Author: kaushalye
Date: Thu Oct 11 02:53:29 2007
New Revision: 583758
URL: http://svn.apache.org/viewvc?rev=583758&view=rev
Log:
Key derivation and symmetric binding (encryption) in Ramaprt
Modified:
webservices/rampart/trunk/c/include/oxs_key.h
webservices/rampart/trunk/c/src/omxmlsec/derivation.c
webservices/rampart/trunk/c/src/omxmlsec/key.c
webservices/rampart/trunk/c/src/util/rampart_encryption.c
webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c
Modified: webservices/rampart/trunk/c/include/oxs_key.h
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/oxs_key.h?rev=583758&r1=583757&r2=583758&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/oxs_key.h (original)
+++ webservices/rampart/trunk/c/include/oxs_key.h Thu Oct 11 02:53:29 2007
@@ -62,7 +62,7 @@
* @return data
*/
- unsigned char *AXIS2_CALL
+ AXIS2_EXTERN unsigned char *AXIS2_CALL
oxs_key_get_data(
const oxs_key_t *key,
const axutil_env_t *env);
@@ -72,7 +72,7 @@
* @param env pointer to environment struct
* @return name of the key
*/
- axis2_char_t *AXIS2_CALL
+ AXIS2_EXTERN axis2_char_t *AXIS2_CALL
oxs_key_get_name(
const oxs_key_t *key,
const axutil_env_t *env);
@@ -82,7 +82,7 @@
* @param env pointer to environment struct
* @return size of the key
*/
- int AXIS2_CALL
+ AXIS2_EXTERN int AXIS2_CALL
oxs_key_get_size(
const oxs_key_t *key,
const axutil_env_t *env);
@@ -92,7 +92,7 @@
* @param env pointer to environment struct
* @return usage of the key
*/
- int AXIS2_CALL
+ AXIS2_EXTERN int AXIS2_CALL
oxs_key_get_usage(
const oxs_key_t *key,
const axutil_env_t *env);
@@ -105,7 +105,7 @@
* @param name name of the key
* @return AXIS2_SUCCESS on success, else AXIS2_FAILURE
*/
- axis2_status_t AXIS2_CALL
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_set_name(
oxs_key_t *key,
const axutil_env_t *env,
@@ -119,7 +119,7 @@
* @param usage usage of the key
* @return AXIS2_SUCCESS on success, else AXIS2_FAILURE
*/
- axis2_status_t AXIS2_CALL
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_set_usage(
oxs_key_t *key,
const axutil_env_t *env,
@@ -131,13 +131,13 @@
* @param env pointer to environment struct
* @return AXIS2_SUCCESS on success, else AXIS2_FAILURE
*/
- axis2_status_t AXIS2_CALL
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_free(
oxs_key_t *key,
const axutil_env_t *env
);
- axis2_status_t AXIS2_CALL
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_populate_with_buf(oxs_key_t *key,
const axutil_env_t *env,
oxs_buffer_t *buffer,
@@ -154,7 +154,7 @@
* @param usage usage of the key
* @return AXIS2_SUCCESS on success, else AXIS2_FAILURE
*/
- axis2_status_t AXIS2_CALL
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_populate(
oxs_key_t *key,
const axutil_env_t *env,
@@ -169,7 +169,7 @@
* @param env pointer to environment struct
* @return AXIS2_SUCCESS on success, else AXIS2_FAILURE
*/
- axis2_status_t AXIS2_CALL
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_read_from_file(
oxs_key_t *key,
const axutil_env_t *env,
@@ -181,17 +181,17 @@
* @param env pointer to environment struct
* @return AXIS2_SUCCESS on success, else AXIS2_FAILURE
*/
- axis2_status_t AXIS2_CALL
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_for_algo(oxs_key_t *key,
const axutil_env_t *env,
axis2_char_t *key_algo);
- oxs_buffer_t *AXIS2_CALL
+ AXIS2_EXTERN oxs_buffer_t *AXIS2_CALL
oxs_key_get_buffer(const oxs_key_t *key,
const axutil_env_t *env);
