From: Scott Cantor Date: Mon, 10 Sep 2007 01:33:36 +0000 (+0000) Subject: Add samlsign to project. X-Git-Tag: 2.0-beta1~8 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-opensaml.git;a=commitdiff_plain;h=8f3c307cbe3a41f9e8367878e26589db22ef263d Add samlsign to project. --- diff --git a/.cproject b/.cproject index af0d7b1..af2ae06 100644 --- a/.cproject +++ b/.cproject @@ -47,6 +47,15 @@ + + + + + + + + + @@ -90,14 +99,9 @@ + - - - - - - - + diff --git a/Makefile.am b/Makefile.am index 6a184b1..3dbc715 100644 --- a/Makefile.am +++ b/Makefile.am @@ -10,7 +10,7 @@ dist-hook: rm -rf `find $(distdir)/samltest/data -name .svn` -SUBDIRS = doc schemas saml samltest +SUBDIRS = doc schemas saml samltest samlsign if DX_COND_doc all-local: opensaml.spec pkginfo doxygen-doc diff --git a/configure.ac b/configure.ac index 16ef22f..2f13bbc 100644 --- a/configure.ac +++ b/configure.ac @@ -269,4 +269,4 @@ AC_SUBST(DX_INCLUDE) LIBTOOL="$LIBTOOL --silent" # output makefiles -AC_OUTPUT(Makefile saml/Makefile samltest/Makefile schemas/Makefile doc/Makefile) +AC_OUTPUT(Makefile saml/Makefile samltest/Makefile samlsign/Makefile schemas/Makefile doc/Makefile) diff --git a/cpp-opensaml2.sln b/cpp-opensaml2.sln index 19f31bb..30d3cc9 100644 --- a/cpp-opensaml2.sln +++ b/cpp-opensaml2.sln @@ -2,8 +2,25 @@ Microsoft Visual Studio Solution File, Format Version 9.00 # Visual Studio 2005 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "saml", "saml\saml.vcproj", "{34DE3EA5-EA05-4261-8B63-A850FFB91768}" + ProjectSection(WebsiteProperties) = preProject + Debug.AspNetCompiler.Debug = "True" + Release.AspNetCompiler.Debug = "False" + EndProjectSection EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "samltest", "samltest\samltest.vcproj", "{8BBB3B12-DBA1-4533-9C36-2CA95F1F1659}" + ProjectSection(WebsiteProperties) = preProject + Debug.AspNetCompiler.Debug = "True" + Release.AspNetCompiler.Debug = "False" + EndProjectSection + ProjectSection(ProjectDependencies) = postProject + {34DE3EA5-EA05-4261-8B63-A850FFB91768} = {34DE3EA5-EA05-4261-8B63-A850FFB91768} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "samlsign", "samlsign\samlsign.vcproj", "{C4E58F5A-AF7E-4060-89E7-5F690682E662}" + ProjectSection(WebsiteProperties) = preProject + Debug.AspNetCompiler.Debug = "True" + Release.AspNetCompiler.Debug = "False" + EndProjectSection ProjectSection(ProjectDependencies) = postProject {34DE3EA5-EA05-4261-8B63-A850FFB91768} = {34DE3EA5-EA05-4261-8B63-A850FFB91768} EndProjectSection @@ -22,6 +39,10 @@ Global {8BBB3B12-DBA1-4533-9C36-2CA95F1F1659}.Debug|Win32.Build.0 = Debug|Win32 {8BBB3B12-DBA1-4533-9C36-2CA95F1F1659}.Release|Win32.ActiveCfg = Release|Win32 {8BBB3B12-DBA1-4533-9C36-2CA95F1F1659}.Release|Win32.Build.0 = Release|Win32 + {C4E58F5A-AF7E-4060-89E7-5F690682E662}.Debug|Win32.ActiveCfg = Debug|Win32 + {C4E58F5A-AF7E-4060-89E7-5F690682E662}.Debug|Win32.Build.0 = Debug|Win32 + {C4E58F5A-AF7E-4060-89E7-5F690682E662}.Release|Win32.ActiveCfg = Release|Win32 + {C4E58F5A-AF7E-4060-89E7-5F690682E662}.Release|Win32.Build.0 = Release|Win32 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/opensaml.spec.in b/opensaml.spec.in index ceaa57a..1dd9312 100644 --- a/opensaml.spec.in +++ b/opensaml.spec.in @@ -70,6 +70,7 @@ make check %files %defattr(-,root,root,-) %doc _docs/LICENSE.txt _docs/NOTICE.txt +%{_bindir}/samlsign %{_libdir}/libsaml.so.* %dir %{_datadir}/xml/%{name} %{_datadir}/xml/%{name} diff --git a/samlsign/.gitignore b/samlsign/.gitignore new file mode 100644 index 0000000..020e470 --- /dev/null +++ b/samlsign/.gitignore @@ -0,0 +1,3 @@ +/Debug +/Release +/*.user diff --git a/samlsign/Makefile.am b/samlsign/Makefile.am new file mode 100644 index 0000000..9df6f98 --- /dev/null +++ b/samlsign/Makefile.am @@ -0,0 +1,9 @@ +AUTOMAKE_OPTIONS = foreign + +bin_PROGRAMS = samlsign + +samlsign_SOURCES = samlsign.cpp + +samlsign_LDADD = $(top_builddir)/saml/libsaml.la + +EXTRA_DIST = samlsign.vcproj diff --git a/samlsign/samlsign.cpp b/samlsign/samlsign.cpp new file mode 100644 index 0000000..ed8c149 --- /dev/null +++ b/samlsign/samlsign.cpp @@ -0,0 +1,243 @@ +/* + * Copyright 2001-2007 Internet2 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* siterefresh.cpp - command-line tool to refresh and verify metadata + + Scott Cantor + 5/12/03 + + $Id:siterefresh.cpp 2252 2007-05-20 