xmldsig-fiscalizer 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +19 -0
- data/.rspec +2 -0
- data/.travis.yml +4 -0
- data/CHANGELOG.md +4 -0
- data/Gemfile +12 -0
- data/Guardfile +24 -0
- data/LICENSE +22 -0
- data/README.md +80 -0
- data/Rakefile +10 -0
- data/lib/xmldsig.rb +20 -0
- data/lib/xmldsig/canonicalizer.rb +30 -0
- data/lib/xmldsig/reference.rb +80 -0
- data/lib/xmldsig/signature.rb +93 -0
- data/lib/xmldsig/signed_document.rb +26 -0
- data/lib/xmldsig/transforms.rb +26 -0
- data/lib/xmldsig/transforms/canonicalize.rb +25 -0
- data/lib/xmldsig/transforms/enveloped_signature.rb +10 -0
- data/lib/xmldsig/transforms/transform.rb +18 -0
- data/lib/xmldsig/version.rb +3 -0
- data/signing_service.rb +133 -0
- data/spec/fixtures/certificate.cer +16 -0
- data/spec/fixtures/certificate2.cer +16 -0
- data/spec/fixtures/key.pem +15 -0
- data/spec/fixtures/signed.xml +23 -0
- data/spec/fixtures/signed/ideal.cert +18 -0
- data/spec/fixtures/signed/ideal.txt +41 -0
- data/spec/fixtures/unsigned.xml +21 -0
- data/spec/fixtures/unsigned/canonicalizer_1_0.xml +19 -0
- data/spec/fixtures/unsigned/canonicalizer_1_1.xml +19 -0
- data/spec/fixtures/unsigned/canonicalizer_exc.xml +21 -0
- data/spec/fixtures/unsigned/digest_sha1.xml +21 -0
- data/spec/fixtures/unsigned/with_soap_envelope.xml +33 -0
- data/spec/fixtures/unsigned/without_canonicalization.xml +18 -0
- data/spec/fixtures/unsigned/without_namespace_prefix.xml +19 -0
- data/spec/fixtures/unsigned/without_reference_uri.xml +21 -0
- data/spec/fixtures/unsigned_multiple_references.xml +38 -0
- data/spec/fixtures/unsigned_nested_signature.xml +40 -0
- data/spec/lib/xmldsig/reference_spec.rb +65 -0
- data/spec/lib/xmldsig/signature_spec.rb +100 -0
- data/spec/lib/xmldsig/signed_document_spec.rb +94 -0
- data/spec/lib/xmldsig/transforms/enveloped_signature_spec.rb +18 -0
- data/spec/lib/xmldsig/transforms/transform_spec.rb +10 -0
- data/spec/lib/xmldsig_spec.rb +47 -0
- data/spec/spec_helper.rb +22 -0
- data/xmldsig.gemspec +20 -0
- metadata +127 -0
@@ -0,0 +1,18 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Xmldsig::Transforms::EnvelopedSignature do
|
4
|
+
let(:unsigned_xml) { File.read('spec/fixtures/unsigned_nested_signature.xml') }
|
5
|
+
let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml) }
|
6
|
+
|
7
|
+
it 'only removes the first signature element' do
|
8
|
+
node_with_nested_signature = unsigned_document.signatures.last.references.first.referenced_node
|
9
|
+
|
10
|
+
described_class.new(node_with_nested_signature, nil).transform
|
11
|
+
|
12
|
+
remaining_signatures = node_with_nested_signature.xpath('descendant::ds:Signature', Xmldsig::NAMESPACES)
|
13
|
+
remaining_signatures.count.should == 1
|
14
|
+
signature = Xmldsig::Signature.new(remaining_signatures.first)
|
15
|
+
|
16
|
+
signature.references.first.reference_uri.should == '#baz'
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Xmldsig do
|
4
|
+
let(:private_key) { OpenSSL::PKey::RSA.new(File.read("spec/fixtures/key.pem")) }
|
5
|
+
let(:certificate) { OpenSSL::X509::Certificate.new(File.read("spec/fixtures/certificate.cer")) }
|
6
|
+
|
7
|
+
describe "Sign unsigned documents" do
|
8
|
+
Dir["spec/fixtures/unsigned/*.xml"].each do |document|
|
9
|
+
describe "#{document}" do
|
10
|
+
let(:unsigned_xml) { File.read(document) }
|
11
|
+
let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml) }
|
12
|
+
let(:signed_document) { unsigned_document.sign(private_key) }
|
13
|
+
|
14
|
+
it "should be signable an validateable" do
|
15
|
+
Xmldsig::SignedDocument.new(signed_document).validate(certificate).should be_true
|
16
|
+
end
|
17
|
+
|
18
|
+
