signature_dfe 0.1.1 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/CHANGELOG +3 -0
- data/README.md +60 -3
- data/lib/signature_dfe.rb +2 -1
- data/lib/signature_dfe/evento_nfe.rb +72 -0
- data/lib/signature_dfe/ssl.rb +4 -6
- data/lib/signature_dfe/version.rb +1 -1
- metadata +3 -3
- data/Gemfile.lock +0 -43
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c802eaf476623cebfcfb4142191d0497d653b10a7c3d0f7b446a94cc3804e61a
|
|
4
|
+
data.tar.gz: 7a88f5520538835ac8cd22fa7b61c94042837d7aaeb3fce8de512d915aaf4388
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5d13f7aec53106b1bc3b8aa80ed9a99adcd9c9523037dd5393c9a59484666d78018015f6903d3f72acc6266c5ad3b07b1b886244175fc2e7801ff483c19f0799
|
|
7
|
+
data.tar.gz: d1469960231b9af6fb343ac320e3a62ae60173b2d76ee4a0b3cd8405eb11a6c3a6a7e5c9a822b6c6ce5baf00bde671801748512fa15c55ae5c3f4b38dbd9de54
|
data/.gitignore
CHANGED
data/CHANGELOG
CHANGED
data/README.md
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
[](https://travis-ci.org/thiaguerd/signature_dfe) [](https://rubygems.org/gems/signature_dfe)
|
|
2
|
+
|
|
1
3
|
# SignatureDfe
|
|
2
4
|
|
|
3
5
|
Assinatura digital de documentos fiscais eletrônicos (DF-e)
|
|
@@ -42,7 +44,7 @@ SignatureDfe::SSL.config.password = "sua_senha"
|
|
|
42
44
|
SignatureDfe::SSL.config.cert. = "caminho/para/seu/certificado_publico.pem"
|
|
43
45
|
```
|
|
44
46
|
|
|
45
|
-
Feito esta configuração você testa, no
|
|
47
|
+
Feito esta configuração você testa, no caso de tudo certo, o resultado será true
|
|
46
48
|
|
|
47
49
|
```ruby
|
|
48
50
|
SignatureDfe::SSL.test
|
|
@@ -53,6 +55,7 @@ Feito esta configuração vc já está pronto para assinar seus documentos.
|
|
|
53
55
|
## Assinatura digital NF-e NFC-e e NFA-e
|
|
54
56
|
|
|
55
57
|
Observe que os 3 documentos possuem a mesma estrutura
|
|
58
|
+
|
|
56
59
|
Para assinar sua nf-e existem duas formas
|
|
57
60
|
|
|
58
61
|
A forma qual vc tem a xml da assinautra completo onde vc passa o seu xml contendo a tag <b>infNFe</b>
|
|
@@ -72,7 +75,7 @@ Onde a resposta será
|
|
|
72
75
|
<SignedInfo>
|
|
73
76
|
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
|
|
74
77
|
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
|
75
|
-
<Reference URI="#NFe
|
|
78
|
+
<Reference URI="#NFe...">
|
|
76
79
|
<Transforms>
|
|
77
80
|
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
|
78
81
|
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
|
|
@@ -90,7 +93,7 @@ Onde a resposta será
|
|
|
90
93
|
</Signature>
|
|
91
94
|
```
|
|
92
95
|
|
|
93
|
-
|
|
96
|
+
E a forma qual onde você pode obter os valores do <b>DigestValue</b>, <b>SignatureValue</b> e <b>X509Certificate</b> manualmente, e assim montar da forma como desejar seu xml
|
|
94
97
|
|
|
95
98
|
```ruby
|
|
96
99
|
inf_nfe = %{
|
|
@@ -103,6 +106,60 @@ signature_value = SignatureDfe::NFe.signature_value ch_nfe, digest_value
|
|
|
103
106
|
x509certificate = SignatureDfe::SSL.cert
|
|
104
107
|
```
|
|
105
108
|
|
|
109
|
+
## Assinatura digital Evento de NF-e NFC-e e NFA-e
|
|
110
|
+
|
|
111
|
+
Observe que os 3 documentos possuem a mesma estrutura
|
|
112
|
+
|
|
113
|
+
Para assinar sua nf-e existem duas formas
|
|
114
|
+
|
|
115
|
+
A forma qual vc tem a xml da assinautra completo onde vc passa o seu xml contendo a tag <b>infNFe</b>
|
|
116
|
+
|
|
117
|
+
```ruby
|
|
118
|
+
inf_evento = %{
|
|
119
|
+
<infEvento Id="ID1101115515151515151515151515156546546546545646544701">
|
|
120
|
+
...
