pki_express 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: c36d5bb060458f62faed18815d8172334787019d8cfebdc82f0438f7d1919658
+  data.tar.gz: eb56ce02b6e87563ac1f50344d98967c50cbe45a00adf80388ddb626d994b2fe
+SHA512:
+  metadata.gz: 74b1f525ba74647e809a92335bdb9864bcecd09a361c7ab570c4526686c43da6f06cc4ae38ced1018a5d1b6db5e5f4895692643056e74f8187f0c4e08039f8bf
+  data.tar.gz: ac293189b668b04e46efda5726f8fd19fbf2367acf62a718336f7fd7d609ae97b62b129c26e7be10eec641e7a63f690fb90ef366df292fa75aa9d7f0e081cfce

data/.gitattributes

@@ -0,0 +1,3 @@
+
+# Enable automatic line ending normalization
+* text=auto

data/.gitignore

@@ -0,0 +1,28 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log
+*.gem
+*.rbc
+.DS_Store
+.bundle
+.rvmrc
+.ruby-version
+.yardoc
+.rake_tasks~
+Gemfile.lock
+coverage/*
+doc/*
+log/*
+pkg/*
+.idea/*

data/CHANGELOG.md

@@ -0,0 +1,2 @@
+## 1.0.0 (2018-04-11)
+* First publicly available version

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify the gem's dependencies in pki_express.gemspec
+gemspec

data/README.md

@@ -0,0 +1,24 @@
+PKI Express for Ruby
+============================
+[![Gem Version](https://badge.fury.io/rb/rest_pki.svg)](https://badge.fury.io/rb/rest_pki)
+
+This library contains classes that encapsulate the calls to PKI Express.
+
+The recommended way to install **PKI Expresss lib** is through setting in your Gemfile:
+
+````ruby
+gem 'pki_express', '~> 1.0.0'
+````
+
+And with installing via [Bundler](http://bundler.io/) on your project root folder:
+    
+    bundle install
+    
+Alternatively, You can install this gem globally by executing the following command:
+
+    gem install pki_express 
+
+Samples
+-------
+Please visit the [PKI Suite samples repository](https://github.com/LacunaSoftware/PkiSuiteSamples/tree/master/Ruby)
+for examples on how to use this library.

data/Rakefile

@@ -0,0 +1 @@
+require 'bundler/gem_tasks'

data/lib/pki_express.rb

@@ -0,0 +1,48 @@
+require_relative 'pki_express/pki_express_config'
+require_relative 'pki_express/pki_express_operator'
+require_relative 'pki_express/enum'
+require_relative 'pki_express/base_signer'
+require_relative 'pki_express/signature_starter'
+require_relative 'pki_express/signer'
+require_relative 'pki_express/auth_complete_result'
+require_relative 'pki_express/auth_start_result'
+require_relative 'pki_express/authentication'
+require_relative 'pki_express/cades_signature_starter'
+require_relative 'pki_express/command_error'
+require_relative 'pki_express/commands'
+require_relative 'pki_express/error_codes'
+require_relative 'pki_express/installation_not_found_error'
+require_relative 'pki_express/name'
+require_relative 'pki_express/pades_horizontal_align'
+require_relative 'pki_express/pades_measurement_units'
+require_relative 'pki_express/pades_page_optimization'
+require_relative 'pki_express/pades_page_optimization'
+require_relative 'pki_express/pades_paper_size'
+require_relative 'pki_express/pades_signature_starter'
+require_relative 'pki_express/pades_size'
+require_relative 'pki_express/pades_text_horizontal_align'
+require_relative 'pki_express/pades_vertical_align'
+require_relative 'pki_express/pades_visual_positioning'
+require_relative 'pki_express/pades_visual_auto_positioning'
+require_relative 'pki_express/pades_visual_image'
+require_relative 'pki_express/pades_visual_manual_positioning'
+require_relative 'pki_express/pades_visual_rectangle'
+require_relative 'pki_express/pades_visual_representation'
+require_relative 'pki_express/pades_visual_text'
+require_relative 'pki_express/pk_certificate'
+require_relative 'pki_express/pki_brazil_certificate_fields'
+require_relative 'pki_express/pki_brazil_certificate_types'
+require_relative 'pki_express/pki_italy_certificate_fields'
+require_relative 'pki_express/pki_italy_certificate_types'
+require_relative 'pki_express/signature_finisher'
+require_relative 'pki_express/signature_start_result'
+require_relative 'pki_express/standard_signature_policies'
+require_relative 'pki_express/timestamp_authority'
+require_relative 'pki_express/validation_error'
+require_relative 'pki_express/validation_item'
+require_relative 'pki_express/validation_results'
+require_relative 'pki_express/version'
+require_relative 'pki_express/version_manager'
+
+module PkiExpress
+end

data/lib/pki_express/auth_complete_result.rb

@@ -0,0 +1,22 @@
+module PkiExpress
+  class AuthCompleteResult
+
+    attr_accessor :certificate, :validation_results
+
+    def initialize(model)
+      @certificate = nil
+      @validation_results = nil
+
+      if model
+        certificate = model.fetch(:certificate)
+        if certificate
+          @certificate = PKCertificate.new(certificate)
+        end
+        validation_results = model.fetch(:validationResults)
+        if validation_results
+          @validation_results = ValidationResults.new(validation_results)
+        end
+      end
+    end
+  end
+end

data/lib/pki_express/auth_start_result.rb

@@ -0,0 +1,77 @@
+module PkiExpress
+  class AuthStartResult
+    attr_accessor :digest_algorithm_name, :digest_algorithm_oid
+
+    def initialize(model)
+      @nonce_base64 = nil
+      @digest_algorithm_name = nil
+      @digest_algorithm_oid = nil
+
+      if model
+        @nonce_base64 = model.fetch(:toSignData)
+        @digest_algorithm_name = model.fetch(:digestAlgorithmName)
+        @digest_algorithm_oid = model.fetch(:digestAlgorithmOid)
+      end
+    end
+
+    # region The "nonce" accessors
+
+    def nonce
+      _get_nonce
+    end
+
+    def _get_nonce
+      unless @nonce_base64
+        return nil
+      end
+
+      Base64.decode64(@nonce_base64)
+    end
+    private :_get_nonce
+
+    def nonce=(nonce)
+      _set_nonce(nonce)
+    end
+
+    def _set_nonce(nonce)
+      unless nonce
+        raise 'The provided "nonce" is not valid'
+      end
+
+      begin
+        b64 = Base64.encode64(nonce)
+      rescue Error
+        raise 'The provided "nonce" is not valid.'
+      end
+
+      @nonce_base64 = b64
+    end
+    private :_set_nonce
+
+    def nonce_base64
+      _get_nonce_base64
+    end
+
+    def _get_nonce_base64
+      @nonce_base64
+    end
+    private :_get_nonce_base64
+
+    def nonce_base64=(nonce_base64)
+      unless nonce_base64
+        raise 'The provided "nonce_base64" is not valid'
+      end
+
+      begin
+        Base64.decode64(nonce_base64)
+      rescue Error
+        raise 'The provided "nonce_base64" is not Base64-encoded.'
+      end
+
+      @nonce_base64 = nonce_base64
+    end
+
+    #endregion
+
+  end
+end

data/lib/pki_express/authentication.rb

@@ -0,0 +1,285 @@
+module PkiExpress
+  class Authentication < PkiExpressOperator
+
+    attr_accessor :use_external_storage
+
+    def initialize(config=PkiExpressConfig.new)
+      super(config)
+      @nonce_base64 = nil
+      @certificate_path = nil
+      @signature_base64 = nil
+      @use_external_storage = false
+    end
+
+    # region The "nonce" accessors
+
+    def nonce
+      _get_nonce
+    end
+
+    def _get_nonce
+      unless @nonce_base64
+        return nil
+      end
+
+      Base64.decode64(@nonce_base64)
+    end
+    private :_get_nonce
+
+    def nonce=(nonce)
+      _set_nonce(nonce)
+    end
+
+    def _set_nonce(nonce)
+      unless nonce
+        raise 'The provided "nonce" is not valid'
+      end
+
+      begin
+        b64 = Base64.encode64(nonce)
+      rescue Error
+        raise 'The provided "nonce" is not valid'
+      end
+
+      @nonce_base64 = b64
+    end
+    private :_set_nonce
+
+    def nonce_base64
+      _get_nonce_base64
+    end
+
+    def _get_nonce_base64
+      @nonce_base64
+    end
+    private :_get_nonce_base64
+
+    def nonce_base64=(nonce_base64)
+      unless nonce_base64
+        raise 'The provided "nonce_base64" is not valid'
+      end
+
+      begin
+        Base64.decode64(nonce_base64)
+      rescue Error
+        raise 'The provided "nonce_base64" is not Base64-encoded'
+      end
+
+      @nonce_base64 = nonce_base64
+    end
+
+    #endregion
+
+    # region The "certificate" accessors
+
+    def certificate
+      _get_certificate
+    end
+
+    def _get_certificate
+      unless @certificate_path
+        return nil
+      end
+
+      File.read(@certificate_path)
+    end
+    private :_get_certificate
+
+    def certificate=(content_raw)
+      _set_certificate(content_raw)
+    end
+
+    def _set_certificate(content_raw)
+      unless content_raw
+        raise 'The provided "certificate" is not valid'
+      end
+
+      temp_file_path = self.create_temp_file
+      File.open(temp_file_path, 'wb') do |f|
+        f.write(content_raw)
+      end
+      @certificate_path = temp_file_path
+    end
+    private :_set_certificate
+
+    def certificate_base64
+      _get_certificate_base64
+    end
+
+    def _get_certificate_base64
+      unless @certificate_path
+        return nil
+      end
+
+      content = File.read(@certificate_path)
+      Base64.encode64(content)
+    end
+    private :_get_certificate_base64
+
+    def certificate_base64=(content_base64)
+      _set_certificate_base64(content_base64)
+    end
+
+    def _set_certificate_base64(content_base64)
+      unless content_base64
+        raise 'The provided "certificate_base64" is not valid'
+      end
+
+      begin
+        content_raw = Base64.decode64(content_base64)
+      rescue Error
+        raise 'The provided "certificate_base64" is not Base64-encoded'
+      end
+
+      _set_certificate(content_raw)
+    end
+    private :_set_certificate_base64
+
+    def certificate_path
+      _get_certificate_path
+    end
+
+    def _get_certificate_path
+      @certificate_path
+    end
+    private :_get_certificate_path
+
+    def certificate_path=(path)
+      _set_certificate_path(path)
+    end
+
+    def _set_certificate_path(path)
+      unless path
+        raise 'The provided "certificate_path" is not valid'
+      end
+      if File.exists?(path)
+        raise 'The provided "certificate_path" does not exist'
+      end
+
+      @certificate_path = path
+    end
+    private :_set_certificate_path
+
+    # endregion
+
+    # region The "signature" accessors
+
+    def signature
+      _get_signature
+    end
+
+    def _get_signature
+      unless @signature_base64
+        return nil
+      end
+
+      Base64.decode64(@signature_base64)
+    end
+    private :_get_signature
+
+    def signature=(signature)
+      _set_signature(signature)
+    end
+
+    def _set_signature(signature)
+      unless signature
+        raise 'The provided "signature" is not valid'
+      end
+      begin
+        b64 = Base64.encode64(signature)
+      rescue Error
+        raise 'The provided "signature" is not valid'
+      end
+
+      @signature_base64 = b64
+    end
+    private :_set_signature
+
+    def signature_base64
+      _get_signature_base64
+    end
+
+    def _get_signature_base64
+      @signature_base64
+    end
+    private :_get_signature_base64
+
+    def signature_base64=(signature_base64)
+      _set_signature_base64(signature_base64)
+    end
+
+    def _set_signature_base64(signature_base64)
+      unless signature_base64
+        raise 'The provided "signature_base64" is not valid'
+      end
+      begin
+        Base64.decode64(signature_base64)
+      rescue Error
+        raise 'The provided "signature_base64" is not Base64-encoded'
+      end
+
+      @signature_base64 = signature_base64
+    end
+    private :_set_signature_base64
+
+    # endregion
+
+    def start
+      args = []
+
+      # The option "use external storage" is used to ignore the PKI Express's
+      # nonce verification, to make a own nonce store and nonce verification.
+      if @use_external_storage
+        args.append('--nonce-store')
+        args.append(@config.transfer_data_folder)
+      end
+
+      # This operation can only be used on versions greater then 1.4 of PKI
+      # Express.
+      @version_manager.require_version('1.4')
+
+      # Invoke command.
+      result = invoke(Commands::START_AUTH, args)
+
+      # Parse output and return result.
+      model = parse_output(result)
+      AuthStartResult.new(model)
+    end
+
+    def complete
+      unless @nonce_base64
+        raise 'The nonce was not set.'
+      end
+      unless @certificate_path
+        raise 'The certificate file was not set.'
+      end
+      unless @signature_base64
+        raise 'The signature was not set.'
+      end
+
+      args = [
+        @nonce_base64,
+        @certificate_path,
+        @signature_base64
+      ]
+
+      # The option "use external storage" is used to ignore the PKI Express's
+      # nonce verification, to make a own nonce store and nonce verification.
+      unless @use_external_storage
+        args.append('--nonce-store')
+        args.append(@config.transfer_data_folder)
+      end
+
+      # This configuration can only be used on versions greater than 1.4 of PKI
+      # Express.
+      @version_manager.require_version('1.4')
+
+      # Invoke command.
+      result = invoke(Commands::COMPLETE_AUTH, args)
+
+      # Parse output and return result.
+      model = parse_output(result)
+      AuthCompleteResult.new(model)
+    end
+  end
+end