Class: FakeIdp::Encryptor

Inherits:
Object
  • Object
show all
Defined in:
lib/fake_idp/encryptor.rb

Constant Summary collapse

ENCRYPTION_STRATEGY = 
"aes256-cbc".freeze
KEY_TRANSPORT = 
"rsa-oaep-mgf1p".freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(raw_xml, certificate) ⇒ Encryptor

Returns a new instance of Encryptor.



11
12
13
14
 
# File 'lib/fake_idp/encryptor.rb', line 11

def initialize(raw_xml, certificate)
  @raw_xml = raw_xml
  @certificate = certificate
end

Instance Attribute Details

#certificateObject (readonly)

Returns the value of attribute certificate.



9
10
11
 
# File 'lib/fake_idp/encryptor.rb', line 9

def certificate
  @certificate
end

#encryption_keyObject (readonly)

Returns the value of attribute encryption_key.



9
10
11
 
# File 'lib/fake_idp/encryptor.rb', line 9

def encryption_key
  @encryption_key
end

#raw_xmlObject (readonly)

Returns the value of attribute raw_xml.



9
10
11
 
# File 'lib/fake_idp/encryptor.rb', line 9

def raw_xml
  @raw_xml
end

Instance Method Details

#encryptObject

Encryption approach borrowed from github.com/saml-idp/saml_idp/blob/master/lib/saml_idp/encryptor.rb



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/fake_idp/encryptor.rb', line 18

def encrypt
  encryption_template = Nokogiri::XML::Document.parse(build_encryption_template).root
  encrypted_data = Xmlenc::EncryptedData.new(encryption_template)
  @encryption_key = encrypted_data.encrypt(raw_xml)
  encrypted_key_node = encrypted_data.node.at_xpath(
    "//xenc:EncryptedData/ds:KeyInfo/xenc:EncryptedKey",
    Xmlenc::NAMESPACES,
  )
  encrypted_key = Xmlenc::EncryptedKey.new(encrypted_key_node)
  encrypted_key.encrypt(openssl_cert.public_key, encryption_key)

  xml = Builder::XmlMarkup.new
  xml.EncryptedAssertion(xmlns: "urn:oasis:names:tc:SAML:2.0:assertion") do |enc_assert|
    enc_assert << encrypted_data.node.to_s
  end
end