firma 0.0.1

data/LICENSE.md

@@ -0,0 +1,20 @@
+Copyright (c) 2012 Bruno Aguirre
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,38 @@
+# Firma
+![](http://www.duhaime.org/Portals/duhaime/images/Copperman-signature.jpg)
+
+Add a secure signature to a pdf file.
+
+## Check if a pdf it's signed
+
+```ruby
+  require "firma"
+
+  Firma.is_signed?("my_file.pdf")
+```
+
+## Sign a pdf file
+
+```ruby
+  require "firma"
+
+  Firma.sign("my_file.pdf",
+    key: "key.pem",
+    passphrase: "passphrase",
+    certificate: "key.crt"
+  )
+```
+
+## Sign a pdf file with newly generated certificates
+
+```ruby
+  require "firma"
+
+  keys = Firma.generate_keys("passphrase")
+
+  Firma.sign("my_file.pdf",
+    key: keys.fetch(:key).path,
+    passphrase: "passphrase",
+    certificate: keys.fetch(:certificate)
+  )
+```

data/Rakefile

@@ -0,0 +1,8 @@
+require 'rake/testtask'
+
+Rake::TestTask.new("spec") do |t|
+  t.pattern = "test/**/*_test.rb"
+end
+
+task :default => [:test]
+task :test => [:spec]

data/firma.gemspec

@@ -0,0 +1,15 @@
+Gem::Specification.new do |s|
+  s.name              = "firma"
+  s.version           = "0.0.1"
+  s.summary           = "Sign PDF documents the easy way"
+  s.description       = "Sign PDF documents"
+  s.authors           = ["elcuervo"]
+  s.email             = ["yo@brunoaguirre.com"]
+  s.homepage          = "http://github.com/elcuervo/subskribas"
+  s.files             = `git ls-files`.split("\n")
+  s.test_files        = `git ls-files test`.split("\n")
+
+  s.add_dependency("origami", "~> 1.2.4")
+
+  s.add_development_dependency("minitest", "~> 3.5.0")
+end

data/lib/firma.rb

@@ -0,0 +1,80 @@
+require "openssl"
+require "tmpdir"
+require "origami"
+
+class Firma < Struct.new(:file)
+  def sign(options)
+    key = OpenSSL::PKey::RSA.new(
+      File.open(options.fetch(:key)),
+      options.fetch(:passphrase)
+    )
+
+    certificate = OpenSSL::X509::Certificate.new(
+      File.open(options.fetch(:certificate))
+    )
+
+    pdf = Origami::PDF.read(file)
+
+    pdf.sign(certificate, key)
+    pdf.save(file)
+  end
+
+  def is_signed?
+    Origami::PDF.read(file).is_signed?
+  end
+
+  class << self
+    def is_signed?(file)
+      new(file).is_signed?
+    end
+
+    def sign(file, options = {})
+      new(file).sign(options)
+    end
+
+    def create_certificate_from_key(key)
+      name = "CN=ruby/DC=subskribas"
+      certificate = OpenSSL::X509::Certificate.new
+
+      certificate.version     = 2
+      certificate.serial      = 0
+      certificate.not_before  = Time.now
+      certificate.not_after   = Time.now + 3600
+      certificate.public_key  = key.public_key
+      certificate.subject     = OpenSSL::X509::Name.parse(name)
+
+      create_temp_file(["certificate", ".crt"], certificate.to_pem)
+    end
+
+    def generate_keys(passphrase)
+      rsa_key = OpenSSL::PKey::RSA.new(2048)
+
+      key = create_temp_file(["key", ".pem"], rsa_key.to_pem)
+
+      public_key = create_temp_file(
+        ["public_key", ".pem"],
+        rsa_key.public_key.to_pem
+      )
+
+      cipher = OpenSSL::Cipher::Cipher.new("AES-128-CBC")
+      secure_key = rsa_key.export(cipher, passphrase)
+
+      private_key = create_temp_file(["private_key", ".pem"], secure_key)
+
+      {
+        key:          key,
+        public_key:   public_key,
+        private_key:  private_key,
+        certificate:  create_certificate_from_key(rsa_key)
+      }
+    end
+
+    def create_temp_file(name, content)
+      filename, extension = name
+      random = (0...8).map{65.+(rand(25)).chr}.join
+      temp_name = "#{Dir.tmpdir}/#{filename + random + extension}"
+
+      File.open(temp_name, "w") { |io| io << content }
+    end
+  end
+end

