signer 1.4.3 → 1.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8bf8bef96e43865a346996e58d2c3fe67e6941a5
4
- data.tar.gz: 21685b57a5beeb45ff1935da45daf9f62df86186
3
+ metadata.gz: ae216e81d9f7a7ee4d382887c57ac53a915e7173
4
+ data.tar.gz: 01e67fcff1cbe03eafaa72e083d9849ddede5bb4
5
5
  SHA512:
6
- metadata.gz: 2d07bf7febe758343d53ac6c12efa76145acfb5651bfc05ae0cccd5eb7e95f803890af24eb07e0e9ed3cac592d24f4957b28748a1a39577fcb0f0da72faadbac
7
- data.tar.gz: cede490e1f19fac745afc83f79851c925dfcd91450d807f816e6b828679784a6f492449df5203c4de74e3da303a3cc16ebcca5cbea1222119cc0539b24515b5c
6
+ metadata.gz: e9dc941878f1f90d72cf33deba4a2f1c82e84d94f108461a2187a1042520db896368322ed3d1e136bab90d1274fa5e3a4ef96fd10ada602b7878844ec59a642a
7
+ data.tar.gz: 5ff0201e154fa6fd8174c10f1605a4a9f630362db0a8a4b37afed9f61da674b959a5f8cccfd326e1b40a9cc6d310cb5f88353bcb13986c6c395c69c3c1d9cd4e
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## 1.5.0 (2017-01-23)
2
+
3
+ - Add posibility to disable noblanks method in Signer initialization (#16, @bpietraga)
4
+ - Minimum ruby version is now 2.1
5
+
1
6
  ## 1.4.3 (2015-10-28)
2
7
 
3
8
  - Fixed Issuer Name node (#8, @tiagocasanovapt)
data/README.md CHANGED
@@ -228,3 +228,10 @@ signer.sign! # No need to pass a :security_token option, as we already construct
228
228
  ```
229
229
 
230
230
  If you need to use canonicalization with inclusive namespaces you can pass array of namespace prefixes in `:inclusive_namespaces` option in both `digest!` and `sign!` methods.
231
+
232
+
233
+ Every new instance of signer has Nokogiri `noblanks` set as default in process of parsing xml file. If you need to disable it, pass opional argument `noblanks: false`.
234
+
235
+ ```
236
+ Signer.new(File.read("example.xml"), noblanks: false)
237
+ ```
@@ -1,3 +1,3 @@
1
1
  class Signer
2
- VERSION = '1.4.3'
2
+ VERSION = '1.5.0'
3
3
  end
data/lib/signer.rb CHANGED
@@ -14,8 +14,10 @@ class Signer
14
14
  WSU_NAMESPACE = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
15
15
  WSSE_NAMESPACE = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
16
16
 
17
- def initialize(document)
18
- self.document = Nokogiri::XML(document.to_s, &:noblanks)
17
+ def initialize(document, noblanks: true)
18
+ self.document = Nokogiri::XML(document.to_s) do |config|
19
+ config.noblanks if noblanks
20
+ end
19
21
  self.digest_algorithm = :sha1
20
22
  self.set_default_signature_method!
21
23
  end
@@ -13,7 +13,7 @@
13
13
  <wsurandom:Expires>2012-05-02T18:22:14.467Z</wsurandom:Expires>
14
14
  </wsurandom:Timestamp>
15
15
  <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsurandom:Id="uuid-639b8970-7644-4f9e-9bc4-9c2e367808fc-1">MIICsDCCAhmgAwIBAgIJAOUHvh4oho0tMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMTIwNTAzMTMxODIyWhcNMTMwNTAzMTMxODIyWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvK5hMPv/R5IFmwWyJOyEaFUrF/ZsmN+Gip8hvR6rLP3YPNx9iFYvPcZllFmuVwyaz7YT2N5BsqTwLdyi5v4HY4fUtuz0p8jIPoSd6dfDvcnSpf4QLTOgOaL3ciPEbgDHH2tnIksukoWzqCYva+qFZ74NFl19swXotW9fA4Jzs4QIDAQABo4GnMIGkMB0GA1UdDgQWBBRU1WEHDnP8Hr7ZulxrSzEwOcYpMzB1BgNVHSMEbjBsgBRU1WEHDnP8Hr7ZulxrSzEwOcYpM6FJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAOUHvh4oho0tMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEASY/9SAOK57q9mGnNJJeyDbmyGrAHSJTod646xTHYkMvhUqwHyk9PTr5bdfmswpmyVn+AQ43U2tU5vnpTBmKpHWD2+HSHgGa92mMLrfBOd8EBZ329NL3N2HDPIaHr4NPGyhNrSK3QVOnAq2D0jlyrGYJlLli1NxHiBz7FCEJaVI8=</wsse:BinarySecurityToken>
16
- <Signature>
16
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
17
17
  <SignedInfo>
18
18
  <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
19
19
  <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
@@ -0,0 +1,25 @@
1
+ <?xml version="1.0"?>
2
+ <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:wsurandom="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
3
+ <s:Header>
4
+ <a:Action s:mustUnderstand="1">http://tempuri.org/IDocumentService/SearchDocuments</a:Action>
5
+ <a:MessageID>urn:uuid:30db5d4f-ab84-46be-907c-be690a92979b</a:MessageID>
6
+ <a:ReplyTo>
7
+ <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
8
+ </a:ReplyTo>
9
+ <To xmlns="http://www.w3.org/2005/08/addressing" xmlns:a="http://www.w3.org/2003/05/soap-envelope" a:mustUnderstand="1" wsurandom:Id="_7e75a8ded22253b163ca76a40b6cc0c670ed0c33">http://tempuri.org/PublicServices/Test/1.0.12/PublicServices/DocumentService.svc</To>
10
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
11
+ <wsurandom:Timestamp wsurandom:Id="_071e409128bacfd1bc280e1d0ee581a56e93ffe2">
12
+ <wsurandom:Created>2012-05-02T18:17:14.467Z</wsurandom:Created>
13
+ <wsurandom:Expires>2012-05-02T18:22:14.467Z</wsurandom:Expires>
14
+ </wsurandom:Timestamp>
15
+ <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsurandom:Id="uuid-639b8970-7644-4f9e-9bc4-9c2e367808fc-1">MIICsDCCAhmgAwIBAgIJAOUHvh4oho0tMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMTIwNTAzMTMxODIyWhcNMTMwNTAzMTMxODIyWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvK5hMPv/R5IFmwWyJOyEaFUrF/ZsmN+Gip8hvR6rLP3YPNx9iFYvPcZllFmuVwyaz7YT2N5BsqTwLdyi5v4HY4fUtuz0p8jIPoSd6dfDvcnSpf4QLTOgOaL3ciPEbgDHH2tnIksukoWzqCYva+qFZ74NFl19swXotW9fA4Jzs4QIDAQABo4GnMIGkMB0GA1UdDgQWBBRU1WEHDnP8Hr7ZulxrSzEwOcYpMzB1BgNVHSMEbjBsgBRU1WEHDnP8Hr7ZulxrSzEwOcYpM6FJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAOUHvh4oho0tMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEASY/9SAOK57q9mGnNJJeyDbmyGrAHSJTod646xTHYkMvhUqwHyk9PTr5bdfmswpmyVn+AQ43U2tU5vnpTBmKpHWD2+HSHgGa92mMLrfBOd8EBZ329NL3N2HDPIaHr4NPGyhNrSK3QVOnAq2D0jlyrGYJlLli1NxHiBz7FCEJaVI8=</wsse:BinarySecurityToken><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><Reference URI="#_071e409128bacfd1bc280e1d0ee581a56e93ffe2"><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>YDcfIJMN1Ef14aySyIDif+0XeUE=</DigestValue></Reference><Reference URI="#_7e75a8ded22253b163ca76a40b6cc0c670ed0c33"><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>/rAVEm0SjaC0ckFViZd+A0hYe+U=</DigestValue></Reference><Reference URI="#uuid-639b8970-7644-4f9e-9bc4-9c2e367808fc-1"><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>QfyyHQKBXN21QNXRHMDBkxZeTMI=</DigestValue></Reference></SignedInfo><SignatureValue>AKYUCGtsWq4HzQ5NgATA/K6mpEGyoQ7S1imImIChmIcSGVCWfdr01KVpjQPxqnhJSiMZo3gLy4buY5ZUvckFIahIYxbG0ZNCrLACAjtAhXpvUNKjGHgUsW5UV1d5+wrEkUDiMnaym+FM37fyJMfCmmuJAc623LnBSLX349DETlI=</SignatureValue><KeyInfo><wsse:SecurityTokenReference><wsse:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" URI="#uuid-639b8970-7644-4f9e-9bc4-9c2e367808fc-1"/></wsse:SecurityTokenReference></KeyInfo></Signature></wsse:Security>
16
+ </s:Header>
17
+ <s:Body>
18
+ <SearchDocuments xmlns="http://tempuri.org/">
19
+ <searchCriteria xmlns:b="http://schemas.datacontract.org/2004/07/BusinessLogic.Data.Documents.Integration" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
20
+ <b:RegistrationNo>1</b:RegistrationNo>
21
+ </searchCriteria>
22
+ <ds:Signature/>
23
+ </SearchDocuments>
24
+ </s:Body>
25
+ </s:Envelope>
data/spec/signer_spec.rb CHANGED
@@ -139,4 +139,32 @@ describe Signer do
139
139
  signer.to_xml.should == Nokogiri::XML(File.read(output_xml_file), &:noblanks).to_xml(:save_with => 0)
140
140
  end
141
141
 
142
+ it "should digest and sign SOAP XML with security node and digested binary token with noblanks diabled" do
143
+ input_xml_file = File.join(File.dirname(__FILE__), 'fixtures', 'input_4_with_nested_signatures.xml')
144
+ cert_file = File.join(File.dirname(__FILE__), 'fixtures', 'cert.pem')
145
+ private_key_file = File.join(File.dirname(__FILE__), 'fixtures', 'key.pem')
146
+
147
+ signer = Signer.new(File.read(input_xml_file), noblanks: false)
148
+ signer.cert = OpenSSL::X509::Certificate.new(File.read(cert_file))
149
+ signer.private_key = OpenSSL::PKey::RSA.new(File.read(private_key_file), "test")
150
+ signer.security_node = signer.document.at_xpath('//soap:Header/wsse:Security', soap: 'http://www.w3.org/2003/05/soap-envelope', wsse: Signer::WSSE_NAMESPACE)
151
+
152
+ signer.document.xpath("//u:Timestamp", { "u" => "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" }).each do |node|
153
+ signer.digest!(node)
154
+ end
155
+
156
+ signer.document.xpath("//a:To", { "a" => "http://www.w3.org/2005/08/addressing" }).each do |node|
157
+ signer.digest!(node)
158
+ end
159
+
160
+ signer.digest!(signer.binary_security_token_node)
161
+
162
+ signer.sign!
163
+
164
+ output_xml_file = File.join(File.dirname(__FILE__),
165
+ 'fixtures',
166
+ 'output_4_with_nested_signatures_with_noblanks_disabled.xml')
167
+
168
+ signer.to_xml.should == Nokogiri::XML(File.read(output_xml_file)).to_xml(:save_with => 0)
169
+ end
142
170
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: signer
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.3
4
+ version: 1.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Edgars Beigarts
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-10-28 00:00:00.000000000 Z
11
+ date: 2017-01-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -77,6 +77,7 @@ files:
77
77
  - spec/fixtures/output_2.xml
78
78
  - spec/fixtures/output_3_c14n_comments.xml
79
79
  - spec/fixtures/output_4_with_nested_signatures.xml
80
+ - spec/fixtures/output_4_with_nested_signatures_with_noblanks_disabled.xml
80
81
  - spec/signer_spec.rb
81
82
  - spec/spec_helper.rb
82
83
  homepage: ''
@@ -90,7 +91,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
90
91
  requirements:
91
92
  - - ">="
92
93
  - !ruby/object:Gem::Version
93
- version: '0'
94
+ version: 2.1.0
94
95
  required_rubygems_version: !ruby/object:Gem::Requirement
95
96
  requirements:
96
97
  - - ">="
@@ -98,7 +99,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
98
99
  version: '0'
99
100
  requirements: []
100
101
  rubyforge_project:
101
- rubygems_version: 2.4.6
102
+ rubygems_version: 2.4.3
102
103
  signing_key:
103
104
  specification_version: 4
104
105
  summary: WS Security XML signer
@@ -115,5 +116,6 @@ test_files:
115
116
  - spec/fixtures/output_2.xml
116
117
  - spec/fixtures/output_3_c14n_comments.xml
117
118
  - spec/fixtures/output_4_with_nested_signatures.xml
119
+ - spec/fixtures/output_4_with_nested_signatures_with_noblanks_disabled.xml
118
120
  - spec/signer_spec.rb
119
121
  - spec/spec_helper.rb