clean up, add documentation, fix lint errors

2015-12-23 14:09:41 -05:00
parent 9cc70cf455
commit b31c1472a0
15 changed files with 191 additions and 130 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,2 @@
+coverage.html
+coverage.out
--- a/.travis.yml
+++ b/.travis.yml
@@ -8,3 +8,8 @@ addons:

 go:
  - 1.5
+
+script:
+ - golint *.go
+ - go vet ./...
+ - go test -v ./...
--- a/decrypt.go
+++ b/decrypt.go
@@ -19,7 +19,9 @@ import "C"
 // #include <libxml/xmlmemory.h>
 import "C"

-func DecryptXML(privateKey []byte, doc []byte) ([]byte, error) {
+// Decrypt finds the first encrypted part of doc, decrypts it using
+// privateKey and returns the plaintext of the embedded document.
+func Decrypt(privateKey []byte, doc []byte) ([]byte, error) {
 	startProcessingXML()
 	defer stopProcessingXML()

--- a/decrypt_test.go
+++ b/decrypt_test.go
--- a/encrypt.go
+++ b/encrypt.go
@@ -21,44 +21,87 @@ package xmlsec
 import "C"

 import (
-	"fmt"
+	"errors"
 	"unsafe"
 )

+// SessionCipherType represents which session cipher to use to encrypt the document.
+type SessionCipherType int
+
 const (
-	DefaultAlgorithm = iota
+	// DefaultSessionCipher (the zero value) represents the default session cipher, AES256-CBC
+	DefaultSessionCipher SessionCipherType = iota
+
+	// Aes128Cbc means the session cipher should be AES-128 in CBC mode.
 	Aes128Cbc
+
+	// Aes192Cbc means the session cipher should be AES-192 in CBC mode.
 	Aes192Cbc
+
+	// Aes256Cbc means the session cipher should be AES-256 in CBC mode.
 	Aes256Cbc
+
+	// Des3Cbc means the session cipher should be triple DES in CBC mode.
 	Des3Cbc
-	DsaSha1
-	Sha1
-	Sha256
-	Sha384
-	Sha512
+)
+
+// CipherType represent which cipher to use to encrypt the document
+type CipherType int
+
+const (
+	// DefaultCipher (the zero value) represents the default cipher, RSA-OAEP
+	DefaultCipher CipherType = iota
+
+	// RsaOaep means the cipher should be RSA-OAEP
 	RsaOaep
+
+	// RsaPkcs1 means the cipher should be RSA-PKCS1
 	RsaPkcs1
 )

-type Options struct {
-	SessionCipher   int
-	Cipher          int
-	DigestAlgorithm int
+// DigestAlgorithmType represent which digest algorithm to use when encrypting the document.
+type DigestAlgorithmType int
+
+const (
+	// DefaultDigestAlgorithm (the zero value) represents the default cipher, SHA1
+	DefaultDigestAlgorithm DigestAlgorithmType = iota
+
+	// Sha1 means the digest algorithm should be SHA-1
+	Sha1
+
+	// Sha256 means the digest algorithm should be SHA-256
+	Sha256
+
+	// Sha384 means the digest algorithm should be SHA-384
+	Sha384
+
+	// Sha512 means the digest algorithm should be SHA-512
+	Sha512
+)
+
+// EncryptOptions specifies the ciphers to use to encrypt the document.
+type EncryptOptions struct {
+	SessionCipher   SessionCipherType
+	Cipher          CipherType
+	DigestAlgorithm DigestAlgorithmType
 }

-// XmlEncrypt encrypts the XML document to publicKey.
-func XmlEncrypt(publicKey, doc []byte, opts Options) ([]byte, error) {
+var errInvalidAlgorithm = errors.New("invalid algorithm")
+
+// Encrypt encrypts the XML document to publicKey and returns the encrypted
+// document.
+func Encrypt(publicKey, doc []byte, opts EncryptOptions) ([]byte, error) {
 	startProcessingXML()
 	defer stopProcessingXML()

 	keysMngr := C.xmlSecKeysMngrCreate()
 	if keysMngr == nil {
-		return nil, fmt.Errorf("xmlSecKeysMngrCreate failed")
+		return nil, mustPopError()
 	}
 	defer C.xmlSecKeysMngrDestroy(keysMngr)

 	if rv := C.xmlSecCryptoAppDefaultKeysMngrInit(keysMngr); rv < 0 {
-		return nil, fmt.Errorf("xmlSecCryptoAppDefaultKeysMngrInit failed")
+		return nil, mustPopError()
 	}

 	key := C.xmlSecCryptoAppKeyLoadMemory(
@@ -67,7 +110,7 @@ func XmlEncrypt(publicKey, doc []byte, opts Options) ([]byte, error) {
 		C.xmlSecKeyDataFormatCertPem,
 		nil, nil, nil)
 	if key == nil {
-		return nil, fmt.Errorf("xmlSecCryptoAppKeyLoadMemory failed")
+		return nil, mustPopError()
 	}

 	if rv := C.xmlSecCryptoAppKeyCertLoadMemory(key,
@@ -75,11 +118,11 @@ func XmlEncrypt(publicKey, doc []byte, opts Options) ([]byte, error) {
 		C.xmlSecSize(len(publicKey)),
 		C.xmlSecKeyDataFormatCertPem); rv < 0 {
 		C.xmlSecKeyDestroy(key)
-		return nil, fmt.Errorf("xmlSecCryptoAppKeyCertLoad failed")
+		return nil, mustPopError()
 	}

 	if rv := C.xmlSecCryptoAppDefaultKeysMngrAdoptKey(keysMngr, key); rv < 0 {
-		return nil, fmt.Errorf("xmlSecCryptoAppDefaultKeysMngrAdoptKey failed")
+		return nil, mustPopError()
 	}

 	parsedDoc, err := newDoc(doc)
@@ -90,7 +133,7 @@ func XmlEncrypt(publicKey, doc []byte, opts Options) ([]byte, error) {

 	var sessionCipherTransform C.xmlSecTransformId
 	switch opts.SessionCipher {
-	case DefaultAlgorithm:
+	case DefaultSessionCipher:
 		sessionCipherTransform = C.MY_xmlSecTransformAes256CbcId()
 	case Aes256Cbc:
 		sessionCipherTransform = C.MY_xmlSecTransformAes256CbcId()
@@ -101,7 +144,7 @@ func XmlEncrypt(publicKey, doc []byte, opts Options) ([]byte, error) {
 	case Des3Cbc:
 		sessionCipherTransform = C.MY_xmlSecTransformDes3CbcId()
 	default:
-		return nil, fmt.Errorf("XXX")
+		return nil, errInvalidAlgorithm
 	}

 	// create encryption template to encrypt XML file and replace
@@ -109,7 +152,7 @@ func XmlEncrypt(publicKey, doc []byte, opts Options) ([]byte, error) {
 	encDataNode := C.xmlSecTmplEncDataCreate(parsedDoc, sessionCipherTransform,
 		nil, (*C.xmlChar)(unsafe.Pointer(&C.xmlSecTypeEncElement)), nil, nil)
 	if encDataNode == nil {
-		return nil, fmt.Errorf("xmlSecTmplEncDataCreate failed")
+		return nil, mustPopError()
 	}
 	defer func() {
 		if encDataNode != nil {
@@ -120,19 +163,19 @@ func XmlEncrypt(publicKey, doc []byte, opts Options) ([]byte, error) {

 	// we want to put encrypted data in the <enc:CipherValue/> node
 	if C.xmlSecTmplEncDataEnsureCipherValue(encDataNode) == nil {
-		return nil, fmt.Errorf("xmlSecTmplEncDataEnsureCipherValue failed")
+		return nil, mustPopError()
 	}

 	// add <dsig:KeyInfo/>
 	keyInfoNode := C.xmlSecTmplEncDataEnsureKeyInfo(encDataNode, nil)
 	if keyInfoNode == nil {
-		return nil, fmt.Errorf("xmlSecTmplEncDataEnsureKeyInfo failed")
+		return nil, mustPopError()
 	}

 	// add <enc:EncryptedKey/> to store the encrypted session key
 	var cipherTransform C.xmlSecTransformId
 	switch opts.Cipher {
-	case DefaultAlgorithm:
+	case DefaultCipher:
 		cipherTransform = C.MY_xmlSecTransformRsaOaepId()
 	case RsaOaep:
 		cipherTransform = C.MY_xmlSecTransformRsaOaepId()
@@ -141,39 +184,39 @@ func XmlEncrypt(publicKey, doc []byte, opts Options) ([]byte, error) {
 	}
 	encKeyNode := C.xmlSecTmplKeyInfoAddEncryptedKey(keyInfoNode, cipherTransform, nil, nil, nil)
 	if encKeyNode == nil {
-		return nil, fmt.Errorf("xmlSecTmplKeyInfoAddEncryptedKey failed")
+		return nil, mustPopError()
 	}

 	// we want to put encrypted key in the <enc:CipherValue/> node
 	if C.xmlSecTmplEncDataEnsureCipherValue(encKeyNode) == nil {
-		return nil, fmt.Errorf("xmlSecTmplEncDataEnsureCipherValue failed")
+		return nil, mustPopError()
 	}

 	// add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to <enc:EncryptedKey/>
 	keyInfoNode2 := C.xmlSecTmplEncDataEnsureKeyInfo(encKeyNode, nil)
 	if keyInfoNode2 == nil {
-		return nil, fmt.Errorf("xmlSecTmplEncDataEnsureKeyInfo failed")
+		return nil, mustPopError()
 	}
 	// Add a DigestMethod element to the encryption method node
 	{
 		encKeyMethod := C.xmlSecTmplEncDataGetEncMethodNode(encKeyNode)
-		var ns = constXmlChar("http://www.w3.org/2000/09/xmldsig#")
-		var strDigestMethod = constXmlChar("DigestMethod")
-		var strAlgorithm = constXmlChar("Algorithm")
+		var ns = constXMLChar("http://www.w3.org/2000/09/xmldsig#")
+		var strDigestMethod = constXMLChar("DigestMethod")
+		var strAlgorithm = constXMLChar("Algorithm")
 		var algorithm *C.xmlChar
 		switch opts.DigestAlgorithm {
 		case Sha512:
-			algorithm = constXmlChar("http://www.w3.org/2001/04/xmlenc#sha512")
+			algorithm = constXMLChar("http://www.w3.org/2001/04/xmlenc#sha512")
 		case Sha384:
-			algorithm = constXmlChar("http://www.w3.org/2001/04/xmldsig-more#sha384")
+			algorithm = constXMLChar("http://www.w3.org/2001/04/xmldsig-more#sha384")
 		case Sha256:
-			algorithm = constXmlChar("http://www.w3.org/2001/04/xmlenc#sha256")
+			algorithm = constXMLChar("http://www.w3.org/2001/04/xmlenc#sha256")
 		case Sha1:
-			algorithm = constXmlChar("http://www.w3.org/2000/09/xmldsig#sha1")
-		case DefaultAlgorithm:
-			algorithm = constXmlChar("http://www.w3.org/2000/09/xmldsig#sha1")
+			algorithm = constXMLChar("http://www.w3.org/2000/09/xmldsig#sha1")
+		case DefaultDigestAlgorithm:
+			algorithm = constXMLChar("http://www.w3.org/2000/09/xmldsig#sha1")
 		default:
-			return nil, fmt.Errorf("unknown digest algorithm %d", opts.DigestAlgorithm)
+			return nil, errInvalidAlgorithm
 		}
 		node := C.xmlSecAddChild(encKeyMethod, strDigestMethod, ns)
 		C.xmlSetProp(node, strAlgorithm, algorithm)
@@ -182,22 +225,22 @@ func XmlEncrypt(publicKey, doc []byte, opts Options) ([]byte, error) {
 	// add our certificate to KeyInfoNode
 	x509dataNode := C.xmlSecTmplKeyInfoAddX509Data(keyInfoNode2)
 	if x509dataNode == nil {
-		return nil, fmt.Errorf("xmlSecTmplKeyInfoAddX509Data failed")
+		return nil, mustPopError()
 	}
 	if dataNode := C.xmlSecTmplX509DataAddCertificate(x509dataNode); dataNode == nil {
-		return nil, fmt.Errorf("xmlSecTmplX509DataAddCertificate failed")
+		return nil, mustPopError()
 	}

 	// create encryption context
 	var encCtx = C.xmlSecEncCtxCreate(keysMngr)
 	if encCtx == nil {
-		return nil, fmt.Errorf("xmlSecEncCtxCreate failed")
+		return nil, mustPopError()
 	}
 	defer C.xmlSecEncCtxDestroy(encCtx)

 	// generate a key of the appropriate type
 	switch opts.SessionCipher {
-	case DefaultAlgorithm:
+	case DefaultSessionCipher:
 		encCtx.encKey = C.xmlSecKeyGenerate(C.MY_xmlSecKeyDataAesId(), 256,
 			C.xmlSecKeyDataTypeSession)
 	case Aes128Cbc:
@@ -213,15 +256,15 @@ func XmlEncrypt(publicKey, doc []byte, opts Options) ([]byte, error) {
 		encCtx.encKey = C.xmlSecKeyGenerate(C.MY_xmlSecKeyDataDesId(), 192,
 			C.xmlSecKeyDataTypeSession)
 	default:
-		return nil, fmt.Errorf("unknown cipher type %d", opts.SessionCipher)
+		return nil, errInvalidAlgorithm
 	}
 	if encCtx.encKey == nil {
-		return nil, fmt.Errorf("xmlSecKeyGenerate failed")
+		return nil, mustPopError()
 	}

 	// encrypt the data
 	if rv := C.xmlSecEncCtxXmlEncrypt(encCtx, encDataNode, C.xmlDocGetRootElement(parsedDoc)); rv < 0 {
-		return nil, fmt.Errorf("xmlSecEncCtxXmlEncrypt failed")
+		return nil, mustPopError()
 	}
 	encDataNode = nil // the template is inserted in the doc, so we don't own it

--- a/encrypt_realworld_test.go
+++ b/encrypt_realworld_test.go
--- a/encrypt_test.go
+++ b/encrypt_test.go
@@ -82,10 +82,10 @@ cvCsEFiJZ4AbF+DgmO6TarJ8O05t8zvnOwJlNCASPZRH/JmF8tX0hoHuAQ==</ds:X509Certificate
 }

 func (testSuite *EncryptTest) TestEncrypt(c *C) {
-	encryptedString, err := XmlEncrypt(testSuite.Cert, testSuite.Plaintext, Options{})
+	encryptedString, err := Encrypt(testSuite.Cert, testSuite.Plaintext, EncryptOptions{})
 	c.Assert(err, IsNil)

-	actualPlaintext, err := DecryptXML(testSuite.Key, encryptedString)
+	actualPlaintext, err := Decrypt(testSuite.Key, encryptedString)
 	c.Assert(err, IsNil)

 	plaintextDoc, _ := newDoc(testSuite.Plaintext)
--- a/error.go
+++ b/error.go
@@ -10,7 +10,7 @@ import (

 var globalErrors = map[uintptr]errset.ErrSet{}

-type Error struct {
+type libraryError struct {
 	FileName string
 	Line     int
 	FuncName string
@@ -20,7 +20,7 @@ type Error struct {
 	Message  string
 }

-func (e Error) Error() string {
+func (e libraryError) Error() string {
 	return fmt.Sprintf(
 		"func=%s:file=%s:line=%d:obj=%s:subj=%s:error=%d:%s",
 		e.FuncName,
@@ -34,7 +34,7 @@ func (e Error) Error() string {

 //export onError
 func onError(file *C.char, line C.int, funcName *C.char, errorObject *C.char, errorSubject *C.char, reason C.int, msg *C.char) {
-	err := Error{
+	err := libraryError{
 		FuncName: C.GoString(funcName),
 		FileName: C.GoString(file),
 		Line:     int(line),
@@ -42,7 +42,7 @@ func onError(file *C.char, line C.int, funcName *C.char, errorObject *C.char, er
 		Subject:  C.GoString(errorSubject),
 		Reason:   int(reason),
 		Message:  C.GoString(msg)}
-	threadID := getThreadId()
+	threadID := getThreadID()
 	globalErrors[threadID] = append(globalErrors[threadID], err)
 }

@@ -51,21 +51,31 @@ func onError(file *C.char, line C.int, funcName *C.char, errorObject *C.char, er
 // error object.
 func startProcessingXML() {
 	runtime.LockOSThread()
-	globalErrors[getThreadId()] = errset.ErrSet{}
+	globalErrors[getThreadID()] = errset.ErrSet{}
 }

 // stopProcessingXML unlocks the goroutine-thread lock and deletes the current
 // error stack.
 func stopProcessingXML() {
 	runtime.UnlockOSThread()
-	delete(globalErrors, getThreadId())
+	delete(globalErrors, getThreadID())
 }

 // popError returns the global error for the current thread and resets it to
 // an empty error. Returns nil if no errors have occurred.
 func popError() error {
-	threadID := getThreadId()
+	threadID := getThreadID()
 	rv := globalErrors[threadID].ReturnValue()
 	globalErrors[threadID] = errset.ErrSet{}
 	return rv
 }
+
+// mustPopError is like popError except that if there is no error on the stack
+// it returns a generic error.
+func mustPopError() error {
+	err := popError()
+	if err == nil {
+		err = fmt.Errorf("libxmlsec: call failed")
+	}
+	return err
+}
--- a/examples/xmldsig.go
+++ b/examples/xmldsig.go
@@ -33,7 +33,7 @@ func main() {
 	buf, err := ioutil.ReadAll(os.Stdin)

 	if *doSign {
-		signedBuf, err := xmlsec.Sign(key, buf, xmlsec.DsigOptions{})
+		signedBuf, err := xmlsec.Sign(key, buf, xmlsec.SignatureOptions{})
 		if err != nil {
 			fmt.Printf("%s\n", err)
 			os.Exit(1)
@@ -42,7 +42,7 @@ func main() {
 	}

 	if *doVerify {
-		err := xmlsec.Verify(key, buf, xmlsec.DsigOptions{})
+		err := xmlsec.Verify(key, buf, xmlsec.SignatureOptions{})
 		if err == xmlsec.ErrVerificationFailed {
 			fmt.Println("signature is not correct")
 			os.Exit(1)
--- a/signature.go
+++ b/signature.go
@@ -37,11 +37,12 @@ type Signature struct {
 	X509Certificate        *SignatureX509Data `xml:"KeyInfo>X509Data,omitempty"`
 }

+// SignatureX509Data represents the <X509Data> element of <Signature>
 type SignatureX509Data struct {
 	X509Certificate string `xml:"X509Certificate,omitempty"`
 }

-// DefaultSignature populates a default Signature that uses c14n and SHA1.
+// DefaultSignature returns a Signature struct that uses the default c14n and SHA1 settings.
 func DefaultSignature(pemEncodedPublicKey []byte) Signature {
 	// xmlsec wants the key to be base64-encoded but *not* wrapped with the
 	// PEM flags
--- a/thread_darwin.go
+++ b/thread_darwin.go
@@ -5,6 +5,6 @@ import "unsafe"
 // #include <pthread.h>
 import "C"

-func getThreadId() uintptr {
+func getThreadID() uintptr {
 	return uintptr(unsafe.Pointer(C.pthread_self()))
 }
--- a/thread_linux.go
+++ b/thread_linux.go
@@ -2,6 +2,6 @@ package xmlsec

 import "syscall"

-func getThreadId() uintptr {
+func getThreadID() uintptr {
 	return uintptr(syscall.Gettid())
 }
--- a/xmldsig.go
+++ b/xmldsig.go
@@ -2,7 +2,6 @@ package xmlsec

 import (
 	"errors"
-	"fmt"
 	"unsafe"
 )

@@ -15,9 +14,9 @@ import (
 // #include <xmlsec/crypto.h>
 import "C"

-// DsigOptions represents additional, less commonly used, options for Sign and
+// SignatureOptions represents additional, less commonly used, options for Sign and
 // Verify
-type DsigOptions struct {
+type SignatureOptions struct {
 	// Specify the name of ID attributes for specific elements. This
 	// may be required if the signed document contains Reference elements
 	// that define which parts of the document are to be signed.
@@ -28,18 +27,19 @@ type DsigOptions struct {
 	XMLID []XMLIDOption
 }

+// XMLIDOption represents the definition of an XML reference element
+// (See http://www.w3.org/TR/xml-id/)
 type XMLIDOption struct {
 	ElementName      string
 	ElementNamespace string
 	AttributeName    string
 }

-// Sign returns a version of docStr signed with key according to
-// the XML-DSIG standard. docStr is a template document meaning
-// that it contains a `Signature` element in the
-// http://www.w3.org/2000/09/xmldsig# namespace.
-func Sign(key []byte, doc []byte, opts DsigOptions) ([]byte, error) {
-
+// Sign returns a version of doc signed with key according to
+// the XML-DSIG standard. doc is a template document meaning
+// that it contains an `http://www.w3.org/2000/09/xmldsig#Signature`
+// element whose properties define how and what to sign.
+func Sign(key []byte, doc []byte, opts SignatureOptions) ([]byte, error) {
 	startProcessingXML()
 	defer stopProcessingXML()

@@ -88,22 +88,22 @@ const (
 	xmlSecDSigStatusInvalid   = 2
 )

