/**
* Inspect the key node. Then populate the sym_key
*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_xml_enc_decrypt_key(
const axutil_env_t *env,
oxs_asym_ctx_t * asym_ctx,
axiom_node_t *parent,
axiom_node_t *encrypted_key_node,
oxs_key_t *key)
{
axiom_node_t *enc_mtd_node = NULL;
axiom_node_t *key_info_node = NULL;
axiom_node_t *cd_node = NULL;
axis2_char_t *enc_mtd_algo = NULL;
axis2_char_t *cipher_val = NULL;
axis2_char_t *new_cipher_val = NULL;
axis2_status_t status = AXIS2_FAILURE;
oxs_buffer_t *input_buf = NULL;
oxs_buffer_t *result_buf = NULL;
axis2_char_t *key_name = NULL;
axis2_char_t* encrypted_key_hash = NULL;
int decoded_len = 0;
axis2_char_t *decoded_enc_sec = NULL;
/*Get encryption method algorithm*/
enc_mtd_node = oxs_axiom_get_first_child_node_by_name(env, encrypted_key_node,
OXS_NODE_ENCRYPTION_METHOD, OXS_ENC_NS, OXS_XENC);
enc_mtd_algo = oxs_token_get_encryption_method(env, enc_mtd_node);
if(!enc_mtd_algo)
{
oxs_error(env, OXS_ERROR_LOCATION, OXS_ERROR_ENCRYPT_FAILED,
"Cannot find the Encryption method");
return AXIS2_FAILURE;
}
/*Get cipher data*/
cd_node = oxs_axiom_get_first_child_node_by_name(env, encrypted_key_node, OXS_NODE_CIPHER_DATA,
OXS_ENC_NS, OXS_XENC);
cipher_val = oxs_token_get_cipher_value_from_cipher_data(env, cd_node);
if(!cipher_val)
{
oxs_error(env, OXS_ERROR_LOCATION, OXS_ERROR_ENCRYPT_FAILED,
"Cannot find the cipher value for key decryption");
return AXIS2_FAILURE;
}
new_cipher_val = oxs_util_get_newline_removed_string(env, cipher_val);
/*Get key used to encrypt*/
key_info_node = oxs_axiom_get_first_child_node_by_name(env, encrypted_key_node,
OXS_NODE_KEY_INFO, OXS_DSIG_NS, OXS_DS);
status = oxs_xml_enc_process_key_info(env, asym_ctx, key_info_node, parent);
/*Right now we support KeyInfo -> SecurityTokenReference -> Reference
KeyInfo -> SecurityTokenReference -> X509IssuerSerial */
/*Get the pkey used to decrypt the session key. If found set it to the asym_ctx*/
/*Create the input buffer*/
input_buf = oxs_buffer_create(env);
oxs_buffer_populate(input_buf, env, (unsigned char*)new_cipher_val, axutil_strlen(
new_cipher_val));
/*Create a results buffer*/
result_buf = oxs_buffer_create(env);
/*Call decryption*/
status = oxs_encryption_asymmetric_crypt(env, asym_ctx, input_buf, result_buf);
/*Free input*/
oxs_buffer_free(input_buf, env);
input_buf = NULL;
/*calculate the EncryptedKeySHA1 and set as the key_sha*/
decoded_len = axutil_base64_decode_len(new_cipher_val);
decoded_enc_sec = AXIS2_MALLOC(env->allocator, decoded_len);
axutil_base64_decode_binary((unsigned char*)decoded_enc_sec, new_cipher_val);
encrypted_key_hash = openssl_sha1(env, decoded_enc_sec, decoded_len);
AXIS2_FREE(env->allocator, decoded_enc_sec);
AXIS2_FREE(env->allocator, new_cipher_val);
new_cipher_val = NULL;
if(AXIS2_FAILURE == status)
{
return AXIS2_FAILURE;
}
key_name = oxs_axiom_get_attribute_value_of_node_by_name(env, encrypted_key_node, OXS_ATTR_ID,
NULL);
/*Populate the key with the data in the result buffer*/
oxs_key_populate(key, env, oxs_buffer_get_data(result_buf, env), key_name, oxs_buffer_get_size(
result_buf, env), OXS_KEY_USAGE_SESSION);
oxs_key_set_key_sha(key, env, encrypted_key_hash);
/*Free*/
oxs_buffer_free(result_buf, env);
result_buf = NULL;
return AXIS2_SUCCESS;
}
axiom_node_t*
axis2_mtom_mtom(
const axutil_env_t * env,
axiom_node_t * node,
axis2_msg_ctx_t *msg_ctx)
{
axiom_node_t *file_name_node = NULL;
axiom_node_t *file_text_node = NULL;
axiom_node_t *ret_node = NULL;
AXIS2_ENV_CHECK(env, NULL);
/* Expected request format is :-
* <ns1:mtomSample xmlns:ns1="http://ws.apache.org/axis2/c/samples">
<ns1:fileName>test.jpg</ns1:fileName>
