diff --git a/README.md b/README.md index 347d936..11a42ad 100644 --- a/README.md +++ b/README.md @@ -52,14 +52,14 @@ input_pdf = File.open("example.pdf", "rb") output_pdf = File.open("signed_example.pdf", "wb+") # needs read permission # Load Certificate(s) -certificate = File.open("example_cert.pem", "rb") -private_key = OpenSSL::PKey::RSA.new(certificate, "") -certificate.rewind -public_key = OpenSSL::X509::Certificate.new(certificate) -certificate.close +certificate_file = File.open("example_cert.pem", "rb") +private_key = OpenSSL::PKey::RSA.new(certificate_file, "") +certificate_file.rewind +certificate = OpenSSL::X509::Certificate.new(certificate_file) +certificate_file.close # Will write the signed document to `output_pdf` -Rubrik::Sign.call(input_pdf, output_pdf, private_key:, public_key:, certificate_chain: []) +Rubrik::Sign.call(input_pdf, output_pdf, private_key:, certificate:, certificate_chain: []) # Don't forget to close the files input_pdf.close diff --git a/lib/rubrik/fill_signature.rb b/lib/rubrik/fill_signature.rb index dc6483e..e0f390b 100644 --- a/lib/rubrik/fill_signature.rb +++ b/lib/rubrik/fill_signature.rb @@ -11,13 +11,13 @@ module FillSignature io: T.any(File, StringIO, Tempfile), signature_value_ref: PDF::Reader::Reference, private_key: OpenSSL::PKey::RSA, - public_key: OpenSSL::X509::Certificate, + certificate: OpenSSL::X509::Certificate, certificate_chain: T::Array[OpenSSL::X509::Certificate]) .void} FIRST_OFFSET = 0 - def call(io, signature_value_ref:, private_key:, public_key:, certificate_chain: []) + def call(io, signature_value_ref:, private_key:, certificate:, certificate_chain: []) io.rewind signature_value_offset = PDF::Reader::XRef.new(io)[signature_value_ref] @@ -53,7 +53,7 @@ def call(io, signature_value_ref:, private_key:, public_key:, certificate_chain: io.pos = second_offset data_to_sign += T.must(io.read(second_length)) - signature = PKCS7Signature.call(data_to_sign, private_key:, certificate: public_key) + signature = PKCS7Signature.call(data_to_sign, private_key:, certificate:) hex_signature = T.let(signature, String).unpack1("H*") padded_contents_field = "<#{hex_signature.ljust(Document::SIGNATURE_SIZE, "0")}>" diff --git a/lib/rubrik/sign.rb b/lib/rubrik/sign.rb index f2e6df4..3195d6e 100644 --- a/lib/rubrik/sign.rb +++ b/lib/rubrik/sign.rb @@ -9,10 +9,10 @@ module Sign input: T.any(File, Tempfile, StringIO), output: T.any(File, Tempfile, StringIO), private_key: OpenSSL::PKey::RSA, - public_key: OpenSSL::X509::Certificate, + certificate: OpenSSL::X509::Certificate, certificate_chain: T::Array[OpenSSL::X509::Certificate]) .void} - def self.call(input, output, private_key:, public_key:, certificate_chain: []) + def self.call(input, output, private_key:, certificate:, certificate_chain: []) input.binmode output.reopen(T.unsafe(output), "wb+") if !output.is_a?(StringIO) @@ -22,7 +22,7 @@ def self.call(input, output, private_key:, public_key:, certificate_chain: []) Document::Increment.call(document, io: output) - FillSignature.call(output, signature_value_ref:, private_key:, public_key:, certificate_chain:) + FillSignature.call(output, signature_value_ref:, private_key:, certificate:, certificate_chain:) end end end diff --git a/test/rubrik/sign_test.rb b/test/rubrik/sign_test.rb index bae849b..8eff1bb 100644 --- a/test/rubrik/sign_test.rb +++ b/test/rubrik/sign_test.rb @@ -9,14 +9,14 @@ def test_document_with_interactive_form # Arrange input_pdf = File.open(SupportPDF["with_interactive_form"], "rb") output_pdf = StringIO.new - certificate = File.open("test/support/demo_cert.pem", "rb") + certificate_file = File.open("test/support/demo_cert.pem", "rb") - private_key = OpenSSL::PKey::RSA.new(certificate, "") - certificate.rewind - public_key = OpenSSL::X509::Certificate.new(certificate) + private_key = OpenSSL::PKey::RSA.new(certificate_file, "") + certificate_file.rewind + certificate = OpenSSL::X509::Certificate.new(certificate_file) # Act - Sign.call(input_pdf, output_pdf, private_key:, public_key:) + Sign.call(input_pdf, output_pdf, private_key:, certificate:) # Assert expected_output = File.open(SupportPDF["with_interactive_form.expected"], "rb") @@ -35,7 +35,7 @@ def test_document_with_interactive_form assert_equal(expected_line, actual_line) end ensure - certificate&.close + certificate_file&.close output_pdf&.close input_pdf&.close expected_output&.close @@ -45,14 +45,14 @@ def test_document_without_interactive_form # Arrange input_pdf = File.open(SupportPDF["without_interactive_form"], "rb") output_pdf = StringIO.new - certificate = File.open("test/support/demo_cert.pem", "rb") + certificate_file = File.open("test/support/demo_cert.pem", "rb") - private_key = OpenSSL::PKey::RSA.new(certificate, "") - certificate.rewind - public_key = OpenSSL::X509::Certificate.new(certificate) + private_key = OpenSSL::PKey::RSA.new(certificate_file, "") + certificate_file.rewind + certificate = OpenSSL::X509::Certificate.new(certificate_file) # Act - Sign.call(input_pdf, output_pdf, private_key:, public_key:) + Sign.call(input_pdf, output_pdf, private_key:, certificate:) # Assert expected_output = File.open(SupportPDF["without_interactive_form.expected"], "rb") @@ -71,7 +71,7 @@ def test_document_without_interactive_form assert_equal(expected_line, actual_line) end ensure - certificate&.close + certificate_file&.close output_pdf&.close input_pdf&.close expected_output&.close