pki_express 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -76,7 +76,7 @@ module PkiExpress
76
76
  # Add file references if added.
77
77
  unless @file_references.nil?
78
78
  @file_references.each do |key, value|
79
- cmd_args.append('--file_reference')
79
+ cmd_args.append('--file-reference')
80
80
  cmd_args.append("#{key}=#{value}")
81
81
  end
82
82
  end
@@ -1,6 +1,6 @@
1
1
  module PkiExpress
2
2
  class SignatureFinisher < PkiExpressOperator
3
- attr_accessor :output_file_path, :transfer_file_id
3
+ attr_reader :transfer_file_id, :output_file_path
4
4
 
5
5
  def initialize(config=PkiExpressConfig.new)
6
6
  super(config)
@@ -251,6 +251,23 @@ module PkiExpress
251
251
 
252
252
  # endregion
253
253
 
254
+ def transfer_file_id=(value)
255
+ unless value
256
+ raise 'The provided "transfer_file_id" is not valid'
257
+ end
258
+ unless File.exist?(File.expand_path(value, @config.transfer_data_folder))
259
+ raise 'The provided "transfer_file_id" does not exist'
260
+ end
261
+ @transfer_file_id = value
262
+ end
263
+
264
+ def output_file_path=(value)
265
+ unless value
266
+ raise 'The provided "output_file_path" is not valid'
267
+ end
268
+ @output_file_path = value
269
+ end
270
+
254
271
  def complete(get_cert=true)
255
272
  unless @file_to_sign_path
256
273
  raise 'The file to be signed was not set'
@@ -70,6 +70,7 @@ module PkiExpress
70
70
 
71
71
  _set_certificate(content_raw)
72
72
  end
73
+ private :_set_certificate_base64
73
74
 
74
75
  def certificate_path
75
76
  _get_certificate_path
@@ -99,7 +100,7 @@ module PkiExpress
99
100
  # endregion
100
101
 
101
102
  def self.get_result(response, transfer_file)
102
- return {
103
+ {
103
104
  toSignHash: response[0],
104
105
  digestAlgorithmName: response[1],
105
106
  digestAlgorithmOid: response[2],
@@ -2,7 +2,7 @@ module PkiExpress
2
2
 
3
3
  class Signer < BaseSigner
4
4
 
5
- attr_accessor :output_file_path, :cert_thumb, :cert_password
5
+ attr_accessor :output_file_path, :cert_thumb, :cert_password, :trust_service_session
6
6
 
7
7
  def initialize(config=PkiExpressConfig.new)
8
8
  super(config)
@@ -10,6 +10,8 @@ module PkiExpress
10
10
  @pkcs12_path = nil
11
11
  @cert_thumb = nil
12
12
  @cert_password = nil
13
+ @use_machine = false
14
+ @trust_service_session = nil
13
15
  end
14
16
 
15
17
  # region The "pkcs12" accessors
@@ -58,19 +60,19 @@ module PkiExpress
58
60
  end
59
61
  private :_get_pkcs12_base64
60
62
 
61
- def pkcs12_base64=(content_base64)
62
- _set_pkcs12_base64(content_base64)
63
+ def pkcs12_base64=(pkcs12_base64)
64
+ _set_pkcs12_base64(pkcs12_base64)
63
65
  end
64
66
 
65
- def _set_pkcs12_base64(content_base64)
66
- unless content_base64
67
- raise 'The provided "content_base64" is not valid'
67
+ def _set_pkcs12_base64(pkcs12_base64)
68
+ unless pkcs12_base64
69
+ raise 'The provided "pkcs12_base64" is not valid'
68
70
  end
69
71
 
70
72
  begin
71
- content_raw = Base64.decode64(content_base64)
73
+ content_raw = Base64.decode64(pkcs12_base64)
72
74
  rescue Error
73
- raise 'The provided "content_base64" is not Base64-encoded'
75
+ raise 'The provided "pkcs12_base64" is not Base64-encoded'
74
76
  end
75
77
 
76
78
  _set_pkcs12(content_raw)
@@ -78,29 +80,72 @@ module PkiExpress
78
80
  private :_set_pkcs12_base64
79
81
 
80
82
  def pkcs12_path
83
+ _get_pkcs12_path
84
+ end
85
+
86
+ def _get_pkcs12_path
81
87
  @pkcs12_path
82
88
  end
89
+ private :_get_pkcs12_path
90
+
91
+ def pkcs12_path=(pkcs12_path)
92
+ _set_pkcs12_path(pkcs12_path)
93
+ end
83
94
 
84
- def pkcs12_path=(path)
85
- unless path
86
- raise 'The provided "content_path" is not valid'
95
+ def _set_pkcs12_path(pkcs12_path)
96
+ unless pkcs12_path
97
+ raise 'The provided "pkcs12_path" is not valid'
87
98
  end
88
- unless File.exists?(path)
89
- raise 'The provided "content_path" does not exist'
99
+ unless File.exists?(pkcs12_path)
100
+ raise 'The provided "pkcs12_path" does not exist'
90
101
  end
91
102
 
92
- @pkcs12_path = path
103
+ @pkcs12_path = pkcs12_path
93
104
  end
105
+ private :_set_pkcs12_path
94
106
 
95
107
  # endregion
96
108
 
97
- protected
98
109
  def verify_and_add_common_options(args)
99
110
  # Verify and add common option between signers and signature starters.
100
111
  super(args)
101
112
 
102
-
113
+ if !@cert_thumb && !@pkcs12_path && !@trust_service_session
114
+ raise 'Neither the PKCS #12 file, the certificate\'s thumbprint nor the trust service session was provided'
115
+ end
116
+
117
+ if @cert_thumb
118
+ args.append('--thumbprint')
119
+ args.append(@cert_thumb)
120
+ @version_manager.require_version('1.3')
121
+ end
122
+
123
+ if @pkcs12_path
124
+ args.append('--pkcs12')
125
+ args.append(@pkcs12_path)
126
+ @version_manager.require_version('1.3')
127
+ end
128
+
129
+ if @cert_password
130
+ args.append('--password')
131
+ args.append(@cert_password)
132
+ @version_manager.require_version('1.3')
133
+ end
134
+
135
+ if @use_machine
136
+ args.append('--machine')
137
+ @version_manager.require_version('1.3')
138
+ end
139
+
140
+ if @trust_service_session
141
+ args.append('--trust-service-session')
142
+ args.append(@trust_service_session)
143
+ # This option can only be used on versions greater than 1.18 of
144
+ # the PKI Express.
145
+ @version_manager.require_version('1.18')
146
+ end
103
147
  end
148
+ protected :verify_and_add_common_options
104
149
  end
105
150
 
106
151
  end
@@ -1,6 +1,6 @@
1
1
  module PkiExpress
2
2
 
3
- class StandardSignaturePolicies
3
+ class StandardSignaturePolicies < Enum
4
4
  PKI_BRAZIL_CADES_ADR_BASICA = 'adrb'
5
5
  PKI_BRAZIL_CADES_ADR_BASICA_WITH_REVOCATION_VALUE = 'adrb-rv'
6
6
  PKI_BRAZIL_CADES_ADR_TEMPO = 'adrt'
@@ -24,6 +24,29 @@ module PkiExpress
24
24
  COD_WITH_SHA1 = 'cod-sha1'
25
25
  COD_WITH_SHA256 = 'cod-sha256'
26
26
 
27
+ VALUES = [
28
+ PKI_BRAZIL_CADES_ADR_BASICA,
29
+ PKI_BRAZIL_CADES_ADR_BASICA_WITH_REVOCATION_VALUE,
30
+ PKI_BRAZIL_CADES_ADR_TEMPO,
31
+ PKI_BRAZIL_CADES_ADR_COMPLETA,
32
+ CADES_BES,
33
+ CADES_BES_WITH_REVOCATION_VALUES,
34
+ CADES_T,
35
+ PADES_BASIC,
36
+ PADES_BASIC_WITH_LTV,
37
+ PADES_T,
38
+ PKI_BRAZIL_PADES_ADR_BASICA,
39
+ PKI_BRAZIL_PADES_ADR_BASICA_WITH_LTV,
40
+ PKI_BRAZIL_PADES_ADR_TEMPO,
41
+ NFE_PADRAO_NACIONAL,
42
+ XADES_BES,
43
+ XML_DSIG_BASIC,
44
+ PKI_BRAZIL_XML_ADR_BASIC,
45
+ PKI_BRAZIL_XML_ADR_TEMPO,
46
+ COD_WITH_SHA1,
47
+ COD_WITH_SHA256
48
+ ]
49
+
27
50
  def self.require_timestamp(policy)
28
51
  if policy.nil?
29
52
  return false
@@ -4,7 +4,7 @@ module PkiExpress
4
4
 
5
5
  def initialize(url)
6
6
  @url = url
7
- @auth_type = :none
7
+ @auth_type = TsaAuthenticationType::NONE
8
8
  @token = nil
9
9
  @ssl_thumbprint = nil
10
10
  @basic_auth = nil
@@ -12,17 +12,17 @@ module PkiExpress
12
12
 
13
13
  def set_oauth_token_authentication(token)
14
14
  @token = token
15
- @auth_type = :oauth_token
15
+ @auth_type = TsaAuthenticationType::OAUTH_TOKEN
16
16
  end
17
17
 
18
18
  def set_basic_authentication(username, password)
19
19
  @basic_auth = "#{username}:#{password}"
20
- @auth_type = :basic_auth
20
+ @auth_type = TsaAuthenticationType::BASIC_AUTH
21
21
  end
22
22
 
23
23
  def set_ssl_thumbprint(ssl_thumbprint)
24
24
  @ssl_thumbprint = ssl_thumbprint
25
- @auth_type = :ssl
25
+ @auth_type = TsaAuthenticationType::SSL
26
26
  end
27
27
 
28
28
  def get_cmd_arguments
@@ -31,14 +31,14 @@ module PkiExpress
31
31
  args.append(url)
32
32
 
33
33
  case auth_type
34
- when :none
35
- when :basic_auth
34
+ when TsaAuthenticationType::NONE
35
+ when TsaAuthenticationType::BASIC_AUTH
36
36
  args.append('--tsa-basic-auth')
37
37
  args.append(@basic_auth)
38
- when :ssl
38
+ when TsaAuthenticationType::SSL
39
39
  args.append('--tsa-ssl-thumbprint')
40
40
  args.append(@ssl_thumbprint)
41
- when :oauth_token
41
+ when TsaAuthenticationType::OAUTH_TOKEN
42
42
  args.append('--tsa-token')
43
43
  args.append(token)
44
44
  else
@@ -0,0 +1,21 @@
1
+ module PkiExpress
2
+
3
+ class TrustServiceAuthParameters
4
+ attr_accessor :service_info, :auth_url
5
+
6
+ def initialize(model)
7
+ @service_info = nil
8
+ @auth_url = nil
9
+
10
+ unless model.nil?
11
+ @auth_url = model.fetch(:authUrl)
12
+
13
+ service_info = model.fetch(:serviceInfo)
14
+ if service_info
15
+ @service_info = TrustServiceInfo.new(service_info)
16
+ end
17
+ end
18
+ end
19
+
20
+ end
21
+ end
@@ -0,0 +1,38 @@
1
+ module PkiExpress
2
+
3
+ class TrustServiceInfo
4
+
5
+ attr_accessor :service, :provider, :badge_url
6
+
7
+ def initialize(model)
8
+ @service = nil
9
+ @provider = nil
10
+ @badge_url = nil
11
+
12
+ unless model.nil?
13
+ @provider = model.fetch(:provider)
14
+ @badge_url = model.fetch(:badgeUrl)
15
+
16
+ service = model.fetch(:service)
17
+ if service
18
+ @service = TrustServiceName.new(service)
19
+ end
20
+ end
21
+ end
22
+
23
+ end
24
+
25
+ class TrustServiceName
26
+
27
+ attr_accessor :name
28
+
29
+ def initialize(model)
30
+ @name = nil
31
+
32
+ unless model.nil?
33
+ @name = model.fetch(:name)
34
+ end
35
+ end
36
+
37
+ end
38
+ end
@@ -0,0 +1,259 @@
1
+ module PkiExpress
2
+ class TrustServicesManager < PkiExpressOperator
3
+ def initialize(config=PkiExpressConfig.new)
4
+ super(config)
5
+ end
6
+
7
+ def check_by_cpf(service, cpf)
8
+ unless service
9
+ raise "The provided service is not valid"
10
+ end
11
+
12
+ unless cpf
13
+ raise "The provided CPF is not valid"
14
+ end
15
+
16
+ args = [
17
+ service,
18
+ '--cpf',
19
+ cpf,
20
+ ]
21
+
22
+ # This operation can only be used on versions greater than 1.18 of
23
+ # the PKI Express.
24
+ @version_manager.require_version('1.18')
25
+
26
+ # Invoke command.
27
+ response = invoke(Commands::CHECK_SERVICE, args)
28
+
29
+ # Parse output and return result.
30
+ model = parse_output(response)
31
+ CheckServiceResult.new(model)
32
+ end
33
+
34
+ def check_by_cnpj(service, cnpj)
35
+ unless service
36
+ raise "The provided service is not valid"
37
+ end
38
+
39
+ unless cnpj
40
+ raise "The provided CNPJ is not valid"
41
+ end
42
+
43
+ args = [
44
+ service,
45
+ '--cnpj',
46
+ cnpj,
47
+ ]
48
+
49
+ # This operation can only be used on versions greater than 1.18 of
50
+ # the PKI Express.
51
+ @version_manager.require_version('1.18')
52
+
53
+ # Invoke command.
54
+ response = invoke(Commands::CHECK_SERVICE, args)
55
+
56
+ # Parse output and return result.
57
+ model = parse_output(response)
58
+ CheckServiceResult.new(model)
59
+ end
60
+
61
+ def discover_by_cpf(cpf, throw_exceptions=false)
62
+ unless cpf
63
+ raise "The provided CPF is not valid"
64
+ end
65
+
66
+ args = [
67
+ '--cpf',
68
+ cpf
69
+ ]
70
+
71
+ if throw_exceptions
72
+ args.append('--throw')
73
+ end
74
+
75
+ # This operation can only be used on versions greater than 1.18 of
76
+ # the PKI Express.
77
+ @version_manager.require_version('1.18')
78
+
79
+ # Invoke command.
80
+ response = invoke(Commands::DISCOVER_SERVICES, args)
81
+
82
+ # Parse output and return result.
83
+ model = parse_output(response)
84
+ DiscoverServicesResult.new(model).services
85
+ end
86
+
87
+ def discover_by_cnpj(cnpj, throw_exceptions=false)
88
+ unless cnpj
89
+ raise "The provided CNPJ is not valid"
90
+ end
91
+
92
+ args = [
93
+ '--cnpj',
94
+ cnpj
95
+ ]
96
+
97
+ if throw_exceptions
98
+ args.append('--throw')
99
+ end
100
+ # This operation can only be used on versions greater than 1.18 of
101
+ # the PKI Express.
102
+ @version_manager.require_version('1.18')
103
+
104
+ # Invoke command.
105
+ response = invoke(Commands::DISCOVER_SERVICES, args)
106
+
107
+ # Parse output and return result.
108
+ model = parse_output(response)
109
+ DiscoverServicesResult.new(model).services
110
+ end
111
+
112
+ def discover_by_cpf_and_start_auth(cpf, redirect_url,
113
+ session_type=TrustServiceSessionTypes::SIGNATURE_SESSION,
114
+ custom_state=nil, throw_exceptions=false)
115
+ unless cpf
116
+ raise "The provided CPF is not valid"
117
+ end
118
+ unless redirect_url
119
+ raise "The provided redirectUrl is not valid"
120
+ end
121
+ unless session_type
122
+ raise "No session type was provided"
123
+ end
124
+
125
+ args = [
126
+ '--cpf',
127
+ cpf,
128
+ '--redirect-url',
129
+ redirect_url,
130
+ '--session-type',
131
+ session_type,
132
+ ]
133
+
134
+ if custom_state
135
+ args.append('--custom-state')
136
+ args.append(custom_state)
137
+ end
138
+
139
+ if throw_exceptions
140
+ args.append('--throw')
141
+ end
142
+
143
+ # This operation can only be used on versions greater than 1.18 of
144
+ # the PKI Express.
145
+ @version_manager.require_version('1.18')
146
+
147
+ # Invoke command.
148
+ response = invoke(Commands::DISCOVER_SERVICES, args)
149
+
150
+ # Parse output and return result.
151
+ model = parse_output(response)
152
+ DiscoverServicesResult.new(model).auth_parameters
153
+ end
154
+
155
+ def discover_by_cnpj_and_start_auth(cnpj, redirect_url,
156
+ session_type=TrustServiceSessionTypes::SIGNATURE_SESSION,
157
+ custom_state=nil, throw_exceptions=false)
158
+ unless cnpj
159
+ raise "The provided CNPJ is not valid"
160
+ end
161
+ unless redirect_url
162
+ raise "The provided redirectUrl is not valid"
163
+ end
164
+ unless session_type
165
+ raise "No session type was provided"
166
+ end
167
+
168
+ args = [
169
+ '--cnpj',
170
+ cnpj,
171
+ '--redirect-url',
172
+ redirect_url,
173
+ '--session-type',
174
+ session_type
175
+ ]
176
+
177
+ if custom_state
178
+ args.append('--custom-state')
179
+ args.append(custom_state)
180
+ end
181
+
182
+ if throw_exceptions
183
+ args.append('--throw')
184
+ end
185
+
186
+ # This operation can only be used on versions greater than 1.18 of
187
+ # the PKI Express.
188
+ @version_manager.require_version('1.18')
189
+
190
+ # Invoke command.
191
+ response = invoke(Commands::DISCOVER_SERVICES, args)
192
+
193
+ # Parse output and return result.
194
+ model = parse_output(response)
195
+ DiscoverServicesResult.new(model).auth_parameters
196
+ end
197
+
198
+ def password_authorize(service, username, password,
199
+ session_type=TrustServiceSessionTypes::SIGNATURE_SESSION)
200
+ unless service
201
+ raise "The provided service is not valid"
202
+ end
203
+
204
+ unless username
205
+ raise "The provided username is not valid"
206
+ end
207
+
208
+ unless password
209
+ raise "The provided password is not valid"
210
+ end
211
+
212
+ unless session_type
213
+ raise "No session type was provided"
214
+ end
215
+
216
+ args = [
217
+ service,
218
+ username,
219
+ password,
220
+ session_type
221
+ ]
222
+
223
+ # This operation can only be used on versions greater than 1.18 of
224
+ # the PKI Express.
225
+ @version_manager.require_version('1.18')
226
+
227
+ # Invoke command.
228
+ response = invoke(Commands::PASSWORD_AUTHORIZE, args)
229
+
230
+ # Parse output and return result.
231
+ model = parse_output(response)
232
+ TrustServiceSessionResult.new(model)
233
+ end
234
+
235
+ def complete_auth(code, state)
236
+ unless code
237
+ raise "The provided code is not valid"
238
+ end
239
+
240
+ unless state
241
+ raise "The provided state is not valid"
242
+ end
243
+
244
+ args = [code, state]
245
+
246
+ # This operation can only be used on versions greater than 1.18 of
247
+ # the PKI Express.
248
+ @version_manager.require_version('1.18')
249
+
250
+ # Invoke command.
251
+ response = invoke(Commands::COMPLETE_SERVICE_AUTH, args)
252
+
253
+ # Parse output and return result.
254
+ model = parse_output(response)
255
+ TrustServiceSessionResult.new(model)
256
+ end
257
+
258
+ end
259
+ end