Ruby and XML Security

Is it possible with Ruby to go through XML security process.

  • read x509 private key
  • read receiver x509 public key
  • encrypt message with private key
  • encrypt message with public key
  • sign message

I guess first 4 steps could be made with openSSL library (found example
in forum) but how to create a signature.

I would realy like to see some example code.

Thank you

TheR

On 10/10/06, Damjan R. [email protected] wrote:

in forum) but how to create a signature.

I would realy like to see some example code.

You might want to repost this with an appropriate subject, it has
nothing to do with XML. Look in the ruby source at the tests for
openssl, it has examples there. I can’t remember off the top of my
head how to create the signature.

Chris

The Ruby/OpenSSL library is pretty poorly documented but you can pretty
much read it off the OpenSSL library’s API. To sign a document you have
to pass in the hash algorithm to use and the text to be signed into the
private key object’s sign method:

example:

pkey is our private key

pkey = OpenSSL::PKey::RSA.generate(1024)
pub = pkey.public_key

text is our text to be signed

text = “Hello, World!”

signature = pkey.sign(OpenSSL::Digest::SHA1.new, text)

if pub.verify(OpenSSL::Digest::SHA1.new, signature, text)
puts “It works!”
else
puts “S#%t! It failed!”
end

Timothy G. wrote:

The Ruby/OpenSSL library is pretty poorly documented but you can pretty
much read it off the OpenSSL library’s API. To sign a document you have
to pass in the hash algorithm to use and the text to be signed into the
private key object’s sign method:

example:

pkey is our private key

pkey = OpenSSL::PKey::RSA.generate(1024)
pub = pkey.public_key

text is our text to be signed

text = “Hello, World!”

signature = pkey.sign(OpenSSL::Digest::SHA1.new, text)

if pub.verify(OpenSSL::Digest::SHA1.new, signature, text)
puts “It works!”
else
puts “S#%t! It failed!”
end

Thank you very VERY much. I will be back when I’ll get my first test
message through.

I know it has nothing to do with XML, but it has everything to do with
“XML security”. I was looking for topic on net which would lead me to
ruby. But I could not find any. So here it is now.

by

TheR

Damjan R. schrieb:

I would realy like to see some example code.

Thank you

TheR

this sounds like web service security, right?
If not, you can do all with ruby-openssl. Otherwise there are different
things missing like canonical xml (see
XML Signature Syntax and Processing Version 1.1)

Regards,
Roland