-
Notifications
You must be signed in to change notification settings - Fork 177
/
Copy pathenveloped-signature.ts
61 lines (55 loc) · 2.04 KB
/
enveloped-signature.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
import * as xpath from "xpath";
import * as isDomNode from "@xmldom/is-dom-node";
import type {
CanonicalizationOrTransformationAlgorithm,
CanonicalizationOrTransformationAlgorithmProcessOptions,
CanonicalizationOrTransformAlgorithmType,
} from "./types";
export class EnvelopedSignature implements CanonicalizationOrTransformationAlgorithm {
protected includeComments = false;
constructor() {
this.includeComments = false;
}
process(node: Node, options: CanonicalizationOrTransformationAlgorithmProcessOptions): Node {
if (null == options.signatureNode) {
const signature = xpath.select1(
"./*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
node,
);
if (isDomNode.isNodeLike(signature) && signature.parentNode) {
signature.parentNode.removeChild(signature);
}
return node;
}
const signatureNode = options.signatureNode;
const expectedSignatureValue = xpath.select1(
".//*[local-name(.)='SignatureValue']/text()",
signatureNode,
);
if (isDomNode.isTextNode(expectedSignatureValue)) {
const expectedSignatureValueData = expectedSignatureValue.data;
const signatures = xpath.select(
".//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
node,
);
for (const nodeSignature of Array.isArray(signatures) ? signatures : []) {
const signatureValue = xpath.select1(
".//*[local-name(.)='SignatureValue']/text()",
nodeSignature,
);
if (isDomNode.isTextNode(signatureValue)) {
const signatureValueData = signatureValue.data;
if (expectedSignatureValueData === signatureValueData) {
if (nodeSignature.parentNode) {
nodeSignature.parentNode.removeChild(nodeSignature);
}
}
}
}
}
return node;
}
getAlgorithmName(): CanonicalizationOrTransformAlgorithmType {
return "http://www.w3.org/2000/09/xmldsig#enveloped-signature";
}
}