class Xmldsig::Signature
Attributes
signature[RW]
Public Class Methods
new(signature)
click to toggle source
# File lib/xmldsig/signature.rb, line 5 def initialize(signature) @signature = signature end
Public Instance Methods
certificate()
click to toggle source
# File lib/xmldsig/signature.rb, line 41 def certificate x509_certificate end
errors()
click to toggle source
# File lib/xmldsig/signature.rb, line 23 def errors references.flat_map(&:errors) + @errors end
references()
click to toggle source
# File lib/xmldsig/signature.rb, line 27 def references @references ||= signature.xpath("descendant::ds:Reference", Xmldsig::NAMESPACES).map do |node| Reference.new(node) end end
sign(private_key = nil, certificate =nil, &block)
click to toggle source
# File lib/xmldsig/signature.rb, line 9 def sign(private_key = nil, certificate =nil, &block) references.each(&:sign) self.x509_certificate = certificate self.signature_value = calculate_signature_value(private_key, &block) end
signature_value()
click to toggle source
# File lib/xmldsig/signature.rb, line 33 def signature_value Base64.decode64 signature.at_xpath("descendant::ds:SignatureValue", Xmldsig::NAMESPACES).content end
signed_info()
click to toggle source
# File lib/xmldsig/signature.rb, line 37 def signed_info signature.at_xpath("descendant::ds:SignedInfo", Xmldsig::NAMESPACES) end
valid?(certificate = nil, &block)
click to toggle source
# File lib/xmldsig/signature.rb, line 15 def valid?(certificate = nil, &block) @errors = [] references.each { |r| r.errors = [] } validate_digest_values validate_signature_value(certificate, &block) errors.empty? end
Private Instance Methods
calculate_signature_value(private_key) { |canonicalized_signed_info, signature_algorithm| ... }
click to toggle source
# File lib/xmldsig/signature.rb, line 54 def calculate_signature_value(private_key, &block) if private_key private_key.sign(signature_method.new, canonicalized_signed_info) else yield(canonicalized_signed_info, signature_algorithm) end end
canonicalization_method()
click to toggle source
# File lib/xmldsig/signature.rb, line 46 def canonicalization_method signed_info.at_xpath("descendant::ds:CanonicalizationMethod", Xmldsig::NAMESPACES).get_attribute("Algorithm") end
canonicalized_signed_info()
click to toggle source
# File lib/xmldsig/signature.rb, line 50 def canonicalized_signed_info Canonicalizer.new(signed_info, canonicalization_method).canonicalize end
signature_algorithm()
click to toggle source
# File lib/xmldsig/signature.rb, line 62 def signature_algorithm signed_info.at_xpath("descendant::ds:SignatureMethod", Xmldsig::NAMESPACES).get_attribute("Algorithm") end
signature_method()
click to toggle source
# File lib/xmldsig/signature.rb, line 66 def signature_method algorithm = signature_algorithm && signature_algorithm =~ /sha(.*?)$/i && $1.to_i case algorithm when 256 then OpenSSL::Digest::SHA256 else OpenSSL::Digest::SHA1 end end
signature_value=(signature_value)
click to toggle source
# File lib/xmldsig/signature.rb, line 76 def signature_value=(signature_value) signature.at_xpath("descendant::ds:SignatureValue", Xmldsig::NAMESPACES).content = Base64.encode64(signature_value).chomp end
validate_digest_values()
click to toggle source
# File lib/xmldsig/signature.rb, line 90 def validate_digest_values references.each(&:validate_digest_value) end
validate_signature_value(certificate) { |signature_value, canonicalized_signed_info, signature_algorithm| ... }
click to toggle source
# File lib/xmldsig/signature.rb, line 94 def validate_signature_value(certificate) signature_valid = if certificate certificate.public_key.verify(signature_method.new, signature_value, canonicalized_signed_info) else yield(signature_value, canonicalized_signed_info, signature_algorithm) end unless signature_valid @errors << :signature end end
x509_certificate()
click to toggle source
# File lib/xmldsig/signature.rb, line 86 def x509_certificate signature.at_xpath("descendant::ds:X509Certificate", Xmldsig::NAMESPACES).content end
x509_certificate=(certificate)
click to toggle source
# File lib/xmldsig/signature.rb, line 81 def x509_certificate=(certificate) signature.at_xpath("descendant::ds:X509Certificate", Xmldsig::NAMESPACES).content = certificate.to_s.gsub("-----BEGIN CERTIFICATE-----\n", '').gsub("\n-----END CERTIFICATE-----\n", '').gsub("\n", '') end