blob: a115e550e6f9611db9b8ce019274afa0beb1c5eb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
# frozen_string_literal: true
RSpec.describe ::Xml::Kit::Templatable do
class Item
include ::Xml::Kit::Templatable
end
subject { Item.new }
describe '#encrypt_data_for' do
context 'when encrypting xml' do
before do
subject.encrypt = true
subject.encryption_certificate = ::Xml::Kit::KeyPair.generate(use: :encryption).certificate
end
let(:result) do
subject.encrypt_data_for(xml: ::Builder::XmlMarkup.new) do |xml|
xml.HelloWorld Time.now.iso8601
end
end
let(:xml_hash) { Hash.from_xml(result) }
specify { expect(result).to include('EncryptedData') }
specify { expect(xml_hash['EncryptedData']).to be_present }
specify { expect(xml_hash['EncryptedData']['EncryptionMethod']).to be_present }
end
context 'when disabled' do
before do
subject.encrypt = false
subject.encryption_certificate = ::Xml::Kit::KeyPair.generate(use: :encryption).certificate
end
let(:result) do
subject.encrypt_data_for(xml: ::Builder::XmlMarkup.new) do |xml|
xml.HelloWorld Time.now.iso8601
end
end
specify { expect(result).to include('HelloWorld') }
specify { expect(result).not_to include('EncryptedData') }
specify { expect(Hash.from_xml(result)['HelloWorld']).to be_present }
end
context 'when a cert is missing' do
before do
subject.encrypt = true
subject.encryption_certificate = nil
end
let(:result) do
subject.encrypt_data_for(xml: ::Builder::XmlMarkup.new) do |xml|
xml.HelloWorld Time.now.iso8601
end
end
specify { expect(result).to include('HelloWorld') }
specify { expect(result).not_to include('EncryptedData') }
specify { expect(Hash.from_xml(result)['HelloWorld']).to be_present }
end
end
describe '#encrypt_with' do
before do
subject.encrypt_with(key_pair.certificate)
end
let(:key_pair) { ::Xml::Kit::KeyPair.generate(use: :encryption) }
let(:result) do
subject.encrypt_data_for(xml: ::Builder::XmlMarkup.new) do |xml|
xml.HelloWorld Time.now.iso8601
end
end
specify { expect(result).to include('EncryptedData') }
specify { expect(Hash.from_xml(result)['EncryptedData']).to be_present }
specify { expect(Hash.from_xml(result)['EncryptedData']['EncryptionMethod']).to be_present }
end
describe '#to_xml' do
context 'when generating a signed document' do
let(:key_pair) { ::Xml::Kit::KeyPair.generate(use: :signing) }
before do
subject.sign_with(key_pair)
end
it 'produces a valid signature' do
result = subject.to_xml
node = Nokogiri::XML(result).at_xpath('//ds:Signature', ds: ::Xml::Kit::Namespaces::XMLDSIG)
dsignature = Xmldsig::Signature.new(node, 'ID=$uri or @Id')
expect(dsignature).to be_valid(key_pair.certificate.x509)
expect(dsignature.errors).to be_empty
end
end
specify { expect(subject.to_xml).to match_xsd('item') }
context 'with the key extracted to the header' do
let(:xml_hash) { Hash.from_xml(subject.to_xml) }
before do
subject.template_path = './spec/fixtures/item-extracted-key.builder'
end
specify { expect(subject.to_xml).to match_xsd('item-extracted-key') }
specify { expect(xml_hash['Item']['Encrypted']['EncryptedData']['KeyInfo']['RetrievalMethod']).to be_present }
specify { expect(xml_hash['Item']['Encrypted']['EncryptedData']['KeyInfo']['RetrievalMethod']['xmlns']).to eql(::Xml::Kit::Namespaces::XMLDSIG) }
specify { expect(xml_hash['Item']['Encrypted']['EncryptedData']['KeyInfo']['RetrievalMethod']['URI']).to eql('#EK') }
specify { expect(xml_hash['Item']['Encrypted']['EncryptedData']['KeyInfo']['RetrievalMethod']['Type']).to eql('http://www.w3.org/2001/04/xmlenc#EncryptedKey') }
specify { expect(xml_hash['Item']['Encrypted']['EncryptedData']['KeyInfo']['EncryptedKey']).to be_nil }
end
end
end
|
