1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
# $Id$
#
# Test of XML::Simple as a tool for encoding and decoding
eval 'exec perl -w -S $0 ${1+"$@"}'
if 0;
use strict;
use XML::Simple;
use Data::Dumper;
use IPC::Open2;
sub run2 {
my $arg = shift;
my $i;
my $o;
my $pid = open2($o, $i, @_)
or die("Couldn't run @_");
print($i $arg)
or die("Couldn't write to @_");
close($i)
or die("Couldn't close @_");
my @res = <$o>;
waitpid($pid, 0)
or die("Couldn't reap @_");
return @res;
}
my $p7b = "-----BEGIN PKCS7-----\n";
my $p7e = "-----END PKCS7-----\n";
sub encode {
my $arg = shift;
my $cer = shift;
my $key = shift;
my @res = run2($arg, qw(openssl smime -sign -nodetach -outform PEM -signer), $cer, q(-inkey), $key);
die("Missing PKCS7 markers")
unless $res[0] eq $p7b && $res[@res-1] eq $p7e;
return join('', @res[1..@res-2]);
}
sub decode {
my $arg = shift;
my $dir = shift;
my @res = run2($p7b . $arg . $p7e, qw(openssl smime -verify -inform PEM -CApath), $dir);
return join('', @res);
}
my $xs = XML::Simple->new(KeepRoot => 1,
ForceArray => [qw(list_class)],
KeyAttr => [qw(header)],
NormalizeSpace => 2);
�
my @xml = ('
<message version="1">
<header sender="sender name"
recipient = "recipient name"
msg_ref="reference" />
<resource_class_list_query ca="ca_name" />
</message>
','
<message version="1">
<header sender="sender name"
recipient = "recipient name"
msg_ref="reference" />
<list_class ca="ca_name"
cert_url="url"
cert_ski="g(ski)"
cert_serial="serial"
cert_aki="g(aki)"
status="keyword" />
<list_class ca="ca_name"
cert_url="url"
cert_ski="g(ski)"
cert_serial="serial"
cert_aki="g(aki)"
status="keyword" />
<!-- [repeated for each active class where the ISP has resources] -->
</message>
','
<message version="1">
<header sender="sender name"
recipient = "recipient name"
msg_ref="reference" />
<issue_request_class ca="ca_name">
[Certificate request]
</issue_request_class>
</message>
','
<message version="1">
<header sender="sender name"
recipient = "recipient name"
msg_ref="reference" />
<certificate ca="ca_name"
cert_url="url"
cert_ski="g(ski)"
cert_serial="serial"
cert_aki="g(aki)">
[certificate]
</certificate>
</message>
','
<message version="1">
<header sender="sender name"
recipient = "recipient name"
msg_ref="reference" />
<revoke_request_class ca="ca_name"
cert_ski="g(ski)" />
</message>
','
<message version="1">
<header sender="sender name"
recipient = "recipient name"
msg_ref="reference" />
<revoke_response_class ca="ca_name"
cert_ski="g(ski)" />
</message>
','
<message version="1">
<header sender="sender name"
recipient = "recipient name"
msg_ref="reference" />
<status code="reason code">
[Readable text]
</status>
</message>
');
for my $xml (@xml) {
print("1: ", $xml, "\n");
print("2: ", Dumper($xs->XMLin($xml)), "\n");
my $cms = encode($xml, "biz-certs/Alice-EE.cer", "biz-certs/Alice-EE.key");
print("3: ", $cms, "\n");
$xml = decode($cms, "biz-certs");
print("4: ", $xml, "\n");
print("5: ", Dumper($xs->XMLin($xml)), "\n");
# my $x = $xs->XMLin($xml);
# my $t = $xs->XMLout($x);
# print("\n###\n", $xml, "\n", Dumper($x), "\n", $t);
}
|
