Author: manjula
Date: Wed Jun 13 23:33:37 2007
New Revision: 547144
URL: http://svn.apache.org/viewvc?view=rev&rev=547144
Log:
Handling Encrypt Signature When Sign Before encryption.
Modified:
webservices/rampart/trunk/c/src/util/rampart_encryption.c
webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c
Modified: webservices/rampart/trunk/c/src/util/rampart_encryption.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_encryption.c?view=diff&rev=547144&r1=547143&r2=547144
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_encryption.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_encryption.c Wed Jun 13
23:33:37 2007
@@ -85,19 +85,42 @@
void *param = NULL;
void *key_buf = NULL;
int i = 0;
+ axis2_bool_t signature_protection = AXIS2_FALSE;
+ axiom_node_t *sig_node = NULL;
+
+
/*Get nodes to be encrypted*/
+
server_side = axis2_msg_ctx_get_server_side(msg_ctx,env);
nodes_to_encrypt = axutil_array_list_create(env,0);
+ signature_protection =
rampart_context_is_encrypt_signature(rampart_context, env);
+
/*status =
rampart_context_get_nodes_to_encrypt(rampart_context,env,soap_envelope,nodes_to_encrypt);*/
- status =
rampart_enc_get_nodes_to_encrypt(rampart_context,env,soap_envelope,nodes_to_encrypt);
+ status = rampart_enc_get_nodes_to_encrypt(rampart_context, env,
soap_envelope, nodes_to_encrypt);
+
+ if((status!=AXIS2_SUCCESS)||(axutil_array_list_size(nodes_to_encrypt,
env)==0))
+ {
+ if(!signature_protection)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] No parts
specified or specified parts can't be found for encryprion.");
+ return AXIS2_SUCCESS;
+ }
+ }
-
if((status!=AXIS2_SUCCESS)||(axutil_array_list_size(nodes_to_encrypt,env)==0))
+ if(signature_protection)
{
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] No parts
specified or specified parts can't be found for encryprion.");
- return AXIS2_SUCCESS;
+ sig_node = oxs_axiom_get_node_by_local_name(env, sec_node,
OXS_NODE_SIGNATURE);
+ if(!sig_node)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption]Encrypting
signature, Sigature Not found");
+ return AXIS2_FAILURE;
+ }
+ axutil_array_list_add(nodes_to_encrypt, env, sig_node);
}
+
+
/*Now we have to check whether a token is specified.*/
token = rampart_context_get_token(rampart_context, env, AXIS2_TRUE,
server_side, AXIS2_FALSE);
if(!token)
Modified: webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c?view=diff&rev=547144&r1=547143&r2=547144
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c Wed Jun
13 23:33:37 2007
@@ -229,7 +229,7 @@
{
if(is_encrypt_before_sign)
{
- status = rampart_interchange_nodes(env,sig_node,enc_key_node);
+ status = rampart_interchange_nodes(env, sig_node,
enc_key_node);
if(status!=AXIS2_SUCCESS)
{
AXIS2_LOG_INFO(env->log,"[rampart][shb]Node interchange
failed.");
@@ -238,7 +238,7 @@
}
else
{
- status = rampart_interchange_nodes(env,enc_key_node,sig_node);
+ status = rampart_interchange_nodes(env, enc_key_node,
sig_node);
if(status!=AXIS2_SUCCESS)
{
AXIS2_LOG_INFO(env->log,"[rampart][shb]Node interchange
failed.");
@@ -246,6 +246,29 @@
}
}
}
+
+ else if(enc_key_node && signature_protection)
+ {
+ if(!is_encrypt_before_sign)
+ {
+ axiom_node_t *enc_data_node = NULL;
+ enc_data_node = oxs_axiom_get_node_by_local_name(env,
sec_node, OXS_NODE_ENCRYPTED_DATA);
+ if(!enc_data_node)
+ {
+ AXIS2_LOG_INFO(env->log,"[rampart][shb]Signature is not
encrypted,");
+ return AXIS2_FAILURE;
+ }
+ else
+ {
+ status = rampart_interchange_nodes(env, enc_key_node,
enc_data_node);
+ if(status != AXIS2_SUCCESS)
+ {
+ return AXIS2_FAILURE;
+ }
+ }
+ }
+ }
+
return AXIS2_SUCCESS;
}
else if((rampart_context_get_binding_type(rampart_context,env)) ==
RP_BINDING_SYMMETRIC)
