diff options
Diffstat (limited to 'docs/api/xmlsec-verify-with-restrictions.html')
-rw-r--r-- | docs/api/xmlsec-verify-with-restrictions.html | 241 |
1 files changed, 71 insertions, 170 deletions
diff --git a/docs/api/xmlsec-verify-with-restrictions.html b/docs/api/xmlsec-verify-with-restrictions.html index d9b8d66a..ac2ecba2 100644 --- a/docs/api/xmlsec-verify-with-restrictions.html +++ b/docs/api/xmlsec-verify-with-restrictions.html @@ -1,124 +1,36 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> -<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> -<title>Verifying a signature with additional restrictions.</title> -<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.79"> -<link rel="HOME" title="XML Security Library Reference Manual" href="index.html"> -<link rel="UP" title="Examples." href="xmlsec-examples.html"> -<link rel="PREVIOUS" title="Verifying a signature with X509 certificates." href="xmlsec-verify-with-x509.html"> -<link rel="NEXT" title="Encrypting data with a template file." href="xmlsec-encrypt-template-file.html"> -<style type="text/css">.synopsis, .classsynopsis { - background: #eeeeee; - border: solid 1px #aaaaaa; - padding: 0.5em; -} -.programlisting { - background: #eeeeff; - border: solid 1px #aaaaff; - padding: 0.5em; -} -.variablelist { - padding: 4px; - margin-left: 3em; -} -.navigation { - background: #ffeeee; - border: solid 1px #ffaaaa; - margin-top: 0.5em; - margin-bottom: 0.5em; -} -.navigation a { - color: #770000; -} -.navigation a:visited { - color: #550000; -} -.navigation .title { - font-size: 200%; -}</style> -<style type="text/css"> -table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) { - width: 20em; -} -.synopsis, .classsynopsis { - background: #eeeeee; - border: solid 1px #aaaaaa; -} -.programlisting { - background: #eeeeee; - border: solid 1px #000000; -} -.navigation { - background: #eeeeee; - border: solid 1px #000000; -} -.navigation a { - color: initial; -} -.navigation a:visited { - color: initial; -} -</style> +<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> +<title>Verifying a signature with additional restrictions.: XML Security Library Reference Manual</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.79.1"> +<link rel="home" href="index.html" title="XML Security Library Reference Manual"> +<link rel="up" href="xmlsec-examples.html" title="Examples."> +<link rel="prev" href="xmlsec-verify-with-x509.html" title="Verifying a signature with X509 certificates."> +<link rel="next" href="xmlsec-encrypt-template-file.html" title="Encrypting data with a template file."> +<meta name="generator" content="GTK-Doc V1.27 (XML mode)"> +<link rel="stylesheet" href="style.css" type="text/css"> </head> -<body><table width="100%" valign="top"><tr valign="top"> -<td valign="top" align="left" width="210"> -<img src="../images/logo.gif" alt="XML Security Library" border="0"><p></p> -<ul> -<li><a href="../index.html">Home</a></li> -<li><a href="../download.html">Download</a></li> -<li><a href="../news.html">News</a></li> -<li><a href="../documentation.html">Documentation</a></li> -<ul> -<li><a href="../faq.html">FAQ</a></li> -<li><a href="../api/xmlsec-notes.html">Tutorial</a></li> -<li><a href="../api/xmlsec-reference.html">API reference</a></li> -<li><a href="../api/xmlsec-examples.html">Examples</a></li> -</ul> -<li><a href="../xmldsig.html">XML Digital Signature</a></li> -<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul> -<li><a href="../xmlenc.html">XML Encryption</a></li> -<li><a href="../c14n.html">XML Canonicalization</a></li> -<li><a href="../bugs.html">Reporting Bugs</a></li> -<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li> -<li><a href="../related.html">Related</a></li> -<li><a href="../authors.html">Authors</a></li> -</ul> -<table width="100%"> -<tr> -<td width="15"></td> -<td><a href="http://xmlsoft.org/"><img src="../images/libxml2-logo.png" alt="LibXML2" border="0"></a></td> -</tr> -<tr> -<td width="15"></td> -<td><a href="http://xmlsoft.org/XSLT"><img src="../images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td> -</tr> -<tr> -<td width="15"></td> -<td><a href="http://www.openssl.org/"><img src="../images/openssl-logo.png" alt="OpenSSL" border="0"></a></td> -</tr> -<!--Links - start--><!--Links - end--> -</table> -</td> -<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent"> -<table width="100%" class="navigation" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> -<td><a accesskey="p" href="xmlsec-verify-with-x509.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td> -<td><a accesskey="u" href="xmlsec-examples.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="5"><tr valign="middle"> +<td width="100%" align="left" class="shortcuts"></td> <td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td> -<th width="100%" align="center">XML Security Library Reference Manual</th> +<td><a accesskey="u" href="xmlsec-examples.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td> +<td><a accesskey="p" href="xmlsec-verify-with-x509.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td> <td><a accesskey="n" href="xmlsec-encrypt-template-file.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td> </tr></table> -<br clear="all"><div class="SECT1"> -<h1 class="SECT1"><a name="XMLSEC-VERIFY-WITH-RESTRICTIONS">Verifying a signature with additional restrictions.</a></h1> -<br clear="all"><div class="SECT2"> -<h2 class="SECT2"><a name="XMLSEC-EXAMPLE-VERIFY4">verify4.c</a></h2> -<p></p> -<div class="INFORMALEXAMPLE"> -<p></p> -<a name="AEN877"></a><pre class="PROGRAMLISTING">/** +<div class="sect1"> +<div class="titlepage"><div><div><h2 class="title" style="clear: both"> +<a name="xmlsec-verify-with-restrictions"></a>Verifying a signature with additional restrictions.</h2></div></div></div> +<div class="sect2"> +<div class="titlepage"><div><div><h3 class="title"> +<a name="xmlsec-example-verify4"></a>verify4.c</h3></div></div></div> +<div class="informalexample"><pre class="programlisting"> +/** * XML Security Library example: Verifying a simple SAML response with X509 certificate * - * Verifies a simple SAML response. In addition to refular verification - * we ensure that the signature has only one <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top"><dsig:Reference/></a> element + * Verifies a simple SAML response. In addition to regular verification + * we ensure that the signature has only one <dsig:Reference/> element * with an empty or NULL URI attribute and one enveloped signature transform * as it is required by SAML specification. * @@ -128,18 +40,18 @@ table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) { * Usage: * verify4 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]] * - * Example (sucecess): + * Example (success): * ./verify4 verify4-res.xml ca2cert.pem cacert.pem * * Example (failure): * ./verify4 verify4-bad-res.xml ca2cert.pem cacert.pem - * In the same time, verify3 example successfuly verifies this signature: + * In the same time, verify3 example successfully verifies this signature: * ./verify3 verify4-bad-res.xml ca2cert.pem cacert.pem * * This is free software; see Copyright file in the source * distribution for preciese wording. * - * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com> + * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved. */ #include <stdlib.h> #include <string.h> @@ -216,10 +128,10 @@ main(int argc, char **argv) { * xmlsec-crypto library. */ #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING - if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) { + if(xmlSecCryptoDLLoadLibrary(NULL) < 0) { fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n" "that you have it installed and check shared libraries path\n" - "(LD_LIBRARY_PATH) envornment variable.\n"); + "(LD_LIBRARY_PATH and/or LTDL_LIBRARY_PATH) environment variables.\n"); return(-1); } #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */ @@ -276,7 +188,7 @@ main(int argc, char **argv) { * @files_size: the number of filenames in #files. * * Creates simple keys manager and load trusted certificates from PEM #files. - * The caller is responsible for destroing returned keys manager using + * The caller is responsible for destroying returned keys manager using * @xmlSecKeysMngrDestroy. * * Returns the pointer to newly created keys manager or NULL if an error @@ -421,16 +333,15 @@ done: } return(res); } -
</pre> -<p></p> -</div> + + +</pre></div> </div> -<br clear="all"><div class="SECT2"> -<h2 class="SECT2"><a name="XMLSEC-EXAMPLE-VERIFY4-TMPL">verify4-tmpl.xml</a></h2> -<p></p> -<div class="INFORMALEXAMPLE"> -<p></p> -<a name="AEN883"></a><pre class="PROGRAMLISTING"><?xml version="1.0" encoding="UTF-8"?> +<div class="sect2"> +<div class="titlepage"><div><div><h3 class="title"> +<a name="xmlsec-example-verify4-tmpl"></a>verify4-tmpl.xml</h3></div></div></div> +<div class="informalexample"><pre class="programlisting"> +<?xml version="1.0" encoding="UTF-8"?> <!-- XML Security Library example: A simple SAML response template (verify4 example). @@ -448,12 +359,12 @@ Sign it using the following command (replace __ with double dashes): <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <a href="http://www.w3.org/TR/xmldsig-core/#sec-DigestValue" target="_top"><dsig:DigestValue/></a> + <dsig:DigestValue/> </dsig:Reference> </dsig:SignedInfo> - <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureValue" target="_top"><dsig:SignatureValue/></a> + <dsig:SignatureValue/> <dsig:KeyInfo> - <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top"><dsig:X509Data/></a> + <dsig:X509Data/> </dsig:KeyInfo> </dsig:Signature> <Status> @@ -476,16 +387,14 @@ Sign it using the following command (replace __ with double dashes): <AuthorityBinding AuthorityKind="samlp:AttributeQuery" Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aa.osu.edu/"/> </AuthenticationStatement> </Assertion> -</Response></pre> -<p></p> -</div> +</Response> +</pre></div> </div> -<br clear="all"><div class="SECT2"> -<h2 class="SECT2"><a name="XMLSEC-EXAMPLE-VERIFY4-RES">verify4-res.xml</a></h2> -<p></p> -<div class="INFORMALEXAMPLE"> -<p></p> -<a name="AEN891"></a><pre class="PROGRAMLISTING"><?xml version="1.0" encoding="UTF-8"?> +<div class="sect2"> +<div class="titlepage"><div><div><h3 class="title"> +<a name="xmlsec-example-verify4-res"></a>verify4-res.xml</h3></div></div></div> +<div class="informalexample"><pre class="programlisting"> +<?xml version="1.0" encoding="UTF-8"?> <!-- XML Security Library example: A simple SAML response template (verify4 example). @@ -553,16 +462,14 @@ fBjXssrERn05kpBcrRfzou4r3DCgQFPhjxga</dsig:X509Certificate> <AuthorityBinding AuthorityKind="samlp:AttributeQuery" Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aa.osu.edu/"/> </AuthenticationStatement> </Assertion> -</Response></pre> -<p></p> -</div> +</Response> +</pre></div> </div> -<br clear="all"><div class="SECT2"> -<h2 class="SECT2"><a name="XMLSEC-EXAMPLE-VERIFY4-BAD-TMPL">verify4-bad-tmpl.xml</a></h2> -<p></p> -<div class="INFORMALEXAMPLE"> -<p></p> -<a name="AEN896"></a><pre class="PROGRAMLISTING"><?xml version="1.0" encoding="UTF-8"?> +<div class="sect2"> +<div class="titlepage"><div><div><h3 class="title"> +<a name="xmlsec-example-verify4-bad-tmpl"></a>verify4-bad-tmpl.xml</h3></div></div></div> +<div class="informalexample"><pre class="programlisting"> +<?xml version="1.0" encoding="UTF-8"?> <!-- XML Security Library example: A simple bad SAML response template (verify4 example). @@ -587,12 +494,12 @@ Sign it using the following command (replace __ with double dashes): </dsig:Transform> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <a href="http://www.w3.org/TR/xmldsig-core/#sec-DigestValue" target="_top"><dsig:DigestValue/></a> + <dsig:DigestValue/> </dsig:Reference> </dsig:SignedInfo> - <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureValue" target="_top"><dsig:SignatureValue/></a> + <dsig:SignatureValue/> <dsig:KeyInfo> - <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top"><dsig:X509Data/></a> + <dsig:X509Data/> </dsig:KeyInfo> </dsig:Signature> <Status> @@ -615,16 +522,14 @@ Sign it using the following command (replace __ with double dashes): <AuthorityBinding AuthorityKind="samlp:AttributeQuery" Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aa.osu.edu/"/> </AuthenticationStatement> </Assertion> -</Response></pre> -<p></p> +</Response> +</pre></div> </div> -</div> -<br clear="all"><div class="SECT2"> -<h2 class="SECT2"><a name="XMLSEC-EXAMPLE-VERIFY4-BAD-RES">verify4-bad-res.xml</a></h2> -<p></p> -<div class="INFORMALEXAMPLE"> -<p></p> -<a name="AEN904"></a><pre class="PROGRAMLISTING"><?xml version="1.0" encoding="UTF-8"?> +<div class="sect2"> +<div class="titlepage"><div><div><h3 class="title"> +<a name="xmlsec-example-verify4-bad-res"></a>verify4-bad-res.xml</h3></div></div></div> +<div class="informalexample"><pre class="programlisting"> +<?xml version="1.0" encoding="UTF-8"?> <!-- XML Security Library example: A simple bad SAML response (verify4 example). @@ -713,15 +618,11 @@ NJ2D</X509Certificate> <AuthorityBinding AuthorityKind="samlp:AttributeQuery" Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aa.osu.edu/"/> </AuthenticationStatement> </Assertion> -</Response></pre> -<p></p> -</div> +</Response> +</pre></div> </div> </div> -<table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle"> -<td align="left"><a accesskey="p" href="xmlsec-verify-with-x509.html"><b><<< Verifying a signature with X509 certificates.</b></a></td> -<td align="right"><a accesskey="n" href="xmlsec-encrypt-template-file.html"><b>Encrypting data with a template file. >>></b></a></td> -</tr></table> -</td></tr></table></td> -</tr></table></body> +<div class="footer"> +<hr>Generated by GTK-Doc V1.27</div> +</body> </html> |