it 'should have a signature element' do
|
19
|
+
Xmldsig::SignedDocument.new(signed_document).signatures.count.should == 1
|
20
|
+
end
|
21
|
+
|
22
|
+
# TODO: remove this verification step when library matures
|
23
|
+
#it 'matches the result from xmlsec1' do
|
24
|
+
# result = `xmlsec1 --sign --id-attr:ID http://example.com/foo#:Foo --privkey-pem spec/fixtures/key.pem #{document}`
|
25
|
+
# result.gsub!("\n", '')
|
26
|
+
# signed_document.gsub!("\n", '')
|
27
|
+
# result.should == signed_document
|
28
|
+
#end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
describe "Verify signed documents" do
|
34
|
+
Dir["spec/fixtures/signed/*.txt"].each do |document|
|
35
|
+
describe "#{document}" do
|
36
|
+
let(:signed_xml) { Base64.decode64(File.read(document)) }
|
37
|
+
let(:signed_document) { Xmldsig::SignedDocument.new(signed_xml) }
|
38
|
+
let(:certificate) { OpenSSL::X509::Certificate.new(File.read(document.gsub('.txt', '.cert'))) }
|
39
|
+
|
40
|
+
it "should be validateable" do
|
41
|
+
signed_document.validate(certificate).should be_true
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
require 'simplecov'
|
2
|
+
SimpleCov.start
|
3
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
4
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
5
|
+
# Require this file using `require "spec_helper"` to ensure that it is only
|
6
|
+
# loaded once.
|
7
|
+
#
|
8
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
9
|
+
|
10
|
+
require 'xmldsig'
|
11
|
+
|
12
|
+
RSpec.configure do |config|
|
13
|
+
config.treat_symbols_as_metadata_keys_with_true_values = true
|
14
|
+
config.run_all_when_everything_filtered = true
|
15
|
+
config.filter_run :focus
|
16
|
+
|
17
|
+
# Run specs in random order to surface order dependencies. If you find an
|
18
|
+
# order dependency and want to debug it, you can fix the order by providing
|
19
|
+
# the seed, which is printed after each run.
|
20
|
+
# --seed 1234
|
21
|
+
config.order = 'random'
|
22
|
+
end
|
data/xmldsig.gemspec
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
require File.expand_path('../lib/xmldsig/version', __FILE__)
|
3
|
+
|
4
|
+
Gem::Specification.new do |gem|
|
5
|
+
gem.authors = ["benoist"]
|
6
|
+
gem.email = ["benoist.claassen@gmail.com"]
|
7
|
+
gem.description = %q{This gem is a (partial) implementation of the XMLDsig specification}
|
8
|
+
gem.summary = %q{This gem is a (partial) implementation of the XMLDsig specification (http://www.w3.org/TR/xmldsig-core)}
|
9
|
+
gem.homepage = "https://github.com/infinum/xmldsig"
|
10
|
+
|
11
|
+
gem.files = `git ls-files`.split($\)
|
12
|
+
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
13
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
14
|
+
gem.name = "xmldsig-fiscalizer"
|
15
|
+
gem.license = 'MIT'
|
16
|
+
gem.require_paths = ["lib"]
|
17
|
+
gem.version = Xmldsig::VERSION
|
18
|
+
|
19
|
+
gem.add_dependency("nokogiri")
|
20
|
+
end
|
metadata
ADDED
@@ -0,0 +1,127 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: xmldsig-fiscalizer
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.2.4
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- benoist
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-02-26 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: nokogiri
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
description: This gem is a (partial) implementation of the XMLDsig specification
|
28
|
+
email:
|
29
|
+
- benoist.claassen@gmail.com
|
30
|
+
executables: []
|
31
|
+
extensions: []
|
32
|
+
extra_rdoc_files: []
|
33
|
+
files:
|
34
|
+
- ".gitignore"
|
35
|
+
- ".rspec"
|
36
|
+
- ".travis.yml"
|
37
|
+
- CHANGELOG.md
|
38
|
+
- Gemfile
|
39
|
+
- Guardfile
|
40
|
+
- LICENSE
|
41
|
+
- README.md
|
42
|
+
- Rakefile
|
43
|
+
- lib/xmldsig.rb
|
44
|
+
- lib/xmldsig/canonicalizer.rb
|
45
|
+
- lib/xmldsig/reference.rb
|
46
|
+
- lib/xmldsig/signature.rb
|
47
|
+
- lib/xmldsig/signed_document.rb
|
48
|
+
- lib/xmldsig/transforms.rb
|
49
|
+
- lib/xmldsig/transforms/canonicalize.rb
|
50
|
+
- lib/xmldsig/transforms/enveloped_signature.rb
|
51
|
+
- lib/xmldsig/transforms/transform.rb
|
52
|
+
- lib/xmldsig/version.rb
|
53
|
+
- signing_service.rb
|
54
|
+
- spec/fixtures/certificate.cer
|
55
|
+
- spec/fixtures/certificate2.cer
|
56
|
+
- spec/fixtures/key.pem
|
57
|
+
- spec/fixtures/signed.xml
|
58
|
+
- spec/fixtures/signed/ideal.cert
|
59
|
+
- spec/fixtures/signed/ideal.txt
|
60
|
+
- spec/fixtures/unsigned.xml
|
61
|
+
- spec/fixtures/unsigned/canonicalizer_1_0.xml
|
62
|
+
- spec/fixtures/unsigned/canonicalizer_1_1.xml
|
63
|
+
- spec/fixtures/unsigned/canonicalizer_exc.xml
|
64
|
+
- spec/fixtures/unsigned/digest_sha1.xml
|
65
|
+
- spec/fixtures/unsigned/with_soap_envelope.xml
|
66
|
+
- spec/fixtures/unsigned/without_canonicalization.xml
|
67
|
+
- spec/fixtures/unsigned/without_namespace_prefix.xml
|
68
|
+
- spec/fixtures/unsigned/without_reference_uri.xml
|
69
|
+
- spec/fixtures/unsigned_multiple_references.xml
|
70
|
+
- spec/fixtures/unsigned_nested_signature.xml
|
71
|
+
- spec/lib/xmldsig/reference_spec.rb
|
72
|
+
- spec/lib/xmldsig/signature_spec.rb
|
73
|
+
- spec/lib/xmldsig/signed_document_spec.rb
|
74
|
+
- spec/lib/xmldsig/transforms/enveloped_signature_spec.rb
|
75
|
+
- spec/lib/xmldsig/transforms/transform_spec.rb
|
76
|
+
- spec/lib/xmldsig_spec.rb
|
77
|
+
- spec/spec_helper.rb
|
78
|
+
- xmldsig.gemspec
|
79
|
+
homepage: https://github.com/infinum/xmldsig
|
80
|
+
licenses:
|
81
|
+
- MIT
|
82
|
+
metadata: {}
|
83
|
+
post_install_message:
|
84
|
+
rdoc_options: []
|
85
|
+
require_paths:
|
86
|
+
- lib
|
87
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
88
|
+
requirements:
|
89
|
+
- - ">="
|
90
|
+
- !ruby/object:Gem::Version
|
91
|
+
version: '0'
|
92
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
requirements: []
|
98
|
+
rubyforge_project:
|
99
|
+
rubygems_version: 2.2.2
|
100
|
+
signing_key:
|
101
|
+
specification_version: 4
|
102
|
+
summary: This gem is a (partial) implementation of the XMLDsig specification (http://www.w3.org/TR/xmldsig-core)
|
103
|
+
test_files:
|
104
|
+
- spec/fixtures/certificate.cer
|
105
|
+
- spec/fixtures/certificate2.cer
|
106
|
+
- spec/fixtures/key.pem
|
107
|
+
- spec/fixtures/signed.xml
|
108
|
+
- spec/fixtures/signed/ideal.cert
|
109
|
+
- spec/fixtures/signed/ideal.txt
|
110
|
+
- spec/fixtures/unsigned.xml
|
111
|
+
- spec/fixtures/unsigned/canonicalizer_1_0.xml
|
112
|
+
- spec/fixtures/unsigned/canonicalizer_1_1.xml
|
113
|
+
- spec/fixtures/unsigned/canonicalizer_exc.xml
|
114
|
+
- spec/fixtures/unsigned/digest_sha1.xml
|
115
|
+
- spec/fixtures/unsigned/with_soap_envelope.xml
|
116
|
+
- spec/fixtures/unsigned/without_canonicalization.xml
|
117
|
+
- spec/fixtures/unsigned/without_namespace_prefix.xml
|
118
|
+
- spec/fixtures/unsigned/without_reference_uri.xml
|
119
|
+
- spec/fixtures/unsigned_multiple_references.xml
|
120
|
+
- spec/fixtures/unsigned_nested_signature.xml
|
121
|
+
- spec/lib/xmldsig/reference_spec.rb
|
122
|
+
- spec/lib/xmldsig/signature_spec.rb
|
123
|
+
- spec/lib/xmldsig/signed_document_spec.rb
|
124
|
+
- spec/lib/xmldsig/transforms/enveloped_signature_spec.rb
|
125
|
+
- spec/lib/xmldsig/transforms/transform_spec.rb
|
126
|
+
- spec/lib/xmldsig_spec.rb
|
127
|
+
- spec/spec_helper.rb
|