XMLCanonicalizer 0.1 → 1.0.1

data/README

@@ -1,61 +1,304 @@
-== C14N-r
+== WSS4R
 
-Project home: www.rubyforge.org/projects/c14n-r
+Project home: www.rubyforge.org/projects/wss4r
 Author      : Roland Schmitt, roland.schmitt@web.de
-Date        : 12.05.2007
+Date        : 01.02.2006
 
-Version     : 0.1
+Version     : 0.3
 
 = Contents
   1. What is it (and what is it not)
   2. Requirements
   3. Installation
   4. Usage
+    4.1. Resolver
+	 4.2. UsernameToken	 
+	 4.3. Encryption
+	 4.4. Signature
+	 4.5. Signature/Encryption
+    4.6. Interoperability with WSE 2.0
+	 4.7. Interoperability with JWSDP 2.0
+	 4.8. Integration into rails
   5. Samples
+    5.1. A simple example
+	 5.2. Rails example
   6. License
   7. Support
   8. URLs
   
+  
+  
 = 1. What is it (and what is it not)
-   C14N-r stands for "xml canonicalizer for ruby". It implements the "Canonical XML
-   Version 1.0" recommendation from the w3c [1]. 
-   c14n-r is a sub-project from wss4r [2], an implementation of some web service security standards.
+  WSS4R (Web Service Security For Ruby) is a library that implements some of the 
+  standards for web service security defined by the oasis open consortium [1].
+  It is a proof of concept (or "Can i do it with ruby?") and not an fully featured
+  implementation, so it's focussed on the encryption and signature aspects of 
+  web services. WSS4R sits on top of the famous soap4r library of NAKAMURA Hiroshi [2],
+  so implementing servers or clients that uses data encryption or signatures is easy
+  when you know how to use soap4r. 
+  Besides that there is a integration into the rails [3] application server, so you
+  can use the features of WSS4R in rails driven web services.
   
-   If you like it or hate it or want more features, drop me an email at Roland.Schmitt@web.de.
+  I've tested WSS4R with the following counterparts:
+     - Web Service Enhancements 2.0 [8]
+	  - Java Web Service Development Pack 2.0 [9]
+
 	  
+  WSS4R is my first ruby project, so it is not very ruby like in most places nor is it
+  a example of good ruby programming in general. It was started mostly to learn ruby, 
+  not to implement an full featured WS-Security conform library.
+  
+  If you like it or hate it or want more features, drop me an email at Roland.Schmitt@web.de.
+	  
+  
 = 2. Requirements
-   log4r >= 1.0.4
+	- Ruby [4] with compiled bindings to openssl [6]  
+	     (tested only with Ruby 1.8.4)
+	- soap4r [2]
+	     (tested with soap4r version from 04. Dez. 2005), 
+	- Log4r [5]
+	     (tested with version 1.0.5)
+	
+	Optional (for the examples):
+	- Rails [3]
+	     (tested with version 1.0.0)
+	- Sqlite3-Ruby [7]
+        (tested with version 1.1.0)
+		  
+		
 		  
 = 3. Installation
-	Simly do:
-	gem install --local XMLCanonicalizer-0.1.gem
+	Simly do 
 	   
+	    ruby setup.rb
+		 
+		 
 = 4. Usage
-	require "xmlcanonicalizer"
-	c = Xml::Util::XmlCanonicalizer.new(true,true) #XmlCanonicalizer.new(WITH_COMMENTS, EXCLUSIVE_MODE)
-	c.canonicalize_element(element, false) #XmlCanonicalizer::canonicalize_element(element, LOGGING)
+	To use WSS4R, one have to require the new driver class
+   
+	   require "wss4r/rpc/driver"
+		
+	instead of 
+		require "soap/rpc/driver"
+	
+		
+= 4.1. Resolver
+	Resolver objects are used to find certificates, keys and to authenticate users. 
+	Resolver objects know how to get the corresponding private key for a certificate or how to load
+	a certificate identified by a name.
+	For example, when a client sends a encrypted request to the server, there is only the certificate 
+	embedded in the message. A resolver object is responsible for loading the private key of the 
+	certificate.
+	
+	There two implementations of resolvers:
+	   - CertificateDirectoryResolver
+		  Loads keys/certificates from files in a specified directory in the file system. 
+		  
+	   - DatabaseResolver
+		  Loads keys/certificates from sqlite3 databases.
+		  
+	
+= 4.2. UsernameToken		
+	   Example: 
+		
+		...
+		driver = Driver.new('http://localhost:8070/','urn:multiply')
+		driver.add_method('multiply','a','b')
+      ...
+		usernametoken = UsernameToken.new("username", "password")
+		driver.security().add_security_token(usernametoken)		
+		...
+		
+	The client is authenticated with his username and password. The password is not sended as clear
+	text, instead a hash function is used.
+	
+	
+= 4.3. Encryption
+	    Example:
+		 
+		 ...
+		 resolver = CertificateDirectoryResolver.new("../certs/ca")
+		 certificate = resolver.certificate_by_subject("/C=DE/ST=Rheinland-Pfalz/L=Trier/O=FF/OU=Development/CN=Server/emailAddress=server@web.de")
+		 x509 = X509SecurityToken.new(certificate)
+		 enc_data = EncryptedData.new(x509)
+		 driver.security().add_security_token(enc_data)
+		 ...
+		 
+	The soap body is encrypted with the TripleDES algorithm.  The used encryption key is then 
+	encrypted with the certificates public key and placed in the soap header.
+	
+	Actually only TripleDES and AES are supported by WSS4R as encryption algorithms. To use AES instead of the default
+	TripleDES, set:
+	    enc_data.sessionkey_algorithm=(Types::ALGORITHM_AES_CBC)
+		 
+		 
+= 4.4. Signature
+       Example:
+		 
+		 ...
+		 sign_cert = OpenSSL::X509::Certificate.new(File.read("../certs/wse/wse-client.cer"))
+		 pkey = OpenSSL::PKey::RSA.new(File.read("../certs/wse/wse-client.key"))
+		 x509 = X509SecurityToken.new(sign_cert, pkey)
+		 signature = Signature.new(x509)
+		 driver.security().add_security_token(signature)
+	    ...
+	
+	The soap body and the soap header timestamp elements are signed with the supplied certificate. The signature
+	is embedded in the soap header.
+
+	
+= 4.5. Signature/Encryption
+       Example:
+		 
+		 ...
+ 		 resolver = CertificateDirectoryResolver.new("../certs/wse")
+		 driver.security().add_security_resolver(resolver)
+		 sign_cert = OpenSSL::X509::Certificate.new(File.read("../certs/wse/wse-client.cer"))
+		 pkey = OpenSSL::PKey::RSA.new(File.read("../certs/wse/wse-client.key"))
+		 x509 = X509SecurityToken.new(sign_cert, pkey)
+		 signature = Signature.new(x509)
+		 driver.security().add_security_token(signature)
+       encrypt_cert = OpenSSL::X509::Certificate.new(File.read("../certs/wse/wse-server.cer"))
+		 x509 = X509SecurityToken.new(encrypt_cert)
+		 enc_data = EncryptedData.new(x509)
+		 enc_data.sessionkey_algorithm=(Types::ALGORITHM_AES_CBC)
+		 driver.security().add_security_token(enc_data)
+		 ...
+		
+   You can combine signature and encryption. In most cases, for encryption the clients certificate is used and
+	for signature the certificate of the server.
+	If you first apply the encryption, the signature is generated over the encrypted data. When signing is the first step, the
+	the signature is generated from the plain content. So it is important to know which token is first added to the driver object.
+
+
+= 4.6. Interoperability with WSE 2.0
+   Should work with usernames, encryption and signatures.
+	Sample Visual Studio projects are provided in examples/WebServiceTest (client) and examples/WebService (server).
+	
+	
+= 4.7. Interoperability with JWSDP 2.0
+	Should work with usernames, encryption and signatures.
+	Per default the examples the JWSDP works with keyIdendifiers for finding certificates and keys. 
+	WSS4R does not support the keyIdentifier mechanism to identify certificates, because it is not a standard.
+	
+	
+= 4.8. Integration into rails	
+   To use WSS4R in rails one have to modify the controller that implements the web service:
+	
+	require "wss4r/aws/utils"
+	require "activerecordresolver"
+
+	class SimpleServiceController < ApplicationController
+	   wsdl_service_name 'SimpleService'
+      web_service_scaffold :invoke
+      web_service_api SimpleServiceApi
+  
+      wss_add_resolvers([ActiveRecordResolver.new()])
+		
+		
+	I've only tested the direct dispatching mode of action web service with WSS4R.
+	
 	
