xmldsign 0.1.0

data/ext/xmldsign/gosthash.c

@@ -0,0 +1,254 @@
+/**********************************************************************
+ *                          gosthash.c                                *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *    Implementation of GOST R 34.11-94 hash function                 *
+ *       uses on gost89.c and gost89.h Doesn't need OpenSSL           *
+ **********************************************************************/
+#include <string.h>
+
+#include "gost89.h"
+#include "gosthash.h"
+
+
+/* Use OPENSSL_malloc for memory allocation if compiled with
+ * -DOPENSSL_BUILD, and libc malloc otherwise
+ */
+#ifndef MYALLOC
+# ifdef OPENSSL_BUILD
+#  include <openssl/crypto.h>
+#  define MYALLOC(size) OPENSSL_malloc(size)
+#  define MYFREE(ptr) OPENSSL_free(ptr)
+# else
+#  define MYALLOC(size) malloc(size)
+#  define MYFREE(ptr) free(ptr)
+# endif
+#endif
+/* Following functions are various bit meshing routines used in
+ * GOST R 34.11-94 algorithms */
+static void swap_bytes (byte *w, byte *k)
+	{
+	int i,j;
+	for (i=0;i<4;i++)
+		for (j=0;j<8;j++)
+			k[i+4*j]=w[8*i+j];
+	}
+
+/* was A_A */
+static void circle_xor8 (const byte *w, byte *k)
+	{
+	byte buf[8];
+	int i;
+	memcpy(buf,w,8);
+	memcpy(k,w+8,24);
+	for(i=0;i<8;i++)
+		k[i+24]=buf[i]^k[i];
+	}
+
+/* was R_R */
+static void transform_3 (byte *data)
+	{
+	unsigned short int acc;
+	acc=(data[0]^data[2]^data[4]^data[6]^data[24]^data[30])|
+		((data[1]^data[3]^data[5]^data[7]^data[25]^data[31])<<8);
+	memmove(data,data+2,30);
+	data[30]=acc&0xff;
+	data[31]=acc>>8;
+	}
+
+/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/
+static int add_blocks(int n,byte *left, const byte *right)
+	{
+	int i;
+	int carry=0;
+	int sum;
+	for (i=0;i<n;i++)
+		{
+	   	sum=(int)left[i]+(int)right[i]+carry;
+		left[i]=sum & 0xff;
+		carry=sum>>8;
+		}
+	return carry;
+	}
+
+/* Xor two sequences of bytes */
+static void xor_blocks (byte *result,const byte *a,const byte *b,size_t len)
+	{
+	size_t i;
+	for (i=0;i<len;i++) result[i]=a[i]^b[i];
+	}
+
+/*
+ * 	Calculate H(i+1) = Hash(Hi,Mi)
+ * 	Where H and M are 32 bytes long
+ */
+static int hash_step(gost_ctx *c,byte *H,const byte *M)
+	{
+	byte U[32],W[32],V[32],S[32],Key[32];
+	int i;
+	/* Compute first key */
+	xor_blocks(W,H,M,32);
+	swap_bytes(W,Key);
+	/* Encrypt first 8 bytes of H with first key*/
+	gost_enc_with_key(c,Key,H,S);
+	/* Compute second key*/
+	circle_xor8(H,U);
+	circle_xor8(M,V);
+	circle_xor8(V,V);
+	xor_blocks(W,U,V,32);
+	swap_bytes(W,Key);
+	/* encrypt second 8 bytes of H with second key*/
+	gost_enc_with_key(c,Key,H+8,S+8);
+	/* compute third key */
+	circle_xor8(U,U);
+	U[31]=~U[31]; U[29]=~U[29]; U[28]=~U[28]; U[24]=~U[24];
+	U[23]=~U[23]; U[20]=~U[20]; U[18]=~U[18]; U[17]=~U[17];
+	U[14]=~U[14]; U[12]=~U[12]; U[10]=~U[10]; U[ 8]=~U[ 8];
+	U[ 7]=~U[ 7]; U[ 5]=~U[ 5]; U[ 3]=~U[ 3]; U[ 1]=~U[ 1];
+	circle_xor8(V,V);
+	circle_xor8(V,V);
+	xor_blocks(W,U,V,32);
+	swap_bytes(W,Key);
+	/* encrypt third 8 bytes of H with third key*/
+	gost_enc_with_key(c,Key,H+16,S+16);
+	/* Compute fourth key */
