Commit 1f8aa60
Changed files (4)
lib
xml
kit
spec
support
lib/xml/kit/decryption.rb
@@ -34,6 +34,15 @@ module Xml
to_plaintext(cipher_text, symmetric_key, encrypted_data["EncryptionMethod"]['Algorithm'])
end
+ def decrypt_node(node)
+ return node unless !node.nil? && "EncryptedData" == node.name
+
+ parent = node.parent
+ grand_parent = parent.parent
+ parent.swap(decrypt_xml(node.to_s))
+ grand_parent
+ end
+
private
def symmetric_key_from(encrypted_data)
@@ -44,8 +53,7 @@ module Xml
begin
attempts -= 1
return to_plaintext(cipher_text, private_key, encrypted_key["EncryptionMethod"]['Algorithm'])
- rescue OpenSSL::PKey::RSAError => error
- ::Xml::Kit.logger.error(error)
+ rescue OpenSSL::PKey::RSAError
raise if attempts.zero?
end
end
spec/support/item.rb
@@ -0,0 +1,19 @@
+class Item
+ include ::Xml::Kit::Templatable
+
+ attr_reader :id, :signing_key_pair, :encryption_key_pair
+
+ def initialize
+ @id = ::Xml::Kit::Id.generate
+ @signing_key_pair = ::Xml::Kit::KeyPair.generate(use: :signing)
+ @embed_signature = true
+ @encrypt = true
+ @encryption_key_pair = ::Xml::Kit::KeyPair.generate(use: :encryption)
+ @encryption_certificate = @encryption_key_pair.certificate
+ end
+
+ def template_path
+ current_path = File.expand_path(File.dirname(__FILE__))
+ File.join(current_path, "../fixtures/item.builder")
+ end
+end
spec/xml/decryption_spec.rb
@@ -131,4 +131,26 @@ RSpec.describe Xml::Kit::Decryption do
end.to raise_error(OpenSSL::PKey::RSAError)
end
end
+
+ describe "#decrypt_document" do
+ let(:item) { Item.new }
+ let(:document) { Nokogiri::XML(item.to_xml) }
+ let(:subject) { described_class.new(private_keys: [item.encryption_key_pair.private_key]) }
+
+ it 'decrypts a nokogiri document' do
+ node = document.at_xpath('/Item/Encrypted/xmlenc:EncryptedData', 'xmlenc' => "http://www.w3.org/2001/04/xmlenc#")
+ result = subject.decrypt_node(node)
+ expect(result.to_s).to include("EncryptMe")
+ end
+
+ it 'returns the node when it does not contain an EncryptedData' do
+ document = Nokogiri::XML("<hello><world></world></hello>")
+ node = document.at_xpath("//hello/world")
+ expect(subject.decrypt_node(node)).to eql(node)
+ end
+
+ it 'returns nil when the node is nil' do
+ expect(subject.decrypt_node(nil)).to be_nil
+ end
+ end
end
spec/xml/document_spec.rb
@@ -1,23 +1,4 @@
RSpec.describe Xml::Kit::Document do
- class Item
- include ::Xml::Kit::Templatable
-
- attr_reader :id, :signing_key_pair
-
- def initialize
- @id = ::Xml::Kit::Id.generate
- @signing_key_pair = ::Xml::Kit::KeyPair.generate(use: :signing)
- @embed_signature = true
- @encrypt = true
- @encryption_certificate = ::Xml::Kit::KeyPair.generate(use: :encryption).certificate
- end
-
- def template_path
- current_path = File.expand_path(File.dirname(__FILE__))
- File.join(current_path, "../fixtures/item.builder")
- end
- end
-
describe "#valid_signature?" do
let(:login_url) { "https://#{FFaker::Internet.domain_name}/login" }
let(:logout_url) { "https://#{FFaker::Internet.domain_name}/logout" }