xmlsig 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +0 -0
- data/ext/xmlsig/BioWrap.h +98 -0
- data/ext/xmlsig/DSig.cpp +109 -0
- data/ext/xmlsig/DSig.h +81 -0
- data/ext/xmlsig/DSigCtx.h +72 -0
- data/ext/xmlsig/Exceptions.cpp +151 -0
- data/ext/xmlsig/Exceptions.h +214 -0
- data/ext/xmlsig/Key.cpp +582 -0
- data/ext/xmlsig/Key.h +338 -0
- data/ext/xmlsig/KeyInfoCtx.h +67 -0
- data/ext/xmlsig/KeyStore.cpp +180 -0
- data/ext/xmlsig/KeyStore.h +157 -0
- data/ext/xmlsig/KeysMngrWrap.h +62 -0
- data/ext/xmlsig/NodeSet.h +60 -0
- data/ext/xmlsig/Signer.cpp +691 -0
- data/ext/xmlsig/Signer.h +373 -0
- data/ext/xmlsig/TrustVerifier.cpp +145 -0
- data/ext/xmlsig/TrustVerifier.h +174 -0
- data/ext/xmlsig/Verifier.cpp +677 -0
- data/ext/xmlsig/Verifier.h +313 -0
- data/ext/xmlsig/X509Certificate.cpp +362 -0
- data/ext/xmlsig/X509Certificate.h +146 -0
- data/ext/xmlsig/XPath.cpp +173 -0
- data/ext/xmlsig/XPath.h +156 -0
- data/ext/xmlsig/XPathCtx.h +68 -0
- data/ext/xmlsig/XmlCharBuf.h +60 -0
- data/ext/xmlsig/XmlDoc.cpp +278 -0
- data/ext/xmlsig/XmlDoc.h +157 -0
- data/ext/xmlsig/XmlElement.cpp +151 -0
- data/ext/xmlsig/XmlElement.h +134 -0
- data/ext/xmlsig/countptr.h +260 -0
- data/ext/xmlsig/extconf.rb +58 -0
- data/ext/xmlsig/runtests.rb +23 -0
- data/ext/xmlsig/swig/countptr.i +27 -0
- data/ext/xmlsig/swig/exceptions.i +79 -0
- data/ext/xmlsig/swig/ruby.i +17 -0
- data/ext/xmlsig/swig/xmlsig.i +405 -0
- data/ext/xmlsig/t/tc_cert.rb +34 -0
- data/ext/xmlsig/t/tc_interface.rb +158 -0
- data/ext/xmlsig/t/tc_signer.rb +501 -0
- data/ext/xmlsig/t/tc_tsik.rb +490 -0
- data/ext/xmlsig/t/tc_verifier.rb +151 -0
- data/ext/xmlsig/t/tsik_interop/sign.rb +48 -0
- data/ext/xmlsig/t/tsik_interop/verify.rb +31 -0
- data/ext/xmlsig/t/tsik_interop/verify_own.rb +46 -0
- data/ext/xmlsig/xmlsig.cpp +13363 -0
- data/lib/xmlsig.rb +1 -0
- metadata +113 -0
@@ -0,0 +1,405 @@
|
|
1
|
+
/*
|
2
|
+
* (C) Copyright 2006 VeriSign, Inc.
|
3
|
+
* Developed by Sxip Identity
|
4
|
+
*
|
5
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
* you may not use this file except in compliance with the License.
|
7
|
+
* You may obtain a copy of the License at
|
8
|
+
*
|
9
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
*
|
11
|
+
* Unless required by applicable law or agreed to in writing, software
|
12
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
* See the License for the specific language governing permissions and
|
15
|
+
* limitations under the License.
|
16
|
+
*/
|
17
|
+
%module(docstring="xmlsig is a wrapper around the xmlsec library, providing a simple interface for digital signatures") xmlsig
|
18
|
+
%include "std_string.i"
|
19
|
+
%include "std_vector.i"
|
20
|
+
%{
|
21
|
+
#include "DSig.h"
|
22
|
+
#include "Signer.h"
|
23
|
+
#include "Key.h"
|
24
|
+
#include "XmlDoc.h"
|
25
|
+
#include "Verifier.h"
|
26
|
+
#include "KeyStore.h"
|
27
|
+
#include "TrustVerifier.h"
|
28
|
+
#include <libxml/tree.h>
|
29
|
+
%}
|
30
|
+
|
31
|
+
#if defined(SWIGPYTHON)
|
32
|
+
typedef xmlDoc *xmlDocPtr;
|
33
|
+
%include python.i
|
34
|
+
#endif
|
35
|
+
|
36
|
+
#if defined(SWIGPERL)
|
37
|
+
%include perl.i
|
38
|
+
#endif
|
39
|
+
|
40
|
+
#if defined(SWIGRUBY)
|
41
|
+
%include ruby.i
|
42
|
+
#endif
|
43
|
+
|
44
|
+
%include "countptr.i"
|
45
|
+
|
46
|
+
int dsigInit (void) throw (LibError);
|
47
|
+
int dsigShutdown (void);
|
48
|
+
|
49
|
+
%init %{
|
50
|
+
dsigInit();
|
51
|
+
%}
|
52
|
+
|
53
|
+
%include "exceptions.i"
|
54
|
+
|
55
|
+
%rename(X509CertificateBase) X509Certificate;
|
56
|
+
%rename(X509Certificate) CountPtrTo<X509Certificate>;
|
57
|
+
class X509Certificate {
|
58
|
+
public:
|
59
|
+
X509Certificate();
|
60
|
+
X509Certificate(const X509Certificate& cert)
|
61
|
+
throw(MemoryError);
|
62
|
+
~X509Certificate();
|
63
|
+
int loadFromFile(std::string fileName, std::string format)
|
64
|
+
throw(IOError, KeyError);
|
65
|
+
std::string getSubjectDN();
|
66
|
+
std::string getIssuerDN();
|
67
|
+
int getVersion();
|
68
|
+
int isValid();
|
69
|
+
int getBasicConstraints();
|
70
|
+
KeyPtr getKey () const;
|
71
|
+
};
|
72
|
+
class CountPtrTo<X509Certificate>
|
73
|
+
{
|
74
|
+
public:
|
75
|
+
~CountPtrTo ();
|
76
|
+
|
77
|
+
X509Certificate* operator-> ();
|
78
|
+
};
|
79
|
+
%extend CountPtrTo<X509Certificate> {
|
80
|
+
CountPtrTo<X509Certificate> ()
|
81
|
+
{
|
82
|
+
return new CountPtrTo<X509Certificate>(new X509Certificate());
|
83
|
+
}
|
84
|
+
CountPtrTo<X509Certificate> (const CountPtrTo<X509Certificate>& cert) throw(MemoryError)
|
85
|
+
{
|
86
|
+
return new CountPtrTo<X509Certificate>(new X509Certificate(*cert));
|
87
|
+
}
|
88
|
+
}
|
89
|
+
typedef CountPtrTo<X509Certificate> X509CertificatePtr;
|
90
|
+
namespace std {
|
91
|
+
%template(X509CertificateVector) vector<X509CertificatePtr>;
|
92
|
+
};
|
93
|
+
|
94
|
+
%rename(KeyBase) Key;
|
95
|
+
%rename(Key) CountPtrTo<Key>;
|
96
|
+
class Key {
|
97
|
+
public:
|
98
|
+
Key();
|
99
|
+
Key(X509CertificatePtr cert)
|
100
|
+
throw(LibError);
|
101
|
+
Key(std::vector<X509CertificatePtr> certs)
|
102
|
+
throw(MemoryError, LibError, ValueError, KeyError);
|
103
|
+
~Key();
|
104
|
+
|
105
|
+
int loadFromFile(std::string fileName, std::string format, std::string password)
|
106
|
+
throw(IOError);
|
107
|
+
int loadFromKeyInfoFile(std::string fileName)
|
108
|
+
throw(MemoryError, IOError, LibError, XMLError);
|
109
|
+
int loadHMACFromString(std::string hMACString)
|
110
|
+
throw(MemoryError, LibError, KeyError);
|
111
|
+
|
112
|
+
int setName (std::string name)
|
113
|
+
throw(KeyError, LibError);
|
114
|
+
std::string getName ();
|
115
|
+
int isValid ();
|
116
|
+
X509CertificatePtr getCertificate ()
|
117
|
+
throw(KeyError);
|
118
|
+
vector<X509CertificatePtr> getCertificateChain ();
|
119
|
+
|
120
|
+
void dump();
|
121
|
+
};
|
122
|
+
class CountPtrTo<Key>
|
123
|
+
{
|
124
|
+
public:
|
125
|
+
~CountPtrTo ();
|
126
|
+
|
127
|
+
Key* operator-> ();
|
128
|
+
};
|
129
|
+
%extend CountPtrTo<Key> {
|
130
|
+
CountPtrTo<Key> ()
|
131
|
+
{
|
132
|
+
return new CountPtrTo<Key>(new Key());
|
133
|
+
}
|
134
|
+
CountPtrTo<Key> (const CountPtrTo<Key>& key)
|
135
|
+
{
|
136
|
+
return new CountPtrTo<Key>(new Key(*key));
|
137
|
+
}
|
138
|
+
CountPtrTo<Key> (X509CertificatePtr cert)
|
139
|
+
{
|
140
|
+
return new CountPtrTo<Key>(new Key(cert));
|
141
|
+
}
|
142
|
+
CountPtrTo<Key> (std::vector<X509CertificatePtr> certs)
|
143
|
+
{
|
144
|
+
return new CountPtrTo<Key>(new Key(certs));
|
145
|
+
}
|
146
|
+
}
|
147
|
+
typedef CountPtrTo<Key> KeyPtr;
|
148
|
+
namespace std {
|
149
|
+
%template(KeyVector) vector<KeyPtr>;
|
150
|
+
};
|
151
|
+
|
152
|
+
%rename(KeyStoreBase) KeyStore;
|
153
|
+
%rename(KeyStore) CountPtrTo<KeyStore>;
|
154
|
+
class KeyStore {
|
155
|
+
public:
|
156
|
+
KeyStore()
|
157
|
+
throw(MemoryError, KeyError);
|
158
|
+
~KeyStore();
|
159
|
+
int addTrustedCert(X509CertificatePtr cert)
|
160
|
+
throw(LibError);
|
161
|
+
int addUntrustedCert(X509CertificatePtr cert)
|
162
|
+
throw(LibError);
|
163
|
+
int addTrustedCertFromFile(std::string fileName, std::string format)
|
164
|
+
throw(IOError);
|
165
|
+
int addUntrustedCertFromFile(std::string fileName, std::string format)
|
166
|
+
throw(IOError);
|
167
|
+
int addKey(KeyPtr key)
|
168
|
+
throw(IOError, LibError, MemoryError, KeyError);
|
169
|
+
int addKeyFromFile(std::string fileName, std::string format, std::string name)
|
170
|
+
throw(IOError, LibError, MemoryError, KeyError);
|
171
|
+
int addKeyFromFile(std::string fileName, std::string format, std::string name, std::string password)
|
172
|
+
throw(IOError, LibError, MemoryError, KeyError);
|
173
|
+
int saveToFile(std::string fileName)
|
174
|
+
throw(IOError);
|
175
|
+
int loadFromFile(std::string fileName)
|
176
|
+
throw(IOError);
|
177
|
+
};
|
178
|
+
class CountPtrTo<KeyStore>
|
179
|
+
{
|
180
|
+
public:
|
181
|
+
~CountPtrTo ();
|
182
|
+
|
183
|
+
KeyStore* operator-> ();
|
184
|
+
};
|
185
|
+
%extend CountPtrTo<KeyStore> {
|
186
|
+
CountPtrTo<KeyStore> ()
|
187
|
+
{
|
188
|
+
return new CountPtrTo<KeyStore>(new KeyStore());
|
189
|
+
}
|
190
|
+
}
|
191
|
+
typedef CountPtrTo<KeyStore> KeyStorePtr;
|
192
|
+
|
193
|
+
%rename(XmlDocBase) XmlDoc;
|
194
|
+
%rename(XmlDoc) CountPtrTo<XmlDoc>;
|
195
|
+
class XmlDoc {
|
196
|
+
public:
|
197
|
+
XmlDoc();
|
198
|
+
~XmlDoc();
|
199
|
+
#if defined(SWIGPYTHON)
|
200
|
+
int loadFromXmlDocPtr(xmlDocPtr)
|
201
|
+
throw(ValueError, LibError);
|
202
|
+
xmlDocPtr getDoc();
|
203
|
+
#endif
|
204
|
+
int loadFromString(std::string xmlData)
|
205
|
+
throw(LibError);
|
206
|
+
int loadFromFile(std::string fileName)
|
207
|
+
throw(IOError, LibError);
|
208
|
+
std::string toString();
|
209
|
+
int toFile(std::string fileName)
|
210
|
+
throw(IOError, LibError);
|
211
|
+
void dump();
|
212
|
+
int addIdAttr(std::string attrName, std::string nodeName, std::string nsHref)
|
213
|
+
throw(ValueError, XMLError);
|
214
|
+
};
|
215
|
+
class CountPtrTo<XmlDoc>
|
216
|
+
{
|
217
|
+
public:
|
218
|
+
~CountPtrTo ();
|
219
|
+
|
220
|
+
XmlDoc* operator-> ();
|
221
|
+
};
|
222
|
+
%extend CountPtrTo<XmlDoc> {
|
223
|
+
CountPtrTo<XmlDoc> ()
|
224
|
+
{
|
225
|
+
return new CountPtrTo<XmlDoc>(new XmlDoc());
|
226
|
+
}
|
227
|
+
CountPtrTo<XmlDoc> (const CountPtrTo<XmlDoc>& doc)
|
228
|
+
{
|
229
|
+
return new CountPtrTo<XmlDoc>(new XmlDoc(*doc));
|
230
|
+
}
|
231
|
+
}
|
232
|
+
typedef CountPtrTo<XmlDoc> XmlDocClassPtr;
|
233
|
+
|
234
|
+
%rename(XPathBase) XPath;
|
235
|
+
%rename(XPath) CountPtrTo<XPath>;
|
236
|
+
class XPath {
|
237
|
+
public:
|
238
|
+
XPath();
|
239
|
+
XPath(std::string expr);
|
240
|
+
~XPath();
|
241
|
+
int addNamespace (std::string prefix, std::string uri);
|
242
|
+
std::string getXPath ();
|
243
|
+
void setXPath (std::string expr);
|
244
|
+
};
|
245
|
+
class CountPtrTo<XPath>
|
246
|
+
{
|
247
|
+
public:
|
248
|
+
~CountPtrTo ();
|
249
|
+
|
250
|
+
XPath* operator-> ();
|
251
|
+
};
|
252
|
+
%extend CountPtrTo<XPath> {
|
253
|
+
CountPtrTo<XPath> ()
|
254
|
+
{
|
255
|
+
return new CountPtrTo<XPath>(new XPath());
|
256
|
+
}
|
257
|
+
CountPtrTo<XPath> (const CountPtrTo<XPath>& xpath)
|
258
|
+
{
|
259
|
+
return new CountPtrTo<XPath>(new XPath(*xpath));
|
260
|
+
}
|
261
|
+
CountPtrTo<XPath> (std::string expr)
|
262
|
+
{
|
263
|
+
return new CountPtrTo<XPath>(new XPath(expr));
|
264
|
+
}
|
265
|
+
}
|
266
|
+
typedef CountPtrTo<XPath> XPathPtr;
|
267
|
+
|
268
|
+
%rename(XmlElementBase) XmlElement;
|
269
|
+
%rename(XmlElement) CountPtrTo<XmlElement>;
|
270
|
+
class XmlElement
|
271
|
+
{
|
272
|
+
public:
|
273
|
+
XmlElement ();
|
274
|
+
~XmlElement ();
|
275
|
+
|
276
|
+
xmlNodePtr getNode ();
|
277
|
+
std::string getTagName ();
|
278
|
+
std::string getAttribute (std::string name);
|
279
|
+
std::string getAttribute (std::string name, std::string nameSpace);
|
280
|
+
std::string getNodePath ();
|
281
|
+
};
|
282
|
+
class CountPtrTo<XmlElement>
|
283
|
+
{
|
284
|
+
public:
|
285
|
+
~CountPtrTo ();
|
286
|
+
|
287
|
+
XmlElement* operator-> ();
|
288
|
+
};
|
289
|
+
%extend CountPtrTo<XmlElement> {
|
290
|
+
CountPtrTo<XmlElement> ()
|
291
|
+
{
|
292
|
+
return new CountPtrTo<XmlElement>(new XmlElement());
|
293
|
+
}
|
294
|
+
}
|
295
|
+
typedef CountPtrTo<XmlElement> XmlElementPtr;
|
296
|
+
namespace std {
|
297
|
+
%template(XmlElementVector) vector<XmlElementPtr>;
|
298
|
+
};
|
299
|
+
|
300
|
+
%newobject Signer::sign;
|
301
|
+
class Signer {
|
302
|
+
public:
|
303
|
+
Signer(XmlDocClassPtr doc, KeyPtr key);
|
304
|
+
Signer(XmlDocClassPtr doc, KeyPtr key, KeyPtr verifyKey);
|
305
|
+
Signer(XmlDocClassPtr doc, KeyPtr key, X509CertificatePtr cert)
|
306
|
+
throw(KeyError, ValueError, MemoryError, LibError);
|
307
|
+
Signer(XmlDocClassPtr doc, KeyPtr key, std::vector<X509CertificatePtr> cert)
|
308
|
+
throw(KeyError, ValueError, MemoryError, LibError);
|
309
|
+
~Signer();
|
310
|
+
|
311
|
+
XmlDocClassPtr sign()
|
312
|
+
throw(MemoryError, DocError, XPathError, LibError, KeyError);
|
313
|
+
XmlDocClassPtr sign(XPathPtr xPath)
|
314
|
+
throw(MemoryError, DocError, XPathError, LibError, KeyError);
|
315
|
+
XmlDocClassPtr sign(XPathPtr xPath, bool insertBefore)
|
316
|
+
throw(MemoryError, DocError, XPathError, LibError, KeyError);
|
317
|
+
|
318
|
+
int signInPlace()
|
319
|
+
throw(DocError, XPathError, LibError, KeyError);
|
320
|
+
int signInPlace(XPathPtr xPath)
|
321
|
+
throw(DocError, XPathError, LibError, KeyError);
|
322
|
+
int signInPlace(XPathPtr xPath, bool insertBefore)
|
323
|
+
throw(DocError, XPathError, LibError, KeyError);
|
324
|
+
|
325
|
+
int setKeyStore(KeyStorePtr keyStore)
|
326
|
+
throw(ValueError);
|
327
|
+
int addCertFromFile(std::string fileName, std::string fileFormat)
|
328
|
+
throw(KeyError, IOError);
|
329
|
+
int addCert(X509CertificatePtr cert)
|
330
|
+
throw(KeyError, ValueError, MemoryError, LibError);
|
331
|
+
int useExclusiveCanonicalizer(std::string prefixes);
|
332
|
+
void addReference(XPathPtr xPath);
|
333
|
+
void attachPublicKey (int value);
|
334
|
+
};
|
335
|
+
|
336
|
+
%newobject Verifier::getVerifyingKey;
|
337
|
+
class Verifier {
|
338
|
+
public:
|
339
|
+
Verifier(XmlDocClassPtr doc)
|
340
|
+
throw(MemoryError);
|
341
|
+
Verifier(XmlDocClassPtr doc, XPathPtr xpath)
|
342
|
+
throw(MemoryError);
|
343
|
+
|
344
|
+
int setKeyStore(KeyStorePtr keyStore)
|
345
|
+
throw(ValueError);
|
346
|
+
int verify()
|
347
|
+
throw(LibError, MemoryError, KeyError, DocError, XMLError);
|
348
|
+
int verify(KeyPtr key)
|
349
|
+
throw(LibError, MemoryError, KeyError, DocError, XMLError);
|
350
|
+
|
351
|
+
KeyPtr getVerifyingKey ()
|
352
|
+
throw(DocError, XMLError, LibError);
|
353
|
+
int isReferenced(XPathPtr xpath)
|
354
|
+
throw(DocError, XMLError, LibError);
|
355
|
+
std::vector<XmlElementPtr> getReferencedElements ()
|
356
|
+
throw(XMLError, LibError);
|
357
|
+
X509CertificatePtr getCertificate ()
|
358
|
+
throw(DocError, XMLError, LibError);
|
359
|
+
std::vector<X509CertificatePtr> getCertificateChain ()
|
360
|
+
throw(DocError, XMLError, LibError);
|
361
|
+
void skipCertCheck (int skip);
|
362
|
+
};
|
363
|
+
|
364
|
+
class TrustVerifier
|
365
|
+
{
|
366
|
+
public:
|
367
|
+
TrustVerifier ();
|
368
|
+
virtual ~TrustVerifier ();
|
369
|
+
virtual int verifyTrust ()
|
370
|
+
throw(TrustVerificationError);
|
371
|
+
virtual int verifyTrust (KeyPtr key)
|
372
|
+
throw(TrustVerificationError);
|
373
|
+
virtual int verifyTrust (std::vector<X509CertificatePtr> chain)
|
374
|
+
throw(TrustVerificationError);
|
375
|
+
};
|
376
|
+
|
377
|
+
|
378
|
+
class SimpleTrustVerifier : public TrustVerifier
|
379
|
+
{
|
380
|
+
public:
|
381
|
+
SimpleTrustVerifier (std::vector<KeyPtr> keys);
|
382
|
+
~SimpleTrustVerifier ();
|
383
|
+
|
384
|
+
int verifyTrust ()
|
385
|
+
throw(TrustVerificationError);
|
386
|
+
int verifyTrust (KeyPtr key)
|
387
|
+
throw(TrustVerificationError, LibError);
|
388
|
+
int verifyTrust (std::vector<X509CertificatePtr> chain)
|
389
|
+
throw(TrustVerificationError, LibError);
|
390
|
+
};
|
391
|
+
|
392
|
+
|
393
|
+
class X509TrustVerifier : public TrustVerifier
|
394
|
+
{
|
395
|
+
public:
|
396
|
+
X509TrustVerifier (std::vector<X509CertificatePtr> certs);
|
397
|
+
~X509TrustVerifier ();
|
398
|
+
|
399
|
+
int verifyTrust ()
|
400
|
+
throw(TrustVerificationError);
|
401
|
+
int verifyTrust (KeyPtr key)
|
402
|
+
throw(TrustVerificationError, LibError);
|
403
|
+
int verifyTrust (std::vector<X509CertificatePtr> chain)
|
404
|
+
throw(TrustVerificationError, LibError, KeyError);
|
405
|
+
};
|
@@ -0,0 +1,34 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
# (C) Copyright 2006 VeriSign, Inc.
|
4
|
+
# Developed by Sxip Identity
|
5
|
+
#
|
6
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
+
# you may not use this file except in compliance with the License.
|
8
|
+
# You may obtain a copy of the License at
|
9
|
+
#
|
10
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
+
#
|
12
|
+
# Unless required by applicable law or agreed to in writing, software
|
13
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
+
# See the License for the specific language governing permissions and
|
16
|
+
# limitations under the License.
|
17
|
+
|
18
|
+
require 'test/unit'
|
19
|
+
require 'xmlsig'
|
20
|
+
|
21
|
+
class TC_Cert < Test::Unit::TestCase
|
22
|
+
def test_cert_basics
|
23
|
+
c = Xmlsig::X509Certificate.new
|
24
|
+
if c.loadFromFile("t/keys/badb.pem", "cert_pem") < 0
|
25
|
+
raise "failed to load cert"
|
26
|
+
end
|
27
|
+
assert_equal("CN=Badb,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE",
|
28
|
+
c.getSubjectDN, "subject DN matches")
|
29
|
+
assert_equal("CN=Another Transient CA,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE",
|
30
|
+
c.getIssuerDN, "issuer DN matches")
|
31
|
+
assert_equal(3, c.getVersion, "version matches")
|
32
|
+
assert_equal(1, c.isValid, "cert is valid")
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,158 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
# (C) Copyright 2006 VeriSign, Inc.
|
4
|
+
# Developed by Sxip Identity
|
5
|
+
#
|
6
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
+
# you may not use this file except in compliance with the License.
|
8
|
+
# You may obtain a copy of the License at
|
9
|
+
#
|
10
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
+
#
|
12
|
+
# Unless required by applicable law or agreed to in writing, software
|
13
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
+
# See the License for the specific language governing permissions and
|
16
|
+
# limitations under the License.
|
17
|
+
|
18
|
+
require 'test/unit'
|
19
|
+
require 'xmlsig'
|
20
|
+
|
21
|
+
class TC_Interface < Test::Unit::TestCase
|
22
|
+
# def setup
|
23
|
+
# end
|
24
|
+
|
25
|
+
# def teardown
|
26
|
+
# end
|
27
|
+
|
28
|
+
def xmlDoc
|
29
|
+
x = Xmlsig::XmlDoc.new
|
30
|
+
xml = <<-XML
|
31
|
+
<greeting>
|
32
|
+
<hello>foo</hello>
|
33
|
+
<hello>bar</hello>
|
34
|
+
<goodbye>foo</goodbye>
|
35
|
+
<goodbye>bar</goodbye>
|
36
|
+
</greeting>
|
37
|
+
XML
|
38
|
+
result = x.loadFromString(xml)
|
39
|
+
if result == -1
|
40
|
+
raise "failed to create XML document"
|
41
|
+
end
|
42
|
+
assert_equal(0, result, "loadFromString on XmlDoc")
|
43
|
+
return x
|
44
|
+
end
|
45
|
+
|
46
|
+
def privateKey
|
47
|
+
k = Xmlsig::Key.new
|
48
|
+
result = k.loadFromFile('t/res/rsakey.pem','pem','')
|
49
|
+
if result < 0
|
50
|
+
raise "failed to load key"
|
51
|
+
end
|
52
|
+
assert_equal(0, result, "loadFromString on Key")
|
53
|
+
return k
|
54
|
+
end
|
55
|
+
|
56
|
+
def pubKey
|
57
|
+
k = Xmlsig::Key.new
|
58
|
+
result = k.loadFromFile('t/res/rsapub.pem','pem','')
|
59
|
+
if result < 0
|
60
|
+
raise "failed to load key"
|
61
|
+
end
|
62
|
+
assert_equal(0, result, "loadFromString on Key")
|
63
|
+
return k
|
64
|
+
end
|
65
|
+
|
66
|
+
def HMACKey
|
67
|
+
k = Xmlsig::Key.new
|
68
|
+
result = k.loadHMACFromString('secret')
|
69
|
+
if result < 0
|
70
|
+
raise "failed to create HMAC key"
|
71
|
+
end
|
72
|
+
assert_equal(0, result, "loadHMACFromString on Key")
|
73
|
+
return k
|
74
|
+
end
|
75
|
+
|
76
|
+
def test_interface
|
77
|
+
signer = Xmlsig::Signer.new(xmlDoc, privateKey)
|
78
|
+
verifier = Xmlsig::Verifier.new(signer.sign())
|
79
|
+
assert_equal(1, verifier.verify(pubKey), "verify with public key")
|
80
|
+
begin
|
81
|
+
result = verifier.verify()
|
82
|
+
rescue RuntimeError
|
83
|
+
result = 1
|
84
|
+
ensure
|
85
|
+
assert_equal(1, result, "verify without key")
|
86
|
+
end
|
87
|
+
|
88
|
+
signer = Xmlsig::Signer.new(xmlDoc, privateKey)
|
89
|
+
x = signer.sign(Xmlsig::XPath.new('//greeting'))
|
90
|
+
xml = Xmlsig::XmlDoc.new()
|
91
|
+
assert_equal(0, xml.loadFromFile('t/res/sign_enveloped.xml'), "loadFromFile on XmlDoc")
|
92
|
+
assert_equal(x.toString(), xml.toString(), "compare signed with desired result")
|
93
|
+
|
94
|
+
verifier = Xmlsig::Verifier.new(x)
|
95
|
+
assert_equal(1, verifier.verify(pubKey), "verify with public key")
|
96
|
+
|
97
|
+
signer = Xmlsig::Signer.new(xmlDoc, privateKey)
|
98
|
+
signer.addReference(Xmlsig::XPath.new('//hello'))
|
99
|
+
x = signer.sign(Xmlsig::XPath.new('//greeting'))
|
100
|
+
xml = Xmlsig::XmlDoc.new()
|
101
|
+
assert_equal(0, xml.loadFromFile('t/res/sign_detached.xml'), "loadFromFile on XmlDoc")
|
102
|
+
assert_equal(x.toString(), xml.toString(), "compare signed with desired result")
|
103
|
+
|
104
|
+
verifier = Xmlsig::Verifier.new(x)
|
105
|
+
assert_equal(1, verifier.verify(pubKey), "verify with public key")
|
106
|
+
assert_equal(1, verifier.isReferenced(Xmlsig::XPath.new('//hello[1]')), "isReferenced on verify")
|
107
|
+
|
108
|
+
xml = xmlDoc
|
109
|
+
signer = Xmlsig::Signer.new(xml, privateKey)
|
110
|
+
signer.addReference(Xmlsig::XPath.new('//hello'))
|
111
|
+
assert_equal(0, signer.signInPlace(Xmlsig::XPath.new('//greeting')), "signInPlace on signer")
|
112
|
+
x = Xmlsig::XmlDoc.new()
|
113
|
+
assert_equal(0, x.loadFromFile('t/res/sign_detached.xml'), "loadFromFile on XmlDoc")
|
114
|
+
assert_equal(x.toString(), xml.toString(), "compare signed with desired result")
|
115
|
+
|
116
|
+
xml = xmlDoc
|
117
|
+
signer = Xmlsig::Signer.new(xml, privateKey)
|
118
|
+
assert_equal(0, signer.signInPlace(), "signInPlace on signer")
|
119
|
+
verifier = Xmlsig::Verifier.new(xml)
|
120
|
+
assert_equal(1, verifier.verify(pubKey), "verify with public key")
|
121
|
+
|
122
|
+
xml = xmlDoc
|
123
|
+
signer = Xmlsig::Signer.new(xml, privateKey, pubKey)
|
124
|
+
assert_equal(0, signer.signInPlace(Xmlsig::XPath.new('//greeting')), "signInPlace on signer")
|
125
|
+
x = Xmlsig::XmlDoc.new()
|
126
|
+
assert_equal(0, x.loadFromFile('t/res/sign_enveloped_withkey.xml'), "loadFromFile on XmlDoc")
|
127
|
+
assert_equal(x.toString(), xml.toString(), "compare signed with desired result")
|
128
|
+
|
129
|
+
xml = xmlDoc
|
130
|
+
signer = Xmlsig::Signer.new(xml, privateKey)
|
131
|
+
signer.useExclusiveCanonicalizer('')
|
132
|
+
assert_equal(0, signer.signInPlace(Xmlsig::XPath.new('//greeting')), "signInPlace on signer")
|
133
|
+
x = Xmlsig::XmlDoc.new()
|
134
|
+
assert_equal(0, x.loadFromFile('t/res/sign_enveloped_exc_c14n.xml'), "loadFromFile on XmlDoc")
|
135
|
+
assert_equal(x.toString(), xml.toString(), "compare signed with desired result")
|
136
|
+
|
137
|
+
signer = Xmlsig::Signer.new(xmlDoc, privateKey)
|
138
|
+
signer.addCertFromFile('t/res/rsacert.pem', 'pem')
|
139
|
+
signer.attachPublicKey(1)
|
140
|
+
xml = signer.sign(Xmlsig::XPath.new('//greeting'))
|
141
|
+
x = Xmlsig::XmlDoc.new()
|
142
|
+
assert_equal(0, x.loadFromFile('t/res/sign_enveloped_withcert.xml'), "loadFromFile on XmlDoc")
|
143
|
+
assert_equal(x.toString(), xml.toString(), "compare signed with desired result")
|
144
|
+
|
145
|
+
verifier = Xmlsig::Verifier.new(xml)
|
146
|
+
eCert = verifier.getCertificate()
|
147
|
+
assert_kind_of(Object, eCert, "getCertificate on verifier")
|
148
|
+
|
149
|
+
xml = xmlDoc
|
150
|
+
signer = Xmlsig::Signer.new(xml, HMACKey())
|
151
|
+
assert_equal(0, signer.signInPlace(Xmlsig::XPath.new('//greeting')), "signInPlace on signer")
|
152
|
+
|
153
|
+
x = Xmlsig::XmlDoc.new()
|
154
|
+
assert_equal(0, x.loadFromFile('t/res/sign_enveloped_hmac.xml'), "loadFromFile on XmlDoc")
|
155
|
+
assert_equal(x.toString(), xml.toString(), "compare signed with desired result")
|
156
|
+
end
|
157
|
+
end
|
158
|
+
|