nokogiri-xmlsec1 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +22 -0
- data/.rspec +2 -0
- data/.travis.yml +11 -0
- data/Gemfile +4 -0
- data/Guardfile +13 -0
- data/LICENSE.txt +22 -0
- data/README.md +133 -0
- data/Rakefile +30 -0
- data/dependencies.yml +3 -0
- data/ext/nokogiri_ext_xmlsec/extconf.rb +489 -0
- data/ext/nokogiri_ext_xmlsec/init.c +46 -0
- data/ext/nokogiri_ext_xmlsec/nokogiri_decrypt_with_key.c +124 -0
- data/ext/nokogiri_ext_xmlsec/nokogiri_encrypt_with_key.c +182 -0
- data/ext/nokogiri_ext_xmlsec/nokogiri_helpers_set_attribute_id.c +43 -0
- data/ext/nokogiri_ext_xmlsec/nokogiri_init.c +32 -0
- data/ext/nokogiri_ext_xmlsec/nokogiri_sign_certificate.c +104 -0
- data/ext/nokogiri_ext_xmlsec/nokogiri_sign_rsa.c +95 -0
- data/ext/nokogiri_ext_xmlsec/nokogiri_verify_signature_certificates.c +96 -0
- data/ext/nokogiri_ext_xmlsec/nokogiri_verify_signature_named_keys.c +106 -0
- data/ext/nokogiri_ext_xmlsec/nokogiri_verify_signature_rsa.c +56 -0
- data/ext/nokogiri_ext_xmlsec/shutdown.c +12 -0
- data/ext/nokogiri_ext_xmlsec/xmlsecrb.h +39 -0
- data/lib/nokogiri-xmlsec.rb +1 -0
- data/lib/xmlsec.rb +110 -0
- data/lib/xmlsec/version.rb +3 -0
- data/nokogiri-xmlsec1.gemspec +46 -0
- data/ports/patches/libxml2/0001-Fix-parser-local-buffers-size-problems.patch +265 -0
- data/ports/patches/libxml2/0002-Fix-entities-local-buffers-size-problems.patch +102 -0
- data/ports/patches/libxml2/0003-Fix-an-error-in-previous-commit.patch +26 -0
- data/ports/patches/libxml2/0004-Fix-potential-out-of-bound-access.patch +26 -0
- data/ports/patches/libxml2/0005-Detect-excessive-entities-expansion-upon-replacement.patch +158 -0
- data/ports/patches/libxml2/0006-Do-not-fetch-external-parsed-entities.patch +78 -0
- data/ports/patches/libxml2/0007-Enforce-XML_PARSER_EOF-state-handling-through-the-pa.patch +480 -0
- data/ports/patches/libxml2/0008-Improve-handling-of-xmlStopParser.patch +315 -0
- data/ports/patches/libxml2/0009-Fix-a-couple-of-return-without-value.patch +37 -0
- data/ports/patches/libxml2/0010-Keep-non-significant-blanks-node-in-HTML-parser.patch +2006 -0
- data/ports/patches/libxml2/0011-Do-not-fetch-external-parameter-entities.patch +39 -0
- data/ports/patches/libxslt/0001-Adding-doc-update-related-to-1.1.28.patch +222 -0
- data/ports/patches/libxslt/0002-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch +53 -0
- data/ports/patches/libxslt/0003-Initialize-pseudo-random-number-generator-with-curre.patch +60 -0
- data/ports/patches/libxslt/0004-EXSLT-function-str-replace-is-broken-as-is.patch +42 -0
- data/ports/patches/libxslt/0006-Fix-str-padding-to-work-with-UTF-8-strings.patch +164 -0
- data/ports/patches/libxslt/0007-Separate-function-for-predicate-matching-in-patterns.patch +587 -0
- data/ports/patches/libxslt/0008-Fix-direct-pattern-matching.patch +80 -0
- data/ports/patches/libxslt/0009-Fix-certain-patterns-with-predicates.patch +185 -0
- data/ports/patches/libxslt/0010-Fix-handling-of-UTF-8-strings-in-EXSLT-crypto-module.patch +126 -0
- data/ports/patches/libxslt/0013-Memory-leak-in-xsltCompileIdKeyPattern-error-path.patch +25 -0
- data/ports/patches/libxslt/0014-Fix-for-bug-436589.patch +43 -0
- data/ports/patches/libxslt/0015-Fix-mkdir-for-mingw.patch +41 -0
- data/ports/patches/xmlsec1/.keep +0 -0
- data/spec/fixtures/cert/server.crt +14 -0
- data/spec/fixtures/cert/server.csr +11 -0
- data/spec/fixtures/cert/server.key.decrypted +15 -0
- data/spec/fixtures/cert/server.key.encrypted +18 -0
- data/spec/fixtures/rsa.pem +15 -0
- data/spec/fixtures/rsa.pub +6 -0
- data/spec/fixtures/sign2-doc.xml +6 -0
- data/spec/fixtures/sign2-result.xml +24 -0
- data/spec/fixtures/sign3-result.xml +37 -0
- data/spec/lib/nokogiri/xml/document/encryption_and_decryption_spec.rb +22 -0
- data/spec/lib/nokogiri/xml/document/signing_and_verifying_spec.rb +77 -0
- data/spec/spec_helper.rb +10 -0
- metadata +251 -0
@@ -0,0 +1,41 @@
|
|
1
|
+
From a7ff3f0043f02d4ade966b6ac05b8be39166daa7 Mon Sep 17 00:00:00 2001
|
2
|
+
From: Lars Kanis <lars@greiz-reinsdorf.de>
|
3
|
+
Date: Sun, 6 Oct 2013 22:04:46 +0200
|
4
|
+
Subject: [PATCH] Use mkdir macro also in case if mingw32.
|
5
|
+
|
6
|
+
This fixes bug 676511.
|
7
|
+
---
|
8
|
+
libxslt/libxslt.h | 6 ++++++
|
9
|
+
libxslt/win32config.h | 1 -
|
10
|
+
2 files changed, 6 insertions(+), 1 deletion(-)
|
11
|
+
|
12
|
+
diff --git a/libxslt/libxslt.h b/libxslt/libxslt.h
|
13
|
+
index 2f6f20d..e6d4c83 100644
|
14
|
+
--- a/libxslt/libxslt.h
|
15
|
+
+++ b/libxslt/libxslt.h
|
16
|
+
@@ -27,4 +27,10 @@
|
17
|
+
#endif
|
18
|
+
#endif
|
19
|
+
|
20
|
+
+#if defined(_MSC_VER) || defined(__MINGW32__)
|
21
|
+
+#include <io.h>
|
22
|
+
+#include <direct.h>
|
23
|
+
+#define mkdir(p,m) _mkdir(p)
|
24
|
+
+#endif
|
25
|
+
+
|
26
|
+
#endif /* ! __XSLT_LIBXSLT_H__ */
|
27
|
+
diff --git a/libxslt/win32config.h b/libxslt/win32config.h
|
28
|
+
index 9f60e55..e1ceae1 100644
|
29
|
+
--- a/libxslt/win32config.h
|
30
|
+
+++ b/libxslt/win32config.h
|
31
|
+
@@ -78,7 +78,6 @@ static int isnan (double d) {
|
32
|
+
|
33
|
+
#include <direct.h>
|
34
|
+
#if defined(_MSC_VER) || defined(__MINGW32__)
|
35
|
+
-#define mkdir(p,m) _mkdir(p)
|
36
|
+
#define snprintf _snprintf
|
37
|
+
#if _MSC_VER < 1500
|
38
|
+
#define vsnprintf(b,c,f,a) _vsnprintf(b,c,f,a)
|
39
|
+
--
|
40
|
+
1.8.3.2
|
41
|
+
|
File without changes
|
@@ -0,0 +1,14 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIICLzCCAZgCCQCVuhhQ38rw0TANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQGEwJV
|
3
|
+
UzEQMA4GA1UECAwHR2VvcmdpYTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
|
4
|
+
dHkgTHRkMRcwFQYDVQQDDA53d3cuZ29vZ2xlLmNvbTAgFw0xMzA1MjUxODQwMDRa
|
5
|
+
GA8zMDEyMDkyNTE4NDAwNFowWzELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0dlb3Jn
|
6
|
+
aWExITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAwwO
|
7
|
+
d3d3Lmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALE4oSql
|
8
|
+
eymfHtzOeY86WyvfsjZmaz2XnIo9dzZsK71yMEKkgvXQnnYy9pK0NaYcG0B0hcii
|
9
|
+
3fqGBiHMkZY2BOGWwCC/wOmJCzLq9q6caPWUs71Zko+h59LaqV93vzDmZaXYfFoQ
|
10
|
+
gSVEWpEpCSo560x0mSuLnJYdQQzZ/L6xvxZ1AgMBAAEwDQYJKoZIhvcNAQEFBQAD
|
11
|
+
gYEATyK/RlfpohUVimgFkycTF2hyusjctseXoZDCctgg/STMsL8iA0P9YB6k91GC
|
12
|
+
kWpwevuiwarD1MfSUV6goPINFkIBvfK+5R9lpHaTqqs615z8T9R5VJgaLcFe3tWd
|
13
|
+
7oq3V2q5Nl6MrZfXj2N07qe6/9zfdauxYO26vAEKCvIkbMo=
|
14
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,11 @@
