Class: NemID::XMLDSig::Document

Inherits:

Xmldsig::SignedDocument

• Object
• Xmldsig::SignedDocument
• NemID::XMLDSig::Document

Defined in:

lib/nemid/xmldsig/document.rb

Instance Method Summary

• #extract_pid_or_rid ⇒ Object
• #get_user_certificate ⇒ Object
• #initialize(document, options = {}) ⇒ Document constructor

  A new instance of Document.

• #user_certificate_expired? ⇒ Boolean
• #user_certificate_revoked? ⇒ Boolean
• #validate_certificate_chain ⇒ Object
• #validate_signature ⇒ Object

Constructor Details

#initialize(document, options = {}) ⇒ Document

Returns a new instance of Document.

# File 'lib/nemid/xmldsig/document.rb', line 6

def initialize(document, options = {})
  super
  @store = OpenSSL::X509::Store.new
  @user_certificate = nil
  extract_and_store_certificates
end

Instance Method Details

#extract_pid_or_rid ⇒ Object

# File 'lib/nemid/xmldsig/document.rb', line 13

def extract_pid_or_rid
  return @user_certificate.subject.to_a.assoc("serialNumber")[1]
end

#get_user_certificate ⇒ Object

# File 'lib/nemid/xmldsig/document.rb', line 17

def get_user_certificate
  return @user_certificate
end

#user_certificate_expired? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/nemid/xmldsig/document.rb', line 21

def user_certificate_expired?
  @user_certificate.not_after < Time.now.utc
end

#user_certificate_revoked? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/nemid/xmldsig/document.rb', line 25

def user_certificate_revoked?
  ocsp.request(
    subject: @user_certificate,
    issuer: @intermediate_cert,
    ca: @root_cert
  )
rescue NemID::OCSP::Error
  return true
end

#validate_certificate_chain ⇒ Object

# File 'lib/nemid/xmldsig/document.rb', line 35

def validate_certificate_chain
  @store.verify(@user_certificate)
end

#validate_signature ⇒ Object

# File 'lib/nemid/xmldsig/document.rb', line 39

def validate_signature
  validate(@user_certificate)
end