pki_express 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c36d5bb060458f62faed18815d8172334787019d8cfebdc82f0438f7d1919658
-  data.tar.gz: eb56ce02b6e87563ac1f50344d98967c50cbe45a00adf80388ddb626d994b2fe
+  metadata.gz: 896f1e289fc2ed607b17114868dec204a97e735406574d04aa4c042ec54b9c7f
+  data.tar.gz: 60b52987a7c75e589b1d97b568f5b8e49afd0bec83b525cfe198baf891ec6aa8
 SHA512:
-  metadata.gz: 74b1f525ba74647e809a92335bdb9864bcecd09a361c7ab570c4526686c43da6f06cc4ae38ced1018a5d1b6db5e5f4895692643056e74f8187f0c4e08039f8bf
-  data.tar.gz: ac293189b668b04e46efda5726f8fd19fbf2367acf62a718336f7fd7d609ae97b62b129c26e7be10eec641e7a63f690fb90ef366df292fa75aa9d7f0e081cfce
+  metadata.gz: 6614c5ea29ff158f27878d0c84cf097ad1ef99ff336ecc528c3b9d1ee242333b8c909d4f47a909583ecafa65f024516b9d8cd46ed6b9aa66f6b665aaf9905fb6
+  data.tar.gz: 9ed53c11cd926a4bf1fc99f594706f7532e802db5992b911d08e7ffa2df776f2c95b16379c39b8461007834c8037e0e9433611cf7e8676fa5b9c7208474131de

data/CHANGELOG.md

@@ -1,2 +1,6 @@
+## 1.1.0 (2020-09-09)
+* Adds PAdES Signer
+* Adds support for Trust Services Management
+
 ## 1.0.0 (2018-04-11)
 * First publicly available version

data/README.md

@@ -7,7 +7,7 @@ This library contains classes that encapsulate the calls to PKI Express.
 The recommended way to install **PKI Expresss lib** is through setting in your Gemfile:
 
 ````ruby
-gem 'pki_express', '~> 1.0.0'
+gem 'pki_express', '~> 1.1.0'
 ````
 
 And with installing via [Bundler](http://bundler.io/) on your project root folder:

data/lib/pki_express.rb

@@ -8,17 +8,21 @@ require_relative 'pki_express/auth_complete_result'
 require_relative 'pki_express/auth_start_result'
 require_relative 'pki_express/authentication'
 require_relative 'pki_express/cades_signature_starter'
+require_relative 'pki_express/check_service_result'
 require_relative 'pki_express/command_error'
 require_relative 'pki_express/commands'
+require_relative 'pki_express/discovery_service_result'
 require_relative 'pki_express/error_codes'
 require_relative 'pki_express/installation_not_found_error'
 require_relative 'pki_express/name'
+require_relative 'pki_express/pades_certification_level'
 require_relative 'pki_express/pades_horizontal_align'
 require_relative 'pki_express/pades_measurement_units'
 require_relative 'pki_express/pades_page_optimization'
 require_relative 'pki_express/pades_page_optimization'
 require_relative 'pki_express/pades_paper_size'
 require_relative 'pki_express/pades_signature_starter'
+require_relative 'pki_express/pades_signer'
 require_relative 'pki_express/pades_size'
 require_relative 'pki_express/pades_text_horizontal_align'
 require_relative 'pki_express/pades_vertical_align'
@@ -38,8 +42,15 @@ require_relative 'pki_express/signature_finisher'
 require_relative 'pki_express/signature_start_result'
 require_relative 'pki_express/standard_signature_policies'
 require_relative 'pki_express/timestamp_authority'
+require_relative 'pki_express/trust_service_auth_parameters'
+require_relative 'pki_express/trust_service_info'
+require_relative 'pki_express/trust_service_manager'
+require_relative 'pki_express/trust_service_session_result'
+require_relative 'pki_express/trust_service_session_types'
+require_relative 'pki_express/tsa_authentication_type'
 require_relative 'pki_express/validation_error'
 require_relative 'pki_express/validation_item'
+require_relative 'pki_express/validation_item_types'
 require_relative 'pki_express/validation_results'
 require_relative 'pki_express/version'
 require_relative 'pki_express/version_manager'

data/lib/pki_express/check_service_result.rb

@@ -0,0 +1,16 @@
+module PkiExpress
+
+  class CheckServiceResult
+
+    attr_accessor :user_has_certificates
+
+    def initialize(model)
+      @user_has_certificates = nil
+
+      unless model.nil?
+        @user_has_certificates = model.fetch(:userHasCertificates)
+      end
+    end
+
+  end
+end

data/lib/pki_express/commands.rb

@@ -16,6 +16,10 @@ module PkiExpress
     STAMP_PDF = 'stamp-pdf',
     READ_CERT = 'read-cert',
     GEN_KEY = 'gen-key',
-    CREATE_PFX = 'create-pfx'
+    CREATE_PFX = 'create-pfx',
+    CHECK_SERVICE = 'check-service',
+    DISCOVER_SERVICES = 'discover-services',
+    PASSWORD_AUTHORIZE = 'pwd-auth',
+    COMPLETE_SERVICE_AUTH = 'complete-service-auth'
   end
 end