|
|
1
|
+
-----BEGIN CERTIFICATE REQUEST-----
|
2
|
+
MIIBmzCCAQQCAQAwWzELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0dlb3JnaWExITAf
|
3
|
+
BgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAwwOd3d3Lmdv
|
4
|
+
b2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALE4oSqleymfHtzO
|
5
|
+
eY86WyvfsjZmaz2XnIo9dzZsK71yMEKkgvXQnnYy9pK0NaYcG0B0hcii3fqGBiHM
|
6
|
+
kZY2BOGWwCC/wOmJCzLq9q6caPWUs71Zko+h59LaqV93vzDmZaXYfFoQgSVEWpEp
|
7
|
+
CSo560x0mSuLnJYdQQzZ/L6xvxZ1AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQB6
|
8
|
+
8K0q16EAkGoYLFHvVHxpqk+annbB8ZqpbV43T12Ngx7KiMsdTjrgho0lP/OllHcr
|
9
|
+
3vQ0yHnI1K1EeV9Q+/lXqaRl9ws3PL1QMOFm4XD1uIEPG+umRYgrjuZhFab+2Zfs
|
10
|
+
rgyILF2yRSy0oVeTBxVK5igV6qYcXFFBRIj7nnV8Jg==
|
11
|
+
-----END CERTIFICATE REQUEST-----
|
@@ -0,0 +1,15 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIICWwIBAAKBgQCxOKEqpXspnx7cznmPOlsr37I2Zms9l5yKPXc2bCu9cjBCpIL1
|
3
|
+
0J52MvaStDWmHBtAdIXIot36hgYhzJGWNgThlsAgv8DpiQsy6vaunGj1lLO9WZKP
|
4
|
+
oefS2qlfd78w5mWl2HxaEIElRFqRKQkqOetMdJkri5yWHUEM2fy+sb8WdQIDAQAB
|
5
|
+
AoGAB1d8PcMLPicsZSNcn9VgD4o93MkTakLMpmFzfdqvWTLQ0wHztvFEj0r/Mgar
|
6
|
+
Lk19x4bMQAqXPZitylqqMVndi9U8squvAvkZcgYL57MNQRgmLtjSMfk4wCY9ieDa
|
7
|
+
newt4cP7nGN/ZkU5R0lRMGExKSrMZW8HAkK4WJpbfnOpwGECQQDkoggBRH4aFlaj
|
8
|
+
Xhw+mSIxOpmzFBhXZ0z+bvoCipPKIhbnwKt0dupn0xAwatNmakBt0p46SFOgW8QQ
|
9
|
+
TV51G/bdAkEAxm8yEod77IM6bhLL+3h/nsGOGsA0xs22U6FBrz34Nvd4gwmICMcF
|
10
|
+
t4P3iHYzJfUt+Z2zv5ucX2tuD4uoWsqIeQJAercdZNDGfmoPBpC0yESZPaMebCgV
|
11
|
+
CJTBlq8qMcL/oDa75Jhdbp2FI0T+I36zCP1up4OsucuoVyHqEnX0hRcFYQJAD3Nz
|
12
|
+
E6xHAviI4S9HgNI2JbduiDi1I1G7Q7HHuox5ulX0pUdlt0E/+bUl3hNOEkOQC+Ky
|
13
|
+
r1W/jFKCJGW8ey1QCQJAYDh1BmlLswafEnkNmwydNz4gVflHJvsF8A1c2wJVytkT
|
14
|
+
3HVWvwOAfcumDNDNkSUJ+0DQs17qgOMCDwFgFzUb+Q==
|
15
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,18 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
Proc-Type: 4,ENCRYPTED
|
3
|
+
DEK-Info: DES-EDE3-CBC,6F8CC52C2E211FF4
|
4
|
+
|
5
|
+
T5g21oYrsS435g2GRNBFs+IwpKYAsF0RDt9SNuCXp6hD2MbcF3q8Su/wvj9inAZi
|
6
|
+
S7V8Qp8mmBsjo+vh0oTggVFmk7/fyTAa6ltQL+1UH7b8vecgGFKSBV8TG3+k9S4C
|
7
|
+
ZgXyR9pTgzQx+8M5LrnOnM8fpf638xouHvMo7zTFPhimehIMrMcXAyRZaRfcDhlg
|
8
|
+
YR+JRvSa0Q9vxhsC19fjfnlU7FdV8B9Ypo/+23TNmKpfU99oV6oPNoiWzkziKtvZ
|
9
|
+
mwYjrYw6r91ANFCRIux5+CjfOqVxissxzmZ5vyV89LoXjLAEDVmv2vJ+8w2b8zAN
|
10
|
+
FAXtcx74MutSQQBrG4xffwwRJwf0uPhzMohRoiholOoaMFSOFBasA+phn7hr7m9a
|
11
|
+
JWj4icCRVZlm+rztbbiapBUtm4ER1tdBGr84TgqasM5CK/qhXt9CCnUBRaimIwad
|
12
|
+
9dib2jnkzuqlyrdzLyaFU0IRSq+GQAK7sgya/V2q96lWdzejMGx/07hL6lvPY/h7
|
13
|
+
o8puMwpCK4XKYantqXL26oCxSgcrlA2nlR+SfmRKhwDwy8rPsTBm55BxwGr8Jj+9
|
14
|
+
6bY6VOR+vZkjSVDKNBOq8gUJvPksQV0CK0eSgPTli0ncCInzFPeLGISIa90rFD7I
|
15
|
+
97w/ZzTywVnTWO9DhedliwqDSOOYTdVoRfygQfpaFoa1aqR9tKWoc30kbqXvgvUR
|
16
|
+
mlDwiY1zxpKsTHKu7omf0bp5m8dlW4EarWgTsTRQ8EOHoIucgjdaSxPEDDi8WGOW
|
17
|
+
Nbqb2ZZz7wsIL71XgC13A+va1C0F709PK/Xnd5IwRf8=
|
18
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,15 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIICXgIBAAKBgQC15La+LSmHNUs/yqzSuzKdBUED1OfaOZpBp8zxAAQy7VlTrqRh
|
3
|
+
/eiJH3VSeRRZEygORvtLgi/teF2P+z/mfJ6IHIdCdkn8MF4CCCQKkjm7JKRrKfK5
|
4
|
+
fOUp1NZF22oP8x0L4j67NYCtR9F6KIkV5A6FPAZGI8nsHnyJzRwqmG2xbQIDAQAB
|
5
|
+
AoGBAJDT2UW3g/dqUc4rPExWTUiFJG0+mpVBhDd+ukmyL6W1Iojk53I2z25PJAVU
|
6
|
+
7wS1ohEsJ27J7Aty6Vx5Ozn0Q+zYVaKRSxcazNeGbwS0UaGrN0lMvWDs7RmVGCdx
|
7
|
+
bI2LUTQ88Bl94dW4QObAub+wMOL6xmVEVrJssZnm+CIqS2UBAkEA49QDNB//oHmi
|
8
|
+
iqD4SFotE8Lz80qBGHN15YIm80TKUR2k1LusZl6R5+2nYTF2vPsG+HGXPbkGhqTn
|
9
|
+
JL9GMBv7TQJBAMxinne8+bKTvOl/hhdAohFs7aHUBZhZOEuXIf1jYENASk2weYC6
|
10
|
+
95SlHvWcwPHfqVbpwt83sGL8aDm8CCPYPqECQQDEFRQQx72GC0oG0FYAR4RmbrLx
|
11
|
+
YN1NAwqkVmlZlIogWEgmQ8Q0cw5Ws+cMMrtEGTU9nN4TZGymc8TwjqNFAsA9AkEA
|
12
|
+
ol8Cp/uQn6cxIIt4Gsb1OkTAcJ0BKOxQhfT2QtiNJEBSB3BYxsVCZWvcsaGrwzw9
|
13
|
+
yteBQlZ6odkGcD+Kc/eaoQJAH+0a7jlHDu2VCHI63OiNZQJ8J9oxaPvWZyKYSaCO
|
14
|
+
iGvon/Z6KGQhXMedPDaCH7UjeMle5AVhjSrSvF6OglgZ9g==
|
15
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,6 @@
|
|
1
|
+
-----BEGIN PUBLIC KEY-----
|
2
|
+
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC15La+LSmHNUs/yqzSuzKdBUED
|
3
|
+
1OfaOZpBp8zxAAQy7VlTrqRh/eiJH3VSeRRZEygORvtLgi/teF2P+z/mfJ6IHIdC
|
4
|
+
dkn8MF4CCCQKkjm7JKRrKfK5fOUp1NZF22oP8x0L4j67NYCtR9F6KIkV5A6FPAZG
|
5
|
+
I8nsHnyJzRwqmG2xbQIDAQAB
|
6
|
+
-----END PUBLIC KEY-----
|
@@ -0,0 +1,24 @@
|
|
1
|
+
<?xml version="1.0"?>
|
2
|
+
<Envelope xmlns="urn:envelope">
|
3
|
+
<Data>
|
4
|
+
Hello, World!
