5
#include <libxml/xmlmemory.h>
6
#include <libxml/tree.h>
7
#include <libxml/parser.h>
9
#include <openssl/err.h>
10
#include <openssl/rand.h>
12
#include <xmlsec/xmlsec.h>
13
#include <xmlsec/xmldsig.h>
14
#include <xmlsec/xmlenc.h>
15
#include <xmlsec/keys.h>
16
#include <xmlsec/keysmngr.h>
17
#include <xmlsec/transforms.h>
18
#include <xmlsec/xmltree.h>
22
#define keyfile "../ssl/test.key"
23
#define crtfile "../ssl/test.crt"
26
xmlSecKeysMngrPtr keysMngr = 0;
27
xmlSecKeysMngrPtr vkeysMngr = 0;
28
xmlSecDSigCtxPtr dsigCtx = 0;
29
xmlSecDSigCtxPtr vdsigCtx = 0;
30
xmlSecEncCtxPtr encCtx = 0;
31
xmlSecEncCtxPtr decCtx = 0;
32
xmlNodePtr signature = 0;
34
xmlSecKeyPtr key,crt,skey;
36
void initXML(struct TestData *td) {
40
void releaseXML(struct TestData *td) {
43
xmlSecSignatureDestroy(signature);
45
xmlSecDSigCtxDestroy(dsigCtx);
46
xmlSecSimpleKeysMngrDestroy(keysMngr);
47
xmlSecDSigCtxDestroy(vdsigCtx);
48
xmlSecSimpleKeysMngrDestroy(vkeysMngr);
50
xmlSecEncCtxDestroy(encCtx);
51
xmlSecEncCtxDestroy(decCtx);
64
void initXML_Security(struct TestData *td) {
66
xmlNodePtr si_node,cm_node,sm_node,r_node,dm_node,t_node;
67
xmlNodePtr em_node,cv_node,ki_node,kn_node;
68
xmlNodePtr node_k_em,node_k_cv,node_k_ki,node_k_kn;
70
/* Initialising OpenSSL */
71
while (RAND_status() != 1) {
72
RAND_seed(&rndseed, sizeof(rndseed));
75
/* Initialising XML Security */
78
keysMngr = xmlSecSimpleKeysMngrCreate();
79
if(keysMngr == NULL) {
80
fprintf(stderr, "Error: failed to create keys manager!\n");
84
key=xmlSecSimpleKeysMngrLoadPemKey(keysMngr, keyfile, 0/*password*/, 0/*password callback*/, 1/*private key*/);
86
fprintf(stderr, "Error: failed to load key from \"%s\"\n", keyfile);
89
key->name = xmlStrdup(BAD_CAST "rsakey");
91
vkeysMngr = xmlSecSimpleKeysMngrCreate();
92
if(vkeysMngr == NULL) {
93
fprintf(stderr, "Error: failed to create keys manager!\n");
97
crt=xmlSecSimpleKeysMngrLoadPemKey(vkeysMngr, crtfile, 0/*password*/, 0/*password callback*/, 0/*private key*/);
99
fprintf(stderr, "Error: failed to load certificate from \"%s\"\n", crtfile);
102
crt->name = xmlStrdup(BAD_CAST "rsapubkey");
104
// keysMngr->allowedOrigins = xmlSecKeyOriginKeyManager | xmlSecKeyOriginKeyName;
105
// vkeysMngr->allowedOrigins = xmlSecKeyOriginKeyManager | xmlSecKeyOriginKeyName;
107
dsigCtx = xmlSecDSigCtxCreate(keysMngr);
108
if(dsigCtx == NULL) {
109
fprintf(stderr,"Error: failed to create dsig context\n");
113
vdsigCtx = xmlSecDSigCtxCreate(vkeysMngr);
114
if(dsigCtx == NULL) {
115
fprintf(stderr,"Error: failed to create dsig context\n");
119
encCtx = xmlSecEncCtxCreate(vkeysMngr);
121
fprintf(stderr, "Error: failed to create encryption context\n");
125
decCtx = xmlSecEncCtxCreate(keysMngr);
127
fprintf(stderr, "Error: failed to create encryption context\n");
131
/* Creating symmetric DES key */
132
skey = xmlSecKeyCreate(xmlSecDesKey, xmlSecKeyOriginDefault);
134
fprintf(stderr, "Error: failed to create des3 key (init structure)\n");
