libsaml 3.8.0 → 3.9.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c8602623fb6ff573229bee77449d7b939bcc867b2862011665cf08876fbca147
4
- data.tar.gz: cd3b05407b74aff98d96f5f912bee1f778c635ad1c0b8d9debac3882d14f86bc
3
+ metadata.gz: 2426d8b0b8d15224e07684bf9137716eefaeacf012f34b96c749bc8a61773efc
4
+ data.tar.gz: 8f3ff2560d4a89cb82c03148fbe6876bddaf29976a2a6932e703aea3c688e834
5
5
  SHA512:
6
- metadata.gz: 004b9e85d04de2d72c7e0436b278c8b2a9b7b60e2a31ff814b1e5af65c00b0fb82ea7dddbaf59cad54f4f3c517542dc9ff981d48b4e50936d57f2c852dc96838
7
- data.tar.gz: aa39e527b34460a27860d017e2a46a2077539f75130318b697fb725a23899f7a79f048cc81599b5ffc575e0b7f30ae1b0491fef85847f1a26d9a5dbd890be5e1
6
+ metadata.gz: 3629c58577294a0c7945a3641161ea4c22edd7f996c74d412812e72ae9990881c1dd1e4344282c98c68f1c6150a41f475bd908e605315d12d2fa055a6e815f4a
7
+ data.tar.gz: 9c5ff0253ccd9d6964acc28e4b4bdb6eff2e2920c7299043dd1ef2b9eb8713018d6d2646c279fb8f334304686f81f442bb0c3a4ed43e1392d93cd614ef7cf943
@@ -15,27 +15,9 @@ module Saml
15
15
  validates :encrypted_data, presence: true
16
16
 
17
17
  def encrypt(attribute, encrypted_key_data, encrypted_data_options = {})
18
- self.encrypted_data = Xmlenc::Builder::EncryptedData.new(encrypted_data_options)
19
- self.encrypted_data.set_encryption_method algorithm: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'
20
- self.encrypted_data.set_key_name key_name
21
-
22
- encrypted_key_data.each do |key_descriptor, key_options|
23
- encrypted_key = self.encrypted_data.encrypt Nokogiri::XML(attribute.to_xml).root.to_xml, key_options
24
- encrypted_key.set_encryption_method algorithm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p', digest_method_algorithm: 'http://www.w3.org/2000/09/xmldsig#sha1'
25
- encrypted_key.set_key_name key_descriptor.key_info.key_name
26
- encrypted_key.carried_key_name = key_name
27
- encrypted_key.encrypt key_descriptor.certificate.public_key
28
-
29
- self.encrypted_keys ||= []
30
- self.encrypted_keys << encrypted_key
31
- end
18
+ Saml::Util.encrypt_element(self, attribute, encrypted_key_data, encrypted_data_options)
32
19
  end
33
20
 
34
- private
35
-
36
- def key_name
37
- @key_name ||= Saml.generate_id
38
- end
39
21
  end
40
22
  end
41
23
  end
@@ -47,7 +47,7 @@ module Saml
47
47
  algorithm: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'
48
48
  )
49
49
 
50
- encrypted_key = self.encrypted_data.encrypt(name_id_xml, key_options)
50
+ encrypted_key = self.encrypted_data.encrypt(Nokogiri::XML(name_id.to_xml).root.to_xml, key_options)
51
51
  encrypted_key.set_encryption_method(
52
52
  algorithm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p',
53
53
  digest_method_algorithm: 'http://www.w3.org/2000/09/xmldsig#sha1'
@@ -60,42 +60,18 @@ module Saml
60
60
  self.name_id = nil
61
61
  end
62
62
 
63
- def encrypt_for_multiple_key_descriptors(key_descriptors, key_options = {})
64
- key_name = key_options[:key_name]
65
- encrypted_keys = []
66
-
67
- self.encrypted_data = Xmlenc::Builder::EncryptedData.new
68
- self.encrypted_data.set_key_name key_name
69
- self.encrypted_data.set_encryption_method(algorithm: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc')
70
-
71
- original_encrypted_key = self.encrypted_data.encrypt(name_id_xml, key_options)
72
-
73
- key_descriptors.each do |key_descriptor|
74
- encrypted_key_options = key_options.merge(
75
- id: "_#{SecureRandom.uuid}",
76
- data: original_encrypted_key.data,
77
- carried_key_name: key_name
78
- )
79
-
80
- encrypted_key = Xmlenc::Builder::EncryptedKey.new(encrypted_key_options)
81
- encrypted_key.add_data_reference(self.encrypted_data.id)
82
- encrypted_key.set_key_name(key_descriptor.key_info.key_name)
83
- encrypted_key.set_encryption_method(
84
- algorithm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p',
85
- digest_method_algorithm: 'http://www.w3.org/2000/09/xmldsig#sha1'
86
- )
87
- encrypted_key.encrypt(key_descriptor.certificate.public_key)
88
-
89
- encrypted_keys << encrypted_key
63
+ def encrypt_for_multiple_key_descriptors(encrypted_key_data, encrypted_data_options = {})
64
+ if encrypted_data_options[:recipient].present? && encrypted_key_data.first.is_a?(Saml::Elements::KeyDescriptor)
65
+ encrypted_key_data.map! do |key_descriptor|
66
+ [ key_descriptor, { recipient: encrypted_data_options[:recipient] } ]
67
+ end
90
68
  end
91
69
 
92
- self.encrypted_keys = encrypted_keys
70
+ Saml::Util.encrypt_element(self, name_id, encrypted_key_data, encrypted_data_options)
71
+
93
72
  self.name_id = nil
94
73
  end
95
74
 
96
- def name_id_xml
97
- Nokogiri::XML(name_id.to_xml).root.to_xml
98
- end
99
75
  end
100
76
  end
101
77
  end
@@ -98,6 +98,32 @@ module Saml
98
98
  Saml::Assertion.parse(encrypted_document.decrypt(private_key), single: true)
99
99
  end
100
100
 
101
+ def encrypt_element(element, target_element, encrypted_key_data, encrypted_data_options)
102
+ key_name = encrypted_data_options.fetch(:key_name, Saml.generate_id)
103
+
104
+ element.encrypted_data = Xmlenc::Builder::EncryptedData.new(encrypted_data_options)
105
+ element.encrypted_data.set_encryption_method(algorithm: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc')
106
+ element.encrypted_data.set_key_name key_name
107
+
108
+ original_encrypted_key = element.encrypted_data.encrypt(Nokogiri::XML(target_element.to_xml).root.to_xml, encrypted_data_options)
109
+
110
+ encrypted_key_data.each do |key_descriptor, key_options = {}|
111
+ encrypted_key_options = key_options.merge(id: Saml.generate_id, data: original_encrypted_key.data)
112
+
113
+ encrypted_key = Xmlenc::Builder::EncryptedKey.new(encrypted_key_options)
114
+ encrypted_key.add_data_reference(element.encrypted_data.id)
115
+ encrypted_key.set_key_name(key_descriptor.key_info.key_name)
116
+ encrypted_key.carried_key_name = key_name
117
+ encrypted_key.set_encryption_method(algorithm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p', digest_method_algorithm: 'http://www.w3.org/2000/09/xmldsig#sha1')
118
+ encrypted_key.encrypt(key_descriptor.certificate.public_key)
119
+
120
+ element.encrypted_keys ||= []
121
+ element.encrypted_keys << encrypted_key
122
+ end
123
+
124
+ element
125
+ end
126
+
101
127
  def encrypt_name_id(name_id, key_descriptor, key_options = {})
102
128
  encrypted_id = Saml::Elements::EncryptedID.new(name_id: name_id)
103
129
  encrypt_encrypted_id(encrypted_id, key_descriptor, key_options)
@@ -1,3 +1,3 @@
1
1
  module Saml
2
- VERSION = '3.8.0'
2
+ VERSION = '3.9.0'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: libsaml
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.8.0
4
+ version: 3.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Benoist Claassen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-04-07 00:00:00.000000000 Z
11
+ date: 2020-04-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport