xmldsig 0.3.0 → 0.3.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c660b351f5875742f3eadd11bee9e6db8cb52c5e
4
- data.tar.gz: 9ca1137b37ea2fd0571caf180818f690a387847d
3
+ metadata.gz: 3839ef55412ec63fe324ff4ff015e997ade606ac
4
+ data.tar.gz: 2f34485c7c185f7f1e8aa25c0e08ed4532084d18
5
5
  SHA512:
6
- metadata.gz: bbe25b7ed1e30ff825dac52c101b74dbb3337112c54d539b869460c7833e8a2d19d67801abed19d118f044cfeb9d7689295f74d0496c3a8695f1420e83216ab7
7
- data.tar.gz: be13b6062f6d168b5605e3d4048c8b7eb0d5f111d919a9781e95b92abb545eb8d11f3f0ce3ae909ee709ce5cde433532324d27531f0e5eefb41fb133d8af877c
6
+ metadata.gz: 154d99fbeb8933bbfd89ca6a3d016b955ff3abc0abb71f741c8618f358c87d4dd4f61b99d248159b5b07e415f524236ea3782d761e5284b7ba00be061339f399
7
+ data.tar.gz: d4cc3f3815fe83f4934a940515ecab57366cee2557eff17ed137f152f5d94827e127d5c0e82f2857d5cc51010edf3324460646e9af470d3b4b2afb3f6d39f16c
data/CHANGELOG.md CHANGED
@@ -1,5 +1,8 @@
1
1
  # Changelog
2
2
 
3
+ v0.3.1 10-11-2015
4
+ - Added the option to only sign the root signature with the `Xmldsig::SignedDocument#sign` method
5
+
3
6
  v0.2.9 10-07-2015
4
7
  - Use variable binding to create a custom XPath (Sean Bryant)
5
8
 
@@ -15,8 +15,12 @@ module Xmldsig
15
15
  signatures.any? && signatures.all? { |signature| signature.valid?(certificate, &block) }
16
16
  end
17
17
 
18
- def sign(private_key = nil, instruct = true, &block)
19
- signatures.reverse.each { |signature| signature.sign(private_key, &block) }
18
+ def sign(private_key = nil, instruct = true, root_only = false, &block)
19
+ if root_only
20
+ signatures.first.sign(private_key, &block)
21
+ else
22
+ signatures.reverse.each { |signature| signature.sign(private_key, &block) }
23
+ end
20
24
  instruct ? @document.to_s : @document.root.to_s
21
25
  end
22
26
 
@@ -1,3 +1,3 @@
1
1
  module Xmldsig
2
- VERSION = '0.3.0'
2
+ VERSION = '0.3.1'
3
3
  end
@@ -0,0 +1,42 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <baz:Baz ID="baz" xmlns:foo="http://example.com/foo#" xmlns:baz="http://example.com/baz#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#">
3
+ <ds:Signature>
4
+ <ds:SignedInfo>
5
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
6
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
7
+ <ds:Reference URI="#baz">
8
+ <ds:Transforms>
9
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
10
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
11
+ <ec:InclusiveNamespaces PrefixList="foo baz"/>
12
+ </ds:Transform>
13
+ </ds:Transforms>
14
+ <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
15
+ <ds:DigestValue></ds:DigestValue>
16
+ </ds:Reference>
17
+ </ds:SignedInfo>
18
+ <ds:SignatureValue></ds:SignatureValue>
19
+ </ds:Signature>
20
+ <foo:Foo ID="foo">
21
+ <foo:Bar>bar</foo:Bar>
22
+ <ds:Signature>
23
+ <ds:SignedInfo>
24
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
25
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
26
+ <ds:Reference URI="#foo">
27
+ <ds:Transforms>
28
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
29
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
30
+ <ec:InclusiveNamespaces PrefixList="foo"/>
31
+ </ds:Transform>
32
+ </ds:Transforms>
33
+ <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
34
+ <ds:DigestValue>ftoSYFdze1AWgGHF5N9i9SFKThXkqH2AdyzA3/epbJw=</ds:DigestValue>
35
+ </ds:Reference>
36
+ </ds:SignedInfo>
37
+ <ds:SignatureValue>E3yyqsSoxRkhYEuaEtR+SLg85gU5B4a7xUXA+d2Zn6j7F6z73dOd8iYHOusB
38
+ Ty3C/3ujbmPhHKg8uX9kUE8b+YoOqZt4z9pdxAq44nJEuijwi4doIPpHWirv
39
+ BnSoP5IoL0DYzGVrgj8udRzfAw5nNeV7wSrBZEn+yrxmUPJoUZc=</ds:SignatureValue>
40
+ </ds:Signature>
41
+ </foo:Foo>
42
+ </baz:Baz>
@@ -93,8 +93,20 @@ describe Xmldsig::SignedDocument do
93
93
  end
94
94
  Xmldsig::SignedDocument.new(signed_document).validate(certificate).should be == true
95
95
  end
96
- end
97
96
 
97
+ context 'with the root only option' do
98
+ let(:unsigned_xml) { File.read("spec/fixtures/unsigned_nested_signed_signature.xml") }
99
+ let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml) }
100
+
101
+ let(:signed_xml) { unsigned_document.sign(private_key, true, true) }
102
+ let(:signed_document) { Xmldsig::SignedDocument.new(signed_xml) }
103
+
104
+ it 'only signs the root signature and leaves the nested signature intact' do
105
+ signed_document.signatures.first.valid?(certificate).should be == true
106
+ signed_document.signatures.last.signature_value.should be == unsigned_document.signatures.last.signature_value
107
+ end
108
+ end
109
+ end
98
110
 
99
111
  describe "Nested Signatures" do
100
112
  let(:unsigned_xml) { File.read("spec/fixtures/unsigned_nested_signature.xml") }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: xmldsig
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - benoist
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-11-09 00:00:00.000000000 Z
11
+ date: 2015-11-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -78,6 +78,7 @@ files:
78
78
  - spec/fixtures/unsigned_custom_attribute_id.xml
79
79
  - spec/fixtures/unsigned_multiple_references.xml
80
80
  - spec/fixtures/unsigned_nested_signature.xml
81
+ - spec/fixtures/unsigned_nested_signed_signature.xml
81
82
  - spec/lib/xmldsig/reference_spec.rb
82
83
  - spec/lib/xmldsig/signature_spec.rb
83
84
  - spec/lib/xmldsig/signed_document_spec.rb
@@ -137,6 +138,7 @@ test_files:
137
138
  - spec/fixtures/unsigned_custom_attribute_id.xml
138
139
  - spec/fixtures/unsigned_multiple_references.xml
139
140
  - spec/fixtures/unsigned_nested_signature.xml
141
+ - spec/fixtures/unsigned_nested_signed_signature.xml
140
142
  - spec/lib/xmldsig/reference_spec.rb
141
143
  - spec/lib/xmldsig/signature_spec.rb
142
144
  - spec/lib/xmldsig/signed_document_spec.rb