- oxs_key_t *AXIS2_CALL
+ AXIS2_EXTERN oxs_key_t *AXIS2_CALL
oxs_key_dup(oxs_key_t *key,
const axutil_env_t *env);
Modified: webservices/rampart/trunk/c/src/omxmlsec/derivation.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/derivation.c?rev=583758&r1=583757&r2=583758&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/derivation.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/derivation.c Thu Oct 11 02:53:29
2007
@@ -20,6 +20,7 @@
#include <oxs_derivation.h>
#include <oxs_key.h>
#include <oxs_error.h>
+#include <oxs_utility.h>
#include <oxs_asym_ctx.h>
AXIS2_EXTERN axis2_status_t AXIS2_CALL
@@ -31,13 +32,25 @@
)
{
axis2_status_t status = AXIS2_FAILURE;
-
+ axis2_char_t *dk_id = NULL;
/*TODO Concatenate the seed and label*/
/*TODO P_SHA1 (secret, label + seed)*/
- /*TODO Populate the derived key*/
-
+ /*TODO Populate the derived key. What we do here is fake. We use the same
key ;-)*/
+ dk_id = oxs_util_generate_id(env, (axis2_char_t*)OXS_DERIVED_ID);
+ status = oxs_key_populate(derived_key, env,
+ oxs_key_get_data(secret, env),
+ dk_id,
+ oxs_key_get_size(secret, env),
+ oxs_key_get_usage(secret, env));
+ /*status = oxs_key_populate_with_buf(derived_key, env,
+ oxs_key_get_buffer(secret, env),
+ 1,
+ 2);
+ oxs_key_get_size(secret, env),
+ oxs_key_get_usage(secret, env));
+ oxs_key_set_name(derived_key, env, dk_id); */
return status;
Modified: webservices/rampart/trunk/c/src/omxmlsec/key.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/key.c?rev=583758&r1=583757&r2=583758&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/key.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/key.c Thu Oct 11 02:53:29 2007
@@ -33,7 +33,7 @@
/******************** end of function headers *****************/
-unsigned char *AXIS2_CALL
+AXIS2_EXTERN unsigned char *AXIS2_CALL
oxs_key_get_data(
const oxs_key_t *key,
const axutil_env_t *env)
@@ -43,7 +43,7 @@
return oxs_buffer_get_data(key->buf, env);
}
-axis2_char_t *AXIS2_CALL
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
oxs_key_get_name(
const oxs_key_t *key,
const axutil_env_t *env)
@@ -54,7 +54,7 @@
}
-oxs_buffer_t *AXIS2_CALL
+AXIS2_EXTERN oxs_buffer_t *AXIS2_CALL
oxs_key_get_buffer(const oxs_key_t *key,
const axutil_env_t *env)
{
@@ -62,7 +62,7 @@
return key->buf;
}
-int AXIS2_CALL
+AXIS2_EXTERN int AXIS2_CALL
oxs_key_get_size(
const oxs_key_t *key,
const axutil_env_t *env)
@@ -72,7 +72,7 @@
return oxs_buffer_get_size(key->buf, env);
}
-int AXIS2_CALL
+AXIS2_EXTERN int AXIS2_CALL
oxs_key_get_usage(
const oxs_key_t *key,
const axutil_env_t *env)
@@ -84,7 +84,7 @@
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_set_name(
oxs_key_t *key,
const axutil_env_t *env,
@@ -104,7 +104,7 @@
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_set_usage(
oxs_key_t *key,
const axutil_env_t *env,
@@ -117,7 +117,7 @@
}
-oxs_key_t *AXIS2_CALL
+AXIS2_EXTERN oxs_key_t *AXIS2_CALL
oxs_key_dup(oxs_key_t *key,
const axutil_env_t *env)
{
@@ -169,7 +169,7 @@
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_free(oxs_key_t *key,
const axutil_env_t *env)
{
@@ -186,7 +186,7 @@
return AXIS2_SUCCESS;
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_populate_with_buf(oxs_key_t *key,
const axutil_env_t *env,
oxs_buffer_t *buffer,
@@ -203,7 +203,7 @@
return AXIS2_SUCCESS;
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_populate(oxs_key_t *key,
const axutil_env_t *env,
unsigned char *data,
@@ -224,7 +224,7 @@
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_read_from_file(oxs_key_t *key,
const axutil_env_t *env,
axis2_char_t *file_name)
@@ -246,7 +246,7 @@
}
-axis2_status_t AXIS2_CALL
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_key_for_algo(oxs_key_t *key,
const axutil_env_t *env,
axis2_char_t *key_algo)
Modified: webservices/rampart/trunk/c/src/util/rampart_encryption.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_encryption.c?rev=583758&r1=583757&r2=583758&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_encryption.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_encryption.c Thu Oct 11
02:53:29 2007
@@ -75,8 +75,6 @@
axis2_char_t *enc_sym_algo = NULL;
int i = 0;
- /*TODO Derived Key Encryption*/
-
/*Get nodes to be encrypted*/
nodes_to_encrypt = axutil_array_list_create(env, 0);
status = rampart_enc_get_nodes_to_encrypt(
@@ -91,7 +89,6 @@
return AXIS2_FAILURE;
}
-
/*Get the symmetric encryption algorithm*/
enc_sym_algo = rampart_context_get_enc_sym_algo(rampart_context, env);
@@ -103,7 +100,6 @@
enc_sym_algo = OXS_DEFAULT_SYM_ALGO;
}
-
/*Generate the session key*/
session_key = oxs_key_create(env);
status = oxs_key_for_algo(session_key, env, enc_sym_algo);
@@ -126,7 +122,6 @@
axiom_node_t *node_to_enc = NULL;
oxs_ctx_t *enc_ctx = NULL;
oxs_key_t *derived_key = NULL;
- axis2_char_t *dk_id = NULL;
axis2_char_t *enc_data_id = NULL;
/*Get the node to be encrypted*/
@@ -136,17 +131,19 @@
/*Derive a new key*/
derived_key = oxs_key_create(env);
status = oxs_derivation_derive_key(env, session_key, NULL, NULL,
derived_key);
- dk_id = oxs_util_generate_id(env, (axis2_char_t*)OXS_DERIVED_ID);
/*Create the encryption context for OMXMLSEC*/
enc_ctx = oxs_ctx_create(env);
- /*Set the key*/
- oxs_ctx_set_key(enc_ctx, env, session_key);
+
+ /*Set the derived key for the encryption*/
+ oxs_ctx_set_key(enc_ctx, env, derived_key);
+
/*Set the algorithm*/
oxs_ctx_set_enc_mtd_algorithm(enc_ctx, env, enc_sym_algo);
/*Generate ID for the encrypted data element*/
enc_data_id = oxs_util_generate_id(env, (axis2_char_t*)OXS_ENCDATA_ID);
+
/*Free derived key*/
oxs_key_free(derived_key, env);
Modified: webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c?rev=583758&r1=583757&r2=583758&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_sec_header_builder.c Thu Oct
11 02:53:29 2007
@@ -93,21 +93,22 @@
/*Check the encryption and signature order*/
if(rampart_context_is_encrypt_before_sign(rampart_context, env))
{
- /*TODO encrypt before sign*/
+ is_encrypt_before_sign = AXIS2_TRUE;
+ /*TODO encrypt before sign. Complicated stuff...*/
}else{ /*Sign before encrypt*/
is_encrypt_before_sign = AXIS2_FALSE;
- /*First do signature specific stuff*/
- status = rampart_sig_sign_message(env, msg_ctx, rampart_context,
soap_envelope, sec_node);
- if(status != AXIS2_SUCCESS){
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][shb] Sym binding, Signing failed.
ERROR");
- return AXIS2_FAILURE;
- }
+ /*TODO First do signature specific stuff using Symmetric key*/
+
+
/*Then Handle Encryption stuff*/
-
-
+ status = rampart_enc_dk_encrypt_message(env, msg_ctx, rampart_context,
soap_envelope, sec_node);
+ if (status == AXIS2_FAILURE)
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart][shb] Sym
binding, Encryption failed in Symmetric binding. ERROR");
+ return AXIS2_FAILURE;
+ }
}
status = AXIS2_SUCCESS;
