// --------------------------------------------------------------------------- // Add <KeyName> element to <KeyInfo> node and set the value of it. // --------------------------------------------------------------------------- // void XmlSecTemplate::SetKeyInfoL(RXmlEngDocument& aTemplate, const TDesC8& aKeyName) { if(!aKeyName.Compare(KNullDesC8)) { User::Leave(KErrWrongParameter); } if(aTemplate.IsNull()) { User::Leave(KErrTemplate); } xmlNodePtr keyInfo = NULL; TXmlEngNode tmpNode = aTemplate.DocumentElement(); xmlNodePtr root = INTERNAL_NODEPTR(tmpNode); keyInfo = xmlSecFindNode(root,xmlSecNodeKeyInfo, xmlSecDSigNs); if(!keyInfo) { User::Leave(KErrTemplate); } TXmlEngElement(keyInfo).RemoveChildren(); char* name = XmlEngXmlCharFromDes8L(aKeyName); root = xmlSecTmplKeyInfoAddKeyName(keyInfo,(unsigned char*)name); delete name; if(!root) { User::Leave(KErrNoMemory); } }
PyObject *xmlsec_TmplKeyInfoAddKeyName(PyObject *self, PyObject *args) { PyObject *keyInfoNode_obj; xmlNodePtr keyInfoNode; const xmlChar *name; xmlNodePtr keyName; if (CheckArgs(args, "Os:tmplKeyInfoAddKeyName")) { if (!PyArg_ParseTuple(args, "Oz:tmplKeyInfoAddKeyName", &keyInfoNode_obj, &name)) return NULL; } else return NULL; keyInfoNode = xmlNodePtr_get(keyInfoNode_obj); keyName = xmlSecTmplKeyInfoAddKeyName(keyInfoNode, name); return (wrap_xmlNodePtr(keyName)); }
/** * sign_file: * @xml_file: the XML file name. * @key_file: the PEM private key file name. * * Signs the #xml_file using private key from #key_file and dynamicaly * created enveloped signature template. * * Returns 0 on success or a negative value if an error occurs. */ int sign_file(const char* xml_file, const char* key_file) { xmlDocPtr doc = NULL; xmlNodePtr signNode = NULL; xmlNodePtr refNode = NULL; xmlNodePtr keyInfoNode = NULL; xmlSecDSigCtxPtr dsigCtx = NULL; int res = -1; assert(xml_file); assert(key_file); /* load doc file */ doc = xmlParseFile(xml_file); if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){ printf_a_ignorar3(stderr, "Error: unable to parse file \"%s\"\n", xml_file); goto done; } /* create signature template for RSA-SHA1 enveloped signature */ signNode = xmlSecTmplSignatureCreate(doc, xmlSecTransformExclC14NId, xmlSecTransformRsaSha1Id, NULL); if(signNode == NULL) { printf_a_ignorar3(stderr, "Error: failed to create signature template\n"); goto done; } /* add <dsig:Signature/> node to the doc */ xmlAddChild(xmlDocGetRootElement(doc), signNode); /* add reference */ refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id, NULL, NULL, NULL); if(refNode == NULL) { printf_a_ignorar3(stderr, "Error: failed to add reference to signature template\n"); goto done; } /* add enveloped transform */ if(xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId) == NULL) { printf_a_ignorar3(stderr, "Error: failed to add enveloped transform to reference\n"); goto done; } /* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to put key name in the signed document */ keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL); if(keyInfoNode == NULL) { printf_a_ignorar3(stderr, "Error: failed to add key info\n"); goto done; } if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) { printf_a_ignorar3(stderr, "Error: failed to add key name\n"); goto done; } /* create signature context, we don't need keys manager in this example */ dsigCtx = xmlSecDSigCtxCreate(NULL); if(dsigCtx == NULL) { printf_a_ignorar3(stderr,"Error: failed to create signature context\n"); goto done; } /* load private key, assuming that there is not password */ dsigCtx->signKey = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL); if(dsigCtx->signKey == NULL) { printf_a_ignorar3(stderr,"Error: failed to load private pem key from \"%s\"\n", key_file); goto done; } /* set key name to the file name, this is just an example! */ if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) { printf_a_ignorar3(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file); goto done; } /* sign the template */ if(xmlSecDSigCtxSign(dsigCtx, signNode) < 0) { printf_a_ignorar3(stderr,"Error: signature failed\n"); goto done; } /* print signed document to stdout */ xmlDocDump(stdout, doc); /* success */ res = 0; done: /* cleanup */ if(dsigCtx != NULL) { xmlSecDSigCtxDestroy(dsigCtx); } if(doc != NULL) { xmlFreeDoc(doc); } return(res); }
/** * encrypt_file: * @xml_file: the encryption template file name. * @key_file: the Triple DES key file. * * Encrypts #xml_file using a dynamicaly created template and DES key from * #key_file. * * Returns 0 on success or a negative value if an error occurs. */ int encrypt_file(const char* xml_file, const char* key_file) { xmlDocPtr doc = NULL; xmlNodePtr encDataNode = NULL; xmlNodePtr keyInfoNode = NULL; xmlSecEncCtxPtr encCtx = NULL; int res = -1; assert(xml_file); assert(key_file); /* load template */ doc = xmlParseFile(xml_file); if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){ fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file); goto done; } /* create encryption template to encrypt XML file and replace * its content with encryption result */ encDataNode = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId, NULL, xmlSecTypeEncElement, NULL, NULL); if(encDataNode == NULL) { fprintf(stderr, "Error: failed to create encryption template\n"); goto done; } /* we want to put encrypted data in the <enc:CipherValue/> node */ if(xmlSecTmplEncDataEnsureCipherValue(encDataNode) == NULL) { fprintf(stderr, "Error: failed to add CipherValue node\n"); goto done; } /* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to put key name in the signed document */ keyInfoNode = xmlSecTmplEncDataEnsureKeyInfo(encDataNode, NULL); if(keyInfoNode == NULL) { fprintf(stderr, "Error: failed to add key info\n"); goto done; } if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) { fprintf(stderr, "Error: failed to add key name\n"); goto done; } /* create encryption context, we don't need keys manager in this example */ encCtx = xmlSecEncCtxCreate(NULL); if(encCtx == NULL) { fprintf(stderr,"Error: failed to create encryption context\n"); goto done; } /* load DES key, assuming that there is not password */ encCtx->encKey = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, key_file); if(encCtx->encKey == NULL) { fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", key_file); goto done; } /* set key name to the file name, this is just an example! */ if(xmlSecKeySetName(encCtx->encKey, key_file) < 0) { fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file); goto done; } /* encrypt the data */ if(xmlSecEncCtxXmlEncrypt(encCtx, encDataNode, xmlDocGetRootElement(doc)) < 0) { fprintf(stderr,"Error: encryption failed\n"); goto done; } /* we template is inserted in the doc */ encDataNode = NULL; /* print encrypted data with document to stdout */ xmlDocDump(stdout, doc); /* success */ res = 0; done: /* cleanup */ if(encCtx != NULL) { xmlSecEncCtxDestroy(encCtx); } if(encDataNode != NULL) { xmlFreeNode(encDataNode); } if(doc != NULL) { xmlFreeDoc(doc); } return(res); }