AXIS2_EXTERN int AXIS2_CALL
rampart_saml_token_free(rampart_saml_token_t *tok, const axutil_env_t *env)
{	
    if (tok->key)
    {
        oxs_key_free(tok->key, env);
    }
	AXIS2_FREE(env->allocator, tok);
	return AXIS2_SUCCESS;
}
AXIS2_EXTERN int AXIS2_CALL
rampart_saml_token_set_key_value(rampart_saml_token_t *tok, 
                                 const axutil_env_t *env, 
                                 oxs_key_t *key)
{
	if (tok->key)
	{
		oxs_key_free(tok->key, env);
	}
	tok->key = key;
    return AXIS2_SUCCESS;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_saml_token_set_session_key(rampart_saml_token_t *tok, 
								   const axutil_env_t *env,
								   oxs_key_t *key)
{
	if (tok->key)
	{
		oxs_key_free(tok->key, env);
	}
	tok->key = key;
	return AXIS2_SUCCESS;
}
示例#4
0
AXIS2_EXTERN oxs_key_t * AXIS2_CALL
saml_assertion_get_session_key(const axutil_env_t *env, axiom_node_t *assertion, 
                               openssl_pkey_t *pvt_key)
{
    axiom_node_t *encrypted_key_node = NULL;
    axiom_node_t *enc_mtd_node = NULL;
    axis2_char_t *enc_asym_algo = NULL;
    oxs_asym_ctx_t *asym_ctx = NULL;
    oxs_key_t *decrypted_sym_key = NULL;
    axis2_status_t status = AXIS2_FAILURE;    

	if (!pvt_key)
	{
		AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
                            "[oxs][saml] Private key not specified");
		return NULL;
	}

    encrypted_key_node = oxs_axiom_get_node_by_local_name(env, assertion, OXS_NODE_ENCRYPTED_KEY);
	if (!encrypted_key_node)
	{
		AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
                            "[oxs][saml] Encrypted key cannot be found");
		return NULL;
	}

    enc_mtd_node = oxs_axiom_get_first_child_node_by_name(
                       env, encrypted_key_node, OXS_NODE_ENCRYPTION_METHOD, OXS_ENC_NS, NULL);

	if (!enc_mtd_node)
	{
		AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
                            "[oxs][saml] EncryptedKey node cannot be found");
		return NULL;
	}
    enc_asym_algo = oxs_token_get_encryption_method(env, enc_mtd_node); 
	if (!enc_asym_algo)
	{
		AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
                            "[oxs][saml] Encryption Algorithm cannot be found");
		return NULL;
	}
    asym_ctx = oxs_asym_ctx_create(env);
    oxs_asym_ctx_set_algorithm(asym_ctx, env, enc_asym_algo);
		    	
	oxs_asym_ctx_set_private_key(asym_ctx, env, pvt_key);
    oxs_asym_ctx_set_operation(asym_ctx, env, OXS_ASYM_CTX_OPERATION_PRV_DECRYPT);

    decrypted_sym_key = oxs_key_create(env);

    /*Call decrypt for the EncryptedKey*/
    status = oxs_xml_enc_decrypt_key(env, asym_ctx,
                                     NULL, encrypted_key_node,  decrypted_sym_key);
    if (status == AXIS2_FAILURE)
    {
		oxs_key_free(decrypted_sym_key, env);
        AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
                            "[oxs][saml] Decryption failed in SAML encrypted key");
		return NULL;
    }
    return decrypted_sym_key;
}