|
|
121
|
+
</infEvento>}
|
|
122
|
+
SignatureDfe::NFe::Event.sign inf_evento
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
Onde a resposta será
|
|
126
|
+
|
|
127
|
+
```xml
|
|
128
|
+
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
|
129
|
+
<SignedInfo>
|
|
130
|
+
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
|
|
131
|
+
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
|
132
|
+
<Reference URI="#ID1...">
|
|
133
|
+
<Transforms>
|
|
134
|
+
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
|
135
|
+
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
|
|
136
|
+
</Transforms>
|
|
137
|
+
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
|
138
|
+
<DigestValue>...</DigestValue>
|
|
139
|
+
</Reference>
|
|
140
|
+
</SignedInfo>
|
|
141
|
+
<SignatureValue>...</SignatureValue>
|
|
142
|
+
<KeyInfo>
|
|
143
|
+
<X509Data>
|
|
144
|
+
<X509Certificate>...</X509Certificate>
|
|
145
|
+
</X509Data>
|
|
146
|
+
</KeyInfo>
|
|
147
|
+
</Signature>
|
|
148
|
+
```
|
|
149
|
+
|
|
150
|
+
E a forma qual onde você pode obter os valores do <b>DigestValue</b>, <b>SignatureValue</b> e <b>X509Certificate</b> manualmente, e assim montar da forma como desejar seu xml
|
|
151
|
+
|
|
152
|
+
```ruby
|
|
153
|
+
inf_evento = %{
|
|
154
|
+
<infEvento Id="ID1101115515151515151515151515156546546546545646544701">
|
|
155
|
+
...
|
|
156
|
+
</infEvento>}
|
|
157
|
+
event_id = "ID1101115515151515151515151515156546546546545646544701"
|
|
158
|
+
digest_value = SignatureDfe::NFe::Event.digest_value inf_evento
|
|
159
|
+
signature_value = SignatureDfe::NFe::Event.signature_value event_id, digest_value
|
|
160
|
+
x509certificate = SignatureDfe::SSL.cert
|
|
161
|
+
```
|
|
162
|
+
|
|
106
163
|
## License
|
|
107
164
|
|
|
108
165
|
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
data/lib/signature_dfe.rb
CHANGED
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
require 'base64'
|
|
2
|
+
require 'nokogiri'
|
|
3
|
+
|
|
4
|
+
module SignatureDfe
|
|
5
|
+
class NFe
|
|
6
|
+
class Event
|
|
7
|
+
|
|
8
|
+
def self.digest_value something
|
|
9
|
+
inf_event = something.scan(/\<infevento[\s\S]*?\<\/infevento\>/i)[0].gsub(/>\s+</,"><")
|
|
10
|
+
inf_event_canonized = canonize_inf_event inf_event
|
|
11
|
+
Base64.encode64(OpenSSL::Digest::SHA1.digest(inf_event_canonized)).strip
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def self.signature_value event_id, digest_value
|
|
15
|
+
signed_info = %{
|
|
16
|
+
<SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
|
|
17
|
+
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
|
|
18
|
+
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
|
19
|
+
<Reference URI="#ID#{event_id}">
|
|
20
|
+
<Transforms>
|
|
21
|
+
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
|
22
|
+
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
|
|
23
|
+
</Transforms>
|
|
24
|
+
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
|
25
|
+
<DigestValue>#{digest_value}</DigestValue>
|
|
26
|
+
</Reference>
|
|
27
|
+
</SignedInfo>
|
|
28
|
+
}
|
|
29
|
+
signed_info_canonized = SignatureDfe.canonize signed_info
|
|
30
|
+
Base64.encode64(SignatureDfe::SSL.sign signed_info_canonized).strip
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def self.sign something
|
|
34
|
+
digest_value_ = digest_value something
|
|
35
|
+
|
|
36
|
+
event_id = something.scan(/\<infEvento[\s\S]*?\>/i)[0].scan(/\d/).join("")
|
|
37
|
+
|
|
38
|
+
signature_value_ = signature_value event_id, digest_value_
|
|
39
|
+
|
|
40
|
+
%{
|
|
41
|
+
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
|
42
|
+
<SignedInfo>
|
|
43
|
+
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
|
|
44
|
+
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
|
45
|
+
<Reference URI="#ID#{event_id}">
|
|
46
|
+
<Transforms>
|
|
47
|
+
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
|
48
|
+
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
