summaryrefslogtreecommitdiff
path: root/examples
diff options
context:
space:
mode:
authorsangwan.kwon <sangwan.kwon@samsung.com>2016-07-27 15:33:38 +0900
committersangwan.kwon <sangwan.kwon@samsung.com>2016-07-27 15:39:05 +0900
commitd4d35351fd63a7051a7cbef2002cb0c641925ec3 (patch)
treed390d823f40a886547b932f9bd9239fe81ef6056 /examples
parentcaccc67c33486a1d1b29f227071851961b29a722 (diff)
downloadxmlsec1-upstream.tar.gz
xmlsec1-upstream.tar.bz2
xmlsec1-upstream.zip
Imported Upstream version 1.2.22upstream/1.2.22upstream
Change-Id: I4d17734839f021e46aef7a30483ac17e8c85fb1d Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
Diffstat (limited to 'examples')
-rw-r--r--examples/Makefile7
-rw-r--r--examples/Makefile.w3224
-rw-r--r--examples/README160
-rw-r--r--examples/ca2cert.pem64
-rw-r--r--examples/cacert.pem67
-rw-r--r--examples/decrypt1.c4
-rw-r--r--examples/decrypt2.c4
-rw-r--r--examples/decrypt3.c4
-rw-r--r--examples/encrypt1.c4
-rw-r--r--examples/encrypt2.c4
-rw-r--r--examples/encrypt3-res.xml16
-rw-r--r--examples/encrypt3.c4
-rw-r--r--examples/mywin32make.bat2
-rw-r--r--examples/rootcert.pem25
-rw-r--r--examples/rsacert.pem112
-rw-r--r--examples/rsakey.pem32
-rw-r--r--examples/rsapub.pem9
-rw-r--r--examples/sign1-res.xml10
-rw-r--r--examples/sign1.c4
-rw-r--r--examples/sign2-res.xml10
-rw-r--r--examples/sign2.c4
-rw-r--r--examples/sign3-res.xml57
-rw-r--r--examples/sign3.c6
-rw-r--r--examples/verify1.c4
-rw-r--r--examples/verify2.c4
-rw-r--r--examples/verify3.c6
-rw-r--r--examples/verify4-res.xml57
-rw-r--r--examples/verify4.c10
-rw-r--r--examples/xkms-server.c839
-rw-r--r--examples/xmldsigverify.c4
30 files changed, 364 insertions, 1193 deletions
diff --git a/examples/Makefile b/examples/Makefile
index a237b987..89b1d61b 100644
--- a/examples/Makefile
+++ b/examples/Makefile
@@ -6,8 +6,7 @@ PROGRAMS = \
verify1 verify2 verify3 verify4 \
encrypt1 encrypt2 encrypt3 \
decrypt1 decrypt2 decrypt3 \
- xmldsigverify \
- xkms-server
+ xmldsigverify
CC = gcc
CFLAGS += -g $(shell xmlsec1-config --cflags) -DUNIX_SOCKETS
@@ -26,8 +25,8 @@ check: $(PROGRAMS)
./verify1 sign2-res.xml rsapub.pem
./verify2 sign1-res.xml rsapub.pem
./verify2 sign2-res.xml rsapub.pem
- ./verify3 sign3-res.xml rootcert.pem
- ./verify4 verify4-res.xml rootcert.pem
+ ./verify3 sign3-res.xml ca2cert.pem cacert.pem
+ ./verify4 verify4-res.xml ca2cert.pem cacert.pem
./encrypt1 encrypt1-tmpl.xml deskey.bin
./encrypt2 encrypt2-doc.xml deskey.bin
./encrypt3 encrypt3-doc.xml rsakey.pem
diff --git a/examples/Makefile.w32 b/examples/Makefile.w32
index ee81ab39..b7c5723f 100644
--- a/examples/Makefile.w32
+++ b/examples/Makefile.w32
@@ -1,12 +1,11 @@
# Makefile for xmlsec, specific for Windows, MSVC and NMAKE.
#
# Take a look at the beginning and modify the variables to suit your
-# environment. Having done that, you can do a
-
-XMLSEC_STATIC = yes
-XMLSEC_CRYPTO = openssl
-XMLSEC_CFLAGS =
-XMLSEC_LIBS =
+# environment.
+XMLSEC_STATIC = yes
+XMLSEC_DEFAULT_CRYPTO = openssl
+XMLSEC_CFLAGS =
+XMLSEC_LIBS =
# There should never be a need to modify anything below this line.
XMLSEC_OBJS_DIR = build
@@ -24,23 +23,22 @@ XMLSEC_EXAMPLES = \
$(XMLSEC_OBJS_DIR)\decrypt1.exe \
$(XMLSEC_OBJS_DIR)\decrypt2.exe \
$(XMLSEC_OBJS_DIR)\decrypt3.exe \
- $(XMLSEC_OBJS_DIR)\xkms-server.exe \
#
-!IF "$(XMLSEC_CRYPTO)" == "openssl"
-XMLSEC_CFLAGS = $(XMLSEC_CFLAGS) /D "XMLSEC_CRYPTO_OPENSSL" /D "XMLSEC_CRYPTO=\"openssl\""
+!IF "$(XMLSEC_DEFAULT_CRYPTO)" == "openssl"
+XMLSEC_CFLAGS = $(XMLSEC_CFLAGS) /D "XMLSEC_CRYPTO_OPENSSL" /D "XMLSEC_DEFAULT_CRYPTO=\"openssl\""
XMLSEC_SOLIBS = libxmlsec-openssl.lib libeay32.lib wsock32.lib user32.lib gdi32.lib
XMLSEC_ALIBS = libxmlsec-openssl_a.lib libeay32.lib wsock32.lib user32.lib gdi32.lib
!ENDIF
-!IF "$(XMLSEC_CRYPTO)" == "nss"
-XMLSEC_CFLAGS = $(XMLSEC_CFLAGS) /D "XMLSEC_CRYPTO_NSS" /D "XMLSEC_CRYPTO=\"nss\""
+!IF "$(XMLSEC_DEFAULT_CRYPTO)" == "nss"
+XMLSEC_CFLAGS = $(XMLSEC_CFLAGS) /D "XMLSEC_CRYPTO_NSS" /D "XMLSEC_DEFAULT_CRYPTO=\"nss\""
XMLSEC_SOLIBS = libxmlsec-nss.lib nss3.lib nspr4.lib plds4.lib plc4.lib
XMLSEC_ALIBS = libxmlsec-nss_a.lib nss3.lib nspr4.lib plds4.lib plc4.lib
!ENDIF
-!IF "$(XMLSEC_CRYPTO)" == "mscrypto"
-XMLSEC_CFLAGS = $(XMLSEC_CFLAGS) /D "XMLSEC_CRYPTO_MSCRYPTO" /D "XMLSEC_CRYPTO=\"mscrypto\""
+!IF "$(XMLSEC_DEFAULT_CRYPTO)" == "mscrypto"
+XMLSEC_CFLAGS = $(XMLSEC_CFLAGS) /D "XMLSEC_CRYPTO_MSCRYPTO" /D "XMLSEC_DEFAULT_CRYPTO=\"mscrypto\""
XMLSEC_SOLIBS = libxmlsec-mscrypto.lib user32.lib gdi32.lib crypt32.lib advapi32.lib
XMLSEC_ALIBS = libxmlsec-mscrypto_a.lib user32.lib gdi32.lib crypt32.lib advapi32.lib
!ENDIF
diff --git a/examples/README b/examples/README
index bd680289..efbe0b2a 100644
--- a/examples/README
+++ b/examples/README
@@ -3,42 +3,43 @@ This folder contains XML Security Library examples.
1. Files List
-------------------------
- README This file.
- Makefile *nix makefile.
- Makefile.w32 Win32 makefile.
- rsakey.pem Private PEM key file
- rsapub.pem Public PEM key file
- rsacert.pem Certificate for rsakey.pem signed with rootcert.pem
- rootcert.pem Root (trusted) certificate
- deskey.bin A DES keys
- sign1.c Signing with a template file
- sign1-tmpl.xml An example template file for sign1 example
- sign1-res.xml The result of processing sign1_tmpl.xml by sign1.c
- sign2.c Signing a file with a dynamicaly created template
- sign2-doc.xml An example XML file for signing by sign2.c
- sign2-res.xml The result of signing sign2-doc.xml by sign2.c
- sign3.c Signing a file with a dynamicaly created template and an X509 certificate
- sign3-doc.xml An example XML file for signing by sign3.c
- sign3-res.xml The result of signing sign3-doc.xml by sign3.c
- verify1.c Verifying a signed document with a single key
- verify2.c Verifying a signed document using keys manager
- verify3.c Verifying a signed document using X509 certificate
- verify4.c Verifying a simple SAML response using X509 certificate
- verify4-tmpl.xml An example template file with a simple SAML response for verify4 example
- verify4-res.xml Signed simple SAML response for verification by verify4.c
- encrypt1.c Encrypting binary data with a template file
- encrypt1-res.xml An example template file for encrypt1.c
- encrypt1-tmpl.xml The result of processing encrypt1_tmpl.xml by encrypt1.c
- encrypt2.c Encrypting XML file using a dynamicaly created template
- encrypt2-doc.xml An example XML file for encryption by encrypt2.c
- encrypt2-res.xml The result of encryptin encrypt2-doc.xml by encrypt2.c
- encrypt2.c Encrypting XML file using a session DES key
- encrypt2-doc.xml An example XML file for encryption by encrypt3.c
- encrypt2-res.xml The result of encryptin encrypt3-doc.xml by encrypt3.c
- decrypt1.c Decrypting binary data using a single key
- decrypt2.c Decrypting binary data using keys manager
- decrypt3.c Decrypting binary file using custom keys manager
- xmldsigverify.c CGI script for signatures verifications
+ README This file.
+ Makefile *nix makefile.
+ Makefile.w32 Win32 makefile.