 = 5. Examples	
-   require "xmlcanonicalizer"
-   require "rexml/document"
-   include REXML  
-   string = <<EOF
-      <mydoc>
-          <someelement attribute="nanoo">Text, text, text</someelement><anotherelement/>
-     </mydoc>
-   EOF
-   doc = Document.new(string)
-   c = XML::Util::XmlCanonicalizer.new(true,true)
-   doc = c.canonicalize(doc)
-   puts(doc.to_s())
+   All examples are placed in the examples subfolder.
+	
+	certs               Folder with various certificates and keys for the different examples
+	  |-- ca            Generated certificates and keys for the WSS4R examples
+	  |-- jwsdp_15      Certificates and keys for to use with the JWSDP 1.5
+     |-- jwsdp_16      Certificates and keys for to use with the JWSDP 1.6/2.0
+     |-- wse           Certificates and keys for to use with the WSE 2.0
+	  
+	clients
+	  PlainNET.rb       Example for using a .NET web service without web service security features.
+	  PlainXWS.rb       Example for using a JWSDP web service without web service security features. 
+	  TestNET.rb        Example for using a WSE 2.0 web service. Shows usenametoken, encryption and signature.
+	                    Client for the project in the WebService folder.
+	  TestXWS.rb        Example for using a JWSDP 2.0 web service. Shows usenametoken, encryption and signature.
+	                    Client for the examples bundled with the JWSDP 2.0 package. The service is found in 
+							  %JWSDP_HOME%/xws-security/samples/simple. To work, set the the keyReferenceType in the 
+							  JWSDP xml config files under config/ to "Direct".
+	  TestWSS4R.rb      Example for using a WSS4R/soap4r web service. Shows usenametoken, encryption and signature.
+	                    Used with the server in the server folder.
+							  
+	rails
+	  |-- simple               Example for rails integration. Requires sqlite3-ruby.
+	        |-- client         Test client for the rails web service.
+			  |-- app            Files for the web service
+			     |-- controllers Implementration of the web service and setup for the resolver, encryption and signing.
+			     |-- helpers     Resolver implementation that uses ActiveRecord to load certificates and keys.
+			  |-- databases      Sqlite3 database with certificates and keys.
+			  
+	server
+	  |-- TestServer.rb WebRick server using soap4r and WSS4R.
+	  
+	WebService          Visual Studio project for a WSE 2.0 enabled web service. Created with Visual Studio 2003 and
+	                    C#.
+	
+	WebServiceTest      Visual Studio project with clients for the WebService project and for the rails example. Created with 
+	                    Visual Studio 2003 and C#.
+							  
+							  
+= 5.1. A simple example
+	At the command line, go to examples/server and type:
+	
+	   ruby TestServer.rb user
+		
+	A WebRick server starts that requires a username/password from the client, where the password is the username reversed.
+	In another shell, change the working dir to examples/clients and type:
+	
+	  ruby TestWSS4R.rb user
+	  
+	It show the result of the multiplication of the 2 arguments. The client uses "Ron" as username and "noR" as password. Setting
+	the password to other values than "noR" in the TestWSS4R.rb file results in a "User not authenticatd!" message.
+	
+	Stop the TestServer with CTRL-Z (or CTRL-C). Restart it with
+	
+	  ruby TestServer.rb enc sign
+	  
+	The server now will first encrypt any request, then signing it.
 	
+	Start the client by typing:
+	
+	  ruby TestClient.rb sign enc
+	  
+	The client first signs the request, then encrypts it and shows the response. 
+	
+	You can use various monitoring tools like the tcpmon utility from the axis project [10] to view the 
+	resulting request/response messages.
+	
+= 5.2. Rails example
+  Go to examples/rails/simple and type
+  
+    ruby script/server
+	 
+  To start the client, open a new shell and go to examples/rails/simple/client.
+  
+    ruby client.rb
+	 
+  The output shows the reversed string that the client sents to the server. The client signs his request and the server encrypts
+  and signs the response.
+		 
+  
 = 6. License
-   C14N-r is licensed under GPL and Ruby's custom license. See GPL and RUBYS.
+
+WSS4R is licensed under GPL and Ruby's custom license. See GPL and RUBYS.
+
 
 = 7. Support
-   The RubyForge mailing list is at www.rubyforge.org/projects/c14n-r.
-   Or, to contact the author, send mail to Roland.Schmitt@web.de  
+
+The RubyForge mailing list is at www.rubyforge.org/projects/wss4r.
+
+Or, to contact the author, send mail to Roland.Schmitt@web.de  
+
 
 = 8. URLs
-   [1] - http://www.w3.org/TR/xml-c14n  
-   [2] - http://www.rubyforge.org/projects/wss4r
+   [1] - http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss  
+   [2] - http://dev.ctor.org/soap4r/
+   [3] - http://www.rubyonrails.org
+   [4] - http://www.ruby-lang.org
+   [5] - http://log4r.sourceforge.net/
+   [6] - http://www.openssl.org
+   [7] - http://rubyforge.org/projects/sqlite-ruby/
+   [8] - http://msdn.microsoft.com/webservices/webservices/building/wse/default.aspx
+   [9] - https://jwsdp.dev.java.net/
+  [10] - http://ws.apache.org/axis/

data/lib/xml/util/xmlcanonicalizer.rb

@@ -256,7 +256,11 @@ module XML
         
         def write_attribute_axis(node)
           list = Array.new()
-          node.attributes().each_attribute{|attr|
+					#Sorting-Bug
+          #node.attributes().each_attribute{|attr|
+          #  list.push(attr) if (!is_namespace_node(attr.value()) && !is_namespace_decl(attr)) # && is_node_visible(
+          #}
+					node.attributes().sort().each{|key,attr|
             list.push(attr) if (!is_namespace_node(attr.value()) && !is_namespace_decl(attr)) # && is_node_visible(
           }
           if (!@exclusive && node.parent() != nil && node.parent().parent() != nil)