+	circle_xor8(U,U);
+	circle_xor8(V,V);
+	circle_xor8(V,V);
+	xor_blocks(W,U,V,32);
+	swap_bytes(W,Key);
+	/* Encrypt last 8 bytes with fourth key */
+	gost_enc_with_key(c,Key,H+24,S+24);
+	for (i=0;i<12;i++)
+		transform_3(S);
+	xor_blocks(S,S,M,32);
+	transform_3(S);
+	xor_blocks(S,S,H,32);
+	for (i=0;i<61;i++)
+		transform_3(S);
+	memcpy(H,S,32);
+	return 1;
+	}
+
+/* Initialize gost_hash ctx - cleans up temporary structures and
+ * set up substitution blocks
+ */
+int init_gost_hash_ctx(gost_hash_ctx *ctx, const gost_subst_block *subst_block)
+	{
+	memset(ctx,0,sizeof(gost_hash_ctx));
+	ctx->cipher_ctx = (gost_ctx *)MYALLOC(sizeof(gost_ctx));
+	if (!ctx->cipher_ctx)
+		{
+		return 0;
+		}
+	gost_init(ctx->cipher_ctx,subst_block);
+	return 1;
+	}
+
+/*
+ * Free cipher CTX if it is dynamically allocated. Do not use
+ * if cipher ctx is statically allocated as in OpenSSL implementation of
+ * GOST hash algroritm
+ *
+ */
+void done_gost_hash_ctx(gost_hash_ctx *ctx)
+	{
+	/* No need to use gost_destroy, because cipher keys are not really
+	 * secret when hashing */
+	MYFREE(ctx->cipher_ctx);
+	}
+
+/*
+ * reset state of hash context to begin hashing new message
+ */
+int start_hash(gost_hash_ctx *ctx)
+	{
+	if (!ctx->cipher_ctx) return 0;
+	memset(&(ctx->H),0,32);
+	memset(&(ctx->S),0,32);
+	ctx->len = 0L;
+	ctx->left=0;
+	return 1;
+	}
+
+/*
+ * Hash block of arbitrary length
+ *
+ *
+ */
+int hash_block(gost_hash_ctx *ctx,const byte *block, size_t length)
+	{
+	const byte *curptr=block;
+	const byte *barrier=block+(length-32);/* Last byte we can safely hash*/
+	if (ctx->left)
+		{
+		/*There are some bytes from previous step*/
+		unsigned int add_bytes = 32-ctx->left;
+		if (add_bytes>length)
+			{
+			add_bytes = length;
+			}
+		memcpy(&(ctx->remainder[ctx->left]),block,add_bytes);
+		ctx->left+=add_bytes;
+		if (ctx->left<32)
+			{
+			return 1;
+			}
+		curptr=block+add_bytes;
+		hash_step(ctx->cipher_ctx,ctx->H,ctx->remainder);
+		add_blocks(32,ctx->S,ctx->remainder);
+		ctx->len+=32;
+		ctx->left=0;
+		}
+	while (curptr<=barrier)
+		{
+		hash_step(ctx->cipher_ctx,ctx->H,curptr);
+
+		add_blocks(32,ctx->S,curptr);
+		ctx->len+=32;
+		curptr+=32;
+		}
+	if (curptr!=block+length)
+		{
+		ctx->left=block+length-curptr;
+		memcpy(ctx->remainder,curptr,ctx->left);
+		}
+	return 1;
+	}
+
+/*
+ * Compute hash value from current state of ctx
+ * state of hash ctx becomes invalid and cannot be used for further
+ * hashing.
+ */
+int finish_hash(gost_hash_ctx *ctx,byte *hashval)
+	{
+	byte buf[32];
+	byte H[32];
+	byte S[32];
+	ghosthash_len fin_len=ctx->len;
+	byte *bptr;
+	memcpy(H,ctx->H,32);
+	memmove(S,ctx->S,32);
+	if (ctx->left)
+		{
+		memset(buf,0,32);
+		memcpy(buf,ctx->remainder,ctx->left);
+		hash_step(ctx->cipher_ctx,H,buf);
+		add_blocks(32,S,buf);
+		fin_len+=ctx->left;
+		}
+	memset(buf,0,32);
+	bptr=buf;
+	fin_len<<=3; /* Hash length in BITS!!*/
+	while(fin_len>0)
+		{
+		*(bptr++)=(byte)(fin_len&0xFF);
+		fin_len>>=8;
+		};
+	hash_step(ctx->cipher_ctx,H,buf);
+	hash_step(ctx->cipher_ctx,H,S);
+	memcpy(hashval,H,32);
+	return 1;
+	}

data/ext/xmldsign/gosthash.h

@@ -0,0 +1,48 @@
+/**********************************************************************
+ *                          gosthash.h                                *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ *    Declaration of GOST R 34.11-94 hash functions                   *
+ *       uses  and gost89.h Doesn't need OpenSSL                      *
+ **********************************************************************/
+#ifndef GOSTHASH_H
+#define GOSTHASH_H
+#include "gost89.h"
+#include <stdlib.h>
+
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+typedef __int64 ghosthash_len;
+#elif defined(__arch64__)
+typedef long ghosthash_len;
+#else
+typedef long long ghosthash_len;
+#endif
+
+typedef struct gost_hash_ctx {
+		ghosthash_len len;
+		gost_ctx *cipher_ctx;
+		int left;
+		byte H[32];
+		byte S[32];
+		byte remainder[32];
+} gost_hash_ctx;		
+
+
+/* Initalizes gost hash ctx, including creation of gost cipher ctx */
+
+int init_gost_hash_ctx(gost_hash_ctx *ctx, const gost_subst_block *subst_block);
+void done_gost_hash_ctx(gost_hash_ctx *ctx);
+
+/* Cleans up all fields, except cipher ctx preparing ctx for computing
+ * of new hash value */
+int start_hash(gost_hash_ctx *ctx);
+
+/* Hashes block of data */
+int hash_block(gost_hash_ctx *ctx, const byte *block, size_t length);
+
+/* Finalizes computation of hash  and fills buffer (which should be at
+ * least 32 bytes long) with value of computed hash. */
+int finish_hash(gost_hash_ctx *ctx, byte *hashval);
+
+#endif	

data/ext/xmldsign/xmldsign_ext.c

@@ -0,0 +1,66 @@
+#include <xmldsign_ext.h>
+
+#ifndef O_BINARY
+#define O_BINARY 0
+#endif
+
+char* substring(const char* str, size_t begin, size_t len)
+{
+  if (str == 0 || strlen(str) == 0 || strlen(str) < begin || strlen(str) < (begin+len))
+    return 0;
+
+  return strndup(str + begin, len);
+}
+
+int digest(char * data, char * sum)
+{
+  gost_subst_block *b=  &GostR3411_94_CryptoProParamSet;
+  gost_hash_ctx ctx;
+
+  init_gost_hash_ctx(&ctx, b);
+
+  if (hash_data(&ctx, data, sum))
+  {
+    return 1;
+  }
+  else
+    return 0;
+}
+
+int hash_data(gost_hash_ctx *ctx, const char *data, char *sum)
+{
+  int i;
+  size_t bytes = strlen(data);
+
+  start_hash(ctx);
+
+  if(bytes > 0)
+    hash_block(ctx, data, bytes);
+
+  finish_hash(ctx, sum);
+
+  return 1;
+}
+
+static VALUE rb_gost_digest(VALUE self)
+{
+  char sum[32];
+
+  VALUE data;
+
+  data = rb_iv_get(self, "@data");
+
+  if( digest(StringValuePtr(data), sum) )
+    return rb_str_new2( substring(sum, 0, 32) );
+  else
+    return Qfalse;
+}
+
+/* Ruby Extension initializer */
+void Init_xmldsign_ext() {
+  mXmldsign     = rb_define_module("Xmldsign");
+  mDigests      = rb_define_module_under(mXmldsign, "Digests");
+  cGost         = rb_define_class_under(mDigests, "Gost", rb_cObject);
+
+  rb_define_method(cGost, "binary", rb_gost_digest, 0);
+}

