xmldsig 0.2.7 → 0.2.8

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d8048f4065afca9b20df461f7731e4e40616efd1
4
- data.tar.gz: 57000ef34e2df31dbe91635b81fe5456928b4095
3
+ metadata.gz: 0cc1b756bb07e55a09690b94d94fc3994032311b
4
+ data.tar.gz: 3ad4f0aa9cc2ce9abc66857bdf31c530656f207c
5
5
  SHA512:
6
- metadata.gz: 62153a54678fbfe19b71b05211bc8bcb488ce382934868c9c08000fe49793e87871c18cf49f5b5dee5c85bc87c4f4c350fed0dcb5030ed960b0573f28f7262e2
7
- data.tar.gz: 9655ca3667ca5011b492a2b858c7c7f9ae3254b433b498e38cbaccca66fa46995c0a1e2844de7c0481b2c7c2e00c2cf7969e28cf35924d19b208ffaa2326ee58
6
+ metadata.gz: 3639d76dddac3500ada6699b86e4eb23a4a9bc7f701b1ed94eb80e841b624d71a8c4a924783c9711f85af47e8bc81878524a047f6942850c6fbd463bfc5e405a
7
+ data.tar.gz: 497cb5e9810215ad95f49c0e0ac0d24c91144993c99b050d933faec696a5af0a221149fd8262234a4ed31eb1cda3004ee7f6b5112fb5544f4dd9339abf4e37fb
data/README.md CHANGED
@@ -65,6 +65,10 @@ signed_document = Xmldsig::SignedDocument.new(signed_xml)
65
65
  signed_document.validate do |signature_value, data|
66
66
  certificate.public_key.verify(OpenSSL::Digest::SHA256.new, signature_value, data)
67
67
  end
68
+
69
+ # Custom ID attribute
70
+ signed_document = Xmldsig::SignedDocument.new(signed_xml, id_attr: "MyID")
71
+ signed_document.validate(certificate)
68
72
  ```
69
73
 
70
74
  ## Known issues
@@ -16,7 +16,7 @@ module Xmldsig
16
16
  end
17
17
 
18
18
  def sign(private_key = nil, instruct = true, &block)
19
- signatures.each { |signature| signature.sign(private_key, &block) }
19
+ signatures.reverse.each { |signature| signature.sign(private_key, &block) }
20
20
  instruct ? @document.to_s : @document.root.to_s
21
21
  end
22
22
 
@@ -25,7 +25,9 @@ module Xmldsig
25
25
  end
26
26
 
27
27
  def signatures
28
- document.xpath("//ds:Signature", NAMESPACES).reverse.collect { |node| Signature.new(node, @id_attr) } || []
28
+ document.xpath("//ds:Signature", NAMESPACES).
29
+ sort { |left, right| left.ancestors.size <=> right.ancestors.size }.
30
+ collect { |node| Signature.new(node, @id_attr) } || []
29
31
  end
30
32
  end
31
33
  end
@@ -2,7 +2,10 @@ module Xmldsig
2
2
  class Transforms < Array
3
3
  class EnvelopedSignature < Transform
4
4
  def transform
5
- node.xpath("descendant::ds:Signature", Xmldsig::NAMESPACES).first.remove
5
+ signatures = node.xpath("descendant::ds:Signature", Xmldsig::NAMESPACES).