20:20:57Z cantor $ +*/ + +#if defined (_MSC_VER) || defined(__BORLANDC__) +# include "config_win32.h" +#else +# include "config.h" +#endif + +#ifdef WIN32 +# define _CRT_NONSTDC_NO_DEPRECATE 1 +# define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +using namespace xmlsignature; +using namespace xmlconstants; +using namespace xmltooling::logging; +using namespace xmltooling; +using namespace samlconstants; +using namespace opensaml::saml2md; +using namespace opensaml; +using namespace xercesc; +using namespace std; + +template T* buildPlugin(const char* path, PluginManager& mgr) +{ + ifstream in(path); + DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in); + XercesJanitor janitor(doc); + + static const XMLCh _type[] = UNICODE_LITERAL_4(t,y,p,e); + auto_ptr_char type(doc->getDocumentElement()->getAttributeNS(NULL,_type)); + if (type.get() && *type.get()) + return mgr.newPlugin(type.get(), doc->getDocumentElement()); + throw XMLToolingException("Missing type in plugin configuration."); +} + +CredentialResolver* buildSimpleResolver(const char* key, const char* cert) +{ + static const XMLCh _CredentialResolver[] = UNICODE_LITERAL_18(C,r,e,d,e,n,t,i,a,l,R,e,s,o,l,v,e,r); + static const XMLCh _certificate[] = UNICODE_LITERAL_11(c,e,r,t,i,f,i,c,a,t,e); + static const XMLCh _key[] = UNICODE_LITERAL_3(k,e,y); + + DOMDocument* doc = XMLToolingConfig::getConfig().getParser().newDocument(); + XercesJanitor janitor(doc); + DOMElement* root = doc->createElementNS(NULL, _CredentialResolver); + if (key) { + auto_ptr_XMLCh widenit(key); + root->setAttributeNS(NULL, _key, widenit.get()); + } + if (cert) { + auto_ptr_XMLCh widenit(cert); + root->setAttributeNS(NULL, _certificate, widenit.get()); + } + + return XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(FILESYSTEM_CREDENTIAL_RESOLVER, root); +} + +int main(int argc,char* argv[]) +{ + bool verify=true; + char* url_param=NULL; + char* path_param=NULL; + char* key_param=NULL; + char* cert_param=NULL; + char* cr_param=NULL; + char* t_param=NULL; + char* id_param=NULL; + + // metadata lookup options + char* m_param=NULL; + char* issuer=NULL; + char* prot = NULL; + const XMLCh* protocol = NULL; + char* rname = NULL; + char* rns = NULL; + + for (int i=1; i jan(doc); + auto_ptr sourcewrapper(XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true)); + jan.release(); + + // Navigate to the selected node, or use the root if no ID specified. + // Then make sure it's a SignableSAMLObject. + XMLObject* source = sourcewrapper.get(); + if (id_param) { + auto_ptr_XMLCh widenit(id_param); + source = XMLHelper::getXMLObjectById(*source, widenit.get()); + if (!source) + throw XMLToolingException("Element with ID ($1) not found.", params(1,id_param)); + } + SignableObject* signable = dynamic_cast(source); + if (!signable) + throw XMLToolingException("Input is not a signable SAML object."); + + if (verify) { + } + else { + // Build a resolver to supply a credential. + auto_ptr cr( + cr_param ? buildPlugin(cr_param, xmlconf.CredentialResolverManager) : buildSimpleResolver(key_param, cert_param) + ); + cr->lock(); + CredentialCriteria cc; + cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); + const Credential* cred = cr->resolve(&cc); + if (!cred) + throw XMLSecurityException("Unable to resolve a signing credential."); + + // Attach new signature. + Signature* sig = SignatureBuilder::buildSignature(); + signable->setSignature(sig); + + // Sign response while re-marshalling. + vector sigs(1,sig); + XMLHelper::serialize(signable->marshall((DOMDocument*)NULL,&sigs,cred), cout); + } + } + catch(exception& e) { + log.errorStream() << "caught an exception: " << e.what() << CategoryStream::ENDLINE; + ret=-10; + } + catch(XMLException& e) { + auto_ptr_char temp(e.getMessage()); + log.errorStream() << "caught a Xerces exception: " << temp.get() << CategoryStream::ENDLINE; + ret=-20; + } + + conf.term(); + return ret; +} diff --git a/samlsign/samlsign.vcproj b/samlsign/samlsign.vcproj new file mode 100644 index 0000000..a8f5c0e --- /dev/null +++ b/samlsign/samlsign.vcproj @@ -0,0 +1,184 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/samltest/samltest.vcproj b/samltest/samltest.vcproj index 1907533..f247932 100644 --- a/samltest/samltest.vcproj +++ b/samltest/samltest.vcproj @@ -61,7 +61,7 @@ /> @@ -2487,7 +2487,7 @@ >