Class: SAML2::KeyInfo
Overview
This represents the XML Signatures <KeyInfo> element, and actually contains a reference to an X.509 certificate, not solely a public key.
Direct Known Subclasses
Instance Attribute Summary collapse
-
#key ⇒ OpenSSL::PKey::PKey
An RSA Public Key.
-
#x509 ⇒ String
The PEM encoded certificate.
Attributes inherited from Base
Class Method Summary collapse
-
.format_fingerprint(fingerprint) ⇒ String
Formats a fingerprint as all lowercase, with a : every two characters, stripping all non-hexadecimal characters.
Instance Method Summary collapse
-
#build(builder) ⇒ void
Serialize this object to XML, as part of a larger document.
- #certificate ⇒ OpenSSL::X509::Certificate
- #fingerprint ⇒ String
-
#from_xml(node) ⇒ void
Parse an XML element into this object.
-
#initialize(x509 = nil) ⇒ KeyInfo
constructor
A new instance of KeyInfo.
- #public_key ⇒ OpenSSL::PKey::PKey
Methods inherited from Base
#decrypt, from_xml, #inspect, load_object_array, load_string_array, lookup_qname, #to_s, #to_xml
Constructor Details
#initialize(x509 = nil) ⇒ KeyInfo
Returns a new instance of KeyInfo.
18 19 20 |
# File 'lib/saml2/key.rb', line 18 def initialize(x509 = nil) self.x509 = x509 end |
Instance Attribute Details
#key ⇒ OpenSSL::PKey::PKey
Returns An RSA Public Key.
15 16 17 |
# File 'lib/saml2/key.rb', line 15 def key @key end |
#x509 ⇒ String
Returns The PEM encoded certificate.
13 14 15 |
# File 'lib/saml2/key.rb', line 13 def x509 @x509 end |
Class Method Details
.format_fingerprint(fingerprint) ⇒ String
Formats a fingerprint as all lowercase, with a : every two characters, stripping all non-hexadecimal characters.
54 55 56 |
# File 'lib/saml2/key.rb', line 54 def self.format_fingerprint(fingerprint) fingerprint.downcase.gsub(/[^0-9a-f]/, '').gsub(/(\h{2})(?=\h)/, '\1:') end |
Instance Method Details
#build(builder) ⇒ void
This method returns an undefined value.
Serialize this object to XML, as part of a larger document
65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 |
# File 'lib/saml2/key.rb', line 65 def build(builder) builder['dsig'].KeyInfo do |key_info| if x509 key_info['dsig'].X509Data do |x509_data| x509_data['dsig'].X509Certificate(x509) end end if key.is_a?(OpenSSL::PKey::RSA) key_info['dsig'].KeyValue do |key_value| key_value['dsig'].RSAKeyValue do |rsa_key_value| rsa_key_value['dsig'].Modulus(Base64.encode64(key.n.to_s(2))) rsa_key_value['dsig'].Exponent(Base64.encode64(key.e.to_s(2))) end end end end end |
#certificate ⇒ OpenSSL::X509::Certificate
40 41 42 43 |
# File 'lib/saml2/key.rb', line 40 def certificate return nil if x509.nil? @certificate ||= OpenSSL::X509::Certificate.new(Base64.decode64(x509)) end |
#fingerprint ⇒ String
59 60 61 62 |
# File 'lib/saml2/key.rb', line 59 def fingerprint return nil unless certificate @fingerprint ||= self.class.format_fingerprint(Digest::SHA1.hexdigest(certificate.to_der)) end |
#from_xml(node) ⇒ void
This method returns an undefined value.
Parse an XML element into this object.
23 24 25 26 27 28 29 30 31 32 33 |
# File 'lib/saml2/key.rb', line 23 def from_xml(node) self.x509 = node.at_xpath('dsig:X509Data/dsig:X509Certificate', Namespaces::ALL)&.content&.strip if (rsa_key_value = node.at_xpath('dsig:KeyValue/dsig:RSAKeyValue', Namespaces::ALL)) modulus = crypto_binary_to_integer(rsa_key_value.at_xpath('dsig:Modulus', Namespaces::ALL)&.content&.strip) exponent = crypto_binary_to_integer(rsa_key_value.at_xpath('dsig:Exponent', Namespaces::ALL)&.content&.strip) if modulus && exponent @key = OpenSSL::PKey::RSA.new key.set_key(modulus, exponent, nil) end end end |
#public_key ⇒ OpenSSL::PKey::PKey
46 47 48 |
# File 'lib/saml2/key.rb', line 46 def public_key key || certificate&.public_key end |