rest_pki 1.0.0

data/lib/rest_pki/restpki_error.rb

@@ -0,0 +1,16 @@
+
+module RestPki
+    class RestPkiError < RestBaseError
+        attr_reader :error_code, :detail
+
+        def initialize(verb, url, error_code, detail)
+            message = "REST PKI action #{verb} #{url} error: #{error_code}"
+            unless detail.to_s.blank?
+                message += " (#{detail})"
+            end
+            super(message, verb, url)
+            @error_code = error_code
+            @detail = detail
+        end
+    end
+end

data/lib/rest_pki/signature_finisher.rb

@@ -0,0 +1,33 @@
+
+module RestPki
+    class SignatureFinisher
+        attr_accessor :token, :signature
+
+        def initialize(restpki_client)
+            @restpki_client = restpki_client
+            @token = nil
+            @signature = nil
+            @callback_argument = nil
+            @certificate_info = nil
+            @done = false
+        end
+
+        def finish
+            raise "#{self.class.name}#finish is an abstract method."
+        end
+
+        def get_callback_argument
+            unless @done
+                raise 'The field "callback_argument" can only be accessed after calling the finish method'
+            end
+            @callback_argument
+        end
+
+        def certificate_info
+            unless @done
+                raise 'The field "certificate_info" can only be accessed after calling the finish method'
+            end
+            @certificate_info
+        end
+    end
+end

data/lib/rest_pki/signature_starter.rb

@@ -0,0 +1,59 @@
+require 'base64'
+
+module RestPki
+    class SignatureStarter
+        attr_accessor :signature_policy_id, :security_context_id, :callback_argument, :ignore_revocation_status_unknown
+
+        def initialize(restpki_client)
+            @restpki_client = restpki_client
+            @signer_certificate_base64 = nil
+            @signature_policy_id = nil
+            @security_context_id = nil
+            @callback_argument = nil
+            @done = false
+            @certificate = nil
+            @ignore_revocation_status_unknown = false
+        end
+
+        def certificate
+            unless @done
+                raise 'The field "certificate_info" can only be accessed after calling one of the start methods'
+            end
+            @certificate
+        end
+
+        def signer_certificate_base64=(content_base64)
+            @signer_certificate_base64 = content_base64
+        end
+
+        def signer_certificate=(content_raw)
+            @signer_certificate_base64 = Base64.encode64(content_raw)
+        end
+
+        def start_with_webpki
+            raise "#{self.class.name}#start_with_webpki is an abstract method."
+        end
+
+        def start
+            raise "#{self.class.name}#start is an abstract method."
+        end
+
+        protected
+        def get_signature_algorithm(oid)
+            case oid
+                when '1.2.840.113549.2.5'
+                    return OpenSSL::Digest::MD5.new
+                when '1.3.14.3.2.26'
+                    return OpenSSL::Digest::SHA1.new
+                when '2.16.840.1.101.3.4.2.1'
+                    return OpenSSL::Digest::SHA256.new
+                when '2.16.840.1.101.3.4.2.2'
+                    return OpenSSL::Digest::SHA384.new
+                when '2.16.840.1.101.3.4.2.3'
+                    return OpenSSL::Digest::SHA512.new
+                else
+                    return nil
+            end
+        end
+    end
+end

data/lib/rest_pki/standard_security_contexts.rb

@@ -0,0 +1,10 @@
+
+module RestPki
+  class StandardSecurityContexts
+
+    PKI_BRAZIL = '201856ce-273c-4058-a872-8937bd547d36'
+    PKI_ITALY = 'c438b17e-4862-446b-86ad-6f85734f0bfe'
+    WINDOWS_SERVER = '3881384c-a54d-45c5-bbe9-976b674f5ec7'
+
+  end
+end

data/lib/rest_pki/standard_signature_policies.rb

@@ -0,0 +1,25 @@
+
+module RestPki
+  class StandardSignaturePolicies
+
+    PADES_BASIC = '78d20b33-014d-440e-ad07-929f05d00cdf'
+    PADES_BASIC_WITH_ICPBR_CERTS = '3fec800c-366c-49bf-82c5-2e72154e70f6'
+    PADES_T_WITH_ICPBR_CERTS = '6a39aeea-a2d0-4754-bf8c-19da15296ddb'
+    PADES_ICPBR_ADR_BASICA = '531d5012-4c0d-4b6f-89e8-ebdcc605d7c2'
+    PADES_ICPBR_ADR_TEMPO = '10f0d9a5-a0a9-42e9-9523-e181ce05a25b'
+
+    CADES_BES = 'a4522485-c9e5-46c3-950b-0d6e951e17d1'
+    CADES_ICPBR_ADR_BASICA = '3ddd8001-1672-4eb5-a4a2-6e32b17ddc46'
+    CADES_ICPBR_ADR_TEMPO = 'a5332ad1-d105-447c-a4bb-b5d02177e439'
+    # CADES_ICPBR_ADR_VALIDACAO = '92378630-dddf-45eb-8296-8fee0b73d5bb'
+    CADES_ICPBR_ADR_COMPLETA = '30d881e7-924a-4a14-b5cc-d5a1717d92f6'
+
+    XML_XADES_BES = '1beba282-d1b6-4458-8e46-bd8ad6800b54'
+    XML_DSIG_BASIC = '2bb5d8c9-49ba-4c62-8104-8141f6459d08'
+    XML_ICPBR_NFE_PADRAO_NACIONAL = 'a3c24251-d43a-4ba4-b25d-ee8e2ab24f06'
+    XML_ICPBR_ADR_BASICA = '1cf5db62-58b6-40ba-88a3-d41bada9b621'
+    XML_ICPBR_ADR_TEMPO = '5aa2e0af-5269-43b0-8d45-f4ef52921f04'
+
+
+  end
+end

