adding the first js xmldsig verifier code that actually works for demo purpose - more work needs to be done to bridge it to production use

Weiwu Zhang · Weiwu Zhang · commit 6a11ca47a5cf · 2021-04-07T18:11:00.000+10:00
diff --git a/xmldsig/js/README.md b/xmldsig/js/README.md
@@ -0,0 +1,5 @@
+Demonstrating verifying XML Digital Signature (xmldsig)
+====
+
+xmldsig is used to sign every TokenScript file. This directory contains a
+demonstration of how to verify xmldsig with JavaScript code.
diff --git a/xmldsig/js/package.json b/xmldsig/js/package.json
@@ -1,17 +1,9 @@
 {
-  "name": "tokenscript",
-  "version": "1.0.0",
-  "description": "",
-  "main": "index.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+  "engines": {
+    "node": ">=0.15"
   },
-  "keywords": [],
-  "author": "",
-  "license": "ISC",
+  "engineStric": true,
   "dependencies": {
-    "webcrypto": "",
-    "node-webcrypto-ossl": "",
-    "xmldsigjs": "^2.0.27"
+    "xmldsigjs": "^2.1.3"
   }
 }
diff --git a/xmldsig/js/xmldom.patch b/xmldsig/js/xmldom.patch
@@ -0,0 +1,42 @@
+diff -ru node_modules/xmldom.old/lib/dom.js node_modules/xmldom/lib/dom.js
+--- node_modules/xmldom.old/lib/dom.js	1985-10-26 18:15:00.000000000 +1000
++++ node_modules/xmldom/lib/dom.js	2021-04-07 17:52:51.494473360 +1000
+@@ -23,7 +23,7 @@
+ 		pt.constructor = Class
+ 	}
+ }
+-var htmlns = 'http://www.w3.org/1999/xhtml' ;
++var htmlns = 'http://www.w3.org/1999/html' ;
+ // Node Types
+ var NodeType = {}
+ var ELEMENT_NODE                = NodeType.ELEMENT_NODE                = 1;
+diff -ru node_modules/xmldom.old/lib/sax.js node_modules/xmldom/lib/sax.js
+--- node_modules/xmldom.old/lib/sax.js	1985-10-26 18:15:00.000000000 +1000
++++ node_modules/xmldom/lib/sax.js	2021-04-07 17:53:56.875198887 +1000
+@@ -195,7 +195,7 @@
+ 				
+ 				
+ 				
+-				if(el.uri === 'http://www.w3.org/1999/xhtml' && !el.closed){
++				if(el.uri === 'http://www.w3.org/1999/html' && !el.closed){
+ 					end = parseHtmlSpecialContent(source,end,el.tagName,entityReplacer,domBuilder)
+ 				}else{
+ 					end++;
+@@ -333,7 +333,7 @@
+ 					errorHandler.warning('attribute "'+value+'" missed quot(")!');
+ 					addAttribute(attrName, value.replace(/&#?\w+;/g,entityReplacer), start)
+ 				}else{
+-					if(currentNSMap[''] !== 'http://www.w3.org/1999/xhtml' || !value.match(/^(?:disabled|checked|selected)$/i)){
++					if(currentNSMap[''] !== 'http://www.w3.org/1999/html' || !value.match(/^(?:disabled|checked|selected)$/i)){
+ 						errorHandler.warning('attribute "'+value+'" missed value!! "'+value+'" instead!!')
+ 					}
+ 					addAttribute(value, value, start)
+@@ -381,7 +381,7 @@
+ 				//case S_ATTR_NOQUOT_VALUE:void();break;
+ 				case S_ATTR_SPACE:
+ 					var tagName =  el.tagName;
+-					if(currentNSMap[''] !== 'http://www.w3.org/1999/xhtml' || !attrName.match(/^(?:disabled|checked|selected)$/i)){
++					if(currentNSMap[''] !== 'http://www.w3.org/1999/html' || !attrName.match(/^(?:disabled|checked|selected)$/i)){
+ 						errorHandler.warning('attribute "'+attrName+'" missed value!! "'+attrName+'" instead2!!')
+ 					}
+ 					addAttribute(attrName, attrName, start);
diff --git a/xmldsig/js/xmldsigverifier.js b/xmldsig/js/xmldsigverifier.js
@@ -1,15 +1,16 @@
 "use strict";
 
-var WebCrypto = require("node-webcrypto-ossl");
-var crypto = new WebCrypto.Crypto();
-
-var args = process.argv.slice(2);
+const crypto = require('crypto').webcrypto;
 
 const XmlDSigJs = require("xmldsigjs");
 const fs = require('fs');
 
 XmlDSigJs.Application.setEngine("WebCrypto", crypto);
 
+if (process.argv.length == 2) {
+	console.log("xmldsigverifier demonstration script. Need parameters - xml files with enveloped signatures")
+}
+
 for (var i=2; i<process.argv.length; i++) {
     verify(process.argv[i]);
 }
@@ -30,7 +31,8 @@ function verify(xml_file) {
             }
         })
         .catch(e => {
-            console.log("[FAILED] " + xml_file);
-            //console.log(e)
+            console.log("[ERROR ] " + xml_file);
+            console.log(e)
         });
 }
+