+ cacert.pem Root (trusted) certificate
+ ca2cert.pem CA (trusted) certificate (signed with cacert.pem)
+ rsakey.pem Private PEM key file
+ rsapub.pem Public PEM key file
+ rsacert.pem Certificate for rsakey.pem signed with ca2cert.pem
+ deskey.bin A DES keys
+ sign1.c Signing with a template file
+ sign1-tmpl.xml An example template file for sign1 example
+ sign1-res.xml The result of processing sign1_tmpl.xml by sign1.c
+ sign2.c Signing a file with a dynamicaly created template
+ sign2-doc.xml An example XML file for signing by sign2.c
+ sign2-res.xml The result of signing sign2-doc.xml by sign2.c
+ sign3.c Signing a file with a dynamicaly created template and an X509 certificate
+ sign3-doc.xml An example XML file for signing by sign3.c
+ sign3-res.xml The result of signing sign3-doc.xml by sign3.c
+ verify1.c Verifying a signed document with a single key
+ verify2.c Verifying a signed document using keys manager
+ verify3.c Verifying a signed document using X509 certificate
+ verify4.c Verifying a simple SAML response using X509 certificate
+ verify4-tmpl.xml An example template file with a simple SAML response for verify4 example
+ verify4-res.xml Signed simple SAML response for verification by verify4.c
+ encrypt1.c Encrypting binary data with a template file
+ encrypt1-res.xml An example template file for encrypt1.c
+ encrypt1-tmpl.xml The result of processing encrypt1_tmpl.xml by encrypt1.c
+ encrypt2.c Encrypting XML file using a dynamicaly created template
+ encrypt2-doc.xml An example XML file for encryption by encrypt2.c
+ encrypt2-res.xml The result of encryptin encrypt2-doc.xml by encrypt2.c
+ encrypt2.c Encrypting XML file using a session DES key
+ encrypt2-doc.xml An example XML file for encryption by encrypt3.c
+ encrypt2-res.xml The result of encryptin encrypt3-doc.xml by encrypt3.c
+ decrypt1.c Decrypting binary data using a single key
+ decrypt2.c Decrypting binary data using keys manager
+ decrypt3.c Decrypting binary file using custom keys manager
+ xmldsigverify.c CGI script for signatures verifications
2. Building Examples
-------------------------
@@ -70,57 +71,44 @@ Other platforms:
The following are just examples and you can use the programs from this
folder with any other input files:
- ./sign1 sign1-tmpl.xml rsakey.pem
- ./sign2 sign2-doc.xml rsakey.pem
- ./sign3 sign3-doc.xml rsakey.pem rsacert.pem
-
- ./verify1 sign1-res.xml rsapub.pem
- ./verify1 sign2-res.xml rsapub.pem
- ./verify2 sign1-res.xml rsapub.pem
- ./verify2 sign2-res.xml rsapub.pem
- ./verify3 sign3-res.xml rootcert.pem
- ./verify4 verify4-res.xml rootcert.pem
-
- ./encrypt1 encrypt1-tmpl.xml deskey.bin
- ./encrypt2 encrypt2-doc.xml deskey.bin
- ./encrypt3 encrypt3-doc.xml rsakey.pem
-
- ./decrypt1 encrypt1-res.xml deskey.bin
- ./decrypt1 encrypt2-res.xml deskey.bin
- ./decrypt2 encrypt1-res.xml deskey.bin
- ./decrypt2 encrypt2-res.xml deskey.bin
- ./decrypt3 encrypt1-res.xml
- ./decrypt3 encrypt2-res.xml
- ./decrypt3 encrypt3-res.xml
+ ./sign1 sign1-tmpl.xml rsakey.pem
+ ./sign2 sign2-doc.xml rsakey.pem
+ ./sign3 sign3-doc.xml rsakey.pem rsacert.pem
+
+ ./verify1 sign1-res.xml rsapub.pem
+ ./verify1 sign2-res.xml rsapub.pem
+ ./verify2 sign1-res.xml rsapub.pem
+ ./verify2 sign2-res.xml rsapub.pem
+ ./verify3 sign3-res.xml ca2cert.pem cacert.pem
+ ./verify4 verify4-res.xml ca2cert.pem cacert.pem
+
+ ./encrypt1 encrypt1-tmpl.xml deskey.bin
+ ./encrypt2 encrypt2-doc.xml deskey.bin
+ ./encrypt3 encrypt3-doc.xml rsakey.pem
+
+ ./decrypt1 encrypt1-res.xml deskey.bin
+ ./decrypt1 encrypt2-res.xml deskey.bin
+ ./decrypt2 encrypt1-res.xml deskey.bin
+ ./decrypt2 encrypt2-res.xml deskey.bin
+ ./decrypt3 encrypt1-res.xml
+ ./decrypt3 encrypt2-res.xml
+ ./decrypt3 encrypt3-res.xml
4. Using xmlsec command line tool.
-------------------------
-For Windows, use "xmlsec" instead of "xmlsec1".
- xmlsec1 sign --privkey rsakey.pem --output sign1.xml sign1-tmpl.xml
- xmlsec1 verify --pubkey rsapub.pem sign1.xml
- xmlsec1 verify --pubkey rsapub.pem sign1-res.xml
- xmlsec1 verify --pubkey rsapub.pem sign2-res.xml
- xmlsec1 verify --trusted rootcert.pem sign3-res.xml
- xmlsec1 verify --trusted rootcert.pem verify4-res.xml
-
- xmlsec1 encrypt --deskey deskey.bin --binary-data binary.dat --output encrypt1.xml encrypt1-tmpl.xml
- xmlsec1 decrypt --deskey deskey.bin encrypt1.xml
- xmlsec1 decrypt --deskey deskey.bin encrypt1-res.xml
- xmlsec1 decrypt --deskey deskey.bin encrypt2-res.xml
- xmlsec1 decrypt --privkey rsakey.pem encrypt3-res.xml
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+For Windows, use "xmlsec" instead of "xmlsec1":
+
+ xmlsec1 sign --privkey rsakey.pem --output sign1.xml sign1-tmpl.xml
+ xmlsec1 verify --pubkey rsapub.pem sign1.xml
+ xmlsec1 verify --pubkey rsapub.pem sign1-res.xml
+ xmlsec1 verify --pubkey rsapub.pem sign2-res.xml
+ xmlsec1 verify --trusted ca2cert.pem --trusted cacert.pem sign3-res.xml
+ xmlsec1 verify --trusted ca2cert.pem --trusted cacert.pem verify4-res.xml
+
+ xmlsec1 encrypt --deskey deskey.bin --binary-data binary.dat --output encrypt1.xml encrypt1-tmpl.xml
+ xmlsec1 decrypt --deskey deskey.bin encrypt1.xml
+ xmlsec1 decrypt --deskey deskey.bin encrypt1-res.xml
+ xmlsec1 decrypt --deskey deskey.bin encrypt2-res.xml
+ xmlsec1 decrypt --privkey rsakey.pem encrypt3-res.xml
+
diff --git a/examples/ca2cert.pem b/examples/ca2cert.pem
new file mode 100644
index 00000000..f978e960
--- /dev/null
+++ b/examples/ca2cert.pem
@@ -0,0 +1,64 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 12655831530416757421 (0xafa28bb933addaad)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), OU=Root CA, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Validity
+ Not Before: May 23 17:52:38 2014 GMT
+ Not After : Apr 29 17:52:38 2114 GMT
+ Subject: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (512 bit)
+ Modulus:
+ 00:b2:ba:f2:89:d8:2b:94:3c:3d:f7:82:13:ed:e1:
+ 0f:0c:8a:57:ac:1f:15:5b:6e:9c:8a:7e:66:9b:ad:
+ 85:69:0c:65:43:98:e2:8a:a7:7d:fb:a8:95:19:67:
+ de:4a:7f:09:57:6d:1d:a3:d3:3c:8a:58:99:af:47:
+ 15:31:f8:fb:13
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ FE:E4:EC:53:24:F0:95:95:C7:10:B5:E1:44:B5:5D:39:65:5A:E3:7E
+ X509v3 Authority Key Identifier:
+ keyid:06:B5:A4:AC:A7:AA:75:44:EA:15:9C:4F:DF:05:83:4F:6A:1E:FE:0B
+ DirName:/C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/OU=Root CA/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ serial:AF:A2:8B:B9:33:AD:DA:AC
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 6e:4c:05:ba:dc:08:16:aa:a5:03:3c:68:bc:06:25:db:74:a1:
+ e1:14:fe:09:f2:a8:24:76:fe:56:31:ae:92:a5:25:95:80:d8:
+ 0e:61:79:0a:fc:14:a0:d5:a4:a6:42:d1:af:f3:ff:14:bc:14:
+ 4f:a0:99:ce:e3:2d:0d:8d:65:05:7f:5b:9b:3a:05:0d:99:e7:
+ 58:34:ba:bb:61:b4:e9:f3:24:c6:59:ea:20:0b:23:36:c5:d5:
+ 84:2c:c3:fc:04:c8:10:2f:4b:0f:f8:c0:c0:14:c2:8e:de:2b:
+ 58:98:45:a7:08:4b:0f:d7:91:ca:49:39:ac:e7:84:4d:8f:ba:
+ 09:f8
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAzigAwIBAgIJAK+ii7kzrdqtMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEQMA4G
+A1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3
+DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMCAXDTE0MDUyMzE3NTIzOFoYDzIxMTQw
+NDI5MTc1MjM4WjCBnDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEx
+PTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtz
+ZXkuY29tL3htbHNlYykxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAfBgkqhkiG
+9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
+QQCyuvKJ2CuUPD33ghPt4Q8MilesHxVbbpyKfmabrYVpDGVDmOKKp337qJUZZ95K
+fwlXbR2j0zyKWJmvRxUx+PsTAgMBAAGjggFFMIIBQTAMBgNVHRMEBTADAQH/MCwG
+CWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNV
+HQ4EFgQU/uTsUyTwlZXHELXhRLVdOWVa434wgeMGA1UdIwSB2zCB2IAUBrWkrKeq
+dUTqFZxP3wWDT2oe/guhgbSkgbEwga4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpD
+YWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwgU2VjdXJpdHkgTGlicmFyeSAoaHR0cDov
+L3d3dy5hbGVrc2V5LmNvbS94bWxzZWMpMRAwDgYDVQQLEwdSb290IENBMRYwFAYD
+VQQDEw1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3Nl
+eS5jb22CCQCvoou5M63arDANBgkqhkiG9w0BAQUFAAOBgQBuTAW63AgWqqUDPGi8
+BiXbdKHhFP4J8qgkdv5WMa6SpSWVgNgOYXkK/BSg1aSmQtGv8/8UvBRPoJnO4y0N
+jWUFf1ubOgUNmedYNLq7YbTp8yTGWeogCyM2xdWELMP8BMgQL0sP+MDAFMKO3itY
+mEWnCEsP15HKSTms54RNj7oJ+A==
+-----END CERTIFICATE-----
diff --git a/examples/cacert.pem b/examples/cacert.pem
new file mode 100644
index 00000000..ebbbe698
--- /dev/null
+++ b/examples/cacert.pem
@@ -0,0 +1,67 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 12655831530416757420 (0xafa28bb933addaac)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), OU=Root CA, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Validity
+ Not Before: May 23 17:50:59 2014 GMT
+ Not After : Apr 29 17:50:59 2114 GMT
+ Subject: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), OU=Root CA, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:b5:8e:0c:08:d8:ff:aa:b3:b3:56:e7:b1:d4:10:
+ ff:3e:e0:98:4c:30:ce:2c:b5:63:b6:92:97:42:d7:
+ 90:3e:ac:b4:92:03:30:b9:08:11:c1:d3:67:20:22:
+ 07:41:b9:c5:28:be:34:5e:8c:80:08:95:56:28:ce:
+ db:d0:b9:2f:58:93:5e:c9:5c:d7:3e:a1:04:f5:93:
+ e6:37:15:86:52:35:5c:af:ba:68:c1:3e:ef:f1:5e:
+ d2:d9:07:e5:52:7a:fc:66:f4:78:5d:6c:24:64:9f:
+ 44:60:a3:61:7a:78:a3:80:9e:72:60:3a:d7:09:67:
+ 6f:0b:e7:e7:8c:18:ef:d8:b7
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 06:B5:A4:AC:A7:AA:75:44:EA:15:9C:4F:DF:05:83:4F:6A:1E:FE:0B
+ X509v3 Authority Key Identifier:
+ keyid:06:B5:A4:AC:A7:AA:75:44:EA:15:9C:4F:DF:05:83:4F:6A:1E:FE:0B
+ DirName:/C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/OU=Root CA/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ serial:AF:A2:8B:B9:33:AD:DA:AC
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 46:96:fc:e9:13:ff:72:4e:79:5f:e3:6e:9d:77:88:5f:cd:62:
+ ef:ad:db:8f:b6:75:54:9c:05:6c:0f:d0:7e:ea:73:c6:7a:89:
+ d8:83:ff:97:10:bc:63:12:77:06:9d:88:24:c2:3b:ac:2f:6b:
+ d2:9a:1a:e3:56:71:23:9a:c6:1e:2a:7d:ec:3a:60:b3:13:c5:
+ f6:59:11:52:62:81:05:08:e4:20:23:aa:d7:0f:f8:77:60:d1:
+ 22:70:68:a9:7b:6d:0f:ed:16:b2:a0:df:34:35:4a:fb:b9:12:
+ 13:4e:f2:b6:7d:d1:cc:70:a3:8f:48:2f:d0:f7:71:9a:e0:ac:
+ 47:f1
+-----BEGIN CERTIFICATE-----
+MIID9zCCA2CgAwIBAgIJAK+ii7kzrdqsMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEQMA4G
+A1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3
+DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMCAXDTE0MDUyMzE3NTA1OVoYDzIxMTQw
+NDI5MTc1MDU5WjCBrjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEx
+PTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtz
+ZXkuY29tL3htbHNlYykxEDAOBgNVBAsTB1Jvb3QgQ0ExFjAUBgNVBAMTDUFsZWtz
+ZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtY4MCNj/qrOzVuex1BD/PuCYTDDOLLVj
+tpKXQteQPqy0kgMwuQgRwdNnICIHQbnFKL40XoyACJVWKM7b0LkvWJNeyVzXPqEE
+9ZPmNxWGUjVcr7powT7v8V7S2QflUnr8ZvR4XWwkZJ9EYKNhenijgJ5yYDrXCWdv
+C+fnjBjv2LcCAwEAAaOCARcwggETMB0GA1UdDgQWBBQGtaSsp6p1ROoVnE/fBYNP
+ah7+CzCB4wYDVR0jBIHbMIHYgBQGtaSsp6p1ROoVnE/fBYNPah7+C6GBtKSBsTCB
+rjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhN
+TCBTZWN1cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNl
+YykxEDAOBgNVBAsTB1Jvb3QgQ0ExFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAf
+BgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbYIJAK+ii7kzrdqsMAwGA1Ud
+EwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEARpb86RP/ck55X+NunXeIX81i763b
+j7Z1VJwFbA/QfupzxnqJ2IP/lxC8YxJ3Bp2IJMI7rC9r0poa41ZxI5rGHip97Dpg
+sxPF9lkRUmKBBQjkICOq1w/4d2DRInBoqXttD+0WsqDfNDVK+7kSE07ytn3RzHCj
+j0gv0PdxmuCsR/E=
+-----END CERTIFICATE-----
diff --git a/examples/decrypt1.c b/examples/decrypt1.c
index 39ad1039..881eb947 100644
--- a/examples/decrypt1.c
+++ b/examples/decrypt1.c
@@ -13,7 +13,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -89,7 +89,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/decrypt2.c b/examples/decrypt2.c
index 49513e12..c07e988b 100644
--- a/examples/decrypt2.c
+++ b/examples/decrypt2.c
@@ -14,7 +14,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -92,7 +92,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/decrypt3.c b/examples/decrypt3.c
index 253920fb..a1371332 100644
--- a/examples/decrypt3.c
+++ b/examples/decrypt3.c
@@ -15,7 +15,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -94,7 +94,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/encrypt1.c b/examples/encrypt1.c
index fb4d103f..ef132482 100644
--- a/examples/encrypt1.c
+++ b/examples/encrypt1.c
@@ -15,7 +15,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -91,7 +91,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/encrypt2.c b/examples/encrypt2.c
index 4f1ad588..cda3447c 100644
--- a/examples/encrypt2.c
+++ b/examples/encrypt2.c
@@ -16,7 +16,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -92,7 +92,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/encrypt3-res.xml b/examples/encrypt3-res.xml
index bcf7439c..2fca87e7 100644
--- a/examples/encrypt3-res.xml
+++ b/examples/encrypt3-res.xml
@@ -1,27 +1,23 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
-XML Security Library example: XML doc file encrypted with a session DES key (encrypt3 example).
