コード例 #1
0
/**
 * Creates <wsse:Embedded> element
 */
AXIS2_EXTERN axiom_node_t* AXIS2_CALL
oxs_token_build_embedded_element(
    const axutil_env_t *env,
    axiom_node_t *parent,
    axis2_char_t* id)
{
    axiom_node_t *embedded_node = NULL;
    axiom_element_t *embedded_ele = NULL;
    axiom_attribute_t *id_attr = NULL;
    int ret;
    axiom_namespace_t *ns_obj = NULL;

    ns_obj = axiom_namespace_create(env, OXS_WSSE_NS, OXS_WSSE);
    embedded_ele = axiom_element_create(env, parent, OXS_NODE_EMBEDDED, ns_obj, &embedded_node);
   
    if(!embedded_ele)
    {
        AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart]Error creating embedded element.");
        axiom_namespace_free(ns_obj, env);
        return NULL;
    }

    if(!id)
    {
        id = oxs_util_generate_id(env,(axis2_char_t*)OXS_EMBEDDED_ID);
    }

    id_attr =  axiom_attribute_create(env, OXS_ATTR_ID, id, NULL);
    ret = axiom_element_add_attribute(embedded_ele, env, id_attr, embedded_node);
    return embedded_node;
}
コード例 #2
0
/**
*  
*   <BinarySecurityToken ID="CertID">KJDSsdlDJjsd=</BinarySecurityToken>
*   <KeyInfo>
*       <SecurityTokenReference>
*           <Reference URI="CertID"/>
*       </SecurityTokenReference>
*   </KeyInfo>
*/
static axis2_status_t
oxs_xml_enc_populate_stref_with_bst(
    const axutil_env_t *env,
    oxs_asym_ctx_t *asym_ctx,
    axiom_node_t *stref_node,
    axiom_node_t *parent)
{
    axiom_node_t *ref_node = NULL;
    axiom_node_t *bst_node = NULL;
    axis2_char_t *bst_data = NULL;
    axis2_char_t *id = NULL;
    axis2_char_t *ref_id = NULL;
    oxs_x509_cert_t *cert = NULL;

    cert = oxs_asym_ctx_get_certificate(asym_ctx, env);
    bst_data = oxs_x509_cert_get_data(cert, env);

    if(!bst_data)
    {
        return AXIS2_FAILURE;
    }
    /*Generate an ID for BST*/
    id = oxs_util_generate_id(env, (axis2_char_t*)OXS_CERT_ID);

    /*Build BinarySecurityToken as a child of parent(wsse:Security)*/
    bst_node = oxs_token_build_binary_security_token_element(env, parent, id,
        OXS_ENCODING_BASE64BINARY, OXS_VALUE_X509V3, bst_data);

    /*Build a Reference to above BST*/
    ref_id = axutil_stracat(env, OXS_LOCAL_REFERENCE_PREFIX, id);
    ref_node = oxs_token_build_reference_element(env, stref_node, ref_id, OXS_VALUE_X509V3);

    return AXIS2_SUCCESS;
}
コード例 #3
0
/**
 * Creates <wsc:DerivedKeyToken> element
 */
AXIS2_EXTERN axiom_node_t* AXIS2_CALL
oxs_token_build_derived_key_token_element(
    const axutil_env_t *env,
    axiom_node_t *parent,
    axis2_char_t* id,
    axis2_char_t* algo, 
    axis2_char_t* wsc_ns_uri)
{
    axiom_node_t *derived_key_token_node = NULL;
    axiom_element_t *derived_key_token_ele = NULL;
    axiom_attribute_t *algo_att = NULL;
    axiom_attribute_t *id_attr = NULL;
    int ret;
    axiom_namespace_t *ns_obj = NULL;
    axiom_namespace_t *ns = NULL;

    if(!wsc_ns_uri)
    {
        AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, 
            "[rampart]Error creating %s Token element. SecConv namespace uri is not valid.", 
            OXS_NODE_DERIVED_KEY_TOKEN);
        return NULL;
    }

    ns_obj = axiom_namespace_create(env, wsc_ns_uri, OXS_WSC);
    ns = axiom_namespace_create(env, RAMPART_WSU_XMLNS, OXS_WSU);

    derived_key_token_ele = axiom_element_create(
        env, parent, OXS_NODE_DERIVED_KEY_TOKEN, ns_obj, &derived_key_token_node);
    if (!derived_key_token_ele)
    {
        AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, 
            "[rampart]Error creating %s Token element", OXS_NODE_DERIVED_KEY_TOKEN);
        axiom_namespace_free(ns_obj, env);
        axiom_namespace_free(ns, env);
        return NULL;
    }

