Exemplo n.º 1
0
// Sign populates the signature for the payload. The signature is generated
// using the specified key
func (s *Signature) Sign(key *crypto.Key) error {
	km, err := crypto.NewKeyManager()
	ctx, err := NewCtx(km)
	if err != nil {
		return err
	}
	defer ctx.Free()
	defer km.Free()

	if err := km.AdoptKey(key); err != nil {
		return err
	}

	return ctx.SignNode(s.signnode)
}
Exemplo n.º 2
0
func TestKeysManager(t *testing.T) {
	mngr, err := crypto.NewKeyManager()
	if !assert.NoError(t, err, "NewKeyManager succeeds") {
		return
	}
	defer mngr.Free()

	privkey, err := rsa.GenerateKey(rand.Reader, 2048)
	if !assert.NoError(t, err, "Generating private key should succeed") {
		return
	}

	if !assert.NoError(t, mngr.LoadKeyFromRSAPrivateKey(privkey), "LoadKeyFromRSAPrivateKey succeeds") {
		return
	}
}
Exemplo n.º 3
0
func (v *SignatureVerify) Verify(buf []byte) error {
	p := parser.New(parser.XMLParseDTDLoad | parser.XMLParseDTDAttr | parser.XMLParseNoEnt)
	doc, err := p.Parse(buf)
	if err != nil {
		return err
	}
	defer doc.Free()

	mngr, err := crypto.NewKeyManager()
	if err != nil {
		return err
	}
	defer mngr.Free()

	ctx, err := NewCtx(mngr)
	if err != nil {
		return err
	}
	defer ctx.Free()

	root, err := doc.DocumentElement()
	if err != nil {
		return err
	}
	signode, err := clib.FindSignatureNode(root)
	if err != nil {
		return err
	}

	// Create a key manager, load keys from KeyInfo
	prefix, err := signode.LookupNamespacePrefix(xmlsec.DSigNs)
	if err != nil {
		return err
	}
	if prefix == "" {
		prefix = xmlsec.Prefix
	}

	xpc, err := xpath.NewContext(signode)
	if err != nil {
		return err
	}

	xpc.RegisterNS(prefix, xmlsec.Prefix)

	iter := xpath.NodeIter(xpc.Find("//" + prefix + ":KeyInfo"))
	for iter.Next() {
		n := iter.Node()
		if err := mngr.GetKey(n); err != nil {
			return err
		}
	}

	if key := v.key; key != nil {
		cpy, err := key.Copy()
		if err != nil {
			return err
		}

		if err := ctx.SetKey(cpy); err != nil {
			return err
		}
	}

	return ctx.Verify(doc)
}