# XMLSec Library: Examples

This folder contains XML Security Library examples.

## Building examples

### Unixes
Just run the usual `make` command (assuming that xmlsec, libxml2, libxslt and
all other required libraries are already installed).

### Windows
- Add paths to include and library files for xmlsec, libxml2, libxslt and
openssl or nss to the environment variables INCLUDE and LIB.
- Edit `Makefile.w32` file and specify correct crypto engine (openssl or
nss for now). You can also specify necessary include and library paths
or change from static linking to using DLLs.
- Run `nmake -f Makefile.w32`

If something does not work, check the README file in the top level
`win32` folder for additional instructions.

## Examples

### sign1: signing with a template file

Files:
```
sign1.c             The source code
sign1-tmpl.xml      The template file for sign1 example
sign1-res.xml       The result of processing sign1_tmpl.xml by sign1.c
```

To run this example:
```
./sign1 sign1-tmpl.xml rsakey.pem
```

To sign a template file with `xmlsec1` command line utility (use `xmlsec` on Windows):
```
xmlsec1 sign --privkey rsakey.pem --output sign1.xml sign1-tmpl.xml
```

### sign2: signing a file with a dynamicaly created template

Files:
```
sign2.c             The source code
sign2-doc.xml       An example XML file for signing by sign2.c
sign2-res.xml       The result of signing sign2-doc.xml by sign2.c
```

To run this example:
```
./sign2 sign2-doc.xml rsakey.pem
```

### sign3: signing a file with a dynamicaly created template and an X509 certificate

Files:
```
sign3.c             The source code
sign3-doc.xml       An example XML file for signing by sign3.c
sign3-res.xml       The result of signing sign3-doc.xml by sign3.c
```

To run this example:
```
./sign3 sign3-doc.xml rsakey.pem rsacert.pem
```

### verify1: verifying a signed document with a public key

Files:
```
verify1.c           The source code
```

To run this example:
```
./verify1 sign1-res.xml rsapub.pem
./verify1 sign2-res.xml rsapub.pem
```

### verify2: verifying a signed document using keys manager

Files:
```
verify2.c           The source code
```

To run this example:
```
./verify2 sign1-res.xml rsapub.pem
./verify2 sign2-res.xml rsapub.pem
```

To verify a signed document with `xmlsec1` command line utility (use `xmlsec` on Windows):
```
xmlsec1 verify --pubkey rsapub.pem sign1-res.xml
xmlsec1 verify --pubkey rsapub.pem sign2-res.xml
```

### verify3: verifying a signed document using X509 certificate

Files:
```
verify3.c           The source code
```

To run this example:
```
./verify3 sign3-res.xml ca2cert.pem cacert.pem
```

To verify a signed document using X509 certificate with `xmlsec1` command line
utility (use `xmlsec` on Windows):
```
xmlsec1 verify --trusted ca2cert.pem --trusted cacert.pem sign3-res.xml
```

### verify4: verifying a simple SAML response using X509 certificate

Files:
```
verify4.c           The source code
verify4-tmpl.xml    An example template file with a simple SAML response for verify4 example
verify4-res.xml     Signed simple SAML response for verification by verify4.c
```

To run this example:
```
./verify4 verify4-res.xml ca2cert.pem cacert.pem
```

To verify a signed SAML response using X509 certificate with `xmlsec1` command line
utility (use `xmlsec` on Windows):
```
xmlsec1 verify --trusted ca2cert.pem --trusted cacert.pem verify4-res.xml
```

### encrypt1: encrypting binary data with a template file

Files:
```
encrypt1.c          The source code
encrypt1-res.xml    An example template file for encrypt1.c
encrypt1-tmpl.xml   The result of processing encrypt1_tmpl.xml by encrypt1.c
```

To run this example:
```
./encrypt1 encrypt1-tmpl.xml deskey.bin
```

To encrypt binary data with a template file with `xmlsec1` command line
utility (use `xmlsec` on Windows):
```
xmlsec1 encrypt --deskey deskey.bin  --binary-data binary.dat --output encrypt1.xml encrypt1-tmpl.xml
```

### encrypt2: encrypting XML file using a dynamicaly created template

Files:
```
encrypt2.c          The source code
encrypt2-doc.xml    An example XML file for encryption by encrypt2.c
encrypt2-res.xml    The result of encryptin encrypt2-doc.xml by encrypt2.c
```

To run this example:
```
./encrypt2 encrypt2-doc.xml deskey.bin
```

### encrypt3: encrypting XML file using a session DES key

Files:
```
encrypt3.c          The source code
encrypt3-doc.xml    An example XML file for encryption by encrypt3.c
encrypt3-res.xml    The result of encryptin encrypt3-doc.xml by encrypt3.c
```

To run this example:
```
./encrypt3 encrypt3-doc.xml rsakey.pem
```

### decrypt1: decrypting binary data using a single key

Files:
```
decrypt1.c          The source code
```

To run this example:
```
./decrypt1 encrypt1-res.xml deskey.bin
./decrypt1 encrypt2-res.xml deskey.bin
```

### decrypt2: decrypting binary data using keys manager

Files:
```
decrypt2.c          The source code
```

To run this example:
```
./decrypt2 encrypt1-res.xml deskey.bin
./decrypt2 encrypt2-res.xml deskey.bin
```

To decrypt binary data with `xmlsec1` command line utility (use `xmlsec` on Windows):
```
xmlsec1 decrypt --deskey deskey.bin encrypt1-res.xml
xmlsec1 decrypt --deskey deskey.bin encrypt2-res.xml
xmlsec1 decrypt --privkey rsakey.pem encrypt3-res.xml
```

### decrypt3: decrypting binary file using custom keys manager

Files:
```
decrypt3.c          The source code
```

To run this example:
```
./decrypt3 encrypt1-res.xml
./decrypt3 encrypt2-res.xml
./decrypt3 encrypt3-res.xml
```

### xmldsigverify: CGI script for signatures verifications

Files:
```
xmldsigverify.c     The source code
```

To run this example, install compiled xmldsigverify script into
your web server cgi-bin directory.

### Keys and certificates
```
cacert.pem          Root (trusted) certificate
ca2cert.pem         CA (trusted) certificate (signed with cacert.pem)
rsakey.pem          Private PEM key file
rsapub.pem          Public PEM key file
rsacert.pem         Certificate for rsakey.pem signed with ca2cert.pem
deskey.bin          A DES keys
```