signed_xml 1.0.1 → 1.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 9237cab4ca63f8b3edf77ef72441071583d7369c
+  data.tar.gz: af907d76ea132e2a73044a1cf253f3e6139fcc60
+SHA512:
+  metadata.gz: c31450cf47d60eafeed2f578e1fd7720c996e107120f1f8076a948f543f55d4dd278f6016d71b8b206ba2b0a657751a05a7aab728a12e8ad5a7403249b2e35c9
+  data.tar.gz: 2e01b8a826942db5e17055eedfdc733ad7dfcf4d60d27f59cdb69be00c1ef5e0cff78281b91cb59dc397e54c7b8590b149f518b9b61e87c3d6884aa8b5ace03e

data/.gitignore

@@ -15,3 +15,4 @@ spec/reports
 test/tmp
 test/version_tmp
 tmp
+.idea/

data/.travis.yml

@@ -1,6 +1,8 @@
 language: ruby
 rvm:
-  - "1.9.2"
-  - "1.9.3"
-  - "2.0.0"
-  - rbx-19mode
+  - 1.9.3
+  - 2.1
+  - rbx
+matrix:
+  allow_failures:
+    - rvm: rbx

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2013 Todd Thomas
+Copyright (c) 2013 OpenLogic, Inc.
 
 MIT License
 
@@ -19,4 +19,4 @@ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
 LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -1,5 +1,7 @@
-SignedXml [![Build Status](https://travis-ci.org/toddthomas/signed_xml.png)](https://travis-ci.org/toddthomas/signed_xml)
+SignedXml
 =========
+[![Build Status](https://travis-ci.org/openlogic/signed_xml.png)](https://travis-ci.org/openlogic/signed_xml)
+[![Coverage Status](https://coveralls.io/repos/openlogic/signed_xml/badge.png)](https://coveralls.io/r/openlogic/signed_xml)
 
 SignedXml is a Ruby implementation of [XML Signatures](http://www.w3.org/TR/xmldsig-core).
 
@@ -11,11 +13,14 @@ SignedXml requires and is in love with [Nokogiri](http://nokogiri.org).
 Limitations
 -----------
 
-They are legion. Currently only verification of signed documents is supported.
-Allowed transformations are enveloped-signature and c14n. Only same-document
-Reference URIs are supported, and of those only the null URI (URI="", or
-the whole document) and fragment URIs which specify a literal ID are supported.
-XPointer expressions are not supported.
+They are legion. Allowed transformations are enveloped-signature and c14n. Only
+same-document Reference URIs are supported, and of those only the null URI
+(URI="", i.e. the whole document) and fragment URIs which specify a literal ID
+are supported. XPointer expressions are not supported.
+
+SignedXml can also sign documents which contain certain required
+placeholder elements. For an example, see the file
+saml_response_template.xml in spec/resources.
 
 Installation
 ------------
@@ -44,9 +49,27 @@ Usage
 ```ruby
 require 'signed_xml'
 
-doc = Nokogiri::XML(File.read 'some_signed_doc.xml')
-signed_doc = SignedXml::Document.new(doc)
+# Verification
+# using certificate in document
+signed_doc = SignedXml::Document(File.read 'some_signed_doc.xml')
 signed_doc.is_verified?
+
+# using certificate provided by caller
+certificate = OpenSSL::X509::Certificate.new(File.read 'certificate.pem')
+signed_doc.is_verified? certificate
+
+# using certificate which matches the one in the document
+# (and failing if it doesn't)
+cert_fingerprint = Digest::SHA1.hexdigest(certificate.to_der)
+certificate_store = {cert_fingerprint => certificate}
+signed_doc.is_verified? certificate_store
+
+# Signing
+doc = SignedXml::Document(File.read 'doc_with_placeholder_elems.xml')
+private_key = OpenSSL::PKey::RSA.new(File.new 'private_key.pem')
+certificate = OpenSSL::X509::Certificate.new(File.read 'certificate.pem')
+doc.sign(private_key, certificate)
+File.open('signed_doc.xml', 'w') { |file| file.puts doc.to_xml }
 ```
 
 Contributing
@@ -57,3 +80,9 @@ Contributing
 3. Commit your changes (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)
 5. Create new Pull Request
+
+
+Copyright
+-----
+
+Copyright (c) OpenLogic, Inc. See LICENSE for details.

