Esempio n. 1
0
/**
* Inspect the key node. Then populate the sym_key
*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_xml_enc_decrypt_key(
    const axutil_env_t *env,
    oxs_asym_ctx_t * asym_ctx,
    axiom_node_t *parent,
    axiom_node_t *encrypted_key_node,
    oxs_key_t *key)
{
    axiom_node_t *enc_mtd_node = NULL;
    axiom_node_t *key_info_node = NULL;
    axiom_node_t *cd_node = NULL;
    axis2_char_t *enc_mtd_algo = NULL;
    axis2_char_t *cipher_val = NULL;
    axis2_char_t *new_cipher_val = NULL;
    axis2_status_t status = AXIS2_FAILURE;
    oxs_buffer_t *input_buf = NULL;
    oxs_buffer_t *result_buf = NULL;
    axis2_char_t *key_name = NULL;

    axis2_char_t* encrypted_key_hash = NULL;
    int decoded_len = 0;
    axis2_char_t *decoded_enc_sec = NULL;

    /*Get encryption method algorithm*/
    enc_mtd_node = oxs_axiom_get_first_child_node_by_name(env, encrypted_key_node,
        OXS_NODE_ENCRYPTION_METHOD, OXS_ENC_NS, OXS_XENC);
    enc_mtd_algo = oxs_token_get_encryption_method(env, enc_mtd_node);
    if(!enc_mtd_algo)
    {
        oxs_error(env, OXS_ERROR_LOCATION, OXS_ERROR_ENCRYPT_FAILED,
            "Cannot find the Encryption method");
        return AXIS2_FAILURE;
    }
    /*Get cipher data*/
    cd_node = oxs_axiom_get_first_child_node_by_name(env, encrypted_key_node, OXS_NODE_CIPHER_DATA,
        OXS_ENC_NS, OXS_XENC);
    cipher_val = oxs_token_get_cipher_value_from_cipher_data(env, cd_node);
    if(!cipher_val)
    {
        oxs_error(env, OXS_ERROR_LOCATION, OXS_ERROR_ENCRYPT_FAILED,
            "Cannot find the cipher value for key decryption");
        return AXIS2_FAILURE;
    }

    new_cipher_val = oxs_util_get_newline_removed_string(env, cipher_val);

    /*Get key used to encrypt*/
    key_info_node = oxs_axiom_get_first_child_node_by_name(env, encrypted_key_node,
        OXS_NODE_KEY_INFO, OXS_DSIG_NS, OXS_DS);
    status = oxs_xml_enc_process_key_info(env, asym_ctx, key_info_node, parent);
    /*Right now we support KeyInfo -> SecurityTokenReference -> Reference
     KeyInfo -> SecurityTokenReference -> X509IssuerSerial */

    /*Get the pkey used to decrypt the session key. If found set it to the asym_ctx*/
    /*Create the input buffer*/
    input_buf = oxs_buffer_create(env);
    oxs_buffer_populate(input_buf, env, (unsigned char*)new_cipher_val, axutil_strlen(
        new_cipher_val));

    /*Create a results buffer*/
    result_buf = oxs_buffer_create(env);

    /*Call decryption*/
    status = oxs_encryption_asymmetric_crypt(env, asym_ctx, input_buf, result_buf);
    /*Free input*/
    oxs_buffer_free(input_buf, env);
    input_buf = NULL;

    /*calculate the EncryptedKeySHA1 and set as the key_sha*/
    decoded_len = axutil_base64_decode_len(new_cipher_val);
    decoded_enc_sec = AXIS2_MALLOC(env->allocator, decoded_len);
    axutil_base64_decode_binary((unsigned char*)decoded_enc_sec, new_cipher_val);
    encrypted_key_hash = openssl_sha1(env, decoded_enc_sec, decoded_len);
    AXIS2_FREE(env->allocator, decoded_enc_sec);

    AXIS2_FREE(env->allocator, new_cipher_val);
    new_cipher_val = NULL;

    if(AXIS2_FAILURE == status)
    {
        return AXIS2_FAILURE;
    }

    key_name = oxs_axiom_get_attribute_value_of_node_by_name(env, encrypted_key_node, OXS_ATTR_ID,
        NULL);
    /*Populate the key with the data in the result buffer*/
    oxs_key_populate(key, env, oxs_buffer_get_data(result_buf, env), key_name, oxs_buffer_get_size(
        result_buf, env), OXS_KEY_USAGE_SESSION);
    oxs_key_set_key_sha(key, env, encrypted_key_hash);

    /*Free*/
    oxs_buffer_free(result_buf, env);
    result_buf = NULL;

    return AXIS2_SUCCESS;
}
Esempio n. 2
0
axiom_node_t*
axis2_mtom_mtom(
    const axutil_env_t * env,
    axiom_node_t * node,
    axis2_msg_ctx_t *msg_ctx)
{
    axiom_node_t *file_name_node = NULL;
    axiom_node_t *file_text_node = NULL;
    axiom_node_t *ret_node = NULL;

    AXIS2_ENV_CHECK(env, NULL);

