Пример #1
0
func (sc SubjectConfirmation) MakeXMLNode(d types.Document) (types.Node, error) {
	scxml, err := d.CreateElement(ns.SAML.AddPrefix("SubjectConfirmation"))
	if err != nil {
		return nil, err
	}
	scxml.MakeMortal()
	defer scxml.AutoFree()

	method := sc.Method
	if sc.Method == "" {
		method = Bearer
	}

	scxml.SetAttribute("Method", method.String())

	scd, err := d.CreateElement(ns.SAML.AddPrefix("SubjectConfirmationData"))
	if err != nil {
		return nil, err
	}
	scd.SetAttribute("InResponseTo", sc.InResponseTo)
	scd.SetAttribute("Recipient", sc.Recipient)
	scd.SetAttribute("NotOnOrAfter", sc.NotOnOrAfter.Format(TimeFormat))

	scxml.AddChild(scd)
	scxml.MakePersistent()
	return scxml, nil
}
Пример #2
0
func (a Assertion) MakeXMLNode(d types.Document) (types.Node, error) {
	axml, err := d.CreateElementNS(ns.SAML.URI, ns.SAML.AddPrefix("Assertion"))
	if err != nil {
		return nil, err
	}

	axml.SetNamespace(ns.XMLSchema.URI, ns.XMLSchema.Prefix, false)
	axml.SetNamespace(ns.XMLSchemaInstance.URI, ns.XMLSchemaInstance.Prefix, false)
	axml.SetAttribute("ID", a.ID)
	axml.SetAttribute("Version", a.Version)
	axml.SetAttribute("IssueInstant", a.IssueInstant.Format(TimeFormat))

	iss, err := d.CreateElementNS(ns.SAML.URI, ns.SAML.AddPrefix("Issuer"))
	if err != nil {
		return nil, err
	}
	iss.AppendText(a.Issuer)
	axml.AddChild(iss)

	for _, noder := range []MakeXMLNoder{a.Subject, a.Conditions, a.AuthnStatement, a.AttributeStatement} {
		n, err := noder.MakeXMLNode(d)
		if err != nil {
			return nil, err
		}
		axml.AddChild(n)
	}

	return axml, nil
}
Пример #3
0
func XMLSecTmplSignatureCreateNsPref(doc types.Document, c14nMethod TransformID, signMethod TransformID, id string, prefix string) (types.Node, error) {
	docptr := (*C.xmlDoc)(unsafe.Pointer(doc.Pointer()))
	if docptr == nil {
		return nil, clib.ErrInvalidDocument
	}

	var xcid *C.xmlChar
	if id != "" {
		xcid = stringToXMLChar(id)
		defer C.free(unsafe.Pointer(xcid))
	}

	var xcprefix *C.xmlChar
	if prefix != "" {
		xcprefix = stringToXMLChar(prefix)
		defer C.free(unsafe.Pointer(xcprefix))
	}

	ptr := C.xmlSecTmplSignatureCreateNsPref(
		docptr,
		c14nMethod.ptr,
		signMethod.ptr,
		xcid,
		xcprefix,
	)
	if ptr == nil {
		return nil, errors.New("failed to create signature template")
	}

	return dom.WrapNode(uintptr(unsafe.Pointer(ptr)))
}
Пример #4
0
func (m Message) MakeXMLNode(d types.Document) (types.Node, error) {
	mxml, err := d.CreateElement("Message")
	if err != nil {
		return nil, err
	}
	mxml.MakeMortal()
	defer mxml.AutoFree()

	mxml.SetAttribute("ID", m.ID)
	mxml.SetAttribute("Version", m.Version)
	mxml.SetAttribute("IssueInstant", m.IssueInstant.Format(TimeFormat))
	if v := m.Destination; v != "" {
		mxml.SetAttribute("Destination", v)
	}
	if v := m.Consent; v != "" {
		mxml.SetAttribute("Consent", v)
	}

	// XXX Comeback later.
	iss, err := d.CreateElementNS(ns.SAML.URI, ns.SAML.AddPrefix("Issuer"))
	if err != nil {
		return nil, err
	}
	iss.AppendText(m.Issuer)
	mxml.AddChild(iss)

	mxml.MakePersistent()

	return mxml, nil
}
Пример #5
0
func XMLSecDSigCtxSignDocument(ctx PtrSource, doc types.Document) error {
	ctxptr, err := validDSigCtxPtr(ctx)
	if err != nil {
		return err
	}

	root, err := doc.DocumentElement()
	if err != nil {
		return err
	}

	rootptr, err := validNodePtr(root)
	if err != nil {
		return err
	}

	cname := stringToXMLChar(SignatureNode)
	cns := stringToXMLChar(DSigNs)
	defer C.free(unsafe.Pointer(cname))
	defer C.free(unsafe.Pointer(cns))

	nodeptr := C.xmlSecFindNode(rootptr, cname, cns)
	if nodeptr == nil {
		return errors.New("failed to find start node")
	}

	return xmlSecDSigCtxSignRaw(ctxptr, nodeptr)
}
Пример #6
0
func (n NameID) MakeXMLNode(d types.Document) (types.Node, error) {
	nameid, err := d.CreateElement(ns.SAML.AddPrefix("NameID"))
	if err != nil {
		return nil, err
	}
	nameid.SetAttribute("Format", n.Format.String())
	nameid.AppendText(n.Value)
	return nameid, nil
}
Пример #7
0
func (nif Format) MakeXMLNode(doc types.Document) (types.Node, error) {
	root, err := doc.CreateElement("md:NameIDFormat")
	if err != nil {
		return nil, err
	}

	root.AppendText(Transient)
	return root, nil
}
Пример #8
0
func constructAuthnRequest(doc types.Document) (*AuthnRequest, error) {
	root, err := doc.DocumentElement()
	if err != nil {
		return nil, errors.New("failed to fetch document element: " + err.Error())
	}

	ar := &AuthnRequest{}
	if err := ar.PopulateFromXML(root); err != nil {
		return nil, errors.New("failed to populate from xml: " + err.Error())
	}
	return ar, nil
}
Пример #9
0
func (a Attribute) MakeXMLNode(d types.Document) (types.Node, error) {
	axml, err := d.CreateElement(ns.SAML.AddPrefix("Attribute"))
	if err != nil {
		return nil, err
	}
	axml.MakeMortal()
	defer axml.AutoFree()

	axml.SetAttribute("Name", a.Name)

	// Process xmlns first
	for k, v := range a.Attrs {
		if !strings.HasPrefix(k, "xmlns") {
			continue
		}

		prefix := ""
		if i := strings.IndexByte(k, ':'); i > 0 {
			prefix = k[i+1:]
		}
		if err := axml.SetNamespace(v, prefix, false); err != nil {
			return nil, err
		}
	}

	for k, v := range a.Attrs {
		if strings.HasPrefix(k, "xmlns") {
			continue
		}

		if i := strings.IndexByte(k, ':'); i > 0 {
			if _, err := axml.LookupNamespaceURI(k[:i]); err != nil {
				return nil, err
			}
			axml.SetAttribute(k, v)
		}
	}

	if v := a.FriendlyName; v != "" {
		axml.SetAttribute("FriendlyName", v)
	}

	for _, v := range a.Values {
		vxml, err := v.MakeXMLNode(d)
		if err != nil {
			return nil, err
		}
		axml.AddChild(vxml)
	}
	axml.MakePersistent()
	return axml, nil
}
Пример #10
0
func (av AttributeValue) MakeXMLNode(d types.Document) (types.Node, error) {
	avxml, err := d.CreateElement(ns.SAML.AddPrefix("AttributeValue"))
	if err != nil {
		return nil, err
	}
	avxml.MakeMortal()
	defer avxml.AutoFree()

	avxml.SetAttribute(ns.XMLSchemaInstance.AddPrefix("type"), av.Type)
	avxml.AppendText(av.Value)
	avxml.MakePersistent()
	return avxml, nil
}
Пример #11
0
func (s AssertionConsumerService) MakeXMLNode(doc types.Document) (types.Node, error) {
	root, err := doc.CreateElement("md:AssertionConsumerService")
	if err != nil {
		return nil, err
	}
	defer root.AutoFree()
	root.MakeMortal()

