xmlsig 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (48) hide show
  1. data/README.rdoc +0 -0
  2. data/ext/xmlsig/BioWrap.h +98 -0
  3. data/ext/xmlsig/DSig.cpp +109 -0
  4. data/ext/xmlsig/DSig.h +81 -0
  5. data/ext/xmlsig/DSigCtx.h +72 -0
  6. data/ext/xmlsig/Exceptions.cpp +151 -0
  7. data/ext/xmlsig/Exceptions.h +214 -0
  8. data/ext/xmlsig/Key.cpp +582 -0
  9. data/ext/xmlsig/Key.h +338 -0
  10. data/ext/xmlsig/KeyInfoCtx.h +67 -0
  11. data/ext/xmlsig/KeyStore.cpp +180 -0
  12. data/ext/xmlsig/KeyStore.h +157 -0
  13. data/ext/xmlsig/KeysMngrWrap.h +62 -0
  14. data/ext/xmlsig/NodeSet.h +60 -0
  15. data/ext/xmlsig/Signer.cpp +691 -0
  16. data/ext/xmlsig/Signer.h +373 -0
  17. data/ext/xmlsig/TrustVerifier.cpp +145 -0
  18. data/ext/xmlsig/TrustVerifier.h +174 -0
  19. data/ext/xmlsig/Verifier.cpp +677 -0
  20. data/ext/xmlsig/Verifier.h +313 -0
  21. data/ext/xmlsig/X509Certificate.cpp +362 -0
  22. data/ext/xmlsig/X509Certificate.h +146 -0
  23. data/ext/xmlsig/XPath.cpp +173 -0
  24. data/ext/xmlsig/XPath.h +156 -0
  25. data/ext/xmlsig/XPathCtx.h +68 -0
  26. data/ext/xmlsig/XmlCharBuf.h +60 -0
  27. data/ext/xmlsig/XmlDoc.cpp +278 -0
  28. data/ext/xmlsig/XmlDoc.h +157 -0
  29. data/ext/xmlsig/XmlElement.cpp +151 -0
  30. data/ext/xmlsig/XmlElement.h +134 -0
  31. data/ext/xmlsig/countptr.h +260 -0
  32. data/ext/xmlsig/extconf.rb +58 -0
  33. data/ext/xmlsig/runtests.rb +23 -0
  34. data/ext/xmlsig/swig/countptr.i +27 -0
  35. data/ext/xmlsig/swig/exceptions.i +79 -0
  36. data/ext/xmlsig/swig/ruby.i +17 -0
  37. data/ext/xmlsig/swig/xmlsig.i +405 -0
  38. data/ext/xmlsig/t/tc_cert.rb +34 -0
  39. data/ext/xmlsig/t/tc_interface.rb +158 -0
  40. data/ext/xmlsig/t/tc_signer.rb +501 -0
  41. data/ext/xmlsig/t/tc_tsik.rb +490 -0
  42. data/ext/xmlsig/t/tc_verifier.rb +151 -0
  43. data/ext/xmlsig/t/tsik_interop/sign.rb +48 -0
  44. data/ext/xmlsig/t/tsik_interop/verify.rb +31 -0
  45. data/ext/xmlsig/t/tsik_interop/verify_own.rb +46 -0
  46. data/ext/xmlsig/xmlsig.cpp +13363 -0
  47. data/lib/xmlsig.rb +1 -0
  48. metadata +113 -0
@@ -0,0 +1,146 @@
1
+ /*
2
+ * (C) Copyright 2006 VeriSign, Inc.
3
+ * Developed by Sxip Identity
4
+ *
5
+ * Licensed under the Apache License, Version 2.0 (the "License");
6
+ * you may not use this file except in compliance with the License.
7
+ * You may obtain a copy of the License at
8
+ *
9
+ * http://www.apache.org/licenses/LICENSE-2.0
10
+ *
11
+ * Unless required by applicable law or agreed to in writing, software
12
+ * distributed under the License is distributed on an "AS IS" BASIS,
13
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ * See the License for the specific language governing permissions and
15
+ * limitations under the License.
16
+ */
17
+ #ifndef _X509CERTIFICATE_H
18
+ #define _X509CERTIFICATE_H
19
+
20
+ #include <string>
21
+ #include <openssl/x509.h>
22
+
23
+ class X509Certificate;
24
+
25
+ #include "countptr.h"
26
+ typedef CountPtrTo<X509Certificate> X509CertificatePtr;
27
+
28
+ #include "Key.h"
29
+ using namespace std;
30
+
31
+ /**
32
+ * An X.509 certificate class.
33
+ * X509Certificate wraps the OpenSSL representation of the X509
34
+ * structure.
35
+ */
36
+ class X509Certificate
37
+ {
38
+ public:
39
+ /**
40
+ * Construct an empty certificate object.
41
+ */
42
+ X509Certificate ();
43
+ /**
44
+ * Copy constructor
45
+ * @param cert another X509Certificate object
46
+ */
47
+ X509Certificate (const X509Certificate& cert);
48
+ /**
49
+ * Destructor. Frees the internal OpenSSL X509 object.
50
+ */
51
+ ~X509Certificate ();
52
+ /**
53
+ * Load a certificate from a file.
54
+ * @param fileName The name of the file
55
+ * @param format Key data format string (see Key::loadFromFile() for format list)
56
+ * @return 0 on success, -1 if something went wrong
57
+ * @throws IOError on failure to read the certificate from the file
58
+ */
59
+ int loadFromFile (string fileName, string format);
60
+ /**
61
+ * Get the subject DN from the certificate.
62
+ * @return the subject DN as a string
63
+ * @throws LibError if cert not loaded
64
+ */
65
+ string getSubjectDN ();
66
+ /**
67
+ * Get the issuer DN from the certificate.
68
+ * @return the subject DN as a string
69
+ * @throws LibError if cert not loaded
70
+ */
71
+ string getIssuerDN ();
72
+ /**
73
+ * Get the version of the cert.
74
+ * @return the version of the cert
75
+ * @throws LibError if cert not loaded
76
+ */
77
+ int getVersion ();
78
+ /**
79
+ * Determine if the certificate is currently valid based on the notBefore and notAfter fields.
80
+ * @return 1 if valid, 0 if not valid
81
+ * @throws LibError if cert not loaded or invalid cert data
82
+ */
83
+ int isValid ();
84
+ /**
85
+ * Create a Key from the certificate.
86
+ * @return the key contained in the certificate
87
+ * @throws LibError on failure to create the key or retrieve the key data
88
+ */
89
+ KeyPtr getKey () const;
90
+ /**
91
+ * Verify that the certificate was signed by the private key
92
+ * corresponding to the given public key.
93
+ * @param key public key to check certificate against
94
+ * @return >0 if verifies, 0 if verify fails, <0 on error
95
+ * @throws KeyError if the key is invalid or the wrong type
96
+ * @throws LibError if the X509_verify library call fails
97
+ */
98
+ int verify (KeyPtr key);
99
+
100
+ // stub
101
+ int getBasicConstraints ();
102
+
103
+ /// @cond NO_INTERFACE
104
+ /**
105
+ * Construct from copy of a raw OpenSSL certificate pointer.
106
+ * @param x509ptr a raw OpenSSL certificate pointer
107
+ * @throws MemoryError if unable to create a copy of the certificate
108
+ */
109
+ X509Certificate (X509* x509ptr);
110
+ /**
111
+ * Assignment operator creates a duplicate X509Certificate.
112
+ * @param cert X509Certificate to copy
113
+ * @return Copied certificate
114
+ */
115
+ const X509Certificate& operator= (const X509Certificate& cert);
116
+ /**
117
+ * Create a duplicate X509 certificate
118
+ * @return a raw pointer to an OpenSSL certificate, null on failure
119
+ * @throws MemoryError if unable to create a copy of the certificate
120
+ */
121
+ X509* getDup () const;
122
+ /**
123
+ * Casting operator to convert to an X509* pointer
124
+ */
125
+ operator X509* ()
126
+ {
127
+ return ptr;
128
+ }
129
+ /**
130
+ * Compare this X509Certificate with another one.
131
+ * @param other X509Certificate to compare with this one
132
+ * @return 1 if certificates are equal, 0 if they are not
133
+ */
134
+ int isEqualTo (X509Certificate& other);
135
+
136
+ protected:
137
+ X509* ptr;
138
+ /**
139
+ * Extract a string from a X509_NAME object
140
+ * @return the subject name
141
+ */
142
+ xmlChar* nameToString (X509_NAME* nm);
143
+ /// @endcond
144
+ };
145
+
146
+ #endif // _X509CERTIFICATE_H
@@ -0,0 +1,173 @@
1
+ /*
2
+ * (C) Copyright 2006 VeriSign, Inc.
3
+ * Developed by Sxip Identity
4
+ *
5
+ * Licensed under the Apache License, Version 2.0 (the "License");
6
+ * you may not use this file except in compliance with the License.
7
+ * You may obtain a copy of the License at
8
+ *
9
+ * http://www.apache.org/licenses/LICENSE-2.0
10
+ *
11
+ * Unless required by applicable law or agreed to in writing, software
12
+ * distributed under the License is distributed on an "AS IS" BASIS,
13
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ * See the License for the specific language governing permissions and
15
+ * limitations under the License.
16
+ */
17
+ #include "XPath.h"
18
+ #include "XPathCtx.h"
19
+ #include <libxml/xpathInternals.h>
20
+ #include <assert.h>
21
+
22
+
23
+ XPath::XPath ()
24
+ : xpObj(0)
25
+ {}
26
+
27
+
28
+ XPath::XPath (string expr)
29
+ : xpExpr(expr),
30
+ xpObj(0)
31
+ {}
32
+
33
+
34
+ XPath::XPath (const XPath& xpath)
35
+ : xpObj(0)
36
+ {
37
+ XPath::operator=(xpath);
38
+ }
39
+
40
+
41
+ XPath::~XPath ()
42
+ {
43
+ freeXPObj();
44
+ }
45
+
46
+
47
+ const XPath& XPath::operator= (const XPath& xpath)
48
+ {
49
+ if (&xpath != this)
50
+ {
51
+ xpExpr = xpath.xpExpr;
52
+ nsList = xpath.nsList;
53
+ freeXPObj();
54
+ if (xpath.xpObj != NULL)
55
+ {
56
+ xpObj = xmlXPathObjectCopy(xpath.xpObj);
57
+ }
58
+ }
59
+ return *this;
60
+ }
61
+
62
+
63
+ void XPath::freeXPObj ()
64
+ {
65
+ if (xpObj)
66
+ {
67
+ xmlXPathFreeObject(xpObj);
68
+ xpObj = NULL;
69
+ }
70
+ }
71
+
72
+
73
+ int XPath::addNamespace (string prefix, string uri)
74
+ {
75
+ if (uri.size())
76
+ {
77
+ nsList[prefix] = uri;
78
+ }
79
+ else
80
+ {
81
+ nsList.erase(prefix);
82
+ }
83
+ return 0;
84
+ }
85
+
86
+
87
+ string XPath::getNamespaceStr ()
88
+ {
89
+ string nsStr = "";
90
+ for (XPathNSMap::iterator iter = nsList.begin();
91
+ iter != nsList.end(); iter++)
92
+ {
93
+ nsStr += "xmlns(";
94
+ nsStr += iter->first;
95
+ nsStr += "=";
96
+ nsStr += iter->second;
97
+ nsStr += ")";
98
+ }
99
+ return nsStr;
100
+ }
101
+
102
+
103
+ int XPath::registerNamespaces (xmlXPathContextPtr xpCtx)
104
+ {
105
+ assert(xpCtx);
106
+ XPathNSMap::iterator iter;
107
+ for (iter = nsList.begin(); iter != nsList.end(); iter++)
108
+ {
109
+ int ret = xmlXPathRegisterNs(xpCtx,
110
+ BAD_CAST iter->first.c_str(),
111
+ BAD_CAST iter->second.c_str());
112
+ if (ret < 0)
113
+ {
114
+ THROW(LibError, "Failed to register XPath namespace", ret);
115
+ }
116
+ }
117
+ return 0;
118
+ }
119
+
120
+
121
+ int XPath::registerNamespaces (xmlXPathContextPtr xpCtx, XmlDocClassPtr xmlDoc)
122
+ {
123
+ assert(xpCtx);
124
+ assert(xmlDoc);
125
+
126
+ xmlNodePtr rootNode = xmlDocGetRootElement(xmlDoc->getDoc());
127
+ if (!rootNode)
128
+ {
129
+ THROW(XMLError, "Couldn't retrieve document root element", -1);
130
+ }
131
+ for (xmlNsPtr ns = rootNode->nsDef; ns != NULL; ns = ns->next)
132
+ {
133
+ if (ns->prefix)
134
+ {
135
+ int ret = xmlXPathRegisterNs(xpCtx, ns->prefix, ns->href);
136
+ if (ret < 0)
137
+ {
138
+ THROW(LibError, "Failed to register XPath namespace", ret);
139
+ }
140
+ }
141
+ }
142
+ return 0;
143
+ }
144
+
145
+
146
+ void XPath::setXPath (string expr)
147
+ {
148
+ xpExpr = expr;
149
+ freeXPObj();
150
+ }
151
+
152
+
153
+ xmlXPathObjectPtr XPath::evalExpression (XmlDocClassPtr xmlDoc, string expr)
154
+ {
155
+ setXPath(expr);
156
+ return evalExpression(xmlDoc);
157
+ }
158
+
159
+
160
+ xmlXPathObjectPtr XPath::evalExpression (XmlDocClassPtr xmlDoc)
161
+ {
162
+ assert(xmlDoc);
163
+ XPathCtx xpCtx (xmlDoc);
164
+ if (!xpExpr.size())
165
+ {
166
+ THROW(XPathError, "Invalid XPath expression", 0);
167
+ }
168
+ registerNamespaces(xpCtx, xmlDoc);
169
+ registerNamespaces(xpCtx);
170
+ freeXPObj();
171
+ xpObj = xmlXPathEvalExpression(BAD_CAST xpExpr.c_str(), xpCtx);
172
+ return xpObj;
173
+ }
@@ -0,0 +1,156 @@
1
+ /*
2
+ * (C) Copyright 2006 VeriSign, Inc.
3
+ * Developed by Sxip Identity
4
+ *
5
+ * Licensed under the Apache License, Version 2.0 (the "License");
6
+ * you may not use this file except in compliance with the License.
7
+ * You may obtain a copy of the License at
8
+ *
9
+ * http://www.apache.org/licenses/LICENSE-2.0
10
+ *
11
+ * Unless required by applicable law or agreed to in writing, software
12
+ * distributed under the License is distributed on an "AS IS" BASIS,
13
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ * See the License for the specific language governing permissions and
15
+ * limitations under the License.
16
+ */
17
+ #ifndef _XPATH_H
18
+ #define _XPATH_H
19
+ #include <string>
20
+ #include <map>
21
+ #include <functional>
22
+ #include <libxml/xpath.h>
23
+ #include "XmlDoc.h"
24
+ #include "Exceptions.h"
25
+ using namespace std;
26
+
27
+ typedef map<string, string, less<string> > XPathNSMap;
28
+
29
+ /**
30
+ * XPath encapsulates a W3C XPath
31
+ * (http://www.w3.org/TR/1999/REC-xpath-19991116) expression and
32
+ * namespaces that relate to the expression.
33
+ */
34
+ class XPath
35
+ {
36
+ public:
37
+ /**
38
+ * Creates an empty XPath helper.
39
+ */
40
+ XPath();
41
+ /**
42
+ * Creates an XPath helper with an XPath expression.
43
+ * @param expr An XPath expression
44
+ */
45
+ XPath(string expr);
46
+ /**
47
+ * Frees the XPath object and any results.
48
+ */
49
+ ~XPath();
50
+
51
+ /**
52
+ * Add namespace prefix.
53
+ * @return 0 on success, -1 on error
54
+ */
55
+ int addNamespace (string prefix, string uri);
56
+ /**
57
+ * Get the XPath expression.
58
+ * @return string containing expression
59
+ */
60
+ string getXPath () const
61
+ {
62
+ return xpExpr;
63
+ }
64
+ /**
65
+ * Set the XPath expression.
66
+ * @param expr XPath expression
67
+ * @return 0 on success, -1 on error
68
+ */
69
+ void setXPath (string expr);
70
+
71
+ /// @cond NO_INTERFACE
72
+ /**
73
+ * Creates a copy of an XPath helper.
74
+ * @param xpath An XPath helper object
75
+ */
76
+ XPath(const XPath& xpath);
77
+ /**
78
+ * Copy the given XPath object.
79
+ * @param xpath An XPath helper object
80
+ * @return The copy of the object
81
+ */
82
+ const XPath& operator=(const XPath& xpath);
83
+ /**
84
+ * Get namespace prefix definitions in a form appropriate for
85
+ * including in a Reference URI attribute.
86
+ * @return namespace prefix string of the form xmlns(prefix=uri);
87
+ * multiple definitions are concatenated
88
+ */
89
+ string getNamespaceStr ();
90
+ /**
91
+ * Evaluate current expression.
92
+ * @param doc pointer to XmlDoc to execute XPath expression on
93
+ * @return xmlXPathObjectPtr with results, null on failure
94
+ * @throws XPathError on an invalid XPath expression
95
+ */
96
+ xmlXPathObjectPtr evalExpression (XmlDocClassPtr doc);
97
+ /**
98
+ * Evaluate given expression.
99
+ * @param doc pointer to XmlDoc to execute XPath expression on
100
+ * @param expr XPath expression
101
+ * @return xmlXPathObjectPtr with results, null on failure
102
+ * @throws XPathError on an invalid XPath expression
103
+ */
104
+ xmlXPathObjectPtr evalExpression (XmlDocClassPtr doc, string expr);
105
+ /**
106
+ * Return the current expression results
107
+ * @return xmlXPathObjectPtr with results, null if none exist
108
+ */
109
+ xmlXPathObjectPtr getObj()
110
+ {
111
+ return xpObj;
112
+ }
113
+
114
+ protected:
115
+ /**
116
+ * Current XPath expression
117
+ */
118
+ string xpExpr;
119
+ /**
120
+ * List of prefix->uri mappings for XPath namespaces
121
+ */
122
+ XPathNSMap nsList;
123
+ /**
124
+ * The current expression results
125
+ */
126
+ xmlXPathObjectPtr xpObj;
127
+
128
+ /**
129
+ * Register the namespaces in nsList with the XPath context.
130
+ * @param xpCtx XPath context pointer
131
+ * @return 0 on success, -1 on error
132
+ * @throws LibError if it fails to register a namespace
133
+ */
134
+ int registerNamespaces (xmlXPathContextPtr xpCtx);
135
+ /**
136
+ * Register the namespaces defined in the root node of the
137
+ * document with the XPath context.
138
+ * @param xpCtx XPath context pointer
139
+ * @param xmlDoc XML document to get namespaces from
140
+ * @return 0 on success, -1 on error
141
+ * @throws LibError if it fails to register a namespace
142
+ * @throws XMLError if unable to retrieve the root element of the document
143
+ */
144
+ int registerNamespaces (xmlXPathContextPtr xpCtx, XmlDocClassPtr xmlDoc);
145
+
146
+ /**
147
+ * Dispose of current expression results
148
+ */
149
+ void freeXPObj ();
150
+ /// @endcond
151
+ };
152
+
153
+ #include "countptr.h"
154
+ typedef CountPtrTo<XPath> XPathPtr;
155
+
156
+ #endif
@@ -0,0 +1,68 @@
1
+ /*
2
+ * (C) Copyright 2006 VeriSign, Inc.
3
+ * Developed by Sxip Identity
4
+ *
5
+ * Licensed under the Apache License, Version 2.0 (the "License");
6
+ * you may not use this file except in compliance with the License.
7
+ * You may obtain a copy of the License at
8
+ *
9
+ * http://www.apache.org/licenses/LICENSE-2.0
10
+ *
11
+ * Unless required by applicable law or agreed to in writing, software
12
+ * distributed under the License is distributed on an "AS IS" BASIS,
13
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ * See the License for the specific language governing permissions and
15
+ * limitations under the License.
16
+ */
17
+ #ifndef _XPATHCTX_H
18
+ #define _XPATHCTX_H
19
+
20
+ #include <assert.h>
21
+ #include <libxml/xpath.h>
22
+ #include "Exceptions.h"
23
+
24
+ class XPathCtx
25
+ {
26
+ public:
27
+ XPathCtx (XmlDocClassPtr xmlDoc)
28
+ : xpathCtx (0)
29
+ {
30
+ xpathCtx = xmlXPathNewContext(xmlDoc->getDoc());
31
+ if (!xpathCtx)
32
+ {
33
+ THROW_NORET(MemoryError, "Couldn't create XPath evaluation context");
34
+ }
35
+ }
36
+
37
+ ~XPathCtx ()
38
+ {
39
+ if (xpathCtx)
40
+ {
41
+ xmlXPathFreeContext(xpathCtx);
42
+ xpathCtx = 0;
43
+ }
44
+ }
45
+
46
+ operator int ()
47
+ {
48
+ return xpathCtx != NULL;
49
+ }
50
+ int operator! ()
51
+ {
52
+ return xpathCtx == NULL;
53
+ }
54
+ xmlXPathContextPtr operator-> ()
55
+ {
56
+ assert(xpathCtx);
57
+ return xpathCtx;
58
+ }
59
+ operator xmlXPathContextPtr ()
60
+ {
61
+ return xpathCtx;
62
+ }
63
+
64
+ protected:
65
+ xmlXPathContextPtr xpathCtx;
66
+ };
67
+
68
+ #endif
@@ -0,0 +1,60 @@
1
+ /*
2
+ * (C) Copyright 2006 VeriSign, Inc.
3
+ * Developed by Sxip Identity
4
+ *
5
+ * Licensed under the Apache License, Version 2.0 (the "License");
6
+ * you may not use this file except in compliance with the License.
7
+ * You may obtain a copy of the License at
8
+ *
9
+ * http://www.apache.org/licenses/LICENSE-2.0
10
+ *
11
+ * Unless required by applicable law or agreed to in writing, software
12
+ * distributed under the License is distributed on an "AS IS" BASIS,
13
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ * See the License for the specific language governing permissions and
15
+ * limitations under the License.
16
+ */
17
+ #ifndef _XMLCHARBUF_H
18
+ #define _XMLCHARBUF_H
19
+
20
+ #include <libxml/globals.h>
21
+
22
+ class XmlCharBuf
23
+ {
24
+ public:
25
+ XmlCharBuf ()
26
+ : mbuf(0)
27
+ {}
28
+ XmlCharBuf (xmlChar* buf)
29
+ : mbuf(buf)
30
+ {}
31
+ ~XmlCharBuf ()
32
+ {
33
+ if (mbuf != 0)
34
+ {
35
+ xmlFree(mbuf);
36
+ }
37
+ }
38
+
39
+ operator xmlChar** ()
40
+ {
41
+ return &mbuf;
42
+ }
43
+ operator xmlChar* ()
44
+ {
45
+ return mbuf;
46
+ }
47
+ operator const char* ()
48
+ {
49
+ return (const char*)mbuf;
50
+ }
51
+ operator int ()
52
+ {
53
+ return mbuf != 0;
54
+ }
55
+
56
+ protected:
57
+ xmlChar* mbuf;
58
+ };
59
+
60
+ #endif