apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24552 Commits
6009 Branches
596 Tags
1.8 GiB
 
 
 
 
 
 
Tag: Branch: Tree: b710f21a06
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b710f21a06'
${ noResults }
grafana/vendor/github.com/russellhaering/goxmldsig
History
gotjosh e6b8a1529b
SAML: Configuration defaults, examples and dependencies (#17954) 		6 years ago
..
etreeutils SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
types SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
.gitignore SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
LICENSE SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
README.md SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
canonicalize.go SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
clock.go SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
keystore.go SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
run_test.sh SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
sign.go SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
tls_keystore.go SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
validate.go SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago
xml_constants.go SAML: Configuration defaults, examples and dependencies (#17954) 6 years ago

README.md

goxmldsig

Build Status GoDoc

XML Digital Signatures implemented in pure Go.

Installation

Install goxmldsig into your $GOPATH using go get:

$ go get github.com/russellhaering/goxmldsig

Usage

Signing

package main

import (
    "github.com/beevik/etree"
    "github.com/russellhaering/goxmldsig"
)

func main() {
    // Generate a key and self-signed certificate for signing
    randomKeyStore := dsig.RandomKeyStoreForTest()
    ctx := dsig.NewDefaultSigningContext(randomKeyStore)
    elementToSign := &etree.Element{
        Tag: "ExampleElement",
    }
    elementToSign.CreateAttr("ID", "id1234")

    // Sign the element
    signedElement, err := ctx.SignEnveloped(elementToSign)
    if err != nil {
        panic(err)
    }

    // Serialize the signed element. It is important not to modify the element
    // after it has been signed - even pretty-printing the XML will invalidate
    // the signature.
    doc := etree.NewDocument()
    doc.SetRoot(signedElement)
    str, err := doc.WriteToString()
    if err != nil {
        panic(err)
    }

    println(str)
}

Signature Validation

// Validate an element against a root certificate
func validate(root *x509.Certificate, el *etree.Element) {
    // Construct a signing context with one or more roots of trust.
    ctx := dsig.NewDefaultValidationContext(&dsig.MemoryX509CertificateStore{
        Roots: []*x509.Certificate{root},
    })

    // It is important to only use the returned validated element.
    // See: https://www.w3.org/TR/xmldsig-bestpractices/#check-what-is-signed
    validated, err := ctx.Validate(el)
    if err != nil {
        panic(err)
    }

    doc := etree.NewDocument()
    doc.SetRoot(validated)
    str, err := doc.WriteToString()
    if err != nil {
        panic(err)
    }

    println(str)
}

Limitations

This library was created in order to implement SAML 2.0 without needing to execute a command line tool to create and validate signatures. It currently only implements the subset of relevant standards needed to support that implementation, but I hope to make it more complete over time. Contributions are welcome.