RubyGems - xmldsig - Versions diffs - 0.2.2 → 0.2.3 - Mend

xmldsig 0.2.2 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +15 -0
data/{.travis.yaml → .travis.yml} +1 -2
data/decrypt.rb +85 -0
data/lib/xmldsig/signed_document.rb +2 -2
data/lib/xmldsig/version.rb +1 -1
data/rsa_ext.rb +116 -0
data/spec/fixtures/doc-plain.xml +9 -0
data/spec/fixtures/encryptedResponse.xml +103 -0
data/spec/fixtures/encrypted_assertion.xml +103 -0
data/spec/fixtures/keysncerts/post-office.pk8 +0 -0
data/spec/lib/xmldsig_spec.rb +11 -0
metadata +16 -10

checksums.yaml ADDED Viewed

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    NzYzM2U2MTA3OGEwYzAzZmJiZDNlNDc0N2FmMWE5NjY1YWFjNGJmZA==
+  data.tar.gz: !binary |-
+    ZWRlM2JmYTI3YzNiODMwYjM0MTgwZWI1YTIzYjkwNjAzYWNiYmRjZg==
+!binary "U0hBNTEy":
+  metadata.gz: !binary |-
+    Y2I3ODgyY2M0M2UwMGZhNzAwNDU0M2Q5NTQyODYyOTEyNTVmZTVjMjNjMDI2
+    NGFiZjI3YzY4YTQ3ZjNmN2FjMDQyNmJjODMyYzlmOTYyYTQzZGJjMzhhOTAw
+    OWI4ODExMGM3MGUxYzZjODc4NWU2OTZiZjA0YzYyNDU1MmZlOGQ=
+  data.tar.gz: !binary |-
+    MzE2NjBjYmE3MGY0ZmFiZDQ3Njg0ZGVkMDhhZjdkM2MwYTk3NDc0OGE3ZDk4
+    MDM1MjNlMDk1OGY4ODU2NzJlMDc5MWJiNWQ1NDFiNjExYzNjMTYzYTJmYmIy
+    ZmRjNjMwNjRhOWMyMzlmYzAxZTcwM2RhYTgxMzlkNDQ3NWExMzE=

data/{.travis.yaml → .travis.yml} RENAMED Viewed

@@ -1,5 +1,4 @@
 language: ruby
 rvm:
+  - 2.0.0
   - 1.9.3
-  - 1.8.7
-  - ree

data/decrypt.rb ADDED Viewed

@@ -0,0 +1,85 @@
+require 'openssl'
+require 'base64'
+require 'nokogiri'
+require 'securerandom'
+xml         = File.read('spec/fixtures/encryptedResponse.xml')
+private_key = OpenSSL::PKey::RSA.new File.read('spec/fixtures/keysncerts/userkey.pem'), 'hello'
+cv  = Base64.decode64 "YYq0hkSXofEEiiZ2LdCx8M/yvR0P+G4U510Bqkg4E3YoApqPJinqmOlNU7x/MChZp23zWHJqS4fH0VtK5ZT8gToEwbKQ/DsjYFQXVCRHxjrRp0Mfrvj89bTpivA3TPdVXhS80MFqtd7NfKEQSI4roJY9JgDvn45j77oXurr6h1c="
+cv2 = Base64.decode64 "TQzLeeCNG8y8+C1XpC7ZNtvrCyIOl7e4b1zOUwARlbmiIC1YIUHl38uhAkw0B7+BNZ9inafH2RyWO8MH5XSs4O7cyLkNJXETmc1CFozTa2J4DWLqDOByyT0LqlGir80PjfCeOnSFsLR9SCnvJpcpuEseRHfXnotnMpP1fQFiSheKGEb/oXn9feVxqlvBOOK0VHxFqis0Cb4KYsQWu0DiujBZQMj+tKNnnodb6jNwKcR4JDNda2JwWxXs0hViumO/2AC+YhAoiVBwPH2rXBv+yXkQcI0y8u+B9fYSoZ2pNXk="
+key = private_key.private_decrypt(cv)
+cipher = OpenSSL::Cipher::Cipher.new('des-ede3-cbc')
+cipher.decrypt
+cipher.padding = 0
+cipher.key     = key
+cipher.iv      = cv2[0..8]
+out = cipher.update(cv2[8..-1])
+out << cipher.final
+puts out.inspect
+out = out[0...-out.bytes.to_a.last]
+cipher.encrypt
+cipher.padding = 0
+cipher.key = key
+cipher.iv = cv2[0..8]
+padding_length = (out.length % 8)
+padding = SecureRandom.random_bytes(padding_length -1) + padding_length.chr
+puts padding.inspect
+out = cipher.update(out + padding)
+out << cipher.final
+cv2 = out
+key = private_key.private_decrypt(cv)
+cipher = OpenSSL::Cipher::Cipher.new('des-ede3-cbc')
+cipher.decrypt
+cipher.padding = 0
+cipher.key     = key
+cipher.iv      = cv2[0..8]
+out = cipher.update(cv2[8..-1])
+out << cipher.final
+puts out.inspect
+out = out[0...-out.bytes.to_a.last]
+puts out.inspect
+#doc = Nokogiri::XML::Document.parse(xml)
+#
+#wrapped_key = Base64.decode64('BxnBnHLtE1IjI9bTGDVs9EyJspS46SJrX4r3yYRdBJYawEp5AHWx6SgVB1TuU466ORIPX0HqdUvy8efOP/7gHhFlm/noKc+qToD1YSvGQ27kJdZbBJE+kcnDZpgqPHCR+fr3Nv/WfN+eZRYMlky1D8JaWFd1P6Eqi8xqY1BirHQ=')
+#
+#private_key = OpenSSL::PKey::RSA.new File.read('spec/fixtures/post-office.pem')
+#key = private_key.private_decrypt(wrapped_key, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+#
+#bytes = Base64.decode64(c2).unpack('C*')
+#puts key.inspect
+#
+#iv     = bytes.pack('c16')
+#others = bytes.pack('c16X16c*')
+#
+#cipher = OpenSSL::Cipher.new('aes-128-cbc')
+#cipher.decrypt
+#cipher.iv  = Base64.decode64(c2)[0..15]
+#cipher.key = key
+#
+#out = cipher.update(others)
+#
+#The encrypted string's length might not be a multiple of the block
+#length of aes-128-cbc (16), so add in another block and then trim
+#off the padding. More info about padding is available at
+#http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html in
+#Section 5.2
+#puts out << cipher.update("\x00" * 16)
+#puts out[0...(-out.bytes.to_a.last)]
+#

data/lib/xmldsig/signed_document.rb CHANGED Viewed

@@ -10,9 +10,9 @@ module Xmldsig
       signatures.any? && signatures.all? { |signature| signature.valid?(certificate, &block) }
     end
-    def sign(private_key = nil, &block)
+    def sign(private_key = nil, instruct = true, &block)
       signatures.each { |signature| signature.sign(private_key, &block) }
-      @document.to_s
+      instruct ? @document.to_s : @document.root.to_s
     end
     def signed_nodes

data/lib/xmldsig/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Xmldsig
-  VERSION = '0.2.2'
+  VERSION = '0.2.3'
 end

