Module: SignedXml::DigestMethodResolution

Includes:
OpenSSL
Included in:
DigestTransform, Signature
Defined in:
lib/signed_xml/digest_method_resolution.rb

Constant Summary collapse

SHA1_IDS =

The XML Signature Syntax and Processing (Second Edition) specification defines IDs for algorithms which must be supported by implementations. It also defines IDs for some algorithms which it recommends be supported. See www.w3.org/TR/xmldsig-core/#sec-AlgID.

The XML Encryption Syntax and Processing Version 1.1 specification defines IDs for its own set of required and recommended algorithms, and some of these have been seen in signed XML docs in the wild. See www.w3.org/TR/xmlenc-core1/#sec-AlgID

RFC 6931 defines IDs for yet more algorithms which have also been encountered in the wild. See tools.ietf.org/html/rfc6931.

Note that some of these are encryption algorithms, of which the digest or hashing algorithm is only one component. Nevertheless, it is the only component this method aims to identify.

%w(
  http://www.w3.org/2000/09/xmldsig#sha1
  http://www.w3.org/2000/09/xmldsig#dsa-sha1
  http://www.w3.org/2000/09/xmldsig#rsa-sha1
)
SHA224_IDS = 
%w(
  http://www.w3.org/2001/04/xmldsig-more#sha224
)
SHA256_IDS = 
%w(
  http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
  http://www.w3.org/2001/04/xmlenc#sha256
)
SHA384_IDS = 
%w(
  http://www.w3.org/2001/04/xmldsig-more#sha384
  http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
  http://www.w3.org/2001/04/xmlenc#sha384
)
SHA512_IDS = 
%w(
  http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
  http://www.w3.org/2001/04/xmlenc#sha512
)

Instance Method Summary collapse

Instance Method Details

#new_digester_for_id(id) ⇒ Object 



47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
# File 'lib/signed_xml/digest_method_resolution.rb', line 47

def new_digester_for_id(id)
  case id
    when *SHA1_IDS
      Digest::SHA1.new
    when *SHA224_IDS
      Digest::SHA224.new
    when *SHA256_IDS
      Digest::SHA256.new
    when *SHA384_IDS
      Digest::SHA384.new
    when *SHA512_IDS
      Digest::SHA512.new
    else
      raise ArgumentError, "unknown digest method #{id}"
  end
end