<ns1:image>
<xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include" href="cid:[email protected]"></xop:Include>
</ns1:image>
</ns1:mtomSample>
*/
if (!node) /* 'mtomSample' node */
{
AXIS2_ERROR_SET(env->error, AXIS2_ERROR_SVC_SKEL_INPUT_OM_NODE_NULL,
AXIS2_FAILURE);
printf("Echo client ERROR: input parameter NULL\n");
return NULL;
}
file_name_node = axiom_node_get_first_child(node, env);
if (!file_name_node) /* 'text' node */
{
AXIS2_ERROR_SET(env->error,
AXIS2_ERROR_SVC_SKEL_INVALID_XML_FORMAT_IN_REQUEST,
AXIS2_FAILURE);
printf("Echo client ERROR: invalid XML in request\n");
return NULL;
}
file_text_node = axiom_node_get_first_child(file_name_node, env);
if (!file_text_node) /* actual text to mtom */
{
AXIS2_ERROR_SET(env->error,
AXIS2_ERROR_SVC_SKEL_INVALID_XML_FORMAT_IN_REQUEST,
AXIS2_FAILURE);
printf("Echo client ERROR: invalid XML in request\n");
return NULL;
}
if (axiom_node_get_node_type(file_text_node, env) == AXIOM_TEXT)
{
axiom_text_t *text =
(axiom_text_t *) axiom_node_get_data_element(file_text_node, env);
if (text && axiom_text_get_value(text, env))
{
axiom_node_t *image_node = NULL;
axis2_char_t *text_str =
(axis2_char_t *) axiom_text_get_value(text, env);
printf("File Name %s \n", text_str);
image_node = axiom_node_get_next_sibling(file_name_node, env);
if (image_node)
{
/* axiom_node_t *inc_node = NULL;
inc_node = axiom_node_get_first_child(image_node, env);
if (inc_node)
{ */
axiom_node_t *binary_node = NULL;
binary_node = axiom_node_get_first_child(image_node, env);
if (binary_node)
{
axiom_data_handler_t *data_handler = NULL;
axiom_text_t *bin_text = (axiom_text_t *)
axiom_node_get_data_element(binary_node, env);
data_handler = axiom_text_get_data_handler(bin_text, env);
if (data_handler)
{
axiom_data_handler_t *data_handler_res = NULL;
axis2_byte_t *input_buff = NULL;
axis2_byte_t *buff = NULL;
int buff_len = 0;
axiom_data_handler_set_file_name(data_handler, env,
text_str);
axiom_data_handler_write_to(data_handler, env);
input_buff = axiom_data_handler_get_input_stream(data_handler, env);
buff_len = axiom_data_handler_get_input_stream_len(data_handler, env);
data_handler_res = axiom_data_handler_create(env, NULL, NULL);
buff = AXIS2_MALLOC(env->allocator, sizeof(axis2_byte_t)*buff_len);
memcpy(buff, input_buff, buff_len);
axiom_data_handler_set_binary_data(data_handler_res, env, buff, buff_len);
axis2_msg_ctx_set_doing_mtom (msg_ctx, env, AXIS2_TRUE);
ret_node = build_response2(env, data_handler_res);
}
else /* attachment has come by value, as non-optimized binary */
{
int plain_binary_len = 0;
int ret_len = 0;
axiom_text_t *bin_text = (axiom_text_t *)
axiom_node_get_data_element(binary_node, env);
axis2_byte_t *plain_binary = NULL;
axiom_data_handler_t *data_handler = NULL;
axis2_char_t *base64text =
(axis2_char_t *) axiom_text_get_value(bin_text,
env);
printf("base64text = %s\n", base64text);
plain_binary_len = axutil_base64_decode_len(base64text);
plain_binary = AXIS2_MALLOC(env->
allocator,
sizeof(unsigned char) *
plain_binary_len);
ret_len =
axutil_base64_decode_binary((unsigned char *)
plain_binary,
base64text);
data_handler =
axiom_data_handler_create(env, text_str, NULL);
axiom_data_handler_set_binary_data(data_handler, env,
plain_binary,
ret_len);
axiom_data_handler_write_to(data_handler, env);
ret_node = build_response1(env, base64text);
}
/* } */
}
}
}
}
else
{
AXIS2_ERROR_SET(env->error,
AXIS2_ERROR_SVC_SKEL_INVALID_XML_FORMAT_IN_REQUEST,
AXIS2_FAILURE);
printf("Echo client ERROR: invalid XML in request\n");
return NULL;
}
return ret_node;
}
/*For SOAP this parent is the wsse:Security node*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_xml_enc_encrypt_key(
