xmldsig-fiscalizer 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +19 -0
  3. data/.rspec +2 -0
  4. data/.travis.yml +4 -0
  5. data/CHANGELOG.md +4 -0
  6. data/Gemfile +12 -0
  7. data/Guardfile +24 -0
  8. data/LICENSE +22 -0
  9. data/README.md +80 -0
  10. data/Rakefile +10 -0
  11. data/lib/xmldsig.rb +20 -0
  12. data/lib/xmldsig/canonicalizer.rb +30 -0
  13. data/lib/xmldsig/reference.rb +80 -0
  14. data/lib/xmldsig/signature.rb +93 -0
  15. data/lib/xmldsig/signed_document.rb +26 -0
  16. data/lib/xmldsig/transforms.rb +26 -0
  17. data/lib/xmldsig/transforms/canonicalize.rb +25 -0
  18. data/lib/xmldsig/transforms/enveloped_signature.rb +10 -0
  19. data/lib/xmldsig/transforms/transform.rb +18 -0
  20. data/lib/xmldsig/version.rb +3 -0
  21. data/signing_service.rb +133 -0
  22. data/spec/fixtures/certificate.cer +16 -0
  23. data/spec/fixtures/certificate2.cer +16 -0
  24. data/spec/fixtures/key.pem +15 -0
  25. data/spec/fixtures/signed.xml +23 -0
  26. data/spec/fixtures/signed/ideal.cert +18 -0
  27. data/spec/fixtures/signed/ideal.txt +41 -0
  28. data/spec/fixtures/unsigned.xml +21 -0
  29. data/spec/fixtures/unsigned/canonicalizer_1_0.xml +19 -0
  30. data/spec/fixtures/unsigned/canonicalizer_1_1.xml +19 -0
  31. data/spec/fixtures/unsigned/canonicalizer_exc.xml +21 -0
  32. data/spec/fixtures/unsigned/digest_sha1.xml +21 -0
  33. data/spec/fixtures/unsigned/with_soap_envelope.xml +33 -0
  34. data/spec/fixtures/unsigned/without_canonicalization.xml +18 -0
  35. data/spec/fixtures/unsigned/without_namespace_prefix.xml +19 -0
  36. data/spec/fixtures/unsigned/without_reference_uri.xml +21 -0
  37. data/spec/fixtures/unsigned_multiple_references.xml +38 -0
  38. data/spec/fixtures/unsigned_nested_signature.xml +40 -0
  39. data/spec/lib/xmldsig/reference_spec.rb +65 -0
  40. data/spec/lib/xmldsig/signature_spec.rb +100 -0
  41. data/spec/lib/xmldsig/signed_document_spec.rb +94 -0
  42. data/spec/lib/xmldsig/transforms/enveloped_signature_spec.rb +18 -0
  43. data/spec/lib/xmldsig/transforms/transform_spec.rb +10 -0
  44. data/spec/lib/xmldsig_spec.rb +47 -0
  45. data/spec/spec_helper.rb +22 -0
  46. data/xmldsig.gemspec +20 -0
  47. metadata +127 -0
data/spec/lib/xmldsig/transforms/enveloped_signature_spec.rb ADDED
@@ -0,0 +1,18 @@
1
+ require 'spec_helper'
2
+
3
+ describe Xmldsig::Transforms::EnvelopedSignature do
4
+ let(:unsigned_xml) { File.read('spec/fixtures/unsigned_nested_signature.xml') }
5
+ let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml) }
6
+
7
+ it 'only removes the first signature element' do
8
+ node_with_nested_signature = unsigned_document.signatures.last.references.first.referenced_node
9
+
10
+ described_class.new(node_with_nested_signature, nil).transform
11
+
12
+ remaining_signatures = node_with_nested_signature.xpath('descendant::ds:Signature', Xmldsig::NAMESPACES)
13
+ remaining_signatures.count.should == 1
14
+ signature = Xmldsig::Signature.new(remaining_signatures.first)
15
+
16
+ signature.references.first.reference_uri.should == '#baz'
17
+ end
18
+ end
data/spec/lib/xmldsig/transforms/transform_spec.rb ADDED
@@ -0,0 +1,10 @@
1
+ require 'spec_helper'
2
+
3
+ describe Xmldsig::Transforms::Transform do
4
+
5
+ it "raises a warning when transform is called" do
6
+ described_class.any_instance.should_receive(:warn)
7
+ described_class.new(nil,nil).transform
8
+ end
9
+
10
+ end
data/spec/lib/xmldsig_spec.rb ADDED
@@ -0,0 +1,47 @@
1
+ require 'spec_helper'
2
+
3
+ describe Xmldsig do
4
+ let(:private_key) { OpenSSL::PKey::RSA.new(File.read("spec/fixtures/key.pem")) }
5
+ let(:certificate) { OpenSSL::X509::Certificate.new(File.read("spec/fixtures/certificate.cer")) }
6
+
7
+ describe "Sign unsigned documents" do
8
+ Dir["spec/fixtures/unsigned/*.xml"].each do |document|
9
+ describe "#{document}" do
10
+ let(:unsigned_xml) { File.read(document) }
11
+ let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml) }
12
+ let(:signed_document) { unsigned_document.sign(private_key) }
13
+
14
+ it "should be signable an validateable" do
15
+ Xmldsig::SignedDocument.new(signed_document).validate(certificate).should be_true
16
+ end
17
+
18
+ it 'should have a signature element' do
19
+ Xmldsig::SignedDocument.new(signed_document).signatures.count.should == 1
20
+ end
21
+
22
+ # TODO: remove this verification step when library matures
23
+ #it 'matches the result from xmlsec1' do
24
+ # result = `xmlsec1 --sign --id-attr:ID http://example.com/foo#:Foo --privkey-pem spec/fixtures/key.pem #{document}`
25
+ # result.gsub!("\n", '')
26
+ # signed_document.gsub!("\n", '')
27
+ # result.should == signed_document
28
+ #end
29
+ end
30
+ end
31
+ end
32
+
33
+ describe "Verify signed documents" do
34
+ Dir["spec/fixtures/signed/*.txt"].each do |document|
35
+ describe "#{document}" do
36
+ let(:signed_xml) { Base64.decode64(File.read(document)) }
37
+ let(:signed_document) { Xmldsig::SignedDocument.new(signed_xml) }
38
+ let(:certificate) { OpenSSL::X509::Certificate.new(File.read(document.gsub('.txt', '.cert'))) }
39
+
40
+ it "should be validateable" do
41
+ signed_document.validate(certificate).should be_true
42
+ end
43
+ end
44
+ end
45
+ end
46
+
47
+ end
data/spec/spec_helper.rb ADDED
@@ -0,0 +1,22 @@
1
+ require 'simplecov'
2
+ SimpleCov.start
3
+ # This file was generated by the `rspec --init` command. Conventionally, all
4
+ # specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
5
+ # Require this file using `require "spec_helper"` to ensure that it is only
6
+ # loaded once.
7
+ #
8
+ # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
9
+
10
+ require 'xmldsig'
11
+
12
+ RSpec.configure do |config|
13
+ config.treat_symbols_as_metadata_keys_with_true_values = true
14
+ config.run_all_when_everything_filtered = true
15
+ config.filter_run :focus
16
+
17
+ # Run specs in random order to surface order dependencies. If you find an
18
+ # order dependency and want to debug it, you can fix the order by providing
19
+ # the seed, which is printed after each run.
20
+ # --seed 1234
21
+ config.order = 'random'
22
+ end
data/xmldsig.gemspec ADDED
@@ -0,0 +1,20 @@
1
+ # -*- encoding: utf-8 -*-
2
+ require File.expand_path('../lib/xmldsig/version', __FILE__)
3
+
4
+ Gem::Specification.new do |gem|
5
+ gem.authors = ["benoist"]
6
+ gem.email = ["benoist.claassen@gmail.com"]
7
+ gem.description = %q{This gem is a (partial) implementation of the XMLDsig specification}
8
+ gem.summary = %q{This gem is a (partial) implementation of the XMLDsig specification (http://www.w3.org/TR/xmldsig-core)}
9
+ gem.homepage = "https://github.com/infinum/xmldsig"
10
+
11
+ gem.files = `git ls-files`.split($\)
12
+ gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
13
+ gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
14
+ gem.name = "xmldsig-fiscalizer"
15
+ gem.license = 'MIT'
16
+ gem.require_paths = ["lib"]
17
+ gem.version = Xmldsig::VERSION
18
+
19
+ gem.add_dependency("nokogiri")
20
+ end
metadata ADDED
@@ -0,0 +1,127 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: xmldsig-fiscalizer
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.2.4
5
+ platform: ruby
6
+ authors:
7
+ - benoist
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-02-26 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: nokogiri
