From 72ef19103fdf8ac5b0645e7eddc747420cc2aa8e Mon Sep 17 00:00:00 2001 From: m0gg Date: Fri, 24 Nov 2006 11:22:55 +0000 Subject: Commandline switch for xmlsec --- libcsoap/soap-xmlsec.c | 242 +++++++++++++++++++++++++++++++++++++++++++++++++ libcsoap/soap-xmlsec.h | 70 ++++++++++++++ 2 files changed, 312 insertions(+) create mode 100644 libcsoap/soap-xmlsec.c create mode 100644 libcsoap/soap-xmlsec.h (limited to 'libcsoap') diff --git a/libcsoap/soap-xmlsec.c b/libcsoap/soap-xmlsec.c new file mode 100644 index 0000000..66ec75b --- /dev/null +++ b/libcsoap/soap-xmlsec.c @@ -0,0 +1,242 @@ +/****************************************************************** +* $Id: soap-xmlsec.c,v 1.1 2006/11/24 11:22:55 m0gg Exp $ +* +* CSOAP Project: A SOAP client/server library in C +* Copyright (C) 2003 Ferhat Ayaz +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU Library General Public +* License as published by the Free Software Foundation; either +* version 2 of the License, or (at your option) any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Library General Public License for more details. +* +* You should have received a copy of the GNU Library General Public +* License along with this library; if not, write to the +* Free Software Foundation, Inc., 59 Temple Place - Suite 330, +* Boston, MA 02111-1307, USA. +* +* Email: ayaz@jprogrammer.net +******************************************************************/ +#ifdef HAVE_CONFIG_H +#include +#endif + +#ifdef HAVE_STDIO_H +#include +#endif + +#ifdef HAVE_STRING_H +#include +#endif + +#ifdef HAVE_PTHREAD_H +#include +#endif + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "soap-env.h" +#include "soap-ctx.h" +#include "soap-service.h" +#include "soap-router.h" +#include "soap-server.h" +#include "soap-addressing.h" +#include "soap-xmlsec.h" + +static pthread_mutex_t _soap_xmlsec_lock; +static xmlSecKeyPtr _soap_xmlsec_sign_key; +static int _soap_xmlsec_enabled; + +static void _soap_xmlsec_error_callback(const char *file, int line, const char *func, const char *errorObject, const char *errorSubject, int reason, const char *msg) +{ + log_error5("xmlsec error func=\"%s\" obj=\"%s\" sub=\"%s\" %s", func, errorObject, errorSubject, msg); + + return; +} + +static herror_t +_soap_xmlsec_load_key(void) +{ + char *key = "key.pem"; + char *cert = "cert.pem"; + + if ((_soap_xmlsec_sign_key = xmlSecCryptoAppKeyLoad(key, xmlSecKeyDataFormatPem, "password", NULL, NULL)) == NULL) + { + log_error2("xmlSecCryptoAppKeyLoad(\"%s\") failed", key); + return herror_new("_soap_xmlsec_load_key", 0, "xmlSecCryptoAppKeyLoad(\"%s\") failed", key); + } + + if (xmlSecCryptoAppKeyCertLoad(_soap_xmlsec_sign_key, cert, xmlSecKeyDataFormatPem) < 0) + { + log_error2("xmlSecCryptoAppKeyCertLoad(\"%s\") failed", cert); + return herror_new("_soap_xmlsec_load_key", 0, "xmlSecCryptoAppKeyCertLoad(\"%s\") failed", cert); + } + + if (xmlSecKeySetName(_soap_xmlsec_sign_key, soap_server_get_name()) < 0) + { + log_error1("xmlSecKeySetName failed"); + return herror_new("_soap_xmlsec_load_key", 0, "xmlSecKeySetName failed"); + } + + return H_OK; +} + +herror_t +soap_xmlsec_init_args(int argc, char **argv) +{ + int err, i; + herror_t status; + + _soap_xmlsec_enabled = 0; + for (i=0; iroot->doc, xmlSecTransformExclC14NId, xmlSecTransformRsaSha1Id, NULL))) + { + log_error1("xmlSecTmplSignatureCreate failed"); + return herror_new("soap_xmlsec_sign", 0, "xmlSecTmplSignatureCreate failed"); + } + + if (!(refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id, NULL, NULL, NULL))) + { + log_error1("xmlSecTmplSignatureAddReference failed"); + return herror_new("soap_xmlsec_sign", 0, "xmlSecTmplSignatureAddReference failed"); + } + + if (!(keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL))) + { + log_error1("xmlSecTmplSignatureEnsureKeyInfo failed"); + return herror_new("soap_xmlsec_sign", 0, "xmlSecTmplSignatureEnsureKeyInfo failed"); + } + + if (xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) + { + log_error1("xmlSecTmplKeyInfoAddKeyName failed"); + return herror_new("soap_xmlsec_sign", 0, "xmlSecTmplKeyInfoAddKeyName failed"); + } + + if (!(dsigCtx = xmlSecDSigCtxCreate(NULL))) + { + log_error1("xmlSecDSigCtxCreate failed"); + return herror_new("soap_xmlsec_sign", 0, "xmlSecDSigCtxCreate failed"); + } + + dsigCtx->signKey = _soap_xmlsec_sign_key; + + if (xmlSecDSigCtxSign(dsigCtx, signNode) < 0) + { + log_error1("xmlSecDSigCtxSign failed"); + return herror_new("soap_xmlsec_sign", 0, "xmlSecDSigCtxSign failed"); + } + xmlAddChild(envelope->header, signNode); + + pthread_mutex_unlock(&_soap_xmlsec_lock); + + return H_OK; +} + +herror_t soap_xmlsec_encrypt(struct SoapEnv *envelope) +{ + if (!_soap_xmlsec_enabled) + return H_OK; + + return H_OK; +} + +void soap_xmlsec_destroy(void) +{ + xmlSecCryptoShutdown(); + + xmlSecCryptoAppShutdown(); + + xmlSecShutdown(); + + return; +} diff --git a/libcsoap/soap-xmlsec.h b/libcsoap/soap-xmlsec.h new file mode 100644 index 0000000..0f9368c --- /dev/null +++ b/libcsoap/soap-xmlsec.h @@ -0,0 +1,70 @@ +/****************************************************************** + * $Id: soap-xmlsec.h,v 1.1 2006/11/24 11:22:55 m0gg Exp $ + * + * CSOAP Project: A SOAP client/server library in C + * Copyright (C) 2006 Heiko Ronsdorf + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + * + * Email: hero@persua.de + ******************************************************************/ +#ifndef __csoap_xmlsec_h +#define __csoap_xmlsec_h + +#define CSOAP_ENABLE_XMLSEC "-CSOAPxmlsec" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * + * Initializes the XML security subsystem. + * + * @param argc commandline arg count + * @param argv commandline arg vector + * + * @returns H_OK on success + * + */ +extern herror_t soap_xmlsec_init_args(int argc, char **argv); + +/** + * + * Sign a XML document contained in a SOAP Envelope + * + */ +extern herror_t soap_xmlsec_sign(struct SoapEnv *envelope); + +/** + * + * Encrypt a XML document contained in a SOAP envelope. + * + */ +extern herror_t soap_xmlsec_encrypt(struct SoapEnv *envelope); + +/** + * + * Frees the resources needed by the XML security subsystem. + * + */ +extern void soap_xmlsec_destroy(void); + +#ifdef __cplusplus +} +#endif + +#endif -- cgit v1.1-32-gdbae