xmlsec-ruby 0.0.2 → 0.0.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (2) hide show
  1. data/ext/xmlsec/simple-xmlsec.c +27 -40
  2. metadata +5 -9
data/ext/xmlsec/simple-xmlsec.c CHANGED
@@ -1,14 +1,7 @@
1
- /**
2
- * Simple API to sign a string and return a string using xmlsec
3
- * All credit for this file goes to John Kemp
4
- * Unfortunately his site is long gone, but archive.org
5
- * has preserved it for posterity:
6
- * http://web.archive.org/web/20060430071452/http://web.mac.com/john.kemp/php-xml-sig.html
7
- */
8
-
9
1
  #include <stdlib.h>
10
2
  #include <string.h>
11
3
  #include <assert.h>
4
+ #include <ruby.h>
12
5
 
13
6
  #include <libxml/tree.h>
14
7
  #include <libxml/xmlmemory.h>
@@ -24,6 +17,8 @@
24
17
 
25
18
  int initialize() ;
26
19
  void SecShutdown() ;
20
+ void cleanup(xmlSecDSigCtxPtr dsigCtx) ;
21
+ void xmlSecErrorCallback(const char* file, int line, const char* func, const char* errorObject, const char* errorSubject, int reason, const char* msg);
27
22
  static int
28
23
  xmlSecAppAddIDAttr(xmlNodePtr node, const xmlChar* attrName, const xmlChar* nodeName, const xmlChar* nsHref) {
29
24
  xmlAttrPtr attr, tmpAttr;
@@ -89,29 +84,26 @@ int verify_file(const char* xmlMessage, const char* key) {
89
84
  xmlSecDSigCtxPtr dsigCtx = NULL;
90
85
  int res = 0;
91
86
  initialize();
92
-
93
- assert(xmlMessage);
94
- assert(key);
95
87
 
96
88
  doc = xmlParseDoc((xmlChar *) xmlMessage) ;
97
89
 
98
90
  if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
99
- fprintf(stderr, "Error: unable to parse file \"%s\"\n", xmlMessage);
100
- goto done;
91
+ cleanup(dsigCtx);
92
+ rb_raise(rb_eRuntimeError, "unable to parse XML document");
101
93
  }
102
94
 
103
95
  /* find start node */
104
96
  node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
105
97
  if(node == NULL) {
106
- fprintf(stdout, "Error: start node not found in \"%s\"\n", xmlMessage);
107
- goto done;
98
+ cleanup(dsigCtx);
99
+ rb_raise(rb_eRuntimeError, "could not find start node in XML document");
108
100
  }
109
101
 
110
102
  xmlNodePtr cur = xmlSecGetNextElementNode(doc->children);
111
103
  while(cur != NULL) {
112
104
  if(xmlSecAppAddIDAttr(cur, "ID", "Response", "urn:oasis:names:tc:SAML:2.0:protocol") < 0) {
113
- fprintf(stderr, "Error: failed to add ID attribute");
114
- goto done;
105
+ cleanup(dsigCtx);
106
+ rb_raise(rb_eRuntimeError, "could not define ID attribute");
115
107
  }
116
108
  cur = xmlSecGetNextElementNode(cur->next);
117
109
  }
@@ -119,48 +111,38 @@ goto done;
119
111
  /* create signature context */
120
112
  dsigCtx = xmlSecDSigCtxCreate(NULL);
121
113
  if(dsigCtx == NULL) {
122
- fprintf(stdout,"Error: failed to create signature context\n");
123
- goto done;
114
+ cleanup(dsigCtx);
115
+ rb_raise(rb_eRuntimeError, "could not create signature context");
124
116
  }
125
117
 
126
118
  /* load public key */
127
119
  dsigCtx->signKey = xmlSecCryptoAppKeyLoadMemory(key, strlen(key), xmlSecKeyDataFormatCertPem, NULL, NULL, NULL);
128
120
  if(dsigCtx->signKey == NULL) {
129
- fprintf(stdout,"Error: failed to load public pem key from \"%s\"\n", key);
130
- goto done;
121
+ cleanup(dsigCtx);
122
+ rb_raise(rb_eRuntimeError, "could not read public pem key %s", key);
131
123
  }
132
-
133
- /* set key name to the file name, this is just an example! */
134
- if(xmlSecKeySetName(dsigCtx->signKey, key) < 0) {
135
- fprintf(stdout,"Error: failed to set key name for key from \"%s\"\n", key);
136
- goto done;
137
- }
138
124
 
139
125
  /* Verify signature */
140
126
  if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
141
- fprintf(stdout,"Error: signature verify\n");
142
- goto done;
127
+ cleanup(dsigCtx);
128
+ rb_raise(rb_eRuntimeError, "Document does not seem to be in an XMLDsig format");
143
129
  }
144
130
 
145
131
  /* print verification result to stdout */
146
132
  if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
147
- fprintf(stdout, "Signature is OK\n");
133
+ res = 1;
148
134
  } else {
149
- fprintf(stdout, "Signature is INVALID\n");
135
+ res = 0;
150
136
  }
151
-
152
- /* success */
153
- res = 1;
154
-
155
- done:
156
- /* cleanup */
137
+ cleanup(dsigCtx);
138
+ return res;
139
+ }
140
+
141
+ void cleanup(xmlSecDSigCtxPtr dsigCtx) {
157
142
  if(dsigCtx != NULL) {
158
143
  xmlSecDSigCtxDestroy(dsigCtx);
159
144
  }
160
-
161
145
  SecShutdown() ;
162
-
163
- return(res);
164
146
  }
165
147
 
166
148
  int initialize()
@@ -210,6 +192,11 @@ int initialize()
210
192
  fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
211
193
  return(-1);
212
194
  }
195
+ xmlSecErrorsSetCallback(xmlSecErrorCallback);
196
+ }
197
+
198
+ void xmlSecErrorCallback(const char* file, int line, const char* func, const char* errorObject, const char* errorSubject, int reason, const char* msg) {
199
+ rb_raise(rb_eRuntimeError, "XMLSec error in %s: %s", func, msg);
213
200
  }
214
201
 
215
202
  void SecShutdown()
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: xmlsec-ruby
3
3
  version: !ruby/object:Gem::Version
4
- hash: 27
4
+ hash: 25
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 2
10
- version: 0.0.2
9
+ - 3
10
+ version: 0.0.3
11
11
  platform: ruby
12
12
  authors:
13
13
  - Victor Lin
@@ -19,12 +19,8 @@ date: 2010-09-17 00:00:00 -07:00
19
19
  default_executable:
20
20
  dependencies: []
21
21
 
22
- description: "\txmlsec-ruby is an attempt to use SWIG to create ruby bindings\n\
23
- \tfor the xmlsec library (http://www.aleksey.com/xmlsec/). \n\
24
- \tUsage:\n\
25
- \t\tXmlsec.verify_file(xml_document_string, pem_certificate_string)\n\
26
- \t\tReturns 0/1 on failure/success.\n\
27
- \tThis is actually the only function implemented so far. \n"
22
+ description: "\txmlsec-ruby is project using SWIG to create ruby bindings\n\
23
+ \tfor the xmlsec library (http://www.aleksey.com/xmlsec/). \n"
28
24
  email: victor@coupa.com
29
25
  executables: []
30
26