README
¶
goxml
XPath/DOM interface to lestrrat/go-libxml
File structure overview
- goxml.go: Main library file (initialization)
- xp.go: Core Xp (XPath) functionality
- crypt.go: Cryptography related functionality
- namespaces.go: Namespace prefix -> uri lookup table
- nodeutils.go: Utilities for manipulating and traversing XML nodes
- werror.go: Enriched error wrapper functionality
Documentation
¶
Index ¶
- Variables
- func BaseEncrypt(cleartext []byte, publickey *rsa.PublicKey, encryptionAlgorithms []string, ...) (enc *encryptionResult, err error)
- func DeJwe(peica []string, privatekey crypto.PrivateKey) (jwt string, err error)
- func Flatten(slice [][]string) (res []string)
- func Hash(h crypto.Hash, data string) []byte
- func Jwe(cleartext []byte, publickey *rsa.PublicKey, encryptionAlgorithms []string) (jwe string, err error)
- func PublicError(e Werror, ctx ...string) error
- func RmElement(element types.Node)
- func Sign(digest []byte, privatekey crypto.PrivateKey, algo string) (signaturevalue []byte, err error)
- func Verify(pub crypto.PublicKey, algo crypto.Hash, digest, signature []byte) (err error)
- func WrapWithXp(err error, xp *Xp, ctx ...string) error
- type HSMKey
- type Werror
- type Xp
- func (xp *Xp) C14n(node types.Node, nsPrefixes string) (s string)
- func (xp *Xp) CopyNode(node types.Node, extended int) types.Node
- func (src *Xp) CpXp() (xp *Xp)
- func (xp *Xp) Decrypt(encryptedAssertion types.Node, privatekey crypto.PrivateKey) (err error)
- func (xp *Xp) DocGetRootElement() types.Node
- func (xp *Xp) DomSha1SumToBase64() string
- func (xp *Xp) Dump() []byte
- func (xp *Xp) Encrypt(context types.Node, elementName string, publickey *rsa.PublicKey, ...) (err error)
- func (xp *Xp) PP() string
- func (xp *Xp) PPE(element types.Node) string
- func (xp *Xp) Query(context types.Node, path string) types.NodeList
- func (xp *Xp) Query1(context types.Node, path string) string
- func (xp *Xp) QueryBool(context types.Node, path string) bool
- func (xp *Xp) QueryDashP(context types.Node, query string, data string, before types.Node) types.Node
- func (xp *Xp) QueryDashPForce(context types.Node, query string, data string, before types.Node) types.Node
- func (xp *Xp) QueryMulti(context types.Node, path string) (res []string)
- func (xp *Xp) QueryMultiMulti(context types.Node, path string, elements []string) (res [][][]string)
- func (xp *Xp) QueryNumber(context types.Node, path string) (val int)
- func (xp *Xp) QueryString(context types.Node, path string) (val string)
- func (xp *Xp) QueryXMLBool(context types.Node, path string) bool
- func (xp *Xp) Rm(context types.Node, path string)
- func (xp *Xp) SchemaValidate() (err error)
- func (xp *Xp) Sign(context, before types.Node, privatekey crypto.PrivateKey, cert, algo string) (err error)
- func (xp *Xp) VerifySignature(context types.Node, publicKeys []crypto.PublicKey) (err error)
Examples ¶
Constants ¶
This section is empty.
Variables ¶
var ( DigestMethods = map[string]config.CryptoMethod{} SigningMethods = map[string]config.CryptoMethod{} KeyEncryptionMethods = map[string]keyEncParams{ "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p": {"http://www.w3.org/2000/09/xmldsig#sha1", "RSA-OAEP"}, "http://www.w3.org/2009/xmlenc11#rsa-oaep": {"http://www.w3.org/2001/04/xmlenc#sha256", "RSA-OAEP-256"}, } EncryptionMethods = map[string]encParams{ "http://www.w3.org/2001/04/xmlenc#aes128-cbc": {128, "cbc", "A128CBC-HS256"}, "http://www.w3.org/2001/04/xmlenc#aes256-cbc": {256, "cbc", "A256CBC-HS512"}, "http://www.w3.org/2009/xmlenc11#aes128-gcm": {128, "gcm", "A128GCM"}, "http://www.w3.org/2009/xmlenc11#aes192-gcm": {192, "gcm", "A192GCM"}, "http://www.w3.org/2009/xmlenc11#aes256-gcm": {256, "gcm", "A256GCM"}, } )
var Namespaces = map[string]string{
"alg": "urn:oasis:names:tc:SAML:metadata:algsupport",
"corto": "http://corto.wayf.dk",
"ds": "http://www.w3.org/2000/09/xmldsig#",
"idpdisc": "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol",
"init": "urn:oasis:names:tc:SAML:profiles:SSO:request-init",
"md": "urn:oasis:names:tc:SAML:2.0:metadata",
"mdattr": "urn:oasis:names:tc:SAML:metadata:attribute",
"mdrpi": "urn:oasis:names:tc:SAML:metadata:rpi",
"mdui": "urn:oasis:names:tc:SAML:metadata:ui",
"saml": "urn:oasis:names:tc:SAML:2.0:assertion",
"saml1": "urn:oasis:names:tc:SAML:1.0:assertion",
"samlp": "urn:oasis:names:tc:SAML:2.0:protocol",
"sdss": "http://sdss.ac.uk/2006/06/WAYF",
"shibmd": "urn:mace:shibboleth:metadata:1.0",
"SOAP-ENV": "http://schemas.xmlsoap.org/soap/envelope/",
"ukfedlabel": "http://ukfederation.org.uk/2006/11/label",
"wayf": "http://wayf.dk/2014/08/wayf",
"xenc": "http://www.w3.org/2001/04/xmlenc#",
"xenc11": "http://www.w3.org/2009/xmlenc11#",
"xml": "http://www.w3.org/XML/1998/namespace",
"xs": "http://www.w3.org/2001/XMLSchema",
"xsi": "http://www.w3.org/2001/XMLSchema-instance",
"xsl": "http://www.w3.org/1999/XSL/Transform",
"ec": "http://www.w3.org/2001/10/xml-exc-c14n#",
"aslo": "urn:oasis:names:tc:SAML:2.0:protocol:ext:async-slo",
"t": "http://schemas.xmlsoap.org/ws/2005/02/trust",
"wsu": "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd",
"wsp": "http://schemas.xmlsoap.org/ws/2004/09/policy",
"wsa": "http://www.w3.org/2005/08/addressing",
"a": "http://schemas.xmlsoap.org/ws/2009/09/identity/claims",
"eidas": "http://eidas.europa.eu/saml-extensions",
}
Namespaces - map of prefix to uri for namespaces
Functions ¶
func BaseEncrypt ¶
func PublicError ¶
PublicError - append messages to a Werror
func Sign ¶
func Sign(digest []byte, privatekey crypto.PrivateKey, algo string) (signaturevalue []byte, err error)
Sign the digest with the privvate key and algo
Types ¶
type Werror ¶
type Werror struct {
P []string // err msgs for public consumption
C []string
PC []uintptr `json:"-"`
Cause error
Xp *Xp `json:"-"`
}
type Xp ¶
Xp is a wrapper for the libxml2 xmlDoc and xmlXpathContext master is a pointer to the original struct with the shared xmlDoc so that is never gets deallocated before any copies
func NewHTMLXp ¶
NewHTMLXp - Parse html object with doc - used in testing for "forwarding" samlresponses from html to http Disables error reporting - libxml2 complains about html5 elements
func NewXp ¶
NewXp Parse SAML xml to Xp object with doc and xpath with relevant namespaces registered
func NewXpFromFile ¶
NewXpFromFile Creates a NewXP from File. Used for testing purposes
func NewXpFromNode ¶
NewXpFromNode creates a new *Xp from a node (subtree) from another *Xp
Example ¶
/*for i := 0; i <= 2000; i++ {
for j := 0; j <= 1; j++ {
xp_res = NewXpFromNode(node)
}
}*/
xp := NewXpFromFile("testdata/response.xml")
node := xp.Query(nil, `./saml:Assertion`)[0]
xpRes := NewXpFromNode(node)
printHashedDom(xpRes)
Output: 3NN6sB8hU2sKZhm8kUKzHQhfBps=
func NewXpFromString ¶
NewXpFromString Parse SAML xml to Xp object with doc and xpath with relevant namespaces registered
func (*Xp) C14n ¶
C14n Canonicalise the node using the SAML specified exclusive method Very slow on large documents with node != nil
func (*Xp) CopyNode ¶
CopyNode - copies the node to-do make go-libxml2 accept extended param to-do remove it from Xp
func (*Xp) CpXp ¶
CpXp Make a copy of the Xp object - shares the document with the source, but allocates a new xmlXPathContext because They are not thread/gorutine safe as the context is set for each query call Only the document "owning" Xp releases the C level document and it needs be around as long as any copies - ie. do not let the original document be garbage collected or havoc will be wreaked
func (*Xp) Decrypt ¶
Decrypt decrypts the context using the given privatekey . The context element is removed
func (*Xp) DocGetRootElement ¶
DocGetRootElement returns the root element of the document
func (*Xp) DomSha1SumToBase64 ¶
func (*Xp) Encrypt ¶
func (xp *Xp) Encrypt(context types.Node, elementName string, publickey *rsa.PublicKey, encryptionAlgorithms []string) (err error)
Encrypt the context with the given publickey
func (*Xp) Query1 ¶
Query1 Utility function to get the content of the first node from a xpath query as a string
func (*Xp) QueryDashP ¶
func (xp *Xp) QueryDashP(context types.Node, query string, data string, before types.Node) types.Node
QueryDashP generative xpath query - ie. mkdir -p for xpath ... Understands simple xpath expressions including indexes and attribute values
func (*Xp) QueryDashPForce ¶
func (*Xp) QueryMulti ¶
QueryMulti function to get the content of the nodes from a xpath query as a slice of strings
func (*Xp) QueryMultiMulti ¶
func (xp *Xp) QueryMultiMulti(context types.Node, path string, elements []string) (res [][][]string)
QueryMultiMulti function to get the content of the nodes from a xpath query, and a list of subqueries as a slice of slice of slice of strings A QueryMulti call for each element might not reflect the structure properly
func (*Xp) QueryNumber ¶
QueryNumber evaluates an xpath expressions that returns a number
func (*Xp) QueryString ¶
QueryString evaluates an xpath expressions that returns a string
func (*Xp) QueryXMLBool ¶
QueryXMLBool evaluates an xpath element that is XML boolean ie 1 or true - '.' works for both elements and attributes
func (*Xp) SchemaValidate ¶
SchemaValidate validate the document against the the schema file given in url
func (*Xp) Sign ¶
func (xp *Xp) Sign(context, before types.Node, privatekey crypto.PrivateKey, cert, algo string) (err error)
Sign the given context with the given private key - which is a PEM or hsm: key A hsm: key is a urn 'key' that points to a specific key/action in a goeleven interface to a HSM See https://github.com/wayf-dk/
Source Files