    if(algo)
    {
        algo_att =  axiom_attribute_create(env, OXS_ATTR_ALGORITHM, algo, NULL);
        ret = axiom_element_add_attribute(
            derived_key_token_ele, env, algo_att, derived_key_token_node);
    }

    if (!id)
    {
        id = oxs_util_generate_id(env,(axis2_char_t*)OXS_DERIVED_ID);
    }

    id_attr = axiom_attribute_create(env, OXS_ATTR_ID, id,ns);
    ret = axiom_element_add_attribute(derived_key_token_ele, env, id_attr, derived_key_token_node);
    return derived_key_token_node;
}
コード例 #4
0
/**
 * Creates <xenc:EncryptedData> element
 */
AXIS2_EXTERN axiom_node_t* AXIS2_CALL
oxs_token_build_encrypted_data_element(
    const axutil_env_t *env,
    axiom_node_t *parent,
    axis2_char_t* type_attribute,
    axis2_char_t* id)
{
    axiom_node_t *encrypted_data_node = NULL;
    axiom_element_t *encrypted_data_ele = NULL;
    axiom_attribute_t *type_attr = NULL;
    axiom_attribute_t *id_attr = NULL;
    axiom_namespace_t *ns_obj = NULL;

    ns_obj = axiom_namespace_create(env, OXS_ENC_NS, OXS_XENC);
    encrypted_data_ele = axiom_element_create(
        env, parent, OXS_NODE_ENCRYPTED_DATA, ns_obj, &encrypted_data_node);
    if(!encrypted_data_ele)
    {
        AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart]Error creating encrypted data element.");
        axiom_namespace_free(ns_obj, env);
        return NULL;
    }

    if (type_attribute)
    {
        type_attr =  axiom_attribute_create(env, OXS_ATTR_TYPE, type_attribute, NULL);
        axiom_element_add_attribute(encrypted_data_ele, env, type_attr, encrypted_data_node);
    }

    if(!id)
    {
        id = oxs_util_generate_id(env, (axis2_char_t*)OXS_ENCDATA_ID);
    }
    id_attr = axiom_attribute_create(env, OXS_ATTR_ID, id, NULL );
    axiom_element_add_attribute(encrypted_data_ele, env, id_attr, encrypted_data_node);

    return encrypted_data_node;
}
コード例 #5
0
/**
 * Creates <wsse:BinarySecurityToken> element
 */
AXIS2_EXTERN axiom_node_t* AXIS2_CALL
oxs_token_build_binary_security_token_element(
    const axutil_env_t *env,
    axiom_node_t *parent,
    axis2_char_t* id,
    axis2_char_t* encoding_type,
    axis2_char_t* value_type,
    axis2_char_t* data)
{
    axiom_node_t *binary_sec_token_node = NULL;
    axiom_node_t *first_child_of_parent = NULL;
    axiom_element_t *binary_security_token_ele = NULL;
    axiom_attribute_t *encoding_type_att = NULL;
    axiom_attribute_t *value_type_att = NULL;
    axiom_attribute_t *id_attr = NULL;
    axiom_namespace_t *ns_obj = NULL;
    axiom_namespace_t *ns = NULL;

    ns_obj = axiom_namespace_create(env, OXS_WSSE_NS, OXS_WSSE);
    ns = axiom_namespace_create(env, RAMPART_WSU_XMLNS, OXS_WSU);

    binary_security_token_ele = axiom_element_create(env, parent, OXS_NODE_BINARY_SECURITY_TOKEN,
        ns_obj, &binary_sec_token_node);
    if(!binary_security_token_ele)
    {
        AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart]Error creating %s element.",
            OXS_NODE_BINARY_SECURITY_TOKEN);
        axiom_namespace_free(ns_obj, env);
        axiom_namespace_free(ns, env);
        return NULL;
    }

