xmlsec 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore ADDED
@@ -0,0 +1,18 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ coverage
6
+ InstalledFiles
7
+ lib/bundler/man
8
+ pkg
9
+ rdoc
10
+ spec/reports
11
+ test/tmp
12
+ test/version_tmp
13
+ tmp
14
+
15
+ # YARD artifacts
16
+ .yardoc
17
+ _yardoc
18
+ doc/
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source "http://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in xmlsec.gemspec
4
+ gemspec
data/README.md ADDED
@@ -0,0 +1,4 @@
1
+ xmlsec
2
+ ======
3
+
4
+ xmlsec
data/Rakefile ADDED
@@ -0,0 +1,4 @@
1
+ require "bundler/gem_tasks"
2
+
3
+ require 'rake'
4
+ Dir['tasks/*.rake'].sort.each { |f| load f }
@@ -0,0 +1,213 @@
1
+
2
+ SHELL = /bin/sh
3
+
4
+ # V=0 quiet, V=1 verbose. other values don't work.
5
+ V = 0
6
+ Q1 = $(V:1=)
7
+ Q = $(Q1:0=@)
8
+ n=$(NULLCMD)
9
+ ECHO1 = $(V:1=@$n)
10
+ ECHO = $(ECHO1:0=@echo)
11
+
12
+ #### Start of system configuration section. ####
13
+
14
+ srcdir = .
15
+ topdir = /usr/local/include/ruby-1.9.1
16
+ hdrdir = /usr/local/include/ruby-1.9.1
17
+ arch_hdrdir = /usr/local/include/ruby-1.9.1/$(arch)
18
+ VPATH = $(srcdir):$(arch_hdrdir)/ruby:$(hdrdir)/ruby
19
+ prefix = $(DESTDIR)/usr/local
20
+ rubylibprefix = $(libdir)/$(RUBY_BASE_NAME)
21
+ exec_prefix = $(prefix)
22
+ vendorhdrdir = $(rubyhdrdir)/vendor_ruby
23
+ sitehdrdir = $(rubyhdrdir)/site_ruby
24
+ rubyhdrdir = $(includedir)/$(RUBY_BASE_NAME)-$(ruby_version)
25
+ vendordir = $(rubylibprefix)/vendor_ruby
26
+ sitedir = $(rubylibprefix)/site_ruby
27
+ ridir = $(datarootdir)/$(RI_BASE_NAME)
28
+ mandir = $(datarootdir)/man
29
+ localedir = $(datarootdir)/locale
30
+ libdir = $(exec_prefix)/lib
31
+ psdir = $(docdir)
32
+ pdfdir = $(docdir)
33
+ dvidir = $(docdir)
34
+ htmldir = $(docdir)
35
+ infodir = $(datarootdir)/info
36
+ docdir = $(datarootdir)/doc/$(PACKAGE)
37
+ oldincludedir = $(DESTDIR)/usr/include
38
+ includedir = $(prefix)/include
39
+ localstatedir = $(prefix)/var
40
+ sharedstatedir = $(prefix)/com
41
+ sysconfdir = $(prefix)/etc
42
+ datadir = $(datarootdir)
43
+ datarootdir = $(prefix)/share
44
+ libexecdir = $(exec_prefix)/libexec
45
+ sbindir = $(exec_prefix)/sbin
46
+ bindir = $(exec_prefix)/bin
47
+ rubylibdir = $(rubylibprefix)/$(ruby_version)
48
+ archdir = $(rubylibdir)/$(arch)
49
+ sitelibdir = $(sitedir)/$(ruby_version)
50
+ sitearchdir = $(sitelibdir)/$(sitearch)
51
+ vendorlibdir = $(vendordir)/$(ruby_version)
52
+ vendorarchdir = $(vendorlibdir)/$(sitearch)
53
+
54
+ NULLCMD = :
55
+
56
+ CC = gcc
57
+ CXX = g++
58
+ LIBRUBY = $(LIBRUBY_A)
59
+ LIBRUBY_A = lib$(RUBY_SO_NAME)-static.a
60
+ LIBRUBYARG_SHARED = -Wl,-R -Wl,$(libdir) -L$(libdir)
61
+ LIBRUBYARG_STATIC = -Wl,-R -Wl,$(libdir) -L$(libdir) -l$(RUBY_SO_NAME)-static
62
+ OUTFLAG = -o
63
+ COUTFLAG = -o
64
+
65
+ RUBY_EXTCONF_H =
66
+ cflags = $(optflags) $(debugflags) $(warnflags)
67
+ optflags = -O3
68
+ debugflags = -ggdb
69
+ warnflags = -Wextra -Wno-unused-parameter -Wno-parentheses -Wno-long-long -Wno-missing-field-initializers -Wpointer-arith -Wwrite-strings -Wdeclaration-after-statement -Wimplicit-function-declaration
70
+ CFLAGS = -fPIC $(cflags) -DXMLSEC_CRYPTO=\"openssl\" -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1, -DXMLSEC_OPENSSL_098=1 -DXMLSEC_CRYPTO_OPENSSL=1 -I/usr/include/xmlsec1 -I/usr/include/libxml2
71
+ INCFLAGS = -I. -I$(arch_hdrdir) -I$(hdrdir)/ruby/backward -I$(hdrdir) -I$(srcdir)
72
+ DEFS = -D_FILE_OFFSET_BITS=64
73
+ CPPFLAGS = $(DEFS) $(cppflags)
74
+ CXXFLAGS = $(CFLAGS) $(cxxflags)
75
+ ldflags = -L. -rdynamic -Wl,-export-dynamic
76
+ dldflags =
77
+ ARCH_FLAG =
78
+ DLDFLAGS = $(ldflags) $(dldflags)
79
+ LDSHARED = $(CC) -shared
80
+ LDSHAREDXX = $(CXX) -shared
81
+ AR = ar
82
+ EXEEXT =
83
+
84
+ RUBY_BASE_NAME = ruby
85
+ RUBY_INSTALL_NAME = ruby
86
+ RUBY_SO_NAME = ruby
87
+ arch = i686-linux
88
+ sitearch = $(arch)
89
+ ruby_version = 1.9.1
90
+ ruby = /usr/local/bin/ruby
91
+ RUBY = $(ruby)
92
+ RM = rm -f
93
+ RM_RF = $(RUBY) -run -e rm -- -rf
94
+ RMDIRS = rmdir --ignore-fail-on-non-empty -p
95
+ MAKEDIRS = /bin/mkdir -p
96
+ INSTALL = /usr/bin/install -c
97
+ INSTALL_PROG = $(INSTALL) -m 0755
98
+ INSTALL_DATA = $(INSTALL) -m 644
99
+ COPY = cp
100
+
101
+ #### End of system configuration section. ####
102
+
103
+ preload =
104
+
105
+ libpath = . $(libdir)
106
+ LIBPATH = -L. -L$(libdir) -Wl,-R$(libdir)
107
+ DEFFILE =
108
+
109
+ CLEANFILES = mkmf.log
110
+ DISTCLEANFILES =
111
+ DISTCLEANDIRS =
112
+
113
+ extout =
114
+ extout_prefix =
115
+ target_prefix = /xmlsec
116
+ LOCAL_LIBS =
117
+ LIBS = -lxmlsec1-openssl -lxmlsec1 -lltdl -lssl -lcrypto -ldl -lxslt -lz -lm -lxml2 -lpthread -lrt -ldl -lcrypt -lm -lc
118
+ SRCS = sign.c xmlsec_ext.c verify.c
119
+ OBJS = sign.o xmlsec_ext.o verify.o
120
+ TARGET = xmlsec_ext
121
+ DLLIB = $(TARGET).so
122
+ EXTSTATIC =
123
+ STATIC_LIB =
124
+
125
+ BINDIR = $(bindir)
126
+ RUBYCOMMONDIR = $(sitedir)$(target_prefix)
127
+ RUBYLIBDIR = $(sitelibdir)$(target_prefix)
128
+ RUBYARCHDIR = $(sitearchdir)$(target_prefix)
129
+ HDRDIR = $(rubyhdrdir)/ruby$(target_prefix)
130
+ ARCHHDRDIR = $(rubyhdrdir)/$(arch)/ruby$(target_prefix)
131
+
132
+ TARGET_SO = $(DLLIB)
133
+ CLEANLIBS = $(TARGET).so
134
+ CLEANOBJS = *.o *.bak
135
+
136
+ all: $(DLLIB)
137
+ static: $(STATIC_LIB)
138
+ .PHONY: all install static install-so install-rb
139
+ .PHONY: clean clean-so clean-rb
140
+
141
+ clean-rb-default::
142
+ clean-rb::
143
+ clean-so::
144
+ clean: clean-so clean-rb-default clean-rb
145
+ @-$(RM) $(CLEANLIBS) $(CLEANOBJS) $(CLEANFILES)
146
+
147
+ distclean-rb-default::
148
+ distclean-rb::
149
+ distclean-so::
150
+ distclean: clean distclean-so distclean-rb-default distclean-rb
151
+ @-$(RM) Makefile $(RUBY_EXTCONF_H) conftest.* mkmf.log
152
+ @-$(RM) core ruby$(EXEEXT) *~ $(DISTCLEANFILES)
153
+ @-$(RMDIRS) $(DISTCLEANDIRS) 2> /dev/null || true
154
+
155
+ realclean: distclean
156
+ install: install-so install-rb
157
+
158
+ install-so: $(RUBYARCHDIR)
159
+ install-so: $(RUBYARCHDIR)/$(DLLIB)
160
+ $(RUBYARCHDIR)/$(DLLIB): $(DLLIB)
161
+ @-$(MAKEDIRS) $(@D)
162
+ $(INSTALL_PROG) $(DLLIB) $(@D)
163
+ install-rb: pre-install-rb install-rb-default
164
+ install-rb-default: pre-install-rb-default
165
+ pre-install-rb: Makefile
166
+ pre-install-rb-default: Makefile
167
+ pre-install-rb-default:
168
+ $(ECHO) installing default xmlsec_ext libraries
169
+ $(RUBYARCHDIR):
170
+ $(Q) $(MAKEDIRS) $@
171
+
172
+ site-install: site-install-so site-install-rb
173
+ site-install-so: install-so
174
+ site-install-rb: install-rb
175
+
176
+ .SUFFIXES: .c .m .cc .mm .cxx .cpp .C .o
177
+
178
+ .cc.o:
179
+ $(ECHO) compiling $(<)
180
+ $(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $<
181
+
182
+ .mm.o:
183
+ $(ECHO) compiling $(<)
184
+ $(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $<
185
+
186
+ .cxx.o:
187
+ $(ECHO) compiling $(<)
188
+ $(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $<
189
+
190
+ .cpp.o:
191
+ $(ECHO) compiling $(<)
192
+ $(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $<
193
+
194
+ .C.o:
195
+ $(ECHO) compiling $(<)
196
+ $(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $<
197
+
198
+ .c.o:
199
+ $(ECHO) compiling $(<)
200
+ $(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) $(COUTFLAG)$@ -c $<
201
+
202
+ .m.o:
203
+ $(ECHO) compiling $(<)
204
+ $(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) $(COUTFLAG)$@ -c $<
205
+
206
+ $(DLLIB): $(OBJS) Makefile
207
+ $(ECHO) linking shared-object xmlsec/$(DLLIB)
208
+ @-$(RM) $(@)
209
+ $(Q) $(LDSHARED) -o $@ $(OBJS) $(LIBPATH) $(DLDFLAGS) $(LOCAL_LIBS) $(LIBS)
210
+
211
+
212
+
213
+ $(OBJS): $(hdrdir)/ruby.h $(hdrdir)/ruby/defines.h $(arch_hdrdir)/ruby/config.h
@@ -0,0 +1,7 @@
1
+ require 'mkmf'
2
+
3
+ if pkg_config('xmlsec1-openssl')
4
+ create_makefile('xmlsec/xmlsec_ext')
5
+ else
6
+ puts "xmlsec1 is not installed."
7
+ end
@@ -0,0 +1,5 @@
1
+ package configuration for xmlsec1-openssl
2
+ cflags: -DXMLSEC_CRYPTO=\"openssl\" -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1, -DXMLSEC_OPENSSL_098=1 -DXMLSEC_CRYPTO_OPENSSL=1 -I/usr/include/xmlsec1 -I/usr/include/libxml2
3
+ ldflags:
4
+ libs: -lxmlsec1-openssl -lxmlsec1 -lltdl -lssl -lcrypto -ldl -lxslt -lz -lm -lxml2
5
+
data/ext/xmlsec/sign.c ADDED
@@ -0,0 +1,174 @@
1
+ #include <xmlsec_ext.h>
2
+ #include <sign.h>
3
+ #include <errno.h>
4
+
5
+
6
+ extern VALUE mXmlSec, cXmlSecError;
7
+
8
+ static VALUE xmlsec_sign(VALUE self, xmlDocPtr doc, VALUE key_file, VALUE password, VALUE x509_file, VALUE node_name ) {
9
+
10
+ xmlNodePtr signNode = NULL;
11
+ xmlNodePtr refNode = NULL;
12
+ xmlNodePtr pathNode = NULL;
13
+ xmlNodePtr keyInfoNode = NULL;
14
+ xmlSecDSigCtxPtr dsigCtx = NULL;
15
+ xmlChar *xmlbuff;
16
+ int xmlbuffsize;
17
+ VALUE result;
18
+
19
+
20
+ /* create signature template for RSA-SHA1 enveloped signature */
21
+ signNode = xmlSecTmplSignatureCreate( doc,
22
+ xmlSecTransformExclC14NWithCommentsId,
23
+ xmlSecTransformRsaSha1Id,
24
+ NULL
25
+ );
26
+ if(signNode == NULL) {
27
+ if(doc != NULL) xmlFreeDoc(doc);
28
+ rb_raise(rb_eRuntimeError, "Error: failed to create signature template\n");
29
+ return Qnil;
30
+ }
31
+
32
+ pathNode = xmlDocGetRootElement(doc);
33
+ if (! NIL_P(node_name)) {
34
+ pathNode = xmlNewChild(xmlDocGetRootElement(doc), NULL, StringValuePtr(node_name), NULL);
35
+ if(pathNode == NULL) {
36
+ if(doc != NULL) xmlFreeDoc(doc);
37
+ rb_raise(rb_eRuntimeError, "Error: failed to create %s node\n", StringValuePtr(node_name));
38
+ return Qnil;
39
+ }
40
+ }
41
+
42
+ /* add <dsig:Signature/> node to the doc */
43
+ xmlAddChild(pathNode, signNode);
44
+
45
+ /* add reference */
46
+ refNode = xmlSecTmplSignatureAddReference(signNode,
47
+ xmlSecTransformSha1Id,
48
+ NULL,
49
+ NULL,
50
+ NULL);
51
+ if(refNode == NULL) {
52
+ if(doc != NULL) xmlFreeDoc(doc);
53
+ rb_raise(rb_eRuntimeError, "Error: failed to add reference to signature template\n");
54
+ return Qnil;
55
+ }
56
+
57
+ /* add enveloped transform */
58
+ if(xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId) == NULL) {
59
+ if(doc != NULL) xmlFreeDoc(doc);
60
+ rb_raise(rb_eRuntimeError, "Error: failed to add enveloped transform to reference\n");
61
+ return Qnil;
62
+ }
63
+
64
+ if (! NIL_P(x509_file)){
65
+
66
+ /* add <dsig:KeyInfo/> and <dsig:X509Data/> */
67
+ keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL);
68
+ if(keyInfoNode == NULL) {
69
+ if(doc != NULL) xmlFreeDoc(doc);
70
+ rb_raise(rb_eRuntimeError, "Error: failed to add key info\n");
71
+ return Qnil;
72
+ }
73
+
74
+ if(xmlSecTmplKeyInfoAddX509Data(keyInfoNode) == NULL) {
75
+ if(doc != NULL) xmlFreeDoc(doc);
76
+ rb_raise(rb_eRuntimeError, "Error: failed to add X509Data node\n");
77
+ return Qnil;
78
+ }
79
+ }
80
+
81
+ /* create signature context, we don't need keys manager in this example */
82
+ dsigCtx = xmlSecDSigCtxCreate(NULL);
83
+ if(dsigCtx == NULL) {
84
+ if(doc != NULL) xmlFreeDoc(doc);
85
+ rb_raise(rb_eRuntimeError, "Error: failed to create signature context\n");
86
+ return Qnil;
87
+ }
88
+
89
+ /* load private key, assuming that there is not password */
90
+ dsigCtx->signKey = xmlSecCryptoAppKeyLoad(StringValuePtr(key_file),
91
+ xmlSecKeyDataFormatPem,
92
+ NIL_P(password) ? NULL : StringValuePtr(password),
93
+ NULL,
94
+ NULL);
95
+
96
+ if(dsigCtx->signKey == NULL) {
97
+ if(dsigCtx != NULL) xmlSecDSigCtxDestroy(dsigCtx);
98
+ if(doc != NULL) xmlFreeDoc(doc);
99
+ rb_raise(rb_eRuntimeError, "Error: failed to load private pem key from \"%s\"\n", StringValuePtr(key_file));
100
+ return Qnil;
101
+ }
102
+
103
+ if (! NIL_P(x509_file)){
104
+ /* load certificate and add to the key */
105
+ if(xmlSecCryptoAppKeyCertLoad(dsigCtx->signKey, StringValuePtr(x509_file), xmlSecKeyDataFormatPem) < 0) {
106
+ if(dsigCtx != NULL) xmlSecDSigCtxDestroy(dsigCtx);
107
+ if(doc != NULL) xmlFreeDoc(doc);
108
+ rb_raise(rb_eRuntimeError, "Error: failed to load pem certificate \"%s\"\n", StringValuePtr(x509_file));
109
+ return Qnil;
110
+ }
111
+ }
112
+
113
+ /* set key name to the file name, this is just an example! */
114
+ if(xmlSecKeySetName(dsigCtx->signKey, StringValuePtr(key_file)) < 0) {
115
+ if(dsigCtx != NULL) xmlSecDSigCtxDestroy(dsigCtx);
116
+ if(doc != NULL) xmlFreeDoc(doc);
117
+ rb_raise(rb_eRuntimeError, "Error: failed to set key name for key from \"%s\"\n", StringValuePtr(key_file));
118
+ return Qnil;
119
+ }
120
+
121
+ /* sign the template */
122
+ if(xmlSecDSigCtxSign(dsigCtx, signNode) < 0) {
123
+ if(dsigCtx != NULL) xmlSecDSigCtxDestroy(dsigCtx);
124
+ if(doc != NULL) xmlFreeDoc(doc);
125
+ rb_raise(rb_eRuntimeError, "Error: signature failed");
126
+ return Qnil;
127
+ }
128
+
129
+ /* return signed document*/
130
+ xmlDocDumpFormatMemory(doc, &xmlbuff, &xmlbuffsize, 1);
131
+ result = rb_str_new(xmlbuff, xmlbuffsize);
132
+ xmlFree(xmlbuff);
133
+ if(dsigCtx != NULL) xmlSecDSigCtxDestroy(dsigCtx);
134
+ if(doc != NULL) xmlFreeDoc(doc);
135
+ return result;
136
+
137
+ }
138
+
139
+ static VALUE rb_xmlsec_sign_file(VALUE self, VALUE template_file, VALUE key_file, VALUE password, VALUE x509_file, VALUE node_name) {
140
+ xmlDocPtr doc;
141
+
142
+ doc = xmlParseFile(StringValuePtr(template_file));
143
+
144
+ if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)) {
145
+ rb_raise(rb_eRuntimeError, "Error: unable to parse template file.");
146
+ return;
147
+ }
148
+
149
+ return xmlsec_sign(self, doc, key_file, password, x509_file, node_name );
150
+ }
151
+
152
+ static VALUE rb_xmlsec_sign(VALUE self, VALUE template, VALUE key_file, VALUE password, VALUE x509_file, VALUE node_name ) {
153
+ xmlDocPtr doc;
154
+ doc = xmlReadMemory(
155
+ StringValuePtr(template),
156
+ RSTRING_LEN(template),
157
+ "noname.xml",
158
+ NULL,
159
+ 0
160
+ );
161
+ if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
162
+ rb_raise(rb_eRuntimeError, "Error: unable to parse template.");
163
+ return;
164
+ }
165
+ return xmlsec_sign(self, doc, key_file, password, x509_file,node_name );
166
+ }
167
+
168
+
169
+ void init_xmlsec_sign() {
170
+
171
+ rb_define_singleton_method(mXmlSec, "sign_file", rb_xmlsec_sign_file, 5);
172
+ rb_define_singleton_method(mXmlSec, "sign", rb_xmlsec_sign, 5);
173
+
174
+ }
data/ext/xmlsec/sign.h ADDED
@@ -0,0 +1,9 @@
1
+ #ifndef XMLSEC_SIGN_H
2
+ #define XMLSEC_SIGN_H
3
+
4
+ #include <xmlsec/templates.h>
5
+
6
+
7
+ void init_xmlsec_sign();
8
+
9
+ #endif /* ifndef XMLSEC_SIGN_H */