Class: WSS4R::Security::Xml::EncryptedData
- Inherits:
-
Object
- Object
- WSS4R::Security::Xml::EncryptedData
- Defined in:
- lib/wss4r/security/xml/encrypted_data.rb
Instance Attribute Summary collapse
-
#algorithm ⇒ Object
Returns the value of attribute algorithm.
-
#cipher_value ⇒ Object
Returns the value of attribute cipher_value.
-
#ref_id ⇒ Object
Returns the value of attribute ref_id.
-
#security_token ⇒ Object
Returns the value of attribute security_token.
-
#sessionkey_algorithm ⇒ Object
Returns the value of attribute sessionkey_algorithm.
Instance Method Summary collapse
- #decrypt(document, encrypted_key) ⇒ Object
-
#initialize(security_token = nil) ⇒ EncryptedData
constructor
A new instance of EncryptedData.
- #process(document) ⇒ Object
- #unprocess(encrypted_data) ⇒ Object
Constructor Details
#initialize(security_token = nil) ⇒ EncryptedData
Returns a new instance of EncryptedData.
8 9 10 11 12 13 |
# File 'lib/wss4r/security/xml/encrypted_data.rb', line 8 def initialize(security_token=nil) if (security_token != nil) @security_token = security_token end @sessionkey_algorithm = Types::ALGORITHM_3DES_CBC end |
Instance Attribute Details
#algorithm ⇒ Object
Returns the value of attribute algorithm.
6 7 8 |
# File 'lib/wss4r/security/xml/encrypted_data.rb', line 6 def algorithm @algorithm end |
#cipher_value ⇒ Object
Returns the value of attribute cipher_value.
6 7 8 |
# File 'lib/wss4r/security/xml/encrypted_data.rb', line 6 def cipher_value @cipher_value end |
#ref_id ⇒ Object
Returns the value of attribute ref_id.
6 7 8 |
# File 'lib/wss4r/security/xml/encrypted_data.rb', line 6 def ref_id @ref_id end |
#security_token ⇒ Object
Returns the value of attribute security_token.
6 7 8 |
# File 'lib/wss4r/security/xml/encrypted_data.rb', line 6 def security_token @security_token end |
#sessionkey_algorithm ⇒ Object
Returns the value of attribute sessionkey_algorithm.
6 7 8 |
# File 'lib/wss4r/security/xml/encrypted_data.rb', line 6 def sessionkey_algorithm @sessionkey_algorithm end |
Instance Method Details
#decrypt(document, encrypted_key) ⇒ Object
81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 |
# File 'lib/wss4r/security/xml/encrypted_data.rb', line 81 def decrypt(document, encrypted_key) if (algorithm == Types::ALGORITHM_3DES_CBC) symmetric_encrypter = TripleDESSymmetricEncrypter.new(encrypted_key.symmetric_key()) elsif (algorithm == Types::ALGORITHM_AES_CBC) symmetric_encrypter = AESSymmetricEncrypter.new(encrypted_key.symmetric_key()) elsif (algorithm == Types::ALGORITHM_AES128_CBC) symmetric_encrypter = AES128SymmetricEncrypter.new(encrypted_key.symmetric_key()) else raise "Unsupported encryption algorithm #{algorithm}" end raw_data = Base64.decode64(@cipher_value) symmetric_encrypter.iv=(raw_data) decrypted_element = symmetric_encrypter.decrypt(raw_data) reference = encrypted_key.reference_list().uris()[0] reference = reference[1..-1] # remove leading # encrypted_element = XPath.first(document, "//*[@Id='"+reference+"']") parent = encrypted_element.parent() #document.root().delete_element("//" + Names::SECURITY) parent.delete(encrypted_element) new_element = Document.new(decrypted_element) parent.add(new_element) #puts("encrypted_data.decrypt: " + element.to_s()) end |
#process(document) ⇒ Object
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 |
# File 'lib/wss4r/security/xml/encrypted_data.rb', line 24 def process(document) root = document.root() soap_ns = nil soap_prefix = root.prefix() root.attributes.each_attribute() {|attr| if (attr.value() == Namespaces::S11) soap_ns = Namespaces::S11 end if (attr.value() == Namespaces::S12) soap_ns = Namespaces::S12 end } old_soap_body = XPath.first(document, "/env:Envelope/env:Body", {SOAPParser::soap_prefix=>SOAPParser::soap_ns}) #old_soap_body = SOAPParser.part(SOAPParser::BODY) soap_body_string = "" if defined?(REXML::Formatters) formatter = REXML::Formatters::Default.new old_soap_body.each_element(){|e| formatter.write(e, soap_body_string) } else old_soap_body.each_element(){|e| e.write(soap_body_string) } end root.delete(old_soap_body) soap_body = root.add_element(Names::BODY) old_soap_body.attributes().each_attribute{|a| soap_body.add_attribute(a.(), a.value()) #puts(a.expanded_name() + " => " + a.value()) } digest = CryptHash.new().digest_b64(soap_body.to_s()).strip() encrypted_data = soap_body.add_element(Names::ENCRYPTED_DATA) encrypted_data.add_namespace("xmlns:xenc", Namespaces::XENC) @ref_id = "EncryptedContent-"+digest.to_s() encrypted_data.add_attributes({"Type"=>Types::XENC_CONTENT, "Id"=>@ref_id}) if (@sessionkey_algorithm == Types::ALGORITHM_3DES_CBC) symmetric_encrypter = TripleDESSymmetricEncrypter.new() elsif (@sessionkey_algorithm == Types::ALGORITHM_AES_CBC) symmetric_encrypter = AESSymmetricEncrypter.new() elsif (@sessionkey_algorithm == Types::ALGORITHM_AES128_CBC) symmetric_encrypter = AES128SymmetricEncrypter.new() else raise "Unsupported encryption algorithm #{@sessionkey_algorithm}" end encryption_method = encrypted_data.add_element(Names::ENCRYPTION_METHOD) encryption_method.add_attribute("Algorithm", @sessionkey_algorithm) encrypted_body = symmetric_encrypter.encrypt_to_b64(symmetric_encrypter.iv() + soap_body_string) encrypted_key = EncryptedKey.new(@security_token, symmetric_encrypter, self) cipher_data = encrypted_data.add_element(Names::CIPHER_DATA) cipher_value = cipher_data.add_element(Names::CIPHER_VALUE) cipher_value.text=(encrypted_body.gsub("\n","")) encrypted_key.process(document) end |
#unprocess(encrypted_data) ⇒ Object
15 16 17 18 19 20 21 22 |
# File 'lib/wss4r/security/xml/encrypted_data.rb', line 15 def unprocess(encrypted_data) cipher_value = XPath.first(encrypted_data, "xenc:CipherData/xenc:CipherValue", {"xenc" => Namespaces::XENC}) algorithm = XPath.first(encrypted_data, "xenc:EncryptionMethod", {"xenc" => Namespaces::XENC}) ref_id = encrypted_data.attributes["Id"] self.cipher_value=(cipher_value.text()) self.ref_id=(ref_id) self.algorithm=(algorithm.attributes["Algorithm"]) end |