xmldsig-fiscalizer 0.2.4

data/spec/lib/xmldsig/transforms/enveloped_signature_spec.rb

@@ -0,0 +1,18 @@
+require 'spec_helper'
+
+describe Xmldsig::Transforms::EnvelopedSignature do
+  let(:unsigned_xml) { File.read('spec/fixtures/unsigned_nested_signature.xml') }
+  let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml) }
+
+  it 'only removes the first signature element' do
+    node_with_nested_signature = unsigned_document.signatures.last.references.first.referenced_node
+
+    described_class.new(node_with_nested_signature, nil).transform
+
+    remaining_signatures = node_with_nested_signature.xpath('descendant::ds:Signature', Xmldsig::NAMESPACES)
+    remaining_signatures.count.should == 1
+    signature = Xmldsig::Signature.new(remaining_signatures.first)
+
+    signature.references.first.reference_uri.should == '#baz'
+  end
+end

data/spec/lib/xmldsig/transforms/transform_spec.rb

@@ -0,0 +1,10 @@
+require 'spec_helper'
+
+describe Xmldsig::Transforms::Transform do
+
+  it "raises a warning when transform is called" do
+    described_class.any_instance.should_receive(:warn)
+    described_class.new(nil,nil).transform
+  end
+
+end

data/spec/lib/xmldsig_spec.rb

@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe Xmldsig do
+  let(:private_key) { OpenSSL::PKey::RSA.new(File.read("spec/fixtures/key.pem")) }
+  let(:certificate) { OpenSSL::X509::Certificate.new(File.read("spec/fixtures/certificate.cer")) }
+
+  describe "Sign unsigned documents" do
+    Dir["spec/fixtures/unsigned/*.xml"].each do |document|
+      describe "#{document}" do
+        let(:unsigned_xml) { File.read(document) }
+        let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml) }
+        let(:signed_document) { unsigned_document.sign(private_key) }
+
+        it "should be signable an validateable" do
+          Xmldsig::SignedDocument.new(signed_document).validate(certificate).should be_true
+        end
+
+        it 'should have a signature element' do
+          Xmldsig::SignedDocument.new(signed_document).signatures.count.should == 1
+        end
+
+        # TODO: remove this verification step when library matures
+        #it 'matches the result from xmlsec1' do
+        #  result = `xmlsec1 --sign --id-attr:ID http://example.com/foo#:Foo --privkey-pem spec/fixtures/key.pem #{document}`
+        #  result.gsub!("\n", '')
+        #  signed_document.gsub!("\n", '')
+        #  result.should == signed_document
+        #end
+      end
+    end
+  end
+
+  describe "Verify signed documents" do
+    Dir["spec/fixtures/signed/*.txt"].each do |document|
+      describe "#{document}" do
+        let(:signed_xml) { Base64.decode64(File.read(document)) }
+        let(:signed_document) { Xmldsig::SignedDocument.new(signed_xml) }
+        let(:certificate) { OpenSSL::X509::Certificate.new(File.read(document.gsub('.txt', '.cert'))) }
+
+        it "should be validateable" do
+          signed_document.validate(certificate).should be_true
+        end
+      end
+    end
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,22 @@
+require 'simplecov'
+SimpleCov.start
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# Require this file using `require "spec_helper"` to ensure that it is only
+# loaded once.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+
+require 'xmldsig'
+
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = 'random'
+end

data/xmldsig.gemspec

@@ -0,0 +1,20 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/xmldsig/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["benoist"]
+  gem.email         = ["benoist.claassen@gmail.com"]
+  gem.description   = %q{This gem is a (partial) implementation of the XMLDsig specification}
+  gem.summary       = %q{This gem is a (partial) implementation of the XMLDsig specification (http://www.w3.org/TR/xmldsig-core)}
+  gem.homepage      = "https://github.com/infinum/xmldsig"
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "xmldsig-fiscalizer"
+  gem.license       = 'MIT'
+  gem.require_paths = ["lib"]
+  gem.version       = Xmldsig::VERSION
+
+  gem.add_dependency("nokogiri")
+end

metadata

@@ -0,0 +1,127 @@
+--- !ruby/object:Gem::Specification
+name: xmldsig-fiscalizer
+version: !ruby/object:Gem::Version
+  version: 0.2.4
+platform: ruby
+authors:
+- benoist
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-02-26 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: This gem is a (partial) implementation of the XMLDsig specification
+email:
+- benoist.claassen@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- CHANGELOG.md
+- Gemfile
+- Guardfile
+- LICENSE
+- README.md
+- Rakefile
+- lib/xmldsig.rb
+- lib/xmldsig/canonicalizer.rb
+- lib/xmldsig/reference.rb
+- lib/xmldsig/signature.rb
+- lib/xmldsig/signed_document.rb
+- lib/xmldsig/transforms.rb
+- lib/xmldsig/transforms/canonicalize.rb
+- lib/xmldsig/transforms/enveloped_signature.rb
+- lib/xmldsig/transforms/transform.rb
+- lib/xmldsig/version.rb
+- signing_service.rb
+- spec/fixtures/certificate.cer
+- spec/fixtures/certificate2.cer
+- spec/fixtures/key.pem
+- spec/fixtures/signed.xml
+- spec/fixtures/signed/ideal.cert
+- spec/fixtures/signed/ideal.txt
+- spec/fixtures/unsigned.xml
+- spec/fixtures/unsigned/canonicalizer_1_0.xml
+- spec/fixtures/unsigned/canonicalizer_1_1.xml
+- spec/fixtures/unsigned/canonicalizer_exc.xml
+- spec/fixtures/unsigned/digest_sha1.xml
+- spec/fixtures/unsigned/with_soap_envelope.xml
+- spec/fixtures/unsigned/without_canonicalization.xml
+- spec/fixtures/unsigned/without_namespace_prefix.xml
+- spec/fixtures/unsigned/without_reference_uri.xml
+- spec/fixtures/unsigned_multiple_references.xml
+- spec/fixtures/unsigned_nested_signature.xml
+- spec/lib/xmldsig/reference_spec.rb
+- spec/lib/xmldsig/signature_spec.rb
+- spec/lib/xmldsig/signed_document_spec.rb
+- spec/lib/xmldsig/transforms/enveloped_signature_spec.rb
+- spec/lib/xmldsig/transforms/transform_spec.rb
+- spec/lib/xmldsig_spec.rb
+- spec/spec_helper.rb
+- xmldsig.gemspec
+homepage: https://github.com/infinum/xmldsig
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: This gem is a (partial) implementation of the XMLDsig specification (http://www.w3.org/TR/xmldsig-core)
+test_files:
+- spec/fixtures/certificate.cer
+- spec/fixtures/certificate2.cer
+- spec/fixtures/key.pem
+- spec/fixtures/signed.xml
+- spec/fixtures/signed/ideal.cert
+- spec/fixtures/signed/ideal.txt
+- spec/fixtures/unsigned.xml
+- spec/fixtures/unsigned/canonicalizer_1_0.xml
+- spec/fixtures/unsigned/canonicalizer_1_1.xml
+- spec/fixtures/unsigned/canonicalizer_exc.xml
+- spec/fixtures/unsigned/digest_sha1.xml
+- spec/fixtures/unsigned/with_soap_envelope.xml
+- spec/fixtures/unsigned/without_canonicalization.xml
+- spec/fixtures/unsigned/without_namespace_prefix.xml
+- spec/fixtures/unsigned/without_reference_uri.xml
+- spec/fixtures/unsigned_multiple_references.xml
+- spec/fixtures/unsigned_nested_signature.xml
+- spec/lib/xmldsig/reference_spec.rb
+- spec/lib/xmldsig/signature_spec.rb
+- spec/lib/xmldsig/signed_document_spec.rb
+- spec/lib/xmldsig/transforms/enveloped_signature_spec.rb
+- spec/lib/xmldsig/transforms/transform_spec.rb
+- spec/lib/xmldsig_spec.rb
+- spec/spec_helper.rb