Asp Forum - Ruby and XML Security

Damjan Rems

10/10/2006 6:02:00 PM

Is it possible with Ruby to go through XML security process.

- read x509 private key
- read receiver x509 public key
- encrypt message with private key
- encrypt message with public key
- sign message

I guess first 4 steps could be made with openSSL library (found example
in forum) but how to create a signature.

I would realy like to see some example code.

Thank you

TheR

--
Posted via http://www.ruby-....

4 Answers

snacktime

10/10/2006 9:42:00 PM

On 10/10/06, Damjan Rems <d_rems@yahoo.com> wrote:
>
> Is it possible with Ruby to go through XML security process.
>
> - read x509 private key
> - read receiver x509 public key
> - encrypt message with private key
> - encrypt message with public key
> - sign message
>
> I guess first 4 steps could be made with openSSL library (found example
> in forum) but how to create a signature.
>
> I would realy like to see some example code.

You might want to repost this with an appropriate subject, it has
nothing to do with XML. Look in the ruby source at the tests for
openssl, it has examples there. I can't remember off the top of my
head how to create the signature.

Chris

Timothy Goddard

10/10/2006 10:04:00 PM

The Ruby/OpenSSL library is pretty poorly documented but you can pretty
much read it off the OpenSSL library's API. To sign a document you have
to pass in the hash algorithm to use and the text to be signed into the
private key object's sign method:

example:

# pkey is our private key
pkey = OpenSSL::PKey::RSA.generate(1024)
pub = pkey.public_key

# text is our text to be signed
text = "Hello, World!"

signature = pkey.sign(OpenSSL::Digest::SHA1.new, text)

if pub.verify(OpenSSL::Digest::SHA1.new, signature, text)
puts "It works!"
else
puts "S#%t! It failed!"
end

Damjan Rems wrote:
> Is it possible with Ruby to go through XML security process.
>
> - read x509 private key
> - read receiver x509 public key
> - encrypt message with private key
> - encrypt message with public key
> - sign message
>
> I guess first 4 steps could be made with openSSL library (found example
> in forum) but how to create a signature.
>
> I would realy like to see some example code.
>
> Thank you
>
> TheR
>
>
> --
> Posted via http://www.ruby-....

Damjan Rems

10/11/2006 12:59:00 PM

Timothy Goddard wrote:
> The Ruby/OpenSSL library is pretty poorly documented but you can pretty
> much read it off the OpenSSL library's API. To sign a document you have
> to pass in the hash algorithm to use and the text to be signed into the
> private key object's sign method:
>
> example:
>
> # pkey is our private key
> pkey = OpenSSL::PKey::RSA.generate(1024)
> pub = pkey.public_key
>
> # text is our text to be signed
> text = "Hello, World!"
>
> signature = pkey.sign(OpenSSL::Digest::SHA1.new, text)
>
> if pub.verify(OpenSSL::Digest::SHA1.new, signature, text)
> puts "It works!"
> else
> puts "S#%t! It failed!"
> end

Thank you very VERY much. I will be back when I'll get my first test
message through.

I know it has nothing to do with XML, but it has everything to do with
"XML security". I was looking for topic on net which would lead me to
ruby. But I could not find any. So here it is now.

by

TheR

--
Posted via http://www.ruby-....

Roland Schmitt

10/12/2006 7:37:00 AM

Damjan Rems schrieb:
> Is it possible with Ruby to go through XML security process.
>
> - read x509 private key
> - read receiver x509 public key
> - encrypt message with private key
> - encrypt message with public key
> - sign message
>
> I guess first 4 steps could be made with openSSL library (found example
> in forum) but how to create a signature.
>
> I would realy like to see some example code.
>
> Thank you
>
> TheR
>
>
>
this sounds like web service security, right?
If not, you can do all with ruby-openssl. Otherwise there are different
things missing like canonical xml (see http://www.w3.org/TR/xml...)

Regards,
Roland

comp.lang.ruby

Ruby and XML Security

Damjan Rems

snacktime

Timothy Goddard

Damjan Rems

Roland Schmitt

x Login to ForumsZone