ruby-saml-mod 0.1.11 → 0.1.12

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. data/lib/xml_sec.rb +5 -6
  2. data/ruby-saml-mod.gemspec +2 -2
  3. metadata +5 -4
data/lib/xml_sec.rb CHANGED
@@ -58,11 +58,10 @@ module XMLSecurity
58
58
 
59
59
  def validate_doc(base64_cert, logger)
60
60
  # validate references
61
-
62
61
  sig_element = find_first("//ds:Signature", { "ds" => "http://www.w3.org/2000/09/xmldsig#" })
63
62
 
64
63
  # check digests
65
- sig_element.find("//ds:Reference", { "ds" => "http://www.w3.org/2000/09/xmldsig#" }).each do |ref|
64
+ sig_element.find(".//ds:Reference", { "ds" => "http://www.w3.org/2000/09/xmldsig#" }).each do |ref|
66
65
  # Find the referenced element
67
66
  uri = ref["URI"]
68
67
  ref_element = find_first("//*[@ID='#{uri[1,uri.size]}']")
@@ -72,13 +71,13 @@ module XMLSecurity
72
71
  ref_document.root = ref_document.import(ref_element)
73
72
 
74
73
  # Remove the Signature node
75
- ref_document_sig_element = ref_document.find_first("//ds:Signature", { "ds" => "http://www.w3.org/2000/09/xmldsig#" })
74
+ ref_document_sig_element = ref_document.find_first(".//ds:Signature", { "ds" => "http://www.w3.org/2000/09/xmldsig#" })
76
75
  ref_document_sig_element.remove! if ref_document_sig_element
77
76
 
78
77
  # Canonicalize the referenced element's document
79
78
  ref_document_canonicalized = ref_document.canonicalize
80
79
  hash = Base64::encode64(Digest::SHA1.digest(ref_document_canonicalized)).chomp
81
- digest_value = sig_element.find_first("//ds:DigestValue", { "ds" => "http://www.w3.org/2000/09/xmldsig#" }).content
80
+ digest_value = sig_element.find_first(".//ds:DigestValue", { "ds" => "http://www.w3.org/2000/09/xmldsig#" }).content
82
81
 
83
82
  if hash != digest_value
84
83
  @validation_error = <<-EOF.gsub(/^\s+/, '')
@@ -97,10 +96,10 @@ module XMLSecurity
97
96
  end
98
97
 
99
98
  # verify signature
100
- signed_info_element = sig_element.find_first("//ds:SignedInfo", { "ds" => "http://www.w3.org/2000/09/xmldsig#" })
99
+ signed_info_element = sig_element.find_first(".//ds:SignedInfo", { "ds" => "http://www.w3.org/2000/09/xmldsig#" })
101
100
  canon_string = canonicalize_node(signed_info_element)
102
101
 
103
- base64_signature = sig_element.find_first("//ds:SignatureValue", { "ds" => "http://www.w3.org/2000/09/xmldsig#" }).content
102
+ base64_signature = sig_element.find_first(".//ds:SignatureValue", { "ds" => "http://www.w3.org/2000/09/xmldsig#" }).content
104
103
  signature = Base64.decode64(base64_signature)
105
104
 
106
105
  cert_text = Base64.decode64(base64_cert)
@@ -1,9 +1,9 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = %q{ruby-saml-mod}
3
- s.version = "0.1.11"
3
+ s.version = "0.1.12"
4
4
 
5
5
  s.authors = ["OneLogin LLC", "Bracken", "Zach", "Cody"]
6
- s.date = %q{2012-05-03}
6
+ s.date = %q{2012-05-12}
7
7
  s.extra_rdoc_files = [
8
8
  "LICENSE"
9
9
  ]
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-saml-mod
3
3
  version: !ruby/object:Gem::Version
4
- hash: 13
4
+ hash: 3
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 1
9
- - 11
10
- version: 0.1.11
9
+ - 12
10
+ version: 0.1.12
11
11
  platform: ruby
12
12
  authors:
13
13
  - OneLogin LLC
@@ -18,7 +18,7 @@ autorequire:
18
18
  bindir: bin
19
19
  cert_chain: []
20
20
 
21
- date: 2012-05-03 00:00:00 Z
21
+ date: 2012-05-12 00:00:00 Z
22
22
  dependencies:
23
23
  - !ruby/object:Gem::Dependency
24
24
  name: libxml-ruby
@@ -94,3 +94,4 @@ specification_version: 3
94
94
  summary: Ruby library for SAML service providers
95
95
  test_files: []
96
96
 
97
+ has_rdoc: