xmlsec-ruby 0.0.2 → 0.0.3

data/ext/xmlsec/simple-xmlsec.c

@@ -1,14 +1,7 @@
-/**
- * Simple API to sign a string and return a string using xmlsec
- * All credit for this file goes to John Kemp
- * Unfortunately his site is long gone, but archive.org
- * has preserved it for posterity:
- * http://web.archive.org/web/20060430071452/http://web.mac.com/john.kemp/php-xml-sig.html
- */
-
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
+#include <ruby.h>
  
 #include <libxml/tree.h>
 #include <libxml/xmlmemory.h>
@@ -24,6 +17,8 @@
  
 int initialize() ;
 void SecShutdown() ;
+void cleanup(xmlSecDSigCtxPtr dsigCtx) ;
+void xmlSecErrorCallback(const char* file, int line, const char* func, const char* errorObject, const char* errorSubject, int reason, const char* msg); 
 static int  
 xmlSecAppAddIDAttr(xmlNodePtr node, const xmlChar* attrName, const xmlChar* nodeName, const xmlChar* nsHref) {
     xmlAttrPtr attr, tmpAttr;
@@ -89,29 +84,26 @@ int verify_file(const char* xmlMessage, const char* key) {
   xmlSecDSigCtxPtr dsigCtx = NULL;
   int res = 0;
   initialize();
-    
-  assert(xmlMessage);
-  assert(key);
  
   doc = xmlParseDoc((xmlChar *) xmlMessage) ;
  
   if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-    fprintf(stderr, "Error: unable to parse file \"%s\"\n", xmlMessage);
-    goto done;    
+	cleanup(dsigCtx);
+	rb_raise(rb_eRuntimeError, "unable to parse XML document");
   }
     
   /* find start node */
   node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
   if(node == NULL) {
-    fprintf(stdout, "Error: start node not found in \"%s\"\n", xmlMessage);
-    goto done;    
+	cleanup(dsigCtx);
+	rb_raise(rb_eRuntimeError, "could not find start node in XML document");
   }
 
   xmlNodePtr cur = xmlSecGetNextElementNode(doc->children);
   while(cur != NULL) {
 	  if(xmlSecAppAddIDAttr(cur, "ID", "Response", "urn:oasis:names:tc:SAML:2.0:protocol") < 0) {
-		  fprintf(stderr, "Error: failed to add ID attribute");
-goto done;
+		  cleanup(dsigCtx);
+		  rb_raise(rb_eRuntimeError, "could not define ID attribute");
 	  }
 	  cur = xmlSecGetNextElementNode(cur->next);
   }
@@ -119,48 +111,38 @@ goto done;
   /* create signature context */
   dsigCtx = xmlSecDSigCtxCreate(NULL);
   if(dsigCtx == NULL) {
-    fprintf(stdout,"Error: failed to create signature context\n");
-    goto done;
+	cleanup(dsigCtx);
+	rb_raise(rb_eRuntimeError, "could not create signature context");
   }
  
 	/* load public key */
 	dsigCtx->signKey = xmlSecCryptoAppKeyLoadMemory(key, strlen(key), xmlSecKeyDataFormatCertPem, NULL, NULL, NULL);
 	if(dsigCtx->signKey == NULL) {
-		fprintf(stdout,"Error: failed to load public pem key from \"%s\"\n", key);
-		goto done;
+		cleanup(dsigCtx);
+		rb_raise(rb_eRuntimeError, "could not read public pem key %s", key);
 	}
- 
-  /* set key name to the file name, this is just an example! */
-  if(xmlSecKeySetName(dsigCtx->signKey, key) < 0) {
-    fprintf(stdout,"Error: failed to set key name for key from \"%s\"\n", key);
-    goto done;
-  }
 	 
   /* Verify signature */
   if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
-    fprintf(stdout,"Error: signature verify\n");
-    goto done;
+	cleanup(dsigCtx);
+	rb_raise(rb_eRuntimeError, "Document does not seem to be in an XMLDsig format");
   }
         
   /* print verification result to stdout */
   if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
-    fprintf(stdout, "Signature is OK\n");
+	  res = 1;
   } else {
-    fprintf(stdout, "Signature is INVALID\n");
+	  res = 0;
   }    
- 
-  /* success */
-  res = 1;
- 
- done:    
-  /* cleanup */
+  cleanup(dsigCtx);
+  return res;
+}
+
+void cleanup(xmlSecDSigCtxPtr dsigCtx) {
   if(dsigCtx != NULL) {
     xmlSecDSigCtxDestroy(dsigCtx);
   }
-    
   SecShutdown() ;
- 
-  return(res);
 }
  
 int initialize()
@@ -210,6 +192,11 @@ int initialize()
     fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
     return(-1);
   }
+  xmlSecErrorsSetCallback(xmlSecErrorCallback);
+}
+
+void xmlSecErrorCallback(const char* file, int line, const char* func, const char* errorObject, const char* errorSubject, int reason, const char* msg) {
+	rb_raise(rb_eRuntimeError, "XMLSec error in %s: %s", func, msg);
 }
  
 void SecShutdown()

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: xmlsec-ruby
 version: !ruby/object:Gem::Version 
-  hash: 27
+  hash: 25
   prerelease: false
   segments: 
   - 0
   - 0
-  - 2
-  version: 0.0.2
+  - 3
+  version: 0.0.3
 platform: ruby
 authors: 
 - Victor Lin
@@ -19,12 +19,8 @@ date: 2010-09-17 00:00:00 -07:00
 default_executable: 
 dependencies: []
 
-description: "\txmlsec-ruby is an attempt to use SWIG to create ruby bindings\n\
-  \tfor the xmlsec library (http://www.aleksey.com/xmlsec/). \n\
-  \tUsage:\n\
-  \t\tXmlsec.verify_file(xml_document_string, pem_certificate_string)\n\
-  \t\tReturns 0/1 on failure/success.\n\
-  \tThis is actually the only function implemented so far. \n"
+description: "\txmlsec-ruby is project using SWIG to create ruby bindings\n\
+  \tfor the xmlsec library (http://www.aleksey.com/xmlsec/). \n"
 email: victor@coupa.com
 executables: []