pki_express 1.0.0

data/lib/pki_express/base_signer.rb

@@ -0,0 +1,55 @@
+module PkiExpress
+
+  class BaseSigner < PkiExpressOperator
+
+    def initialize(config=PkiExpressConfig.new)
+      super(config)
+    end
+
+    def verify_and_add_common_options(args)
+
+      if StandardSignaturePolicies::require_timestamp(@signature_policy) and
+          @timestamp_authority.nil?
+        raise 'The provided policy requires a timestamp authority and none was provided.'
+      end
+
+      # Set the signature policy.
+      unless @signature_policy.nil?
+        args << '--policy'
+        args << @signature_policy
+
+        # This operation evolved after version 1.5 to other signature policies.
+        if @signature_policy != StandardSignaturePolicies::XML_DSIG_BASIC and @signature_policy != StandardSignaturePolicies::NFE_PADRAO_NACIONAL
+          # This operation evolved after version 1.5 to other signature
+          # policies.
+          @version_manager.require_version('1.5')
+        end
+
+        if @signature_policy == StandardSignaturePolicies::COD_WITH_SHA1 or @signature_policy == StandardSignaturePolicies::COD_WITH_SHA256
+          # These policies can only be used on version greater than 1.6 of
+          # PKI Express.
+          @version_manager.require_version('1.6')
+        end
+
+        if @signature_policy == StandardSignaturePolicies::PKI_BRAZIL_PADES_ADR_BASICA or @signature_policy == StandardSignaturePolicies::PKI_BRAZIL_PADES_ADR_BASICA_WITH_LTV or @signature_policy == StandardSignaturePolicies::PKI_BRAZIL_PADES_ADR_TEMPO
+          # These policies can only be used on version greater than 1.12 of
+          # PKI Express.
+          @version_manager.require_version('1.12')
+        end
+      end
+
+      # Add timestamp authority.
+      if @timestamp_authority
+        tsp_args = @timestamp_authority.get_cmd_arguments
+        args.append(*tsp_args)
+
+
+        # This option can only be used on version greater than 1.5 of the
+        # PKI Express.
+        @version_manager.require_version('1.5')
+      end
+    end
+    protected :verify_and_add_common_options
+  end
+
+end

data/lib/pki_express/cades_signature_starter.rb

@@ -0,0 +1,242 @@
+module PkiExpress
+
+  class CadesSignatureStarter < SignatureStarter
+
+    attr_accessor :encapsulated_content
+
+    def initialize(config=PkiExpressConfig.new)
+      super(config)
+      @file_to_sign_path = nil
+      @data_file_path = nil
+      @encapsulated_content = true
+    end
+
+    # region The "file_to_sign" accessors
+
+    def file_to_sign
+      _get_file_to_sign
+    end
+
+    def _get_file_to_sign
+      unless @file_to_sign_path
+        return nil
+      end
+
+      File.read(@file_to_sign_path)
+    end
+    private :_get_file_to_sign
+
+    def file_to_sign=(content_raw)
+      _set_file_to_sign(content_raw)
+    end
+
+    def _set_file_to_sign(content_raw)
+      unless content_raw
+        raise 'The provided "file_to_sign" is not valid'
+      end
+
+      temp_file_path = self.create_temp_file
+      File.open(temp_file_path, 'wb') do |f|
+        f.write(content_raw)
+      end
+      @file_to_sign_path = temp_file_path
+    end
+    private :_set_file_to_sign
+
+    def file_to_sign_base64
+      _get_file_to_sign_base64
+    end
+
+    def _get_file_to_sign_base64
+      unless @file_to_sign_path
+        return nil
+      end
+
+      content = File.read(@file_to_sign_path)
+      Base64.encode64(content)
+    end
+    private :_get_file_to_sign_base64
+
+    def file_to_sign_base64=(content_base64)
+      _set_file_to_sign_base64(content_base64)
+    end
+
+    def _set_file_to_sign_base64(content_base64)
+      unless content_base64
+        raise 'The provided "file_to_sign_base64" is not valid'
+      end
+
+      begin
+        content_raw = Base64.decode64(content_base64)
+      rescue Error
+        raise 'The provided "file_to_sign_base64" is not Base64-encoded'
+      end
+
+      _set_file_to_sign(content_raw)
+    end
+    private :_set_file_to_sign_base64
+
+    def file_to_sign_path
+      _get_file_to_sign_path
+    end
+
+    def _get_file_to_sign_path
+      @file_to_sign_path
+    end
+    private :_get_file_to_sign_path
+
+    def file_to_sign_path=(path)
+      _set_file_to_sign_path(path)
+    end
+
+    def _set_file_to_sign_path(path)
+      unless path
+        raise 'The provided "file_to_sign_path" is not valid'
+      end
+      unless File.exists?(path)
+        raise 'The provided "file_to_sign_path" does not exist'
+      end
+
+      @file_to_sign_path = path
+    end
+    private :_set_file_to_sign_path
+
+    # endregion
+
+    # region The "data_file" accessors
+
+    def data_file
+      _get_data_file
+    end
+
+    def _get_data_file
+      unless @data_file_path
+        return nil
+      end
+
+      File.read(@data_file_path)
+    end
+    private :_get_data_file
+
+    def data_file=(content_raw)
+      _set_data_file(content_raw)
+    end
+
+    def _set_data_file(content_raw)
+      unless content_raw
+        raise 'The provided "data_file" is not valid'
+      end
+
+      temp_file_path = self.create_temp_file
+      File.open(temp_file_path, 'wb') do |f|
+        f.write(content_raw)
+      end
+      @data_file_path = temp_file_path
+    end
+    private :_set_data_file
+
+    def data_file_base64
+      _get_data_file_base64
+    end
+
+    def _get_data_file_base64
+      unless @data_file_path
+        return nil
+      end
+
+      content = File.read(@data_file_path)
+      Base64.encode64(content)
+    end
+    private :_get_data_file_base64
+
+    def data_file_base64=(content_base64)
+      _set_data_file_base64(content_base64)
+    end
+
+    def _set_data_file_base64(content_base64)
+      unless content_base64
+        raise 'The provided "data_file_base64" is not valid'
+      end
+
+      begin
+        content_raw = Base64.decode64(content_base64)
+      rescue Error
+        raise 'The provided "data_file_base64" is not Base64-encoded'
+      end
+
+      _set_data_file(content_raw)
+    end
+    private :_set_data_file_base64
+
+    def data_file_path
+      _get_data_file_path
+    end
+
+    def _get_data_file_path
+      @data_file_path
+    end
+    private :_get_data_file_path
+
+    def data_file_path=(path)
+      _set_data_file_path(path)
+    end
+
+    def _set_data_file_path(path)
+      unless path
+        raise 'The provided "data_file_path" is not valid'
+      end
+      unless File.exists?(path)
+        raise 'The provided "data_file_path" does not exist'
+      end
+
+      @data_file_path = path
+    end
+    private :_set_data_file_path
+
+    # endregion
+
+    def start
+
+      unless @file_to_sign_path
+        raise 'The file to be signed was not set'
+      end
+
+      unless @certificate_path
+        raise 'The certificate was not set'
+      end
+
+      # Generate transfer file.
+      transfer_file_id = get_transfer_filename
+
+      args = [
+          @file_to_sign_path,
+          @certificate_path,
+          File.expand_path(transfer_file_id, @config.transfer_data_folder),
+      ]
+
+      # Verify and add common options between signers.
+      verify_and_add_common_options(args)
+
+      if @data_file_path
+        args.append('--data-file')
+        args.append(@data_file_path)
+      end
+
+      unless @encapsulated_content
+        args.append('--detached')
+      end
+
+      # This operation can only be used on version greater than 1.3 of the
+      # PKI Express.
+      @version_manager.require_version('1.3')
+
+      # Invoke command.
+      result = invoke(Commands::START_CADES, args)
+
+      # Parse output and return model.
+      model = parse_output(result)
+      SignatureStartResult.new(model, transfer_file_id)
+    end
+  end
+
+end

data/lib/pki_express/command_error.rb

@@ -0,0 +1,14 @@
+module PkiExpress
+  class CommandError < StandardError
+    attr_accessor :name, :code, :inner_error
+
+    def initialize(code, msg, inner_error=nil)
+      super(msg)
+
+      @name = self.class.name
+      @code = code
+      @inner_error = inner_error
+    end
+
+  end
+end

data/lib/pki_express/commands.rb

@@ -0,0 +1,21 @@
+module PkiExpress
+  class Commands
+    SIGN_CADES = 'sign-cades',
+    SIGN_PADES = 'sign-pades',
+    SIGN_XML = 'sign-xml',
+    START_CADES = 'start-cades',
+    START_PADES = 'start-pades',
+    START_XML = 'start-xml',
+    COMPLETE_SIG = 'complete-sig',
+    OPEN_PADES = 'open-pades',
+    OPEN_CADES = 'open-cades',
+    EDIT_PDF = 'edit-pdf',
+    MERGE_CMS = 'merge-cms',
+    START_AUTH = 'start-auth',
+    COMPLETE_AUTH = 'complete-auth',
+    STAMP_PDF = 'stamp-pdf',
+    READ_CERT = 'read-cert',
+    GEN_KEY = 'gen-key',
+    CREATE_PFX = 'create-pfx'
+  end
+end

data/lib/pki_express/enum.rb

@@ -0,0 +1,9 @@
+module PkiExpress
+  class Enum
+    VALUES = []
+
+    def self.contains?(value)
+      VALUES.include? (value)
+    end
+  end
+end

data/lib/pki_express/error_codes.rb

@@ -0,0 +1,46 @@
+module PkiExpress
+  class ErrorCodes
+    OK = 0,
+    BAD_SYNTAX = 1,
+    UNKNOWN_ERROR = 2,
+    FILE_NOT_FOUND = 3,
+    BAD_CERTIFICATE = 4,
+    BAD_THUMBPRINT = 5,
+    BAD_HASH = 6,
+    BAD_DATA = 7,
+    BAD_SIGNATURE = 8,
+    BAD_ALGORITHM = 9,
+    BAD_POLICY = 10,
+    BAD_VISUAL_REP = 11,
+    UNDEFINED_FILE_REFERENCE = 12,
+    CERT_NOT_FOUND = 13,
+    VALIDATION_FAILED = 14,
+    IO_ERROR = 15,
+    NO_CERTS_WITH_KEY = 16,
+    NOT_ACTIVATED = 17,
+    ACTIVATION_ERROR = 18,
+    BAD_LICENSE = 19,
+    LICENSE_NEEDED = 20,
+    INVALID_LICENSE = 21,
+    ACCESS_DENIED = 22,
+    CERT_THUMB_NEEDED = 23,
+    BAD_PDF_CHANGES = 24,
+    UPDATE_NEEDED = 25,
+    DATA_FILE_NEEDED = 26,
+    NO_ENCAPSULATED_CONTENT = 27,
+    NONCE_NOT_FOUND = 28,
+    DIRECTORY_NOT_FOUND = 29,
+    TIMESTAMP_AUTHORITY_NOT_AVAILABLE = 30,
+    POLICY_REQUIRES_NETWORK = 31,
+    TIMESTAMP_OPTIONS_REQUIRED = 32,
+    CULTURE_NOT_FOUND = 33,
+    TIME_ZONE_NOT_FOUND = 34,
+    INVALID_UTC_OFFSET = 35,
+    KEY_SIZE_NOT_SUPPORTED = 36,
+    BAD_KEY_FORMAT = 37,
+    BAD_KEY = 38,
+    INVALID_TIMEOUT_VALUE = 39,
+
+    COMMAND_NOT_FOUND = 127
+  end
+end

data/lib/pki_express/installation_not_found_error.rb

@@ -0,0 +1,8 @@
+module PkiExpress
+  class InstallationNotFoundError < CommandError
+
+    def initialize(message, inner_error=nil)
+      super(ErrorCodes::COMMAND_NOT_FOUND, message, inner_error)
+    end
+  end
+end

data/lib/pki_express/name.rb

@@ -0,0 +1,48 @@
+module PkiExpress
+
+  class Name
+
+    attr_accessor :country, :organization, :organization_unit, :dn_qualifier,
+                  :state_name, :common_name, :serial_number, :locality, :title,
+                  :surname, :given_name, :initials, :pseudonym,
+                  :generation_qualifier, :email_address
+
+    def initialize(model)
+      @country = nil
+      @organization = nil
+      @organization_unit = nil
+      @dn_qualifier = nil
+      @state_name = nil
+      @common_name = nil
+      @serial_number = nil
+      @locality = nil
+      @title = nil
+      @surname = nil
+      @given_name = nil
+      @initials = nil
+      @pseudonym = nil
+      @generation_qualifier = nil
+      @email_address = nil
+
+
+      if model
+        @country = model.fetch(:country)
+        @organization = model.fetch(:organization)
+        @organization_unit = model.fetch(:organizationUnit)
+        @dn_qualifier = model.fetch(:dnQualifier)
+        @state_name = model.fetch(:stateName)
+        @common_name = model.fetch(:commonName)
+        @serial_number = model.fetch(:serialNumber)
+        @locality = model.fetch(:locality)
+        @title = model.fetch(:title)
+        @surname = model.fetch(:surname)
+        @given_name = model.fetch(:givenName)
+        @initials = model.fetch(:initials)
+        @pseudonym = model.fetch(:pseudonym)
+        @generation_qualifier = model.fetch(:generationQualifier)
+        @email_address = model.fetch(:emailAddress)
+      end
+    end
+  end
+
+end