xml-security.md

XMLSecurity

A VFP set of classes to secure an XML document (encrypt, signing, and verifying).

Part of VFP XML library set.

Credits

• A VFP porting of XMLSecLibs, a PHP library for XML Security by Rob Richards and contributors (at https://github.com/robrichards/xmlseclibs)

Status

• Not suited for production.
• See tests for current coverage of functionality.

Usage

See examples at the tests folder:

• Sign an XML document - basic
• Verify the signature in a signed XML document (uses the output from the precedent test)
• Verify the signature in a signed XML document (uses an externally signed document - KeyValueInfo limited to X509Certificate and RSAKeyValue, for now)
• Sign an XML element
• Sign an XML element with its own Id
• Sign an XML document and put it inside an enveloping signature
• Sign a text and put it inside an enveloping signature
• Encrypt an XML document
• Decrypt an encrypted XML document (uses the output from the precedent test)
• Encrypt the content of an XML node
• Decrypt the content of an encrypted XML node (uses the output from the precedent test)
• Encrypt the text content of an XML node
• Decrypt the text content of an encrypted XML node (uses the output from the precedent test)
• Encrypt an XML document using a symmetric key
• Decrypt an XML document using a symmetric key (uses the output from the precedent test)

Components

• XMLSecurity header file
• XMLSecurityLib, a class to perform encryption and hashing operations
• XMLSecurityLibChilkat, an XMLSecurityLib subclass that interfaces to Chilkat RSA, Crypt2, and Cert components
• XMLSecurityLibOpenSSL, an XMLSecurityLib subclass that interfaces to OpenSSL's libcrypto.dll
• XMLSecurityKey, a class to manage key related operations
• XMLSecurityDSig, a class to sign XML documents and fragments
• XMLSecurityEnc, a class to encrypt XML data)

Dependencies

• XMLCanonicalizer
• GUID
• URL

Additionally, XMLSecurity requires a crypto library to provide the encryption and hashing functions. The distributed XMLSecurityLib sub-classes provide interfaces to two such components, OpenSSL, a widely used open source solution, and Chilkat, a commercial product that adds significant value to a VFP development environment.

To use the OpenSSL library, at least libcrypto.dll must be present in VFP's path, but a full OpenSSL package may be installed from one of the available sources listed in the project wiki: https://wiki.openssl.org/index.php/Binaries.