Author: kaushalye
Date: Wed Oct 17 02:37:59 2007
New Revision: 585429
URL: http://svn.apache.org/viewvc?rev=585429&view=rev
Log:
Support for HMAC-SHA1 algo in the xml crypto layer
Modified:
webservices/rampart/trunk/c/include/openssl_hmac.h
webservices/rampart/trunk/c/include/oxs_signature.h
webservices/rampart/trunk/c/src/omxmlsec/openssl/hmac.c
webservices/rampart/trunk/c/src/omxmlsec/signature.c
Modified: webservices/rampart/trunk/c/include/openssl_hmac.h
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/openssl_hmac.h?rev=585429&r1=585428&r2=585429&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/openssl_hmac.h (original)
+++ webservices/rampart/trunk/c/include/openssl_hmac.h Wed Oct 17 02:37:59 2007
@@ -20,6 +20,7 @@
#include <axis2_defines.h>
#include <axutil_env.h>
#include <oxs_buffer.h>
+#include <oxs_key.h>
/**
* @file openssl_hmac.h
@@ -40,7 +41,7 @@
AXIS2_EXTERN axis2_status_t AXIS2_CALL
openssl_hmac_sha1(const axutil_env_t *env,
- oxs_buffer_t *secret,
+ oxs_key_t *secret,
oxs_buffer_t *input,
oxs_buffer_t *output);
/* @} */
Modified: webservices/rampart/trunk/c/include/oxs_signature.h
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/oxs_signature.h?rev=585429&r1=585428&r2=585429&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/oxs_signature.h (original)
+++ webservices/rampart/trunk/c/include/oxs_signature.h Wed Oct 17 02:37:59 2007
@@ -42,6 +42,22 @@
{
#endif
/**
+ * Signs an input buffer @input using the HMAC-SHA1 algorithm.
+ * The secret will be taken form the signature context @sign_ctx
+ * Result will be placed in output buffer @output
+ * @env pointer to environment struct
+ * @sign_ctx the signature context
+ * @input input buffer
+ * @output output buffer
+ * @return AXIS2_SUCCESS on success, else AXIS2_FAILURE
+ */
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ oxs_sig_sign_hmac_sha1(const axutil_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ oxs_buffer_t *input,
+ oxs_buffer_t *output);
+
+ /**
* Signs an input buffer @input using the RSA-SHA1 algorithm.
* Result will be placed in output buffer @output
* @env pointer to environment struct
Modified: webservices/rampart/trunk/c/src/omxmlsec/openssl/hmac.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/openssl/hmac.c?rev=585429&r1=585428&r2=585429&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/openssl/hmac.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/openssl/hmac.c Wed Oct 17 02:37:59
2007
@@ -27,7 +27,7 @@
*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
openssl_hmac_sha1(const axutil_env_t *env,
- oxs_buffer_t *secret,
+ oxs_key_t *secret,
oxs_buffer_t *input,
oxs_buffer_t *output)
{
@@ -36,7 +36,7 @@
unsigned int hashed_len;
HMAC_CTX_init(&ctx);
- HMAC_Init_ex(&ctx, oxs_buffer_get_data(secret, env),
oxs_buffer_get_size(secret, env), EVP_sha1(), NULL);
+ HMAC_Init_ex(&ctx, oxs_key_get_data(secret, env), oxs_key_get_size(secret,
env), EVP_sha1(), NULL);
HMAC_Update(&ctx, oxs_buffer_get_data(input, env),
oxs_buffer_get_size(input, env));
HMAC_Final(&ctx, hmac, &hashed_len);
HMAC_cleanup(&ctx);
Modified: webservices/rampart/trunk/c/src/omxmlsec/signature.c
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/signature.c?rev=585429&r1=585428&r2=585429&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/signature.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/signature.c Wed Oct 17 02:37:59
2007
@@ -28,7 +28,45 @@
#include <openssl_sign.h>
#include <openssl_digest.h>
-/*Private functions*/
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+oxs_sig_sign_hmac_sha1(const axutil_env_t *env,
+ oxs_sign_ctx_t *sign_ctx,
+ oxs_buffer_t *input,
+ oxs_buffer_t *output)
+{
+ axis2_status_t status = AXIS2_FAILURE;
+ axis2_char_t *encoded_str = NULL;
+ oxs_buffer_t *signed_result_buf = NULL;
+ oxs_key_t *secret = NULL;
+ int signedlen = -1;
+ int encodedlen = -1;
+ int ret = -1;
+ /*Create output buffer to store signed data*/
+ signed_result_buf = oxs_buffer_create(env);
+
+ /*Get the shared secret form the sig_ctx*/
+ secret = oxs_sign_ctx_get_secret(sign_ctx, env);
+ /*Sign using HMAC-SHA1*/
+ status = openssl_hmac_sha1(env, secret, input, signed_result_buf);
+ if(AXIS2_FAILURE == status){
+ oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIGN_FAILED,"Signature
failed. using HMAC-SHA1 ");
+ }
+
+ /*Base64 encode*/
+ encodedlen = axutil_base64_encode_len(signedlen);
+ encoded_str = AXIS2_MALLOC(env->allocator, encodedlen);
+ ret = axutil_base64_encode(encoded_str, (const char *)
+ oxs_buffer_get_data(signed_result_buf, env), signedlen);
+ status = oxs_buffer_populate(output, env, (unsigned char*)encoded_str,
+ encodedlen);
+
+ /*Free signed_result_buf*/
+ oxs_buffer_free(signed_result_buf, env);
+ signed_result_buf = NULL;
+
+ return AXIS2_SUCCESS;
+}
+
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_sig_sign_rsa_sha1(const axutil_env_t *env,
oxs_sign_ctx_t *sign_ctx,
@@ -85,7 +123,7 @@
{
axis2_char_t *sign_algo = NULL;
- /*Get algo*/
+ /*Get algo. To check whether we support*/
sign_algo = oxs_sign_ctx_get_sign_mtd_algo(sign_ctx, env);
/*Prepare content and sign*/
@@ -95,10 +133,7 @@
}
else if ((axutil_strcmp(sign_algo, OXS_HREF_DSA_SHA1)) == 0)
{
- /*Error we do not support*/
- oxs_error(env, ERROR_LOCATION, OXS_ERROR_INVALID_DATA,
- "Cannot support cipher %s", sign_algo);
- return AXIS2_FAILURE;
+ oxs_sig_sign_hmac_sha1(env, sign_ctx, input, output);
}
else
{
