Class: SignatureDfe::Check

Inherits:
Object
  • Object
show all
Defined in:
lib/signature_dfe_check.rb

Class Method Summary collapse

Class Method Details

.digest_check(xml) ⇒ Object 



19
20
21
22
23
24
25
26
27
28
 
# File 'lib/signature_dfe_check.rb', line 19

def self.digest_check(xml)
  uri = Xml.namespace_value('URI', Xml.tag('Reference', xml)).gsub('#', '')
  xmlns = Xml.namespace_value('xmlns', xml)
  node_assigned = Xml.get_node_by_namespace_value(uri, xml)
  node_assigned.gsub!(/>\s+</, '><')
  node_name = Xml.node_name(node_assigned)
  node_assigned.gsub!(node_name, %(#{node_name} xmlns="#{xmlns}")) unless Xml.tag(node_name, xml).include?(xmlns)
  dv = OpenSSL::Digest::SHA1.digest(Xml.canonize(node_assigned))
  Base64.encode64(dv).strip == Xml.node_content('DigestValue', xml)
end

.only_signature_check(xml) ⇒ Object 



3
4
5
6
7
8
9
10
11
 
# File 'lib/signature_dfe_check.rb', line 3

def self.only_signature_check(xml)
  signed_info_canonized = Xml.signed_info_canonized xml
  certificate = Xml.public_cert xml
  certificate.public_key.verify(
    OpenSSL::Digest.new(Xml.digest_method_algorithm(signed_info_canonized)),
    Base64.decode64(Xml.node_content('SignatureValue', xml)),
    signed_info_canonized
  )
end

.signature_check(xml) ⇒ Object 



13
14
15
16
17
 
# File 'lib/signature_dfe_check.rb', line 13

def self.signature_check(xml)
  return false unless digest_check(xml)

  only_signature_check(xml)
end