xmldsig 0.3.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +3 -0
  3. data/lib/xmldsig/signed_document.rb +6 -2
  4. data/lib/xmldsig/version.rb +1 -1
  5. data/spec/fixtures/unsigned_nested_signed_signature.xml +42 -0
  6. data/spec/lib/xmldsig/signed_document_spec.rb +13 -1
  7. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c660b351f5875742f3eadd11bee9e6db8cb52c5e
4
- data.tar.gz: 9ca1137b37ea2fd0571caf180818f690a387847d
3
+ metadata.gz: 3839ef55412ec63fe324ff4ff015e997ade606ac
4
+ data.tar.gz: 2f34485c7c185f7f1e8aa25c0e08ed4532084d18
5
5
  SHA512:
6
- metadata.gz: bbe25b7ed1e30ff825dac52c101b74dbb3337112c54d539b869460c7833e8a2d19d67801abed19d118f044cfeb9d7689295f74d0496c3a8695f1420e83216ab7
7
- data.tar.gz: be13b6062f6d168b5605e3d4048c8b7eb0d5f111d919a9781e95b92abb545eb8d11f3f0ce3ae909ee709ce5cde433532324d27531f0e5eefb41fb133d8af877c
6
+ metadata.gz: 154d99fbeb8933bbfd89ca6a3d016b955ff3abc0abb71f741c8618f358c87d4dd4f61b99d248159b5b07e415f524236ea3782d761e5284b7ba00be061339f399
7
+ data.tar.gz: d4cc3f3815fe83f4934a940515ecab57366cee2557eff17ed137f152f5d94827e127d5c0e82f2857d5cc51010edf3324460646e9af470d3b4b2afb3f6d39f16c
data/CHANGELOG.md CHANGED
@@ -1,5 +1,8 @@
1
1
  # Changelog
2
2
 
3
+ v0.3.1 10-11-2015
4
+ - Added the option to only sign the root signature with the `Xmldsig::SignedDocument#sign` method
5
+
3
6
  v0.2.9 10-07-2015
4
7
  - Use variable binding to create a custom XPath (Sean Bryant)
5
8
 
data/lib/xmldsig/signed_document.rb CHANGED
@@ -15,8 +15,12 @@ module Xmldsig
15
15
  signatures.any? && signatures.all? { |signature| signature.valid?(certificate, &block) }
16
16
  end
17
17
 
18
- def sign(private_key = nil, instruct = true, &block)
19
- signatures.reverse.each { |signature| signature.sign(private_key, &block) }
18
+ def sign(private_key = nil, instruct = true, root_only = false, &block)
19
+ if root_only
20
+ signatures.first.sign(private_key, &block)
21
+ else
22
+ signatures.reverse.each { |signature| signature.sign(private_key, &block) }
23
+ end
20
24
  instruct ? @document.to_s : @document.root.to_s
21
25
  end
22
26
 
data/lib/xmldsig/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Xmldsig
2
- VERSION = '0.3.0'
2
+ VERSION = '0.3.1'
3
3
  end
data/spec/fixtures/unsigned_nested_signed_signature.xml ADDED
@@ -0,0 +1,42 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <baz:Baz ID="baz" xmlns:foo="http://example.com/foo#" xmlns:baz="http://example.com/baz#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#">
3
+ <ds:Signature>
4
+ <ds:SignedInfo>
5
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
6
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
7
+ <ds:Reference URI="#baz">
8
+ <ds:Transforms>
9
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
10
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
11
+ <ec:InclusiveNamespaces PrefixList="foo baz"/>
12
+ </ds:Transform>
13
+ </ds:Transforms>
14
+ <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
15
+ <ds:DigestValue></ds:DigestValue>
16
+ </ds:Reference>
17
+ </ds:SignedInfo>
18
+ <ds:SignatureValue></ds:SignatureValue>
19
+ </ds:Signature>
20
+ <foo:Foo ID="foo">
21
+ <foo:Bar>bar</foo:Bar>
22
+ <ds:Signature>
23
+ <ds:SignedInfo>
24
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
25
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
26
+ <ds:Reference URI="#foo">
27
+ <ds:Transforms>
28
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
29
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
30
+ <ec:InclusiveNamespaces PrefixList="foo"/>
31
+ </ds:Transform>
32
+ </ds:Transforms>
33
+ <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
34
+ <ds:DigestValue>ftoSYFdze1AWgGHF5N9i9SFKThXkqH2AdyzA3/epbJw=</ds:DigestValue>
35
+ </ds:Reference>
36
+ </ds:SignedInfo>
37
+ <ds:SignatureValue>E3yyqsSoxRkhYEuaEtR+SLg85gU5B4a7xUXA+d2Zn6j7F6z73dOd8iYHOusB
38
+ Ty3C/3ujbmPhHKg8uX9kUE8b+YoOqZt4z9pdxAq44nJEuijwi4doIPpHWirv
39
+ BnSoP5IoL0DYzGVrgj8udRzfAw5nNeV7wSrBZEn+yrxmUPJoUZc=</ds:SignatureValue>
40
+ </ds:Signature>
41
+ </foo:Foo>
42
+ </baz:Baz>
data/spec/lib/xmldsig/signed_document_spec.rb CHANGED
@@ -93,8 +93,20 @@ describe Xmldsig::SignedDocument do
93
93
  end
94
94
  Xmldsig::SignedDocument.new(signed_document).validate(certificate).should be == true
95
95
  end
96
- end
97
96
 
97
+ context 'with the root only option' do
98
+ let(:unsigned_xml) { File.read("spec/fixtures/unsigned_nested_signed_signature.xml") }
99
+ let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml) }
100
+
101
+ let(:signed_xml) { unsigned_document.sign(private_key, true, true) }
102
+ let(:signed_document) { Xmldsig::SignedDocument.new(signed_xml) }
103
+
104
+ it 'only signs the root signature and leaves the nested signature intact' do
105
+ signed_document.signatures.first.valid?(certificate).should be == true
106
+ signed_document.signatures.last.signature_value.should be == unsigned_document.signatures.last.signature_value
107
+ end
108
+ end
109
+ end
98
110
 
99
111
  describe "Nested Signatures" do
100
112
  let(:unsigned_xml) { File.read("spec/fixtures/unsigned_nested_signature.xml") }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: xmldsig
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - benoist
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-11-09 00:00:00.000000000 Z
11
+ date: 2015-11-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -78,6 +78,7 @@ files:
78
78
  - spec/fixtures/unsigned_custom_attribute_id.xml
79
79
  - spec/fixtures/unsigned_multiple_references.xml
80
80
  - spec/fixtures/unsigned_nested_signature.xml
81
+ - spec/fixtures/unsigned_nested_signed_signature.xml
81
82
  - spec/lib/xmldsig/reference_spec.rb
82
83
  - spec/lib/xmldsig/signature_spec.rb
83
84
  - spec/lib/xmldsig/signed_document_spec.rb
@@ -137,6 +138,7 @@ test_files:
137
138
  - spec/fixtures/unsigned_custom_attribute_id.xml
138
139
  - spec/fixtures/unsigned_multiple_references.xml
139
140
  - spec/fixtures/unsigned_nested_signature.xml
141
+ - spec/fixtures/unsigned_nested_signed_signature.xml
140
142
  - spec/lib/xmldsig/reference_spec.rb
141
143
  - spec/lib/xmldsig/signature_spec.rb
142
144
  - spec/lib/xmldsig/signed_document_spec.rb