Sha256: fb776e2389d2818292ece42f03fb60776fa375f14990b2a3b840fd76c02022cb

Contents?: true

Size: 1.28 KB

Versions: 6

Compression:

Stored size: 1.28 KB

Contents

module Saml
  module Kit
    class XmlDecryption
      attr_reader :private_keys

      def initialize(configuration: Saml::Kit.configuration)
        @private_keys = configuration.private_keys(use: :encryption)
      end

      def decrypt(data)
        encrypted_data = data['EncryptedData']
        symmetric_key = symmetric_key_from(encrypted_data)
        cipher_text = Base64.decode64(encrypted_data["CipherData"]["CipherValue"])
        to_plaintext(cipher_text, symmetric_key, encrypted_data["EncryptionMethod"]['Algorithm'])
      end

      private

      def symmetric_key_from(encrypted_data)
        encrypted_key = encrypted_data['KeyInfo']['EncryptedKey']
        cipher_text = Base64.decode64(encrypted_key['CipherData']['CipherValue'])
        attempts = private_keys.count
        private_keys.each do |private_key|
          begin
            attempts -= 1
            return to_plaintext(cipher_text, private_key, encrypted_key["EncryptionMethod"]['Algorithm'])
          rescue OpenSSL::PKey::RSAError => error
            Saml::Kit.logger.error(error)
            raise if attempts.zero?
          end
        end
      end

      def to_plaintext(cipher_text, symmetric_key, algorithm)
        Crypto.decryptor_for(algorithm, symmetric_key).decrypt(cipher_text)
      end
    end
  end
end

Version data entries

6 entries across 6 versions & 1 rubygems

Version Path
saml-kit-0.2.14 lib/saml/kit/xml_decryption.rb
saml-kit-0.2.13 lib/saml/kit/xml_decryption.rb
saml-kit-0.2.12 lib/saml/kit/xml_decryption.rb
saml-kit-0.2.11 lib/saml/kit/xml_decryption.rb
saml-kit-0.2.10 lib/saml/kit/xml_decryption.rb
saml-kit-0.2.9 lib/saml/kit/xml_decryption.rb