data/lib/pki_express/discovery_service_result.rb

@@ -0,0 +1,26 @@
+module PkiExpress
+
+  class DiscoverServicesResult
+
+    attr_accessor :services, :auth_parameters
+
+    def initialize(model)
+      @services = []
+      @auth_parameters = []
+
+      unless model.nil?
+        services = model.fetch(:services)
+        if services
+          @services = services.map { |s| TrustServiceInfo.new(s) }
+        end
+
+        auth_parameters = model.fetch(:authParameters)
+        if auth_parameters
+          @auth_parameters = auth_parameters.map { |a| TrustServiceAuthParameters.new(a) }
+        end
+
+      end
+    end
+
+  end
+end

data/lib/pki_express/pades_certification_level.rb

@@ -0,0 +1,8 @@
+module PkiExpress
+  class PadesCertificationLevel < Enum
+    NOT_CERTIFIED = 'not-certified'
+    CERTIFIED_FORM_FILLING = 'certified-form-filling'
+    CERTIFIED_FORM_FILLING_AND_ANNOTATIONS = 'certified-form-filling-annotations'
+    CERTIFIED_NO_CHANGES_ALLOWED = 'certified-no-changes-allowed'
+  end
+end

data/lib/pki_express/pades_signature_starter.rb

@@ -1,12 +1,15 @@
 module PkiExpress
   class PadesSignatureStarter < SignatureStarter
     attr_accessor :suppress_default_visual_representation
+    attr_accessor :custom_signature_field_name, :certification_level
 
     def initialize(config=PkiExpressConfig.new)
       super(config)
       @pdf_to_sign_path = nil
       @vr_json_path = nil
       @suppress_default_visual_representation = false
+      @custom_signature_field_name = nil
+      @certification_level = nil
     end
 
     # region The "pdf_to_sign" accessors
@@ -213,6 +216,22 @@ module PkiExpress
         args.append(@vr_json_path)
       end
 
+      if @custom_signature_field_name
+        args.append('--custom-signature-field-name')
+        args.append(@custom_signature_field_name)
+        # This option can only be used on versions greater than 1.15.0 of the
+        # PKI Express.
+        @version_manager.require_version('1.15')
+      end
+
+      if @certification_level
+        args.append('--certification-level')
+        args.append(@certification_level)
+        # This option can only be used on versions greater than 1.16.0 of the
+        # PKI Express.
+        @version_manager.require_version('1.16')
+      end
+
       if @suppress_default_visual_representation
         args.append('--suppress-default-visual-rep')
 

data/lib/pki_express/pades_signer.rb

@@ -0,0 +1,275 @@
+module PkiExpress
+
+  class PadesSigner < Signer
+    attr_accessor :suppress_default_visual_representation, :overwrite_original_file
+    attr_accessor :custom_signature_field_name, :certification_level, :reason
+
+    def initialize(config=PkiExpressConfig.new)
+      super(config)
+      @pdf_to_sign_path = nil
+      @vr_json_path = nil
+      @overwrite_original_file = false
+      @version_manager = VersionManager.new
+      @custom_signature_field_name = nil
+      @certification_level = nil
+      @reason = nil
+      @suppress_default_visual_representation = false
+    end
+
+    # region set_visual_representation
+
+    def visual_representation_content_raw
+      _get_visual_representation_content_raw
+    end
+
+    def _get_visual_representation_content_raw
+      unless @vr_json_path
+        return nil
+      end
+
+      File.read(@vr_json_path)
+    end
+    private :_get_visual_representation_content_raw
+
+    def visual_representation_content_raw=(content_raw)
+      _set_visual_representation_content_raw(content_raw)
+    end
+
+    def _set_visual_representation_content_raw(content_raw)
+      unless content_raw
+        raise 'The provided "visual_representation" is not valid'
+      end
+
+      temp_file_path = self.create_temp_file
+      File.open(temp_file_path, 'wb') do |f|
+        f.write(content_raw)
+      end
+      @vr_json_path = temp_file_path
+    end
+    private :_set_visual_representation_content_raw
+
+    def visual_representation_path
+      _get_visual_representation_path
+    end
+
+    def _get_visual_representation_path
+      @vr_json_path
+    end
+    private :_get_visual_representation_path
+
+    def visual_representation_path=(path)
+      _set_visual_representation_path(path)
+    end
+
+    def _set_visual_representation_path(path)
+      unless path
+        raise 'The provided "visual_representation_path" is not valid'
+      end
+      unless File.exists?(path)
+        raise 'The provided "visual_representation_path" does not exist'
+      end
+      @vr_json_path = path
+    end
+    private :_set_visual_representation_path
+
+    def visual_representation
+      _get_visual_representation
+    end
+
+    def _get_visual_representation
+      unless @vr_json_path
+        return nil
+      end
+
+      content =  File.read(@vr_json_path)
+      JSON.parse(content)
+    end
+    private :_get_visual_representation
+
+
+    def visual_representation=(vr)
+      _set_visual_representation(vr)
+    end
+
+    def _set_visual_representation(vr)
+      temp_file_path = self.create_temp_file
+      json = JSON.pretty_generate(vr.to_model)
+      File.open(temp_file_path, 'w') do |f|
+        f.write(json)
+      end
+      @vr_json_path = temp_file_path
+    end
+    private :_set_visual_representation
+
+    # endregion
+
+    # region The "pdf_to_sign" accessors
+
+    def pdf_to_sign
+      _get_pdf_to_sign
+    end
+
+    def _get_pdf_to_sign
+      unless @pdf_to_sign_path
+        return nil
+      end
+
+      File.read(@pdf_to_sign_path)
+    end
+    private :_get_pdf_to_sign
+
+    def pdf_to_sign=(content_raw)
+      _set_pdf_to_sign(content_raw)
+    end
+
+    def _set_pdf_to_sign(content_raw)
+      unless content_raw
+        raise 'The provided "pdf_to_sign" is not valid'
+      end
+
+      temp_file_path = self.create_temp_file
+      File.open(temp_file_path, 'wb') do |f|
+        f.write(content_raw)
+      end
+      @pdf_to_sign_path = temp_file_path
+    end
+    private :_set_pdf_to_sign
+
+    def pdf_to_sign_base64
+      _get_pdf_to_sign_base64
+    end
+
+    def _get_pdf_to_sign_base64
+      unless @pdf_to_sign_path
+        return nil
+      end
+
+      content = File.read(@pdf_to_sign_path)
+      Base64.encode64(content)
+    end
+    private :_get_pdf_to_sign_base64
+
+    def pdf_to_sign_base64=(content_base64)
+      _set_pdf_to_sign_base64(content_base64)
+    end
+
+    def _set_pdf_to_sign_base64(content_base64)
+      unless content_base64
+        raise 'The provided "pdf_to_sign_base64" is not valid'
+      end
+
+      begin
+        content_raw = Base64.decode64(content_base64)
+      rescue Error
+        raise 'The provided "pdf_to_sign_base64" is not Base64-encoded'
+      end
+
+      _set_pdf_to_sign(content_raw)
+    end
+    private :_set_pdf_to_sign_base64
+
+    def pdf_to_sign_path
+      _get_pdf_to_sign_path
+    end
+
+    def _get_pdf_to_sign_path
+      @pdf_to_sign_path
+    end
+    private :_get_pdf_to_sign_path
+
+    def pdf_to_sign_path=(path)
+      _set_pdf_to_sign_path(path)
+    end
+
+    def _set_pdf_to_sign_path(path)
+      unless path
+        raise 'The provided "pdf_to_sign_path" is not valid'
+      end
+      unless File.exists?(path)
+        raise 'The provided "pdf_to_sign_path" does not exist'
+      end
+      @pdf_to_sign_path = path
+    end
+    private :_set_pdf_to_sign_path
+
+    # endregion
+
+    def sign(get_cert=false)
+      unless @pdf_to_sign_path
+        raise 'The PDF to be signed was not set'
+      end
+
+      unless @overwrite_original_file || @output_file_path
+        raise 'The output destination was not set'
+      end
+
+      args = [
+        @pdf_to_sign_path,
+      ]
+
+      # Logic to overwrite original file or use the output file
+      if @overwrite_original_file
+        args.append('--overwrite')
+      else
+        args.append(@output_file_path)
+      end
+
+      # Verify and add common options between signers.
+      verify_and_add_common_options(args)
+
+      if @vr_json_path
+        args.append('--visual-rep')
+        args.append(@vr_json_path)
+      end
+
+      if @custom_signature_field_name
+        args.append('--custom-signature-field-name')
+        args.append(@custom_signature_field_name)
+        # This option can only be used on versions greater than 1.15.0 of the
+        # PKI Express.
+        @version_manager.require_version('1.15')
+      end
+
+      if @certification_level
+        args.append('--certification-level')
+        args.append(@certification_level)
+        # This option can only be used on versions greater than 1.16.0 of the
+        # PKI Express.
+        @version_manager.require_version('1.16')
+      end
+
+      if @suppress_default_visual_representation
+        args.append('--suppress-default-visual-rep')
+        # This option can only be used on versions greater than 1.13.1 of the
+        # PKI Express.
+        @version_manager.require_version('1.13.1')
+      end
+
+      if @reason
+        args.append('--reason')
+        args.append(@reason)
+        # This option can only be used on versions greater than 1.13 of the
+        # PKI Express.
+        @version_manager.require_version('1.13')
+      end
+
+      if get_cert
+        # This option can only be used on versions greater than 1.8.0 of the
+        # PKI Express.
+        @version_manager.require_version('1.8')
+
+        # Invoke command.
+        result = invoke(Commands::SIGN_PADES, args)
+
+        # Parse output and return result.
+        model = parse_output(result)
+        return PKCertificate.new(model.fetch(:signer))
+      else  
+        # Invoke command with plain text output (to support PKI Express < 1.3)
+        result = invoke_plain(Commands::SIGN_PADES, args)
+      end
+
+    end
+
+  end
+end