|
5
|
+
</Data>
|
6
|
+
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
7
|
+
<SignedInfo>
|
8
|
+
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
9
|
+
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
10
|
+
<Reference>
|
11
|
+
<Transforms>
|
12
|
+
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
13
|
+
</Transforms>
|
14
|
+
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
15
|
+
<DigestValue>Te51eBcV78RHrLH5Dv0P24r8vW8=</DigestValue>
|
16
|
+
</Reference>
|
17
|
+
</SignedInfo>
|
18
|
+
<SignatureValue>DPwu/iB8Sx21tywM69YUztjuMbKdAsfwOniDWlabk2jmEgbtwPlKFgZ9A5wdZbFj
|
19
|
+
D+SGQrv0y0d0UV8SBV5zeAeyyX7uwpm45iEbtQjirC6oaJ5Eu9caBCRqbcxNSTdR
|
20
|
+
yKGnO1r+dK/9T/MFANce39wBaeOUzo2qJe2128iWal4=</SignatureValue>
|
21
|
+
<KeyInfo>
|
22
|
+
<KeyName>test</KeyName>
|
23
|
+
</KeyInfo>
|
24
|
+
</Signature></Envelope>
|
@@ -0,0 +1,37 @@
|
|
1
|
+
<?xml version="1.0"?>
|
2
|
+
<Envelope xmlns="urn:envelope">
|
3
|
+
<Data>
|
4
|
+
Hello, World!
|
5
|
+
</Data>
|
6
|
+
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
7
|
+
<SignedInfo>
|
8
|
+
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
9
|
+
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
10
|
+
<Reference>
|
11
|
+
<Transforms>
|
12
|
+
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
13
|
+
</Transforms>
|
14
|
+
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
15
|
+
<DigestValue>Te51eBcV78RHrLH5Dv0P24r8vW8=</DigestValue>
|
16
|
+
</Reference>
|
17
|
+
</SignedInfo>
|
18
|
+
<SignatureValue>FNY3KHaZF2vVo/WKCRftatol0c22ozKn7S6Uw+GGjfAodlZwSPU5yq6rbfEBpMIi
|
19
|
+
igz6OFpeB5fFOIJM7n428uT+tcE48AnmHvh2Dd+THs5NgGxIrogfYQGyzvX/GHox
|
20
|
+
bmLwCVE/mRMHEG3UY67WctjP5DaSk0VCANpMnBnn+g4=</SignatureValue>
|
21
|
+
<KeyInfo>
|
22
|
+
<X509Data>
|
23
|
+
<X509Certificate>MIICLzCCAZgCCQCVuhhQ38rw0TANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQGEwJV
|
24
|
+
UzEQMA4GA1UECAwHR2VvcmdpYTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
|
25
|
+
dHkgTHRkMRcwFQYDVQQDDA53d3cuZ29vZ2xlLmNvbTAgFw0xMzA1MjUxODQwMDRa
|
26
|
+
GA8zMDEyMDkyNTE4NDAwNFowWzELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0dlb3Jn
|
27
|
+
aWExITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAwwO
|
28
|
+
d3d3Lmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALE4oSql
|
29
|
+
eymfHtzOeY86WyvfsjZmaz2XnIo9dzZsK71yMEKkgvXQnnYy9pK0NaYcG0B0hcii
|
30
|
+
3fqGBiHMkZY2BOGWwCC/wOmJCzLq9q6caPWUs71Zko+h59LaqV93vzDmZaXYfFoQ
|
31
|
+
gSVEWpEpCSo560x0mSuLnJYdQQzZ/L6xvxZ1AgMBAAEwDQYJKoZIhvcNAQEFBQAD
|
32
|
+
gYEATyK/RlfpohUVimgFkycTF2hyusjctseXoZDCctgg/STMsL8iA0P9YB6k91GC
|
33
|
+
kWpwevuiwarD1MfSUV6goPINFkIBvfK+5R9lpHaTqqs615z8T9R5VJgaLcFe3tWd
|
34
|
+
7oq3V2q5Nl6MrZfXj2N07qe6/9zfdauxYO26vAEKCvIkbMo=</X509Certificate>
|
35
|
+
</X509Data>
|
36
|
+
</KeyInfo>
|
37
|
+
</Signature></Envelope>
|
@@ -0,0 +1,22 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Nokogiri::XML do
|
4
|
+
subject { Nokogiri::XML(fixture('sign2-doc.xml')) }
|
5
|
+
let!(:original) { subject.to_s }
|
6
|
+
|
7
|
+
context 'using an RSA public key' do
|
8
|
+
before { subject.encrypt! key: fixture('rsa.pub'), name: 'test' }
|
9
|
+
|
10
|
+
describe '.encrypt!' do
|
11
|
+
it { expect(subject.to_s).not_to eq(original) }
|
12
|
+
it { expect(subject.to_s).not_to match(/Hello.*World/i) }
|
13
|
+
end
|
14
|
+
|
15
|
+
describe '.decrypt!' do
|
16
|
+
before { subject.decrypt! key: fixture('rsa.pem'), name: 'test' }
|
17
|
+
it { expect(subject.to_s).to eq(fixture('sign2-doc.xml')) }
|
18
|
+
end
|
19
|
+
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
@@ -0,0 +1,77 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Nokogiri::XML do
|
4
|
+
|
5
|
+
subject { Nokogiri::XML(fixture('sign2-doc.xml')) }
|
6
|
+
|
7
|
+
context 'using an RSA key' do
|
8
|
+
|
9
|
+
describe '.sign!' do
|
10
|
+
before { subject.sign! key: fixture('rsa.pem'), name: 'test' }
|
11
|
+
it { expect(subject.to_s).to eq(fixture('sign2-result.xml')) }
|
12
|
+
end
|
13
|
+
|
14
|
+
describe '.verify_with' do
|
15
|
+
before { subject.sign! key: fixture('rsa.pem'), name: 'test' }
|
16
|
+
|
17
|
+
it 'verifies with a single public key' do
|
18
|
+
expect(subject.verify_with(key: fixture('rsa.pub'))).to eq(true)
|
19
|
+
end
|
20
|
+
|
21
|
+
it 'verifies with a set of keys' do
|
22
|
+
expect(subject.verify_with('test' => fixture('rsa.pub'))).to eq(true)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
end
|
27
|
+
|
28
|
+
context 'using an RSA key and X509 certificate' do
|
29
|
+
|
30
|
+
describe '.sign!' do
|
31
|
+
before do
|
32
|
+
subject.sign! key: fixture('cert/server.key.decrypted'),
|
33
|
+
name: 'test',
|
34
|
+
x509: fixture('cert/server.crt')
|
35
|
+
end
|
36
|
+
|
37
|
+
it { expect(subject.to_s).to eq fixture('sign3-result.xml') }
|
38
|
+
end
|
39
|
+
|
40
|
+
describe '.verify_with' do
|
41
|
+
before do
|
42
|
+
subject.sign! key: fixture('cert/server.key.decrypted'),
|
43
|
+
name: 'test',
|
44
|
+
x509: fixture('cert/server.crt')
|
45
|
+
end
|
46
|
+
|
47
|
+
context 'with an array of certificates' do
|
48
|
+
it { expect(subject.verify_with(x509: [fixture('cert/server.crt')])).to eq(true) }
|
49
|
+
it { expect(subject.verify_with(certs: [fixture('cert/server.crt')])).to eq(true) }
|
50
|
+
it { expect(subject.verify_with(certificates: [fixture('cert/server.crt')])).to eq(true) }
|
51
|
+
|
52
|
+
xit 'verifies using system certificates' do
|
53
|
+
expect { subject.verify_signature }.not_to raise_error, <<-sys_certs_error
|
54
|
+
Could not use system certificates to verify the signature.
|
55
|
+
Note that this may not be a failing spec. You should copy
|
56
|
+
or symlink the file `spec/fixtures/cert/server.crt` into
|
57
|
+
the directory shown by running `openssl version -d`. After
|
58
|
+
doing so, run `sudo c_rehash CERT_PATH`, where
|
59
|
+
CERT_PATH is the same directory you copied the certificate
|
60
|
+
into (/usr/lib/ssl/certs by default on Ubuntu). After doing
|
61
|
+
that, run this spec again and see if it passes.
