xmlsec 0.0.1

data/spec/assets/unsigned.test.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+     XML Security Library test file
+-->
+<Service version="2.0">
+  <Data>
+   <str>	Hello, World! The euro sign (ą) </str>
+   <smfing>
+    <!-- XML Security Library test file -->
+    <test1 somettr="VALUE"/>
+    <TEST2 SOMETTR="VALUE"/>
+   </smfing>
+  </Data>
+</Service>

data/spec/assets/x509.crt

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB+zCCAWQCCQCNDSfdaw1XODANBgkqhkiG9w0BAQUFADBCMQswCQYDVQQGEwJY
+WDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBh
+bnkgTHRkMB4XDTEyMDMxMjE0MjExNVoXDTEzMDMxMjE0MjExNVowQjELMAkGA1UE
+BhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoGA1UECgwTRGVmYXVsdCBD
+b21wYW55IEx0ZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzAkX2JwvyH6h
+UtXt9g7HAz/GQPe/nexZjGwVOfZtcLVR24wzSqMKUm+t+hsDrngZor7mYbkzrFwW
+JZKuMzTdOBFMdJABXQ26ik4X5G3oQvLCvvfxqGoci4BnOa2TnxvpRw7g1jekjGxn
+393bFgOXJIi0gsjx+hcr20qLdaEnJycCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBA
+8qZt/THE1SmLZ/55yTh3rxgcfdlJzk+iE9VYd9aseGHSbZmOEDjmtF6hNJBYw/BI
+oxAOVnMI6cuAbNe5ydub5YeelyJGrlPEcIs+lm2GkUCRFZd4krVO4r2wptD0KP8a
+5iD8CBI9Bl39pXP7k6pEM1UVPUfxyT/h7I2dpqxp+Q==
+-----END CERTIFICATE-----

data/spec/spec_helper.rb

@@ -0,0 +1,6 @@
+# encoding: UTF-8
+
+require 'rspec'
+require 'xmlsec'
+require 'nokogiri'
+

data/spec/xmlsec/sign_spec.rb

@@ -0,0 +1,320 @@
+require 'spec_helper'
+
+describe XmlSec do
+
+  it "should sign unsigned.test.xml with unprotected private key" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign_file(
+        File.join(asset_dir, 'unsigned.test.xml'),
+        File.join(asset_dir, 'private.key.pem'),
+        nil,
+        nil,
+        nil
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign unsigned.test.xml with protected private key" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign_file(
+        File.join(asset_dir, 'unsigned.test.xml'),
+        File.join(asset_dir, 'private.passw.key.pem'),
+        'testas',
+        nil,
+        nil
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign unsigned.test.xml with protected private key and add certificate" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign_file(
+        File.join(asset_dir, 'unsigned.test.xml'),
+        File.join(asset_dir, 'private.passw.key.pem'),
+        'testas',
+        File.join(asset_dir, 'x509.crt'),
+        nil
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:KeyInfo/xmlns:X509Data/xmlns:X509Certificate",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign unsigned.test.xml with unprotected private key and add certificate" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign_file(
+        File.join(asset_dir, 'unsigned.test.xml'),
+        File.join(asset_dir, 'private.key.pem'),
+        nil,
+        File.join(asset_dir, 'x509.crt'),
+        nil
+      )
+    doc = Nokogiri::XML(xml)
+
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:KeyInfo/xmlns:X509Data/xmlns:X509Certificate",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+  end
+
+  it "should sign unsigned.test.xml with unprotected private key, signature must be placed in <Security> tag" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign_file(
+        File.join(asset_dir, 'unsigned.test.xml'),
+        File.join(asset_dir, 'private.key.pem'),
+        nil,
+        nil,
+        'Security'
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign unsigned.test.xml with protected private key, signature must be placed in <Security> tag" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign_file(
+        File.join(asset_dir, 'unsigned.test.xml'),
+        File.join(asset_dir, 'private.passw.key.pem'),
+        'testas',
+        nil,
+        'Security'
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign unsigned.test.xml with protected private key and add certificat, signature must be placed in <Security> tage" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign_file(
+        File.join(asset_dir, 'unsigned.test.xml'),
+        File.join(asset_dir, 'private.passw.key.pem'),
+        'testas',
+        File.join(asset_dir, 'x509.crt'),
+        'Security'
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:KeyInfo/xmlns:X509Data/xmlns:X509Certificate",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign unsigned.test.xml with unprotected private key and add certificate, signature must be placed in <Security> tag" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign_file(
+        File.join(asset_dir, 'unsigned.test.xml'),
+        File.join(asset_dir, 'private.key.pem'),
+        nil,
+        File.join(asset_dir, 'x509.crt'),
+        'Security'
+      )
+    doc = Nokogiri::XML(xml)
+    File.open(File.join(asset_dir, 'signed.test.xml'), "w") {|f| f.puts xml }
+
+
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:KeyInfo/xmlns:X509Data/xmlns:X509Certificate",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+  end
+
+  it "should sign xml string with unprotected private key" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign(
+        '<?xml version="1.0" encoding="UTF-8"?><Service><Data>Hello</Data></Service>',
+        File.join(asset_dir, 'private.key.pem'),
+        nil,
+        nil,
+        nil
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign xml string with protected private key" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign(
+        '<?xml version="1.0" encoding="UTF-8"?><Service><Data>Hello</Data></Service>',
+        File.join(asset_dir, 'private.passw.key.pem'),
+        'testas',
+        nil,
+        nil
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign xml string with protected private key and add certificate" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign(
+        '<?xml version="1.0" encoding="UTF-8"?><Service><Data>Hello</Data></Service>',
+        File.join(asset_dir, 'private.passw.key.pem'),
+        'testas',
+        File.join(asset_dir, 'x509.crt'),
+        nil
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:KeyInfo/xmlns:X509Data/xmlns:X509Certificate",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign xml string with unprotected private key and add certificate" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign(
+        '<?xml version="1.0" encoding="UTF-8"?><Service><Data>Hello</Data></Service>',
+        File.join(asset_dir, 'private.key.pem'),
+        nil,
+        File.join(asset_dir, 'x509.crt'),
+        nil
+      )
+    doc = Nokogiri::XML(xml)
+
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+    doc.xpath(
+        "Service/xmlns:Signature/xmlns:KeyInfo/xmlns:X509Data/xmlns:X509Certificate",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+  end
+
+  it "should sign xml string with unprotected private key, signature must be placed in <Security> tag" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign(
+        '<?xml version="1.0" encoding="UTF-8"?><Service><Data>Hello</Data></Service>',
+        File.join(asset_dir, 'private.key.pem'),
+        nil,
+        nil,
+        'Security'
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign xml string with protected private key, signature must be placed in <Security> tag" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign(
+        '<?xml version="1.0" encoding="UTF-8"?><Service><Data>Hello</Data></Service>',
+        File.join(asset_dir, 'private.passw.key.pem'),
+        'testas',
+        nil,
+        'Security'
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign xml string with protected private key and add certificat, signature must be placed in <Security> tage" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign(
+        '<?xml version="1.0" encoding="UTF-8"?><Service><Data>Hello</Data></Service>',
+        File.join(asset_dir, 'private.passw.key.pem'),
+        'testas',
+        File.join(asset_dir, 'x509.crt'),
+        'Security'
+      )
+    doc = Nokogiri::XML(xml)
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:KeyInfo/xmlns:X509Data/xmlns:X509Certificate",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+  end
+
+  it "should sign xml string with unprotected private key and add certificate, signature must be placed in <Security> tag" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    xml = XmlSec::sign(
+        '<?xml version="1.0" encoding="UTF-8"?><Service><Data>Hello</Data></Service>',
+        File.join(asset_dir, 'private.key.pem'),
+        nil,
+        File.join(asset_dir, 'x509.crt'),
+        'Security'
+      )
+    doc = Nokogiri::XML(xml)
+
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:SignatureValue",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+
+    doc.xpath(
+        "Service/Security/xmlns:Signature/xmlns:KeyInfo/xmlns:X509Data/xmlns:X509Certificate",
+        "xmlns" => "http://www.w3.org/2000/09/xmldsig#"
+      ).count.should eql(1)
+  end
+
+
+end

data/spec/xmlsec/verify_spec.rb

@@ -0,0 +1,46 @@
+require 'spec_helper'
+
+describe XmlSec do
+
+  it "should verify signed.test.xml with public key" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    XmlSec::valid_file?(
+        File.join(asset_dir, 'signed.test.xml'),
+        File.join(asset_dir, 'public.key.pem'),
+        nil
+      ).should be_true
+
+  end
+
+  it "should verify signed.test.xml certificate" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    XmlSec::valid_file?(
+        File.join(asset_dir, 'signed.test.xml'),
+        nil,
+        File.join(asset_dir, 'x509.crt')
+      ).should be_true
+
+  end
+
+
+  it "should verify xml string with public key" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    XmlSec::valid?(
+        File.open(File.join(asset_dir, 'signed.test.xml'), 'rb') { |f| f.read },
+        File.join(asset_dir, 'public.key.pem'),
+        nil
+      ).should be_true
+
+  end
+
+  it "should verify xml string certificate" do
+    asset_dir = File.expand_path('../../assets', __FILE__)
+    XmlSec::valid?(
+        File.open(File.join(asset_dir, 'signed.test.xml'), 'rb') { |f| f.read },
+        nil,
+        File.join(asset_dir, 'x509.crt')
+      ).should be_true
+
+  end
+
+end

data/tasks/rspec.rake

@@ -0,0 +1,16 @@
+begin
+  require 'rspec'
+  require 'rspec/core/rake_task'
+
+  desc "Run all examples with RCov"
+  RSpec::Core::RakeTask.new('spec:rcov') do |t|
+    t.rcov = true
+  end
+  RSpec::Core::RakeTask.new('spec') do |t|
+    t.verbose = true
+  end
+
+  task :default => :spec
+rescue LoadError
+  puts "rspec, or one of its dependencies, is not available. Install it with: sudo gem install rspec"
+end

data/xmlsec.gemspec

@@ -0,0 +1,28 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "xmlsec/version"
+
+Gem::Specification.new do |s|
+  s.name        = "xmlsec"
+  s.version     = XmlSec::VERSION
+  s.authors     = ["Tomas Didziokas"]
+  s.email       = ["tomas.did@gmail.com"]
+  s.homepage    = "http://manodrabuziai.lt/"
+  s.extensions  = ["ext/xmlsec/extconf.rb"]
+  s.summary     = "summary"
+  s.description = 'description'
+
+  # s.rubyforge_project = "xmlsec"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+  # tests
+  s.add_development_dependency 'rake-compiler', "~> 0.7.7"
+  s.add_development_dependency 'rake', '0.8.7' # NB: 0.8.7 required by rake-compiler 0.7.9
+  s.add_development_dependency 'rspec'
+  s.add_development_dependency 'nokogiri', '1.5.0'
+
+end
+