#!/usr/bin/perl
our
$VERSION
=
"0.008"
;
our
(
$fh_in
,
$fh_out
,
$xml
);
our
$mode
=
undef
;
our
$cacert
=
undef
;
our
$key
=
undef
;
our
$cert
=
undef
;
our
$in
=
'stdin'
;
our
$out
=
'stdout'
;
my
(
$help
,
$man
);
our
%args
=(
'mode=s'
=>\
$mode
,
'cacert=s'
=>\
$cacert
,
'cert=s'
=>\
$cert
,
'key=s'
=>\
$key
,
'in=s'
=>\
$in
,
'out=s'
=>\
$out
,
'man'
=>\
$man
,
'help|?'
=>\
$help
,
);
GetOptions(
%args
) or
die
"Error command line arguments\n"
;
pod2usage(1)
if
$help
;
pod2usage(
-exitval
=> 0,
-verbose
=> 2)
if
$man
;
unless
(
defined
(
$mode
)) {
die
"-mode is a required option\n"
;
}
setup_io();
if
(
$mode
=~ m/^[Ss]/s) {
sign();
}
elsif
(
$mode
=~ m/^[vV]/s) {
verify();
}
else
{
die
"-mode=(s|v) is a required option\n"
;
}
sub
setup_io {
$fh_out
=
$out
ne
'stdout'
? IO::File->new(
$out
,
'w'
) : \
*STDOUT
;
$fh_in
=
$in
ne
'stdin'
? IO::File->new(
$in
,
'r'
) : \
*STDIN
;
die
"Failed to create output file: $out, error was $!\n"
unless
defined
(
$fh_out
);
die
"-in=filename is a required option in verify mode\n"
unless
defined
(
$fh_in
);
select
$fh_out
;
$xml
=
join
''
,
$fh_in
->getlines;
}
sub
sign {
die
"-key=filename is a required option\n"
unless
defined
(
$key
) && -r
$key
;
my
%args
=(
xml
=>
$xml
,
key_file
=>
$key
,
);
$args
{cert}=
$cert
if
defined
(
$cert
) && -r
$cert
;
my
$s
=XML::Sig::OO->new(
%args
);
my
$result
=
$s
->sign;
die
"failed to sign file: $in, error was: $result\n"
unless
$result
;
print
$result
->get_data;
}
sub
verify {
my
%args
=(
xml
=>
$xml
,
);
$args
{cacert}=
$cert
if
defined
(
$cacert
) && -r
$cacert
;
my
$v
=new XML::Sig::OO(
%args
);
my
$result
=
$v
->validate;
if
(
$result
) {
print
"Input xml passed validation\n"
;
}
else
{
foreach
my
$chunk
(@{
$result
->get_data}) {
my
(
$nth
,
$signature
,
$digest
)=@{
$chunk
}{
qw(nth signature digest)
};
print
"Results for processing chunk $nth\n"
;
print
"Signature State: "
.(
$signature
?
"OK\n"
:
"Failed, error was $signature\n"
);
print
"Digest State: "
.(
$digest
?
"OK\n"
:
"Failed, error was $digest\n"
);
}
}
}