2_FAILURE);
-    if(!asymmetric_binding->initiator_token)
-    {
-        return AXIS2_FAILURE;
-    }
     asymmetric_binding->initiator_token =initiator_token; 
-
     return AXIS2_SUCCESS;
-    
+
 }
 
 AXIS2_EXTERN axis2_status_t AXIS2_CALL 
@@ -144,12 +139,8 @@
 {
     AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
     AXIS2_PARAM_CHECK(env->error,recipient_token,AXIS2_FAILURE);
-    if(!asymmetric_binding->recipient_token)
-    {
-        return AXIS2_FAILURE;
-    }
+    
     asymmetric_binding->recipient_token = recipient_token; 
-
     return AXIS2_SUCCESS;
     
 }

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/layout.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/layout.c?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/layout.c (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/layout.c Sun
Feb  4 20:14:24 2007
@@ -37,7 +37,7 @@
         AXIS2_ERROR_SET(env->error, AXIS2_ERROR_NO_MEMORY, AXIS2_FAILURE);
         return NULL;
     }
-    layout->value = RP_LAYOUT_LAX;
+    layout->value = RP_LAYOUT_STRICT;
     return layout;
 
 }

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/x509_token.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/x509_token.c?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/x509_token.c
(original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/model/x509_token.c
Sun Feb  4 20:14:24 2007
@@ -74,7 +74,7 @@
 /* Implementations */
 
 AXIS2_EXTERN axis2_char_t *AXIS2_CALL 
-rp_x509_token_get_inclsion(rp_x509_token_t *x509_token,
+rp_x509_token_get_inclusion(rp_x509_token_t *x509_token,
             const axis2_env_t *env)
 {
     AXIS2_ENV_CHECK(env, NULL);

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/test-resources/2.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/test-resources/2.xml?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/test-resources/2.xml
(original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/secpolicy/test-resources/2.xml
Sun Feb  4 20:14:24 2007
@@ -14,7 +14,7 @@
 					</sp:InitiatorToken>
 					<sp:RecipientToken>
 						<wsp:Policy>
-							<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+							<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
 								<wsp:Policy>
 									<sp:WssX509V3Token10/>
 								</wsp:Policy>
@@ -23,7 +23,7 @@
 					</sp:RecipientToken>
 					<sp:AlgorithmSuite>
 						<wsp:Policy>
-							<sp:Basic256/>
+							<sp:Basic256Rsa15/>
 						</wsp:Policy>
 					</sp:AlgorithmSuite>
 					<sp:Layout>
@@ -31,7 +31,8 @@
 							<sp:Strict/>
 						</wsp:Policy>
 					</sp:Layout>
-					<sp:IncludeTimestamp/>
+                    <sp:IncludeTimestamp/>
+                    <sp:EncryptBeforeSigning/>
 					<sp:OnlySignEntireHeadersAndBody/>
 				</wsp:Policy>
             </sp:AsymmetricBinding>
@@ -42,23 +43,22 @@
             </sp:SignedSupportingTokens>
 			<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 				<wsp:Policy>
-					<sp:MustSupportRefKeyIdentifier/>
 					<sp:MustSupportRefIssuerSerial/>
 				</wsp:Policy>
 			</sp:Wss10>
-			<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+			<sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 				<sp:Body/>
-            </sp:SignedParts>
+            </sp:EncryptedParts>
             <rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy">
                 <rampc:user>Gampola</rampc:user>
-                <rampc:encryptionUser>bob</rampc:encryptionUser>
+                <rampc:encryptionUser>a</rampc:encryptionUser>
                 <rampc:passwordType>Digest</rampc:passwordType>
                 <rampc:passwordCallbackClass>/home/manjula/axis2/scratch/security-policy/c/deploy/bin/samples/rampart/callback/libpwcb.so</rampc:passwordCallbackClass>
                 <rampc:signatureCrypto>
                     <rampc:signaturePropFile>/home/manjula/axis2/c/rampart/samples/keys/ahome/b_cert.cert</rampc:signaturePropFile>
                 </rampc:signatureCrypto>
                 <rampc:encryptionCypto>
-                    <rampc:encryptionPropFile>/home/manjula/axis2/c/rampart/samples/keys/ahome/b_cert.cert</rampc:encryptionPropFile>
+                    <rampc:encryptionPropFile>/home/manjula/axis2/scratch/security-policy/c/rampart/samples/keys/ahome/b_cert.cert</rampc:encryptionPropFile>
                     <rampc:decryptionPropFile>/home/manjula/axis2/c/rampart/samples/keys/ahome/a_store.pfx</rampc:decryptionPropFile>
                 </rampc:encryptionCypto>
         </rampc:RampartConfig>

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c Sun Feb
 4 20:14:24 2007
@@ -16,6 +16,7 @@
  */
 
 #include <rampart_context.h>
+#include <rampart_constants.h>
 #include <oxs_axiom.h>
 
 
@@ -55,6 +56,10 @@
     axiom_soap_envelope_t *soap_envelope,
     axis2_array_list_t *nodes_to_encrypt);
 
+axis2_char_t *AXIS2_CALL
+rampart_context_get_key_identifier_from_wss(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env);
 
 
 
@@ -385,6 +390,82 @@
     return AXIS2_FAILURE;
 }
 
+rp_algorithmsuite_t *AXIS2_CALL 
+rampart_context_get_algorithmsuite(
+        rampart_context_t *rampart_context,
+        const axis2_env_t *env)
+{
+    rp_binding_commons_t *binding_commons = NULL;
+
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+    binding_commons = rampart_context_get_binding_commons(rampart_context,env);
+
+    if(!binding_commons)
+        return AXIS2_FALSE;
+
+    return rp_binding_commons_get_algorithmsuite(binding_commons,env);
+}
+
+axis2_char_t *AXIS2_CALL 
+rampart_context_get_key_identifier_from_wss(
+        rampart_context_t *rampart_context,
+        const axis2_env_t *env)
+{
+    rp_property_t *wss = NULL;
+    axis2_char_t *identifier = NULL;
+             
+    wss = rp_secpolicy_get_wss(rampart_context->secpolicy,env);
+    if(!wss)
+        return NULL;    
+
+    if(rp_property_get_type(wss,env)==RP_WSS_WSS10)
+    {
+        rp_wss10_t *wss10 = NULL;
+        wss10 = rp_property_get_value(wss,env);
+        if(!wss10)
+            return NULL;
+            
+        if(rp_wss10_get_must_support_ref_key_identifier(wss10,env))
+            identifier = RAMPART_STR_KEY_IDENTIFIER;
+        else if(rp_wss10_get_must_support_ref_issuer_serial(wss10,env))
+            identifier = RAMPART_STR_ISSUER_SERIAL;
+        else if(rp_wss10_get_must_support_ref_external_uri(wss10,env))
+            identifier = RAMPART_STR_EXTERNAL_URI;
+        else if(rp_wss10_get_must_support_ref_embedded_token(wss10,env))
+            identifier = RAMPART_STR_EMBEDDED;
+        else
+            identifier = RAMPART_STR_DIRECT_REFERENCE;
+        
+        return identifier;                                         
+    }
+    else if(rp_property_get_type(wss,env)==RP_WSS_WSS10)
+    {
+        rp_wss11_t *wss11 = NULL;
+        wss11 = rp_property_get_value(wss,env);
+        if(!wss11)
+            return NULL;
+            
+        if(rp_wss11_get_must_support_ref_key_identifier(wss11,env))
+            identifier = RAMPART_STR_KEY_IDENTIFIER;
+        else if(rp_wss11_get_must_support_ref_issuer_serial(wss11,env))
+            identifier = RAMPART_STR_ISSUER_SERIAL;
+        else if(rp_wss11_get_must_support_ref_external_uri(wss11,env))
+            identifier = RAMPART_STR_EXTERNAL_URI;
+        else if(rp_wss11_get_must_support_ref_embedded_token(wss11,env))
+            identifier = RAMPART_STR_EMBEDDED;
+        else if(rp_wss11_get_must_support_ref_thumbprint(wss11,env))
+            identifier = RAMPART_STR_THUMB_PRINT;
+        else if(rp_wss11_get_must_support_ref_encryptedkey(wss11,env))
+            identifier = RAMPART_STR_ENCRYPTED_KEY;
+        else
+            identifier = RAMPART_STR_DIRECT_REFERENCE;                                  
      
+
+        return identifier;
+    }
+    else return NULL;
+} 
+
 
 AXIS2_EXTERN axis2_bool_t AXIS2_CALL
 rampart_context_is_include_timestamp(
@@ -504,7 +585,7 @@
     else
     {
         protection_order = rp_symmetric_asymmetric_binding_commons_get_protection_order(sym_asym_commons,env);
      
-        if(!protection_order)
+        if(!protection_order || AXIS2_STRCMP(protection_order,RP_SIGN_BEFORE_ENCRYPTING)==0)
             return AXIS2_FALSE;
  
         else if(AXIS2_STRCMP(protection_order,RP_ENCRYPT_BEFORE_SIGNING)==0)
@@ -586,8 +667,8 @@
     return AXIS2_FAILURE;
 }
 
-AXIS2_EXTERN int AXIS2_CALL 
-rampart_context_check_token_type(
+AXIS2_EXTERN rp_property_t *AXIS2_CALL 
+rampart_context_get_token(
         rampart_context_t *rampart_context,
         const axis2_env_t *env,
         axis2_bool_t for_encryption,
@@ -596,71 +677,57 @@
     rp_property_t *binding = NULL;
     binding = rp_secpolicy_get_binding(rampart_context->secpolicy,env);
     if(!binding)
-        return -1;
+        return NULL;
 
     if(rp_property_get_type(binding,env)==RP_BINDING_ASYMMETRIC)
     {
         rp_asymmetric_binding_t *asym_binding = NULL;
+        printf("Inside Binding Asymmetric\n");
         asym_binding = (rp_asymmetric_binding_t *)rp_property_get_value(binding,env);
         if(asym_binding)
         {
-            rp_property_t *token = NULL;
             if((for_encryption && server_side) || (!for_encryption && !server_side))
             {
-                token = rp_asymmetric_binding_get_initiator_token(asym_binding,env);
-                if(!token)
-                    return -1;
-                else
-                    return rp_property_get_type(token,env);        
+                printf("Getting Initiator Token\n");
+                return rp_asymmetric_binding_get_initiator_token(asym_binding,env);
             }    
             else if((for_encryption && !server_side) || (!for_encryption &&
server_side))
             {
-                token = rp_asymmetric_binding_get_recipient_token(asym_binding,env);
-                if(!token)
-                    return -1;
-                else
-                    return rp_property_get_type(token,env);
+                printf("Getting Recipient Token\n");
+                return rp_asymmetric_binding_get_recipient_token(asym_binding,env);
             }
-            else return -1;
+            else return NULL;
         }
         else
-            return -1;
+            return NULL;
     }
     /*In symmetric binding same tokens are used in the client and server sides.*/
     else if(rp_property_get_type(binding,env)==RP_BINDING_SYMMETRIC)
     {
         rp_symmetric_binding_t *sym_binding = NULL;
+        rp_property_t *token = NULL;
         sym_binding = (rp_symmetric_binding_t *)rp_property_get_value(binding,env);
         if(sym_binding)
         {
-            rp_property_t *token = NULL;
             /*First check protection tokens have being specified.*/
             token = rp_symmetric_binding_get_protection_token(sym_binding,env);
             if(token)
-                return rp_property_get_type(token,env);    
+                return token;    
             
             else
             {
                 if(for_encryption)
                 {
-                    token = rp_symmetric_binding_get_encryption_token(sym_binding,env);
-                    if(!token)
-                        return -1;
-                    else
-                        return rp_property_get_type(token,env);
+                    return rp_symmetric_binding_get_encryption_token(sym_binding,env);
                 }
                 else
                 {
-                    token = rp_symmetric_binding_get_signature_token(sym_binding,env);
-                    if(!token)
-                        return -1;
-                    else
-                        return rp_property_get_type(token,env);
+                    return rp_symmetric_binding_get_signature_token(sym_binding,env);
                 }
             }
         }
         else
-            return -1;
+            return NULL;
     }
     else if(rp_property_get_type(binding,env)==RP_BINDING_TRANSPORT)
     {
@@ -668,15 +735,142 @@
         transport_binding = (rp_transport_binding_t *)rp_property_get_value(binding,env);
         if(transport_binding)
         {
-            rp_property_t *token = NULL;
-            token = rp_transport_binding_get_transport_token(transport_binding,env);
-            if(token)
-                return rp_property_get_type(token,env);
-            else return -1;
+            return rp_transport_binding_get_transport_token(transport_binding,env);
         }
-        else return -1;                    
+        else return NULL;                    
     }
-    else return -1;
+    else return NULL;
+}
 
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_check_is_derived_keys(
+    const axis2_env_t *env,
+    rp_property_t *token)
+{
+    if(rp_property_get_type(token,env)==RP_TOKEN_X509)
+    {
+        rp_x509_token_t *x509_token = NULL;
+        x509_token = (rp_x509_token_t *)rp_property_get_value(token,env);
+        return rp_x509_token_get_derivedkeys(x509_token,env);
+    }        
+    /*This can be extended when we are supporting other token types.*/
+    else
+        return AXIS2_FALSE;        
 }
 
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_enc_sym_algo(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_algorithmsuite_t *algosuite = NULL;
+  
+    algosuite = rampart_context_get_algorithmsuite(rampart_context,env); 
+    if(algosuite)
+    {
+        return rp_algorithmsuite_get_encryption(algosuite,env);
+    }
+    else
+        return NULL;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_enc_asym_algo(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_algorithmsuite_t *algosuite = NULL;
+  
+    algosuite = rampart_context_get_algorithmsuite(rampart_context,env); 
+    if(algosuite)
+    {
+        return rp_algorithmsuite_get_asymmetrickeywrap(algosuite,env);
+    }
+    else
+        return NULL;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_encryption_prop_file(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_rampart_config_t *rampart_config = NULL;
+    rp_encryption_crypto_t *enc_crypto = NULL;
+
+    rampart_config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
+    if(rampart_config)
+    {
+        enc_crypto = rp_rampart_config_get_encryption_crypto(rampart_config,env);
+        if(enc_crypto)
+        {
+            return rp_encryption_crypto_get_encryption_prop_file(enc_crypto,env);
+        }
+        else
+            return NULL;
+    }
+    else
+        return NULL;
+}
+
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_encryption_user(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_rampart_config_t *config = NULL;
+    config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
+    if(!config)
+        return NULL;
+
+    return rp_rampart_config_get_encryption_user(config,env);
+
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_enc_key_identifier(
+    rampart_context_t *rampart_context,
+    rp_property_t *token,
+    axis2_bool_t server_side,
+    const axis2_env_t *env)
+{
+    axis2_char_t *inclusion = NULL;    
+    axis2_bool_t include = AXIS2_TRUE;
+    axis2_char_t *identifier = NULL;
+
+    if(rp_property_get_type(token,env)==RP_TOKEN_X509)
+    {
+        rp_x509_token_t *x509_token = NULL;
+        x509_token = (rp_x509_token_t *)rp_property_get_value(token,env);
+        inclusion = rp_x509_token_get_inclusion(x509_token,env);
+
+        if(server_side)
+            include = ((AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS)==0)||
+                        (AXIS2_STRCMP(inclusion,RP_INCLUDE_ONCE)==0));
+        else
+            include = ((AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS)==0)||
+           (AXIS2_STRCMP(inclusion,RP_INCLUDE_ONCE)==0)||
+           (AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS_TO_RECIPIENT)==0));
+        
+        if(include)
+        {
+           if(rp_x509_token_get_require_key_identifier_reference(x509_token,env))
+                identifier = RAMPART_STR_KEY_IDENTIFIER;
+           else if(rp_x509_token_get_require_issuer_serial_reference(x509_token,env))
+                identifier = RAMPART_STR_ISSUER_SERIAL;                        
+           else if(rp_x509_token_get_require_embedded_token_reference(x509_token,env))
+                identifier = RAMPART_STR_EMBEDDED; 
+           else if(rp_x509_token_get_require_thumb_print_reference(x509_token,env))
+                identifier = RAMPART_STR_THUMB_PRINT;
+           else
+                return rampart_context_get_key_identifier_from_wss(rampart_context,env);
                            
