I need to sign xml using ruby, someone know any method or lib for that?
My xml skeleton is:
<?xml version="1.0" encoding="ISO-8859-1"?>
<Message>
<MessageId>
<ServiceId>service</ServiceId>
<Version>1.0</Version>
<MsgDesc>Service Description</MsgDesc>
<Code>4</Code>
<FromAddress>from</FromAddress>
<ToAddress>to</ToAddress>
<Date>2012-10-29</Date>
</MessageId>
<MessageBody/>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>??????</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>????????????</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>????????</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</message>
I tried this code for DigestValue and I have tested it, comparing it with my java example, but DigestValue is not matching with the response of my java example:
require 'base64'
require 'openssl'
to_sign_xml = File.read 'service.xml'
digest = OpenSSL::Digest::SHA1.digest(to_sign_xml)
digest = Base64.encode64(digest.to_s).gsub(/\n/, '')
raise digest.inspect
My file service.xml contain that:
<Message>
<MessageId>
<ServiceId>service</ServiceId>
<Version>1.0</Version>
<MsgDesc>Service Description</MsgDesc>
<Code>4</Code>
<FromAddress>from</FromAddress>
<ToAddress>to</ToAddress>
<Date>2012-10-29</Date>
</MessageId>
<MessageBody/>
<Message>
If you’re still interested I made this gem a week ago. It’s still in development but the basic stuff is implemented. This gem is tested against signatures created with the xmlsec library.
http://www.aleksey.com/xmlsec/
I’m actively working with this gem at the moment so bugs should be fixed relatively quick.
https://rubygems.org/gems/xmldsig