data/lib/signed_xml.rb

@@ -3,6 +3,7 @@ require 'nokogiri'
 
 module SignedXml
   XMLDSIG_NS = "http://www.w3.org/2000/09/xmldsig#"
+  XML_EXC_C14N_NS = "http://www.w3.org/2001/10/xml-exc-c14n#"
 
   def self.Document(thing)
     Document.new(thing)

data/lib/signed_xml/c14n_transform.rb

@@ -4,8 +4,9 @@ module SignedXml
 
     attr_reader :method
     attr_reader :with_comments
+    attr_reader :inclusive_namespaces
 
-    def initialize(method = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315")
+    def initialize(method = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315", inclusive_namespaces = [])
       method, with_comments = method.split('#')
       @method = case method
                 when "http://www.w3.org/TR/2001/REC-xml-c14n-20010315" then XML_C14N_1_0
@@ -15,12 +16,14 @@ module SignedXml
                 end
 
       @with_comments = !!with_comments
+
+      @inclusive_namespaces = inclusive_namespaces
     end
 
     def apply(input)
       raise ArgumentError, "input #{input.inspect}:#{input.class} is not canonicalizable" unless input.respond_to?(:canonicalize)
 
-      input.canonicalize(method, nil, with_comments)
+      input.canonicalize(method, inclusive_namespaces, with_comments)
     end
   end
 end

data/lib/signed_xml/reference.rb

@@ -47,7 +47,9 @@ module SignedXml
         when "http://www.w3.org/2000/09/xmldsig#enveloped-signature"
           transforms << EnvelopedSignatureTransform.new
         when %r{^http://.*c14n}
-          transforms << C14NTransform.new(method)
+          inclusive_namespaces_node = transform_node.at_xpath('.//ec:InclusiveNamespaces/@PrefixList', ec: XML_EXC_C14N_NS)
+          inclusive_namespaces = inclusive_namespaces_node ? inclusive_namespaces_node.content.split : []
+          transforms << C14NTransform.new(method, inclusive_namespaces)
         else
           raise ArgumentError, "unknown transform method #{method}"
         end

data/lib/signed_xml/version.rb

@@ -1,3 +1,3 @@
 module SignedXml
-  VERSION = "1.0.1"
+  VERSION = "1.1.0"
 end

data/signed_xml.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |gem|
   gem.email         = ["todd.thomas@openlogic.com"]
   gem.description   = %q{XML Signature verification}
   gem.summary       = %q{Provides [incomplete] support for verification of XML Signatures <http://www.w3.org/TR/xmldsig-core>.}
-  gem.homepage      = ""
+  gem.homepage      = "https://github.com/openlogic/signed_xml"
 
   gem.files         = `git ls-files`.split($/)
   gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
@@ -20,6 +20,7 @@ Gem::Specification.new do |gem|
   gem.add_dependency "nokogiri", "~> 1.5"
   gem.add_dependency "options"
 
+  gem.add_development_dependency "coveralls"
   gem.add_development_dependency "rake"
   gem.add_development_dependency "rspec"
 end

data/spec/resources/saml_response_template_w_inclusive_c14n.xml

@@ -0,0 +1,63 @@
+<Response
+  IssueInstant="2003-04-17T00:46:02Z" Version="2.0"
+  ID="_c7055387-af61-4fce-8b98-e2927324b306"
+  xmlns="urn:oasis:names:tc:SAML:2.0:protocol"
+  xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
+  <saml:Issuer>https://www.opensaml.org/IDP"</saml:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod
+        Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod
+        Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+      <ds:Reference URI="">
+        <ds:Transforms>
+          <ds:Transform
+            Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod
+          Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+        <ds:DigestValue/>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue/>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>
+        </ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <Status>
+    <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+  </Status>
+  <Assertion ID="_a75adf55-01d7-40cc-929f-dbd8372ebdfc"
+    IssueInstant="2003-04-17T00:46:02Z" Version="2.0"
+    xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+    <Issuer>https://www.opensaml.org/IDP</Issuer>
+    <Subject>
+      <NameID
+        Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">
+        scott@example.org
+      </NameID>
+      <SubjectConfirmation
+        Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/>
+    </Subject>
+    <Conditions NotBefore="2003-04-17T00:46:02Z"
+      NotOnOrAfter="2003-04-17T00:51:02Z">
+      <AudienceRestriction>
+        <Audience>http://www.opensaml.org/SP</Audience>
+      </AudienceRestriction>
+    </Conditions>
+    <AuthnStatement AuthnInstant="2003-04-17T00:46:00Z">
+      <AuthnContext>
+        <AuthnContextClassRef>
+          urn:oasis:names:tc:SAML:2.0:ac:classes:Password
+        </AuthnContextClassRef>
+      </AuthnContext>
+    </AuthnStatement>
+  </Assertion>
+</Response>

data/spec/resources/signed_saml_response_w_inclusive_c14n.xml

@@ -0,0 +1,80 @@
+<?xml version="1.0"?>
+<Response xmlns="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" IssueInstant="2003-04-17T00:46:02Z" Version="2.0" ID="_c7055387-af61-4fce-8b98-e2927324b306">
+  <saml:Issuer>https://www.opensaml.org/IDP"</saml:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+      <ds:Reference URI="">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+        <ds:DigestValue>zHUQ8ywhrKz5TW+8CCeu8kGOYEY=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>h9aT8YCYGk+Aj5SunHuNbLjL7v122IM1M+8DjY2P5NqIQtrfL3TUjAs47Gn/
+GqxDaUfA7QjV/Iri1GBfDU7lU4XbnutFsRibvuGc/x4h0SXZmH/u+q4QkUBV
+7PVIRT2Qm7K1D1jNebLbHNfFKmgPQYCqLLuggqtfMz2gk8Ebun9vwMsGfmot
+3tAb14nCm7RDkhUiXcH4Dh/+ols8geOIMryNcKjeAosVE7YV9bdtuLiPi/dy
+Lv3taNlFWxveWQHZE2GrPhd/HjFt2Rju5CTKMLVMzxdah78FknhVd+9CDzYH
+CYnd7b4r36Y6TKQ4JbwJa82u4K8Sj18udSzaqK1G8g==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIExDCCA6ygAwIBAgIJAJsG6scSiBu+MA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEUMBIGA1UEBxMLU3ByaW5nZmll
+bGQxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDETMBEGA1UECxQK
+QXJyciAmIERlZTELMAkGA1UEAxMCTWUxHTAbBgkqhkiG9w0BCQEWDm1lQGV4YW1w
+bGUub3JnMB4XDTEzMDQxMTAwNTc1MloXDTQwMDgyNzAwNTc1MlowgZwxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMRQwEgYDVQQHEwtTcHJpbmdmaWVs
+ZDEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYDVQQLFApB
+cnJyICYgRGVlMQswCQYDVQQDEwJNZTEdMBsGCSqGSIb3DQEJARYObWVAZXhhbXBs
+ZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZbhwD884KG1Aj
+ZENyOQw1TpqvMkkxMSIFQwSMPg81JIDgPifCXXHimiNheo99K4TnLAV4V+6sLsP8
+c2pQFr57mDSBo1x1JjSLR/LGD/scqQqzSXNXLNffF7FbH28/wL9+lBrMNxEh5LvT
+Cm+rmnAHdJjGK//BbLE7Vuek3irquUo3OF6HidORr2b86ec4I2gjien3kwgmYc0n
+7pxjReEeKqpoZ1ytB3PjDlAwJchCTs6i+bmQJ5xqyDn+OHTZutCVCE9DwBLThfGr
+2j+c7po42EucuS1GMEbHWbEcSCruhQY51iR+hc54TRc/GQbwfVyfOBMJ98s5TASA
+h0Sfw2DlAgMBAAGjggEFMIIBATAdBgNVHQ4EFgQUbuT5ExXORlqEIJRWCNvHgBig
+I9swgdEGA1UdIwSByTCBxoAUbuT5ExXORlqEIJRWCNvHgBigI9uhgaKkgZ8wgZwx
+CzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMRQwEgYDVQQHEwtTcHJp
+bmdmaWVsZDEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD
+VQQLFApBcnJyICYgRGVlMQswCQYDVQQDEwJNZTEdMBsGCSqGSIb3DQEJARYObWVA
+ZXhhbXBsZS5vcmeCCQCbBurHEogbvjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
+BQUAA4IBAQABGQp+S8TgiPkMqOoHiosApgs/SttQfRZVlmhoqsJQ554xkui75PIo
+RMHd42Ft8PO5aQiqXe6sbGJh9e78pSqdhytrlwIf4OSomJ2ghRGKoPESBnMQGxYT
+vMx/0BvjVj8rNSFmVgTV+foSkJj2tJnr/9ZfYbRPybDRYvDhfnlE7SpfBanKK2r+
+VpLSlm1c6d5cYA5xKUtQgV9wKbMZLl5B75S3CXz1K6TujHN3K/B3a4Hc7AknWqFd
+qsWDWKJjyH3XzQkpPT00TqQOaM9gbYqsLXmiuLzYXV1JQhU1vs29mIIFbtQK0jYd
+YEcPFLoaQoTClLMt9R+6wrJvJ9loh6P8</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <Status>
+    <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+  </Status>
+  <Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="_a75adf55-01d7-40cc-929f-dbd8372ebdfc" IssueInstant="2003-04-17T00:46:02Z" Version="2.0">
+    <Issuer>https://www.opensaml.org/IDP</Issuer>
+    <Subject>
+      <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">
+        scott@example.org
+      </NameID>
+      <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/>
+    </Subject>
+    <Conditions NotBefore="2003-04-17T00:46:02Z" NotOnOrAfter="2003-04-17T00:51:02Z">
+      <AudienceRestriction>
+        <Audience>http://www.opensaml.org/SP</Audience>
+      </AudienceRestriction>
+    </Conditions>
+    <AuthnStatement AuthnInstant="2003-04-17T00:46:00Z">
+      <AuthnContext>
+        <AuthnContextClassRef>
+          urn:oasis:names:tc:SAML:2.0:ac:classes:Password
+        </AuthnContextClassRef>
+      </AuthnContext>
+    </AuthnStatement>
+  </Assertion>
+</Response>

data/spec/signed_xml_document_spec.rb

@@ -124,6 +124,14 @@ describe SignedXml::Document do
     incorrect_digest_doc.is_verified?.should be false
   end
 
+  let(:doc_w_inclusive_c14n) do
+    SignedXml::Document(File.read(File.join(resources_path, 'signed_saml_response_w_inclusive_c14n.xml')))
+  end
+
+  it 'verifies docs using inclusive c14n' do
+    expect(doc_w_inclusive_c14n.is_verified?).to be true
+  end
+
   let(:signed_doc_template) do
     SignedXml::Document(File.read(File.join(resources_path, 'saml_response_template.xml')))
   end
@@ -133,4 +141,4 @@ describe SignedXml::Document do
   it "signs template documents" do
     signed_doc_template.sign(test_private_key, test_certificate).is_verified?.should be true
   end
-end
+end

data/spec/spec_helper.rb

@@ -1 +1,4 @@
+require 'coveralls'
+Coveralls.wear!
+
 require 'signed_xml'

metadata

@@ -1,78 +1,83 @@
 --- !ruby/object:Gem::Specification
 name: signed_xml
 version: !ruby/object:Gem::Version
-  version: 1.0.1
-  prerelease: 
+  version: 1.1.0
 platform: ruby
 authors:
 - Todd Thomas
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-04-25 00:00:00.000000000 Z
+date: 2015-02-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.5'
 - !ruby/object:Gem::Dependency
   name: options
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: coveralls
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 description: XML Signature verification
@@ -82,8 +87,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .travis.yml
+- ".gitignore"
+- ".travis.yml"
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -112,7 +117,9 @@ files:
 - spec/resources/same_doc_reference.xml
 - spec/resources/same_doc_reference_template.xml
 - spec/resources/saml_response_template.xml
+- spec/resources/saml_response_template_w_inclusive_c14n.xml
 - spec/resources/signed_saml_response.xml
+- spec/resources/signed_saml_response_w_inclusive_c14n.xml
 - spec/resources/test_cert.pem
 - spec/resources/test_key.pem
 - spec/resources/two_sig_doc.xml
@@ -120,35 +127,28 @@ files:
 - spec/resources/wrong_key_doc.xml
 - spec/signed_xml_document_spec.rb
 - spec/spec_helper.rb
-homepage: ''
+homepage: https://github.com/openlogic/signed_xml
 licenses: []
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: 4066671061943710970
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: 4066671061943710970
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.25
+rubygems_version: 2.4.3
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Provides [incomplete] support for verification of XML Signatures <http://www.w3.org/TR/xmldsig-core>.
 test_files:
 - spec/resources/another_test_cert.pem
@@ -160,7 +160,9 @@ test_files:
 - spec/resources/same_doc_reference.xml
 - spec/resources/same_doc_reference_template.xml
 - spec/resources/saml_response_template.xml
+- spec/resources/saml_response_template_w_inclusive_c14n.xml
 - spec/resources/signed_saml_response.xml
+- spec/resources/signed_saml_response_w_inclusive_c14n.xml
 - spec/resources/test_cert.pem
 - spec/resources/test_key.pem
 - spec/resources/two_sig_doc.xml