6
+ sort { |left, right| left.ancestors.size <=> right.ancestors.size }
7
+
8
+ signatures.first.remove
6
9
  node
7
10
  end
8
11
  end
@@ -1,3 +1,3 @@
1
1
  module Xmldsig
2
- VERSION = '0.2.7'
2
+ VERSION = '0.2.8'
3
3
  end
@@ -0,0 +1,20 @@
1
+ -----BEGIN CERTIFICATE-----
2
+ MIIDRDCCAiygAwIBAgIVAOBBjAUVutk42CWL0RcirPc0cv9/MA0GCSqGSIb3DQEB
3
+ BQUAMCExHzAdBgNVBAMTFnNoaWJib2xldGgudmFncmFudC5kZXYwHhcNMTUwNDIw
4
+ MDcyOTQ1WhcNMzUwNDIwMDcyOTQ1WjAhMR8wHQYDVQQDExZzaGliYm9sZXRoLnZh
5
+ Z3JhbnQuZGV2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyH0D44r
6
+ QzlgYzHr7RvfhYwcPhYS+GaFGpBj2AZ5152NyTLn7L4UH/ljWvirJ16K5Qhl4S0v
7
+ EdCnrtPB6HUfzw9h8iZABfvQ4O1VEkKIeJGskqKleItXdlWYR45d9ATGqFbgwIpU
8
+ cUYkpnepi8pJd1etPxEVoDT6kFuabrQBXorJ/Q59+eHfFH8oYG8mEVS0bWwyxFu7
9
+ Rz8GBRcmKmzVeObnGQY5izY69/drLK/NbEX1MZRVOpT2L6LbmLXEZZQ7jd/L2mfE
10
+ jzDBxfQaTs8Fgnl6vqhbMe1l3ci5SyJObZ3UwXkFy4LDnezs7ghENoSzP6Ah/Sq5
11
+ 8kwvWwJ5JTE/QwIDAQABo3MwcTBQBgNVHREESTBHghZzaGliYm9sZXRoLnZhZ3Jh
12
+ bnQuZGV2hi1odHRwczovL3NoaWJib2xldGgudmFncmFudC5kZXYvaWRwL3NoaWJi
13
+ b2xldGgwHQYDVR0OBBYEFHSLABA1TYmg3IH2qUa/2E3yFh4XMA0GCSqGSIb3DQEB
14
+ BQUAA4IBAQCMrVvvrEcLtlKZXAV03waZjopDeiq5ByVqLjbyHnmuPixFzvxGDfvR
15
+ H3rRITBTENNHoB6xDnYrw48F+RKtz58b01/SyMvVSQ6UAEtwq1aCxJdWdbfVeBEg
16
+ bKcPAERQuOZdm13RKod2iAu+jlfLIqwVlSgo9YPqw7cfZzXB6ZrKFtjA8SHEmv26
17
+ Y67EXAUkXd8nXOwXV2MJehfhBwUAwLxnC7RuVcdR2LRgf7oXbgwiyCJXdNP8S93s
18
+ 2tdLb7+K+Em8iaw4c3wfrBMUWs00P1iUs0KJaCTdG++LODBKt9wGUIB/AJiV+o4W
19
+ qRh/jxiybmCVSlNUqoAP8t05jrtm6clF
20
+ -----END CERTIFICATE-----
@@ -0,0 +1,22 @@
1
+ <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="http://lvh.me:3000/saml/consume" ID="_70566d518f1655ba37985b23f7169298" InResponseTo="_9a0411fe3d0cf28644525a3e39469a23368c082e" IssueInstant="2015-04-20T07:37:25.323Z" Version="2.0">
2
+ <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://shibboleth.vagrant.dev/idp/shibboleth
3
+ </saml2:Issuer>
4
+ <saml2p:Status>
5
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
6
+ </saml2p:Status>
7
+ <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" ID="_f3be21a4420268b5a4d0f362b59079a4" IssueInstant="2015-04-20T07:37:25.323Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://shibboleth.vagrant.dev/idp/shibboleth</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_f3be21a4420268b5a4d0f362b59079a4"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>HZfcJ8WkEGokMWQj00MKOUFSTu0=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>eEL7t2VTTgSoUTzIpf+OYm3CrTJq6A+EEIRAyNLxVEJkjNRY6abKRBhPNharJGBbsbEh9yVW0sRuIU9HFaidzNaFok2oFoX7gm5nMhBL3n3bEmijWFastoc3PQOKYnATXziCfnyRq44rVaqrjKfYOdvifhZ8gjiBExEBHCoJkRp7jiMvbPqy31qAsNzL/IHZLDv5QILCi8iqjVdhNvdOh/2ajKYLrEiSUEb6Wv/8SxOWjMeSrkTLGJ7l0oWaJWeSCCwE3+2+ssBxWsHLOUTf7x9dRsR9RkliTA1zp22EpUpzTgBRnFrnxpLwCG5Iod0/pP+/klpoZ5pnS0U8c0fObg==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDRDCCAiygAwIBAgIVAOBBjAUVutk42CWL0RcirPc0cv9/MA0GCSqGSIb3DQEBBQUAMCExHzAd
8
+ BgNVBAMTFnNoaWJib2xldGgudmFncmFudC5kZXYwHhcNMTUwNDIwMDcyOTQ1WhcNMzUwNDIwMDcy
9
+ OTQ1WjAhMR8wHQYDVQQDExZzaGliYm9sZXRoLnZhZ3JhbnQuZGV2MIIBIjANBgkqhkiG9w0BAQEF
10
+ AAOCAQ8AMIIBCgKCAQEAmyH0D44rQzlgYzHr7RvfhYwcPhYS+GaFGpBj2AZ5152NyTLn7L4UH/lj
11
+ WvirJ16K5Qhl4S0vEdCnrtPB6HUfzw9h8iZABfvQ4O1VEkKIeJGskqKleItXdlWYR45d9ATGqFbg
12
+ wIpUcUYkpnepi8pJd1etPxEVoDT6kFuabrQBXorJ/Q59+eHfFH8oYG8mEVS0bWwyxFu7Rz8GBRcm
13
+ KmzVeObnGQY5izY69/drLK/NbEX1MZRVOpT2L6LbmLXEZZQ7jd/L2mfEjzDBxfQaTs8Fgnl6vqhb
14
+ Me1l3ci5SyJObZ3UwXkFy4LDnezs7ghENoSzP6Ah/Sq58kwvWwJ5JTE/QwIDAQABo3MwcTBQBgNV
15
+ HREESTBHghZzaGliYm9sZXRoLnZhZ3JhbnQuZGV2hi1odHRwczovL3NoaWJib2xldGgudmFncmFu
16
+ dC5kZXYvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFHSLABA1TYmg3IH2qUa/2E3yFh4XMA0GCSqG
17
+ SIb3DQEBBQUAA4IBAQCMrVvvrEcLtlKZXAV03waZjopDeiq5ByVqLjbyHnmuPixFzvxGDfvRH3rR
18
+ ITBTENNHoB6xDnYrw48F+RKtz58b01/SyMvVSQ6UAEtwq1aCxJdWdbfVeBEgbKcPAERQuOZdm13R
19
+ Kod2iAu+jlfLIqwVlSgo9YPqw7cfZzXB6ZrKFtjA8SHEmv26Y67EXAUkXd8nXOwXV2MJehfhBwUA
20
+ wLxnC7RuVcdR2LRgf7oXbgwiyCJXdNP8S93s2tdLb7+K+Em8iaw4c3wfrBMUWs00P1iUs0KJaCTd
21
+ G++LODBKt9wGUIB/AJiV+o4WqRh/jxiybmCVSlNUqoAP8t05jrtm6clF</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2:Subject><saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="https://shibboleth.vagrant.dev/idp/shibboleth">shibadmin</saml2:NameID><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml2:SubjectConfirmationData Address="192.168.66.1" InResponseTo="_9a0411fe3d0cf28644525a3e39469a23368c082e" NotOnOrAfter="2015-04-20T07:42:25.323Z" Recipient="http://lvh.me:3000/saml/consume"/></saml2:SubjectConfirmation></saml2:Subject><saml2:Conditions NotBefore="2015-04-20T07:37:25.323Z" NotOnOrAfter="2015-04-20T07:42:25.323Z"><saml2:AudienceRestriction><saml2:Audience>urn:testing:app</saml2:Audience></saml2:AudienceRestriction></saml2:Conditions><saml2:AuthnStatement AuthnInstant="2015-04-20T07:31:04.345Z" SessionIndex="_a2388aad0bff623245c6ae72576004e6"><saml2:SubjectLocality Address="192.168.66.1"/><saml2:AuthnContext><saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef></saml2:AuthnContext></saml2:AuthnStatement></saml2:Assertion>
22
+ </saml2p:Response>
@@ -0,0 +1,40 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <foo:Foo ID="foo" xmlns:foo="http://example.com/foo#" xmlns:baz="http://example.com/baz#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#">
3
+ <foo:Bar>bar</foo:Bar>
4
+ <baz:Baz ID="baz">
5
+ <ds:Signature>
6
+ <ds:SignedInfo>
7
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
8
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
9
+ <ds:Reference URI="#baz">
10
+ <ds:Transforms>
11
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
12
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
13
+ <ec:InclusiveNamespaces PrefixList="foo baz"/>
14
+ </ds:Transform>
15
+ </ds:Transforms>
16
+ <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
17
+ <ds:DigestValue></ds:DigestValue>
18
+ </ds:Reference>
19
+ </ds:SignedInfo>
20
+ <ds:SignatureValue></ds:SignatureValue>
21
+ </ds:Signature>
22
+ </baz:Baz>
23
+ <ds:Signature>
24
+ <ds:SignedInfo>
25
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
26
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
27
+ <ds:Reference URI="#foo">
28
+ <ds:Transforms>
29
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
30
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
31
+ <ec:InclusiveNamespaces PrefixList="foo baz"/>
32
+ </ds:Transform>
33
+ </ds:Transforms>
34
+ <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
35
+ <ds:DigestValue></ds:DigestValue>
36
+ </ds:Reference>
37
+ </ds:SignedInfo>
38
+ <ds:SignatureValue></ds:SignatureValue>
39
+ </ds:Signature>
40
+ </foo:Foo>
@@ -0,0 +1,40 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <foo:Foo ID="foo" xmlns:foo="http://example.com/foo#" xmlns:baz="http://example.com/baz#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#">
3
+ <foo:Bar>bar</foo:Bar>
4
+ <ds:Signature>
5
+ <ds:SignedInfo>
6
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
7
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
8
+ <ds:Reference URI="#foo">
9
+ <ds:Transforms>
10
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
11
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
12
+ <ec:InclusiveNamespaces PrefixList="foo baz"/>
13
+ </ds:Transform>
14
+ </ds:Transforms>
15
+ <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
16
+ <ds:DigestValue></ds:DigestValue>
17
+ </ds:Reference>
18
+ </ds:SignedInfo>
19
+ <ds:SignatureValue></ds:SignatureValue>
20
+ </ds:Signature>
21
+ <baz:Baz ID="baz">
22
+ <ds:Signature>
23
+ <ds:SignedInfo>
24
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
25
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
26
+ <ds:Reference URI="#baz">
27
+ <ds:Transforms>
28
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
29
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
30
+ <ec:InclusiveNamespaces PrefixList="foo baz"/>
31
+ </ds:Transform>
32
+ </ds:Transforms>
33
+ <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
34
+ <ds:DigestValue></ds:DigestValue>
35
+ </ds:Reference>
36
+ </ds:SignedInfo>
37
+ <ds:SignatureValue></ds:SignatureValue>
38
+ </ds:Signature>
39
+ </baz:Baz>
40
+ </foo:Foo>
@@ -42,8 +42,8 @@ describe Xmldsig::SignedDocument do
42
42
  signed_document.signatures.should be_all { |signature| signature.is_a?(Xmldsig::Signature) }
43
43
  end
44
44
 
45
- it "returns the nested signatures first" do
46
- unsigned_document.signatures.first.references.first.reference_uri.should == '#baz'
45
+ it "returns the outer signatures first" do
46
+ unsigned_document.signatures.first.references.first.reference_uri.should == '#foo'
47
47
  end
48
48
  end
49
49
 
@@ -4,8 +4,8 @@ describe Xmldsig::Transforms::EnvelopedSignature do
4
4
  let(:unsigned_xml) { File.read('spec/fixtures/unsigned_nested_signature.xml') }
5
5
  let(:unsigned_document) { Xmldsig::SignedDocument.new(unsigned_xml) }
6
6
 
7
- it 'only removes the first signature element' do
8
- node_with_nested_signature = unsigned_document.signatures.last.references.first.referenced_node
7
+ it 'only removes the outer most signature element' do
8
+ node_with_nested_signature = unsigned_document.signatures.first.references.first.referenced_node
9
9
 
10
10
  described_class.new(node_with_nested_signature, nil).transform
11
11
 
@@ -15,17 +15,18 @@ describe Xmldsig do
15
15
  Xmldsig::SignedDocument.new(signed_document).validate(certificate).should be == true
16
16
  end
17
17
 
18
- it 'should have a signature element' do
19
- Xmldsig::SignedDocument.new(signed_document).signatures.count.should == 1
18
+ it 'should have at least 1 signature element' do
19
+ Xmldsig::SignedDocument.new(signed_document).signatures.count.should >= 1
20
20
  end
21
21
 
22
22
  # TODO: remove this verification step when library matures
23
- #it 'matches the result from xmlsec1' do
23
+ # it 'matches the result from xmlsec1' do
24
24
