tomascco · tomascco · Oct 22, 2023 · Oct 22, 2023
diff --git a/README.md b/README.md
@@ -52,14 +52,14 @@ input_pdf = File.open("example.pdf", "rb")
 output_pdf = File.open("signed_example.pdf", "wb+") # needs read permission
 
 # Load Certificate(s)
-certificate = File.open("example_cert.pem", "rb")
-private_key = OpenSSL::PKey::RSA.new(certificate, "")
-certificate.rewind
-public_key = OpenSSL::X509::Certificate.new(certificate)
-certificate.close
+certificate_file = File.open("example_cert.pem", "rb")
+private_key = OpenSSL::PKey::RSA.new(certificate_file, "")
+certificate_file.rewind
+certificate = OpenSSL::X509::Certificate.new(certificate_file)
+certificate_file.close
 
 # Will write the signed document to `output_pdf`
-Rubrik::Sign.call(input_pdf, output_pdf, private_key:, public_key:, certificate_chain: [])
+Rubrik::Sign.call(input_pdf, output_pdf, private_key:, certificate:, certificate_chain: [])
 
 # Don't forget to close the files
 input_pdf.close

diff --git a/lib/rubrik/fill_signature.rb b/lib/rubrik/fill_signature.rb
@@ -11,13 +11,13 @@ module FillSignature
           io: T.any(File, StringIO, Tempfile),
           signature_value_ref: PDF::Reader::Reference,
           private_key: OpenSSL::PKey::RSA,
-          public_key: OpenSSL::X509::Certificate,
+          certificate: OpenSSL::X509::Certificate,
           certificate_chain: T::Array[OpenSSL::X509::Certificate])
         .void}
 
     FIRST_OFFSET = 0
 
-    def call(io, signature_value_ref:, private_key:, public_key:, certificate_chain: [])
+    def call(io, signature_value_ref:, private_key:, certificate:, certificate_chain: [])
       io.rewind
 
       signature_value_offset = PDF::Reader::XRef.new(io)[signature_value_ref]
@@ -53,7 +53,7 @@ def call(io, signature_value_ref:, private_key:, public_key:, certificate_chain:
       io.pos = second_offset
       data_to_sign += T.must(io.read(second_length))
 
-      signature = PKCS7Signature.call(data_to_sign, private_key:, certificate: public_key)
+      signature = PKCS7Signature.call(data_to_sign, private_key:, certificate:)
       hex_signature = T.let(signature, String).unpack1("H*")
 
       padded_contents_field = "<#{hex_signature.ljust(Document::SIGNATURE_SIZE, "0")}>"

diff --git a/lib/rubrik/sign.rb b/lib/rubrik/sign.rb
@@ -9,10 +9,10 @@ module Sign
            input: T.any(File, Tempfile, StringIO),
            output: T.any(File, Tempfile, StringIO),
            private_key: OpenSSL::PKey::RSA,
-           public_key: OpenSSL::X509::Certificate,
+           certificate: OpenSSL::X509::Certificate,
            certificate_chain: T::Array[OpenSSL::X509::Certificate])
          .void}
-    def self.call(input, output, private_key:, public_key:, certificate_chain: [])
+    def self.call(input, output, private_key:, certificate:, certificate_chain: [])
       input.binmode
       output.reopen(T.unsafe(output), "wb+") if !output.is_a?(StringIO)
 
@@ -22,7 +22,7 @@ def self.call(input, output, private_key:, public_key:, certificate_chain: [])
 
       Document::Increment.call(document, io: output)
 
-      FillSignature.call(output, signature_value_ref:, private_key:, public_key:, certificate_chain:)
+      FillSignature.call(output, signature_value_ref:, private_key:, certificate:, certificate_chain:)
     end
   end
 end
diff --git a/test/rubrik/sign_test.rb b/test/rubrik/sign_test.rb
@@ -9,14 +9,14 @@ def test_document_with_interactive_form
       # Arrange
       input_pdf = File.open(SupportPDF["with_interactive_form"], "rb")
       output_pdf = StringIO.new
-      certificate = File.open("test/support/demo_cert.pem", "rb")
+      certificate_file = File.open("test/support/demo_cert.pem", "rb")
 
-      private_key = OpenSSL::PKey::RSA.new(certificate, "")
-      certificate.rewind
-      public_key = OpenSSL::X509::Certificate.new(certificate)
+      private_key = OpenSSL::PKey::RSA.new(certificate_file, "")
+      certificate_file.rewind
+      certificate = OpenSSL::X509::Certificate.new(certificate_file)
 
       # Act
-      Sign.call(input_pdf, output_pdf, private_key:, public_key:)
+      Sign.call(input_pdf, output_pdf, private_key:, certificate:)
 
       # Assert
       expected_output = File.open(SupportPDF["with_interactive_form.expected"], "rb")
@@ -35,7 +35,7 @@ def test_document_with_interactive_form
         assert_equal(expected_line, actual_line)
         end
     ensure
-      certificate&.close
+      certificate_file&.close
       output_pdf&.close
       input_pdf&.close
       expected_output&.close
@@ -45,14 +45,14 @@ def test_document_without_interactive_form
       # Arrange
       input_pdf = File.open(SupportPDF["without_interactive_form"], "rb")
       output_pdf = StringIO.new
-      certificate = File.open("test/support/demo_cert.pem", "rb")
+      certificate_file = File.open("test/support/demo_cert.pem", "rb")
 
-      private_key = OpenSSL::PKey::RSA.new(certificate, "")
-      certificate.rewind
-      public_key = OpenSSL::X509::Certificate.new(certificate)
+      private_key = OpenSSL::PKey::RSA.new(certificate_file, "")
+      certificate_file.rewind
+      certificate = OpenSSL::X509::Certificate.new(certificate_file)
 
       # Act
-      Sign.call(input_pdf, output_pdf, private_key:, public_key:)
+      Sign.call(input_pdf, output_pdf, private_key:, certificate:)
 
       # Assert
       expected_output = File.open(SupportPDF["without_interactive_form.expected"], "rb")
@@ -71,7 +71,7 @@ def test_document_without_interactive_form
         assert_equal(expected_line, actual_line)
       end
     ensure
-      certificate&.close
+      certificate_file&.close
       output_pdf&.close
       input_pdf&.close
       expected_output&.close