Ruby and XML Security

D

Damjan Rems

Is it possible with Ruby to go through XML security process.

- read x509 private key
- read receiver x509 public key
- encrypt message with private key
- encrypt message with public key
- sign message

I guess first 4 steps could be made with openSSL library (found example
in forum) but how to create a signature.

I would realy like to see some example code.

Thank you

TheR
 
S

snacktime

Is it possible with Ruby to go through XML security process.

- read x509 private key
- read receiver x509 public key
- encrypt message with private key
- encrypt message with public key
- sign message

I guess first 4 steps could be made with openSSL library (found example
in forum) but how to create a signature.

I would realy like to see some example code.
Click to expand...

You might want to repost this with an appropriate subject, it has
nothing to do with XML. Look in the ruby source at the tests for
openssl, it has examples there. I can't remember off the top of my
head how to create the signature.

Chris
 
D

Damjan Rems

Timothy said:
The Ruby/OpenSSL library is pretty poorly documented but you can pretty
much read it off the OpenSSL library's API. To sign a document you have
to pass in the hash algorithm to use and the text to be signed into the
private key object's sign method:

example:

# pkey is our private key
pkey = OpenSSL::pKey::RSA.generate(1024)
pub = pkey.public_key

# text is our text to be signed
text = "Hello, World!"

signature = pkey.sign(OpenSSL::Digest::SHA1.new, text)

if pub.verify(OpenSSL::Digest::SHA1.new, signature, text)
puts "It works!"
else
puts "S#%t! It failed!"
end
Click to expand...

Thank you very VERY much. I will be back when I'll get my first test
message through.

I know it has nothing to do with XML, but it has everything to do with
"XML security". I was looking for topic on net which would lead me to
ruby. But I could not find any. So here it is now.


by

TheR
 
R

Roland Schmitt

Damjan said:
Is it possible with Ruby to go through XML security process.

- read x509 private key
- read receiver x509 public key
- encrypt message with private key
- encrypt message with public key
- sign message

I guess first 4 steps could be made with openSSL library (found example
in forum) but how to create a signature.

I would realy like to see some example code.

Thank you

TheR
Click to expand...
this sounds like web service security, right?
If not, you can do all with ruby-openssl. Otherwise there are different
things missing like canonical xml (see http://www.w3.org/TR/xmldsig-core/)

Regards,
Roland
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

openssl. question about ec 0
Ruby equivalent for php openssl_pkey_get_public 0
Creating p7s/pkcs7 files with Ruby 4
JavaFX tags not wrapping around 0
Encrypt large files with ruby openssl or ???? 4
rsa sign and verify with openssl on windows 7
OpenSSL with Ruby 4
openssl encrypt / decrypt question 0

Members online

No members online now.
Total: 1,053 (members: 1, guests: 1,052)
Robots: 74

Forum statistics

Threads
474,215
Messages
2,571,113
Members
47,708
Latest member
SharonMaes

Latest Threads

Top