xmldsig 0.3.2 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +3 -0
  3. data/lib/xmldsig/signature.rb +8 -0
  4. data/lib/xmldsig/signed_document.rb +6 -7
  5. data/lib/xmldsig/version.rb +1 -1
  6. data/spec/fixtures/unsigned_nested_signed_signature.xml +1 -3
  7. data/spec/lib/xmldsig/signed_document_spec.rb +20 -5
  8. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 9a25ba1df705f0356c2b566cccfe488ed8349f15
4
- data.tar.gz: 63b9cf765ae35c0a8ff18c7004034ced0be392b1
3
+ metadata.gz: f23a822603d9deb9781149f9440df390aa386fc2
4
+ data.tar.gz: 8501502a05a8e89e1c58cabcde2ea86a0dd57dfd
5
5
  SHA512:
6
- metadata.gz: 8a52954081fa6154227cbd7e68ee41c71c6044344e9ccd24b541f30437df13687ca23fb2a0efc4af5f3248b54ac2541e9d14d08016a18ab81557b00f775a6662
7
- data.tar.gz: f7efae54cadb080a881b4b1be9266bed9d800181a4c2cbed41435c6cedeb7089e3cd4971ad1708879070566b2d5f8086c09710d16bed6f1adeba78100e6173b0
6
+ metadata.gz: 60def31b212dc61e5cf32b3062ecc5969106c9ee6555878c1a79463b0de80b002ce7301c1bb38f181adc78ec3d43edd1b2d2fc1fe4f0edc6ca14dd372a6ec018
7
+ data.tar.gz: ca9edf2fe24d1297cd9d64121f1154aa637d5bce0e601b27c3323de16b28e7d2a7e6207b50e9ef5d9cbbd064e961a637234b8f4e41f3e742fccc69f8c7ad158f
data/CHANGELOG.md CHANGED
@@ -1,5 +1,8 @@
1
1
  # Changelog
2
2
 
3
+ v0.4.0 20-11-2015
4
+ - Breaking change: Signing now leaves previously signed signatures in tact. Use Xmldsig::SignedDocument.new(unsigned_xml, force: true) to resign all signatures
5
+
3
6
  v0.3.2 17-11-2015
4
7
  - After signing return the XML the correct way
5
8
 
data/lib/xmldsig/signature.rb CHANGED
@@ -39,6 +39,14 @@ module Xmldsig
39
39
  errors.empty?
40
40
  end
41
41
 
42
+ def signed?
43
+ !unsigned?
44
+ end
45
+
46
+ def unsigned?
47
+ self.signature_value.to_s.empty?
48
+ end
49
+
42
50
  private
43
51
 
44
52
  def canonicalization_method
data/lib/xmldsig/signed_document.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  module Xmldsig
2
2
  class SignedDocument
3
- attr_accessor :document, :id_attr
3
+ attr_accessor :document, :id_attr, :force
4
4
 
5
5
  def initialize(document, options = {})
6
6
  @document = if document.kind_of?(Nokogiri::XML::Document)
@@ -8,18 +8,17 @@ module Xmldsig
8
8
  else
9
9
  Nokogiri::XML(document, nil, nil, Nokogiri::XML::ParseOptions::STRICT)
10
10
  end
11
- @id_attr = options[:id_attr] if options[:id_attr]
11
+ @id_attr = options[:id_attr] if options[:id_attr]
12
+ @force = options[:force]
12
13
  end
13
14
 
14
15
  def validate(certificate = nil, &block)
15
16
  signatures.any? && signatures.all? { |signature| signature.valid?(certificate, &block) }
16
17
  end
17
18
 
18
- def sign(private_key = nil, instruct = true, root_only = false, &block)
19
- if root_only
20
- signatures.first.sign(private_key, &block)
21
- else
22
- signatures.reverse.each { |signature| signature.sign(private_key, &block) }
19
+ def sign(private_key = nil, instruct = true, &block)
20
+ signatures.reverse.each do |signature|
21
+ signature.sign(private_key, &block) if signature.unsigned? || force
23
22
  end
24
23
 