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ description: This gem is a (partial) implementation of the XMLDsig specification
28
+ email:
29
+ - benoist.claassen@gmail.com
30
+ executables: []
31
+ extensions: []
32
+ extra_rdoc_files: []
33
+ files:
34
+ - ".gitignore"
35
+ - ".rspec"
36
+ - ".travis.yml"
37
+ - CHANGELOG.md
38
+ - Gemfile
39
+ - Guardfile
40
+ - LICENSE
41
+ - README.md
42
+ - Rakefile
43
+ - lib/xmldsig.rb
44
+ - lib/xmldsig/canonicalizer.rb
45
+ - lib/xmldsig/reference.rb
46
+ - lib/xmldsig/signature.rb
47
+ - lib/xmldsig/signed_document.rb
48
+ - lib/xmldsig/transforms.rb
49
+ - lib/xmldsig/transforms/canonicalize.rb
50
+ - lib/xmldsig/transforms/enveloped_signature.rb
51
+ - lib/xmldsig/transforms/transform.rb
52
+ - lib/xmldsig/version.rb
53
+ - signing_service.rb
54
+ - spec/fixtures/certificate.cer
55
+ - spec/fixtures/certificate2.cer
56
+ - spec/fixtures/key.pem
57
+ - spec/fixtures/signed.xml
58
+ - spec/fixtures/signed/ideal.cert
59
+ - spec/fixtures/signed/ideal.txt
60
+ - spec/fixtures/unsigned.xml
61
+ - spec/fixtures/unsigned/canonicalizer_1_0.xml
62
+ - spec/fixtures/unsigned/canonicalizer_1_1.xml
63
+ - spec/fixtures/unsigned/canonicalizer_exc.xml
64
+ - spec/fixtures/unsigned/digest_sha1.xml
65
+ - spec/fixtures/unsigned/with_soap_envelope.xml
66
+ - spec/fixtures/unsigned/without_canonicalization.xml
67
+ - spec/fixtures/unsigned/without_namespace_prefix.xml
68
+ - spec/fixtures/unsigned/without_reference_uri.xml
69
+ - spec/fixtures/unsigned_multiple_references.xml
70
+ - spec/fixtures/unsigned_nested_signature.xml
71
+ - spec/lib/xmldsig/reference_spec.rb
72
+ - spec/lib/xmldsig/signature_spec.rb
73
+ - spec/lib/xmldsig/signed_document_spec.rb
74
+ - spec/lib/xmldsig/transforms/enveloped_signature_spec.rb
75
+ - spec/lib/xmldsig/transforms/transform_spec.rb
76
+ - spec/lib/xmldsig_spec.rb
77
+ - spec/spec_helper.rb
78
+ - xmldsig.gemspec
79
+ homepage: https://github.com/infinum/xmldsig
80
+ licenses:
81
+ - MIT
82
+ metadata: {}
83
+ post_install_message:
84
+ rdoc_options: []
85
+ require_paths:
86
+ - lib
87
+ required_ruby_version: !ruby/object:Gem::Requirement
88
+ requirements:
89
+ - - ">="
90
+ - !ruby/object:Gem::Version
91
+ version: '0'
92
+ required_rubygems_version: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ requirements: []
98
+ rubyforge_project:
99
+ rubygems_version: 2.2.2
100
+ signing_key:
101
+ specification_version: 4
102
+ summary: This gem is a (partial) implementation of the XMLDsig specification (http://www.w3.org/TR/xmldsig-core)
103
+ test_files:
104
+ - spec/fixtures/certificate.cer
105
+ - spec/fixtures/certificate2.cer
106
+ - spec/fixtures/key.pem
107
+ - spec/fixtures/signed.xml
108
+ - spec/fixtures/signed/ideal.cert
109
+ - spec/fixtures/signed/ideal.txt
110
+ - spec/fixtures/unsigned.xml
111
+ - spec/fixtures/unsigned/canonicalizer_1_0.xml
112
+ - spec/fixtures/unsigned/canonicalizer_1_1.xml
113
+ - spec/fixtures/unsigned/canonicalizer_exc.xml
114
+ - spec/fixtures/unsigned/digest_sha1.xml
115
+ - spec/fixtures/unsigned/with_soap_envelope.xml
116
+ - spec/fixtures/unsigned/without_canonicalization.xml
117
+ - spec/fixtures/unsigned/without_namespace_prefix.xml
118
+ - spec/fixtures/unsigned/without_reference_uri.xml
119
+ - spec/fixtures/unsigned_multiple_references.xml
120
+ - spec/fixtures/unsigned_nested_signature.xml
121
+ - spec/lib/xmldsig/reference_spec.rb
122
+ - spec/lib/xmldsig/signature_spec.rb
123
+ - spec/lib/xmldsig/signed_document_spec.rb
124
+ - spec/lib/xmldsig/transforms/enveloped_signature_spec.rb
125
+ - spec/lib/xmldsig/transforms/transform_spec.rb
126
+ - spec/lib/xmldsig_spec.rb
127
+ - spec/spec_helper.rb