-// Verify checks that the signature in docStr is valid according
+// Verify checks that the signature in doc is valid according
 // to the XML-DSIG specification. publicKey is the public part of
-// the key used to sign docStr. If the signature is not correct,
+// the key used to sign doc. If the signature is not correct,
 // this function returns ErrVerificationFailed.
-func Verify(publicKey []byte, doc []byte, opts DsigOptions) error {
+func Verify(publicKey []byte, doc []byte, opts SignatureOptions) error {
 	startProcessingXML()
 	defer stopProcessingXML()

 	keysMngr := C.xmlSecKeysMngrCreate()
 	if keysMngr == nil {
-		return fmt.Errorf("xmlSecKeysMngrCreate failed")
+		return mustPopError()
 	}
 	defer C.xmlSecKeysMngrDestroy(keysMngr)

 	if rv := C.xmlSecCryptoAppDefaultKeysMngrInit(keysMngr); rv < 0 {
-		return fmt.Errorf("xmlSecCryptoAppDefaultKeysMngrInit failed")
+		return mustPopError()
 	}

 	key := C.xmlSecCryptoAppKeyLoadMemory(
@@ -112,7 +112,7 @@ func Verify(publicKey []byte, doc []byte, opts DsigOptions) error {
 		C.xmlSecKeyDataFormatCertPem,
 		nil, nil, nil)
 	if key == nil {
-		return fmt.Errorf("xmlSecCryptoAppKeyLoadMemory failed")
+		return mustPopError()
 	}

 	if rv := C.xmlSecCryptoAppKeyCertLoadMemory(key,
@@ -120,16 +120,16 @@ func Verify(publicKey []byte, doc []byte, opts DsigOptions) error {
 		C.xmlSecSize(len(publicKey)),
 		C.xmlSecKeyDataFormatCertPem); rv < 0 {
 		C.xmlSecKeyDestroy(key)
-		return fmt.Errorf("xmlSecCryptoAppKeyCertLoad failed")
+		return mustPopError()
 	}

 	if rv := C.xmlSecCryptoAppDefaultKeysMngrAdoptKey(keysMngr, key); rv < 0 {
-		return fmt.Errorf("xmlSecCryptoAppDefaultKeysMngrAdoptKey failed")
+		return mustPopError()
 	}

 	dsigCtx := C.xmlSecDSigCtxCreate(keysMngr)
 	if dsigCtx == nil {
-		return fmt.Errorf("xmlSecDSigCtxCreate failed")
+		return mustPopError()
 	}
 	defer C.xmlSecDSigCtxDestroy(dsigCtx)

--- a/xmldsig_test.go
+++ b/xmldsig_test.go
--- a/xmlsec.go
+++ b/xmlsec.go
@@ -57,7 +57,6 @@ func newDoc(buf []byte) (*C.xmlDoc, error) {
 	}
 	defer C.xmlFreeParserCtxt(ctx)

-	//C.xmlCtxtUseOptions(ctx, C.int(p.Options))
 	C.xmlParseDocument(ctx)

 	if ctx.wellFormed == C.int(0) {
@@ -72,7 +71,7 @@ func newDoc(buf []byte) (*C.xmlDoc, error) {
 	return doc, nil
 }

-func newDoc2(buf []byte, opts DsigOptions) (*C.xmlDoc, error) {
+func newDoc2(buf []byte, opts SignatureOptions) (*C.xmlDoc, error) {
 	ctx := C.xmlCreateMemoryParserCtxt((*C.char)(unsafe.Pointer(&buf[0])),
 		C.int(len(buf)))
 	if ctx == nil {
@@ -80,7 +79,6 @@ func newDoc2(buf []byte, opts DsigOptions) (*C.xmlDoc, error) {
 	}
 	defer C.xmlFreeParserCtxt(ctx)

-	//C.xmlCtxtUseDsigOptions(ctx, C.int(p.DsigOptions))
 	C.xmlParseDocument(ctx)

 	if ctx.wellFormed == C.int(0) {
@@ -146,6 +144,6 @@ func dumpDoc(doc *C.xmlDoc) []byte {
 	return []byte(rv)
 }

-func constXmlChar(s string) *C.xmlChar {
+func constXMLChar(s string) *C.xmlChar {
 	return (*C.xmlChar)(unsafe.Pointer(C.CString(s)))
 }