25
24
  if instruct
data/lib/xmldsig/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Xmldsig
2
- VERSION = '0.3.2'
2
+ VERSION = '0.4.0'
3
3
  end
data/spec/fixtures/unsigned_nested_signed_signature.xml CHANGED
@@ -34,9 +34,7 @@
34
34
  <ds:DigestValue>ftoSYFdze1AWgGHF5N9i9SFKThXkqH2AdyzA3/epbJw=</ds:DigestValue>
35
35
  </ds:Reference>
36
36
  </ds:SignedInfo>
37
- <ds:SignatureValue>E3yyqsSoxRkhYEuaEtR+SLg85gU5B4a7xUXA+d2Zn6j7F6z73dOd8iYHOusB
38
- Ty3C/3ujbmPhHKg8uX9kUE8b+YoOqZt4z9pdxAq44nJEuijwi4doIPpHWirv
39
- BnSoP5IoL0DYzGVrgj8udRzfAw5nNeV7wSrBZEn+yrxmUPJoUZc=</ds:SignatureValue>
37
+ <ds:SignatureValue>ftoSYFdze1AWgGHF5N9i9SFKThXkqH2AdyzA3/epbJw=</ds:SignatureValue>
40
38
  </ds:Signature>
41
39
  </foo:Foo>
42
40
  </baz:Baz>
data/spec/lib/xmldsig/signed_document_spec.rb CHANGED
@@ -28,7 +28,7 @@ describe Xmldsig::SignedDocument do
28
28
  end
29
29
 
30
30
  it "accepts a nokogiri document" do
31
- doc = Nokogiri::XML(unsigned_xml)
31
+ doc = Nokogiri::XML(unsigned_xml)
32
32
  signed_document = described_class.new(doc)
33
33
  signed_document.document.should be_a(Nokogiri::XML::Document)
34
34
  end
@@ -74,9 +74,9 @@ describe Xmldsig::SignedDocument do
74
74
  end
75
75
 
76
76
  it "validates a document with a http://www.w3.org/2001/10/xml-exc-c14n#WithComments transform" do
77
- unsigned_xml_with_comments = File.read("spec/fixtures/signed_xml-exc-c14n#with_comments.xml")
77
+ unsigned_xml_with_comments = File.read("spec/fixtures/signed_xml-exc-c14n#with_comments.xml")
78
78
  unsigned_documents_with_comments = Xmldsig::SignedDocument.new(unsigned_xml_with_comments)
79
- signed_xml_with_comments = unsigned_documents_with_comments.sign(private_key)
79
+ signed_xml_with_comments = unsigned_documents_with_comments.sign(private_key)
80
80
  Xmldsig::SignedDocument.new(signed_xml_with_comments).validate(certificate).should be == true
81
81
  end
82
82
  end
@@ -94,18 +94,33 @@ describe Xmldsig::SignedDocument do
94
94
  Xmldsig::SignedDocument.new(signed_document).validate(certificate).should be == true
95
95
  end
96
96
 
97
- context 'with the root only option' do
97
+ context 'with the force false' do
98
98
  let(:unsigned_xml) { File.read("spec/fixtures/unsigned_nested_signed_signature.xml") }
99
99
  let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml) }
100
100
 
101
- let(:signed_xml) { unsigned_document.sign(private_key, true, true) }
101
+ let(:signed_xml) { unsigned_document.sign(private_key) }
102
102
  let(:signed_document) { Xmldsig::SignedDocument.new(signed_xml) }
103
103
 
104
104
  it 'only signs the root signature and leaves the nested signature intact' do
105
105
  signed_document.signatures.first.valid?(certificate).should be == true
106
+ signed_document.signatures.last.valid?(certificate).should be == false
106
107
  signed_document.signatures.last.signature_value.should be == unsigned_document.signatures.last.signature_value
107
108
  end
108
109
  end
110
+
111
+ context 'with the force true' do
112
+ let(:unsigned_xml) { File.read("spec/fixtures/unsigned_nested_signed_signature.xml") }
113
+ let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml, force: true) }
114
+
115
+ let(:signed_xml) { unsigned_document.sign(private_key) }
116
+ let(:signed_document) { Xmldsig::SignedDocument.new(signed_xml) }
117
+
118
+ it 'only signs the root signature and leaves the nested signature intact' do
119
+ signed_document.signatures.first.valid?(certificate).should be == true
120
+ signed_document.signatures.last.valid?(certificate).should be == true
121
+ signed_document.signatures.last.signature_value.should be != unsigned_document.signatures.last.signature_value
122
+ end
123
+ end
109
124
  end
110
125
 
111
126
  describe "Nested Signatures" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: xmldsig
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.2
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - benoist
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-11-17 00:00:00.000000000 Z
11
+ date: 2015-11-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri