📄 process_request.c
字号:
} (*ctx->set_header_fn)(NULL, cspace_strdup(CARDSPACE_HEADER_CERTIFICATE, ctx->allocator), x509_data, ctx->header_container, ctx->set_header_cb_ctx); res = SUCC;done: if (attrs_obj) xmlXPathFreeObject(attrs_obj); if (x509_obj) xmlXPathFreeObject(x509_obj); if (assertion_obj) xmlXPathFreeObject(assertion_obj); return res;}/* Add the ID for non-standard reference refer to http://ml.osdir.com/text.xml.xmlsec/2003-12/msg00019.html */static int register_id(xmlDoc *doc, xmlNode *node, const xmlChar* idName){ xmlAttr *attr; xmlAttr *tmp; xmlChar *name; /* find pointer to id attribute */ attr = xmlHasProp(node, idName); if((attr == NULL) || (attr->children == NULL)) { return FAIL; } /* get the attribute (id) value */ name = xmlNodeListGetString(doc, attr->children, 1); if(name == NULL) { return FAIL; } /* check that we don't have that id already registered */ tmp = xmlGetID(doc, name); if(tmp != NULL) { xmlFree(name); return FAIL; } /* finally register id */ xmlAddID(NULL, doc, name, attr); /* and do not forget to cleanup */ xmlFree(name); return SUCC;}static xmlSecKeysMngr *keys_mnrg_create_and_load_priv_key(process_context_t *ctx){ xmlSecKeysMngr *mngr = NULL; xmlSecKey *key = NULL; /*load pem key*/ mngr = xmlSecKeysMngrCreate(); if (!mngr) { /*log error*/ goto error_handler; } if (xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) { /*log error*/ goto error_handler; } key = xmlSecCryptoAppKeyLoad(ctx->key_file, xmlSecKeyDataFormatPem, NULL/*password*/, NULL, NULL); if (!key) { /*log error*/ goto error_handler; } if (xmlSecKeySetName(key, BAD_CAST ctx->key_file) < 0) { /*log error*/ goto error_handler; } if (xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) { /*log error*/ goto error_handler; } /*load pem key successful -- now the key is free'd by the manager*/ return mngr;error_handler: if (mngr) xmlSecKeysMngrDestroy(mngr); return NULL;}static int decrypt_token(xmlDoc *doc, process_context_t *ctx){ int res = FAIL; xmlNode *node = NULL; xmlSecEncCtx *enc_ctx = NULL; xmlSecKeysMngr *mngr = NULL; xmlSecKey *key = NULL; xmlXPathObject *xpath_obj = NULL;/* this part is moved to keys_mnrg_create_and_load_priv_key() */#if 0 /* this part is moved to */ /* load the key and create keys manager */ key = xmlSecCryptoAppKeyLoad(ctx->key_file, xmlSecKeyDataFormatPem, NULL/*password*/, NULL, NULL); if (!key) { /*log error*/ goto done; } if (xmlSecKeySetName(key, BAD_CAST ctx->key_file) < 0) { /*log error*/ goto done; }#endif mngr = keys_mnrg_create_and_load_priv_key(ctx); if (!mngr) { /*log*/ goto done; } key = NULL; /* we no longer should worry about freeing the key keys manager does it from now on */ /* done with creating keys manager loaded with the key */ /* find start node */ /*node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);*/ xpath_obj = cspace_xpath_evaluate(doc, BAD_CAST XPATH_ENC_DATA); if (!xpath_obj) { /*log error*/ goto done; } node = XPATH_OBJ_TO_NODE(xpath_obj, 0); /* create encryption context, we don't need keys manager here */ enc_ctx = xmlSecEncCtxCreate(mngr); if(!enc_ctx) { /*log*/ goto done; } /* decrypt the data */ if((xmlSecEncCtxDecrypt(enc_ctx, node) < 0) || (enc_ctx->result == NULL)) { /*log*/ goto done; } if(enc_ctx->resultReplaced == 0) { /*log -- binary data*/ goto done; }#ifdef CSPACE_DEBUG /*should log properly*/ xmlDocDump(stdout, doc);#endif res = SUCC;done: if (key) xmlSecKeyDestroy(key); if (xpath_obj) xmlXPathFreeObject(xpath_obj); if (mngr) xmlSecKeysMngrDestroy(mngr); if(enc_ctx) xmlSecEncCtxDestroy(enc_ctx); return res;}static int register_namespaces(xmlXPathContext *xpath_ctx){ if (xmlXPathRegisterNs(xpath_ctx, BAD_CAST SAML_PFX, BAD_CAST SAML_HREF)) { return FAIL; } if (xmlXPathRegisterNs(xpath_ctx, BAD_CAST DSIG_PFX, BAD_CAST DSIG_HREF)) { return FAIL; } if (xmlXPathRegisterNs(xpath_ctx, BAD_CAST ENC_PFX, BAD_CAST ENC_HREF)) { return FAIL; } return SUCC;}static void