    /* Expected request format is :-
     * <ns1:mtomSample xmlns:ns1="http://ws.apache.org/axis2/c/samples">
     <ns1:fileName>test.jpg</ns1:fileName>
     <ns1:image>
     <xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include" href="cid:[email protected]"></xop:Include>
     </ns1:image>
     </ns1:mtomSample>
     */
    if (!node)                  /* 'mtomSample' node */
    {
        AXIS2_ERROR_SET(env->error, AXIS2_ERROR_SVC_SKEL_INPUT_OM_NODE_NULL,
                        AXIS2_FAILURE);
        printf("Echo client ERROR: input parameter NULL\n");
        return NULL;
    }

    file_name_node = axiom_node_get_first_child(node, env);
    if (!file_name_node)        /* 'text' node */
    {
        AXIS2_ERROR_SET(env->error,
                        AXIS2_ERROR_SVC_SKEL_INVALID_XML_FORMAT_IN_REQUEST,
                        AXIS2_FAILURE);
        printf("Echo client ERROR: invalid XML in request\n");
        return NULL;
    }

    file_text_node = axiom_node_get_first_child(file_name_node, env);
    if (!file_text_node)        /* actual text to mtom */
    {
        AXIS2_ERROR_SET(env->error,
                        AXIS2_ERROR_SVC_SKEL_INVALID_XML_FORMAT_IN_REQUEST,
                        AXIS2_FAILURE);
        printf("Echo client ERROR: invalid XML in request\n");
        return NULL;
    }

    if (axiom_node_get_node_type(file_text_node, env) == AXIOM_TEXT)
    {
        axiom_text_t *text =
            (axiom_text_t *) axiom_node_get_data_element(file_text_node, env);
        if (text && axiom_text_get_value(text, env))
        {
            axiom_node_t *image_node = NULL;
            axis2_char_t *text_str =
                (axis2_char_t *) axiom_text_get_value(text, env);
            printf("File Name  %s \n", text_str);

            image_node = axiom_node_get_next_sibling(file_name_node, env);
            if (image_node)
            {
                /* axiom_node_t *inc_node = NULL;
                   inc_node = axiom_node_get_first_child(image_node, env);
                   if (inc_node)
                   { */
                axiom_node_t *binary_node = NULL;
                binary_node = axiom_node_get_first_child(image_node, env);
                if (binary_node)
                {
                    axiom_data_handler_t *data_handler = NULL;
                    axiom_text_t *bin_text = (axiom_text_t *)
                        axiom_node_get_data_element(binary_node, env);
                    data_handler = axiom_text_get_data_handler(bin_text, env);
                    if (data_handler)
                    {
                        axiom_data_handler_t *data_handler_res = NULL;
                        axis2_byte_t *input_buff = NULL;
                        axis2_byte_t *buff = NULL;
                        int buff_len = 0;


                        axiom_data_handler_set_file_name(data_handler, env,
                                                         text_str);
                        axiom_data_handler_write_to(data_handler, env);
                        
                        input_buff = axiom_data_handler_get_input_stream(data_handler, env);
                        buff_len = axiom_data_handler_get_input_stream_len(data_handler, env);
                        
                        data_handler_res = axiom_data_handler_create(env, NULL, NULL);
                        
                        buff = AXIS2_MALLOC(env->allocator, sizeof(axis2_byte_t)*buff_len);
                        memcpy(buff, input_buff, buff_len);

                        axiom_data_handler_set_binary_data(data_handler_res, env, buff, buff_len);

                        axis2_msg_ctx_set_doing_mtom (msg_ctx, env, AXIS2_TRUE);
                        ret_node = build_response2(env, data_handler_res);
                    }
                    else        /* attachment has come by value, as non-optimized binary */
                    {
                        int plain_binary_len = 0;
                        int ret_len = 0;
                        axiom_text_t *bin_text = (axiom_text_t *)
                            axiom_node_get_data_element(binary_node, env);
                        axis2_byte_t *plain_binary = NULL;
                        axiom_data_handler_t *data_handler = NULL;

                        axis2_char_t *base64text =
                            (axis2_char_t *) axiom_text_get_value(bin_text,
                                                                  env);
                        printf("base64text = %s\n", base64text);
                        plain_binary_len = axutil_base64_decode_len(base64text);
                        plain_binary = AXIS2_MALLOC(env->
                                                    allocator,
                                                    sizeof(unsigned char) *
                                                    plain_binary_len);
                        ret_len =
                            axutil_base64_decode_binary((unsigned char *)
                                                        plain_binary,
                                                        base64text);
                        data_handler =
                            axiom_data_handler_create(env, text_str, NULL);
                        axiom_data_handler_set_binary_data(data_handler, env,
                                                           plain_binary,
                                                           ret_len);
                        axiom_data_handler_write_to(data_handler, env);
                        ret_node = build_response1(env, base64text);
                    }
                    /* } */
                }
            }