	root.SetAttribute("Binding", s.ProtocolBinding)
	root.SetAttribute("Location", s.Location)
	root.SetAttribute("index", strconv.Itoa(s.Index))

	root.MakePersistent()
	return root, nil
}
Пример #12
0
func (e Endpoint) MakeXMLNode(doc types.Document) (types.Node, error) {
	root, err := doc.CreateElement(fmt.Sprintf("md:%s", e.Name))
	if err != nil {
		return nil, err
	}

	if v := e.ProtocolBinding.String(); v != "" {
		root.SetAttribute("Binding", v)
	}
	if v := e.Location; v != "" {
		root.SetAttribute("Location", v)
	}
	if v := e.ResponseLocation; v != "" {
		root.SetAttribute("ResponseLocation", v)
	}

	return root, nil
}
Пример #13
0
func (ac AuthnContext) MakeXMLNode(d types.Document) (types.Node, error) {
	acxml, err := d.CreateElement(ns.SAML.AddPrefix("AuthnContext"))
	if err != nil {
		return nil, err
	}
	acxml.MakeMortal()
	defer acxml.AutoFree()

	accxml, err := d.CreateElement(ns.SAML.AddPrefix("AuthnContextClassRef"))
	if err != nil {
		return nil, err
	}
	acxml.AddChild(accxml)
	accxml.AppendText(ac.AuthnContextClassRef.String())

	acxml.MakePersistent()
	return acxml, nil
}
Пример #14
0
func (as AuthnStatement) MakeXMLNode(d types.Document) (types.Node, error) {
	asxml, err := d.CreateElement(ns.SAML.AddPrefix("AuthnStatement"))
	if err != nil {
		return nil, err
	}
	asxml.MakeMortal()
	defer asxml.AutoFree()

	asxml.SetAttribute("AuthnInstant", as.AuthnInstant.Format(TimeFormat))
	asxml.SetAttribute("SessionIndex", as.SessionIndex)
	acxml, err := as.AuthnContext.MakeXMLNode(d)
	if err != nil {
		return nil, err
	}
	asxml.AddChild(acxml)
	asxml.MakePersistent()
	return asxml, nil
}
Пример #15
0
func (ar AudienceRestriction) MakeXMLNode(d types.Document) (types.Node, error) {
	axml, err := d.CreateElement(ns.SAML.AddPrefix("AudienceRestriction"))
	if err != nil {
		return nil, err
	}
	axml.MakeMortal()
	defer axml.AutoFree()

	for _, a := range ar.Audience {
		audxml, err := d.CreateElement(ns.SAML.AddPrefix("Audience"))
		if err != nil {
			return nil, err
		}
		axml.AddChild(audxml)
		audxml.AppendText(string(a))
	}
	axml.MakePersistent()
	return axml, nil
}
Пример #16
0
func (nip NameIDPolicy) MakeXMLNode(d types.Document) (types.Node, error) {
	nipxml, err := d.CreateElement(ns.SAML.AddPrefix("NameIDPolicy"))
	if err != nil {
		return nil, err
	}
	nipxml.MakeMortal()
	defer nipxml.AutoFree()

	nipxml.SetAttribute("AllowCreate", strconv.FormatBool(nip.AllowCreate))

	if v := nip.Format; v != "" {
		nipxml.SetAttribute("Format", v.String())
	}
	if v := nip.SPNameQualifier; v != "" {
		nipxml.SetAttribute("SPNameQualifier", v)
	}
	nipxml.MakePersistent()
	return nipxml, nil
}
Пример #17
0
func (as AttributeStatement) MakeXMLNode(d types.Document) (types.Node, error) {
	asxml, err := d.CreateElement(ns.SAML.AddPrefix("AttributeStatement"))
	if err != nil {
		return nil, err
	}
	asxml.MakeMortal()
	defer asxml.AutoFree()

	for _, attr := range as.Attributes {
		attrxml, err := attr.MakeXMLNode(d)
		if err != nil {
			return nil, err
		}
		asxml.AddChild(attrxml)
	}

