clean up readme, add example
This commit is contained in:
Ross Kinder
55
README.md
55
README.md
@@ -4,49 +4,16 @@ A (partial) wrapper for [xmlsec](https://www.aleksey.com/xmlsec).
|
||||
|
||||
## Signing Example
|
||||
|
||||
key := []byte(`-----BEGIN PRIVATE KEY-----
|
||||
MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAOK9uFHs/nXrH9Lc
|
||||
GorG6lB7Qs42iWK6mIE56wI7dIdsOuXf6r0ht+d+YTTis24xw+wjEHXrVN0Okh6w
|
||||
sKftzxo8chIo60+UB5NlKdvxAC7tpGNmrf49us/m5bdNx8IY+0pPK0c6B786Uluj
|
||||
Tvx1WFdDXh3UQPBclbWtFe5S3gLxAgMBAAECgYAPj9ngtZVZXoPWowinUbOvRmZ1
|
||||
ZMTVI91nsSPyCUacLM92C4I+7NuEZeYiDRUnkP7TbCyrCzXN3jwlIxdczzORhlXB
|
||||
Bgg9Sw2fkV61CnDEMgw+aEeD5A0GDA6eTwkrawiOMs8vupjsi2/stPsa+bmpI6Rn
|
||||
fdEKBdyDP6iQQhAxiQJBAPNtM7IMvRzlZBXoDaTTpP9rN2FR0ZcX0LT5aRZJ81qi
|
||||
+ZOBFeHUb6MyWvzZKfPinj9JO3s/9e3JbMXemRWBmvcCQQDuc+NfAeW200QyjoC3
|
||||
Ed3jueLMrY1Q3zTcSUhRPw/0pIKgRGZJerro8N6QY2JziV2mxK855gKTwwBigMHL
|
||||
2S9XAkEAwuBfjGDqXOG/uFHn6laNNvWshjqsIdus99Tbrj5RlfP2/YFP9VTOcsXz
|
||||
VYy9K0P3EA8ekVLpHQ4uCFJmF3OEjQJBAMvwO69/HOufhv1CWZ25XzAsRGhPqsRX
|
||||
Eouw9XPfXpMavEm8FkuT9xXRJFkTVxl/i6RdJYx8Rwn/Rm34t0bUKqMCQQCrAtKC
|
||||
Un0PLcemAzPi8ADJlbMDG/IDXNbSej0Y4tw9Cdho1Q38XLZJi0RNdNvQJD1fWu3x
|
||||
9+QU/vJr7lMLzdoy
|
||||
-----END PRIVATE KEY-----`)
|
||||
|
||||
docStr := `<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
XML Security Library example: Simple signature template file for sign1 example.
|
||||
-->
|
||||
<Envelope xmlns="urn:envelope">
|
||||
<Data>
|
||||
Hello, World!
|
||||
</Data>
|
||||
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
||||
<SignedInfo>
|
||||
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
|
||||
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
|
||||
<Reference URI="">
|
||||
<Transforms>
|
||||
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
|
||||
</Transforms>
|
||||
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
||||
<DigestValue></DigestValue>
|
||||
</Reference>
|
||||
</SignedInfo>
|
||||
<SignatureValue/>
|
||||
<KeyInfo>
|
||||
<KeyName/>
|
||||
</KeyInfo>
|
||||
</Signature>
|
||||
</Envelope>`
|
||||
|
||||
key, _ := ioutil.ReadFile("saml.key")
|
||||
doc, _ := ioutil.ReadAll(os.Stdin)
|
||||
signedDoc, err := xmldsig.Sign(key, doc)
|
||||
os.Stdout.Write(signedDoc)
|
||||
|
||||
## Verifying Example
|
||||
|
||||
key, _ := ioutil.ReadFile("saml.crt")
|
||||
doc, _ := ioutil.ReadAll(os.Stdin)
|
||||
err := xmldsig.Verify(key, doc)
|
||||
if err == xmldsig.ErrVerificationFailed {
|
||||
os.Exit(1)
|
||||
}
|
||||
56
examples/xmldsig.go
Normal file
56
examples/xmldsig.go
Normal file
@@ -0,0 +1,56 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"flag"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
|
||||
"github.com/crewjam/go-xmlsec/xmldsig"
|
||||
)
|
||||
|
||||
func main() {
|
||||
doVerify := flag.Bool("v", false, "verify the document")
|
||||
doSign := flag.Bool("s", false, "sign the document")
|
||||
keyPath := flag.String("k", "", "the path to the key")
|
||||
flag.Parse()
|
||||
|
||||
if !*doVerify && !*doSign {
|
||||
fmt.Println("you must specify -v to verify or -s to sign")
|
||||
os.Exit(1)
|
||||
}
|
||||
if *keyPath == "" {
|
||||
fmt.Println("you must specify a key file")
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
key, err := ioutil.ReadFile(*keyPath)
|
||||
if err != nil {
|
||||
fmt.Printf("%s\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
buf, err := ioutil.ReadAll(os.Stdin)
|
||||
|
||||
if *doSign {
|
||||
signedBuf, err := xmldsig.Sign(key, string(buf))
|
||||
if err != nil {
|
||||
fmt.Printf("%s\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
fmt.Print(signedBuf)
|
||||
}
|
||||
|
||||
if *doVerify {
|
||||
err := xmldsig.Verify(key, string(buf))
|
||||
if err == xmldsig.ErrVerificationFailed {
|
||||
fmt.Println("signature is not correct")
|
||||
os.Exit(1)
|
||||
}
|
||||
if err != nil {
|
||||
fmt.Printf("error: %s\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
fmt.Println("signature is correct")
|
||||
}
|
||||
}
|
||||
@@ -18,6 +18,10 @@ import "C"
|
||||
// #include "libxml/parser.h"
|
||||
// #include "libxml/parserInternals.h"
|
||||
// #include "libxml/xmlmemory.h"
|
||||
// // Macro wrapper function
|
||||
// static inline void MY_xmlFree(void *p) {
|
||||
// xmlFree(p);
|
||||
// }
|
||||
import "C"
|
||||
|
||||
func init() {
|
||||
@@ -81,7 +85,7 @@ func dumpDoc(doc *C.xmlDoc) string {
|
||||
var bufferSize C.int
|
||||
C.xmlDocDumpMemory(doc, &buffer, &bufferSize)
|
||||
rv := C.GoStringN((*C.char)(unsafe.Pointer(buffer)), bufferSize)
|
||||
C.xmlMemFree(unsafe.Pointer(buffer))
|
||||
C.MY_xmlFree(unsafe.Pointer(buffer))
|
||||
return rv
|
||||
}
|
||||
|
||||
@@ -120,6 +124,7 @@ func Sign(key []byte, docStr string) (string, error) {
|
||||
return dumpDoc(doc), nil
|
||||
}
|
||||
|
||||
// ErrVerificationFailed is returned from Verify when the signature is incorrect
|
||||
var ErrVerificationFailed = errors.New("signature verification failed")
|
||||
|
||||
const (
|
||||
|
||||
Reference in New Issue
Block a user