        }
    }
    else
    {
        AXIS2_ERROR_SET(env->error,
                        AXIS2_ERROR_SVC_SKEL_INVALID_XML_FORMAT_IN_REQUEST,
                        AXIS2_FAILURE);
        printf("Echo client ERROR: invalid XML in request\n");
        return NULL;
    }

    return ret_node;
}
Esempio n. 3
0
/*For SOAP this parent is the wsse:Security node*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
oxs_xml_enc_encrypt_key(
    const axutil_env_t *env,
    oxs_asym_ctx_t * asym_ctx,
    axiom_node_t *parent,
    oxs_key_t *sym_key,
    axutil_array_list_t *id_list)
{
    axis2_char_t *algorithm = NULL;
    axis2_char_t *encrypted_key_data = NULL;
    axis2_char_t *st_ref_pattern = NULL;
    oxs_buffer_t *input = NULL;
    oxs_buffer_t *result = NULL;
    axiom_node_t *encrypted_key_node = NULL;
    axiom_node_t *enc_mtd_node = NULL;
    axiom_node_t *key_info_node = NULL;
    axiom_node_t *stref_node = NULL;
    axiom_node_t *cd_node = NULL;
    axiom_node_t *cv_node = NULL;
    axis2_status_t status = AXIS2_FAILURE;
    axis2_char_t* encrypted_key_hash = NULL;
    int decoded_len = 0;
    axis2_char_t *decoded_enc_sec = NULL;

    /*Create input buffer*/
    input = oxs_buffer_create(env);
    oxs_buffer_populate(input, env, oxs_key_get_data(sym_key, env), oxs_key_get_size(sym_key, env));

    /*Create an empty buffer to collect results*/
    result = oxs_buffer_create(env);

    /*Call encryption*/
    status = oxs_encryption_asymmetric_crypt(env, asym_ctx, input, result);
    /*Free input*/
    oxs_buffer_free(input, env);
    input = NULL;

    if(AXIS2_FAILURE == status)
    {
        oxs_error(env, OXS_ERROR_LOCATION, OXS_ERROR_ENCRYPT_FAILED,
            "Assymmetric key encryption failed");
        return AXIS2_FAILURE;
    }
    /*Get the encrypted key*/
    encrypted_key_data = (axis2_char_t *)oxs_buffer_get_data(result, env);

    /*Build nodes*/
    encrypted_key_node = oxs_token_build_encrypted_key_element(env, parent);
    algorithm = oxs_asym_ctx_get_algorithm(asym_ctx, env);
    enc_mtd_node = oxs_token_build_encryption_method_element(env, encrypted_key_node, algorithm);
    key_info_node = oxs_token_build_key_info_element(env, encrypted_key_node);

    stref_node = oxs_token_build_security_token_reference_element(env, key_info_node);
    /*Get the ST REF pattern. If not set the default*/
    st_ref_pattern = oxs_asym_ctx_get_st_ref_pattern(asym_ctx, env);
    if((!st_ref_pattern) || (0 == axutil_strcmp(st_ref_pattern, "")))
    {
        st_ref_pattern = OXS_STR_DEFAULT;
    }

    if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_ISSUER_SERIAL))
    {
        status = oxs_xml_enc_populate_stref_with_issuer_serial(env, asym_ctx, stref_node);
    }
    else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_EMBEDDED))
    {
        status = oxs_xml_enc_populate_stref_with_embedded(env, asym_ctx, stref_node);
    }
    else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_DIRECT_REFERENCE))
    {
        status = oxs_xml_enc_populate_stref_with_bst(env, asym_ctx, stref_node, parent);
    }
    else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_KEY_IDENTIFIER))
    {
        status = oxs_xml_enc_populate_stref_with_key_identifier(env, asym_ctx, stref_node,
            AXIS2_FALSE);
    }
    else if(0 == axutil_strcmp(st_ref_pattern, OXS_STR_THUMB_PRINT))
    {
        /*TODO: Need to support Thumbprint Ref*/
        status = oxs_xml_enc_populate_stref_with_key_identifier(env, asym_ctx, stref_node,
            AXIS2_TRUE);
    }
    cd_node = oxs_token_build_cipher_data_element(env, encrypted_key_node);
    cv_node = oxs_token_build_cipher_value_element(env, cd_node, encrypted_key_data);
    /*If and only if the id_list the present, we create the reference list*/
    if(id_list)
    {
        oxs_token_build_data_reference_list(env, encrypted_key_node, id_list);
    }

    /*calculate the EncryptedKeySHA1 and set as the key_sha*/
    decoded_len = axutil_base64_decode_len(encrypted_key_data);
    decoded_enc_sec = AXIS2_MALLOC(env->allocator, decoded_len);
    axutil_base64_decode_binary((unsigned char*)decoded_enc_sec, encrypted_key_data);
    encrypted_key_hash = openssl_sha1(env, decoded_enc_sec, decoded_len);
    oxs_key_set_key_sha(sym_key, env, encrypted_key_hash);
    AXIS2_FREE(env->allocator, decoded_enc_sec);

    /*Free*/
    oxs_buffer_free(result, env);
    result = NULL;

    return AXIS2_SUCCESS;
}