+XML Security Library example: Original XML doc file before encryption (encrypt3 example).
-->
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
-<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyName>rsakey.pem</KeyName>
</KeyInfo>
<CipherData>
-<CipherValue>IPiEu9Nv+EsGyvVeXO9nl5iZhhi+uzQH1I3/DTs3+eamBvioyaawRIlvTql7LYL5
-Mi91Qs8ozfW/fWZ8zB8AE2PosaX37SqiuEta68+65/Ed4v1rkGN0Awux8+gJqJmp
-c2kJhzAoQIAIGAW4nTGP9tl9QUHfwKh2KPA104vezk70ijvF7TrbTmhdfmULAuWK
-Tbsg8sXAPhGmPh5KckM2Xe387iPh4ue2+2TGdWqwXygVdvIUIbcIMq6F+/mWlcmf
-Gs5FVI7CTjaLmeyO4ho+FGmicmqH2hEkZW0a2ktDh4BU/MxYF6L7oayrVWDGp2IH
-dzQAwUT2qJcFjElO8xUz3g==</CipherValue>
+<CipherValue>QYYKljhcX20QyP20hYmq8CSES875oIdbrsjMOxnb0VnYDn01Jk00OIPpb9gdIdZg
+MLOtSy26mWrQ+XqfPGuyaA==</CipherValue>
</CipherData>
</EncryptedKey>
</KeyInfo>
<CipherData>
-<CipherValue>xrfPSA+BEI+8ca23RN34gtee5lOMx8Cn+ZGWyxitiktdZ1+XREH+57li63VutCwp
-s6ifbZgXIBsFdxPpMBUFlyTWAAO+NLooIwGoczXi14z62lHr7Ck6FA==</CipherValue>
+<CipherValue>+UiDv73SE8K8KwXuOmHLHK7N2hNWDakTAEu6NprbCdULC1w/LXT9FLtNRJetmwwO
+XpBqTY56AAMeMgpxPWN3SPO0ETeQw7pR+bp0IjUvcGlFSXz6yE1qgQ==</CipherValue>
</CipherData>
</EncryptedData>
diff --git a/examples/encrypt3.c b/examples/encrypt3.c
index aa9465a2..cf2882da 100644
--- a/examples/encrypt3.c
+++ b/examples/encrypt3.c
@@ -16,7 +16,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -94,7 +94,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/mywin32make.bat b/examples/mywin32make.bat
index a7d22803..b837a369 100644
--- a/examples/mywin32make.bat
+++ b/examples/mywin32make.bat
@@ -3,7 +3,7 @@ REM
REM This is my personal configuration file.
REM I am lazy to type all this crap again and again
REM You are welcome to customize this file for your
-REM needs but do not check it into the CVS, please.
+REM needs but do not check it into the GitHub, please.
REM
REM Aleksey Sanin <aleksey@aleksey.com>
REM
diff --git a/examples/rootcert.pem b/examples/rootcert.pem
deleted file mode 100644
index 38144d65..00000000
--- a/examples/rootcert.pem
+++ /dev/null
@@ -1,25 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEPDCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMCVVMx
-EzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVN1bm55dmFsZTE9MDsGA1UE
-ChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20v
-eG1sc2VjKTEZMBcGA1UECxMQUm9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxl
-a3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMB4X
-DTAyMDIwMjA4MDAzOFoXDTEyMDEzMTA4MDAzOFowgcsxCzAJBgNVBAYTAlVTMRMw
-EQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxPTA7BgNVBAoT
-NFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3ht
-bHNlYykxGTAXBgNVBAsTEFJvb3QgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtz
-ZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvSvv4RNOzsjL+FQEoMwkidOOjJQciB2x
-WxI1QPkwFVC5Z86BcQugOWVJ+4JVTtE2uDjFElNI9SMINhd+4GkxlK+TVHvSZfCT
-Ia/EichBfRfZcPjVnXH3pzFCC9JkbGOIFAzuhBcz+KvN8gntuumolN2/fBYCbFZX
-4otzgMd5Rm8CAwEAAaOCASwwggEoMB0GA1UdDgQWBBS0ue+a5pcOaGUemM76VQ2J
-BttMfDCB+AYDVR0jBIHwMIHtgBS0ue+a5pcOaGUemM76VQ2JBttMfKGB0aSBzjCB
-yzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVN1
-bm55dmFsZTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93
-d3cuYWxla3NleS5jb20veG1sc2VjKTEZMBcGA1UECxMQUm9vdCBDZXJ0aWZpY2F0
-ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2Vj
-QGFsZWtzZXkuY29tggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEA
-J/+WEipxRms7bdg0ORf+ipHNwgdvWDxaLeQqqKMSacHDFVZyKdurm4onypNI2w9K
-Gk6XKipJT67ew4QpVMgv5LAIoErMxIcVYu1tAfhjtNK5neF6X5v/r/cRQkdIYaaF
-BlnBUmHY6x83aiSMC2ASG2MKL8UDqF/y2/SlPuxmG50=
------END CERTIFICATE-----
diff --git a/examples/rsacert.pem b/examples/rsacert.pem
index 02489a43..1955e05d 100644
--- a/examples/rsacert.pem
+++ b/examples/rsacert.pem
@@ -1,83 +1,59 @@
Certificate:
Data:
Version: 3 (0x2)
- Serial Number: 5 (0x5)
- Signature Algorithm: md5WithRSAEncryption
- Issuer: C=US, ST=California, L=Sunnyvale, O=XML Security Library (http://www.aleksey.com/xmlsec), OU=Root Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Serial Number: 12655831530416757423 (0xafa28bb933addaaf)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
Validity
- Not Before: Mar 31 04:02:22 2003 GMT
- Not After : Mar 28 04:02:22 2013 GMT
- Subject: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), OU=Examples RSA Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Not Before: May 23 17:55:34 2014 GMT
+ Not After : Apr 29 17:55:34 2114 GMT
+ Subject: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), OU=Test Third Level RSA Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:97:b8:fe:b4:3f:83:35:78:16:89:04:ec:2b:61:
- 8c:bf:c4:5f:00:81:4a:45:e6:d9:cd:e9:e2:3c:97:
- 3b:45:ad:aa:e6:8d:0b:77:71:07:01:4f:7c:f9:7d:
- e2:19:aa:dd:91:59:f4:f1:cf:3d:ba:78:46:96:11:
- 9c:b6:5b:46:39:73:55:23:aa:f7:9e:00:5c:e5:e9:
- 49:ec:3b:9c:3f:84:99:3a:90:ad:df:7e:64:86:c6:
- 26:72:ce:31:08:79:7e:13:15:b8:e5:bf:d6:56:02:
- 8d:60:21:4c:27:18:64:fb:fb:55:70:f6:33:bd:2f:
- 55:70:d5:5e:7e:99:ae:a4:e0:aa:45:47:13:a8:30:
- d5:a0:8a:9d:cc:20:ec:e4:8e:51:c9:54:c5:7f:3e:
- 66:2d:74:bf:a3:7a:f8:f3:ec:94:57:39:b4:ac:00:
- 75:62:61:54:b4:d0:e0:52:86:f8:5e:77:ec:50:43:
- 9c:d2:ba:a7:8c:62:5a:bc:b2:fe:f3:cc:62:7e:23:
- 60:6b:c7:51:49:37:78:7e:25:15:30:ab:fa:b4:ae:
- 25:8f:22:fc:a3:48:7f:f2:0a:8a:6e:e0:fe:8d:f0:
- 01:ed:c6:33:cc:6b:a1:fd:a6:80:ef:06:8c:af:f6:
- 40:3a:8e:42:14:20:61:12:1f:e3:fc:05:b1:05:d5:
- 65:c3
+ Public-Key: (512 bit)
+ Modulus:
+ 00:d3:d0:6d:0f:76:9e:56:de:83:54:39:24:d1:d2:
+ 3b:56:1e:cb:8e:a7:67:b1:89:96:d2:d6:c3:57:1c:
+ 4a:fa:7b:a6:7b:e6:7d:49:be:33:9d:b5:0a:91:69:
+ 7e:be:04:00:4d:d4:54:13:28:53:d8:ff:86:aa:b7:
+ 74:50:1c:d8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
- CA:FALSE
+ CA:TRUE
Netscape Comment:
- OpenSSL Generated Certificate
+ OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
- 24:84:2C:F2:D4:59:20:62:8B:2E:5C:86:90:A3:AA:30:BA:27:1A:9C
+ D7:F4:C6:46:77:CE:37:04:23:AD:29:54:FB:B0:0E:A4:CC:43:28:19
X509v3 Authority Key Identifier:
- keyid:B4:B9:EF:9A:E6:97:0E:68:65:1E:98:CE:FA:55:0D:89:06:DB:4C:7C
- DirName:/C=US/ST=California/L=Sunnyvale/O=XML Security Library (http://www.aleksey.com/xmlsec)/OU=Root Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
- serial:00
+ keyid:FE:E4:EC:53:24:F0:95:95:C7:10:B5:E1:44:B5:5D:39:65:5A:E3:7E
+ DirName:/C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/OU=Root CA/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ serial:AF:A2:8B:B9:33:AD:DA:AD
- Signature Algorithm: md5WithRSAEncryption
- b5:3f:9b:32:31:4a:ff:2f:84:3b:a8:9b:11:5c:a6:5c:f0:76:
- 52:d9:6e:f4:90:ad:fa:0d:90:c1:98:d5:4a:12:dd:82:6b:37:
- e8:d9:2d:62:92:c9:61:37:98:86:8f:a4:49:6a:5e:25:d0:18:
- 69:30:0f:98:8f:43:58:89:31:b2:3b:05:e2:ef:c7:a6:71:5f:
- f7:fe:73:c5:a7:b2:cd:2e:73:53:71:7d:a8:4c:68:1a:32:1b:
- 5e:48:2f:8f:9b:7a:a3:b5:f3:67:e8:b1:a2:89:4e:b2:4d:1b:
- 79:9c:ff:f0:0d:19:4f:4e:b1:03:3d:99:f0:44:b7:8a:0b:34:
- 9d:83
+ Signature Algorithm: sha1WithRSAEncryption
+ 0e:5c:18:f4:c8:80:a9:d5:19:87:5e:a9:d4:96:ca:69:af:22:
+ c2:5b:7a:4a:04:3d:5d:91:be:07:59:aa:ce:ed:18:c0:d7:22:
+ 49:7c:18:d7:b2:ca:c4:46:7d:39:92:90:5c:ad:17:f3:a2:ee:
+ 2b:dc:30:a0:40:53:e1:8f:18:1a
-----BEGIN CERTIFICATE-----
-MIIE3zCCBEigAwIBAgIBBTANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMCVVMx
-EzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVN1bm55dmFsZTE9MDsGA1UE
-ChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20v
-eG1sc2VjKTEZMBcGA1UECxMQUm9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxl
-a3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMB4X
-DTAzMDMzMTA0MDIyMloXDTEzMDMyODA0MDIyMlowgb8xCzAJBgNVBAYTAlVTMRMw
-EQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwgU2VjdXJpdHkgTGlicmFy
-eSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94bWxzZWMpMSEwHwYDVQQLExhFeGFt
-cGxlcyBSU0EgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAf
-BgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAJe4/rQ/gzV4FokE7CthjL/EXwCBSkXm2c3p4jyXO0Wt
-quaNC3dxBwFPfPl94hmq3ZFZ9PHPPbp4RpYRnLZbRjlzVSOq954AXOXpSew7nD+E
-mTqQrd9+ZIbGJnLOMQh5fhMVuOW/1lYCjWAhTCcYZPv7VXD2M70vVXDVXn6ZrqTg
-qkVHE6gw1aCKncwg7OSOUclUxX8+Zi10v6N6+PPslFc5tKwAdWJhVLTQ4FKG+F53
-7FBDnNK6p4xiWryy/vPMYn4jYGvHUUk3eH4lFTCr+rSuJY8i/KNIf/IKim7g/o3w
-Ae3GM8xrof2mgO8GjK/2QDqOQhQgYRIf4/wFsQXVZcMCAwEAAaOCAVcwggFTMAkG
-A1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRp
-ZmljYXRlMB0GA1UdDgQWBBQkhCzy1FkgYosuXIaQo6owuicanDCB+AYDVR0jBIHw
-MIHtgBS0ue+a5pcOaGUemM76VQ2JBttMfKGB0aSBzjCByzELMAkGA1UEBhMCVVMx
-EzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVN1bm55dmFsZTE9MDsGA1UE
-ChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20v
-eG1sc2VjKTEZMBcGA1UECxMQUm9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxl
-a3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggEA
-MA0GCSqGSIb3DQEBBAUAA4GBALU/mzIxSv8vhDuomxFcplzwdlLZbvSQrfoNkMGY
-1UoS3YJrN+jZLWKSyWE3mIaPpElqXiXQGGkwD5iPQ1iJMbI7BeLvx6ZxX/f+c8Wn
-ss0uc1NxfahMaBoyG15IL4+beqO182fosaKJTrJNG3mc//ANGU9OsQM9mfBEt4oL
-NJ2D
+MIIDpzCCA1GgAwIBAgIJAK+ii7kzrdqvMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tMCAXDTE0MDUyMzE3NTUzNFoYDzIxMTQwNDI5MTc1NTM0WjCBxzELMAkG
+A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1
+cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAn
+BgNVBAsTIFRlc3QgVGhpcmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
+Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
+b20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEA09BtD3aeVt6DVDkk0dI7Vh7Ljqdn
+sYmW0tbDVxxK+nume+Z9Sb4znbUKkWl+vgQATdRUEyhT2P+Gqrd0UBzYfQIDAQAB
+o4IBRTCCAUEwDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBH
+ZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNf0xkZ3zjcEI60pVPuwDqTM
+QygZMIHjBgNVHSMEgdswgdiAFP7k7FMk8JWVxxC14US1XTllWuN+oYG0pIGxMIGu
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1M
+IFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2Vj
+KTEQMA4GA1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8G
+CSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkAr6KLuTOt2q0wDQYJKoZI
+hvcNAQEFBQADQQAOXBj0yICp1RmHXqnUlsppryLCW3pKBD1dkb4HWarO7RjA1yJJ
+fBjXssrERn05kpBcrRfzou4r3DCgQFPhjxga
-----END CERTIFICATE-----
diff --git a/examples/rsakey.pem b/examples/rsakey.pem
index 55d2fd9b..8ea653ff 100644
--- a/examples/rsakey.pem
+++ b/examples/rsakey.pem
@@ -1,27 +1,9 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAl7j+tD+DNXgWiQTsK2GMv8RfAIFKRebZzeniPJc7Ra2q5o0L
-d3EHAU98+X3iGardkVn08c89unhGlhGctltGOXNVI6r3ngBc5elJ7DucP4SZOpCt
-335khsYmcs4xCHl+ExW45b/WVgKNYCFMJxhk+/tVcPYzvS9VcNVefpmupOCqRUcT
-qDDVoIqdzCDs5I5RyVTFfz5mLXS/o3r48+yUVzm0rAB1YmFUtNDgUob4XnfsUEOc
-0rqnjGJavLL+88xifiNga8dRSTd4fiUVMKv6tK4ljyL8o0h/8gqKbuD+jfAB7cYz
-zGuh/aaA7waMr/ZAOo5CFCBhEh/j/AWxBdVlwwIDAQABAoIBAQCAvt6DnZF9gdW9
-l4vAlBqXb88d4phgELCp5tmviLUnP2NSGEWuqR7Eoeru2z9NgIxblvYfazh6Ty22
-kmNk6rcAcTnB9oYAcVZjUj8EUuEXlTFhXPvuNpafNu3RZd59znqJP1mSu+LpQWku
-NZMlabHnkTLDlGf7FXtvL9/rlgV4qk3QcDVF793JFszWrtK3mnld3KHQ6cuo9iSm
-0rQKtkDjeHsRell8qTQvfBsgG1q2bv8QWT45/eQrra9mMbGTr3DbnXvoeJmTj1VN
-XJV7tBNllxxPahlYMByJaf/Tuva5j6HWUEIfYky5ihr2z1P/fNQ2OSCM6SQHpkiG
-EXQDueXBAoGBAMfW7KcmToEQEcTiqfey6C1LOLoemcX0/ROUktPq/5JQJRRrT4t7
-XevLX0ed8sLyR5T29XQtdnuV0DJfvcJD+6ZwfOcQ+f6ZzCaNXJP97JtEt5kSWY01
-Ei+nphZ0RFvPb04V3qDU9dElU26GR36CRBYJyM2WQPx4v+/YyDSZH9kLAoGBAMJc
-ZBU8pRbIia/FFOHUlS3v5P18nVmXyOd0fvRq0ZelaQCebTZ4K9wjnCfw//yzkb2Z
-0vZFNB+xVBKB0Pt6nVvnSNzxdQ8EAXVFwHtXa25FUyP2RERQgTvmajqmgWjZsDYp
-6GHcK3ZhmdmscQHF/Q2Uo4scvBcheahm9IXiNskpAoGAXelEgTBhSAmTMCEMmti6
-fz6QQ/bJcNu2apMxhOE0hT+gjT34vaWV9481EWTKho5w0TJVGumaem1mz6VqeXaV
-Nhw6tiOmN91ysNNRpEJ6BGWAmjCjYNaF21s/k+HDlhmfRuTEIHSzqDuQP6pewrbY
-5Dpo4SQxGfRsznvjacRj0Q0CgYBN247oBvQnDUxCkhNMZ8kersOvW5T4x9neBge5
-R3UQZ12Jtu0O7dK8C7PJODyDcTeHmTAuIQjBTVrdUw1xP+v7XcoNX9hBnJws6zUw
-85MAiFrGxCcSqqEqaqHRPtQGOXXiLKV/ViA++tgTn4VhbXtyTkG5P1iFd45xjFSV
-sUm7CQKBgDn92tHxzePly1L1mK584TkVryx4cP9RFHpebnmNduGwwjnRuYipoj8y
-pPPAkVbbaA3f9OB2go48rN0Ft9nHdlqgh9BpIKCVtkIb1XN0K3Oa/8BW8W/GAiNG
-HJcsrOtIrGVRdlyJG6bDaN8T49DnhOcsqMbf+IkIvfh50VeE9L/e
+MIIBPAIBAAJBANPQbQ92nlbeg1Q5JNHSO1Yey46nZ7GJltLWw1ccSvp7pnvmfUm+
+M521CpFpfr4EAE3UVBMoU9j/hqq3dFAc2H0CAwEAAQJBALFVCjmsAZyQ5jqZLO5N
+qEfNuHZSSUol+xPBogFIOq3BWa269eNNcAK5or5g0XWWon7EPdyGT4qyDVH9KzXK
+RLECIQDzm/Nj0epUGN51/rKJgRXWkXW/nfSCMO9fvQR6Ujoq3wIhAN6WeHK9vgWg
+wBWqMdq5sR211+LlDH7rOUQ6rBpbsoQjAiEA7jzpfglgPPZFOOfo+oh/LuP6X3a+
+FER/FQXpRyb7M8kCIETUrwZ8WkiPPxbz/Fqw1W5kjw/g2I5e2uSYaCP2eyuVAiEA
+mOI6RhRyMqgxQyy0plJVjG1s4fdu92AWYy9AwYeyd/8=
-----END RSA PRIVATE KEY-----
diff --git a/examples/rsapub.pem b/examples/rsapub.pem
index 838a346d..88b4ad60 100644
--- a/examples/rsapub.pem
+++ b/examples/rsapub.pem
@@ -1,9 +1,4 @@
-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7j+tD+DNXgWiQTsK2GM
-v8RfAIFKRebZzeniPJc7Ra2q5o0Ld3EHAU98+X3iGardkVn08c89unhGlhGctltG
-OXNVI6r3ngBc5elJ7DucP4SZOpCt335khsYmcs4xCHl+ExW45b/WVgKNYCFMJxhk
-+/tVcPYzvS9VcNVefpmupOCqRUcTqDDVoIqdzCDs5I5RyVTFfz5mLXS/o3r48+yU
-Vzm0rAB1YmFUtNDgUob4XnfsUEOc0rqnjGJavLL+88xifiNga8dRSTd4fiUVMKv6
-tK4ljyL8o0h/8gqKbuD+jfAB7cYzzGuh/aaA7waMr/ZAOo5CFCBhEh/j/AWxBdVl
-wwIDAQAB
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANPQbQ92nlbeg1Q5JNHSO1Yey46nZ7GJ
+ltLWw1ccSvp7pnvmfUm+M521CpFpfr4EAE3UVBMoU9j/hqq3dFAc2H0CAwEAAQ==
-----END PUBLIC KEY-----
diff --git a/examples/sign1-res.xml b/examples/sign1-res.xml
index 04d8fed0..2ea2b6b7 100644
--- a/examples/sign1-res.xml
+++ b/examples/sign1-res.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
-XML Security Library example: Signed file (sign1 example).
