class NemID::XMLDSig::Document
Public Class Methods
new(document, options = {})
click to toggle source
Calls superclass method
# File lib/nemid/xmldsig/document.rb, line 6 def initialize(document, options = {}) super @store = OpenSSL::X509::Store.new @user_certificate = nil extract_and_store_certificates end
Public Instance Methods
extract_pid_or_rid()
click to toggle source
# File lib/nemid/xmldsig/document.rb, line 13 def extract_pid_or_rid return @user_certificate.subject.to_a.assoc("serialNumber")[1] end
get_user_certificate()
click to toggle source
# File lib/nemid/xmldsig/document.rb, line 17 def get_user_certificate return @user_certificate end
user_certificate_expired?()
click to toggle source
# File lib/nemid/xmldsig/document.rb, line 21 def user_certificate_expired? @user_certificate.not_after < Time.now.utc end
user_certificate_revoked?()
click to toggle source
# File lib/nemid/xmldsig/document.rb, line 25 def user_certificate_revoked? ocsp.request( subject: @user_certificate, issuer: @intermediate_cert, ca: @root_cert ) rescue NemID::OCSP::Error return true end
validate_certificate_chain()
click to toggle source
# File lib/nemid/xmldsig/document.rb, line 35 def validate_certificate_chain @store.verify(@user_certificate) end
validate_signature()
click to toggle source
# File lib/nemid/xmldsig/document.rb, line 39 def validate_signature validate(@user_certificate) end
Private Instance Methods
certificates()
click to toggle source
# File lib/nemid/xmldsig/document.rb, line 44 def certificates xpath = '//ds:KeyInfo/ds:X509Data/ds:X509Certificate' document.xpath(xpath, NAMESPACES).each end
extract_and_store_certificates()
click to toggle source
# File lib/nemid/xmldsig/document.rb, line 49 def extract_and_store_certificates certificates.each do |element| cert = x509_certificate(Base64.decode64(element.text)) cert_key_usage = cert.find_extension('keyUsage').value if (cert_key_usage =~ /Digital Signature/) @user_certificate = cert elsif cert.issuer.cmp(cert.subject) == 0 @root_cert = cert @store.add_cert(cert) else @intermediate_cert = cert @store.add_cert(cert) end end end
ocsp()
click to toggle source
# File lib/nemid/xmldsig/document.rb, line 66 def ocsp @ocsp ||= NemID::OCSP end
x509_certificate(raw)
click to toggle source
# File lib/nemid/xmldsig/document.rb, line 70 def x509_certificate(raw) OpenSSL::X509::Certificate.new(raw) end