Class: SAML2::Key

Inherits:

Object

• Object
• SAML2::Key

Defined in:

lib/saml2/key.rb

Defined Under Namespace

Modules: Type

Instance Attribute Summary

• #encryption_methods ⇒ Object

  Returns the value of attribute encryption_methods.

• #use ⇒ Object

  Returns the value of attribute use.

• #x509 ⇒ Object

  Returns the value of attribute x509.

Class Method Summary

• .from_xml(node) ⇒ Object

Instance Method Summary

• #build(builder) ⇒ Object
• #certificate ⇒ Object
• #encryption? ⇒ Boolean
• #fingerprint ⇒ Object
• #initialize(x509, use = nil, encryption_methods = []) ⇒ Key constructor

  A new instance of Key.

• #signing? ⇒ Boolean

Constructor Details

#initialize(x509, use = nil, encryption_methods = []) ⇒ Key

Returns a new instance of Key.

# File 'lib/saml2/key.rb', line 20

def initialize(x509, use = nil, encryption_methods = [])
  @use, @x509, @encryption_methods = use, x509.gsub(/\w*-+(BEGIN|END) CERTIFICATE-+\w*/, "").strip, encryption_methods
end

Instance Attribute Details

#encryption_methods ⇒ Object

Returns the value of attribute encryption_methods.

# File 'lib/saml2/key.rb', line 10

def encryption_methods
  @encryption_methods
end

#use ⇒ Object

Returns the value of attribute use.

# File 'lib/saml2/key.rb', line 10

def use
  @use
end

#x509 ⇒ Object

Returns the value of attribute x509.

# File 'lib/saml2/key.rb', line 10

def x509
  @x509
end

Class Method Details

.from_xml(node) ⇒ Object

# File 'lib/saml2/key.rb', line 12

def self.from_xml(node)
  return nil unless node

  x509 = node.at_xpath('dsig:KeyInfo/dsig:X509Data/dsig:X509Certificate', Namespaces::ALL)
  methods = node.xpath('xenc:EncryptionMethod', Namespaces::ALL)
  new(x509 && x509.content.strip, node['use'], methods.map { |m| m['Algorithm'] })
end

Instance Method Details

#build(builder) ⇒ Object

# File 'lib/saml2/key.rb', line 40

def build(builder)
  builder['md'].KeyDescriptor do |builder|
    builder.parent['use'] = use if use
    builder['dsig'].KeyInfo do |builder|
      builder['dsig'].X509Data do |builder|
        builder['dsig'].X509Certificate(x509)
      end
    end
    encryption_methods.each do |method|
      builder['xenc'].EncryptionMethod('Algorithm' => method)
    end
  end
end

#certificate ⇒ Object

# File 'lib/saml2/key.rb', line 32

def certificate
  @certificate ||= OpenSSL::X509::Certificate.new(Base64.decode64(x509))
end

#encryption? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/saml2/key.rb', line 24

def encryption?
  use.nil? || use == Type::ENCRYPTION
end

#fingerprint ⇒ Object

# File 'lib/saml2/key.rb', line 36

def fingerprint
  @fingerprint ||= Digest::SHA1.hexdigest(certificate.to_der).gsub(/(\h{2})(?=\h)/, '\1:')
end

#signing? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/saml2/key.rb', line 28

def signing?
  use.nil? || use == Type::SIGNING
end