xmlsec-ruby 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- data/ext/xmlsec/simple-xmlsec.c +27 -40
- metadata +5 -9
data/ext/xmlsec/simple-xmlsec.c
CHANGED
@@ -1,14 +1,7 @@
|
|
1
|
-
/**
|
2
|
-
* Simple API to sign a string and return a string using xmlsec
|
3
|
-
* All credit for this file goes to John Kemp
|
4
|
-
* Unfortunately his site is long gone, but archive.org
|
5
|
-
* has preserved it for posterity:
|
6
|
-
* http://web.archive.org/web/20060430071452/http://web.mac.com/john.kemp/php-xml-sig.html
|
7
|
-
*/
|
8
|
-
|
9
1
|
#include <stdlib.h>
|
10
2
|
#include <string.h>
|
11
3
|
#include <assert.h>
|
4
|
+
#include <ruby.h>
|
12
5
|
|
13
6
|
#include <libxml/tree.h>
|
14
7
|
#include <libxml/xmlmemory.h>
|
@@ -24,6 +17,8 @@
|
|
24
17
|
|
25
18
|
int initialize() ;
|
26
19
|
void SecShutdown() ;
|
20
|
+
void cleanup(xmlSecDSigCtxPtr dsigCtx) ;
|
21
|
+
void xmlSecErrorCallback(const char* file, int line, const char* func, const char* errorObject, const char* errorSubject, int reason, const char* msg);
|
27
22
|
static int
|
28
23
|
xmlSecAppAddIDAttr(xmlNodePtr node, const xmlChar* attrName, const xmlChar* nodeName, const xmlChar* nsHref) {
|
29
24
|
xmlAttrPtr attr, tmpAttr;
|
@@ -89,29 +84,26 @@ int verify_file(const char* xmlMessage, const char* key) {
|
|
89
84
|
xmlSecDSigCtxPtr dsigCtx = NULL;
|
90
85
|
int res = 0;
|
91
86
|
initialize();
|
92
|
-
|
93
|
-
assert(xmlMessage);
|
94
|
-
assert(key);
|
95
87
|
|
96
88
|
doc = xmlParseDoc((xmlChar *) xmlMessage) ;
|
97
89
|
|
98
90
|
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
|
99
|
-
|
100
|
-
|
91
|
+
cleanup(dsigCtx);
|
92
|
+
rb_raise(rb_eRuntimeError, "unable to parse XML document");
|
101
93
|
}
|
102
94
|
|
103
95
|
/* find start node */
|
104
96
|
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
|
105
97
|
if(node == NULL) {
|
106
|
-
|
107
|
-
|
98
|
+
cleanup(dsigCtx);
|
99
|
+
rb_raise(rb_eRuntimeError, "could not find start node in XML document");
|
108
100
|
}
|
109
101
|
|
110
102
|
xmlNodePtr cur = xmlSecGetNextElementNode(doc->children);
|
111
103
|
while(cur != NULL) {
|
112
104
|
if(xmlSecAppAddIDAttr(cur, "ID", "Response", "urn:oasis:names:tc:SAML:2.0:protocol") < 0) {
|
113
|
-
|
114
|
-
|
105
|
+
cleanup(dsigCtx);
|
106
|
+
rb_raise(rb_eRuntimeError, "could not define ID attribute");
|
115
107
|
}
|
116
108
|
cur = xmlSecGetNextElementNode(cur->next);
|
117
109
|
}
|
@@ -119,48 +111,38 @@ goto done;
|
|
119
111
|
/* create signature context */
|
120
112
|
dsigCtx = xmlSecDSigCtxCreate(NULL);
|
121
113
|
if(dsigCtx == NULL) {
|
122
|
-
|
123
|
-
|
114
|
+
cleanup(dsigCtx);
|
115
|
+
rb_raise(rb_eRuntimeError, "could not create signature context");
|
124
116
|
}
|
125
117
|
|
126
118
|
/* load public key */
|
127
119
|
dsigCtx->signKey = xmlSecCryptoAppKeyLoadMemory(key, strlen(key), xmlSecKeyDataFormatCertPem, NULL, NULL, NULL);
|
128
120
|
if(dsigCtx->signKey == NULL) {
|
129
|
-
|
130
|
-
|
121
|
+
cleanup(dsigCtx);
|
122
|
+
rb_raise(rb_eRuntimeError, "could not read public pem key %s", key);
|
131
123
|
}
|
132
|
-
|
133
|
-
/* set key name to the file name, this is just an example! */
|
134
|
-
if(xmlSecKeySetName(dsigCtx->signKey, key) < 0) {
|
135
|
-
fprintf(stdout,"Error: failed to set key name for key from \"%s\"\n", key);
|
136
|
-
goto done;
|
137
|
-
}
|
138
124
|
|
139
125
|
/* Verify signature */
|
140
126
|
if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
|
141
|
-
|
142
|
-
|
127
|
+
cleanup(dsigCtx);
|
128
|
+
rb_raise(rb_eRuntimeError, "Document does not seem to be in an XMLDsig format");
|
143
129
|
}
|
144
130
|
|
145
131
|
/* print verification result to stdout */
|
146
132
|
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
|
147
|
-
|
133
|
+
res = 1;
|
148
134
|
} else {
|
149
|
-
|
135
|
+
res = 0;
|
150
136
|
}
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
/* cleanup */
|
137
|
+
cleanup(dsigCtx);
|
138
|
+
return res;
|
139
|
+
}
|
140
|
+
|
141
|
+
void cleanup(xmlSecDSigCtxPtr dsigCtx) {
|
157
142
|
if(dsigCtx != NULL) {
|
158
143
|
xmlSecDSigCtxDestroy(dsigCtx);
|
159
144
|
}
|
160
|
-
|
161
145
|
SecShutdown() ;
|
162
|
-
|
163
|
-
return(res);
|
164
146
|
}
|
165
147
|
|
166
148
|
int initialize()
|
@@ -210,6 +192,11 @@ int initialize()
|
|
210
192
|
fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
|
211
193
|
return(-1);
|
212
194
|
}
|
195
|
+
xmlSecErrorsSetCallback(xmlSecErrorCallback);
|
196
|
+
}
|
197
|
+
|
198
|
+
void xmlSecErrorCallback(const char* file, int line, const char* func, const char* errorObject, const char* errorSubject, int reason, const char* msg) {
|
199
|
+
rb_raise(rb_eRuntimeError, "XMLSec error in %s: %s", func, msg);
|
213
200
|
}
|
214
201
|
|
215
202
|
void SecShutdown()
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: xmlsec-ruby
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 25
|
5
5
|
prerelease: false
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 0
|
9
|
-
-
|
10
|
-
version: 0.0.
|
9
|
+
- 3
|
10
|
+
version: 0.0.3
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Victor Lin
|
@@ -19,12 +19,8 @@ date: 2010-09-17 00:00:00 -07:00
|
|
19
19
|
default_executable:
|
20
20
|
dependencies: []
|
21
21
|
|
22
|
-
description: "\txmlsec-ruby is
|
23
|
-
\tfor the xmlsec library (http://www.aleksey.com/xmlsec/). \n
|
24
|
-
\tUsage:\n\
|
25
|
-
\t\tXmlsec.verify_file(xml_document_string, pem_certificate_string)\n\
|
26
|
-
\t\tReturns 0/1 on failure/success.\n\
|
27
|
-
\tThis is actually the only function implemented so far. \n"
|
22
|
+
description: "\txmlsec-ruby is project using SWIG to create ruby bindings\n\
|
23
|
+
\tfor the xmlsec library (http://www.aleksey.com/xmlsec/). \n"
|
28
24
|
email: victor@coupa.com
|
29
25
|
executables: []
|
30
26
|
|