+XML Security Library example: Simple signature template file for sign1 example.
-->
<Envelope xmlns="urn:envelope">
<Data>
@@ -18,12 +18,8 @@ XML Security Library example: Signed file (sign1 example).
<DigestValue>9H/rQr2Axe9hYTV2n/tCp+3UIQQ=</DigestValue>
</Reference>
</SignedInfo>
- <SignatureValue>Mx4psIy9/UY+u8QBJRDrwQWKRaCGz0WOVftyDzAe6WHAFSjMNr7qb2ojq9kdipT8
-Oub5q2OQ7mzdSLiiejkrO1VeqM/90yEIGI4En6KEB6ArEzw+iq4N1wm6EptcyxXx
-M9StAOOa9ilWYqR9Tfx3SW1urUIuKYgUitxsONiUHBVaW6HeX51bsXoTF++4ZI+D
-jiPBjN4HHmr0cbJ6BXk91S27ffZIfp1Qj5nL9onFLUGbR6EFgu2luiRzQbPuM2tP
-XxyI7GZ8AfHnRJK28ARvBC9oi+O1ej20S79CIV7gdBxbLbFprozBHAwOEC57YgJc
-x+YEjSjcO7SBIR1FiUA7pw==</SignatureValue>
+ <SignatureValue>fDKK0so/zFcmmq2X+BaVFmS0t8KB7tyW53YN6n221OArzGCs4OyWsAjj/BUR+wNF
+elOnt4fo2gPK1a3IVEhMGg==</SignatureValue>
<KeyInfo>
<KeyName>rsakey.pem</KeyName>
</KeyInfo>
diff --git a/examples/sign1.c b/examples/sign1.c
index e545843f..050211cc 100644
--- a/examples/sign1.c
+++ b/examples/sign1.c
@@ -15,7 +15,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -90,7 +90,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/sign2-res.xml b/examples/sign2-res.xml
index b37cad94..20eca909 100644
--- a/examples/sign2-res.xml
+++ b/examples/sign2-res.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
-XML Security Library example: Signed XML doc file (sign2 example).
+XML Security Library example: Original XML doc file for sign2 example.
-->
<Envelope xmlns="urn:envelope">
<Data>
@@ -18,12 +18,8 @@ XML Security Library example: Signed XML doc file (sign2 example).
<DigestValue>HjY8ilZAIEM2tBbPn5mYO1ieIX4=</DigestValue>
</Reference>
</SignedInfo>
-<SignatureValue>SIaj/6KY3C1SmDXU2++Gm31U1xTadFp04WhBgfsJFbxrL+q7GKSKN9kfQ+UpN9+i
-D5fWmuavXEHe4Gw6RMaMEkq2URQo7F68+d5J/ajq8/l4n+xE6/reGScVwT6L4dEP
-XXVJcAi2ZnQ3O7GTNvNGCPibL9mUcyCWBFZ92Uemtc/vJFCQ7ZyKMdMfACgxOwyN
-T/9971oog241/2doudhonc0I/3mgPYWkZdX6yvr62mEjnG+oUZkhWYJ4ewZJ4hM4
-JjbFqZO+OEzDRSbw3DkmuBA/mtlx+3t13SESfEub5hqoMdVmtth/eTb64dsPdl9r
-3k1ACVX9f8aHfQQdJOmLFQ==</SignatureValue>
+<SignatureValue>GnYgZdzPeXd/gPTJmQ506qmxWkd3VK1Y23kh5Qpq8y4LMNY+LJJeCWK5wpo/vufR
+nIH/KUqvIvtk9nb2IjF5Uw==</SignatureValue>
<KeyInfo>
<KeyName>rsakey.pem</KeyName>
</KeyInfo>
diff --git a/examples/sign2.c b/examples/sign2.c
index 146bbbaa..2e05dfae 100644
--- a/examples/sign2.c
+++ b/examples/sign2.c
@@ -17,7 +17,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -93,7 +93,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/sign3-res.xml b/examples/sign3-res.xml
index 847e1af2..4b9ccd03 100644
--- a/examples/sign3-res.xml
+++ b/examples/sign3-res.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
-XML Security Library example: Signed XML doc file (sign3 example).
+XML Security Library example: Original XML doc file for sign3 example.
-->
<Envelope xmlns="urn:envelope">
<Data>
@@ -18,41 +18,30 @@ XML Security Library example: Signed XML doc file (sign3 example).
<DigestValue>HjY8ilZAIEM2tBbPn5mYO1ieIX4=</DigestValue>
</Reference>
</SignedInfo>
-<SignatureValue>SIaj/6KY3C1SmDXU2++Gm31U1xTadFp04WhBgfsJFbxrL+q7GKSKN9kfQ+UpN9+i
-D5fWmuavXEHe4Gw6RMaMEkq2URQo7F68+d5J/ajq8/l4n+xE6/reGScVwT6L4dEP
-XXVJcAi2ZnQ3O7GTNvNGCPibL9mUcyCWBFZ92Uemtc/vJFCQ7ZyKMdMfACgxOwyN
-T/9971oog241/2doudhonc0I/3mgPYWkZdX6yvr62mEjnG+oUZkhWYJ4ewZJ4hM4
-JjbFqZO+OEzDRSbw3DkmuBA/mtlx+3t13SESfEub5hqoMdVmtth/eTb64dsPdl9r
-3k1ACVX9f8aHfQQdJOmLFQ==</SignatureValue>
+<SignatureValue>GnYgZdzPeXd/gPTJmQ506qmxWkd3VK1Y23kh5Qpq8y4LMNY+LJJeCWK5wpo/vufR
+nIH/KUqvIvtk9nb2IjF5Uw==</SignatureValue>
<KeyInfo>
<X509Data>
-<X509Certificate>MIIE3zCCBEigAwIBAgIBBTANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMCVVMx
-EzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVN1bm55dmFsZTE9MDsGA1UE
-ChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20v
-eG1sc2VjKTEZMBcGA1UECxMQUm9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxl
-a3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMB4X
-DTAzMDMzMTA0MDIyMloXDTEzMDMyODA0MDIyMlowgb8xCzAJBgNVBAYTAlVTMRMw
-EQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwgU2VjdXJpdHkgTGlicmFy
-eSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94bWxzZWMpMSEwHwYDVQQLExhFeGFt
-cGxlcyBSU0EgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAf
-BgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAJe4/rQ/gzV4FokE7CthjL/EXwCBSkXm2c3p4jyXO0Wt
-quaNC3dxBwFPfPl94hmq3ZFZ9PHPPbp4RpYRnLZbRjlzVSOq954AXOXpSew7nD+E
-mTqQrd9+ZIbGJnLOMQh5fhMVuOW/1lYCjWAhTCcYZPv7VXD2M70vVXDVXn6ZrqTg
-qkVHE6gw1aCKncwg7OSOUclUxX8+Zi10v6N6+PPslFc5tKwAdWJhVLTQ4FKG+F53
-7FBDnNK6p4xiWryy/vPMYn4jYGvHUUk3eH4lFTCr+rSuJY8i/KNIf/IKim7g/o3w
-Ae3GM8xrof2mgO8GjK/2QDqOQhQgYRIf4/wFsQXVZcMCAwEAAaOCAVcwggFTMAkG
-A1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRp
-ZmljYXRlMB0GA1UdDgQWBBQkhCzy1FkgYosuXIaQo6owuicanDCB+AYDVR0jBIHw
-MIHtgBS0ue+a5pcOaGUemM76VQ2JBttMfKGB0aSBzjCByzELMAkGA1UEBhMCVVMx
-EzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVN1bm55dmFsZTE9MDsGA1UE
-ChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20v
-eG1sc2VjKTEZMBcGA1UECxMQUm9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxl
-a3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggEA
-MA0GCSqGSIb3DQEBBAUAA4GBALU/mzIxSv8vhDuomxFcplzwdlLZbvSQrfoNkMGY
-1UoS3YJrN+jZLWKSyWE3mIaPpElqXiXQGGkwD5iPQ1iJMbI7BeLvx6ZxX/f+c8Wn
-ss0uc1NxfahMaBoyG15IL4+beqO182fosaKJTrJNG3mc//ANGU9OsQM9mfBEt4oL
-NJ2D</X509Certificate>
+<X509Certificate>MIIDpzCCA1GgAwIBAgIJAK+ii7kzrdqvMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tMCAXDTE0MDUyMzE3NTUzNFoYDzIxMTQwNDI5MTc1NTM0WjCBxzELMAkG
+A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1
+cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAn
+BgNVBAsTIFRlc3QgVGhpcmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
+Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
+b20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEA09BtD3aeVt6DVDkk0dI7Vh7Ljqdn
+sYmW0tbDVxxK+nume+Z9Sb4znbUKkWl+vgQATdRUEyhT2P+Gqrd0UBzYfQIDAQAB
+o4IBRTCCAUEwDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBH
+ZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNf0xkZ3zjcEI60pVPuwDqTM
+QygZMIHjBgNVHSMEgdswgdiAFP7k7FMk8JWVxxC14US1XTllWuN+oYG0pIGxMIGu
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1M
+IFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2Vj
+KTEQMA4GA1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8G
+CSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkAr6KLuTOt2q0wDQYJKoZI
+hvcNAQEFBQADQQAOXBj0yICp1RmHXqnUlsppryLCW3pKBD1dkb4HWarO7RjA1yJJ
+fBjXssrERn05kpBcrRfzou4r3DCgQFPhjxga</X509Certificate>
</X509Data>
</KeyInfo>
</Signature></Envelope>
diff --git a/examples/sign3.c b/examples/sign3.c
index 9d16cf72..847daa09 100644
--- a/examples/sign3.c
+++ b/examples/sign3.c
@@ -16,12 +16,12 @@
* ./sign3 sign3-doc.xml rsakey.pem rsacert.pem > sign3-res.xml
*
* The result signature could be validated using verify3 example:
- * ./verify3 sign3-res.xml rootcert.pem
+ * ./verify3 sign3-res.xml ca2cert.pem cacert.pem
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -97,7 +97,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/verify1.c b/examples/verify1.c
index 04917e5a..182da2d0 100644
--- a/examples/verify1.c
+++ b/examples/verify1.c
@@ -13,7 +13,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -88,7 +88,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/verify2.c b/examples/verify2.c
index 36fde2d3..f7a84768 100644
--- a/examples/verify2.c
+++ b/examples/verify2.c
@@ -13,7 +13,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -91,7 +91,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/verify3.c b/examples/verify3.c
index 5f0666bb..7f80bb56 100644
--- a/examples/verify3.c
+++ b/examples/verify3.c
@@ -10,12 +10,12 @@
* verify3 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]]
*
* Example:
- * ./verify3 sign3-res.xml rootcert.pem
+ * ./verify3 sign3-res.xml ca2cert.pem cacert.pem
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -92,7 +92,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/verify4-res.xml b/examples/verify4-res.xml
index 7abe539f..04d7196b 100644
--- a/examples/verify4-res.xml
+++ b/examples/verify4-res.xml
@@ -2,7 +2,7 @@
<!--
XML Security Library example: A simple SAML response template (verify4 example).
-This file was signed using the following command (replace __ with double dashes):
+Sign it using the following command (replace __ with double dashes):
../apps/xmlsec sign __privkey rsakey.pem,rsacert.pem __output verify4-res.xml verify4-tmpl.xml
-->
@@ -19,41 +19,30 @@ This file was signed using the following command (replace __ with double dashes)
<dsig:DigestValue>t1nvDq1bZXEhBIXc/DHcqIrjRyI=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
- <dsig:SignatureValue>EsNm7mOj9XY6pq1bfeuzFd1F/LQwbc1K/YgOYgrElk4tr8BhSd5OcrzXBgsivPvm
-HpjvSOBkjctGOFVE7x+6+G8TMudTja1IchEmGMh+pjMBlGNpvxSTedwtnoZBGWAz
-RlfRhRFThskup0T7Or+VBHYygPGM3gmwX0ZWVYpNzM/rfYSk7+obgIp9DxLDIXlW
-oLrJGVivubE+T63CPfBPaUIv1CbfBAzdo+11+8CiVsdWn2qwtGe5Fsmc3eCg06Oj
-sl1nyCIu3AONq1w8jIPOgmITF8PpwDm0+XoQUH0P4kHJqNLphnJZY+GlPAC6VlAW
-2bcAFr4Ul5yzHUBpxCDZfg==</dsig:SignatureValue>
+ <dsig:SignatureValue>cj28Qr33wTqwHJzpI+7Mth7HUTr9MKACSH4x/1/AO64FEGiQRoOBB8XuUHZ8tzkP
+Azy8FwoZE/Jv5d/0N3ru4Q==</dsig:SignatureValue>
<dsig:KeyInfo>
<dsig:X509Data>
-<X509Certificate xmlns="http://www.w3.org/2000/09/xmldsig#">MIIE3zCCBEigAwIBAgIBBTANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMCVVMx
-EzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVN1bm55dmFsZTE9MDsGA1UE
-ChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20v
-eG1sc2VjKTEZMBcGA1UECxMQUm9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxl
-a3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMB4X
-DTAzMDMzMTA0MDIyMloXDTEzMDMyODA0MDIyMlowgb8xCzAJBgNVBAYTAlVTMRMw
-EQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwgU2VjdXJpdHkgTGlicmFy
-eSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94bWxzZWMpMSEwHwYDVQQLExhFeGFt
-cGxlcyBSU0EgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4xITAf
-BgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAJe4/rQ/gzV4FokE7CthjL/EXwCBSkXm2c3p4jyXO0Wt
-quaNC3dxBwFPfPl94hmq3ZFZ9PHPPbp4RpYRnLZbRjlzVSOq954AXOXpSew7nD+E
-mTqQrd9+ZIbGJnLOMQh5fhMVuOW/1lYCjWAhTCcYZPv7VXD2M70vVXDVXn6ZrqTg
-qkVHE6gw1aCKncwg7OSOUclUxX8+Zi10v6N6+PPslFc5tKwAdWJhVLTQ4FKG+F53
-7FBDnNK6p4xiWryy/vPMYn4jYGvHUUk3eH4lFTCr+rSuJY8i/KNIf/IKim7g/o3w
-Ae3GM8xrof2mgO8GjK/2QDqOQhQgYRIf4/wFsQXVZcMCAwEAAaOCAVcwggFTMAkG
-A1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRp
-ZmljYXRlMB0GA1UdDgQWBBQkhCzy1FkgYosuXIaQo6owuicanDCB+AYDVR0jBIHw
-MIHtgBS0ue+a5pcOaGUemM76VQ2JBttMfKGB0aSBzjCByzELMAkGA1UEBhMCVVMx
-EzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVN1bm55dmFsZTE9MDsGA1UE
-ChM0WE1MIFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20v
-eG1sc2VjKTEZMBcGA1UECxMQUm9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxl
-a3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggEA
-MA0GCSqGSIb3DQEBBAUAA4GBALU/mzIxSv8vhDuomxFcplzwdlLZbvSQrfoNkMGY
-1UoS3YJrN+jZLWKSyWE3mIaPpElqXiXQGGkwD5iPQ1iJMbI7BeLvx6ZxX/f+c8Wn
-ss0uc1NxfahMaBoyG15IL4+beqO182fosaKJTrJNG3mc//ANGU9OsQM9mfBEt4oL
-NJ2D</X509Certificate>
+<dsig:X509Certificate>MIIDpzCCA1GgAwIBAgIJAK+ii7kzrdqvMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEWMBQG
+A1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtz
+ZXkuY29tMCAXDTE0MDUyMzE3NTUzNFoYDzIxMTQwNDI5MTc1NTM0WjCBxzELMAkG
+A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1
+cml0eSBMaWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAn
+BgNVBAsTIFRlc3QgVGhpcmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
+Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
+b20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEA09BtD3aeVt6DVDkk0dI7Vh7Ljqdn
+sYmW0tbDVxxK+nume+Z9Sb4znbUKkWl+vgQATdRUEyhT2P+Gqrd0UBzYfQIDAQAB
+o4IBRTCCAUEwDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBH
+ZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNf0xkZ3zjcEI60pVPuwDqTM
+QygZMIHjBgNVHSMEgdswgdiAFP7k7FMk8JWVxxC14US1XTllWuN+oYG0pIGxMIGu
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1M
+IFNlY3VyaXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2Vj
+KTEQMA4GA1UECxMHUm9vdCBDQTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8G
+CSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkAr6KLuTOt2q0wDQYJKoZI
+hvcNAQEFBQADQQAOXBj0yICp1RmHXqnUlsppryLCW3pKBD1dkb4HWarO7RjA1yJJ
+fBjXssrERn05kpBcrRfzou4r3DCgQFPhjxga</dsig:X509Certificate>
</dsig:X509Data>
</dsig:KeyInfo>
</dsig:Signature>
diff --git a/examples/verify4.c b/examples/verify4.c
index f55f58c5..e438d748 100644
--- a/examples/verify4.c
+++ b/examples/verify4.c
@@ -13,17 +13,17 @@
* verify4 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]]
*
* Example (sucecess):
- * ./verify4 verify4-res.xml rootcert.pem
+ * ./verify4 verify4-res.xml ca2cert.pem cacert.pem
*
* Example (failure):
- * ./verify4 verify4-bad-res.xml rootcert.pem
+ * ./verify4 verify4-bad-res.xml ca2cert.pem cacert.pem
* In the same time, verify3 example successfuly verifies this signature:
- * ./verify3 verify4-bad-res.xml rootcert.pem
+ * ./verify3 verify4-bad-res.xml ca2cert.pem cacert.pem
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -100,7 +100,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
diff --git a/examples/xkms-server.c b/examples/xkms-server.c
deleted file mode 100644
index 188d5c73..00000000
--- a/examples/xkms-server.c
+++ /dev/null
@@ -1,839 +0,0 @@
-/**
- * XML Security Library example: simple XKMS server
- *
- * Starts XKMS server on specified port.
- *
- * Usage:
- * ./xkms-server [--port <port>] [--format plain|soap-1.1|soap-1.2] <keys-file>
- *
- * Example:
- * ./xkms-server --port 8080 --format soap-1.1 keys.xml
- *
- * This is free software; see Copyright file in the source
- * distribution for preciese wording.
- *
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
- */
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <assert.h>
-#include <errno.h>
-
-#ifdef XMLSEC_NO_XKMS
-
-int main(int argc, char** argv) {
- fprintf(stderr, "ERROR: XKMS is disabled.\n");
- return 1;
-}
-
-#else /* XMLSEC_NO_XKMS */
-
-#include <libxml/tree.h>
-#include <libxml/xmlmemory.h>
-#include <libxml/parser.h>
-
-#ifndef XMLSEC_NO_XSLT
-#include <libxslt/xslt.h>
-#include <libxslt/security.h>
-#endif /* XMLSEC_NO_XSLT */
-
-#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
-#include <xmlsec/buffer.h>
-#include <xmlsec/xkms.h>
-#include <xmlsec/crypto.h>
-
-#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
-#include <xmlsec/app.h>
-#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
-
-#ifdef UNIX_SOCKETS
-#include <netinet/in.h>
-#include <sys/socket.h>
-#include <arpa/inet.h>
-#include <netinet/tcp.h>
-#include <netdb.h>
-#include <fcntl.h>
-#include <signal.h>
-#else /* UNIX_SOCKETS */
-#ifdef WIN32_SOCKETS
-#include <windows.h>
-#include <winsock.h>
-#else /* WIN32_SOCKETS */
-#error "Your operating system is not supported"
-#endif /* WIN32_SOCKETS */
-#endif /* UNIX_SOCKETS */
-
-#define DEFAULT_PORT 1234
-#define PENDING_QUEUE_SIZE 100
-
-#define LOG_LEVEL_SILENT 0
-#define LOG_LEVEL_INFO 1
-#define LOG_LEVEL_DATA 2
-#define LOG_LEVEL_DEBUG 3
-
-#ifdef UNIX_SOCKETS
-static int sockfd = -1;
-#endif /* UNIX_SOCKETS */
-
-#ifdef WIN32_SOCKETS
-static SOCKET sockfd = -1;
-#endif /* WIN32_SOCKETS */
-
-static int finished = 0;
-static int log_level = LOG_LEVEL_INFO;
-
-static int init_server(unsigned short port);
-static void stop_server();
-static void int_signal_handler(int sig_num);
-static const xmlChar* my_strnstr(const xmlChar* str, xmlSecSize strLen, const xmlChar* tmpl, xmlSecSize tmplLen);
-
-static int handle_connection(int fd, xmlSecXkmsServerCtxPtr xkmsCtx, xmlSecXkmsServerFormat format);
-static int read_request(int fd, const char* in_ip, xmlSecBufferPtr buffer);
-static int send_response(int fd, const char* in_ip, int resp_code,
- const char* body, int body_size);
-
-static char usage[] = "[--port <port>] [--format plain|soap-1.1|soap-1.2] <keys-file>";
-static char http_header[] =
- "HTTP/1.0 %d\n"
- "Server: XML Security Library: Simple XKMS Server/1.0\n"
- "Content-length: %d\n"
- "\n";
-static char http_503[] =
- "Error 503 - Service Unavailable\n";
-
-int main(int argc, char** argv) {
- int argpos;
- unsigned short port = DEFAULT_PORT;
-#ifndef XMLSEC_NO_XSLT
- xsltSecurityPrefsPtr xsltSecPrefs = NULL;
-#endif /* XMLSEC_NO_XSLT */
- xmlSecKeysMngrPtr mngr = NULL;
- xmlSecXkmsServerCtxPtr xkmsCtx = NULL;
- xmlSecXkmsServerFormat format = xmlSecXkmsServerFormatPlain;
- int ret;
-
- fprintf(stdout, "Log: server is starting up\n");
-
- /* Init libxml and libxslt libraries */
- xmlInitParser();
- LIBXML_TEST_VERSION
- xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
- xmlSubstituteEntitiesDefault(1);
-#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
-#endif /* XMLSEC_NO_XSLT */
-
- /* Init libxslt */
-#ifndef XMLSEC_NO_XSLT
- /* disable everything */
- xsltSecPrefs = xsltNewSecurityPrefs();
- xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid);
- xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid);
- xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
- xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid);
- xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid);
- xsltSetDefaultSecurityPrefs(xsltSecPrefs);
-#endif /* XMLSEC_NO_XSLT */
-
- /* Init xmlsec library */
- if(xmlSecInit() < 0) {
- fprintf(stderr, "Error %d: xmlsec initialization failed.\n", errno);
- return(-1);
- }
-
- /* Check loaded library version */
- if(xmlSecCheckVersion() != 1) {
- fprintf(stderr, "Error %d: loaded xmlsec library version is not compatible.\n", errno);
- return(-1);
- }
-
- /* Load default crypto engine if we are supporting dynamic
- * loading for xmlsec-crypto libraries. Use the crypto library
- * name ("openssl", "nss", etc.) to load corresponding
- * xmlsec-crypto library.