	asxml.MakePersistent()
	return asxml, nil
}
Пример #18
0
func (s Subject) MakeXMLNode(d types.Document) (types.Node, error) {
	sub, err := d.CreateElement(ns.SAML.AddPrefix("Subject"))
	if err != nil {
		return nil, err
	}
	sub.MakeMortal()
	defer sub.AutoFree()

	for _, noder := range []MakeXMLNoder{s.NameID, s.SubjectConfirmation} {
		n, err := noder.MakeXMLNode(d)
		if err != nil {
			return nil, err
		}
		sub.AddChild(n)
	}

	sub.MakePersistent()
	return sub, nil
}
Пример #19
0
func (res Response) MakeXMLNode(d types.Document) (types.Node, error) {
	oresxml, err := res.Message.MakeXMLNode(d)
	if err != nil {
		return nil, err
	}

	resxml := oresxml.(types.Element)
	resxml.MakeMortal()
	defer resxml.AutoFree()

	resxml.SetNodeName("Response")
	resxml.SetNamespace(ns.SAMLP.URI, ns.SAMLP.Prefix, true)
	resxml.SetNamespace(ns.SAML.URI, ns.SAML.Prefix, false)

	if v := res.InResponseTo; v != "" {
		resxml.SetAttribute("InResponseTo", v)
	}
	st, err := d.CreateElement("samlp:Status")
	if err != nil {
		return nil, err
	}
	stc, err := d.CreateElement("samlp:StatusCode")
	if err != nil {
		return nil, err
	}
	stc.SetAttribute("Value", res.Status.String())
	st.AddChild(stc)
	resxml.AddChild(st)

	if assertion := res.Assertion; assertion != nil {
		axml, err := assertion.MakeXMLNode(d)
		if err != nil {
			return nil, err
		}

		resxml.AddChild(axml)
	}

	resxml.MakePersistent()

	return resxml, nil
}
Пример #20
0
func (rac RequestedAuthnContext) MakeXMLNode(d types.Document) (types.Node, error) {
	racxml, err := d.CreateElement(ns.SAML.AddPrefix("RequestedAuthnContext"))
	if err != nil {
		return nil, err
	}
	racxml.MakeMortal()
	defer racxml.AutoFree()

	racxml.SetAttribute("Comparison", rac.Comparison)

	accxml, err := d.CreateElement(ns.SAML.AddPrefix("AuthnContextClassRef"))
	if err != nil {
		return nil, err
	}
	racxml.AddChild(accxml)
	accxml.AppendText(rac.AuthnContextClassRef)

	racxml.MakePersistent()
	return racxml, nil
}
Пример #21
0
func (c Conditions) MakeXMLNode(d types.Document) (types.Node, error) {
	cxml, err := d.CreateElement(ns.SAML.AddPrefix("Conditions"))
	if err != nil {
		return nil, err
	}
	cxml.MakeMortal()
	defer cxml.AutoFree()

	// XXX shobosso says to use RFC3339
	cxml.SetAttribute("NotBefore", c.NotBefore.Format(time.RFC3339))
	cxml.SetAttribute("NotOnOrAfter", c.NotOnOrAfter.Format(time.RFC3339))

	arxml, err := c.AudienceRestriction.MakeXMLNode(d)
	if err != nil {
		return nil, err
	}
	cxml.AddChild(arxml)
	cxml.MakePersistent()
	return cxml, err
}
Пример #22
0
func (kd KeyDescriptor) MakeXMLNode(doc types.Document) (types.Node, error) {
	kdnode, err := doc.CreateElement("md:KeyDescriptor")
	if err != nil {
		return nil, err
	}
	defer kdnode.AutoFree()
	kdnode.MakeMortal()

	if v := kd.Use; v != "" {
		kdnode.SetAttribute("use", v)
	}

	keynode, err := kd.Key.MakeXMLNode(doc)
	if err != nil {
		return nil, err
	}
	kdnode.AddChild(keynode)

	kdnode.MakePersistent()

	return kdnode, nil
}
Пример #23
0
func XMLSecDSigCtxVerifyDocument(ctx PtrSource, doc types.Document) error {
	ctxptr, err := validDSigCtxPtr(ctx)
	if err != nil {
		return err
	}

	root, err := doc.DocumentElement()
	if err != nil {
		return err
	}

	rootptr, err := validNodePtr(root)
	if err != nil {
		return err
	}

	nodeptr := findSignatureNode(rootptr)
	if nodeptr == nil {
		return errors.New("failed to find start node")
	}
	return XMLSecDSigCtxVerifyRaw(ctxptr, nodeptr)
}
Пример #24
0
func (key *RSA) MakeXMLNode(doc types.Document) (types.Node, error) {
	var root types.Node
	var err error

	prefix, err := doc.LookupNamespacePrefix(xmlsec.DSigNs)
	if err != nil {
		// namespace does not exist. make me a namespace
		root, err = doc.CreateElementNS(xmlsec.DSigNs, xmlsec.Prefix+":KeyInfo")
		if err != nil {
			return nil, err
		}
		prefix = xmlsec.Prefix
	} else {
		root, err = doc.CreateElement(prefix + ":KeyInfo")
		if err != nil {
			return nil, err
		}
	}
	defer root.AutoFree()
	root.MakeMortal()

	kvnode, err := doc.CreateElement(prefix + ":KeyValue")
	if err != nil {
		return nil, err
	}
	root.AddChild(kvnode)

	rsakeynode, err := doc.CreateElement(prefix + ":RSAKeyValue")
	if err != nil {
		return nil, err
	}
	kvnode.AddChild(rsakeynode)

	mnode, err := doc.CreateElement(prefix + ":Modulus")
	if err != nil {
		return nil, err
	}
	mnode.AppendText(base64.StdEncoding.EncodeToString(key.key.N.Bytes()))
	rsakeynode.AddChild(mnode)

	enode, err := doc.CreateElement(prefix + ":Exponent")
	if err != nil {
		return nil, err
	}

	data := make([]byte, 8)
	binary.BigEndian.PutUint64(data, uint64(key.key.E))
	i := 0
	for ; i < len(data); i++ {
		if data[i] != 0x0 {
			break
		}
	}
	enode.AppendText(base64.StdEncoding.EncodeToString(data[i:]))
	rsakeynode.AddChild(enode)

	root.MakePersistent()

	return root, nil
}
Пример #25
0
// MakeXMLNode creates a libxml2 node tree to represent this DSA key
func (key *DSA) MakeXMLNode(doc types.Document) (types.Node, error) {
	var root types.Node
	var err error

	prefix, err := doc.LookupNamespacePrefix(xmlsec.DSigNs)
	if err != nil {
		// namespace does not exist. make me a namespace
		root, err = doc.CreateElementNS(xmlsec.DSigNs, xmlsec.Prefix+":KeyInfo")
		if err != nil {
			return nil, err
		}
		prefix = xmlsec.Prefix
	} else {
		root, err = doc.CreateElement(prefix + ":KeyInfo")
		if err != nil {
			return nil, err
		}
	}
	defer root.AutoFree()
	root.MakeMortal()

	kvnode, err := doc.CreateElement(prefix + ":KeyValue")
	if err != nil {
		return nil, err
	}
	root.AddChild(kvnode)

	dsakeynode, err := doc.CreateElement(prefix + ":DSAKeyValue")
	if err != nil {
		return nil, err
	}
	kvnode.AddChild(dsakeynode)

	pnode, err := doc.CreateElement(prefix + ":P")
	if err != nil {
		return nil, err
	}
	pnode.AppendText(base64.StdEncoding.EncodeToString(key.key.P.Bytes()))
	dsakeynode.AddChild(pnode)

	qnode, err := doc.CreateElement(prefix + ":Q")
	if err != nil {
		return nil, err
	}
	qnode.AppendText(base64.StdEncoding.EncodeToString(key.key.Q.Bytes()))
	dsakeynode.AddChild(qnode)

	gnode, err := doc.CreateElement(prefix + ":G")
	if err != nil {
		return nil, err
	}
	gnode.AppendText(base64.StdEncoding.EncodeToString(key.key.G.Bytes()))
	dsakeynode.AddChild(gnode)

	ynode, err := doc.CreateElement(prefix + ":Y")
	if err != nil {
		return nil, err
	}
	ynode.AppendText(base64.StdEncoding.EncodeToString(key.key.Y.Bytes()))
	dsakeynode.AddChild(ynode)

	root.MakePersistent()

	return root, nil
}
Пример #26
0
func (desc IDPDescriptor) MakeXMLNode(doc types.Document) (types.Node, error) {
	root, err := doc.CreateElementNS(ns.Metadata.URI, ns.Metadata.AddPrefix("EntityDescriptor"))
	if err != nil {
		return nil, err
	}
	defer root.AutoFree()
	root.MakeMortal()

	root.SetNamespace(ns.XMLDSignature.URI, ns.XMLDSignature.Prefix, false)
	root.SetAttribute("entityID", desc.ID())

	idpdesc, err := doc.CreateElement("md:IDPSSODescriptor")
	if err != nil {
		return nil, err
	}
	root.AddChild(idpdesc)

	if len(desc.RoleDescriptor.ProtocolSupportEnumerations) == 0 {
		desc.RoleDescriptor.ProtocolSupportEnumerations = []string{ns.SAMLP.URI}
	}

	protobuf := bytes.Buffer{}
	for i, proto := range desc.RoleDescriptor.ProtocolSupportEnumerations {
		protobuf.WriteString(proto)
		if i != len(desc.RoleDescriptor.ProtocolSupportEnumerations)-1 {
			protobuf.WriteString(" ")
		}
	}
	idpdesc.SetAttribute("protocolSupportEnumeration", protobuf.String())

	if k := desc.KeyDescriptor; k != nil {
		kdesc, err := k.MakeXMLNode(doc)
		if err != nil {
			return nil, err
		}
		idpdesc.AddChild(kdesc)
	}

	if v := desc.ErrorURL; v != "" {
		idpdesc.SetAttribute("errorURL", v)
	}

	for _, sls := range desc.SingleLogoutServices() {
		sls.Name = "SingleLogoutService"
		slsdesc, err := sls.MakeXMLNode(doc)
		if err != nil {
			return nil, err
		}
		idpdesc.AddChild(slsdesc)
	}
	{
		nif, err := desc.NameIDFormat.MakeXMLNode(doc)
		if err != nil {
			return nil, err
		}
		idpdesc.AddChild(nif)
	}
	for _, ssos := range desc.SingleSignOnService {
		ssos.Name = "SingleSignOnService"
		ssosdesc, err := ssos.MakeXMLNode(doc)
		if err != nil {
			return nil, err
		}
		idpdesc.AddChild(ssosdesc)
	}

	if cp := desc.ContactPerson; cp != nil {
		cpnode, err := cp.MakeXMLNode(doc)
		if err != nil {
			return nil, err
		}
		root.AddChild(cpnode)
	}
	root.MakePersistent()

	return root, nil
}
Пример #27
0
func (cp ContactPerson) MakeXMLNode(doc types.Document) (types.Node, error) {
	root, err := doc.CreateElement("md:ContactPerson")
	if err != nil {
		return nil, err
	}
	defer root.AutoFree()
	root.MakeMortal()

	root.SetAttribute("contactType", cp.Type)

	if v := cp.Company; v != "" {
		c, err := doc.CreateElement("md:Company")
		if err != nil {
			return nil, err
		}
		c.AppendText(v)
		root.AddChild(c)
	}

	if v := cp.GivenName; v != "" {
		gn, err := doc.CreateElement("md:GivenName")
		if err != nil {
			return nil, err
		}
		gn.AppendText(v)
		root.AddChild(gn)
	}

	if v := cp.SurName; v != "" {
		sn, err := doc.CreateElement("md:SurName")
		if err != nil {
			return nil, err
		}
		sn.AppendText(v)
		root.AddChild(sn)
	}

	if v := cp.EmailAddress; v != "" {
		ea, err := doc.CreateElement("md:EmailAddress")
		if err != nil {
			return nil, err
		}
		ea.AppendText(v)
		root.AddChild(ea)
	}

	if v := cp.TelephoneNumber; v != "" {
		tn, err := doc.CreateElement("md:TelephoneNumber")
		if err != nil {
			return nil, err
		}
		tn.AppendText(v)
		root.AddChild(tn)
	}

	root.MakePersistent()

	return root, nil
}