data/lib/rest_pki/validation_error.rb

@@ -0,0 +1,11 @@
+
+module RestPki
+    class ValidationError < RestBaseError
+        attr_reader :validation_results
+
+        def initialize(verb, url, validation_results)
+            super(validation_results.__to_string, verb, url)
+            @validation_results = validation_results
+        end
+    end
+end

data/lib/rest_pki/validation_item.rb

@@ -0,0 +1,33 @@
+
+module RestPki
+    class ValidationItem
+        attr_reader :type, :message, :detail
+
+        def initialize(model)
+            @type = model['type']
+            @message = model['message']
+            @detail = model['detail']
+            @inner_validation_results = nil
+            unless model['innerValidationResults'].nil?
+                @inner_validation_results = RestPki::ValidationResults.new(model['innerValidationResults'])
+            end
+        end
+
+        def __to_string
+            to_string(0)
+        end
+
+        def to_string(indentation_level)
+            text = ''
+            text += @message
+            unless @detail.to_s.blank?
+                text += " (#{@detail})"
+            end
+            unless @inner_validation_results.nil?
+                text += '\n'
+                text += @inner_validation_results.to_string(indentation_level + 1)
+            end
+            text
+        end
+    end
+end

data/lib/rest_pki/validation_results.rb

@@ -0,0 +1,107 @@
+
+module RestPki
+    class ValidationResults
+
+        def initialize(model)
+            @errors = convert_items(model['errors'])
+            @warnings = convert_items(model['warnings'])
+            @passed_checks = convert_items(model['passedChecks'])
+        end
+
+        def is_valid
+            @errors.to_a.empty?
+        end
+
+        def get_checks_performed
+            @errors.to_a.length + @warnings.to_a.length + @passed_checks.to_a.length
+        end
+
+        def has_errors
+            !is_valid
+        end
+
+        def has_warnings
+            @warnings.to_a.any?
+        end
+
+        def has_passed_checks
+            @passed_checks.to_a.any?
+        end
+
+        def __to_string
+            to_string(0)
+        end
+
+        def to_string(indentation_level)
+            tab = ''
+            (1..indentation_level).each do; tab += '\t'; end
+            text = ''
+            text += get_summary(indentation_level)
+            if has_errors
+                text += "\n#{tab}Errors:\n"
+                text += join_items(@errors, indentation_level)
+            end
+            if has_warnings
+                text += "\n#{tab}Warnings:\n"
+                text += join_items(@warnings, indentation_level)
+            end
+            if has_passed_checks
+                text += "\n#{tab}Passed checks:\n"
+                text += join_items(@passed_checks, indentation_level)
+            end
+            text
+        end
+
+        def get_summary(indentation_level=0)
+            tab = ''
+            (1..indentation_level).each do; tab += '\t'; end
+            text = "#{tab}Validation results: "
+            if get_checks_performed == 0
+                text += 'no checks performed'
+            else
+                text += "#{get_checks_performed} checks performed"
+                if has_errors
+                    text += ", #{@errors.to_a.length} errors"
+                end
+                if has_warnings
+                    text += ", #{@warnings.to_a.length} warnings"
+                end
+                if has_passed_checks
+                    if !has_errors && !has_warnings
+                        text += ', all passed'
+                    else
+                        text += ", #{@passed_checks.to_a.length} passed"
+                    end
+                end
+            end
+            text
+        end
+
+        private
+        def convert_items(items)
+            converted = []
+            items.each do |item|
+                converted.push(RestPki::ValidationItem.new(item))
+            end
+            converted
+        end
+
+        def join_items(items, indentation_level)
+            text = ''
+            is_first = true
+            tab = ''
+            (1..indentation_level).each do; tab += '\t'; end
+
+            items.each do |item|
+                if is_first
+                    is_first = false
+                else
+                    text += '\n'
+                end
+                text += "#{tab}- "
+                text += item.to_string(indentation_level)
+            end
+            text
+        end
+    end
+end

