class Xml::Kit::Decryption

{include:file:spec/xml/kit/decryption_spec.rb}

Attributes

cipher_registry[R]

The list of private keys to use to attempt to decrypt the document.

private_keys[R]

The list of private keys to use to attempt to decrypt the document.

Public Class Methods

new(private_keys:, cipher_registry: ::Xml::Kit::Crypto) click to toggle source
# File lib/xml/kit/decryption.rb, line 10
def initialize(private_keys:, cipher_registry: ::Xml::Kit::Crypto)
  @private_keys = private_keys
  @cipher_registry = cipher_registry
end

Public Instance Methods

decrypt(data) click to toggle source

Decrypts an EncryptedData section of an XML document.

@param data [Hash] the XML document converted to a [Hash] using Hash.from_xml. @deprecated Use {#decrypt_hash} instead of this

# File lib/xml/kit/decryption.rb, line 19
def decrypt(data)
  ::Xml::Kit.deprecate(
    'decrypt is deprecated. Use decrypt_xml or decrypt_hash instead.'
  )
  decrypt_hash(data)
end
decrypt_hash(hash) click to toggle source

Decrypts an EncryptedData section of an XML document.

@param hash [Hash] the XML document converted to a [Hash] using Hash.from_xml.

# File lib/xml/kit/decryption.rb, line 36
def decrypt_hash(hash)
  data = hash['EncryptedData']
  to_plaintext(
    Base64.decode64(data['CipherData']['CipherValue']),
    symmetric_key_from(data['KeyInfo']['EncryptedKey']),
    data['EncryptionMethod']['Algorithm']
  )
end
decrypt_node(node) click to toggle source

Decrypts an EncryptedData Nokogiri::XML::Element.

@param node [Nokogiri::XML::Element.] the XML node to decrypt.

# File lib/xml/kit/decryption.rb, line 48
def decrypt_node(node)
  return node unless !node.nil? && node.name == 'EncryptedData'

  node.parent.replace(decrypt_xml(node.to_s))[0]
end
decrypt_xml(raw_xml) click to toggle source

Decrypts an EncryptedData section of an XML document.

@param raw_xml [String] the XML document as a string.

# File lib/xml/kit/decryption.rb, line 29
def decrypt_xml(raw_xml)
  decrypt_hash(Hash.from_xml(raw_xml))
end

Private Instance Methods

cipher_and_algorithm_from(encrypted_key) click to toggle source
# File lib/xml/kit/decryption.rb, line 71
def cipher_and_algorithm_from(encrypted_key)
  [
    Base64.decode64(encrypted_key['CipherData']['CipherValue']),
    encrypted_key['EncryptionMethod']['Algorithm']
  ]
end
symmetric_key_from(encrypted_key, attempts = private_keys.count) click to toggle source
# File lib/xml/kit/decryption.rb, line 56
def symmetric_key_from(encrypted_key, attempts = private_keys.count)
  cipher, algorithm = cipher_and_algorithm_from(encrypted_key)
  private_keys.each do |private_key|
    attempts -= 1
    return to_plaintext(cipher, private_key, algorithm)
  rescue OpenSSL::PKey::RSAError
    raise if attempts.zero?
  end
  raise DecryptionError, private_keys
end
to_plaintext(cipher_text, private_key, algorithm) click to toggle source
# File lib/xml/kit/decryption.rb, line 67
def to_plaintext(cipher_text, private_key, algorithm)
  cipher_registry.cipher_for(algorithm, private_key).decrypt(cipher_text)
end