UNPKG

tbk_signer

Version:

Firma y verificación de sistema SOAP de Transbank

github.com/FabianBravoA/tbk_signer

FabianBravoA/tbk_signer

74 lines (61 loc) • 2.98 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
const ejs = require('ejs'); const uuid = require('uuid'); const { promisify } = require('util'); const pem = require('pem'); const { SignedXml } = require('xml-crypto'); const tbkHeader = require('../templates/tbkHeader'); const tbkToken = require('../templates/tbkToken'); const wsseSecurityHeaderTemplate = ejs.compile(tbkHeader); const wsseSecurityTokenTemplate = ejs.compile(tbkToken); const insertStr = (src, dst, pos) => [dst.slice(0, pos), src, dst.slice(pos)].join(''); const generateId = () => uuid.v4().replace(/-/gm, ''); const readCertificateInfoPromise = promisify(pem.readCertificateInfo); module.exports = (privatePEM, publicP12PEM) => { const tbkSecurity = {}; tbkSecurity.signer = new SignedXml(); tbkSecurity.publicP12PEM = publicP12PEM .replace('-----BEGIN CERTIFICATE-----', '') .replace('-----END CERTIFICATE-----', '') .replace(/(\r\n|\n|\r)/gm, ''); tbkSecurity.signer.signingKey = privatePEM; tbkSecurity.x509Id = `x509-${generateId()}`; return readCertificateInfoPromise(publicP12PEM) .then( (pemData) => { tbkSecurity.certSerial = ''; if (!Number.isNaN(parseInt(pemData.serial.split(' ')[0], 10)) && pemData.serial.indexOf(':') < 0) { [tbkSecurity.certSerial] = pemData.serial.split(' '); } else { const tokens = pemData.serial.split(':'); tbkSecurity.certSerial = tokens.reduce((acc, elem) => `${acc}${parseInt(`0x${elem}`, 16)}`, ''); } tbkSecurity.issuer = `C=${pemData.issuer.country},ST=${pemData.issuer.state},O=${pemData.issuer.organization},L=${pemData.issuer.locality},CN=${pemData.commonName},OU=${pemData.organizationUnit},emailAddress=${pemData.emailAddress}`; const references = [ 'http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#', ]; tbkSecurity.signer.addReference("//*[local-name(.)='Body']", references); tbkSecurity.signer.keyInfoProvider = {}; tbkSecurity.signer.keyInfoProvider.getKeyInfo = () => wsseSecurityTokenTemplate( { cert: tbkSecurity.publicP12PEM, serialNumber: tbkSecurity.certSerial, issuerName: tbkSecurity.issuer, }, ); tbkSecurity.postProcess = (xml) => { const secHeader = wsseSecurityHeaderTemplate({ cert: tbkSecurity.publicP12PEM, serialNumber: tbkSecurity.certSerial, issuerName: tbkSecurity.issuer, }); const xmlWithSec = insertStr(secHeader, xml, xml.indexOf('</soap:Header>')); tbkSecurity.signer.computeSignature(xmlWithSec); const retXml = insertStr(tbkSecurity.signer.getSignatureXml(), xmlWithSec, xmlWithSec.indexOf('</wsse:Security>')); return retXml.replace(' xmlns:wsse=""', ''); }; return tbkSecurity; }, ); // It is the user responsability to check for errors in this promise };