138
if (xmlSecDesKeyGenerate(skey, NULL, 24)<0) {
139
fprintf(stderr, "Error: failed to create des3 key (generate)\n");
143
skey->name = xmlStrdup(BAD_CAST "skey");
145
if (xmlSecSimpleKeysMngrAddKey(vkeysMngr, skey)<0) {
146
fprintf(stderr, "Error: failed to add des3 key into KeyManager\n");
150
/* Creating Signature */
151
signature = xmlSecSignatureCreate(NULL);
152
if(signature == NULL) {
153
fprintf(stderr,"Error: failed to create signature node\n");
157
si_node = xmlSecSignatureAddSignedInfo(signature, NULL);
158
if(si_node == NULL) {
159
fprintf(stderr,"Error: failed to create SignedInfo node\n");
163
cm_node = xmlSecSignedInfoAddC14NMethod(si_node, xmlSecC14NInclusive /* algorithm */);
164
if(cm_node == NULL) {
165
fprintf(stderr,"Error: failed to create CanocalizationMethods node\n");
169
sm_node = xmlSecSignedInfoAddSignMethod(si_node, xmlSecSignRsaSha1 /* key type */);
170
if(sm_node == NULL) {
171
fprintf(stderr,"Error: failed to create SignMethod node\n");
175
r_node = xmlSecSignedInfoAddReference(si_node,0/*node_id*/,0/*node_uri*/,0/*node_type*/);
177
fprintf(stderr,"Error: failed to create Reference node\n");
181
t_node = xmlSecReferenceAddTransform(r_node, xmlSecTransformEnveloped /* Signing enveloped element */);
183
fprintf(stderr,"Error: failed to add enveloped transform\n");
187
dm_node = xmlSecReferenceAddDigestMethod(r_node, xmlSecDigestSha1);
188
if(dm_node == NULL) {
189
fprintf(stderr,"Error: failed to add DigestMethod node\n");
193
/* Creating encryption Node */
195
enc = xmlSecEncDataCreate(NULL, xmlSecEncTypeElement, NULL, NULL);
197
fprintf(stderr, "Error: EncryptedData node creation failed\n");
201
em_node=xmlSecEncDataAddEncMethod(enc, xmlSecEncDes3Cbc);
202
if(em_node == NULL) {
203
fprintf(stderr, "Error: failed to add EncryptionMethod node\n");
207
cv_node = xmlSecEncDataAddCipherValue(enc);
208
if(cv_node == NULL) {
209
fprintf(stderr, "Error: failed to add CipherValue node\n");
213
ki_node = xmlSecEncDataAddKeyInfo(enc);
214
if(ki_node == NULL) {
215
fprintf(stderr, "Error: failed to add KeyInfo node\n");
219
/* kn_node = xmlSecKeyInfoAddKeyName(ki_node);
220
if(kn_node == NULL) {
221
fprintf(stderr, "Error: failed to add KeyName node\n");
225
encKey = xmlSecKeyInfoAddEncryptedKey(ki_node, NULL, NULL, NULL);
227
fprintf(stderr, "Error: failed to add EncryptedKey node\n");
231
node_k_em = xmlSecEncDataAddEncMethod(encKey, xmlSecEncRsaPkcs1);
232
if(node_k_em == NULL) {
233
fprintf(stderr, "Error: failed to add EncryptedMethod node to EncryptedKey\n");
237
node_k_cv = xmlSecEncDataAddCipherValue(encKey);
238
if(node_k_cv == NULL) {
239
fprintf(stderr, "Error: failed to add CipherValue node to EncryptedKey \n");
243
node_k_ki = xmlSecEncDataAddKeyInfo(encKey);
244
if(node_k_ki == NULL) {
245
fprintf(stderr, "Error: failed to add KeyInfo node to EncryptedKey\n");
249
node_k_kn = xmlSecKeyInfoAddKeyName(node_k_ki);
250
if(node_k_kn == NULL) {
251
fprintf(stderr, "Error: failed to add KeyName node to EncryptedKey\n");
256
void parseXML(struct TestData *td, unsigned long iter) {
261
doc=xmlParseMemory(td->xml,td->xmllen);
263
fprintf(stderr,"Error parsing document!\n");
271
void signXML(struct TestData *td, unsigned long iter) {
273
xmlSecDSigResultPtr result;
275
node=xmlCopyNode(signature,1);
278
fprintf(stderr,"Error: failed copy Signature Node!\n");
282
if(xmlAddChild(xmlDocGetRootElement(doc), node) == NULL) {
283
fprintf(stderr,"Error: failed to add Signature into the Document!\n");
287
if (xmlSecDSigGenerate(dsigCtx, NULL, key, node, &result)<0) {
288
fprintf(stderr,"Error: signature failed\n");
292
xmlSecDSigResultDestroy(result);
295
if (iter==td->iterations) {
296
xmlDocDumpMemory(doc,&mem,&memsize);
303
void verifyXML(struct TestData *td, unsigned long iter) {
305
xmlSecDSigResultPtr result;
307
node = xmlSecFindNode(xmlDocGetRootElement(doc), BAD_CAST "Signature", xmlSecDSigNs);
309
fprintf(stderr,"Error: failed to find Signature node in Document\n");
313
if (xmlSecDSigValidate(vdsigCtx, NULL, crt, node, &result)<0) {
314
fprintf(stderr,"Error: Verification failed (processing error)\n");
318
if (result->result!=xmlSecTransformStatusOk) {
319
fprintf(stderr,"Error: Verification failed (verification error)\n");
323
// xmlSecDSigResultDebugDump(result, stdout);
325
xmlSecDSigResultDestroy(result);
328
/* In case if EncryptedData "type" attribute isn't specified!
330
void encryptXML(struct TestData *td, unsigned long iter) {
332
xmlNodePtr node,enode;
333
xmlSecEncResultPtr result = 0;
335
node=xmlCopyNode(enc,1);
336
enode=xmlDocGetRootElement(doc);
338
// If this 2 commands place in other direction, - not all subnodes
339
// of node will attached to right doc. Why?
340
xmlSetTreeDoc(node,doc);
341
xmlDocSetRootElement(doc, node);
343
if (xmlSecEncryptXmlNode(encCtx, NULL, skey, node, enode, &result)<0) {
344
fprintf(stderr, "Error: Encryption Failed!\n");
347
xmlSecEncResultDestroy(result);
352
void encryptXML(struct TestData *td, unsigned long iter) {
354
xmlNodePtr node,enode;
355
xmlSecEncResultPtr result = 0;
357
node=xmlCopyNode(enc,1);
358
enode=xmlDocGetRootElement(doc);
359
xmlAddChild(enode,node);
361
if (xmlSecEncryptXmlNode(encCtx, NULL, skey, node, enode, &result)<0) {
362
fprintf(stderr, "Error: Encryption Failed!\n");
365
xmlSecEncResultDestroy(result);
368
if (iter==td->iterations) {
369
xmlDocDumpMemory(doc,&mem,&memsize);
376
void decryptXML(struct TestData *td, unsigned long iter) {
378
xmlSecEncResultPtr result = 0;
380
if (xmlSecDecrypt(decCtx, NULL, NULL, xmlDocGetRootElement(doc), &result)<0) {
381
fprintf(stderr, "Error: Decryption Failed!\n");
385
node = xmlSecFindNode(xmlDocGetRootElement(doc), BAD_CAST "EncryptedData", xmlSecEncNs);
387
fprintf(stderr,"Error: Can't find EncryptedData node\n");
394
if (iter==td->iterations) {
395
xmlDocDumpMemory(doc,&mem,&memsize);
403
int main(int argc, char *argv[]) {
404
return Test(argc,argv);