- */
-#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
- fprintf(stderr, "Error %d: unable to load default xmlsec-crypto library. Make sure\n"
- "that you have it installed and check shared libraries path\n"
- "(LD_LIBRARY_PATH) envornment variable.\n", errno);
- return(-1);
- }
-#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
-
- /* Init crypto library */
- if(xmlSecCryptoAppInit(NULL) < 0) {
- fprintf(stderr, "Error %d: crypto initialization failed.\n", errno);
- return(-1);
- }
-
- /* Init xmlsec-crypto library */
- if(xmlSecCryptoInit() < 0) {
- fprintf(stderr, "Error %d: xmlsec-crypto initialization failed.\n", errno);
- return(-1);
- }
-
- /* Create and initialize keys manager */
- mngr = xmlSecKeysMngrCreate();
- if(mngr == NULL) {
- fprintf(stderr, "Error %d: failed to create keys manager.\n", errno);
- goto done;
- }
- if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) {
- fprintf(stderr, "Error %d: failed to initialize keys manager.\n", errno);
- goto done;
- }
-
- /* Create XKMS server context */
- xkmsCtx = xmlSecXkmsServerCtxCreate(mngr);
- if(xkmsCtx == NULL) {
- fprintf(stderr, "Error %d: XKMS server context initialization failed\n", errno);
- goto done;
- }
-
- /* Process input parameters */
- for(argpos = 1; (argpos < argc) && (argv[argpos][0] == '-'); argpos++) {
- if((strcmp(argv[argpos], "--port") == 0) || (strcmp(argv[argpos], "-p") == 0)) {
- argpos++;
- port = atoi(argv[argpos]);
- if(port == 0) {
- fprintf(stderr, "Error %d: invalid port number \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
- goto done;
- }
- } else if((strcmp(argv[argpos], "--format") == 0) || (strcmp(argv[argpos], "-f") == 0)) {
- argpos++;
- format = xmlSecXkmsServerFormatFromString(BAD_CAST argv[argpos]);
- if(format == xmlSecXkmsServerFormatUnknown) {
- fprintf(stderr, "Error %d: invalid format \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
- goto done;
- }
- } else if((strcmp(argv[argpos], "--log-level") == 0) || (strcmp(argv[argpos], "-l") == 0)) {
- argpos++;
- log_level = atoi(argv[argpos]);
- } else {
- fprintf(stderr, "Error %d: unknown parameter \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
- goto done;
- }
- }
- if(argpos >= argc) {
- fprintf(stderr, "Error %d: keys file is not specified.\nUsage: %s %s\n", errno, argv[0], usage);
- goto done;
- }
-
- /* Load keys */
- for(; argpos < argc; argpos++) {
- if(xmlSecCryptoAppDefaultKeysMngrLoad(mngr, argv[argpos]) < 0) {
- fprintf(stderr, "Error %d: failed to load xml keys file \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
- goto done;
- }
- if(log_level >= LOG_LEVEL_INFO) {
- fprintf(stdout, "Log: loaded keys from \"%s\"\n", argv[argpos]);
- }
- }
-
- /* Startup TCP server */
- if(init_server(port) < 0) {
- fprintf(stderr, "Error, errno: server initialization failed\n", errno);
- goto done;
- }
- assert(sockfd != -1);
-
- /* main loop: accept connections and process requests */
- while(finished == 0) {
- fd_set fds;
- struct timeval timeout;
-
- /* Set up polling using select() */
- FD_ZERO(&fds);
- FD_SET(sockfd, &fds);
- memset(&timeout, 0, sizeof(timeout));
- timeout.tv_sec = 1;
- ret = select(sockfd + 1, &fds, NULL, NULL, &timeout);
- if((ret <= 0) || !FD_ISSET(sockfd, &fds)) {
- /* error, timed out or not our socket: try again */
- continue;
- }
-
- if(handle_connection(sockfd, xkmsCtx, format) < 0) {
- fprintf(stderr, "Error %d: unable to accept incomming connection\n");
- goto done;
- }
- }
-
-done:
- if(log_level >= LOG_LEVEL_INFO) {
- fprintf(stdout, "Log: server is shutting down\n");
- }
-
- /* Shutdown TCP server */
- stop_server();
-
- /* Destroy xkms server context */
- if(xkmsCtx != NULL) {
- xmlSecXkmsServerCtxDestroy(xkmsCtx);
- xkmsCtx = NULL;
- }
-
- /* Destroy keys manager */
- if(mngr != NULL) {
- xmlSecKeysMngrDestroy(mngr);
- mngr = NULL;
- }
-
- /* Shutdown xmlsec-crypto library */
- xmlSecCryptoShutdown();
-
- /* Shutdown crypto library */
- xmlSecCryptoAppShutdown();
-
- /* Shutdown xmlsec library */
- xmlSecShutdown();
-
- /* Shutdown libxslt/libxml */
-#ifndef XMLSEC_NO_XSLT
- xsltFreeSecurityPrefs(xsltSecPrefs);
- xsltCleanupGlobals();
-#endif /* XMLSEC_NO_XSLT */
- xmlCleanupParser();
-
- fprintf(stdout, "Log: server is down, bye!\n");
- return(0);
-}
-
-/**
- * init_server:
- * @port: the server'xmlSecBufferGetData(buffer) TCP port number.
- *
- * Starts up a TCP server listening on given @port.
- *
- * Returns 0 on success or a negative value if an error occurs.
- */
-static int
-init_server(unsigned short port) {
-#ifdef WIN32_SOCKETS
- WSADATA data;
-#endif /* WIN32_SOCKETS */
- struct sockaddr_in saddr;
- int flags;
-
-#ifdef WIN32_SOCKETS
- if(WSAStartup(MAKEWORD(1,1), &data)) {
- fprintf(stderr, "Error %d: WSAStartup() failed\n", errno);
- return(-1);
- }
-#endif /* WIN32_SOCKETS */
-
- /* create socket */
- sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
-#ifdef UNIX_SOCKETS
- if(sockfd == -1) {
-#endif /* UNIX_SOCKETS */
-
-#ifdef WIN32_SOCKETS
- if(sockfd == INVALID_SOCKET) {
-#endif /* WIN32_SOCKETS */
-
- fprintf(stderr, "Error %d: socket() failed\n", errno);
- return(-1);
- }
-
- /* enable reuse of address */
- flags = 1;
- if(setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, (char *)&flags, sizeof(flags)) != 0) {
- fprintf(stderr, "Error %d: setsockopt(SO_REUSEADDR) failed\n", errno);
- return(-1);
- }
-
-#ifdef UNIX_SOCKETS
- /* set non-blocking */
- flags = fcntl(sockfd, F_GETFL);
- if(flags < 0) {
- fprintf(stderr, "Error %d: fcntl(F_GETFL) failed\n", errno);
- return(-1);
- }
- if(fcntl(sockfd, F_SETFL, flags | O_NONBLOCK) < 0) {
- fprintf(stderr, "Error %d: fcntl(F_SETFL) failed\n", errno);
- return(-1);
- }
-#endif /* UNIX_SOCKETS */
-
- /* preset socket structure for socket binding */
- memset(&saddr, 0, sizeof(saddr));
- saddr.sin_family = AF_INET;
- saddr.sin_port = htons(port);
- saddr.sin_addr.s_addr = INADDR_ANY;
- if(bind(sockfd, (struct sockaddr *)&saddr, sizeof(struct sockaddr)) != 0) {
- fprintf(stderr, "Error %d: bind() failed\n", errno);
- return(-1);
- }
-
- /* prepare for listening */
- if(listen(sockfd, PENDING_QUEUE_SIZE) != 0) {
- fprintf(stderr, "Error %d: listen() failed\n", errno);
- return(-1);
- }
-
-#ifdef UNIX_SOCKETS
- /* setup SIGINT handler that will stop the server */
- signal(SIGINT, int_signal_handler);
-#endif /* UNIX_SOCKETS */
-
- if(log_level >= LOG_LEVEL_INFO) {
- fprintf(stdout, "Log: server is ready and listening on port %d\n", port);
- }
- return(0);
-}
-
-/**
- * stop_server:
- *
- * Shuts down TCP server.
- */
-static void
-stop_server() {
-#ifdef UNIX_SOCKETS
- if(sockfd != -1) {
- shutdown(sockfd, SHUT_RDWR);
- close(sockfd);
- sockfd = -1;
- }
-#endif /* UNIX_SOCKETS */
-
-#ifdef WIN32_SOCKETS
- if(sockfd != -1) {
- close(sockfd);
- sockfd = -1;
- }
-#endif /* WIN32_SOCKETS */
- if(log_level >= LOG_LEVEL_INFO) {
- fprintf(stdout, "Log: server is shutted down\n");
- }
-}
-
-/**
- * int_signal_handler:
- * @sig_num: the signal number.
- *
- * Unix's Ctrl-C signal handler that stops the server.
- */
-static void
-int_signal_handler(int sig_num) {
- if(log_level >= LOG_LEVEL_INFO) {
- fprintf(stdout, "Log: server is asked to shutdown\n");
- }
- finished = 1;
-}
-
-/**
- * handle_connection:
- * @sockfd: the server's socket.
- * @xkmsCtx: the template XKMS server context.
- * @format: the expected format of XKMS requests.
- *
- * Establishs a connection, forks a child process (onUnix), reads the request,
- * processes it and writes back the response.
- *
- * Returns 0 on success or a negative value if an error occurs.