    /* Binary security token must be added as the first child of the paretn */
    binary_sec_token_node = axiom_node_detach_without_namespaces(binary_sec_token_node, env);
    first_child_of_parent = axiom_node_get_first_element(parent, env);
    if(first_child_of_parent)
    {
        /* If there is a child add bst before it */
        axiom_node_insert_sibling_before(first_child_of_parent, env, binary_sec_token_node);
    }
    else
    {
        /* If there are no children just add the bst */
        axiom_node_add_child(parent, env, binary_sec_token_node);
    }

    if(!id)
    {
        id = oxs_util_generate_id(env, (axis2_char_t*)OXS_CERT_ID);
    }

    id_attr = axiom_attribute_create(env, OXS_ATTR_ID, id, ns);
    encoding_type_att = axiom_attribute_create(env, OXS_ATTR_ENCODING_TYPE, encoding_type, NULL);
    value_type_att = axiom_attribute_create(env, OXS_ATTR_VALUE_TYPE, value_type, NULL);

    axiom_element_add_attribute(binary_security_token_ele, env, id_attr,
        binary_sec_token_node);
    axiom_element_add_attribute(binary_security_token_ele, env, encoding_type_att,
        binary_sec_token_node);
    axiom_element_add_attribute(binary_security_token_ele, env, value_type_att,
        binary_sec_token_node);

    if(data)
    {
        axiom_element_set_text(binary_security_token_ele, env, data,
            binary_sec_token_node);
    }

    return binary_sec_token_node;
}
コード例 #6
0
ファイル: test.c プロジェクト: alexis-gruet/kt_rampart
axis2_status_t sign(axutil_env_t *env,
    axis2_char_t *filename,
    openssl_pkey_t *prvkey ,
    oxs_x509_cert_t *cert)
{
    axis2_char_t *signed_result = NULL;
    axis2_char_t *signed_filename = "result-sign.xml";
    axiom_node_t *node = NULL;
    axiom_node_t *tmpl = NULL;
    oxs_sign_part_t *sign_part = NULL;
    oxs_sign_ctx_t *sign_ctx = NULL;
    oxs_transform_t *tr = NULL;
    axutil_array_list_t *sign_parts = NULL;
    axutil_array_list_t *tr_list = NULL;
    axis2_char_t *id = NULL;
    axis2_status_t status = AXIS2_FAILURE;
    FILE *outf;
    
    tmpl = load_sample_xml(env , tmpl, filename);

    if (tmpl)
    {
        printf("load_sample_xml SUCCESS\n");
    }
    else
    {
        printf("load_sample_xml FAILED");
        return -1;
    }
    
     /*Sign specific*/
    sign_part = oxs_sign_part_create(env);

    tr_list = axutil_array_list_create(env, 1);
    /*We need C14N transform*/
    tr = oxs_transforms_factory_produce_transform(env, OXS_HREF_TRANSFORM_XML_EXC_C14N);
    axutil_array_list_add(tr_list, env, tr);
    oxs_sign_part_set_transforms(sign_part, env, tr_list);

    /*We need to sign this node add an ID to it*/
    node = axiom_node_get_first_element(tmpl, env);
    id = /*"Sig-ID-EFG";*/  oxs_util_generate_id(env,(axis2_char_t*)OXS_SIG_ID);
    oxs_axiom_add_attribute(env, node, OXS_WSU, OXS_WSSE_XMLNS,  OXS_ATTR_ID, id);
    status = oxs_sign_part_set_node(sign_part, env,node);

    status = oxs_sign_part_set_digest_mtd(sign_part, env, OXS_HREF_SHA1);

    sign_parts = axutil_array_list_create(env, 1);
    axutil_array_list_add(sign_parts, env, sign_part);
    sign_ctx = oxs_sign_ctx_create(env);
    if(sign_ctx){
        axiom_node_t *sig_node = NULL;

        oxs_sign_ctx_set_private_key(sign_ctx, env, prvkey);
        oxs_sign_ctx_set_certificate(sign_ctx, env, cert);
        /*Set sig algo*/
        oxs_sign_ctx_set_sign_mtd_algo(sign_ctx, env, OXS_HREF_RSA_SHA1);
        /*Set C14N method*/
        oxs_sign_ctx_set_c14n_mtd(sign_ctx, env, OXS_HREF_XML_EXC_C14N);
        /*Set sig parts*/
        oxs_sign_ctx_set_sign_parts(sign_ctx, env, sign_parts);
        /*Set the operation*/
        oxs_sign_ctx_set_operation(sign_ctx, env, OXS_SIGN_OPERATION_SIGN);
        /*Sign*/
        oxs_xml_sig_sign(env, sign_ctx, tmpl, &sig_node);
        /*Finally build KeyInfo*/
        oxs_xml_key_info_build(env, sig_node, cert, OXS_KIBP_X509DATA_X509CERTIFICATE);
    }else{
        printf("Sign ctx creation failed");
    }
    signed_result = axiom_node_to_string(tmpl, env) ;

    outf = fopen(signed_filename, "wb");
    fwrite(signed_result, 1, axutil_strlen(signed_result), outf);

    return AXIS2_SUCCESS;

}