RubyGems - signer - Versions diffs - 1.4.3 → 1.5.0 - Mend

signer 1.4.3 → 1.5.0

Files changed (9) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/README.md +7 -0
data/lib/signer/version.rb +1 -1
data/lib/signer.rb +4 -2
data/spec/fixtures/output_4_with_nested_signatures.xml +1 -1
data/spec/fixtures/output_4_with_nested_signatures_with_noblanks_disabled.xml +25 -0
data/spec/signer_spec.rb +28 -0
metadata +6 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8bf8bef96e43865a346996e58d2c3fe67e6941a5
-  data.tar.gz: 21685b57a5beeb45ff1935da45daf9f62df86186
+  metadata.gz: ae216e81d9f7a7ee4d382887c57ac53a915e7173
+  data.tar.gz: 01e67fcff1cbe03eafaa72e083d9849ddede5bb4
 SHA512:
-  metadata.gz: 2d07bf7febe758343d53ac6c12efa76145acfb5651bfc05ae0cccd5eb7e95f803890af24eb07e0e9ed3cac592d24f4957b28748a1a39577fcb0f0da72faadbac
-  data.tar.gz: cede490e1f19fac745afc83f79851c925dfcd91450d807f816e6b828679784a6f492449df5203c4de74e3da303a3cc16ebcca5cbea1222119cc0539b24515b5c
+  metadata.gz: e9dc941878f1f90d72cf33deba4a2f1c82e84d94f108461a2187a1042520db896368322ed3d1e136bab90d1274fa5e3a4ef96fd10ada602b7878844ec59a642a
+  data.tar.gz: 5ff0201e154fa6fd8174c10f1605a4a9f630362db0a8a4b37afed9f61da674b959a5f8cccfd326e1b40a9cc6d310cb5f88353bcb13986c6c395c69c3c1d9cd4e

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,8 @@
+## 1.5.0 (2017-01-23)
+- Add posibility to disable noblanks method in Signer initialization (#16, @bpietraga)
+- Minimum ruby version is now 2.1
 ## 1.4.3 (2015-10-28)
 - Fixed Issuer Name node (#8, @tiagocasanovapt)

