Module: KazkomEpay

Extended by:

KazkomEpay, Configurator

Included in:

KazkomEpay

Defined in:

lib/kazkom_epay.rb,
lib/kazkom_epay/version.rb

Defined Under Namespace

Modules: Configurator Classes: Signer

Constant Summary

CONFIGURABLE_ATTRIBUTES =

[:cert_id, :merchant_id, :merchant_name,
:private_key_path, :private_key_password,
:public_key_path]

DEFAULTS =

{
  # test data
  cert_id: "00C182B189",
  merchant_name: "Some Merchant",
  merchant_id: 92061101,

  private_key_path: KazkomEpay.gem_root_path.join('cert', 'test', "test_prv.pem"),
  private_key_password: "nissan",
  public_key_path: KazkomEpay.gem_root_path.join('cert', 'test', "kkbca.pem")
}

VERSION =

"1.5.0"

Class Method Summary

• .gem_root_path ⇒ Object

Instance Method Summary

• #valid_xml_signature?(xml) ⇒ Boolean

  Проверка аутентичности XML-документа, пришедшего от банка.

Methods included from Configurator

configure, configure_for_test

Class Method Details

.gem_root_path ⇒ Object

# File 'lib/kazkom_epay.rb', line 10

def self.gem_root_path
  Pathname.new(File.expand_path '../..', __FILE__)
end

Instance Method Details

#valid_xml_signature?(xml) ⇒ Boolean

Проверка аутентичности XML-документа, пришедшего от банка

Пример использования:

unless KazkomEpay.valid_xml_signature? some_xml_string
  raise "Hack attempt!"
end

Returns:

• (Boolean)

# File 'lib/kazkom_epay.rb', line 77

def valid_xml_signature?(xml)
  # for `Hash.from_xml`
  require 'active_support/core_ext/hash/conversions'

  bank_sign_raw_base64 = Hash.from_xml(xml)['document']['bank_sign']

  bank_part_regexp = /\A<document>(.+)<bank_sign.*\z/

  data_to_validate = bank_part_regexp.match(xml)[1]
  bank_sign_raw = Base64.decode64 bank_sign_raw_base64
  bank_sign_raw.reverse! if reverse_signature

  digest = OpenSSL::Digest::SHA1.new
  cert = OpenSSL::X509::Certificate.new File.read(settings[:public_key_path])

  cert.public_key.verify digest, bank_sign_raw, data_to_validate
end