int main(int argc, char **argv) { xmlSecKeysMngrPtr mngr; #ifndef XMLSEC_NO_XSLT xsltSecurityPrefsPtr xsltSecPrefs = NULL; #endif /* XMLSEC_NO_XSLT */ /* start response */ fprintf(stdout, "Content-type: text/plain\n"); fprintf(stdout, "\n"); /* Init libxml and libxslt libraries */ xmlInitParser(); LIBXML_TEST_VERSION xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS; xmlSubstituteEntitiesDefault(1); #ifndef XMLSEC_NO_XSLT xmlIndentTreeOutput = 1; #endif /* XMLSEC_NO_XSLT */ /* make sure that we print out everything to stdout */ xmlGenericErrorContext = stdout; /* Init libxslt */ #ifndef XMLSEC_NO_XSLT /* disable everything */ xsltSecPrefs = xsltNewSecurityPrefs(); xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid); xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid); xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid); xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid); xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid); xsltSetDefaultSecurityPrefs(xsltSecPrefs); #endif /* XMLSEC_NO_XSLT */ /* Init xmlsec library */ if(xmlSecInit() < 0) { fprintf(stdout, "Error: xmlsec initialization failed.\n"); return(-1); } /* Check loaded library version */ if(xmlSecCheckVersion() != 1) { fprintf(stdout, "Error: loaded xmlsec library version is not compatible.\n"); return(-1); } /* Load default crypto engine if we are supporting dynamic * loading for xmlsec-crypto libraries. Use the crypto library * name ("openssl", "nss", etc.) to load corresponding * xmlsec-crypto library. */ #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING if(xmlSecCryptoDLLoadLibrary(NULL) < 0) { fprintf(stdout, "Error: unable to load default xmlsec-crypto library. Make sure\n" "that you have it installed and check shared libraries path\n" "(LD_LIBRARY_PATH) envornment variable.\n"); return(-1); } #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */ /* Init crypto library */ if(xmlSecCryptoAppInit(XMLDSIGVERIFY_DEFAULT_TRUSTED_CERTS_FOLDER) < 0) { fprintf(stdout, "Error: crypto initialization failed.\n"); return(-1); } /* Init xmlsec-crypto library */ if(xmlSecCryptoInit() < 0) { fprintf(stdout, "Error: xmlsec-crypto initialization failed.\n"); return(-1); } /* create keys manager */ mngr = xmlSecKeysMngrCreate(); if(mngr == NULL) { fprintf(stdout, "Error: failed to create keys manager.\n"); return(-1); } if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) { fprintf(stdout, "Error: failed to initialize keys manager.\n"); return(-1); } if(load_keys(mngr, XMLDSIGVERIFY_KEY_AND_CERTS_FOLDER, 0) < 0) { xmlSecKeysMngrDestroy(mngr); return(-1); } if(load_trusted_certs(mngr, XMLDSIGVERIFY_KEY_AND_CERTS_FOLDER, 0) < 0) { xmlSecKeysMngrDestroy(mngr); return(-1); } if(verify_request(mngr) < 0) { xmlSecKeysMngrDestroy(mngr); return(-1); } /* Destroy keys manager */ xmlSecKeysMngrDestroy(mngr); /* Shutdown xmlsec-crypto library */ xmlSecCryptoShutdown(); /* Shutdown crypto library */ xmlSecCryptoAppShutdown(); /* Shutdown xmlsec library */ xmlSecShutdown(); /* Shutdown libxslt/libxml */ #ifndef XMLSEC_NO_XSLT xsltFreeSecurityPrefs(xsltSecPrefs); xsltCleanupGlobals(); #endif /* XMLSEC_NO_XSLT */ xmlCleanupParser(); return(0); }
static PyObject * PoleXmlSec_verify(PyObject *self, PyObject *args) { const char *xml, *id_attr_name, *id_node_name, *certifiers; int verified = 0; PyObject* result; xmlSecKeysMngrPtr mngr; const char **f, *files[1000000]; char *c, *certs; if (!PyArg_ParseTuple(args, "ssss", &xml, &id_attr_name, &id_node_name, &certifiers)) return NULL; result = Py_BuildValue("b", verified); /* Init libxml and libxslt libraries */ xmlInitParser(); LIBXML_TEST_VERSION xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS; xmlSubstituteEntitiesDefault(1); #ifndef XMLSEC_NO_XSLT xmlIndentTreeOutput = 1; #endif /* XMLSEC_NO_XSLT */ /* Init xmlsec library */ if(xmlSecInit() < 0) { fprintf(stderr, "XmlSecError: xmlsec initialization failed.\n"); return result; } /* Check loaded library version */ if(xmlSecCheckVersion() != 1) { fprintf(stderr, "XmlSecError: loaded xmlsec library version is not compatible.\n"); return result; } /* Load default crypto engine if we are supporting dynamic * loading for xmlsec-crypto libraries. Use the crypto library * name ("openssl", "nss", etc.) to load corresponding * xmlsec-crypto library. */ #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) { fprintf(stderr, "XmlSecError: unable to load default xmlsec-crypto library. Make sure\n" "that you have it installed and check shared libraries path\n" "(LD_LIBRARY_PATH) envornment variable.\n"); return result; } #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */ /* Init crypto library */ if(xmlSecCryptoAppInit(NULL) < 0) { fprintf(stderr, "XmlSecError: crypto initialization failed.\n"); return result; } /* Init xmlsec-crypto library */ if(xmlSecCryptoInit() < 0) { fprintf(stderr, "XmlSecError: xmlsec-crypto initialization failed.\n"); return result; } /* Create a list of trusted certificates files/directories */ certs = strdup(certifiers); for (c = certs, f = files, *(f++) = c; *c; c++) if (*c == ';') { *c = '\0'; *(f++) = c + 1; } *f = NULL; /* create keys manager and load trusted certificates */ mngr = load_trusted_certs(files); free(certs); if(mngr == NULL) { return result; } verified = verify_xml(mngr, xml, id_attr_name, id_node_name); xmlSecKeysMngrDestroy(mngr); result = Py_BuildValue("b", verified == 1); /* Shutdown xmlsec-crypto library */ xmlSecCryptoShutdown(); /* Shutdown xmlsec library */ xmlSecShutdown(); /* Shutdown crypto library */ /* Se executar essa linha dá erro na conexão HTTPS */ xmlSecCryptoAppShutdown(); /* Shutdown libxslt/libxml/libxmlsec1 */ #ifndef XMLSEC_NO_XSLT xsltCleanupGlobals(); #endif /* XMLSEC_NO_XSLT */ xmlCleanupParser(); return result; }
int main(int argc, char **argv) { #ifndef XMLSEC_NO_XSLT xsltSecurityPrefsPtr xsltSecPrefs = NULL; #endif /* XMLSEC_NO_XSLT */ xmlSecKeysMngrPtr mngr; assert(argv); if(argc < 3) { fprintf(stderr, "Error: wrong number of arguments.\n"); fprintf(stderr, "Usage: %s <xml-file> <cert-file1> [<cert-file2> [...]]\n", argv[0]); return(1); } /* Init libxml and libxslt libraries */ xmlInitParser(); LIBXML_TEST_VERSION xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS; xmlSubstituteEntitiesDefault(1); #ifndef XMLSEC_NO_XSLT xmlIndentTreeOutput = 1; #endif /* XMLSEC_NO_XSLT */ /* Init libxslt */ #ifndef XMLSEC_NO_XSLT /* disable everything */ xsltSecPrefs = xsltNewSecurityPrefs(); xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid); xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid); xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid); xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid); xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid); xsltSetDefaultSecurityPrefs(xsltSecPrefs); #endif /* XMLSEC_NO_XSLT */ /* Init xmlsec library */ if(xmlSecInit() < 0) { fprintf(stderr, "Error: xmlsec initialization failed.\n"); return(-1); } /* Check loaded library version */ if(xmlSecCheckVersion() != 1) { fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n"); return(-1); } /* Load default crypto engine if we are supporting dynamic * loading for xmlsec-crypto libraries. Use the crypto library * name ("openssl", "nss", etc.) to load corresponding * xmlsec-crypto library. */ #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) { fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n" "that you have it installed and check shared libraries path\n" "(LD_LIBRARY_PATH) envornment variable.\n"); return(-1); } #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */ /* Init crypto library */ if(xmlSecCryptoAppInit(NULL) < 0) { fprintf(stderr, "Error: crypto initialization failed.\n"); return(-1); } /* Init xmlsec-crypto library */ if(xmlSecCryptoInit() < 0) { fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n"); return(-1); } /* create keys manager and load trusted certificates */ mngr = load_trusted_certs(&(argv[2]), argc - 2); if(mngr == NULL) { return(-1); } /* verify file */ if(verify_file(mngr, argv[1]) < 0) { xmlSecKeysMngrDestroy(mngr); return(-1); } /* destroy keys manager */ xmlSecKeysMngrDestroy(mngr); /* Shutdown xmlsec-crypto library */ xmlSecCryptoShutdown(); /* Shutdown crypto library */ xmlSecCryptoAppShutdown(); /* Shutdown xmlsec library */ xmlSecShutdown(); /* Shutdown libxslt/libxml */ #ifndef XMLSEC_NO_XSLT xsltFreeSecurityPrefs(xsltSecPrefs); xsltCleanupGlobals(); #endif /* XMLSEC_NO_XSLT */ xmlCleanupParser(); return(0); }