const axutil_env_t *env,
oxs_asym_ctx_t * asym_ctx,
axiom_node_t *parent,
oxs_key_t *sym_key,
axutil_array_list_t *id_list)
{
axis2_char_t *algorithm = NULL;
axis2_char_t *encrypted_key_data = NULL;
axis2_char_t *st_ref_pattern = NULL;
oxs_buffer_t *input = NULL;
oxs_buffer_t *result = NULL;
axiom_node_t *encrypted_key_node = NULL;
axiom_node_t *enc_mtd_node = NULL;
axiom_node_t *key_info_node = NULL;
axiom_node_t *stref_node = NULL;
axiom_node_t *cd_node = NULL;
axiom_node_t *cv_node = NULL;
axis2_status_t status = AXIS2_FAILURE;
axis2_char_t* encrypted_key_hash = NULL;
int decoded_len = 0;
axis2_char_t *decoded_enc_sec = NULL;
/*Create input buffer*/
input = oxs_buffer_create(env);
oxs_buffer_populate(input, env, oxs_key_get_data(sym_key, env), oxs_key_get_size(sym_key, env));
/*Create an empty buffer to collect results*/
result = oxs_buffer_create(env);
/*Call encryption*/
status = oxs_encryption_asymmetric_crypt(env, asym_ctx, input, result);
/*Free input*/
oxs_buffer_free(input, env);
input = NULL;
if(AXIS2_FAILURE == status)
{
oxs_error(env, OXS_ERROR_LOCATION, OXS_ERROR_ENCRYPT_FAILED,
"Assymmetric key encryption failed");
return AXIS2_FAILURE;
}
/*Get the encrypted key*/
encrypted_key_data = (axis2_char_t *)oxs_buffer_get_data(result, env);
/*Build nodes*/
encrypted_key_node = oxs_token_build_encrypted_key_element(env, parent);
algorithm = oxs_asym_ctx_get_algorithm(asym_ctx, env);
enc_mtd_node = oxs_token_build_encryption_method_element(env, encrypted_key_node, algorithm);
key_info_node = oxs_token_build_key_info_element(env, encrypted_key_node);
stref_node = oxs_token_build_security_token_reference_element(env, key_info_node);
/*Get the ST REF pattern. If not set the default*/
st_ref_pattern = oxs_asym_ctx_get_st_ref_pattern(asym_ctx, env);
if((!st_ref_pattern) || (0 == axutil_strcmp(st_ref_pattern, "")))
{
st_ref_pattern = OXS_STR_DEFAULT;
}
if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_ISSUER_SERIAL))
{
status = oxs_xml_enc_populate_stref_with_issuer_serial(env, asym_ctx, stref_node);
}
else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_EMBEDDED))
{
status = oxs_xml_enc_populate_stref_with_embedded(env, asym_ctx, stref_node);
}
else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_DIRECT_REFERENCE))
{
status = oxs_xml_enc_populate_stref_with_bst(env, asym_ctx, stref_node, parent);
}
else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_KEY_IDENTIFIER))
{
status = oxs_xml_enc_populate_stref_with_key_identifier(env, asym_ctx, stref_node,
AXIS2_FALSE);
}
else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_THUMB_PRINT))
{
/*TODO: Need to support Thumbprint Ref*/
status = oxs_xml_enc_populate_stref_with_key_identifier(env, asym_ctx, stref_node,
AXIS2_TRUE);
}
cd_node = oxs_token_build_cipher_data_element(env, encrypted_key_node);
cv_node = oxs_token_build_cipher_value_element(env, cd_node, encrypted_key_data);
/*If and only if the id_list the present, we create the reference list*/
if(id_list)
{
oxs_token_build_data_reference_list(env, encrypted_key_node, id_list);
}
/*calculate the EncryptedKeySHA1 and set as the key_sha*/
decoded_len = axutil_base64_decode_len(encrypted_key_data);
decoded_enc_sec = AXIS2_MALLOC(env->allocator, decoded_len);
axutil_base64_decode_binary((unsigned char*)decoded_enc_sec, encrypted_key_data);
encrypted_key_hash = openssl_sha1(env, decoded_enc_sec, decoded_len);
oxs_key_set_key_sha(sym_key, env, encrypted_key_hash);
AXIS2_FREE(env->allocator, decoded_enc_sec);
/*Free*/
oxs_buffer_free(result, env);
result = NULL;
return AXIS2_SUCCESS;
}