logger_def(const char *msg, pc_log_level_t level, void *cb_ctx){ printf("%s\n", msg);}static void *malloc_def(size_t size, void *cb_ctx){ return malloc(size);}static void free_def(void *ptr, void *cb_ctx){ free(ptr);}int cspace_process_context_set_key_file(process_context_t *ctx, const char* key_file){ ctx->key_file = pc_malloc(strlen(key_file) + 1, ctx); if (!ctx->key_file) return FAIL; cspace_strcpy(ctx->key_file, key_file); return SUCC;}int cspace_process_context_set_ca_file(process_context_t *ctx, const char* ca_file){ ctx->ca_file = pc_malloc(strlen(ca_file) + 1, ctx); if (!ctx->ca_file) return FAIL; cspace_strcpy(ctx->ca_file, ca_file); return SUCC;}void cspace_process_context_set_header_callback(process_context_t *ctx, set_header_cb_t set_header_fn, void *container){ ctx->header_container = container; ctx->set_header_fn = set_header_fn;}process_context_t *cspace_process_context_create_default(){ return cspace_process_context_create_with_allocator(malloc_def, NULL, free_def, NULL);}process_context_t *cspace_process_context_create_with_allocator( malloc_cb_t malloc_fn, void *mctx, free_cb_t free_fn, void *fctx){ process_context_t *ctx = NULL; ctx = (process_context_t *)malloc_fn(sizeof(process_context_t), mctx); if (!ctx) return NULL; ctx->allocator = (allocator_t *)malloc_fn(sizeof(allocator_t), mctx); if (!ctx->allocator) { free_fn(ctx, fctx); return NULL; } ctx->allocator->malloc_fn = malloc_fn; ctx->allocator->mctx = mctx; ctx->allocator->free_fn = free_fn; ctx->allocator->fctx = fctx; /* Set the default logger (stdio) * "User" can always change this afterwards */ ctx->logger_fn = logger_def; ctx->logger_cb_ctx = NULL; ctx->key_file = NULL; ctx->ca_file = NULL; /* This call needs to be moved to user * For example in module we need this before the * ctx call*/ /*if (!cspace_process_context_init()) { cspace_process_context_free(ctx); return NULL; }*/ return ctx;}void cspace_process_context_free(process_context_t *ctx){ /* we cannot free the header_container, mctx, or fctx here * it should be done by the "user" */ free_cb_t free_fn; void *fctx = NULL; if (!ctx) return; if (ctx->key_file) pc_free(ctx->key_file, ctx); fctx = ctx->allocator->fctx; free_fn = ctx->allocator->free_fn; if (ctx->allocator) pc_free(ctx->allocator, ctx); free_fn(ctx, fctx);}int cspace_process_context_init(){ xmlInitParser(); LIBXML_TEST_VERSION#if 0 /*DTDs not used*/ xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS; xmlSubstituteEntitiesDefault(1);#ifndef XMLSEC_NO_XSLT xmlIndentTreeOutput = 1; #endif /* XMLSEC_NO_XSLT */#endif /* Init xmlsec library */ if(xmlSecInit() < 0) { fprintf(stderr, "Error: xmlsec initialization failed.\n"); return FAIL; } /* Check loaded library version */ if(xmlSecCheckVersion() != 1) { fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n"); return FAIL; } /* Load default crypto engine if we are supporting dynamic * loading for xmlsec-crypto libraries. Use the crypto library * name ("openssl", "nss", etc.) to load corresponding * xmlsec-crypto library. */#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) { fprintf(stderr, "Error: unable to load default xmlsec-crypto library. " "Make sure\nthat you have it installed and check shared " "libraries path\n(LD_LIBRARY_PATH) envornment variable.\n"); return FAIL; }#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */ /* Init crypto library */ if(xmlSecCryptoAppInit(NULL) < 0) { fprintf(stderr, "Error: crypto initialization failed.\n"); return FAIL; } /* Init xmlsec-crypto library */ if(xmlSecCryptoInit() < 0) { fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n"); return FAIL; } return SUCC;}void cspace_process_context_halt(){ /* Shutdown xmlsec-crypto library */ xmlSecCryptoShutdown(); /* Shutdown crypto library */ xmlSecCryptoAppShutdown(); /* Shutdown xmlsec library */ xmlSecShutdown(); xmlCleanupParser();}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -