pki_express 1.3.1 → 1.3.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitattributes +2 -2
- data/.github/workflows/test.yml +21 -21
- data/.gitignore +27 -27
- data/CHANGELOG.md +19 -16
- data/Gemfile +8 -7
- data/README.md +24 -24
- data/Rakefile +6 -6
- data/lib/pki_express/auth_complete_result.rb +21 -21
- data/lib/pki_express/auth_start_result.rb +76 -76
- data/lib/pki_express/authentication.rb +284 -284
- data/lib/pki_express/base_signer.rb +54 -54
- data/lib/pki_express/cades_signature.rb +89 -89
- data/lib/pki_express/cades_signature_starter.rb +242 -242
- data/lib/pki_express/check_service_result.rb +15 -15
- data/lib/pki_express/command_error.rb +13 -13
- data/lib/pki_express/commands.rb +24 -24
- data/lib/pki_express/digest_algorithm.rb +118 -118
- data/lib/pki_express/digest_algorithm_and_value.rb +30 -30
- data/lib/pki_express/discovery_service_result.rb +25 -25
- data/lib/pki_express/enum.rb +9 -9
- data/lib/pki_express/error_codes.rb +46 -46
- data/lib/pki_express/installation_not_found_error.rb +8 -8
- data/lib/pki_express/name.rb +47 -47
- data/lib/pki_express/oids.rb +30 -30
- data/lib/pki_express/pades_certification_level.rb +7 -7
- data/lib/pki_express/pades_horizontal_align.rb +9 -9
- data/lib/pki_express/pades_measurement_units.rb +8 -8
- data/lib/pki_express/pades_page_optimization.rb +50 -50
- data/lib/pki_express/pades_page_orientation.rb +9 -9
- data/lib/pki_express/pades_paper_size.rb +21 -21
- data/lib/pki_express/pades_signature.rb +16 -16
- data/lib/pki_express/pades_signature_explorer.rb +30 -30
- data/lib/pki_express/pades_signature_starter.rb +251 -251
- data/lib/pki_express/pades_signer.rb +274 -274
- data/lib/pki_express/pades_signer_info.rb +9 -9
- data/lib/pki_express/pades_size.rb +17 -17
- data/lib/pki_express/pades_text_horizontal_align.rb +8 -8
- data/lib/pki_express/pades_vertical_align.rb +9 -9
- data/lib/pki_express/pades_visual_auto_positioning.rb +21 -21
- data/lib/pki_express/pades_visual_image.rb +51 -51
- data/lib/pki_express/pades_visual_manual_positioning.rb +16 -16
- data/lib/pki_express/pades_visual_positioning.rb +27 -27
- data/lib/pki_express/pades_visual_rectangle.rb +74 -74
- data/lib/pki_express/pades_visual_representation.rb +22 -22
- data/lib/pki_express/pades_visual_text.rb +35 -35
- data/lib/pki_express/pk_algorithms.rb +157 -157
- data/lib/pki_express/pk_certificate.rb +61 -61
- data/lib/pki_express/pki_brazil_certificate_fields.rb +57 -57
- data/lib/pki_express/pki_brazil_certificate_types.rb +19 -19
- data/lib/pki_express/pki_express_config.rb +39 -26
- data/lib/pki_express/pki_express_operator.rb +240 -240
- data/lib/pki_express/pki_italy_certificate_fields.rb +15 -15
- data/lib/pki_express/pki_italy_certificate_types.rb +11 -11
- data/lib/pki_express/signature_algorithm_and_value.rb +34 -34
- data/lib/pki_express/signature_explorer.rb +74 -74
- data/lib/pki_express/signature_finisher.rb +314 -314
- data/lib/pki_express/signature_policy_identifier.rb +20 -20
- data/lib/pki_express/signature_start_result.rb +12 -12
- data/lib/pki_express/signature_starter.rb +116 -116
- data/lib/pki_express/signer.rb +151 -151
- data/lib/pki_express/standard_signature_policies.rb +58 -58
- data/lib/pki_express/timestamp_authority.rb +50 -50
- data/lib/pki_express/trust_service_auth_parameters.rb +20 -20
- data/lib/pki_express/trust_service_info.rb +37 -37
- data/lib/pki_express/trust_service_manager.rb +258 -258
- data/lib/pki_express/trust_service_session_result.rb +29 -29
- data/lib/pki_express/trust_service_session_types.rb +7 -7
- data/lib/pki_express/tsa_authentication_type.rb +14 -14
- data/lib/pki_express/validation_error.rb +8 -8
- data/lib/pki_express/validation_item.rb +43 -43
- data/lib/pki_express/validation_item_types.rb +103 -103
- data/lib/pki_express/validation_results.rb +120 -120
- data/lib/pki_express/version.rb +3 -3
- data/lib/pki_express/version_manager.rb +20 -20
- data/lib/pki_express.rb +69 -69
- data/pki_express.gemspec +26 -26
- data/spec/pki_express/pki_express_config_spec.rb +73 -0
- data/spec/pki_express/pki_express_operator_spec.rb +30 -30
- metadata +4 -2
@@ -1,13 +1,13 @@
|
|
1
|
-
module PkiExpress
|
2
|
-
class SignatureStartResult
|
3
|
-
attr_accessor :to_sign_hash, :digest_algorithm_name, :digest_algorithm_oid,
|
4
|
-
:transfer_file_id
|
5
|
-
|
6
|
-
def initialize(model, transfer_file_id)
|
7
|
-
@to_sign_hash = model.fetch(:toSignHash)
|
8
|
-
@digest_algorithm_name = model.fetch(:digestAlgorithmName)
|
9
|
-
@digest_algorithm_oid = model.fetch(:digestAlgorithmOid)
|
10
|
-
@transfer_file_id = transfer_file_id
|
11
|
-
end
|
12
|
-
end
|
1
|
+
module PkiExpress
|
2
|
+
class SignatureStartResult
|
3
|
+
attr_accessor :to_sign_hash, :digest_algorithm_name, :digest_algorithm_oid,
|
4
|
+
:transfer_file_id
|
5
|
+
|
6
|
+
def initialize(model, transfer_file_id)
|
7
|
+
@to_sign_hash = model.fetch(:toSignHash)
|
8
|
+
@digest_algorithm_name = model.fetch(:digestAlgorithmName)
|
9
|
+
@digest_algorithm_oid = model.fetch(:digestAlgorithmOid)
|
10
|
+
@transfer_file_id = transfer_file_id
|
11
|
+
end
|
12
|
+
end
|
13
13
|
end
|
@@ -1,116 +1,116 @@
|
|
1
|
-
module PkiExpress
|
2
|
-
|
3
|
-
class SignatureStarter < BaseSigner
|
4
|
-
|
5
|
-
def initialize(config=PkiExpressConfig.new)
|
6
|
-
super(config)
|
7
|
-
@certificate_path = nil
|
8
|
-
end
|
9
|
-
|
10
|
-
# region The "certificate" accessors
|
11
|
-
|
12
|
-
def certificate
|
13
|
-
_get_certificate
|
14
|
-
end
|
15
|
-
|
16
|
-
def _get_certificate
|
17
|
-
unless @certificate_path
|
18
|
-
return nil
|
19
|
-
end
|
20
|
-
|
21
|
-
File.read(@certificate_path)
|
22
|
-
end
|
23
|
-
private :_get_certificate
|
24
|
-
|
25
|
-
def certificate=(content_raw)
|
26
|
-
_set_certificate(content_raw)
|
27
|
-
end
|
28
|
-
|
29
|
-
def _set_certificate(content_raw)
|
30
|
-
unless content_raw
|
31
|
-
raise 'The provided "certificate" is not valid'
|
32
|
-
end
|
33
|
-
|
34
|
-
temp_file_path = self.create_temp_file
|
35
|
-
File.open(temp_file_path, 'wb') do |f|
|
36
|
-
f.write(content_raw)
|
37
|
-
end
|
38
|
-
@certificate_path = temp_file_path
|
39
|
-
end
|
40
|
-
private :_set_certificate
|
41
|
-
|
42
|
-
def certificate_base64
|
43
|
-
_get_certificate_base64
|
44
|
-
end
|
45
|
-
|
46
|
-
def _get_certificate_base64
|
47
|
-
unless @certificate_path
|
48
|
-
return nil
|
49
|
-
end
|
50
|
-
|
51
|
-
content = File.read(@certificate_path)
|
52
|
-
Base64.encode64(content)
|
53
|
-
end
|
54
|
-
private :_get_certificate_base64
|
55
|
-
|
56
|
-
def certificate_base64=(content_base64)
|
57
|
-
_set_certificate_base64(content_base64)
|
58
|
-
end
|
59
|
-
|
60
|
-
def _set_certificate_base64(content_base64)
|
61
|
-
unless content_base64
|
62
|
-
raise 'The provided "certificate_base64" is not valid'
|
63
|
-
end
|
64
|
-
|
65
|
-
begin
|
66
|
-
content_raw = Base64.decode64(content_base64)
|
67
|
-
rescue Error
|
68
|
-
raise 'The provided "certificate_base64" is not Base64-encoded'
|
69
|
-
end
|
70
|
-
|
71
|
-
_set_certificate(content_raw)
|
72
|
-
end
|
73
|
-
private :_set_certificate_base64
|
74
|
-
|
75
|
-
def certificate_path
|
76
|
-
_get_certificate_path
|
77
|
-
end
|
78
|
-
|
79
|
-
def _get_certificate_path
|
80
|
-
@certificate_path
|
81
|
-
end
|
82
|
-
private :_get_certificate_path
|
83
|
-
|
84
|
-
def certificate_path=(path)
|
85
|
-
_set_certificate_path(path)
|
86
|
-
end
|
87
|
-
|
88
|
-
def _set_certificate_path(path)
|
89
|
-
unless path
|
90
|
-
raise 'The provided "certificate_path" is not valid'
|
91
|
-
end
|
92
|
-
unless File.exists?(path)
|
93
|
-
raise 'The provided "certificate_path" does not exist'
|
94
|
-
end
|
95
|
-
|
96
|
-
@certificate_path = path
|
97
|
-
end
|
98
|
-
private :_set_certificate_path
|
99
|
-
|
100
|
-
# endregion
|
101
|
-
|
102
|
-
def self.get_result(response, transfer_file)
|
103
|
-
{
|
104
|
-
toSignHash: response[0],
|
105
|
-
digestAlgorithmName: response[1],
|
106
|
-
digestAlgorithmOid: response[2],
|
107
|
-
transferFile: transfer_file
|
108
|
-
}
|
109
|
-
end
|
110
|
-
|
111
|
-
def start
|
112
|
-
raise NotImplementedError.new('This method is not implemented')
|
113
|
-
end
|
114
|
-
end
|
115
|
-
|
116
|
-
end
|
1
|
+
module PkiExpress
|
2
|
+
|
3
|
+
class SignatureStarter < BaseSigner
|
4
|
+
|
5
|
+
def initialize(config=PkiExpressConfig.new)
|
6
|
+
super(config)
|
7
|
+
@certificate_path = nil
|
8
|
+
end
|
9
|
+
|
10
|
+
# region The "certificate" accessors
|
11
|
+
|
12
|
+
def certificate
|
13
|
+
_get_certificate
|
14
|
+
end
|
15
|
+
|
16
|
+
def _get_certificate
|
17
|
+
unless @certificate_path
|
18
|
+
return nil
|
19
|
+
end
|
20
|
+
|
21
|
+
File.read(@certificate_path)
|
22
|
+
end
|
23
|
+
private :_get_certificate
|
24
|
+
|
25
|
+
def certificate=(content_raw)
|
26
|
+
_set_certificate(content_raw)
|
27
|
+
end
|
28
|
+
|
29
|
+
def _set_certificate(content_raw)
|
30
|
+
unless content_raw
|
31
|
+
raise 'The provided "certificate" is not valid'
|
32
|
+
end
|
33
|
+
|
34
|
+
temp_file_path = self.create_temp_file
|
35
|
+
File.open(temp_file_path, 'wb') do |f|
|
36
|
+
f.write(content_raw)
|
37
|
+
end
|
38
|
+
@certificate_path = temp_file_path
|
39
|
+
end
|
40
|
+
private :_set_certificate
|
41
|
+
|
42
|
+
def certificate_base64
|
43
|
+
_get_certificate_base64
|
44
|
+
end
|
45
|
+
|
46
|
+
def _get_certificate_base64
|
47
|
+
unless @certificate_path
|
48
|
+
return nil
|
49
|
+
end
|
50
|
+
|
51
|
+
content = File.read(@certificate_path)
|
52
|
+
Base64.encode64(content)
|
53
|
+
end
|
54
|
+
private :_get_certificate_base64
|
55
|
+
|
56
|
+
def certificate_base64=(content_base64)
|
57
|
+
_set_certificate_base64(content_base64)
|
58
|
+
end
|
59
|
+
|
60
|
+
def _set_certificate_base64(content_base64)
|
61
|
+
unless content_base64
|
62
|
+
raise 'The provided "certificate_base64" is not valid'
|
63
|
+
end
|
64
|
+
|
65
|
+
begin
|
66
|
+
content_raw = Base64.decode64(content_base64)
|
67
|
+
rescue Error
|
68
|
+
raise 'The provided "certificate_base64" is not Base64-encoded'
|
69
|
+
end
|
70
|
+
|
71
|
+
_set_certificate(content_raw)
|
72
|
+
end
|
73
|
+
private :_set_certificate_base64
|
74
|
+
|
75
|
+
def certificate_path
|
76
|
+
_get_certificate_path
|
77
|
+
end
|
78
|
+
|
79
|
+
def _get_certificate_path
|
80
|
+
@certificate_path
|
81
|
+
end
|
82
|
+
private :_get_certificate_path
|
83
|
+
|
84
|
+
def certificate_path=(path)
|
85
|
+
_set_certificate_path(path)
|
86
|
+
end
|
87
|
+
|
88
|
+
def _set_certificate_path(path)
|
89
|
+
unless path
|
90
|
+
raise 'The provided "certificate_path" is not valid'
|
91
|
+
end
|
92
|
+
unless File.exists?(path)
|
93
|
+
raise 'The provided "certificate_path" does not exist'
|
94
|
+
end
|
95
|
+
|
96
|
+
@certificate_path = path
|
97
|
+
end
|
98
|
+
private :_set_certificate_path
|
99
|
+
|
100
|
+
# endregion
|
101
|
+
|
102
|
+
def self.get_result(response, transfer_file)
|
103
|
+
{
|
104
|
+
toSignHash: response[0],
|
105
|
+
digestAlgorithmName: response[1],
|
106
|
+
digestAlgorithmOid: response[2],
|
107
|
+
transferFile: transfer_file
|
108
|
+
}
|
109
|
+
end
|
110
|
+
|
111
|
+
def start
|
112
|
+
raise NotImplementedError.new('This method is not implemented')
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
end
|
data/lib/pki_express/signer.rb
CHANGED
@@ -1,151 +1,151 @@
|
|
1
|
-
module PkiExpress
|
2
|
-
|
3
|
-
class Signer < BaseSigner
|
4
|
-
|
5
|
-
attr_accessor :output_file_path, :cert_thumb, :cert_password, :trust_service_session
|
6
|
-
|
7
|
-
def initialize(config=PkiExpressConfig.new)
|
8
|
-
super(config)
|
9
|
-
@output_file_path = nil
|
10
|
-
@pkcs12_path = nil
|
11
|
-
@cert_thumb = nil
|
12
|
-
@cert_password = nil
|
13
|
-
@use_machine = false
|
14
|
-
@trust_service_session = nil
|
15
|
-
end
|
16
|
-
|
17
|
-
# region The "pkcs12" accessors
|
18
|
-
|
19
|
-
def pkcs12
|
20
|
-
_get_pkcs12
|
21
|
-
end
|
22
|
-
|
23
|
-
def _get_pkcs12
|
24
|
-
unless @pkcs12_path
|
25
|
-
return nil
|
26
|
-
end
|
27
|
-
|
28
|
-
File.read(@pkcs12_path)
|
29
|
-
end
|
30
|
-
private :_get_pkcs12
|
31
|
-
|
32
|
-
def pkcs12=(content_raw)
|
33
|
-
_set_pkcs12(content_raw)
|
34
|
-
end
|
35
|
-
|
36
|
-
def _set_pkcs12(content_raw)
|
37
|
-
unless content_raw
|
38
|
-
raise 'The provided "pkcs12" is not valid'
|
39
|
-
end
|
40
|
-
|
41
|
-
temp_file_path = self.create_temp_file
|
42
|
-
File.open(temp_file_path, 'wb') do |f|
|
43
|
-
f.write(content_raw)
|
44
|
-
end
|
45
|
-
@pkcs12_path = temp_file_path
|
46
|
-
end
|
47
|
-
private :_set_pkcs12
|
48
|
-
|
49
|
-
def pkcs12_base64
|
50
|
-
_get_pkcs12_base64
|
51
|
-
end
|
52
|
-
|
53
|
-
def _get_pkcs12_base64
|
54
|
-
unless @pkcs12_path
|
55
|
-
return nil
|
56
|
-
end
|
57
|
-
|
58
|
-
content = File.read(@pkcs12_path)
|
59
|
-
Base64.encode64(content)
|
60
|
-
end
|
61
|
-
private :_get_pkcs12_base64
|
62
|
-
|
63
|
-
def pkcs12_base64=(pkcs12_base64)
|
64
|
-
_set_pkcs12_base64(pkcs12_base64)
|
65
|
-
end
|
66
|
-
|
67
|
-
def _set_pkcs12_base64(pkcs12_base64)
|
68
|
-
unless pkcs12_base64
|
69
|
-
raise 'The provided "pkcs12_base64" is not valid'
|
70
|
-
end
|
71
|
-
|
72
|
-
begin
|
73
|
-
content_raw = Base64.decode64(pkcs12_base64)
|
74
|
-
rescue Error
|
75
|
-
raise 'The provided "pkcs12_base64" is not Base64-encoded'
|
76
|
-
end
|
77
|
-
|
78
|
-
_set_pkcs12(content_raw)
|
79
|
-
end
|
80
|
-
private :_set_pkcs12_base64
|
81
|
-
|
82
|
-
def pkcs12_path
|
83
|
-
_get_pkcs12_path
|
84
|
-
end
|
85
|
-
|
86
|
-
def _get_pkcs12_path
|
87
|
-
@pkcs12_path
|
88
|
-
end
|
89
|
-
private :_get_pkcs12_path
|
90
|
-
|
91
|
-
def pkcs12_path=(pkcs12_path)
|
92
|
-
_set_pkcs12_path(pkcs12_path)
|
93
|
-
end
|
94
|
-
|
95
|
-
def _set_pkcs12_path(pkcs12_path)
|
96
|
-
unless pkcs12_path
|
97
|
-
raise 'The provided "pkcs12_path" is not valid'
|
98
|
-
end
|
99
|
-
unless File.exists?(pkcs12_path)
|
100
|
-
raise 'The provided "pkcs12_path" does not exist'
|
101
|
-
end
|
102
|
-
|
103
|
-
@pkcs12_path = pkcs12_path
|
104
|
-
end
|
105
|
-
private :_set_pkcs12_path
|
106
|
-
|
107
|
-
# endregion
|
108
|
-
|
109
|
-
def verify_and_add_common_options(args)
|
110
|
-
# Verify and add common option between signers and signature starters.
|
111
|
-
super(args)
|
112
|
-
|
113
|
-
if !@cert_thumb && !@pkcs12_path && !@trust_service_session
|
114
|
-
raise 'Neither the PKCS #12 file, the certificate\'s thumbprint nor the trust service session was provided'
|
115
|
-
end
|
116
|
-
|
117
|
-
if @cert_thumb
|
118
|
-
args.append('--thumbprint')
|
119
|
-
args.append(@cert_thumb)
|
120
|
-
@version_manager.require_version('1.3')
|
121
|
-
end
|
122
|
-
|
123
|
-
if @pkcs12_path
|
124
|
-
args.append('--pkcs12')
|
125
|
-
args.append(@pkcs12_path)
|
126
|
-
@version_manager.require_version('1.3')
|
127
|
-
end
|
128
|
-
|
129
|
-
if @cert_password
|
130
|
-
args.append('--password')
|
131
|
-
args.append(@cert_password)
|
132
|
-
@version_manager.require_version('1.3')
|
133
|
-
end
|
134
|
-
|
135
|
-
if @use_machine
|
136
|
-
args.append('--machine')
|
137
|
-
@version_manager.require_version('1.3')
|
138
|
-
end
|
139
|
-
|
140
|
-
if @trust_service_session
|
141
|
-
args.append('--trust-service-session')
|
142
|
-
args.append(@trust_service_session)
|
143
|
-
# This option can only be used on versions greater than 1.18 of
|
144
|
-
# the PKI Express.
|
145
|
-
@version_manager.require_version('1.18')
|
146
|
-
end
|
147
|
-
end
|
148
|
-
protected :verify_and_add_common_options
|
149
|
-
end
|
150
|
-
|
151
|
-
end
|
1
|
+
module PkiExpress
|
2
|
+
|
3
|
+
class Signer < BaseSigner
|
4
|
+
|
5
|
+
attr_accessor :output_file_path, :cert_thumb, :cert_password, :trust_service_session
|
6
|
+
|
7
|
+
def initialize(config=PkiExpressConfig.new)
|
8
|
+
super(config)
|
9
|
+
@output_file_path = nil
|
10
|
+
@pkcs12_path = nil
|
11
|
+
@cert_thumb = nil
|
12
|
+
@cert_password = nil
|
13
|
+
@use_machine = false
|
14
|
+
@trust_service_session = nil
|
15
|
+
end
|
16
|
+
|
17
|
+
# region The "pkcs12" accessors
|
18
|
+
|
19
|
+
def pkcs12
|
20
|
+
_get_pkcs12
|
21
|
+
end
|
22
|
+
|
23
|
+
def _get_pkcs12
|
24
|
+
unless @pkcs12_path
|
25
|
+
return nil
|
26
|
+
end
|
27
|
+
|
28
|
+
File.read(@pkcs12_path)
|
29
|
+
end
|
30
|
+
private :_get_pkcs12
|
31
|
+
|
32
|
+
def pkcs12=(content_raw)
|
33
|
+
_set_pkcs12(content_raw)
|
34
|
+
end
|
35
|
+
|
36
|
+
def _set_pkcs12(content_raw)
|
37
|
+
unless content_raw
|
38
|
+
raise 'The provided "pkcs12" is not valid'
|
39
|
+
end
|
40
|
+
|
41
|
+
temp_file_path = self.create_temp_file
|
42
|
+
File.open(temp_file_path, 'wb') do |f|
|
43
|
+
f.write(content_raw)
|
44
|
+
end
|
45
|
+
@pkcs12_path = temp_file_path
|
46
|
+
end
|
47
|
+
private :_set_pkcs12
|
48
|
+
|
49
|
+
def pkcs12_base64
|
50
|
+
_get_pkcs12_base64
|
51
|
+
end
|
52
|
+
|
53
|
+
def _get_pkcs12_base64
|
54
|
+
unless @pkcs12_path
|
55
|
+
return nil
|
56
|
+
end
|
57
|
+
|
58
|
+
content = File.read(@pkcs12_path)
|
59
|
+
Base64.encode64(content)
|
60
|
+
end
|
61
|
+
private :_get_pkcs12_base64
|
62
|
+
|
63
|
+
def pkcs12_base64=(pkcs12_base64)
|
64
|
+
_set_pkcs12_base64(pkcs12_base64)
|
65
|
+
end
|
66
|
+
|
67
|
+
def _set_pkcs12_base64(pkcs12_base64)
|
68
|
+
unless pkcs12_base64
|
69
|
+
raise 'The provided "pkcs12_base64" is not valid'
|
70
|
+
end
|
71
|
+
|
72
|
+
begin
|
73
|
+
content_raw = Base64.decode64(pkcs12_base64)
|
74
|
+
rescue Error
|
75
|
+
raise 'The provided "pkcs12_base64" is not Base64-encoded'
|
76
|
+
end
|
77
|
+
|
78
|
+
_set_pkcs12(content_raw)
|
79
|
+
end
|
80
|
+
private :_set_pkcs12_base64
|
81
|
+
|
82
|
+
def pkcs12_path
|
83
|
+
_get_pkcs12_path
|
84
|
+
end
|
85
|
+
|
86
|
+
def _get_pkcs12_path
|
87
|
+
@pkcs12_path
|
88
|
+
end
|
89
|
+
private :_get_pkcs12_path
|
90
|
+
|
91
|
+
def pkcs12_path=(pkcs12_path)
|
92
|
+
_set_pkcs12_path(pkcs12_path)
|
93
|
+
end
|
94
|
+
|
95
|
+
def _set_pkcs12_path(pkcs12_path)
|
96
|
+
unless pkcs12_path
|
97
|
+
raise 'The provided "pkcs12_path" is not valid'
|
98
|
+
end
|
99
|
+
unless File.exists?(pkcs12_path)
|
100
|
+
raise 'The provided "pkcs12_path" does not exist'
|
101
|
+
end
|
102
|
+
|
103
|
+
@pkcs12_path = pkcs12_path
|
104
|
+
end
|
105
|
+
private :_set_pkcs12_path
|
106
|
+
|
107
|
+
# endregion
|
108
|
+
|
109
|
+
def verify_and_add_common_options(args)
|
110
|
+
# Verify and add common option between signers and signature starters.
|
111
|
+
super(args)
|
112
|
+
|
113
|
+
if !@cert_thumb && !@pkcs12_path && !@trust_service_session
|
114
|
+
raise 'Neither the PKCS #12 file, the certificate\'s thumbprint nor the trust service session was provided'
|
115
|
+
end
|
116
|
+
|
117
|
+
if @cert_thumb
|
118
|
+
args.append('--thumbprint')
|
119
|
+
args.append(@cert_thumb)
|
120
|
+
@version_manager.require_version('1.3')
|
121
|
+
end
|
122
|
+
|
123
|
+
if @pkcs12_path
|
124
|
+
args.append('--pkcs12')
|
125
|
+
args.append(@pkcs12_path)
|
126
|
+
@version_manager.require_version('1.3')
|
127
|
+
end
|
128
|
+
|
129
|
+
if @cert_password
|
130
|
+
args.append('--password')
|
131
|
+
args.append(@cert_password)
|
132
|
+
@version_manager.require_version('1.3')
|
133
|
+
end
|
134
|
+
|
135
|
+
if @use_machine
|
136
|
+
args.append('--machine')
|
137
|
+
@version_manager.require_version('1.3')
|
138
|
+
end
|
139
|
+
|
140
|
+
if @trust_service_session
|
141
|
+
args.append('--trust-service-session')
|
142
|
+
args.append(@trust_service_session)
|
143
|
+
# This option can only be used on versions greater than 1.18 of
|
144
|
+
# the PKI Express.
|
145
|
+
@version_manager.require_version('1.18')
|
146
|
+
end
|
147
|
+
end
|
148
|
+
protected :verify_and_add_common_options
|
149
|
+
end
|
150
|
+
|
151
|
+
end
|
@@ -1,59 +1,59 @@
|
|
1
|
-
module PkiExpress
|
2
|
-
|
3
|
-
class StandardSignaturePolicies < Enum
|
4
|
-
PKI_BRAZIL_CADES_ADR_BASICA = 'adrb'
|
5
|
-
PKI_BRAZIL_CADES_ADR_BASICA_WITH_REVOCATION_VALUE = 'adrb-rv'
|
6
|
-
PKI_BRAZIL_CADES_ADR_TEMPO = 'adrt'
|
7
|
-
PKI_BRAZIL_CADES_ADR_COMPLETA = 'adrc'
|
8
|
-
CADES_BES = 'cades'
|
9
|
-
CADES_BES_WITH_REVOCATION_VALUES = 'cades-rv'
|
10
|
-
CADES_T = 'cades-t'
|
11
|
-
|
12
|
-
PADES_BASIC = 'pades'
|
13
|
-
PADES_BASIC_WITH_LTV = 'pades-ltv'
|
14
|
-
PADES_T = 'pades-t'
|
15
|
-
PKI_BRAZIL_PADES_ADR_BASICA = 'pades-ltv'
|
16
|
-
PKI_BRAZIL_PADES_ADR_BASICA_WITH_LTV = 'adrb-ltv'
|
17
|
-
PKI_BRAZIL_PADES_ADR_TEMPO = 'adrt'
|
18
|
-
|
19
|
-
NFE_PADRAO_NACIONAL = 'nfe'
|
20
|
-
XADES_BES = 'xades'
|
21
|
-
XML_DSIG_BASIC = 'basic'
|
22
|
-
PKI_BRAZIL_XML_ADR_BASIC = 'adrb'
|
23
|
-
PKI_BRAZIL_XML_ADR_TEMPO = 'adrt'
|
24
|
-
COD_WITH_SHA1 = 'cod-sha1'
|
25
|
-
COD_WITH_SHA256 = 'cod-sha256'
|
26
|
-
|
27
|
-
VALUES = [
|
28
|
-
PKI_BRAZIL_CADES_ADR_BASICA,
|
29
|
-
PKI_BRAZIL_CADES_ADR_BASICA_WITH_REVOCATION_VALUE,
|
30
|
-
PKI_BRAZIL_CADES_ADR_TEMPO,
|
31
|
-
PKI_BRAZIL_CADES_ADR_COMPLETA,
|
32
|
-
CADES_BES,
|
33
|
-
CADES_BES_WITH_REVOCATION_VALUES,
|
34
|
-
CADES_T,
|
35
|
-
PADES_BASIC,
|
36
|
-
PADES_BASIC_WITH_LTV,
|
37
|
-
PADES_T,
|
38
|
-
PKI_BRAZIL_PADES_ADR_BASICA,
|
39
|
-
PKI_BRAZIL_PADES_ADR_BASICA_WITH_LTV,
|
40
|
-
PKI_BRAZIL_PADES_ADR_TEMPO,
|
41
|
-
NFE_PADRAO_NACIONAL,
|
42
|
-
XADES_BES,
|
43
|
-
XML_DSIG_BASIC,
|
44
|
-
PKI_BRAZIL_XML_ADR_BASIC,
|
45
|
-
PKI_BRAZIL_XML_ADR_TEMPO,
|
46
|
-
COD_WITH_SHA1,
|
47
|
-
COD_WITH_SHA256
|
48
|
-
]
|
49
|
-
|
50
|
-
def self.require_timestamp(policy)
|
51
|
-
if policy.nil?
|
52
|
-
return false
|
53
|
-
end
|
54
|
-
|
55
|
-
return policy == PKI_BRAZIL_CADES_ADR_TEMPO || policy == PKI_BRAZIL_CADES_ADR_COMPLETA || policy == CADES_T || policy == PADES_T || policy == PKI_BRAZIL_PADES_ADR_TEMPO || policy == PKI_BRAZIL_XML_ADR_TEMPO
|
56
|
-
end
|
57
|
-
end
|
58
|
-
|
1
|
+
module PkiExpress
|
2
|
+
|
3
|
+
class StandardSignaturePolicies < Enum
|
4
|
+
PKI_BRAZIL_CADES_ADR_BASICA = 'adrb'
|
5
|
+
PKI_BRAZIL_CADES_ADR_BASICA_WITH_REVOCATION_VALUE = 'adrb-rv'
|
6
|
+
PKI_BRAZIL_CADES_ADR_TEMPO = 'adrt'
|
7
|
+
PKI_BRAZIL_CADES_ADR_COMPLETA = 'adrc'
|
8
|
+
CADES_BES = 'cades'
|
9
|
+
CADES_BES_WITH_REVOCATION_VALUES = 'cades-rv'
|
10
|
+
CADES_T = 'cades-t'
|
11
|
+
|
12
|
+
PADES_BASIC = 'pades'
|
13
|
+
PADES_BASIC_WITH_LTV = 'pades-ltv'
|
14
|
+
PADES_T = 'pades-t'
|
15
|
+
PKI_BRAZIL_PADES_ADR_BASICA = 'pades-ltv'
|
16
|
+
PKI_BRAZIL_PADES_ADR_BASICA_WITH_LTV = 'adrb-ltv'
|
17
|
+
PKI_BRAZIL_PADES_ADR_TEMPO = 'adrt'
|
18
|
+
|
19
|
+
NFE_PADRAO_NACIONAL = 'nfe'
|
20
|
+
XADES_BES = 'xades'
|
21
|
+
XML_DSIG_BASIC = 'basic'
|
22
|
+
PKI_BRAZIL_XML_ADR_BASIC = 'adrb'
|
23
|
+
PKI_BRAZIL_XML_ADR_TEMPO = 'adrt'
|
24
|
+
COD_WITH_SHA1 = 'cod-sha1'
|
25
|
+
COD_WITH_SHA256 = 'cod-sha256'
|
26
|
+
|
27
|
+
VALUES = [
|
28
|
+
PKI_BRAZIL_CADES_ADR_BASICA,
|
29
|
+
PKI_BRAZIL_CADES_ADR_BASICA_WITH_REVOCATION_VALUE,
|
30
|
+
PKI_BRAZIL_CADES_ADR_TEMPO,
|
31
|
+
PKI_BRAZIL_CADES_ADR_COMPLETA,
|
32
|
+
CADES_BES,
|
33
|
+
CADES_BES_WITH_REVOCATION_VALUES,
|
34
|
+
CADES_T,
|
35
|
+
PADES_BASIC,
|
36
|
+
PADES_BASIC_WITH_LTV,
|
37
|
+
PADES_T,
|
38
|
+
PKI_BRAZIL_PADES_ADR_BASICA,
|
39
|
+
PKI_BRAZIL_PADES_ADR_BASICA_WITH_LTV,
|
40
|
+
PKI_BRAZIL_PADES_ADR_TEMPO,
|
41
|
+
NFE_PADRAO_NACIONAL,
|
42
|
+
XADES_BES,
|
43
|
+
XML_DSIG_BASIC,
|
44
|
+
PKI_BRAZIL_XML_ADR_BASIC,
|
45
|
+
PKI_BRAZIL_XML_ADR_TEMPO,
|
46
|
+
COD_WITH_SHA1,
|
47
|
+
COD_WITH_SHA256
|
48
|
+
]
|
49
|
+
|
50
|
+
def self.require_timestamp(policy)
|
51
|
+
if policy.nil?
|
52
|
+
return false
|
53
|
+
end
|
54
|
+
|
55
|
+
return policy == PKI_BRAZIL_CADES_ADR_TEMPO || policy == PKI_BRAZIL_CADES_ADR_COMPLETA || policy == CADES_T || policy == PADES_T || policy == PKI_BRAZIL_PADES_ADR_TEMPO || policy == PKI_BRAZIL_XML_ADR_TEMPO
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
59
|
end
|