data/lib/xml/util/xmlcanonicalizer.rb~

@@ -0,0 +1,438 @@
+#require "rexml/document"
+#require "base64"
+#require "log4r"
+
+#include REXML
+#include Log4r
+
+module XML
+  module Util
+      
+      class REXML::Instruction
+        def write(writer, indent=-1, transitive=false, ie_hack=false)
+          indent(writer, indent)
+          writer << START.sub(/\\/u, '')
+          writer << @target
+          writer << ' '
+          writer << @content if @content != nil
+          writer << STOP.sub(/\\/u, '')
+        end
+      end
+      
+      class REXML::Attribute
+        def <=>(a2)
+          if (self === a2)
+            return 0
+          elsif (self == nil)
+            return -1
+          elsif (a2 == nil)
+            return 1
+          elsif (self.prefix() == a2.prefix())
+            return self.name()<=>a2.name()
+          end
+          if (self.prefix() == nil)
+            return -1
+          elsif (a2.prefix() == nil)
+            return 1
+          end
+          ret = self.namespace()<=>a2.namespace()
+          if (ret == 0)
+            ret = self.prefix()<=>a2.prefix()
+          end
+          return ret
+        end
+      end
+      
+      class REXML::Element
+        def search_namespace(prefix)
+          if (self.namespace(prefix) == nil)
+            return (self.parent().search_namespace(prefix)) if (self.parent() != nil)
+          else
+            return self.namespace(prefix)
+          end
+        end
+      def rendered=(rendered)
+			@rendered = rendered
+		end
+		def rendered?()
+			return @rendered
+		end
+        def node_namespaces()
+          ns = Array.new()
+          ns.push(self.prefix())
+          self.attributes().each_attribute{|a|
+            if (a.prefix() != nil)
+              ns.push(a.prefix())
+            end
+            if (a.prefix() == "" && a.local_name() == "xmlns")
+              ns.push("xmlns")
+            end
+          }
+          ns
+        end
+      end
+      
+      class NamespaceNode
+        attr_reader :prefix, :uri	
+        def initialize(prefix, uri)
+          @prefix = prefix
+          @uri = uri
+        end
+      end
+      
+      class XmlCanonicalizer
+        attr_accessor :prefix_list, :logger
+        
+        BEFORE_DOC_ELEMENT = 0
+        INSIDE_DOC_ELEMENT = 1
+        AFTER_DOC_ELEMENT  = 2
+        
+        NODE_TYPE_ATTRIBUTE  = 3
+        NODE_TYPE_WHITESPACE = 4
+        NODE_TYPE_COMMENT    = 5
+        NODE_TYPE_PI         = 6
+        NODE_TYPE_TEXT       = 7
+        
+        
+        def initialize(with_comments, excl_c14n)
+          @with_comments = with_comments
+          @exclusive = excl_c14n
+          @res = ""
+          @state = BEFORE_DOC_ELEMENT
+          @xnl = Array.new()
+          @prevVisibleNamespacesStart = 0
+          @prevVisibleNamespacesEnd = 0
+          @visibleNamespaces = Array.new()
+			 @inclusive_namespaces = Array.new()
+          @prefix_list = nil
+			 @rendered_prefixes = Array.new()
+        end
+        
+        def add_inclusive_namespaces(prefix_list, element, visible_namespaces)
+          namespaces = element.attributes()
+          namespaces.each_attribute{|ns|
+            if (ns.prefix=="xmlns")
+              if (prefix_list.include?(ns.local_name()))
+                visible_namespaces.push(NamespaceNode.new("xmlns:"+ns.local_name(), ns.value()))
+              end
+            end
+          }
+          parent = element.parent()
+          add_inclusive_namespaces(prefix_list, parent, visible_namespaces) if (parent)
+          visible_namespaces
+        end
+        
+        def canonicalize(document)
+          write_document_node(document)
+          @res
+        end
+        
+        def canonicalize_element(element, logging = true)
+			  logging=(true) if logging
+			  @logger.debug("Canonicalize element:\n " + element.to_s()) if @logger
+          @inclusive_namespaces = add_inclusive_namespaces(@prefix_list, element, @inclusive_namespaces) if (@prefix_list)
+          @preserve_document = element.document()
+          tmp_parent = element.parent()
+          body_string = remove_whitespace(element.to_s().gsub("\n","").gsub("\t","").gsub("\r",""))
+          document = Document.new(body_string)
+          tmp_parent.delete_element(element)
+          element = tmp_parent.add_element(document.root())
+          @preserve_element = element
+          document = Document.new(element.to_s())
+          ns = element.namespace(element.prefix())
+          document.root().add_namespace(element.prefix(), ns)
+          write_document_node(document)
+			 @logger.debug("Canonicalized result:\n " + @res.to_s()) if @logger
+          @res
+        end
+        
+        def write_document_node(document)
+          @state = BEFORE_DOC_ELEMENT
+          if (document.class().to_s() == "REXML::Element")
+            write_node(document)
+          else
+            document.each_child{|child|
+              write_node(child)
+            }
+          end
+          @res
+        end
+        
+        def write_node(node)
+          visible = is_node_visible(node)
+          if ((node.node_type() == :text) && white_text?(node.value()))
+            res = node.value()
+            res.gsub("\r\n","\n")
+            #res = res.delete(" ").delete("\t")
+            res.delete("\r")
+            @res = @res + res
+            #write_text_node(node,visible) if (@state == INSIDE_DOC_ELEMENT)
+            return
+          end
+          if (node.node_type() == :text)
+            write_text_node(node, visible)
+            return
+          end		
+          if (node.node_type() == :element)
+            write_element_node(node, visible) if (!node.rendered?())
+				node.rendered=(true)
+          end
+          if (node.node_type() == :processing_instruction)
+          end
+          if (node.node_type() == :comment)
+          end
+        end
+        
+        def write_element_node(node, visible)
+          savedPrevVisibleNamespacesStart = @prevVisibleNamespacesStart
+          savedPrevVisibleNamespacesEnd = @prevVisibleNamespacesEnd
+          savedVisibleNamespacesSize = @visibleNamespaces.size()
+          state = @state
+          state = INSIDE_DOC_ELEMENT if (visible && state == BEFORE_DOC_ELEMENT)
+          @res = @res + "<" + node.expanded_name() if (visible)
+          write_namespace_axis(node, visible)
+          write_attribute_axis(node)
+          @res = @res + ">" if (visible)
+          node.each_child{|child|
+			 	write_node(child)
+			 }
+          @res = @res + "</" +node.expanded_name() + ">" if (visible)
+          @state = AFTER_DOC_ELEMENT if (visible && state == BEFORE_DOC_ELEMENT)
+          @prevVisibleNamespacesStart = savedPrevVisibleNamespacesStart
+          @prevVisibleNamespacesEnd = savedPrevVisibleNamespacesEnd
+          @visibleNamespaces.slice!(savedVisibleNamespacesSize, @visibleNamespaces.size() - savedVisibleNamespacesSize) 		if (@visibleNamespaces.size() > savedVisibleNamespacesSize)
+        end
+        
+        def write_namespace_axis(node, visible)
+          doc = node.document()
+          has_empty_namespace = false
+          list = Array.new()
+          cur = node
+          #while ((cur != nil) && (cur != doc) && (cur.node_type() != :document)) 
+          namespaces = cur.node_namespaces()
+          namespaces.each{|prefix|
+            next if ((prefix == "xmlns") && (node.namespace(prefix) == "")) 
+            namespace = cur.namespace(prefix)
+            next if (is_namespace_node(namespace))
+            next if (node.namespace(prefix) != cur.namespace(prefix))
+            next if (prefix == "xml" && namespace == "http://www.w3.org/XML/1998/namespace")
+            next if (!is_node_visible(cur))
+            rendered = is_namespace_rendered(prefix, namespace)
+            @visibleNamespaces.push(NamespaceNode.new("xmlns:"+prefix,namespace)) if (visible)
+            if ((!rendered) && !list.include?(prefix))
+              list.push(prefix)
+            end
+            has_empty_namespace = true if (prefix == nil)
+          }
+          if (visible && !has_empty_namespace && !is_namespace_rendered(nil, nil)) 
+            @res = @res + ' xmlns=""'
+          end
+          #TODO: ns of inclusive_list
+#=begin
+          if ((@prefix_list) && (node.to_s() == node.parent().to_s()))
+            #list.push(node.prefix())
+            @inclusive_namespaces.each{|ns|
+              prefix = ns.prefix().split(":")[1]
+              list.push(prefix) if (!list.include?(prefix) && (!node.attributes.prefixes.include?(prefix))) 
+            }
+				@prefix_list = nil
+          end
+#=end
+          list.sort!()
+          list.each{|prefix|
+            next if (prefix == "")
+				next if (@rendered_prefixes.include?(prefix))
+				@rendered_prefixes.push(prefix)
+            ns = node.namespace(prefix)
+            ns = @preserve_element.namespace(prefix) if (ns == nil)
+            @res = @res + normalize_string(" " + prefix + '="' + ns + '"', NODE_TYPE_TEXT) if (prefix == "xmlns")
+            @res = @res + normalize_string(" xmlns:" + prefix + '="' + ns + '"', NODE_TYPE_TEXT) if (prefix != nil && prefix != "xmlns")
+          }
+          if (visible)
+            @prevVisibleNamespacesStart = @prevVisibleNamespacesEnd
+            @prevVisibleNamespacesEnd = @visibleNamespaces.size()	
+          end
+        end
+        
+        def write_attribute_axis(node)
+          list = Array.new()
+          node.attributes().each_attribute{|attr|
+            list.push(attr) if (!is_namespace_node(attr.value()) && !is_namespace_decl(attr)) # && is_node_visible(
+          }
+          if (!@exclusive && node.parent() != nil && node.parent().parent() != nil)
+            cur = node.parent()
+            while (cur != nil)
+              #next if (cur.attributes() == nil)
+              cur.each_attribute{|attribute|
+                next if (attribute.prefix() != "xml")
+                next if (attribute.prefix().index("xmlns") == 0)
+                next if (node.namespace(attribute.prefix()) == attribute.value())
+                found = true
+                list.each{|n|
+                  if (n.prefix() == "xml" && n.value() == attritbute.value())
+                    found = true
+                    break
+                  end
+                }
+                next if (found)
+                list.push(attribute)
+              }
+            end
+          end
+          list.each{|attribute|
+            if (attribute != nil)
+              if (attribute.name() != "xmlns")
+                @res = @res + " " + normalize_string(attribute.to_string(), NODE_TYPE_ATTRIBUTE).gsub("'",'"')
+              end
+              #	else
+              #	@res = @res + " " + normalize_string(attribute.name()+'="'+attribute.to_s()+'"', NODE_TYPE_ATTRIBUTE).gsub("'",'"')
+              #end
+            end
+          }
+        end
+        
+        def is_namespace_node(namespace_uri)
+          return (namespace_uri == "http://www.w3.org/2000/xmlns/")
+        end
+        
+        def is_namespace_rendered(prefix, uri)
+          is_empty_ns = prefix == nil && uri == nil
+          if (is_empty_ns)
+            start = 0
+          else
+            start = @prevVisibleNamespacesStart
+          end
+          @visibleNamespaces.each{|ns|
+            if (ns.prefix() == "xmlns:"+prefix.to_s() && ns.uri() == uri)
+              return true
+            end
+          }
+          return is_empty_ns
+          #(@visibleNamespaces.size()-1).downto(start) {|i|
+          #   ns = @visibleNamespaces[i]
+          #	return true if (ns.prefix() == "xmlns:"+prefix.to_s() && ns.uri() == uri)
+          #	#p = ns.prefix() if (ns.prefix().index("xmlns") == 0) 
+          #	#return ns.uri() == uri if (p == prefix) 
+          #}
+          #return is_empty_ns
+        end
+        
+        def is_node_visible(node)
+          return true if (@xnl.size() == 0)
+          @xnl.each{|element|
+            return true if (element == node)
+          }
+          return false
+        end
+        
+        def normalize_string(input, type)
+          sb = ""
+          return input
+        end
+        #input.each_byte{|b|
+        #	if (b ==60 && (type == NODE_TYPE_ATTRIBUTE || is_text_node(type)))
+        #		sb = sb + "&lt;"
+        #	elsif (b == 62 && is_text_node(type))
+        #		sb = sb + "&gt;"
+        #	elsif (b == 38 && (is_text_node(type) || is_text_node(type))) #Ampersand
+        #		sb = sb + "&amp;"
+        #	elsif (b == 34 && is_text_node(type)) #Quote
+        #		sb = sb + "&quot;"
+        #	elsif (b == 9 && is_text_node(type)) #Tabulator
+        #		sb = sb + "&#x9;"
+        #	elsif (b == 11 && is_text_node(type)) #CR
+        #		sb = sb + "&#xA;"
+        #	elsif (b == 13 && (type == NODE_TYPE_ATTRIBUTE || (is_text_node(type) && type != NODE_TYPE_WHITESPACE) || type == NODE_TYPE_COMMENT || type == NODE_TYPE_PI))
+        #		sb = sb + "&#xD;"
+        #	elsif (b == 13)
+        #		next
+        #	else
+        #		sb = sb.concat(b)
+        #	end
+        #}
+        #sb
+        #end
+        
+        def write_text_node(node, visible)
+          if (visible)
+            @res = @res + normalize_string(node.value(), node.node_type())
+          end
+        end
+        
+        def white_text?(text)
+          return true if ((text.strip() == "") || (text.strip() == nil))
+          return false
+        end
+        
+        def is_namespace_decl(attribute)
+          #return true if (attribute.name() == "xmlns")
+          return true if (attribute.prefix().index("xmlns") == 0)
+          return false
+        end
+        
+        def is_text_node(type)
+          return true if (type == NODE_TYPE_TEXT || type == NODE_TYPE_CDATA || type == NODE_TYPE_WHITESPACE)
+          return false
+        end
+        
+        def remove_whitespace(string)
+          new_string = ""
+          in_white = false
+          string.each_byte{|b|
+            #if (in_white && b == 32)
+            #else
+            if !(in_white && b == 32)
+              new_string = new_string + b.chr()
+            end
+            if (b == 62) #>
+              in_white = true
+            end
+            if (b == 60) #<
+              in_white = false
+            end
+          }
+          new_string
+        end
+      end
+		
+      def logging=(state)
+			if (state)
+			 @logger = Logger.new("xmlcanonicalizer")
+			 @logger.level = DEBUG
+			 @logger.trace = false
+			 p = PatternFormatter.new(:pattern => "[%l] %d :: %.100m %15t")
+			 @logger.add(FileOutputter.new("wss4r", {:filename => "xmlcanonicalizer.log", :formatter => BasicFormatter}))
+			else
+				@logger = nil
+			end
+		end
+    end #Util
+end #XML
+
+
+if __FILE__ == $0
+  document = Document.new(File.new(ARGV[0]))
+  body = nil
+  c = WSS4R::Security::Util::XmlCanonicalizer.new(false, true)
+  
+  if (ARGV.size() == 3) 
+    body = ARGV[2]
+    if (body == "true")
+      element = XPath.match(document, "/soap:Envelope/soap:Body")[0]
+      element = XPath.first(document, "/soap:Envelope/soap:Header/wsse:Security/Signature/SignedInfo")
+      result = c.canonicalize_element(element)
+      puts("-----")
+      puts(result)
+      puts("-----")
+      puts(result.size())			
+      puts("-----")
+      puts(CryptHash.new().digest_b64(result))
+    end
+  else 
+    result = c.canonicalize(document)
+  end
+  
+  file = File.new(ARGV[1], "wb")
+  file.write(result)
+  file.close()
+end

metadata

@@ -3,13 +3,13 @@ rubygems_version: 0.9.2
 specification_version: 1
 name: XMLCanonicalizer
 version: !ruby/object:Gem::Version 
-  version: "0.1"
-date: 2007-05-11 00:00:00 +02:00
+  version: 1.0.1
+date: 2007-05-29 00:00:00 +02:00
 summary: Implementation of w3c xml canonicalizer standart.
 require_paths: 
 - lib
 email: Roland.Schmitt@web.de
-homepage: http://www.rubyforge.org/projects/c14n-r
+homepage: http://www.rubyforge.org/projects/xmlcanonicalizer
 rubyforge_project: 
 description: 
 autorequire: xmlanonicalizer
@@ -33,6 +33,7 @@ files:
 - lib/xmlcanonicalizer.rb
 - lib/xml/util
 - lib/xml/util/xmlcanonicalizer.rb
+- lib/xml/util/xmlcanonicalizer.rb~
 - README
 test_files: []