svn commit: r584712 - in /webservices/rampart/trunk/c: include/oxs_constants.h include/rampart_encryption.h src/omxmlsec/xml_encryption.c

Mon, 15 Oct 2007 01:52:12 -0700 

Author: kaushalye
Date: Mon Oct 15 01:51:35 2007
New Revision: 584712

URL: http://svn.apache.org/viewvc?rev=584712&view=rev
Log:
Thumbprint support for X509 certificates

Modified:
    webservices/rampart/trunk/c/include/oxs_constants.h
    webservices/rampart/trunk/c/include/rampart_encryption.h
    webservices/rampart/trunk/c/src/omxmlsec/xml_encryption.c

Modified: webservices/rampart/trunk/c/include/oxs_constants.h
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/oxs_constants.h?rev=584712&r1=584711&r2=584712&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/oxs_constants.h (original)
+++ webservices/rampart/trunk/c/include/oxs_constants.h Mon Oct 15 01:51:35 2007
@@ -362,7 +362,7 @@
 #define OXS_ENCODING_BASE64BINARY 
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
 #define OXS_VALUE_X509V3 
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
 #define OXS_X509_SUBJ_KI 
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";
-
+#define OXS_X509_TUMBP_PRINT_SHA1 
"http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1";
     /****************************************************************
         ST References
     ****************************************************************/

Modified: webservices/rampart/trunk/c/include/rampart_encryption.h
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/rampart_encryption.h?rev=584712&r1=584711&r2=584712&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/rampart_encryption.h (original)
+++ webservices/rampart/trunk/c/include/rampart_encryption.h Mon Oct 15 
01:51:35 2007
@@ -53,6 +53,13 @@
                                 axiom_soap_envelope_t *soap_envelope,
                                 axiom_node_t *sec_node);
 
+    AXIS2_EXTERN axis2_status_t AXIS2_CALL
+    rampart_enc_dk_encrypt_message(const axutil_env_t *env,
+    axis2_msg_ctx_t *msg_ctx,
+    rampart_context_t *rampart_context,
+    axiom_soap_envelope_t *soap_envelope,
+    axiom_node_t *sec_node);
+ 
 
     AXIS2_EXTERN axis2_status_t AXIS2_CALL
     rampart_enc_add_key_info(

Modified: webservices/rampart/trunk/c/src/omxmlsec/xml_encryption.c
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/xml_encryption.c?rev=584712&r1=584711&r2=584712&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/xml_encryption.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/xml_encryption.c Mon Oct 15 
01:51:35 2007
@@ -47,23 +47,29 @@
 static axis2_status_t
 oxs_xml_enc_populate_stref_with_key_identifier(const axutil_env_t *env,
         oxs_asym_ctx_t *asym_ctx,
-        axiom_node_t *stref_node)
+        axiom_node_t *stref_node, 
+        axis2_bool_t is_thumbprint)
 {
     axiom_node_t *key_identifier_node = NULL;
     axis2_char_t *key_identifier = NULL;
+    axis2_char_t *val_type = NULL;
     oxs_x509_cert_t *cert = NULL;
 
     cert = oxs_asym_ctx_get_certificate(asym_ctx, env);
-    key_identifier = oxs_x509_cert_get_key_identifier(cert, env);
+    if(is_thumbprint){
+        key_identifier = oxs_x509_cert_get_fingerprint(cert, env);
+        val_type = OXS_X509_TUMBP_PRINT_SHA1;
+    }else{
+        key_identifier = oxs_x509_cert_get_key_identifier(cert, env);
+        val_type = OXS_X509_SUBJ_KI;
+    }
     if(!key_identifier){
         return AXIS2_FAILURE;
     }
-
     /*Build KeyIdentifier node*/
     key_identifier_node = oxs_token_build_key_identifier_element(
                               env, stref_node, OXS_ENCODING_BASE64BINARY,
-                              OXS_X509_SUBJ_KI, key_identifier);
-
+                              val_type, key_identifier);
     return AXIS2_SUCCESS;
 }
 
@@ -491,9 +497,10 @@
     }else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_DIRECT_REFERENCE)){
         status = oxs_xml_enc_populate_stref_with_bst(env, asym_ctx, 
stref_node, parent);
     }else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_KEY_IDENTIFIER)){
-        status = oxs_xml_enc_populate_stref_with_key_identifier(env, asym_ctx, 
stref_node);
+        status = oxs_xml_enc_populate_stref_with_key_identifier(env, asym_ctx, 
stref_node, AXIS2_FALSE);
     }else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_THUMB_PRINT)){
         /*TODO: Need to support Thumbprint Ref*/
+        status = oxs_xml_enc_populate_stref_with_key_identifier(env, asym_ctx, 
stref_node, AXIS2_TRUE);
     }
     cd_node = oxs_token_build_cipher_data_element(env, encrypted_key_node);
     cv_node = oxs_token_build_cipher_value_element(env, cd_node,  
encrypted_key_data);

Reply via email to