data/lib/rest_pki/version.rb

@@ -0,0 +1,3 @@
+module RestPki
+  VERSION = '1.0.0'
+end

data/lib/rest_pki/xml_element_signature_starter.rb

@@ -0,0 +1,68 @@
+module RestPki
+    class XmlElementSignatureStarter < XmlSignatureStarter
+        attr_accessor :element_tosign_id, :id_resolution_table
+
+        def initialize(restpki_client)
+            super(restpki_client)
+            @element_tosign_id = nil
+            @id_resolution_table = nil
+        end
+
+        def start_with_webpki
+            verify_common_parameters(true)
+            if @xml_content_base64.to_s.blank?
+                raise 'The XML was not set'
+            end
+            if @element_tosign_id.to_s.blank?
+                raise 'The XML element id to sign was not set'
+            end
+
+            request = get_request
+            request['elementToSignId'] = @element_tosign_id
+            unless @id_resolution_table.nil?
+                request['idResolutionTable'] = @id_resolution_table.to_model
+            end
+
+            response = @restpki_client.post('Api/XmlSignatures/XmlElementSignature', request, 'xml_model')
+
+            unless response['certificate'].nil?
+                @certificate = response['certificate']
+            end
+            @done = true
+
+            response['token']
+        end
+
+        def start
+            verify_common_parameters(true)
+            if @xml_content_base64.to_s.blank?
+                raise 'The XML was not set'
+            end
+            if @element_tosign_id.to_s.blank?
+                raise 'The XML element id to sign was not set'
+            end
+
+            request = get_request
+            request['elementToSignId'] = @element_tosign_id
+            unless @id_resolution_table.nil?
+                request['idResolutionTable'] = @id_resolution_table.to_model
+            end
+
+            response = @restpki_client.post('Api/XmlSignatures/XmlElementSignature', request, 'xml_model')
+
+            unless response['certificate'].nil?
+                @certificate = response['certificate']
+            end
+            @done = true
+
+            {
+                :token => response['token'],
+                :to_sign_data => response['toSignData'],
+                :to_sign_hash => response['toSignHash'],
+                :digest_algorithm_oid => response['digestAlgorithmOid'],
+                :signature_algorithm => get_signature_algorithm(response['digestAlgorithmOid'])
+            }
+        end
+
+    end
+end

data/lib/rest_pki/xml_id_resolution_table.rb

@@ -0,0 +1,40 @@
+module RestPki
+    class XmlIdResolutionTable
+        attr_accessor :include_xml_id_attribute, :element_id_attributes, :global_id_attributes
+
+        def initialize(inc_xml_id_attribute=nil)
+            @include_xml_id_attribute = inc_xml_id_attribute
+            @element_id_attributes = Hash.new
+            @global_id_attributes = Hash.new
+        end
+
+        def add_global_id_attribute(local_name, namespace=nil)
+            @global_id_attributes.push({
+               localName: local_name,
+               namespace: namespace
+            })
+        end
+
+        def set_element_id_attribute(element_local_name, element_namespace, attribute_local_name, attribute_namespace=nil)
+            @element_id_attributes.push({
+                element: {
+                    localName: element_local_name,
+                    namespace: element_namespace
+                },
+                attribute: {
+                    localName: attribute_local_name,
+                    namespace: attribute_namespace
+                }
+            })
+        end
+
+        def to_model
+            {
+                includeXmlIdAttribute: @include_xml_id_attribute,
+                elementIdAttributes: @element_id_attributes,
+                globalIdAttributes: @global_id_attributes
+            }
+        end
+
+    end
+end

data/lib/rest_pki/xml_insertion_options.rb

@@ -0,0 +1,11 @@
+
+module RestPki
+  class XmlInsertionOptions
+
+    APPEND_CHILD = 'AppendChild'
+    PREPEND_CHILD = 'PrependChild'
+    APPEND_SIBLING = 'AppendSibling'
+    PREPEND_SIBLING = 'PrependSibling'
+
+  end
+end

data/lib/rest_pki/xml_signature_finisher.rb

@@ -0,0 +1,52 @@
+require 'base64'
+
+module RestPki
+    class XmlSignatureFinisher < SignatureFinisher
+
+        def initialize(restpki_client)
+            super(restpki_client)
+            @signed_xml_content = nil
+        end
+
+        def finish
+            if @token.to_s.blank?
+                raise 'The token was not set'
+            end
+
+            if @signature.to_s.blank?
+                response = @restpki_client.post("Api/XmlSignatures/#{@token}/Finalize", nil, 'xml_model')
+            else
+                request = { signature: @signature }
+                response = @restpki_client.post("Api/XmlSignatures/#{@token}/SignedBytes", request, 'xml_model')
+            end
+
+            @signed_xml_content = Base64.decode64(response['signedXml'])
+            @callback_argument = response['callbackArgument']
+            @certificate_info = response['certificate']
+            @done = true
+
+            @signed_xml_content
+        end
+
+        def signed_xml_content
+            unless @done
+                raise 'The field "signed_xml_content" can only be accessed after calling the finish method'
+            end
+
+            @signed_xml_content
+        end
+
+        def write_signed_xml(xml_path)
+            unless @done
+                raise 'The method write_signed_xml can only be called after calling the finish method'
+            end
+
+            file = File.open(xml_path, 'wb')
+            file.write(@signed_xml_content)
+            file.close
+
+            nil # No value is returned.
+        end
+
+    end
+end