  # result = `xmlsec1 --sign --id-attr:ID http://example.com/foo#:Foo --privkey-pem spec/fixtures/key.pem #{document}`
25
25
  # result.gsub!("\n", '')
26
26
  # signed_document.gsub!("\n", '')
27
+ # puts result
27
28
  # result.should == signed_document
28
- #end
29
+ # end
29
30
  end
30
31
  end
31
32
  end
@@ -42,6 +43,17 @@ describe Xmldsig do
42
43
  end
43
44
  end
44
45
  end
46
+ Dir["spec/fixtures/signed/*.xml"].each do |document|
47
+ describe "#{document}" do
48
+ let(:signed_xml) { File.read(document) }
49
+ let(:signed_document) { Xmldsig::SignedDocument.new(signed_xml) }
50
+ let(:certificate) { OpenSSL::X509::Certificate.new(File.read(document.gsub('.xml', '.cert'))) }
51
+
52
+ it "should be validateable" do
53
+ expect(signed_document.validate(certificate)).to be == true
54
+ end
55
+ end
56
+ end
45
57
  end
46
58
 
47
59
  describe "Allows specifying a custom id attribute" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: xmldsig
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.7
4
+ version: 0.2.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - benoist
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-03-02 00:00:00.000000000 Z
11
+ date: 2015-05-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -57,12 +57,16 @@ files:
57
57
  - spec/fixtures/signed.xml
58
58
  - spec/fixtures/signed/ideal.cert
59
59
  - spec/fixtures/signed/ideal.txt
60
+ - spec/fixtures/signed/shib.cert
61
+ - spec/fixtures/signed/shib.xml
60
62
  - spec/fixtures/signed_custom_attribute_id.xml
61
63
  - spec/fixtures/unsigned.xml
62
64
  - spec/fixtures/unsigned/canonicalizer_1_0.xml
63
65
  - spec/fixtures/unsigned/canonicalizer_1_1.xml
64
66
  - spec/fixtures/unsigned/canonicalizer_exc.xml
65
67
  - spec/fixtures/unsigned/digest_sha1.xml
68
+ - spec/fixtures/unsigned/unsigned_nested_signature_at_bottom.xml
69
+ - spec/fixtures/unsigned/unsigned_nested_signature_at_top.xml
66
70
  - spec/fixtures/unsigned/with_soap_envelope.xml
67
71
  - spec/fixtures/unsigned/without_canonicalization.xml
68
72
  - spec/fixtures/unsigned/without_namespace_prefix.xml
@@ -98,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
98
102
  version: '0'
99
103
  requirements: []
100
104
  rubyforge_project:
101
- rubygems_version: 2.4.5
105
+ rubygems_version: 2.4.6
102
106
  signing_key:
103
107
  specification_version: 4
104
108
  summary: This gem is a (partial) implementation of the XMLDsig specification (http://www.w3.org/TR/xmldsig-core)
@@ -109,12 +113,16 @@ test_files:
109
113
  - spec/fixtures/signed.xml
110
114
  - spec/fixtures/signed/ideal.cert
111
115
  - spec/fixtures/signed/ideal.txt
116
+ - spec/fixtures/signed/shib.cert
117
+ - spec/fixtures/signed/shib.xml
112
118
  - spec/fixtures/signed_custom_attribute_id.xml
113
119
  - spec/fixtures/unsigned.xml
114
120
  - spec/fixtures/unsigned/canonicalizer_1_0.xml
115
121
  - spec/fixtures/unsigned/canonicalizer_1_1.xml
116
122
  - spec/fixtures/unsigned/canonicalizer_exc.xml
117
123
  - spec/fixtures/unsigned/digest_sha1.xml
124
+ - spec/fixtures/unsigned/unsigned_nested_signature_at_bottom.xml
125
+ - spec/fixtures/unsigned/unsigned_nested_signature_at_top.xml
118
126
  - spec/fixtures/unsigned/with_soap_envelope.xml
119
127
  - spec/fixtures/unsigned/without_canonicalization.xml
120
128
  - spec/fixtures/unsigned/without_namespace_prefix.xml