Commit 9d46474
Changed files (8)
lib
spec
xml
lib/xml/kit/certificate.rb
@@ -7,9 +7,7 @@ module Xml
# {include:file:spec/xml/kit/certificate_spec.rb}
class Certificate
include Templatable
- # rubocop:disable Metrics/LineLength
BASE64_FORMAT = %r(\A([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\Z).freeze
- # rubocop:enable Metrics/LineLength
BEGIN_CERT = /-----BEGIN CERTIFICATE-----/.freeze
END_CERT = /-----END CERTIFICATE-----/.freeze
# The use can be `:signing` or `:encryption`. Use `nil` for both.
lib/xml/kit/decryption.rb
@@ -56,12 +56,10 @@ module Xml
def symmetric_key_from(encrypted_key, attempts = private_keys.count)
cipher, algorithm = cipher_and_algorithm_from(encrypted_key)
private_keys.each do |private_key|
- begin
- attempts -= 1
- return to_plaintext(cipher, private_key, algorithm)
- rescue OpenSSL::PKey::RSAError
- raise if attempts.zero?
- end
+ attempts -= 1
+ return to_plaintext(cipher, private_key, algorithm)
+ rescue OpenSSL::PKey::RSAError
+ raise if attempts.zero?
end
raise DecryptionError, private_keys
end
lib/xml/kit/templatable.rb
@@ -76,9 +76,7 @@ module Xml
# @abstract
# @since 0.3.0
def asymmetric_cipher(algorithm: Crypto::RsaCipher::ALGORITHM)
- unless encryption_certificate
- raise Xml::Kit::Error, 'encryption_certificate is not specified.'
- end
+ raise Xml::Kit::Error, 'encryption_certificate is not specified.' unless encryption_certificate
@asymmetric_cipher ||= Crypto.cipher_for(
algorithm,
spec/xml/kit/crypto/symmetric_cipher_spec.rb
@@ -1,11 +1,11 @@
# frozen_string_literal: true
RSpec.describe ::Xml::Kit::Crypto::SymmetricCipher do
- [
- 'aes128-cbc',
- 'aes192-cbc',
- 'aes256-cbc',
- 'tripledes-cbc',
+ %w[
+ aes128-cbc
+ aes192-cbc
+ aes256-cbc
+ tripledes-cbc
].each do |algorithm|
describe algorithm do
let(:xml_algorithm) { "#{::Xml::Kit::Namespaces::XMLENC}#{algorithm}" }
spec/xml/kit/signatures_spec.rb
@@ -27,6 +27,7 @@ RSpec.describe ::Xml::Kit::Signatures do
specify { expect(signature['SignedInfo']['Reference']['DigestValue']).to be_present }
specify { expect(signature['SignatureValue']).to be_present }
specify { expect(OpenSSL::X509::Certificate.new(Base64.decode64(signature['KeyInfo']['X509Data']['X509Certificate']))).to be_present }
+
specify do
expect(signature['SignedInfo']['Reference']['Transforms']['Transform']).to match_array([
{ 'Algorithm' => 'http://www.w3.org/2000/09/xmldsig#enveloped-signature' },
spec/xml/kit/soap_spec.rb
@@ -9,6 +9,7 @@ RSpec.describe Soap do
specify { expect(result['Envelope']).to be_present }
specify { expect(result['Envelope']['Header']).to be_present }
+
specify do
cipher_value = result['Envelope']['Header']['Security']['EncryptedKey']['CipherData']['CipherValue']
symmetric_key = key_pair.private_key.private_decrypt(Base64.decode64(cipher_value))
spec/spec_helper.rb
@@ -12,7 +12,7 @@ require 'tempfile'
Xml::Kit.logger.level = Logger::FATAL
-Dir[File.join(Dir.pwd, 'spec/support/**/*.rb')].each { |f| require f }
+Dir[File.join(Dir.pwd, 'spec/support/**/*.rb')].sort.each { |f| require f }
RSpec.configure do |config|
# Enable flags like --only-failures and --next-failure
config.example_status_persistence_file_path = '.rspec_status'
.rubocop.yml
@@ -9,7 +9,7 @@ AllCops:
- 'spec/fixtures/**/*'
- 'tmp/**/*'
- 'vendor/**/*'
- TargetRubyVersion: 2.4
+ TargetRubyVersion: 2.5
Layout/ClassStructure:
Enabled: true
@@ -30,10 +30,10 @@ Layout/ClassStructure:
Layout/EndOfLine:
EnforcedStyle: lf
-Layout/IndentFirstArrayElement:
+Layout/FirstArrayElementIndentation:
EnforcedStyle: consistent
-Layout/IndentHeredoc:
+Layout/HeredocIndentation:
EnforcedStyle: active_support
Layout/MultilineOperationIndentation:
@@ -47,6 +47,10 @@ Lint/InterpolationCheck:
Exclude:
- 'spec/**/*.rb'
+Metrics/AbcSize:
+ Exclude:
+ - 'lib/xml/kit/self_signed_certificate.rb'
+
Metrics/BlockLength:
Exclude:
- '**/**/*.builder'
@@ -87,9 +91,16 @@ Style/TrailingCommaInHashLiteral:
RSpec/ExampleLength:
Max: 80
+RSpec/LeakyConstantDeclaration:
+ Exclude:
+ - 'spec/xml/kit/templatable_spec.rb'
+
RSpec/MultipleExpectations:
Enabled: false
+RSpec/MultipleMemoizedHelpers:
+ Enabled: false
+
RSpec/NamedSubject:
Enabled: false