|
62
|
+
sys_certs_error
|
63
|
+
expect(subject.verify_signature).to eq(true)
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
context 'with one certificate' do
|
68
|
+
it { expect(subject.verify_with(x509: fixture('cert/server.crt'))).to eq(true) }
|
69
|
+
it { expect(subject.verify_with(cert: fixture('cert/server.crt'))).to eq(true) }
|
70
|
+
it { expect(subject.verify_with(certificate: fixture('cert/server.crt'))).to eq(true) }
|
71
|
+
end
|
72
|
+
|
73
|
+
end
|
74
|
+
|
75
|
+
end
|
76
|
+
|
77
|
+
end
|
data/spec/spec_helper.rb
ADDED
metadata
ADDED
@@ -0,0 +1,251 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: nokogiri-xmlsec1
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.6
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Renan Mendes Carvalho
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-07-01 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: nokogiri
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: mini_portile
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - '='
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: 0.6.0
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - '='
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: 0.6.0
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: bundler
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '1.3'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '1.3'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: rake-compiler
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: rspec
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - "~>"
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '3.0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - "~>"
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '3.0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: guard-rspec
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
- !ruby/object:Gem::Dependency
|
112
|
+
name: guard-rake
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - ">="
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '0'
|
118
|
+
type: :development
|
119
|
+
prerelease: false
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - ">="
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: '0'
|
125
|
+
- !ruby/object:Gem::Dependency
|
126
|
+
name: wwtd
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
128
|
+
requirements:
|
129
|
+
- - ">="
|
130
|
+
- !ruby/object:Gem::Version
|
131
|
+
version: '0'
|
132
|
+
type: :development
|
133
|
+
prerelease: false
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
135
|
+
requirements:
|
136
|
+
- - ">="
|
137
|
+
- !ruby/object:Gem::Version
|
138
|
+
version: '0'
|
139
|
+
description: "This is a fork of nokogiri-xmlsec. \n This fork uses mini_portile
|
140
|
+
to improve code predictiveness and allow heroku deploys.\n This gem adds support
|
141
|
+
to Ruby for encrypting, decrypting, signing and validating\n the signatures of
|
142
|
+
XML documents, according to the [XML Encryption Syntax and\n Processing](http://www.w3.org/TR/xmlenc-core/)
|
143
|
+
standard, by wrapping around the\n [xmlsec1](http://www.aleksey.com/xmlsec) C
|
144
|
+
library and adding relevant methods\n to `Nokogiri::XML::Document`."
|
145
|
+
email:
|
146
|
+
- aitherios@gmail.com
|
147
|
+
executables: []
|
148
|
+
extensions:
|
149
|
+
- ext/nokogiri_ext_xmlsec/extconf.rb
|
150
|
+
extra_rdoc_files: []
|
151
|
+
files:
|
152
|
+
- ".gitignore"
|
153
|
+
- ".rspec"
|
154
|
+
- ".travis.yml"
|
155
|
+
- Gemfile
|
156
|
+
- Guardfile
|
157
|
+
- LICENSE.txt
|
158
|
+
- README.md
|
159
|
+
- Rakefile
|
160
|
+
- dependencies.yml
|
161
|
+
- ext/nokogiri_ext_xmlsec/extconf.rb
|
162
|
+
- ext/nokogiri_ext_xmlsec/init.c
|
163
|
+
- ext/nokogiri_ext_xmlsec/nokogiri_decrypt_with_key.c
|
164
|
+
- ext/nokogiri_ext_xmlsec/nokogiri_encrypt_with_key.c
|
165
|
+
- ext/nokogiri_ext_xmlsec/nokogiri_helpers_set_attribute_id.c
|
166
|
+
- ext/nokogiri_ext_xmlsec/nokogiri_init.c
|
167
|
+
- ext/nokogiri_ext_xmlsec/nokogiri_sign_certificate.c
|
168
|
+
- ext/nokogiri_ext_xmlsec/nokogiri_sign_rsa.c
|
169
|
+
- ext/nokogiri_ext_xmlsec/nokogiri_verify_signature_certificates.c
|
170
|
+
- ext/nokogiri_ext_xmlsec/nokogiri_verify_signature_named_keys.c
|
171
|
+
- ext/nokogiri_ext_xmlsec/nokogiri_verify_signature_rsa.c
|
172
|
+
- ext/nokogiri_ext_xmlsec/shutdown.c
|
173
|
+
- ext/nokogiri_ext_xmlsec/xmlsecrb.h
|
174
|
+
- lib/nokogiri-xmlsec.rb
|
175
|
+
- lib/xmlsec.rb
|
176
|
+
- lib/xmlsec/version.rb
|
177
|
+
- nokogiri-xmlsec1.gemspec
|
178
|
+
- ports/patches/libxml2/0001-Fix-parser-local-buffers-size-problems.patch
|
179
|
+
- ports/patches/libxml2/0002-Fix-entities-local-buffers-size-problems.patch
|
180
|
+
- ports/patches/libxml2/0003-Fix-an-error-in-previous-commit.patch
|
181
|
+
- ports/patches/libxml2/0004-Fix-potential-out-of-bound-access.patch
|
182
|
+
- ports/patches/libxml2/0005-Detect-excessive-entities-expansion-upon-replacement.patch
|
183
|
+
- ports/patches/libxml2/0006-Do-not-fetch-external-parsed-entities.patch
|
184
|
+
- ports/patches/libxml2/0007-Enforce-XML_PARSER_EOF-state-handling-through-the-pa.patch
|
185
|
+
- ports/patches/libxml2/0008-Improve-handling-of-xmlStopParser.patch
|
186
|
+
- ports/patches/libxml2/0009-Fix-a-couple-of-return-without-value.patch
|
187
|
+
- ports/patches/libxml2/0010-Keep-non-significant-blanks-node-in-HTML-parser.patch
|
188
|
+
- ports/patches/libxml2/0011-Do-not-fetch-external-parameter-entities.patch
|
189
|
+
- ports/patches/libxslt/0001-Adding-doc-update-related-to-1.1.28.patch
|
190
|
+
- ports/patches/libxslt/0002-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch
|
191
|
+
- ports/patches/libxslt/0003-Initialize-pseudo-random-number-generator-with-curre.patch
|
192
|
+
- ports/patches/libxslt/0004-EXSLT-function-str-replace-is-broken-as-is.patch
|
193
|
+
- ports/patches/libxslt/0006-Fix-str-padding-to-work-with-UTF-8-strings.patch
|
194
|
+
- ports/patches/libxslt/0007-Separate-function-for-predicate-matching-in-patterns.patch
|
195
|
+
- ports/patches/libxslt/0008-Fix-direct-pattern-matching.patch
|
196
|
+
- ports/patches/libxslt/0009-Fix-certain-patterns-with-predicates.patch
|
197
|
+
- ports/patches/libxslt/0010-Fix-handling-of-UTF-8-strings-in-EXSLT-crypto-module.patch
|
198
|
+
- ports/patches/libxslt/0013-Memory-leak-in-xsltCompileIdKeyPattern-error-path.patch
|
199
|
+
- ports/patches/libxslt/0014-Fix-for-bug-436589.patch
|
200
|
+
- ports/patches/libxslt/0015-Fix-mkdir-for-mingw.patch
|
201
|
+
- ports/patches/xmlsec1/.keep
|
202
|
+
- spec/fixtures/cert/server.crt
|
203
|
+
- spec/fixtures/cert/server.csr
|
204
|
+
- spec/fixtures/cert/server.key.decrypted
|
205
|
+
- spec/fixtures/cert/server.key.encrypted
|
206
|
+
- spec/fixtures/rsa.pem
|
207
|
+
- spec/fixtures/rsa.pub
|
208
|
+
- spec/fixtures/sign2-doc.xml
|
209
|
+
- spec/fixtures/sign2-result.xml
|
210
|
+
- spec/fixtures/sign3-result.xml
|
211
|
+
- spec/lib/nokogiri/xml/document/encryption_and_decryption_spec.rb
|
212
|
+
- spec/lib/nokogiri/xml/document/signing_and_verifying_spec.rb
|
213
|
+
- spec/spec_helper.rb
|
214
|
+
homepage: https://github.com/aitherios/nokogiri-xmlsec1
|
215
|
+
licenses:
|
216
|
+
- MIT
|
217
|
+
metadata: {}
|
218
|
+
post_install_message:
|
219
|
+
rdoc_options: []
|
220
|
+
require_paths:
|
221
|
+
- lib
|
222
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
223
|
+
requirements:
|
224
|
+
- - ">="
|
225
|
+
- !ruby/object:Gem::Version
|
226
|
+
version: 1.9.3
|
227
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
228
|
+
requirements:
|
229
|
+
- - ">="
|
230
|
+
- !ruby/object:Gem::Version
|
231
|
+
version: '0'
|
232
|
+
requirements: []
|
233
|
+
rubyforge_project:
|
234
|
+
rubygems_version: 2.2.2
|
235
|
+
signing_key:
|
236
|
+
specification_version: 4
|
237
|
+
summary: Wrapper around http://www.aleksey.com/xmlsec to support XML encryption, decryption,
|
238
|
+
signing and signature validation in Ruby
|
239
|
+
test_files:
|
240
|
+
- spec/fixtures/cert/server.crt
|
241
|
+
- spec/fixtures/cert/server.csr
|
242
|
+
- spec/fixtures/cert/server.key.decrypted
|
243
|
+
- spec/fixtures/cert/server.key.encrypted
|
244
|
+
- spec/fixtures/rsa.pem
|
245
|
+
- spec/fixtures/rsa.pub
|
246
|
+
- spec/fixtures/sign2-doc.xml
|
247
|
+
- spec/fixtures/sign2-result.xml
|
248
|
+
- spec/fixtures/sign3-result.xml
|
249
|
+
- spec/lib/nokogiri/xml/document/encryption_and_decryption_spec.rb
|
250
|
+
- spec/lib/nokogiri/xml/document/signing_and_verifying_spec.rb
|
251
|
+
- spec/spec_helper.rb
|