= xmlsec = * https://www.aleksey.com/xmlsec/index.html * https://github.com/lsh123/xmlsec XML Security Library is a C library based on LibXML2. The library supports major XML security standards: * https://users.dcc.uchile.cl/~pcamacho/tutorial/web/xmlsec/xmlsec.html == Slackbuild == {{{#!highlight bash wget https://slackbuilds.org/slackbuilds/14.2/libraries/xmlsec.tar.gz tar xvzf xmlsec.tar.gz cd xmlsec wget https://www.aleksey.com/xmlsec/download/xmlsec1-1.2.29.tar.gz ./xmlsec.SlackBuild installpkg /tmp/xmlsec-1.2.29-i586-1_SBo.tgz }}} == Sign with certificate test.xml == * openssl req -new -x509 -days 3650 -nodes -out cert.pem -keyout privkey.pem * xmlsec1 --sign --privkey-pem privkey.pem --output test_signed.xml test.xml * xmlsec1 --verify test_signed.xml === test.xml === {{{#!highlight xml test }}} === test_rsa_sha256.xml === * xmlsec1 --sign --privkey-pem privkey.pem,cert.pem --output test_rsa_sha256_signed.xml test_rsa_sha256.xml * xmlsec1 --verify --insecure test_rsa_sha256_signed.xml # self-signed certificate {{{#!highlight xml test }}} === test_rsa_sha256_uri.xml === * xmlsec1 --sign --id-attr:Id c --privkey-pem privkey.pem,cert.pem --output test_rsa_sha256_uri_signed.xml test_rsa_sha256_uri.xml 2019-10-21T22:47 vitor@nb200:/tmp * xmlsec1 --verify --id-attr:Id c --insecure test_rsa_sha256_uri_signed.xml {{{#!highlight xml test }}} === test_rsa_sha256_uri_ns.xml === Add the template nodes to the original message to sign. * https://www.w3.org/TR/xmldsig-core1/ * openssl req -new -x509 -days 3650 -nodes -out cert.pem -keyout privkey.pem * xmlsec1 --sign --id-attr:Id c --privkey-pem privkey.pem,cert.pem --output test_rsa_sha256_uri_ns_signed.xml test_rsa_sha256_uri_ns.xml * xmlsec1 --verify --id-attr:Id c --insecure test_rsa_sha256_uri_ns_signed.xml {{{#!highlight xml test }}}