|
|
49
|
+
</Transforms>
|
|
50
|
+
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
|
51
|
+
<DigestValue>#{digest_value_}</DigestValue>
|
|
52
|
+
</Reference>
|
|
53
|
+
</SignedInfo>
|
|
54
|
+
<SignatureValue>#{signature_value_}</SignatureValue>
|
|
55
|
+
<KeyInfo>
|
|
56
|
+
<X509Data>
|
|
57
|
+
<X509Certificate>#{SignatureDfe::SSL.cert.to_s.gsub(/\-\-\-\-\-[A-Z]+ CERTIFICATE\-\-\-\-\-/, "").strip}</X509Certificate>
|
|
58
|
+
</X509Data>
|
|
59
|
+
</KeyInfo>
|
|
60
|
+
</Signature>
|
|
61
|
+
}.gsub(/\>\s{1,}\</,"><").strip
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def self.canonize_inf_event inf_nfe
|
|
65
|
+
tag_inf_nfe = inf_nfe.scan(/\<infevento[\s\S]*?\>/i)[0]
|
|
66
|
+
SignatureDfe.canonize(tag_inf_nfe.include?(%{xmlns="http://www.portalfiscal.inf.br/nfe"}) ? tag_inf_nfe : inf_nfe.gsub(%{<infEvento},%{<infEvento xmlns="http://www.portalfiscal.inf.br/nfe"}))
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
private_class_method :canonize_inf_event
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
end
|
data/lib/signature_dfe/ssl.rb
CHANGED
|
@@ -38,11 +38,7 @@ module SignatureDfe
|
|
|
38
38
|
|
|
39
39
|
def self.cert
|
|
40
40
|
self.test unless defined?(@@pk)
|
|
41
|
-
|
|
42
|
-
@@pk.certificate
|
|
43
|
-
else
|
|
44
|
-
@@cert.to_s.gsub(/\-\-\-\-\-[A-Z]+ CERTIFICATE\-\-\-\-\-/, "").strip
|
|
45
|
-
end
|
|
41
|
+
@@cert.to_s.gsub(/\-\-\-\-\-[A-Z]+ CERTIFICATE\-\-\-\-\-/, "").strip
|
|
46
42
|
end
|
|
47
43
|
|
|
48
44
|
def self.test
|
|
@@ -50,7 +46,9 @@ module SignatureDfe
|
|
|
50
46
|
if config.pkcs12
|
|
51
47
|
if File.exist? config.pkcs12
|
|
52
48
|
begin
|
|
53
|
-
|
|
49
|
+
aux = OpenSSL::PKCS12.new(File.read(config.pkcs12), config.instance_variable_get(:@password))
|
|
50
|
+
@@pk = aux.key
|
|
51
|
+
@@cert = aux.certificate
|
|
54
52
|
rescue OpenSSL::PKCS12::PKCS12Error => e
|
|
55
53
|
raise SignatureDfe::Error.new "Wrong password for '#{config.pkcs12}'"
|
|
56
54
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: signature_dfe
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Thiago Feitosa
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-01-
|
|
11
|
+
date: 2019-01-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -93,7 +93,6 @@ files:
|
|
|
93
93
|
- CHANGELOG
|
|
94
94
|
- CODE_OF_CONDUCT.md
|
|
95
95
|
- Gemfile
|
|
96
|
-
- Gemfile.lock
|
|
97
96
|
- LICENSE.txt
|
|
98
97
|
- README.md
|
|
99
98
|
- Rakefile
|
|
@@ -104,6 +103,7 @@ files:
|
|
|
104
103
|
- certs/gen.sh
|
|
105
104
|
- certs/key.pem
|
|
106
105
|
- lib/signature_dfe.rb
|
|
106
|
+
- lib/signature_dfe/evento_nfe.rb
|
|
107
107
|
- lib/signature_dfe/nfe.rb
|
|
108
108
|
- lib/signature_dfe/ssl.rb
|
|
109
109
|
- lib/signature_dfe/version.rb
|
data/Gemfile.lock
DELETED
|
@@ -1,43 +0,0 @@
|
|
|
1
|
-
PATH
|
|
2
|
-
remote: .
|
|
3
|
-
specs:
|
|
4
|
-
signature_dfe (0.1.0)
|
|
5
|
-
|
|
6
|
-
GEM
|
|
7
|
-
remote: https://rubygems.org/
|
|
8
|
-
specs:
|
|
9
|
-
diff-lcs (1.3)
|
|
10
|
-
ipaddr (1.2.2)
|
|
11
|
-
mini_portile2 (2.4.0)
|
|
12
|
-
nokogiri (1.9.1)
|
|
13
|
-
mini_portile2 (~> 2.4.0)
|
|
14
|
-
openssl (2.1.2)
|
|
15
|
-
ipaddr
|
|
16
|
-
rake (10.5.0)
|
|
17
|
-
rspec (3.8.0)
|
|
18
|
-
rspec-core (~> 3.8.0)
|
|
19
|
-
rspec-expectations (~> 3.8.0)
|
|
20
|
-
rspec-mocks (~> 3.8.0)
|
|
21
|
-
rspec-core (3.8.0)
|
|
22
|
-
rspec-support (~> 3.8.0)
|
|
23
|
-
rspec-expectations (3.8.2)
|
|
24
|
-
diff-lcs (>= 1.2.0, < 2.0)
|
|
25
|
-
rspec-support (~> 3.8.0)
|
|
26
|
-
rspec-mocks (3.8.0)
|
|
27
|
-
diff-lcs (>= 1.2.0, < 2.0)
|
|
28
|
-
rspec-support (~> 3.8.0)
|
|
29
|
-
rspec-support (3.8.0)
|
|
30
|
-
|
|
31
|
-
PLATFORMS
|
|
32
|
-
ruby
|
|
33
|
-
|
|
34
|
-
DEPENDENCIES
|
|
35
|
-
bundler (~> 1.17)
|
|
36
|
-
nokogiri (~> 1.9.1)
|
|
37
|
-
openssl (~> 2.1.2)
|
|
38
|
-
rake (~> 10.0)
|
|
39
|
-
rspec (~> 3.0)
|
|
40
|
-
signature_dfe!
|
|
41
|
-
|
|
42
|
-
BUNDLED WITH
|
|
43
|
-
1.17.2
|