data/test/firma_test.rb

@@ -0,0 +1,38 @@
+require_relative "test_helper"
+
+describe Firma do
+  before do
+    @pdf_file = sample_pdf_file
+  end
+
+  it "should validate if a pdf is signed" do
+    assert !Firma.is_signed?(@pdf_file)
+    assert Firma.is_signed?(sample_signed_pdf_file)
+  end
+
+  it "should sign a pdf file with a given keys" do
+    assert !Firma.is_signed?(@pdf_file)
+
+    Firma.sign(@pdf_file,
+      key: sample_key,
+      passphrase: "passphrase",
+      certificate: sample_certificate
+    )
+
+    assert Firma.is_signed?(@pdf_file)
+  end
+
+  it "should sign a pdf with a generated keys" do
+    assert !Firma.is_signed?(@pdf_file)
+
+    keys = Firma.generate_keys("passphrase")
+
+    Firma.sign(@pdf_file,
+      key: keys.fetch(:key).path,
+      passphrase: "passphrase",
+      certificate: keys.fetch(:certificate)
+    )
+
+    assert Firma.is_signed?(@pdf_file)
+  end
+end

data/test/fixtures/sample.crt

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICATCCAWoCCQDk30F2t8GBBTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB
+VTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0
+cyBQdHkgTHRkMB4XDTEyMTAwMjAxMzEzN1oXDTEzMTAwMjAxMzEzN1owRTELMAkG
+A1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0
+IFdpZGdpdHMgUHR5IEx0ZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwtBT
+PNEg8XLuw2+PqSzVO79HTADFDhc+nKbwaOk7bInxLBGN2Jz2Sgpa2eytNuyAy+8U
+BZ2YCLOyBV62JbfXSWJUexR9x4CH3WNdmKtgX+IxccPMk84Ujy9el5XXWAHfPaOJ
+tSL/IDCaJNeooa6UM69Dpe7DKhrT9ZeVPebQcn8CAwEAATANBgkqhkiG9w0BAQUF
+AAOBgQAzYa+7KxK8nYPI6PXN+gjuBTqYW8TQerNMehbz9f4+qLPRSfI5zq2zCatx
+kbAPgxZdFja2hqXAQ1zMLNv9odb8B3JARPK8EFOC2mJAs4l6XQPq2MUV0jn36I2V
+B9mPkHpgsjVrMqltgcSwRcQn/m1MBYn2wMb6HaqOJ11o7VFdzw==
+-----END CERTIFICATE-----

data/test/fixtures/sample.csr

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBhDCB7gIBADBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEh
+MB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDC0FM80SDxcu7Db4+pLNU7v0dMAMUOFz6cpvBo6TtsifEs
+EY3YnPZKClrZ7K027IDL7xQFnZgIs7IFXrYlt9dJYlR7FH3HgIfdY12Yq2Bf4jFx
+w8yTzhSPL16XlddYAd89o4m1Iv8gMJok16ihrpQzr0Ol7sMqGtP1l5U95tByfwID
+AQABoAAwDQYJKoZIhvcNAQEFBQADgYEAuDxHCppoAdb8ftye7xLy0bEBt/RKxxs2
+tVzEk7mrS7k1HaHMIC+fKbBug13zzaGC4qbXhr2hSdPjPqWieQMPE+PyIYJtAHlG
+b/jXJiwJqXdozevmCE/1WU3IM14koQyjaEf+deq4Ej9wx90ZPmIQXcGBB+kWv1FA
+6jLZRhnURfo=
+-----END CERTIFICATE REQUEST-----

data/test/fixtures/sample.key

@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,F1A77E40ED97682B
+
+JP5nqe5fUf1sgKpGVsGbls6y5z812L+eLo2XtoddA1pM08zYIfwM71Dfe//8pJcn
+S7uopiNgk5QgD4x0/F/0BLXK+EpXO8PIkSv2XK8vCUz8cgHedNL1HGDy9kCfrTDO
+Y2i0YwAHcqz58fMCmwl16p9Zsrp3NOkvqozS3fs0o32w8M4Re5B3SaFfBYvBEGsF
+42bBKcsjPL4x8+HSd/iCnQUsagqJRcxnRUM6huXiE1Cm4pwpEqnSR1A84mu1DQy4
+pjh3PUphmidYzsBCdLKNCuSk+HSYUVbCQfiY9j/lYu8DiPhRT9ihHlcUcm3z9fTo
+kTbTm3TAq04lpDfLKQM6N1kjgx3snbgKWPtXHYO25aOGFCLnYctUqd2q6Or2c/a+
+WEWbIZJvM2dm6dvFPknCQDLb63t4NdLolP3lKjy1shkPEAXpxUlCWfZ52ekNj3ve
+jPvoFVMRkpKuHM5NzgRVf7Y0O8e6yQX6pdq+xvKrFs1mNd9XokSKsUpUlDvvgJk/
+nTz60aOvIINZIkeBltqQqPY5r5wBe0ZzLoqfiNca84ZGHnoiVLtHJ9S/5ULjdfxX
+6lMIvA9Eu+zF4U8VxJ6Y99dZDISop9M9o5gzyXbW4vrKWqThjJAL1OHUz4Y/CEH0
+USjDNNBMAC66tmczKXhR5+Aa21B3phldDiXJWOYyKmNzx1zxq+E8GloxbdPZGLKW
+K0HBlR2GUVtn1vmgENQjz+XhcJH3OcQPiFU66pDNJ285W+0tBMazP0BGs3+65cdq
+g75tF0TWfMG4NfdGm/XSFFGHZ4X0FhU3BrxzDC+sGQsMMyy2igqv8g==
+-----END RSA PRIVATE KEY-----

data/test/test_helper.rb

@@ -0,0 +1,25 @@
+$: << File.expand_path(File.dirname(__FILE__), "../lib")
+
+require "minitest/autorun"
+require "minitest/pride"
+require "tempfile"
+require "firma"
+
+def sample_pdf_file
+  sample_path = "test/fixtures/sample_pdf.pdf"
+  file = Tempfile.new(["tempfile", ".pdf"]) << File.open(sample_path).read
+
+  file.path
+end
+
+def sample_signed_pdf_file
+  "test/fixtures/signed_pdf.pdf"
+end
+
+def sample_key
+  "test/fixtures/sample.key"
+end
+
+def sample_certificate
+  "test/fixtures/sample.crt"
+end

metadata

@@ -0,0 +1,96 @@
+--- !ruby/object:Gem::Specification
+name: firma
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- elcuervo
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-10-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: origami
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.2.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.2.4
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.5.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.5.0
+description: Sign PDF documents
+email:
+- yo@brunoaguirre.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE.md
+- README.md
+- Rakefile
+- firma.gemspec
+- lib/firma.rb
+- test/firma_test.rb
+- test/fixtures/sample.crt
+- test/fixtures/sample.csr
+- test/fixtures/sample.key
+- test/fixtures/sample_pdf.pdf
+- test/fixtures/signed_pdf.pdf
+- test/test_helper.rb
+homepage: http://github.com/elcuervo/subskribas
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.23
+signing_key: 
+specification_version: 3
+summary: Sign PDF documents the easy way
+test_files:
+- test/firma_test.rb
+- test/fixtures/sample.crt
+- test/fixtures/sample.csr
+- test/fixtures/sample.key
+- test/fixtures/sample_pdf.pdf
+- test/fixtures/signed_pdf.pdf
+- test/test_helper.rb