data/ext/xmldsign/xmldsign_ext.h

@@ -0,0 +1,18 @@
+#ifndef XMLDSIGN_EXT_H
+#define XMLDSIGN_EXT_H
+
+#include <ruby.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <limits.h>
+#include <string.h>
+
+#include "gost89.h"
+#include "gosthash.h"
+
+VALUE mXmldsign, mDigests, cGost;
+
+
+#endif /* ifndef XMLDSIGN_EXT_H */

data/lib/xmldsign/algorithms.rb

@@ -0,0 +1,84 @@
+module Xmldsign
+  module Algorithms
+    def factory(uri, node)
+      ALGORITHMS[uri].new(node)
+    end
+
+    class Gostr3411
+      def initialize(transform_node)
+      end
+
+      def execute(xml)
+        Digests::Gost.base64(xml)
+      end
+
+      def openssl
+        @engine.digest(KEY)
+      end
+    end
+
+    class Enveloped
+      def initialize(transform_node)
+      end
+
+      def execute(doc)
+        doc.find_first('.//ds:Signature').remove!
+        doc
+      end
+    end
+
+    class XSLT
+      attr_reader :transform_node
+
+      def initialize(transform_node)
+        @transform_node = transform_node
+      end
+
+      def stylesheet
+        doc      = LibXML::XML::Document.new
+        doc.root = transform_node.find('*[1]').first.copy(true)
+        LibXSLT::XSLT::Stylesheet.new(doc)
+      end
+
+      def execute(doc)
+        stylesheet.apply doc
+      end
+    end
+
+    class Canonicalization
+      XML_C14N_1_0           = 0
+      XML_C14N_EXCLUSIVE_1_0 = 1
+      XML_C14N_1_1           = 2
+
+      attr_reader :transform_node
+
+      def initialize(transform_node)
+        @transform_node = transform_node
+      end
+
+      def execute(doc)
+        raise NotImplementedError
+      end
+    end
+
+    class C14NExc < Canonicalization
+      def execute(doc)
+        doc.canonicalize mode: XML_C14N_EXCLUSIVE_1_0
+      end
+    end
+
+    ALGORITHMS = {
+        # Digests
+
+        "http://www.w3.org/2001/04/xmldsig-more#gostr3411"      => Gostr3411,
+
+        # Transforms and Canonicalize
+
+        "http://www.w3.org/2000/09/xmldsig#enveloped-signature" => Enveloped,
+        "http://www.w3.org/TR/1999/REC-xslt-19991116"           => XSLT,
+        "http://www.w3.org/2001/10/xml-exc-c14n#"               => C14NExc,
+    }
+
+    module_function :factory
+  end
+end

data/lib/xmldsign/digests/gost.rb

@@ -0,0 +1,30 @@
+require "xmldsign/xmldsign_ext"
+
+module Xmldsign
+  module Digests
+    class Gost
+      attr_reader :data
+
+      class << self
+        def base64(data)
+          new(data).base64
+        end
+        def hex(data)
+          new(data).hex
+        end
+      end
+
+      def initialize(data)
+        @data = data
+      end
+
+      def base64
+        Base64.encode64(binary).strip
+      end
+
+      def hex
+        binary.bytes.inject("") { |hex, b| hex << b.to_s(16) }
+      end
+    end
+  end
+end

data/lib/xmldsign/document.rb

@@ -0,0 +1,19 @@
+module Xmldsign
+  class Document < DelegateClass(XML::Document)
+    def self.string(xml)
+      new LibXML::XML::Document.string(xml)
+    end
+
+    def signature
+      if (node = find_first('.//ds:Signature'))
+        Signature.new node
+      else
+        raise Xmldsign::NodeError, 'node ds:Signature is not found in document'
+      end
+    end
+
+    def signed
+      signature.sign
+    end
+  end
+end

data/lib/xmldsign/error.rb

@@ -0,0 +1,2 @@
+class Xmldsign::Error < StandardError
+end

data/lib/xmldsign/signature.rb

@@ -0,0 +1,64 @@
+module Xmldsign
+  class Signature < DelegateClass(XML::Node)
+    XML_C14N_1_0           = 0
+    XML_C14N_EXCLUSIVE_1_0 = 1
+    XML_C14N_1_1           = 2
+
+    def signed_info
+      SignedInfo.new find_first('.//ds:SignedInfo')
+    end
+
+    def c14n_signed_info
+      sign
+      doc = LibXML::XML::Document.new
+      doc.root = signed_info.copy(true)
+      doc.canonicalize mode: XML_C14N_EXCLUSIVE_1_0
+    end
+
+    def canonicalization_method
+      node = find_first('.//ds:CanonicalizationMethod')
+      Algorithms.factory node['Algorithm'], node
+    end
+
+    def digest_method
+      node = find_first('.//ds:DigestMethod')
+      Algorithms.factory node['Algorithm'], node
+    end
+
+    def transforms
+      signed_info.transforms
+    end
+
+    def sign
+      fill_digest!
+      clear_signature_value!
+      clear_certificate!
+      doc
+    end
+
+    def clear_signature_value!
+      if (node = find_first('.//ds:SignatureValue'))
+        node.content = ''
+      end
+    end
+
+    def clear_certificate!
+      if (node = find_first('.//ds:X509Certificate'))
+        node.content = ''
+      end
+    end
+
+    def fill_digest!
+      if (node = find_first('.//ds:DigestValue'))
+        node.content = calculate_digest
+      else
+        raise Xmldsign::NodeError, 'node ds:DigestValue is not found in document'
+      end
+    end
+
+    def calculate_digest
+      digest_method.execute transforms.execute
+    end
+  end
+end
+

data/lib/xmldsign/signed_info.rb

@@ -0,0 +1,7 @@
+module Xmldsign
+  class SignedInfo < DelegateClass(XML::Node)
+    def transforms
+      Transforms.new find_first('.//ds:Transforms')
+    end
+  end
+end

data/lib/xmldsign/transforms.rb

@@ -0,0 +1,17 @@
+module Xmldsign
+  class Transforms < DelegateClass(XML::Node)
+    def execute(document=self.doc)
+      doc = LibXML::XML::Document.new
+      doc.root = document.root.copy(true)
+      algorithms.inject(doc) { |d, algorithm| algorithm.execute d }
+    end
+
+    def algorithms
+      find('.//ds:Transform').map { |t| factory(t['Algorithm'], t) }
+    end
+
+    def factory(algorithm, node)
+      Algorithms.factory(algorithm, node)
+    end
+  end
+end

data/lib/xmldsign/version.rb

@@ -0,0 +1,3 @@
+module Xmldsign
+  VERSION = "0.1.0"
+end

data/lib/xmldsign.rb

@@ -0,0 +1,21 @@
+require "xmldsign/version"
+require "xmldsign/error"
+require "xmldsign/digests/gost"
+require "libxml"
+require "libxslt"
+require "delegate"
+require "base64"
+
+module Xmldsign
+  include LibXML
+
+  class NodeError < Error
+  end
+
+  autoload :Algorithms, 'xmldsign/algorithms'
+  autoload :Document, 'xmldsign/document'
+  autoload :Signature, 'xmldsign/signature'
+  autoload :SignedInfo, 'xmldsign/signed_info'
+  autoload :Transforms, 'xmldsign/transforms'
+end
+