blob: 27a57232f119983c296bc3c269e5576a97e52f44 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
# frozen_string_literal: true
require 'xml/kit/key_info/key_value'
require 'xml/kit/key_info/retrieval_method'
require 'xml/kit/key_info/rsa_key_value'
module Xml
module Kit
# An implementation of the KeyInfo element.
# https://www.w3.org/TR/xmldsig-core1/#sec-KeyInfo
#
# @since 0.3.0
class KeyInfo
include Templatable
attr_accessor :key_name
attr_accessor :x509_data
attr_accessor :encrypted_key
def initialize(x509: nil, encrypted_key: nil)
@encrypted_key = encrypted_key
@x509_data = x509
yield self if block_given?
end
def asymmetric_cipher(algorithm: Crypto::RsaCipher::ALGORITHM)
return encrypted_key.asymmetric_cipher if encrypted_key
if x509_data
return Crypto.cipher_for(
derive_algorithm_from(x509_data.public_key),
x509_data.public_key
)
end
super(algorithm: algorithm)
end
def symmetric_cipher
return super if encrypted_key.nil?
encrypted_key.symmetric_cipher
end
def key_value
@key_value ||= KeyValue.new
end
def retrieval_method
@retrieval_method ||= RetrievalMethod.new
end
def subject_key_identifier
ski = x509_data.extensions.find { |x| x.oid == 'subjectKeyIdentifier' }
return if ski.nil?
Base64.strict_encode64(ski.value)
end
private
def derive_algorithm_from(key)
case key
when OpenSSL::PKey::RSA
"#{::Xml::Kit::Namespaces::XMLENC}rsa-1_5"
else
raise ::Xml::Kit::Error, "#{key.try(:class)} is not supported"
end
end
end
end
end
|
