node-ebics-client/lib/orders/H004/signer.js

'use strict';

// const crypto = require('crypto');
const Crypto = require('../../crypto/Crypto');

const { DOMParser, XMLSerializer } = require('@xmldom/xmldom');
const xpath = require('xpath');
const C14n =	require('xml-crypto/lib/c14n-canonicalization').C14nCanonicalization;

const digest = (doc) => {
	// get the xml node, where the digested value is supposed to be
	const nodeDigestValue = doc.getElementsByTagName('ds:DigestValue')[0];

	// canonicalize the node that has authenticate='true' attribute
	const contentToDigest = xpath
		.select("//*[@authenticate='true']", doc)
		.map(x => new C14n().process(x))
		.join('');

	// fix the canonicalization
	const fixedContent = contentToDigest.replace(
		/xmlns="urn:org:ebics:H004"/g,
		'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',
	);

	if (nodeDigestValue)
		nodeDigestValue.textContent = Crypto.digestWithHash(fixedContent)
			.toString('base64')
			.trim();

	return doc;
};

const sign = (doc, key) => {
	const nodeSignatureValue = doc.getElementsByTagName('ds:SignatureValue')[0];

	if (nodeSignatureValue) {
		const select = xpath.useNamespaces({
			ds: 'http://www.w3.org/2000/09/xmldsig#',
		});
		const contentToSign = new C14n()
			.process(select('//ds:SignedInfo', doc)[0])
			.replace(
				'xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',
				'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',
			);

		nodeSignatureValue.textContent = Crypto.privateSign(key, contentToSign); // this.keys.x().key.sign(contentToSign, 'base64');
	}

	return doc;
};

const toXML = doc => new XMLSerializer().serializeToString(doc);

module.exports = {
	sign(data, keyX) {
		const doc = new DOMParser().parseFromString(data, 'text/xml');

		return toXML(sign(digest(doc), keyX));
	},
};
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`'use strict';`
code optimization 2018-06-15 06:33:41 +00:00
			`// const crypto = require('crypto');`
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`const Crypto = require('../../crypto/Crypto');`
code optimization 2018-06-15 06:33:41 +00:00
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`const { DOMParser, XMLSerializer } = require('@xmldom/xmldom');`
			`const xpath = require('xpath');`
			`const C14n = require('xml-crypto/lib/c14n-canonicalization').C14nCanonicalization;`
code optimization 2018-06-15 06:33:41 +00:00
			`const digest = (doc) => {`
			`// get the xml node, where the digested value is supposed to be`
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`const nodeDigestValue = doc.getElementsByTagName('ds:DigestValue')[0];`
code optimization 2018-06-15 06:33:41 +00:00
			`// canonicalize the node that has authenticate='true' attribute`
feat: update dependencies 2023-10-11 18:58:26 +00:00			`const contentToDigest = xpath`
			`.select("//*[@authenticate='true']", doc)`
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`.map(x => new C14n().process(x))`
			`.join('');`
code optimization 2018-06-15 06:33:41 +00:00
			`// fix the canonicalization`
feat: update dependencies 2023-10-11 18:58:26 +00:00			`const fixedContent = contentToDigest.replace(`
			`/xmlns="urn:org:ebics:H004"/g,`
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',`
feat: update dependencies 2023-10-11 18:58:26 +00:00			`);`
code optimization 2018-06-15 06:33:41 +00:00
			`if (nodeDigestValue)`
feat: update dependencies 2023-10-11 18:58:26 +00:00			`nodeDigestValue.textContent = Crypto.digestWithHash(fixedContent)`
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`.toString('base64')`
feat: update dependencies 2023-10-11 18:58:26 +00:00			`.trim();`
code optimization 2018-06-15 06:33:41 +00:00
			`return doc;`
			`};`

			`const sign = (doc, key) => {`
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`const nodeSignatureValue = doc.getElementsByTagName('ds:SignatureValue')[0];`
code optimization 2018-06-15 06:33:41 +00:00
			`if (nodeSignatureValue) {`
feat: update dependencies 2023-10-11 18:58:26 +00:00			`const select = xpath.useNamespaces({`
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`ds: 'http://www.w3.org/2000/09/xmldsig#',`
feat: update dependencies 2023-10-11 18:58:26 +00:00			`});`
			`const contentToSign = new C14n()`
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`.process(select('//ds:SignedInfo', doc)[0])`
feat: update dependencies 2023-10-11 18:58:26 +00:00			`.replace(`
			`'xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',`
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',`
feat: update dependencies 2023-10-11 18:58:26 +00:00			`);`
code optimization 2018-06-15 06:33:41 +00:00
			`nodeSignatureValue.textContent = Crypto.privateSign(key, contentToSign); // this.keys.x().key.sign(contentToSign, 'base64');`
			`}`

			`return doc;`
			`};`

feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`const toXML = doc => new XMLSerializer().serializeToString(doc);`
code optimization 2018-06-15 06:33:41 +00:00
			`module.exports = {`
client and order optimization 2018-06-20 09:20:03 +00:00			`sign(data, keyX) {`
feat: replace <request> with <rock-req> 2023-10-11 19:15:35 +00:00			`const doc = new DOMParser().parseFromString(data, 'text/xml');`
code optimization 2018-06-15 06:33:41 +00:00
			`return toXML(sign(digest(doc), keyX));`
			`},`
			`};`