data/README.md CHANGED Viewed

@@ -228,3 +228,10 @@ signer.sign! # No need to pass a :security_token option, as we already construct
 ```
 If you need to use canonicalization with inclusive namespaces you can pass array of namespace prefixes in `:inclusive_namespaces` option in both `digest!` and `sign!` methods.
+Every new instance of signer has Nokogiri `noblanks` set as default in process of parsing xml file. If you need to disable it, pass opional argument `noblanks: false`.
+```
+Signer.new(File.read("example.xml"), noblanks: false)
+```

data/lib/signer/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 class Signer
-  VERSION = '1.4.3'
+  VERSION = '1.5.0'
 end

data/lib/signer.rb CHANGED Viewed

@@ -14,8 +14,10 @@ class Signer
   WSU_NAMESPACE = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
   WSSE_NAMESPACE = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
-  def initialize(document)
-    self.document = Nokogiri::XML(document.to_s, &:noblanks)
+  def initialize(document, noblanks: true)
+    self.document = Nokogiri::XML(document.to_s) do |config|
+      config.noblanks if noblanks
+    end
     self.digest_algorithm = :sha1
     self.set_default_signature_method!
   end

data/spec/fixtures/output_4_with_nested_signatures.xml CHANGED Viewed

@@ -13,7 +13,7 @@
         <wsurandom:Expires>2012-05-02T18:22:14.467Z</wsurandom:Expires>
       </wsurandom:Timestamp>
       <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsurandom:Id="uuid-639b8970-7644-4f9e-9bc4-9c2e367808fc-1">MIICsDCCAhmgAwIBAgIJAOUHvh4oho0tMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMTIwNTAzMTMxODIyWhcNMTMwNTAzMTMxODIyWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvK5hMPv/R5IFmwWyJOyEaFUrF/ZsmN+Gip8hvR6rLP3YPNx9iFYvPcZllFmuVwyaz7YT2N5BsqTwLdyi5v4HY4fUtuz0p8jIPoSd6dfDvcnSpf4QLTOgOaL3ciPEbgDHH2tnIksukoWzqCYva+qFZ74NFl19swXotW9fA4Jzs4QIDAQABo4GnMIGkMB0GA1UdDgQWBBRU1WEHDnP8Hr7ZulxrSzEwOcYpMzB1BgNVHSMEbjBsgBRU1WEHDnP8Hr7ZulxrSzEwOcYpM6FJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAOUHvh4oho0tMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEASY/9SAOK57q9mGnNJJeyDbmyGrAHSJTod646xTHYkMvhUqwHyk9PTr5bdfmswpmyVn+AQ43U2tU5vnpTBmKpHWD2+HSHgGa92mMLrfBOd8EBZ329NL3N2HDPIaHr4NPGyhNrSK3QVOnAq2D0jlyrGYJlLli1NxHiBz7FCEJaVI8=</wsse:BinarySecurityToken>
-      <Signature>
+        <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
         <SignedInfo>
           <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
           <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>

data/spec/fixtures/output_4_with_nested_signatures_with_noblanks_disabled.xml ADDED Viewed

@@ -0,0 +1,25 @@
+<?xml version="1.0"?>
+<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:wsurandom="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+  <s:Header>
+    <a:Action s:mustUnderstand="1">http://tempuri.org/IDocumentService/SearchDocuments</a:Action>
+    <a:MessageID>urn:uuid:30db5d4f-ab84-46be-907c-be690a92979b</a:MessageID>
+    <a:ReplyTo>
+      <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
+    </a:ReplyTo>
+    <To xmlns="http://www.w3.org/2005/08/addressing" xmlns:a="http://www.w3.org/2003/05/soap-envelope" a:mustUnderstand="1" wsurandom:Id="_7e75a8ded22253b163ca76a40b6cc0c670ed0c33">http://tempuri.org/PublicServices/Test/1.0.12/PublicServices/DocumentService.svc</To>
+    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
+      <wsurandom:Timestamp wsurandom:Id="_071e409128bacfd1bc280e1d0ee581a56e93ffe2">
+        <wsurandom:Created>2012-05-02T18:17:14.467Z</wsurandom:Created>
+        <wsurandom:Expires>2012-05-02T18:22:14.467Z</wsurandom:Expires>
+      </wsurandom:Timestamp>
+    <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsurandom:Id="uuid-639b8970-7644-4f9e-9bc4-9c2e367808fc-1">MIICsDCCAhmgAwIBAgIJAOUHvh4oho0tMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMTIwNTAzMTMxODIyWhcNMTMwNTAzMTMxODIyWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvK5hMPv/R5IFmwWyJOyEaFUrF/ZsmN+Gip8hvR6rLP3YPNx9iFYvPcZllFmuVwyaz7YT2N5BsqTwLdyi5v4HY4fUtuz0p8jIPoSd6dfDvcnSpf4QLTOgOaL3ciPEbgDHH2tnIksukoWzqCYva+qFZ74NFl19swXotW9fA4Jzs4QIDAQABo4GnMIGkMB0GA1UdDgQWBBRU1WEHDnP8Hr7ZulxrSzEwOcYpMzB1BgNVHSMEbjBsgBRU1WEHDnP8Hr7ZulxrSzEwOcYpM6FJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAOUHvh4oho0tMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEASY/9SAOK57q9mGnNJJeyDbmyGrAHSJTod646xTHYkMvhUqwHyk9PTr5bdfmswpmyVn+AQ43U2tU5vnpTBmKpHWD2+HSHgGa92mMLrfBOd8EBZ329NL3N2HDPIaHr4NPGyhNrSK3QVOnAq2D0jlyrGYJlLli1NxHiBz7FCEJaVI8=</wsse:BinarySecurityToken><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><Reference URI="#_071e409128bacfd1bc280e1d0ee581a56e93ffe2"><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>YDcfIJMN1Ef14aySyIDif+0XeUE=</DigestValue></Reference><Reference URI="#_7e75a8ded22253b163ca76a40b6cc0c670ed0c33"><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>/rAVEm0SjaC0ckFViZd+A0hYe+U=</DigestValue></Reference><Reference URI="#uuid-639b8970-7644-4f9e-9bc4-9c2e367808fc-1"><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>QfyyHQKBXN21QNXRHMDBkxZeTMI=</DigestValue></Reference></SignedInfo><SignatureValue>AKYUCGtsWq4HzQ5NgATA/K6mpEGyoQ7S1imImIChmIcSGVCWfdr01KVpjQPxqnhJSiMZo3gLy4buY5ZUvckFIahIYxbG0ZNCrLACAjtAhXpvUNKjGHgUsW5UV1d5+wrEkUDiMnaym+FM37fyJMfCmmuJAc623LnBSLX349DETlI=</SignatureValue><KeyInfo><wsse:SecurityTokenReference><wsse:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" URI="#uuid-639b8970-7644-4f9e-9bc4-9c2e367808fc-1"/></wsse:SecurityTokenReference></KeyInfo></Signature></wsse:Security>
+  </s:Header>
+  <s:Body>
+    <SearchDocuments xmlns="http://tempuri.org/">
+      <searchCriteria xmlns:b="http://schemas.datacontract.org/2004/07/BusinessLogic.Data.Documents.Integration" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
+        <b:RegistrationNo>1</b:RegistrationNo>
+      </searchCriteria>
+      <ds:Signature/>
+    </SearchDocuments>
+  </s:Body>
+</s:Envelope>

data/spec/signer_spec.rb CHANGED Viewed

@@ -139,4 +139,32 @@ describe Signer do
     signer.to_xml.should == Nokogiri::XML(File.read(output_xml_file), &:noblanks).to_xml(:save_with => 0)
   end
+  it "should digest and sign SOAP XML with security node and digested binary token with noblanks diabled" do
+    input_xml_file   = File.join(File.dirname(__FILE__), 'fixtures', 'input_4_with_nested_signatures.xml')
+    cert_file        = File.join(File.dirname(__FILE__), 'fixtures', 'cert.pem')
+    private_key_file = File.join(File.dirname(__FILE__), 'fixtures', 'key.pem')
+    signer = Signer.new(File.read(input_xml_file), noblanks: false)
+    signer.cert = OpenSSL::X509::Certificate.new(File.read(cert_file))
+    signer.private_key = OpenSSL::PKey::RSA.new(File.read(private_key_file), "test")
+    signer.security_node = signer.document.at_xpath('//soap:Header/wsse:Security', soap: 'http://www.w3.org/2003/05/soap-envelope', wsse: Signer::WSSE_NAMESPACE)
+    signer.document.xpath("//u:Timestamp", { "u" => "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" }).each do |node|
+      signer.digest!(node)
+    end
+    signer.document.xpath("//a:To", { "a" => "http://www.w3.org/2005/08/addressing" }).each do |node|
+      signer.digest!(node)
+    end
+    signer.digest!(signer.binary_security_token_node)
+    signer.sign!
+    output_xml_file = File.join(File.dirname(__FILE__),
+                                'fixtures',
+                                'output_4_with_nested_signatures_with_noblanks_disabled.xml')
+    signer.to_xml.should == Nokogiri::XML(File.read(output_xml_file)).to_xml(:save_with => 0)
+  end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: signer
 version: !ruby/object:Gem::Version
-  version: 1.4.3
+  version: 1.5.0
 platform: ruby
 authors:
 - Edgars Beigarts
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-10-28 00:00:00.000000000 Z
+date: 2017-01-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -77,6 +77,7 @@ files:
 - spec/fixtures/output_2.xml
 - spec/fixtures/output_3_c14n_comments.xml
 - spec/fixtures/output_4_with_nested_signatures.xml
+- spec/fixtures/output_4_with_nested_signatures_with_noblanks_disabled.xml
 - spec/signer_spec.rb
 - spec/spec_helper.rb
 homepage: ''
@@ -90,7 +91,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.1.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -98,7 +99,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.4.6
+rubygems_version: 2.4.3
 signing_key:
 specification_version: 4
 summary: WS Security XML signer
@@ -115,5 +116,6 @@ test_files:
 - spec/fixtures/output_2.xml
 - spec/fixtures/output_3_c14n_comments.xml
 - spec/fixtures/output_4_with_nested_signatures.xml
+- spec/fixtures/output_4_with_nested_signatures_with_noblanks_disabled.xml
 - spec/signer_spec.rb
 - spec/spec_helper.rb