+
+           return identifier;              
+        }
+        else return NULL;
+                            
+    }
+    /*This can be extended when we are supporting other token types.*/
+    else return NULL;
+}

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c Sun
Feb  4 20:14:24 2007
@@ -104,7 +104,6 @@
 rampart_enc_encrypt_message(const axis2_env_t *env,
     axis2_msg_ctx_t *msg_ctx,
     rampart_context_t *rampart_context,
-    rampart_actions_t *actions,
     axiom_soap_envelope_t *soap_envelope,
     axiom_node_t *sec_node)
 {
@@ -119,7 +118,10 @@
     oxs_key_t *session_key = NULL;
     oxs_asym_ctx_t *asym_ctx = NULL;
     axis2_bool_t server_side = AXIS2_FALSE;
-    int token_type = 0;    
+    int token_type = 0;   
+    rp_property_t *token = NULL;
+    axis2_char_t *enc_user = NULL;
+    axis2_char_t *pw_callback_module = NULL;
 
     int i = 0;
     /*Get nodes to be encrypted*/
@@ -134,19 +136,25 @@
         return AXIS2_SUCCESS;
     }                            
     /*Now we have to check whether a token is specified.*/
-    token_type = rampart_context_check_token_type(rampart_context,env,AXIS2_TRUE,server_side);
-    if(token_type == -1)
+    token = rampart_context_get_token(rampart_context,env,AXIS2_TRUE,server_side);
+    if(!token)
     {
         AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] Encryption Token is not
specified");
         return AXIS2_SUCCESS;
-    }        
+    }   
+    token_type = rp_property_get_type(token,env);
     if(token_type != RP_TOKEN_X509)
     {
         AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] We only support X509 tokens");
         return AXIS2_SUCCESS;
     }
+    if(rampart_context_check_is_derived_keys(env,token))
+    {
+        AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] We still do not support
derived keys");
+        return AXIS2_FAILURE;
+    }        
     /*Get the symmetric encryption algorithm*/
-    enc_sym_algo = RAMPART_ACTIONS_GET_ENC_SYM_ALGO(actions, env); 
+    enc_sym_algo = rampart_context_get_enc_sym_algo(rampart_context,env);
     /*If not specified set the default*/
     if(!enc_sym_algo ||  (0 == AXIS2_STRCMP(enc_sym_algo, ""))){
         AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] No symmetric algorithm
is specified for encryption. Using the default");
@@ -193,19 +201,43 @@
         }
     }
     /*Get the asymmetric key encryption algorithm*/
-    enc_asym_algo = RAMPART_ACTIONS_GET_ENC_KT_ALGO(actions, env);
+    enc_asym_algo = rampart_context_get_enc_asym_algo(rampart_context,env);
     /*Get the certificate file name*/
-    certificate_file = RAMPART_ACTIONS_GET_ENC_KEY_FILE(actions, env);
+    certificate_file = rampart_context_get_encryption_prop_file(rampart_context,env);
+
+    
     /*Get the password to retrieve the key from key store*/
-    password = rampart_callback_encuser_password(env, actions, msg_ctx);
+    enc_user = rampart_context_get_encryption_user(rampart_context,env);
+
+    if(!enc_user)
+        enc_user = rampart_context_get_user(rampart_context,env);
+
+    if(!enc_user)
+        return AXIS2_FAILURE;            
+
+    pw_callback_module = rampart_context_get_password_callback_class(rampart_context,env);
+    if(!pw_callback_module)
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] Password call back module
is not specified.");
+        return AXIS2_FAILURE;
+    }        
+
+    password = rampart_callback_password(env, pw_callback_module, enc_user);
+
+/*  password = rampart_callback_encuser_password(env, actions, msg_ctx);*/
     /*Get encryption key identifier*/
-    eki = RAMPART_ACTIONS_GET_ENC_KEY_IDENTIFIER(actions, env);
+    eki = rampart_context_get_enc_key_identifier(rampart_context,token,server_side,env);
+    if(!eki)
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] The token is not needed
for inclusion.");
+        return AXIS2_SUCCESS;
+    }
     /*Create asymmetric encryption context*/
     asym_ctx = oxs_asym_ctx_create(env);
     oxs_asym_ctx_set_algorithm(asym_ctx, env, enc_asym_algo);
     oxs_asym_ctx_set_file_name(asym_ctx, env, certificate_file);
     
-    oxs_asym_ctx_set_pem_buf(asym_ctx, env, RAMPART_ACTIONS_GET_KEY_BUF(actions, env));
+/*  oxs_asym_ctx_set_pem_buf(asym_ctx, env, RAMPART_ACTIONS_GET_KEY_BUF(actions, env));*/
     oxs_asym_ctx_set_password(asym_ctx, env, password);
     oxs_asym_ctx_set_operation(asym_ctx, env, OXS_ASYM_CTX_OPERATION_PUB_ENCRYPT);
     oxs_asym_ctx_set_st_ref_pattern(asym_ctx, env, eki);

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_handler_util.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_handler_util.c?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_handler_util.c
(original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_handler_util.c
Sun Feb  4 20:14:24 2007
@@ -115,7 +115,6 @@
     return password;
 }
 
-
 axis2_char_t* AXIS2_CALL
 rampart_get_property_from_ctx(const axis2_env_t *env,
         axis2_ctx_t *ctx,

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c?view=diff&rev=503546&r1=503545&r2=503546
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c
(original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c
Sun Feb  4 20:14:24 2007
@@ -152,9 +152,24 @@
         if(rampart_context_is_encrypt_before_sign(rampart_context,env))
         {
             /*Check what are the parts to encrypt and send them to the encrypt method*/
-            /*status = rampart_enc_encrypt_message(env, msg_ctx,soap_envelope,rampart_context,sec_node);*/
-            return AXIS2_SUCCESS;        
-        
+            status = rampart_enc_encrypt_message(env, msg_ctx,rampart_context,soap_envelope,sec_node);
+            if(!status)            
+                return AXIS2_FAILURE;       
+
+
+            /*Then do signature specific things*/
+            /*Then Handle Supporting token stuff  */
+        }  
+        else
+        {
+            /*First do signature specific stuff*/
+            
+            /*Then Handle Encryption stuff*/
+            
+            status = rampart_enc_encrypt_message(env, msg_ctx,rampart_context,soap_envelope,sec_node);
+            if(!status)
+                return AXIS2_FAILURE;
+
         }            
 
         return AXIS2_SUCCESS;        



---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org


Mime
View raw message