- */
-static int
-handle_connection(int sockfd, xmlSecXkmsServerCtxPtr xkmsCtx, xmlSecXkmsServerFormat format) {
-#ifdef UNIX_SOCKETS
- int fd = -1;
-#endif /* UNIX_SOCKETS */
-
-#ifdef WIN32_SOCKETS
- SOCKET fd = -1;
-#endif /* WIN32_SOCKETS */
-
- int in_child_process = 0;
- struct sockaddr_in saddr;
- int saddr_size;
- xmlSecXkmsServerCtxPtr xkmsCtx2 = NULL;
- xmlSecBufferPtr buffer = NULL;
- xmlDocPtr inDoc = NULL;
- xmlDocPtr outDoc = NULL;
- xmlNodePtr result = NULL;
- xmlOutputBufferPtr output = NULL;
- int resp_ready = 0;
- int ret;
-
- assert(sockfd != -1);
- assert(xkmsCtx != NULL);
-
- /* Get the socket connection */
- saddr_size = sizeof(struct sockaddr_in);
- fd = accept(sockfd, (struct sockaddr *)&saddr, &saddr_size);
-
-#ifdef UNIX_SOCKETS
- if(sockfd == -1) {
-#endif /* UNIX_SOCKETS */
-
-#ifdef WIN32_SOCKETS
- if(sockfd == INVALID_SOCKET) {
-#endif /* WIN32_SOCKETS */
-
- fprintf(stderr, "Error %d: accept() failed\n", errno);
- return(-1);
- }
- if(log_level >= LOG_LEVEL_INFO) {
- fprintf(stdout, "Log [%s]: got connection\n", inet_ntoa(saddr.sin_addr));
- }
-
- /* Create a copy of XKMS server context */
- xkmsCtx2 = xmlSecXkmsServerCtxCreate(NULL);
- if(xkmsCtx2 == NULL) {
- fprintf(stderr, "Error %d [%s]: a copy of XKMS server context initialization failed\n", errno, inet_ntoa(saddr.sin_addr));
- goto done;
- }
- if(xmlSecXkmsServerCtxCopyUserPref(xkmsCtx2, xkmsCtx) < 0) {
- fprintf(stderr, "Error %d [%s]: XKMS server context copy failed\n", errno, inet_ntoa(saddr.sin_addr));
- goto done;
- }
-
-#ifdef UNIX_SOCKETS
- /* on Unix we use child process to process requests */
- if(fork()) {
- /* parent process */
- return(0);
- }
-
- /* child process */
- in_child_process = 1;
- close(sockfd); /* we don't need listening socket */
-#endif /* UNIX_SOCKETS */
-
- buffer = xmlSecBufferCreate(0);
- if(buffer == NULL) {
- fprintf(stderr, "Error %d [%s]: xmlSecBufferCreate() failed\n", errno, inet_ntoa(saddr.sin_addr));
- goto done;
- }
-
- /* read input request */
- ret = read_request(fd, inet_ntoa(saddr.sin_addr), buffer);
- if(ret < 0) {
- fprintf(stderr, "Error %d [%s]: read_request() failed\n", errno, inet_ntoa(saddr.sin_addr));
- goto done;
- }
-
- /* parse request */
- inDoc = xmlParseMemory(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer) );
- if((inDoc == NULL) || (xmlDocGetRootElement(inDoc) == NULL)) {
- fprintf(stderr, "Error %d [%s]: failed to parse request\n", errno, inet_ntoa(saddr.sin_addr));
- goto done;
- }
- xmlSecBufferEmpty(buffer);
-
- /* prepare result document */
- outDoc = xmlNewDoc(BAD_CAST "1.0");
- if(outDoc == NULL) {
- fprintf(stderr, "Error %d [%s]: failed to create result doc\n", errno, inet_ntoa(saddr.sin_addr));
- goto done;
- }
-
- result = xmlSecXkmsServerCtxProcess(xkmsCtx2, xmlDocGetRootElement(inDoc), format, outDoc);
- if(result == NULL) {
- fprintf(stderr, "Error %d [%s]: failed to process xkms server request\n", errno, inet_ntoa(saddr.sin_addr));
- goto done;
- }
-
- /* apppend returned result node to the output document */
- xmlDocSetRootElement(outDoc, result);
-
- /* create LibXML2 output buffer */
- output = xmlSecBufferCreateOutputBuffer(buffer);
- if(output == NULL) {
- fprintf(stderr, "Error %d [%s]: xmlSecBufferCreateOutputBuffer() failed\n", errno, inet_ntoa(saddr.sin_addr));
- goto done;
- }
- xmlNodeDumpOutput(output, result->doc, result, 0, 0, NULL);
-
- xmlOutputBufferClose(output); output = NULL;
- resp_ready = 1;
-done:
- /* send back response */
- if((resp_ready == 1) && (xmlSecBufferGetData(buffer) != NULL)) {
- ret = send_response(fd, inet_ntoa(saddr.sin_addr), 200, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer));
- if(log_level >= LOG_LEVEL_INFO) {
- fprintf(stdout, "Log [%s]: processed request\n", inet_ntoa(saddr.sin_addr));
- }
- } else if(fd >= 0) {
- ret = send_response(fd, inet_ntoa(saddr.sin_addr), 503, http_503, strlen(http_503));
- if(log_level >= LOG_LEVEL_INFO) {
- fprintf(stdout, "Log [%s]: failed to process request\n", inet_ntoa(saddr.sin_addr));
- }
- } else {
- ret = -1;
- }
- if(ret < 0) {
- fprintf(stderr, "Error %d [%s]: send_response() failed\n", errno, inet_ntoa(saddr.sin_addr));
- }
-
- /* cleanup */
- if(output != NULL) {
- xmlOutputBufferClose(output);
- output = NULL;
- }
-
- if(outDoc != NULL) {
- xmlFreeDoc(outDoc);
- outDoc = NULL;
- }
-
- if(inDoc != NULL) {
- xmlFreeDoc(inDoc);
- inDoc = NULL;
- }
-
- if(buffer != NULL) {
- xmlSecBufferDestroy(buffer);
- buffer = NULL;
- }
-
- if(xkmsCtx2 != NULL) {
- xmlSecXkmsServerCtxDestroy(xkmsCtx2);
- xkmsCtx2 = NULL;
- }
-
- if(fd >= 0) {
-#ifdef UNIX_SOCKETS
- shutdown(fd, SHUT_RDWR);
- close(fd);
-#endif /* UNIX_SCOKETS */
-
-#ifdef WIN32_SOCKETS
- close(fd);
-#endif /* WIN32_SCOKETS */
-
- fd = -1;
- }
-
- if(in_child_process) {
- exit(0);
- }
- return(0);
-}
-
-/**
- * read_request:
- * @fd: the request's socket.
- * @in_ip: the request's IP address (for logging).
- * @buffer: the output buffer.
- *
- * Reads the request from socket @fd and stores it in the @buffer.
- *
- * Returns 0 on success or a negative value if an error occurs.
- */
-static int
-read_request(int fd, const char* in_ip, xmlSecBufferPtr buffer) {
- char buf[1024];
- const xmlChar* s;
- const xmlChar* p;
- int nread;
- int length = 0;
- int found = 0;
- int counter;
-
- assert(fd != -1);
- assert(in_ip != NULL);
- assert(buffer);
-
- /* first read the http headers */
- counter = 5;
- while(my_strnstr(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), BAD_CAST "\r\n\r\n", 4) == NULL) {
- nread = recv(fd, buf, sizeof(buf), 0);
- if(nread < 0) {
- fprintf(stderr, "Error %d [%s]: read() failed\n", errno, in_ip);
- return(-1);
- }
-
- if((nread > 0) && (xmlSecBufferAppend(buffer, buf, nread) < 0)) {
- fprintf(stderr, "Error %d [%s]: xmlSecBufferAppend(%d) failed\n", errno, in_ip, nread);
- return(-1);
- }
-
- if(nread < sizeof(buffer)) {
- counter--;
- if(counter <= 0) {
- break;
- }
- }
- }
-
- if(xmlSecBufferGetData(buffer) == NULL) {
- fprintf(stderr, "Error %d [%s]: no bytes read\n", errno, in_ip);
- return(-1);
- }
-
- if(log_level >= LOG_LEVEL_DEBUG) {
- xmlSecBufferAppend(buffer, BAD_CAST "\0", 1);
- fprintf(stdout, "Debug [%s]: request headers:\n%s\n", in_ip, xmlSecBufferGetData(buffer));
- xmlSecBufferRemoveTail(buffer, 1);
- }
-
- /* Parse the request and extract the body. We expect the request to look
- * like this:
- * POST <path> HTTP/1.x\r\n
- * <header1>\r\n
- * <header2>\r\n
- * ...
- * <headerN>\r\n
- * \r\n
- * <body>
- */
-
- /* analyze the first line */
- p = my_strnstr(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), BAD_CAST "\r\n", 2);
- if(p == NULL) {
- fprintf(stderr, "Error %d [%s]: there is no HTTP header\n", errno, in_ip);
- return(-1);
- }
- if(xmlStrncasecmp(xmlSecBufferGetData(buffer), BAD_CAST "POST ", 5) != 0) {
- fprintf(stderr, "Error %d [%s]: not a POST request\n", errno, in_ip);
- return(-1);
- }
- /* "POST " + " HTTP/1.x" == 14 */
- s = xmlSecBufferGetData(buffer);
- if(p - s <= 14) {
- fprintf(stderr, "Error %d [%s]: first line has bad length\n", errno, in_ip);
- return(-1);
- }
- if((xmlStrncasecmp(p - 9, BAD_CAST " HTTP/1.0", 9) != 0) &&
- (xmlStrncasecmp(p - 9, BAD_CAST " HTTP/1.1", 9) != 0)) {
-
- fprintf(stderr, "Error %d [%s]: first line does not end with \" HTTP/1.x\"\n", errno, in_ip);
- return(-1);
- }
- if(xmlSecBufferRemoveHead(buffer, p - xmlSecBufferGetData(buffer) + 2) < 0) {
- fprintf(stderr, "Error %d [%s]: failed to skip first line\n", errno, in_ip);
- return(-1);
- }
-
- /* now skip all the headers (i.e. everything until empty line) */
- found = 0;
- while(!found) {
- p = my_strnstr(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), BAD_CAST "\r\n", 2);
- if(p == NULL) {
- fprintf(stderr, "Error %d [%s]: there is no HTTP body\n", errno, in_ip);
- return(-1);
- }
-
- if(p == xmlSecBufferGetData(buffer)) {
- found = 1;
- } else if(xmlStrncasecmp(xmlSecBufferGetData(buffer), BAD_CAST "Content-length: ", 16) == 0) {
- length = atoi(xmlSecBufferGetData(buffer) + 16);
- }
-
- if(xmlSecBufferRemoveHead(buffer, p - xmlSecBufferGetData(buffer) + 2) < 0) {
- fprintf(stderr, "Error %d [%s]: failed to skip header line\n", errno, in_ip);
- return(-1);
- }
- }
-
- /* remove the trailing \0 we added */
- xmlSecBufferRemoveTail(buffer, 1);
-
- /* now read the body */
- counter = 5;
- while(xmlSecBufferGetSize(buffer) < length) {
- nread = recv(fd, buf, sizeof(buf), 0);
- if(nread < 0) {
- fprintf(stderr, "Error %d [%s]: read() failed\n", errno, in_ip);
- return(-1);
- }
-
- if((nread > 0) && (xmlSecBufferAppend(buffer, buf, nread) < 0)) {
- fprintf(stderr, "Error %d [%s]: xmlSecBufferAppend(%d) failed\n", errno, in_ip, nread);
- return(-1);
- }
- if(nread < sizeof(buffer)) {
- counter--;
- if(counter <= 0) {
- break;
- }
- }
- }
- if(log_level >= LOG_LEVEL_INFO) {
- fprintf(stdout, "Log [%s]: body size is %d bytes\n", in_ip, xmlSecBufferGetSize(buffer));
- }
- if(log_level >= LOG_LEVEL_DATA) {
- xmlSecBufferAppend(buffer, BAD_CAST "\0", 1);
- fprintf(stdout, "Log [%s]: request body:\n%s\n", in_ip, xmlSecBufferGetData(buffer));
- xmlSecBufferRemoveTail(buffer, 1);
- }
- return(0);
-}
-
-/**
- * send_response:
- * @fd: the request's socket.
- * @in_ip: the request's IP address (for logging).
- * @resp_code: the HTTP response code.
- * @body: the response body.
- * @body_len: the response body length.
- *
- * Writes HTTP response headers and @body to the @socket.
- *
- * Returns 0 on success or a negative value if an error occurs.
- */
-static int
-send_response(int fd, const char* in_ip, int resp_code, const char* body, int body_size) {
- char header[sizeof(http_header) + 100];
-
- assert(fd != -1);
- assert(in_ip != NULL);
- assert(resp_code > 0);
- assert(body != NULL);
-
- /* prepare and send http header */
- sprintf(header, http_header, resp_code, body_size);
- if(send(fd, header, strlen(header), 0) == -1) {
- fprintf(stderr, "Error %d [%s]: send(header) failed\n", errno, in_ip);
- return(-1);
- }
-
- if(log_level >= LOG_LEVEL_DATA) {
- xmlChar* tmp = xmlStrndup(body, body_size);
- fprintf(stdout, "Log [%s]: response is\n%s\n", in_ip, tmp);
- xmlFree(tmp);
- }
-
- /* send body */
- if(send(fd, body, body_size, 0) == -1) {
- fprintf(stderr, "Error %d [%s]: send(body) failed\n", errno, in_ip);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * my_strnstr:
- * @str: the soruce string.
- * @strLen: the source string length.
- * @tmpl: the template string.
- * @tmplLen: the template string length.
- *
- * Searches for the first occurence of @tmpl in @str.
- *
- * Returns pointer to the first occurence of @tmpl in @str or NULL if it is not found.
- */
-static const xmlChar*
-my_strnstr(const xmlChar* str, xmlSecSize strLen, const xmlChar* tmpl, xmlSecSize tmplLen) {
- xmlSecSize pos;
-
- if((str == NULL) || (tmpl == NULL)) {
- return(NULL);
- }
- for(pos = 0; pos + tmplLen <= strLen; pos++) {
- if(xmlStrncmp(str + pos, tmpl, tmplLen) == 0) {
- return(str + pos);
- }
- }
-
- return(NULL);
-}
-
-#endif /* XMLSEC_NO_XKMS */
-
diff --git a/examples/xmldsigverify.c b/examples/xmldsigverify.c
index f4c376ea..f6a9c847 100644
--- a/examples/xmldsigverify.c
+++ b/examples/xmldsigverify.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include <stdlib.h>
#include <string.h>
@@ -88,7 +88,7 @@ main(int argc, char **argv) {
* xmlsec-crypto library.
*/
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
+ if(xmlSecCryptoDLLoadLibrary(NULL) < 0) {
fprintf(stdout, "Error: unable to load default xmlsec-crypto library. Make sure\n"
"that you have it installed and check shared libraries path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");