data/rsa_ext.rb ADDED Viewed

@@ -0,0 +1,116 @@
+require 'digest/sha1'
+require 'rsa'
+module RSA
+  module OAEP
+    extend self
+    # Represents an error that occurs during decoding when using
+    # RSA::OAEP.decode or RSA::OAEP.eme_decode. There is one argument which is
+    # a brief message detailing the error
+    class DecodeError < StandardError; end
+    # The algorithms below need the HLEN variable. This is the length of the
+    # hashes generated by the hashing function. For now, this only supports SHA1
+    # as the hashing function, and this has a hash length of 20
+    HLEN = 20
+    # Performs the rsa-oaep-mgf1 decrypt algorithm. This is specified in section
+    # 7.1.2 of http://www.ietf.org/rfc/rfc2437.txt.
+    #
+    # This implementation assumes that the sha1 hashing algorithm was used.
+    #
+    # @param [RSA::Key] k the private key whose public key was used to
+    #        encrypt the data
+    # @param [String] c a string of raw bytes representing the text to be
+    #        decoded
+    # @param [String] p the options which were used in the original encoding of
+    #        the string. By default this is the empty string.
+    #
+    # @return [String] the decoded string of bytes
+    # @raise [DecodeError] If decoding cannot occur, an error is raised
+    def decode k, c, p = ''
+      # First, generate how many bytes the key's modulus is
+      n = k.modulus
+      bytes = 0
+      while n > 0
+        bytes += 1
+        n /= 2
+      end
+      bytes /= 8
+      raise DecodeError, 'input is wrong length!' unless c.length == bytes
+      puts [c, bytes].inspect
+      enc = RSA::PKCS1.os2ip c
+      m   = RSA::PKCS1.rsadp k, enc
+      em  = RSA::PKCS1.i2osp m, bytes - 1
+      eme_decode em, p
+    end
+    # Decodes the encrypted message as specified by the algorithm listed on
+    # http://www.ietf.org/rfc/rfc2437.txt in section 9.1.1.2
+    #
+    # @param [String] em the encoded message that needs to be decoded
+    # @param [String] p the flags used in the original encoding scheme.
+    #
+    # @return [String] the decoded byte string of the supplied message
+    # @raise [DecodeError] if decoding goes awry or the message does not pass
+    #        sanity checks during decoding
+    def eme_decode em, p = ''
+      raise DecodeError, 'message is too short!' if em.length < HLEN * 2 + 1
+      maskedSeed = em[0...HLEN]
+      maskedDB   = em[HLEN..-1]
+      seedMask   = mgf1 maskedDB, HLEN
+      seed       = xor maskedSeed, seedMask
+      dbMask     = mgf1 seed, em.size - HLEN
+      db         = xor maskedDB, dbMask
+      pHash      = Digest::SHA1.digest p
+      ind = db.index("\x01", HLEN)
+      raise DecodeError, 'message is invalid!' if ind.nil?
+      pHash2 = db[0...HLEN]
+      ps     = db[HLEN...ind]
+      m      = db[(ind + 1)..-1]
+      raise DecodeError, 'message is invalid!' unless ps.bytes.all?(&:zero?)
+      raise DecodeError, "specified p = #{p.inspect} is wrong!" unless pHash2 == pHash
+      m
+    end
+    # Defined in seciton 10.2.1 of http://www.ietf.org/rfc/rfc2437.txt, this
+    # is the mask generation function used in the eme_decode function
+    #
+    # @param [String] z this is the seed which the mask function runs off of
+    # @param [Integer] l the desired length of the resultant hash
+    #
+    # @return [String] the mask generated
+    def mgf1 z, l
+      t = ''
+      (0..(l / HLEN)).each{ |i|
+        t += Digest::SHA1.digest(z + RSA::PKCS1.i2osp(i, 4))
+      }
+      t[0...l]
+    end
+    private
+    def xor s1, s2
+      b1 = s1.unpack('c*')
+      b2 = s2.unpack('c*')
+      if b1.length != b2.length
+        raise DecodeError, 'cannot xor strings of different lengths!'
+      end
+      b1.zip(b2).map{ |a, b| a ^ b }.pack('c*')
+    end
+  end
+end

data/spec/fixtures/doc-plain.xml ADDED Viewed

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<PayInfo>
+  <Name>John Smith</Name>
+  <CreditCard Limit='2,000' Currency='USD'>
+    <Number>1076 2478 0678 5589</Number>
+    <Issuer>CitiBank</Issuer>
+    <Expiration>06/10</Expiration>
+  </CreditCard>
+</PayInfo>

data/spec/fixtures/encryptedResponse.xml ADDED Viewed

@@ -0,0 +1,103 @@
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                 Destination="https://samlproxy.showcase.ida.digital.cabinet-office.gov.uk:443/SAML2/SSO/Response/POST"
+                 ID="_e3e6587a-8d13-47c6-8153-18af97d0ab08"
+                 InResponseTo="_0afc9d05-a0e8-4ca8-85b6-d6096fcdd0cf"
+                 IssueInstant="2013-08-15T06:58:54.478Z"
+                 Version="2.0"
+                 xsi:type="saml2p:ResponseType"
+                 >
+    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+                  Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
+                  >http://stub_idp.acme.org/post-office/SSO/POST</saml2:Issuer>
+    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:SignedInfo>
+            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+            <ds:Reference URI="#_e3e6587a-8d13-47c6-8153-18af97d0ab08">
+                <ds:Transforms>
+                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                </ds:Transforms>
+                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+                <ds:DigestValue>2J5oHzmbC8N1UGW2hwEVT8aB0sA=</ds:DigestValue>
+            </ds:Reference>
+        </ds:SignedInfo>
+        <ds:SignatureValue>ixCjDwTs3HZulePsQBsXp7jUwZoMEXXXwYfmir/OVrvtPmDRFmONSlGMRDREAa5PxtLPCviaL5fu+W5n8L4GsiM/3VvBmVpky8PdpLsSWo9IEvapGGYJ37/3CprJhyk/5GLZLiDY6GlucJ9QDTwLliJnDz7iaUJTxnAqXsOLB8A=</ds:SignatureValue>
+    </ds:Signature>
+    <saml2p:Status xsi:type="saml2p:StatusType">
+        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"
+                           xsi:type="saml2p:StatusCodeType"
+                           />
+    </saml2p:Status>
+    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+        <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                            Id="_35f50720fbff674d0c13517d8c1055f7"
+                            Type="http://www.w3.org/2001/04/xmlenc#Element"
+                            >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   />
+            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"
+                                    URI="#_cb6151de16daa2d211f217fe935c2439"
+                                    />
+            </ds:KeyInfo>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>YXef7aTXDEmPcNzUIK0BwO9cfOR3+Ld3JIj3WKXgudfk/JogEhbqfMFHxXOr+dZI/X692fpgAPSL2/kILXjQYVpJ1BnyvgJjeTDbrw+IsbeU+Zmto1wVc8GtUjJ0HG6QhvyXqDJOdjvkpO2qgviunZiq3fKNhLY//7jLLMDuIq1mzcePJ6v0J1x6A0ZpjbMuW6KX04LA/Zl3QdfqPZXC4JLNA4eOt8VSrdAujJ9I8pUSxD6G+IEwxyisMjPBCDqW9c2bHdGmVNRzrYwbmuaZmmU3a4XuHYDeVIGbSlKJZwAzyaTTB6lqD5frALZu4AJWuIHfmcP1McYBgbCET8gMjj0r0KtaCvkb5IDDnFJO3PlvxoKLI6O57pkHwLCFTxAMDT4byYEArkroOT1dVbONj6vSAa2TPQAVvywpmK5P9UCI7nIUGtNY/1p7xw9DPnWn6YEqljAa7iuswAucisQuvVTq5uUrj+LIgGEW86UWpLhUZGlyO+wwOEQC/CA9+96fj9z4h6nHT4w3F9c3gM3yVB/z5cy2b34OtKwGxkliBlzHrN0+bKlonlL/QWWl9UAhMAfBlKJ2W0/gKtmJfiqhARL8OOEINAuTNagBJsh+z7SA5bB9otwzZ1D0EEVP7mYcY7UOhAl8bljVNQ7Hc0OLqsdh5Tr6T7pVnxYulx91GKOyO65U3rkPpVY61VRq2GQSFAmAw/9kFfNy4k3JOknRCtRYSEf0OFq8H2YZHptvMQwo3/Tb/BZLlBByzYsKhRQfLF+jz4LU0qC6xuKsFWIKirONNbuMg+H2ohvJHIGDVCvpJW08OyaocFEM+FP/qsQPB7b/ysiWyX3TNRxfVy4PrS23aPun36NRSqUSdNmsWJ/CfPJ+PWbXtdWDHJvuHm82TQqZgEQbLbrrlveNzV0VUhlBDMHsxOBobXRM+X51WYlAewbC/mvvWOovVSFTFG29Vq6pwJiMilJYy+Xf3O/7mM0MNcKxazpmjcqYd+bULsJfoLNxVyYg9gv/EG0pKDuGGK4s4w/yPX7NHdC/prBDRot29g+Qg5L9+ubottfMzcJ2yBMETLTg7JY7XB9XOfzVVikLtxPta63E5YduSOfNhkI6XMnUE5/YAx8ggrfmw1MXSWs22eoiBJYF4dW6yGR7Cef/oQOGMi6Wi27+Y7JuJKHEEgpMw8hAqR16eE1yJhfH4XNEZYzksSQCAiFIIW3Mb0SaTO/kK0oh/JfvUbKZ6z/jgJZ4LmiS8E5ezn6J/Jr2O52ZBqEbrqbyQZ3x1bfKEkVAAI3Y7vK2CtgMlAqhyGwYF4otlHCyl437vh7xHpg1XIvIahpPz9JnNuY4jAXlXGuk28vFrPCjH/65wFrrK4b+5kSA5mvTTcKcNp4y6DqlEAGDA5Ji+6Y3ZGYq28rWHVyVo6GWRK1+yEQghQ2Udg1CNEdTax43Bs9jpRdve1+O8VCJkA4eu52lmJpJb5sX8+5W/rgQiOstHEAPOSD+9gqqJSOTYCR+ZIjwHmYwqU6HxLkrIgfy37gGi3ppk1+tqPAXykJAFcAnx8duaHWHLrXC2N8gkUqggGKV7/4naaKaE1sVzAJmlp++Saj9MbYb7lIlvQ7jjmEL2c1JqXKy6G0QIsKEDtAFrdoVID6l8kJTjWOPtQsrnsceaXX8AVdjNkWB2tYCQQ9OYfTahjtkG4WH6WyEskYgxbAqaIzKGmBJXruIxOOXMFfdOZd6d5IsknHzNFMqvhcOW+OzDzCtC5bPblxMkdBG8mTeibo+MRvD47sEOvmc5WR5FOOc9EcJvjTvBC5MxvdTTpnxkwYTghelnEiBdzSQFlFirtbK3CJ1LTltVN0ImAjkK+rQyOG3/vR0/payLqOj7Y/+AQHUxBjfmNnVtSu86qSUdvHrB3V/4dBGz2JigA8j57ArMWYLNwrFqNq47PDUdlxt+ffN1bSDO+n8pxXdLcs2NakRrZbtIEkOf9WdhqUdVuNXVDyBPEFhz2u+vxkT1/T46UrnxNjAFXtdaABoKEg/jduEkauoImHqEe6apgheeaFpySEOhoWjSxTr6PF44847FAePkjANj/9N/odtMULJtI5X18o/gGnEsYjnr/pcrCy5LRiMOqWu5Go4N+3gnMiEjHf6ppSkTPtrORqI+TnQ40QXYPBlpQfpXvF7VsH87Vz+46PTOFYo8q3VaAAEwf2PTnfEzuzVJVfnemAL0ge1wVXpNa4cR7YeNaFaOs4zK5LABXePbB12kummK58j2SOdGiE4pBgaNPorRBkvvdS19zE991jDo5in9X0nE89UC8QD7A8QDaYh8LNEZejc9+RTVnNuxUljo9zoW0TaPA5HEqMV5lRpPu/ibloKXPbdjOISkcoF0P0YKIazraM0jVGUOjefVJyynbzmMvDZUnJj38Lg7xg2UNy3MwHeBHqs7gbyHRdK3V1buqKHyQ9kF9OGjozq/4Sangb3kTVOR+Lt8oDrCpW1GadkNoqUCnntLAZeKfc6q95OGVHqVsy8YpBiXJap5aek165dVZ3nj2Egm6gT1LXhDrnR1XWQdkmkyfouRhTCqIZ6ztTyz8Ew2Lo92wXTP9OkfnEn3sz3PT0miMxTVUfFTN7Qi9+WnTsFzEOact/49+vUnA7lzDbotETIwgmzvZaaiqH8xMiUyUJ4cRL8q9lpD2tZ4ls3q7vN7AftUVuXTL4GsaPr3B3ASUcfYco2FHigoAxGxtOJKn7QFWctB0CqPdQKw0x2MLx5Ag/0pZ+ACBm5s64gToQuiMEoT3+2/Unp+DQFVQTB0C02LthryYc06udzEKPG8rUfLo9svJcwLZSm4ceerYNh5PpxtF8QhyoPTSBSZ5DdYPLDC4Fwqxe/TRzirWPxGZA2f13W857ATZSdzomXO8pOtOB1rt0/G+fnpb/OjnYspp2/g5bxCbbos1w2pKkyNXQUSFEuxY2Z03lqMqLnKxzXtTJHh75eAclAYt6dTzmBBM15ir3Y6brKV+5F5wUwqM+g8BL+3xZDdSC2EyBm0gDuL1tT8/SbcrQppGaJYntxJm8mpClaHtEIsYfcb3X1QdAXVLby3nEstEGizbnL2KzazMp/S+tMku9Bf7irxwumYTS6QWBM+vJFRI5/7LHoplrOmFqdbQIxuN8ybXVJgqujuhvOowiu4/y4KUqZb0Lr8KJenEUIRrM1Voray8n875JTZuosYmDi7Vl7vLf5KPH4D5b7Di58qNVxYHPbyCVWNmk1CepmHQ/foOuU7HxSPUuruoytnKKu5Gd0r5AqEdrSEXvbaRb98dxaequWwaDARztfJHMt2ciy6Ygvfv/Y4kzfO/c+RIfXiIuDnGfbBAIHNYOosxIFQMPIWA1K1QqnZ0AzTBJkSfS3fQjw8q2gWA/XCWEbK9n2+zZjXSieXbiShag4JP9B5DdcFjCAsKzDzPpBUMMmwmH1092n1jJBKZP/G/SPn3zsqqj277y1KIqYF7+St1N6Wu6kkADqQZjYhSI/jCQPW8qf0gQzg8w+Ju+15isNmM0xJH1QRK3n4CS9/Z9RLefTX9RXJo+Kz+Tnhf7UVokfrAee9AlZT0THNHS6AYotzcNwkE36s4w6eD7DhyMjUrNoGL0XagVT0ueoRtcugnTGDaWQpa1MvlmWBrv2iFX+cMes0HJyDyg2h3BWGm4DIrdkIiRe8fAukLH2STVTvEmGI1oMoV8MaakHLdjyhQ+IhapBXJYUFjo7e5fdSK8Sy80mfoLRJWWpbSMORnhiVHYwSe6Gg1+0KJ5AJI8xPwosBrSzWXh46QWM9fu0fgN1yrdD1cu2jbexUyUd0H92HNPzzVV6FMCG+WvLGxEVWNWo/Qg6sZuytuGPdER9EmH23NwDFr5/85JLGOtWznQ+WdTFbNiR0EsB1yHenhD79wx0l5wOSx6ysU3wMc9VFmfCs+h7Sb3Hk1grKZzS53vpZM8YwTfloZnYbzfGU8vCKSf/S8RZMdz/eilQfedNO8eZrCfPPzXdXjZHFpNbJQccCDxtAN5H1oXFrm9zp7yIIb8B145hoqy+kNSLKWkhI9vLhQnALprf0paTRMNjHfdQydBh76h2DJivv9JlQTehVwHnWgowcgPvhPCEU7nIv2yp7+B1qqBxJPEM3JvKhONHMH1SqyqULaTENd9EN5l6cehbUCLvS4Kuke/vQSJActmzvdI2hBVznyKsYdxt9u/FgcoIncSvGqpQS2hMrlMSYrLss8RWUP+Pzz3n3cKDL1P75ibZCSZTH6YgVEEm6U+HNGol7KVh773aUTy6g7/9zkKPUCPA8ngivCJRREhZz++q5vniQ4fCcvEF6G8zKJBY6VroeDyfW14zj2g0/7SyJ1mVl09VEZ6DRLE6IaB6H6gCRzZ180sAOiaioa8WO8MByoORt7Nt30n6+7kLXopCI6BXuWcx+OF86A4/gXK7+H8vz1oxHVP/+w7dIZfZMiQHGC12FqaOIYDkp1UYwqSOtcwRHU7V+Ps2d14CRJMTBdP4yrKk4VKvIDP8+V3Omaaj4WhhLgdPZLZEJQX4aWJmaqeE7zYm4tF/qF1LoQuhTq1dIbR5UMGADN8oXUjHhsXjgngI3h9tm+LmaynRenvStdHJCyblB4JkHkJYCYRTXlDBLTwZJlL6Us1qoRCjl0PfUZbpA4KTkwReDSBPY7I1FeOLixXmzOVeSq1DDVvtJNwzQTPjfaYxgrfHDF8QCdLmC5Y+EXlxu/HMAOWiy03zYYVMR46aBZqficIJpGhyLz6AD9iZkYWdsfRFxHGnY4J23QzRF8ibEl2WiHS8pgrYl0mdvVTBRuPb0DC2GlKzwN+AVK/XVXMgKdHCzh6YPraNIdzNjyZLnZ6sCy4bRvlhWd8ftyIpI9lF4c3O/UtJYOzVrrKKik0cVJvYb2AUQRxAlS9nMFMPtZ6hOuDcCpm9UJBq362h/oijWC+xn8lT34nRKsNIx9xtKzs7PoU8TFoX2Vl/AeT7wRdkpIILJkoSdr6+U2PNw25Gii3UbsiRUF+XNkKsNGWf/xb8xPpEuA3Wmbmpm+0F2tq7nul8OWtzGepKXgV5LfUcqbwTfdUCgmFRLy0iY2prckNEmbxRbGite/DOQRPnrUqxu8soBgbZ0GT5T0Z6gP16Tvz6LzAl59u71GPbhW0aP0iETOkCqkeaEnoSqlVwSeoUzCkdwruoeLi6ZG0T+9VHRT3nieSIvSNY+CtFocQS2bXu9dhORi8TCgfovRKGyJ6k9PMPp8CpsVYlb6piRJYD0s7LtGsidNL2sOBEk2KduhLJj02N0hY1NF+RZkG86lHwUAw+6ed6C/Tl86ke/OEqoZg7f63foyi8Yuh6szztghisI3oYVIV7+oftE2AMwMf1+Spj0WE6N3xms+K7hpp/kNzMXb0YaMbNU5btD6hdlAdrTlFY0BRJ5PuKCTsM3xQI/mGyU6nXzaPBs+Dypt4U1/ZVzdmrNOyJ8VmfXi9+rOyr49dHuMWhkGHjYte6UFjwyPvKx7TWtPXv1bJ9MuZA/wjYtFrk/ABuiKEp8KBo3pBCO5i014oTtq+0ZGhwFI0o6BhFs87+qepCeeMBJa7ZhxYhEkizXHnwvYf8HKpSiec0qj3khRoql42EDsvZFVmcjii23IWzSV3/HmbebLWnQ05UpQs7+xiSBjpPgfC0ytC3qnnFVFPyb8iVI2UOZ6hHlD/36G25YtAXhiOuwpBgOAyfx+KoQ7PlU+TwvT0ZY5+6nm6G/F03HJaBITtS7FlKbD/vT+irNASwi5kphLaQJvQaqM7C234eAZHHuu9VJknuQu+h+rXzk8WgwHgITxbl7noOTGuIkwFXBYtvztUoSfF4xNG4ShdebKbzhNsyylG+VC42gJUL7hwC3/vevyna4QphpcvTRtgIMUbZrZ3j7+4C1Ino4jdteYYd3KvfnwYoz4n7cGpmgQ4oc6YqecKrVuy+w0DYPJ5mR3xKamvlvFrL2j58vigKqSUZOx3Rq7xnD7Z0hbNMxuJifEUOpUI04+fFquBXbzJSTHpxZ0Vl08mpJPoq19ejK03IDehL+083RB7I/ew07ipmk6KEkTS+Xu0vNLH3JJfAf1vRuTJq96yFWJf7ZbK0kqV+bNGpy6WuMg3lIiGeShVpUxEg5AvJp2gCuZRAdhAmlibPjJGnrP1SFLko4HjLC4c6/4A374w1mrt7xfGOsvLMzwgiqllc4UUzhX/bDmEud8pIXDDNTSS2w1Nyt59sWVOvOr97dWvFEqP4tVeqj7Ppit8qYEr6keUrjfuArWMmDCp6fUDipFFkOXAauajgFjxThW8LISemq8sUJgcW8HUfw6b7/Gl5J23yzTPmYF1wa3n1HpODXsJae5lRYlSTP1XYY6+D/IQyWhoYiKdYFM6KcrK/uyr3fSNKHUdY9XM3R8TxgEaVZ13hTZlmbhbsh2AEESLN3heekq//f0+M7ETIW9vhUH77jO+5vaoIEh7wo8yjTe7Kbc0zuhELPoHcWpO544kmegKDeHCcavf9ZNsOPmcAa/le85dUIiQDAZxaXEd5yORuQ44SJPtH5L/qhVkjVw==</xenc:CipherValue>
+            </xenc:CipherData>
+        </xenc:EncryptedData>
+        <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                           Id="_cb6151de16daa2d211f217fe935c2439"
+                           >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   >
+                <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                                 Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+                                 />
+            </xenc:EncryptionMethod>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>BxnBnHLtE1IjI9bTGDVs9EyJspS46SJrX4r3yYRdBJYawEp5AHWx6SgVB1TuU466ORIPX0HqdUvy8efOP/7gHhFlm/noKc+qToD1YSvGQ27kJdZbBJE+kcnDZpgqPHCR+fr3Nv/WfN+eZRYMlky1D8JaWFd1P6Eqi8xqY1BirHQ=</xenc:CipherValue>
+            </xenc:CipherData>
+            <xenc:ReferenceList>
+                <xenc:DataReference URI="#_35f50720fbff674d0c13517d8c1055f7" />
+            </xenc:ReferenceList>
+        </xenc:EncryptedKey>
+    </saml2:EncryptedAssertion>
+    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+        <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                            Id="_db05d5b7575e140d99f8bf45cbd9fbfb"
+                            Type="http://www.w3.org/2001/04/xmlenc#Element"
+                            >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   />
+            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"
+                                    URI="#_6c694898eaa77962e78f2a01a15db34b"
+                                    />
+            </ds:KeyInfo>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>IgD71bb6jamYDY9qLxLGcOSwucbStZTX2+3V2pyTxd4v+MsnlQxvbqPu3VW2p44FWohsvPhP16wuChrGrLOo+ji0j4ZfQ+4ktObzV1NJzlOcbF0mpfzGqIFX0x6T5lHyQssdmZXI8xLZvK8v46ZIwaCQNWs1GgfflVSvzStzfz9cBuch2ELBbrNehWtqR/UEhhlh1qLXgMmDmCczPDavtxxqSYuU4W0uQfWSNz1tWRiuUCepTJi2Z+3Qkz60Qw35VdcomQcswyooKnOUID7y4DL8XymVRK98rguDfRlI/yZszq+fQOXEfXrIS0DmSxesDP12Aulpyg4KR3dsUYke3bAr8Ag3020RV3VY04zCMm9fVa8YCUNes7QWZYwkQ69gJk9Na2Y7UdHwIBPkFKej/Ot0uALL1IXZsHnAcRL5FKUBmtzs/nf8HFqM8mXWMwZh+/wR/iruX0+89H6hIICpniDNvZI3kGBIsyHGXsRR2zOyXVflRnL9vYUedC0QAKyK36fy2niNb6nBk7xZ6340+NyWl78ollTCvY7nm6/VAOPyizOIIQUYIpP7Vo4geCH5vEd1hX4ptsCpMUe2NvnaPSX+kX8J8lgPd4f1eMG7DlKF2GYEFSQpwJbly2gkiaqVnQyhF+4IylBoZJ2zRR/JtjTvof7QRUXtScxjpnlwNz6WZdHnDiIjIfcUGj2+zIC/Qe0hQ3Oalv0JGD8kUmqD4PvPu53AUSN5aoCboE2mM2lCgPN2EQZQT1j6mFd9DRZBxSaUFUayTgAmJqavplFumrD0ZNpx+ktzP2dva5F6TVuPPMQ37n2Iq6xkMaUn58j2IL21RoLkkWpYELhntd17EBojiO/PC85QdgUi+HlD1GXJ5WgT17jIVSz0gve7TNYL4PyOr3S2/b+BSI7Ti52f7Plrksu5tNAoUhLWsYMBqf2ylkwuDugg6J+jOhXtm9wDbPDzleSn9mRzYplU64Ciq5yTC9OWGwn3ANSMsfVf1D3j+pB3fnJJv4JRbIgLjO56ypIj6I82XBx7tD4GQK4a3Oc+jvkXedhidvNBWe9ahLAn0Df4g/N+a31gZ5Nfc5xC+je5/GfhOolRMlIeh3+BaP0NnZlf3jwwYPSz2j69EizlBi2DYAJ/B/fiF9+ZqwHwEYxInS6cshG1Q4TdfV5ijgsmMr1H1Mg7UCN4fUHyuC5aoIdPyU80VSgwotLG480p0J8SNoJqhegtaKMyvWX0skI5U3eZwAiaewmtr4ngmisWNiXvmb8pmwvVGiaRErt7BqxdtDbMkfBBTNTC2myR3+fp4ehCv6+q0N0VKy8NkqpGIoHJM9NZCqWUSo4AQ5WcCdXyk9058YylBYhcKo/K7o3QI5ndALwrkAHvu8FElJezds8RwHVfEYtkOpjA9w4V0IcTs2AQM2Nanqz4gKiRgpwCyF9MF4Q8DnSKwishyAHsO0rrMjq+XCXWpFZNZoUjSeitIbuHhbgEIcEq/9OmneF4Eop57LppOXFBdQ3EpRbbAQhS1beFnGa4Dhh3/OpNfxgf8coOs2AxiG+nzlrfrLKXKk4OL1dyskbiKXDWrumIbjnEfagZWc0LDCwJjXh2oBl8oYHgI9iYLq5652gr1c/CO9MC6DCBmhwlfKAOVnNeLxwWM2LmB3wKqzQcGqohMrxCu1kDQZcId/+z4DNXEGhbfDD4drY7uXGZ1AhOVch8r2fsYM+vYJLnB3rJPTqBZXBTO++rVt6Ui++0ZLiHUkXQGe8Rl83SmGa4vGzUIob8Jq6bxrmYLJBQzteHX58MaAXiZ7effhSdlr3JPZ9tm6GfvXuwcAaBrJLsY8VYbSVbfyixvwh90fM/8Gg2o9cFBaMt1XODA4wE3bBDFmNUdbc0fpTSnE2hBxhtOaqFp430FJXBND6qSiUJn2xbxiOEoZPda9y584qAMed8lBHC7zzFIgQuw0ilYKKOg48UP86oQgeK5ELBc5hhRlfL7afJAnQijoK/60cRpZ83jiuMq+MB960vVaKAh7Yw/0cJhlbJNImG0UlMOuYr+3+UyYRESZ8guwf5Up+fhERJtNl8w/3owdC40NfXIa79XA+56c8fWMPf1dDGsroV/F/beMS2ZNVCgC4lo/Qy/GLhcAj5rXlmEX8jdvVNp8PD5GKV3E4iQNOyHkRQhYyUFgJufW/qVUvud3l5yIQNd8RmEqW/D3xB9BdoHrvn5iH4TGE6GMt3P92cArv8yb23eRvuDl2YyVTblnV+ZxRfs7fKIovUEqgK1IqUZwbrQkbN7/Kcw0dEbcL/umNZjLdR1UJMp0pHRLWPTp75I9aMgu/BCEs/rW27BZaIBOhIJMFHWHCChx7x3hMQXJzRg35G4pxMdps6Cy9UDcB5u0tn+ZlGLqwSTbkBx/k07/y4U/LgWiKeL2ajsBMTrnw4w9v1z+Zq8eh56CksexEm052OxNUqFy49qgVwEBo8ap67TCf60/NooSjq2tTwbIYu3XUJ/WVNbeZFpO2B/a1yoa7EBdJA4hvM7gFsIoy2jNLgO5Ohx/evdX0slZFyG82q1QjuGqnsHI8+Xz4D2vMnq6E/7UfqzGa0y/nO6cVTv8PtgdzJeSaVZTY2LPS25HF9FCuiKbbIz1ozZwOpi26FqyhuSrVxtEgAEK49Ym3U37HWJ5P57jKwrIw0HbXvoyI8R9o7SZJ54aeK9oW+mVA/pfxqi0kfKdcPXlrgme1fYfpcaVLY93ETvl7zHLgzKHZWcRCLzoA4jIjU9iS7NYUhvZxNTSNd2dcbSGuurhaIuQNK2vpCQ4e1udDiYFcfgKrco2O+3uOkQPpvbFC8geGsbQiie/F2wFQcg6qdnRmw/s+XkY957JxMH1+m8XJdM5J0Byu7PujdtqJduoIKiZlgsSMYmEh7s/J+89hyxN69eFpC6X7BNeYDkyfGE+iZCKvy6a6ARR11UDWj+96rZB1YVkvx04qdhrg5djhY1RoLff8THx6ohI+WJfo=</xenc:CipherValue>
+            </xenc:CipherData>
+        </xenc:EncryptedData>
+        <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                           Id="_6c694898eaa77962e78f2a01a15db34b"
+                           >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   >
+                <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                                 Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+                                 />
+            </xenc:EncryptionMethod>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>WWgxzBWoLT989XTVIiHrBBrW4BAQ4cuCkfmSVFoM1/BztSwYrslujZUoA3Iy1lTgqqQNil1RP6c7Rw2mZxz/dTCcy9hX99oRAzu/cGBDe4UnuXmN3z2oOauMaVmsOP/czf9dbJVJv76gQR3R4CVHH2kvbq563eosKGolAJMa5MU=</xenc:CipherValue>
+            </xenc:CipherData>
+            <xenc:ReferenceList>
+                <xenc:DataReference URI="#_db05d5b7575e140d99f8bf45cbd9fbfb" />
+            </xenc:ReferenceList>
+        </xenc:EncryptedKey>
+    </saml2:EncryptedAssertion>
+</saml2p:Response>

data/spec/fixtures/encrypted_assertion.xml ADDED Viewed

@@ -0,0 +1,103 @@
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                 Destination="https://samlproxy.showcase.ida.digital.cabinet-office.gov.uk:443/SAML2/SSO/Response/POST"
+                 ID="_e3e6587a-8d13-47c6-8153-18af97d0ab08"
+                 InResponseTo="_0afc9d05-a0e8-4ca8-85b6-d6096fcdd0cf"
+                 IssueInstant="2013-08-15T06:58:54.478Z"
+                 Version="2.0"
+                 xsi:type="saml2p:ResponseType"
+                 >
+    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+                  Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
+                  >http://stub_idp.acme.org/post-office/SSO/POST</saml2:Issuer>
+    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:SignedInfo>
+            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+            <ds:Reference URI="#_e3e6587a-8d13-47c6-8153-18af97d0ab08">
+                <ds:Transforms>
+                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                </ds:Transforms>
+                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+                <ds:DigestValue>2J5oHzmbC8N1UGW2hwEVT8aB0sA=</ds:DigestValue>
+            </ds:Reference>
+        </ds:SignedInfo>
+        <ds:SignatureValue>ixCjDwTs3HZulePsQBsXp7jUwZoMEXXXwYfmir/OVrvtPmDRFmONSlGMRDREAa5PxtLPCviaL5fu+W5n8L4GsiM/3VvBmVpky8PdpLsSWo9IEvapGGYJ37/3CprJhyk/5GLZLiDY6GlucJ9QDTwLliJnDz7iaUJTxnAqXsOLB8A=</ds:SignatureValue>
+    </ds:Signature>
+    <saml2p:Status xsi:type="saml2p:StatusType">
+        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"
+                           xsi:type="saml2p:StatusCodeType"
+                           />
+    </saml2p:Status>
+    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+        <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                            Id="_35f50720fbff674d0c13517d8c1055f7"
+                            Type="http://www.w3.org/2001/04/xmlenc#Element"
+                            >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   />
+            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"
+                                    URI="#_cb6151de16daa2d211f217fe935c2439"
+                                    />
+            </ds:KeyInfo>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>YXef7aTXDEmPcNzUIK0BwO9cfOR3+Ld3JIj3WKXgudfk/JogEhbqfMFHxXOr+dZI/X692fpgAPSL2/kILXjQYVpJ1BnyvgJjeTDbrw+IsbeU+Zmto1wVc8GtUjJ0HG6QhvyXqDJOdjvkpO2qgviunZiq3fKNhLY//7jLLMDuIq1mzcePJ6v0J1x6A0ZpjbMuW6KX04LA/Zl3QdfqPZXC4JLNA4eOt8VSrdAujJ9I8pUSxD6G+IEwxyisMjPBCDqW9c2bHdGmVNRzrYwbmuaZmmU3a4XuHYDeVIGbSlKJZwAzyaTTB6lqD5frALZu4AJWuIHfmcP1McYBgbCET8gMjj0r0KtaCvkb5IDDnFJO3PlvxoKLI6O57pkHwLCFTxAMDT4byYEArkroOT1dVbONj6vSAa2TPQAVvywpmK5P9UCI7nIUGtNY/1p7xw9DPnWn6YEqljAa7iuswAucisQuvVTq5uUrj+LIgGEW86UWpLhUZGlyO+wwOEQC/CA9+96fj9z4h6nHT4w3F9c3gM3yVB/z5cy2b34OtKwGxkliBlzHrN0+bKlonlL/QWWl9UAhMAfBlKJ2W0/gKtmJfiqhARL8OOEINAuTNagBJsh+z7SA5bB9otwzZ1D0EEVP7mYcY7UOhAl8bljVNQ7Hc0OLqsdh5Tr6T7pVnxYulx91GKOyO65U3rkPpVY61VRq2GQSFAmAw/9kFfNy4k3JOknRCtRYSEf0OFq8H2YZHptvMQwo3/Tb/BZLlBByzYsKhRQfLF+jz4LU0qC6xuKsFWIKirONNbuMg+H2ohvJHIGDVCvpJW08OyaocFEM+FP/qsQPB7b/ysiWyX3TNRxfVy4PrS23aPun36NRSqUSdNmsWJ/CfPJ+PWbXtdWDHJvuHm82TQqZgEQbLbrrlveNzV0VUhlBDMHsxOBobXRM+X51WYlAewbC/mvvWOovVSFTFG29Vq6pwJiMilJYy+Xf3O/7mM0MNcKxazpmjcqYd+bULsJfoLNxVyYg9gv/EG0pKDuGGK4s4w/yPX7NHdC/prBDRot29g+Qg5L9+ubottfMzcJ2yBMETLTg7JY7XB9XOfzVVikLtxPta63E5YduSOfNhkI6XMnUE5/YAx8ggrfmw1MXSWs22eoiBJYF4dW6yGR7Cef/oQOGMi6Wi27+Y7JuJKHEEgpMw8hAqR16eE1yJhfH4XNEZYzksSQCAiFIIW3Mb0SaTO/kK0oh/JfvUbKZ6z/jgJZ4LmiS8E5ezn6J/Jr2O52ZBqEbrqbyQZ3x1bfKEkVAAI3Y7vK2CtgMlAqhyGwYF4otlHCyl437vh7xHpg1XIvIahpPz9JnNuY4jAXlXGuk28vFrPCjH/65wFrrK4b+5kSA5mvTTcKcNp4y6DqlEAGDA5Ji+6Y3ZGYq28rWHVyVo6GWRK1+yEQghQ2Udg1CNEdTax43Bs9jpRdve1+O8VCJkA4eu52lmJpJb5sX8+5W/rgQiOstHEAPOSD+9gqqJSOTYCR+ZIjwHmYwqU6HxLkrIgfy37gGi3ppk1+tqPAXykJAFcAnx8duaHWHLrXC2N8gkUqggGKV7/4naaKaE1sVzAJmlp++Saj9MbYb7lIlvQ7jjmEL2c1JqXKy6G0QIsKEDtAFrdoVID6l8kJTjWOPtQsrnsceaXX8AVdjNkWB2tYCQQ9OYfTahjtkG4WH6WyEskYgxbAqaIzKGmBJXruIxOOXMFfdOZd6d5IsknHzNFMqvhcOW+OzDzCtC5bPblxMkdBG8mTeibo+MRvD47sEOvmc5WR5FOOc9EcJvjTvBC5MxvdTTpnxkwYTghelnEiBdzSQFlFirtbK3CJ1LTltVN0ImAjkK+rQyOG3/vR0/payLqOj7Y/+AQHUxBjfmNnVtSu86qSUdvHrB3V/4dBGz2JigA8j57ArMWYLNwrFqNq47PDUdlxt+ffN1bSDO+n8pxXdLcs2NakRrZbtIEkOf9WdhqUdVuNXVDyBPEFhz2u+vxkT1/T46UrnxNjAFXtdaABoKEg/jduEkauoImHqEe6apgheeaFpySEOhoWjSxTr6PF44847FAePkjANj/9N/odtMULJtI5X18o/gGnEsYjnr/pcrCy5LRiMOqWu5Go4N+3gnMiEjHf6ppSkTPtrORqI+TnQ40QXYPBlpQfpXvF7VsH87Vz+46PTOFYo8q3VaAAEwf2PTnfEzuzVJVfnemAL0ge1wVXpNa4cR7YeNaFaOs4zK5LABXePbB12kummK58j2SOdGiE4pBgaNPorRBkvvdS19zE991jDo5in9X0nE89UC8QD7A8QDaYh8LNEZejc9+RTVnNuxUljo9zoW0TaPA5HEqMV5lRpPu/ibloKXPbdjOISkcoF0P0YKIazraM0jVGUOjefVJyynbzmMvDZUnJj38Lg7xg2UNy3MwHeBHqs7gbyHRdK3V1buqKHyQ9kF9OGjozq/4Sangb3kTVOR+Lt8oDrCpW1GadkNoqUCnntLAZeKfc6q95OGVHqVsy8YpBiXJap5aek165dVZ3nj2Egm6gT1LXhDrnR1XWQdkmkyfouRhTCqIZ6ztTyz8Ew2Lo92wXTP9OkfnEn3sz3PT0miMxTVUfFTN7Qi9+WnTsFzEOact/49+vUnA7lzDbotETIwgmzvZaaiqH8xMiUyUJ4cRL8q9lpD2tZ4ls3q7vN7AftUVuXTL4GsaPr3B3ASUcfYco2FHigoAxGxtOJKn7QFWctB0CqPdQKw0x2MLx5Ag/0pZ+ACBm5s64gToQuiMEoT3+2/Unp+DQFVQTB0C02LthryYc06udzEKPG8rUfLo9svJcwLZSm4ceerYNh5PpxtF8QhyoPTSBSZ5DdYPLDC4Fwqxe/TRzirWPxGZA2f13W857ATZSdzomXO8pOtOB1rt0/G+fnpb/OjnYspp2/g5bxCbbos1w2pKkyNXQUSFEuxY2Z03lqMqLnKxzXtTJHh75eAclAYt6dTzmBBM15ir3Y6brKV+5F5wUwqM+g8BL+3xZDdSC2EyBm0gDuL1tT8/SbcrQppGaJYntxJm8mpClaHtEIsYfcb3X1QdAXVLby3nEstEGizbnL2KzazMp/S+tMku9Bf7irxwumYTS6QWBM+vJFRI5/7LHoplrOmFqdbQIxuN8ybXVJgqujuhvOowiu4/y4KUqZb0Lr8KJenEUIRrM1Voray8n875JTZuosYmDi7Vl7vLf5KPH4D5b7Di58qNVxYHPbyCVWNmk1CepmHQ/foOuU7HxSPUuruoytnKKu5Gd0r5AqEdrSEXvbaRb98dxaequWwaDARztfJHMt2ciy6Ygvfv/Y4kzfO/c+RIfXiIuDnGfbBAIHNYOosxIFQMPIWA1K1QqnZ0AzTBJkSfS3fQjw8q2gWA/XCWEbK9n2+zZjXSieXbiShag4JP9B5DdcFjCAsKzDzPpBUMMmwmH1092n1jJBKZP/G/SPn3zsqqj277y1KIqYF7+St1N6Wu6kkADqQZjYhSI/jCQPW8qf0gQzg8w+Ju+15isNmM0xJH1QRK3n4CS9/Z9RLefTX9RXJo+Kz+Tnhf7UVokfrAee9AlZT0THNHS6AYotzcNwkE36s4w6eD7DhyMjUrNoGL0XagVT0ueoRtcugnTGDaWQpa1MvlmWBrv2iFX+cMes0HJyDyg2h3BWGm4DIrdkIiRe8fAukLH2STVTvEmGI1oMoV8MaakHLdjyhQ+IhapBXJYUFjo7e5fdSK8Sy80mfoLRJWWpbSMORnhiVHYwSe6Gg1+0KJ5AJI8xPwosBrSzWXh46QWM9fu0fgN1yrdD1cu2jbexUyUd0H92HNPzzVV6FMCG+WvLGxEVWNWo/Qg6sZuytuGPdER9EmH23NwDFr5/85JLGOtWznQ+WdTFbNiR0EsB1yHenhD79wx0l5wOSx6ysU3wMc9VFmfCs+h7Sb3Hk1grKZzS53vpZM8YwTfloZnYbzfGU8vCKSf/S8RZMdz/eilQfedNO8eZrCfPPzXdXjZHFpNbJQccCDxtAN5H1oXFrm9zp7yIIb8B145hoqy+kNSLKWkhI9vLhQnALprf0paTRMNjHfdQydBh76h2DJivv9JlQTehVwHnWgowcgPvhPCEU7nIv2yp7+B1qqBxJPEM3JvKhONHMH1SqyqULaTENd9EN5l6cehbUCLvS4Kuke/vQSJActmzvdI2hBVznyKsYdxt9u/FgcoIncSvGqpQS2hMrlMSYrLss8RWUP+Pzz3n3cKDL1P75ibZCSZTH6YgVEEm6U+HNGol7KVh773aUTy6g7/9zkKPUCPA8ngivCJRREhZz++q5vniQ4fCcvEF6G8zKJBY6VroeDyfW14zj2g0/7SyJ1mVl09VEZ6DRLE6IaB6H6gCRzZ180sAOiaioa8WO8MByoORt7Nt30n6+7kLXopCI6BXuWcx+OF86A4/gXK7+H8vz1oxHVP/+w7dIZfZMiQHGC12FqaOIYDkp1UYwqSOtcwRHU7V+Ps2d14CRJMTBdP4yrKk4VKvIDP8+V3Omaaj4WhhLgdPZLZEJQX4aWJmaqeE7zYm4tF/qF1LoQuhTq1dIbR5UMGADN8oXUjHhsXjgngI3h9tm+LmaynRenvStdHJCyblB4JkHkJYCYRTXlDBLTwZJlL6Us1qoRCjl0PfUZbpA4KTkwReDSBPY7I1FeOLixXmzOVeSq1DDVvtJNwzQTPjfaYxgrfHDF8QCdLmC5Y+EXlxu/HMAOWiy03zYYVMR46aBZqficIJpGhyLz6AD9iZkYWdsfRFxHGnY4J23QzRF8ibEl2WiHS8pgrYl0mdvVTBRuPb0DC2GlKzwN+AVK/XVXMgKdHCzh6YPraNIdzNjyZLnZ6sCy4bRvlhWd8ftyIpI9lF4c3O/UtJYOzVrrKKik0cVJvYb2AUQRxAlS9nMFMPtZ6hOuDcCpm9UJBq362h/oijWC+xn8lT34nRKsNIx9xtKzs7PoU8TFoX2Vl/AeT7wRdkpIILJkoSdr6+U2PNw25Gii3UbsiRUF+XNkKsNGWf/xb8xPpEuA3Wmbmpm+0F2tq7nul8OWtzGepKXgV5LfUcqbwTfdUCgmFRLy0iY2prckNEmbxRbGite/DOQRPnrUqxu8soBgbZ0GT5T0Z6gP16Tvz6LzAl59u71GPbhW0aP0iETOkCqkeaEnoSqlVwSeoUzCkdwruoeLi6ZG0T+9VHRT3nieSIvSNY+CtFocQS2bXu9dhORi8TCgfovRKGyJ6k9PMPp8CpsVYlb6piRJYD0s7LtGsidNL2sOBEk2KduhLJj02N0hY1NF+RZkG86lHwUAw+6ed6C/Tl86ke/OEqoZg7f63foyi8Yuh6szztghisI3oYVIV7+oftE2AMwMf1+Spj0WE6N3xms+K7hpp/kNzMXb0YaMbNU5btD6hdlAdrTlFY0BRJ5PuKCTsM3xQI/mGyU6nXzaPBs+Dypt4U1/ZVzdmrNOyJ8VmfXi9+rOyr49dHuMWhkGHjYte6UFjwyPvKx7TWtPXv1bJ9MuZA/wjYtFrk/ABuiKEp8KBo3pBCO5i014oTtq+0ZGhwFI0o6BhFs87+qepCeeMBJa7ZhxYhEkizXHnwvYf8HKpSiec0qj3khRoql42EDsvZFVmcjii23IWzSV3/HmbebLWnQ05UpQs7+xiSBjpPgfC0ytC3qnnFVFPyb8iVI2UOZ6hHlD/36G25YtAXhiOuwpBgOAyfx+KoQ7PlU+TwvT0ZY5+6nm6G/F03HJaBITtS7FlKbD/vT+irNASwi5kphLaQJvQaqM7C234eAZHHuu9VJknuQu+h+rXzk8WgwHgITxbl7noOTGuIkwFXBYtvztUoSfF4xNG4ShdebKbzhNsyylG+VC42gJUL7hwC3/vevyna4QphpcvTRtgIMUbZrZ3j7+4C1Ino4jdteYYd3KvfnwYoz4n7cGpmgQ4oc6YqecKrVuy+w0DYPJ5mR3xKamvlvFrL2j58vigKqSUZOx3Rq7xnD7Z0hbNMxuJifEUOpUI04+fFquBXbzJSTHpxZ0Vl08mpJPoq19ejK03IDehL+083RB7I/ew07ipmk6KEkTS+Xu0vNLH3JJfAf1vRuTJq96yFWJf7ZbK0kqV+bNGpy6WuMg3lIiGeShVpUxEg5AvJp2gCuZRAdhAmlibPjJGnrP1SFLko4HjLC4c6/4A374w1mrt7xfGOsvLMzwgiqllc4UUzhX/bDmEud8pIXDDNTSS2w1Nyt59sWVOvOr97dWvFEqP4tVeqj7Ppit8qYEr6keUrjfuArWMmDCp6fUDipFFkOXAauajgFjxThW8LISemq8sUJgcW8HUfw6b7/Gl5J23yzTPmYF1wa3n1HpODXsJae5lRYlSTP1XYY6+D/IQyWhoYiKdYFM6KcrK/uyr3fSNKHUdY9XM3R8TxgEaVZ13hTZlmbhbsh2AEESLN3heekq//f0+M7ETIW9vhUH77jO+5vaoIEh7wo8yjTe7Kbc0zuhELPoHcWpO544kmegKDeHCcavf9ZNsOPmcAa/le85dUIiQDAZxaXEd5yORuQ44SJPtH5L/qhVkjVw==</xenc:CipherValue>
+            </xenc:CipherData>
+        </xenc:EncryptedData>
+        <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                           Id="_cb6151de16daa2d211f217fe935c2439"
+                           >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   >
+                <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                                 Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+                                 />
+            </xenc:EncryptionMethod>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>BxnBnHLtE1IjI9bTGDVs9EyJspS46SJrX4r3yYRdBJYawEp5AHWx6SgVB1TuU466ORIPX0HqdUvy8efOP/7gHhFlm/noKc+qToD1YSvGQ27kJdZbBJE+kcnDZpgqPHCR+fr3Nv/WfN+eZRYMlky1D8JaWFd1P6Eqi8xqY1BirHQ=</xenc:CipherValue>
+            </xenc:CipherData>
+            <xenc:ReferenceList>
+                <xenc:DataReference URI="#_35f50720fbff674d0c13517d8c1055f7" />
+            </xenc:ReferenceList>
+        </xenc:EncryptedKey>
+    </saml2:EncryptedAssertion>
+    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+        <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                            Id="_db05d5b7575e140d99f8bf45cbd9fbfb"
+                            Type="http://www.w3.org/2001/04/xmlenc#Element"
+                            >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   />
+            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"
+                                    URI="#_6c694898eaa77962e78f2a01a15db34b"
+                                    />
+            </ds:KeyInfo>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>IgD71bb6jamYDY9qLxLGcOSwucbStZTX2+3V2pyTxd4v+MsnlQxvbqPu3VW2p44FWohsvPhP16wuChrGrLOo+ji0j4ZfQ+4ktObzV1NJzlOcbF0mpfzGqIFX0x6T5lHyQssdmZXI8xLZvK8v46ZIwaCQNWs1GgfflVSvzStzfz9cBuch2ELBbrNehWtqR/UEhhlh1qLXgMmDmCczPDavtxxqSYuU4W0uQfWSNz1tWRiuUCepTJi2Z+3Qkz60Qw35VdcomQcswyooKnOUID7y4DL8XymVRK98rguDfRlI/yZszq+fQOXEfXrIS0DmSxesDP12Aulpyg4KR3dsUYke3bAr8Ag3020RV3VY04zCMm9fVa8YCUNes7QWZYwkQ69gJk9Na2Y7UdHwIBPkFKej/Ot0uALL1IXZsHnAcRL5FKUBmtzs/nf8HFqM8mXWMwZh+/wR/iruX0+89H6hIICpniDNvZI3kGBIsyHGXsRR2zOyXVflRnL9vYUedC0QAKyK36fy2niNb6nBk7xZ6340+NyWl78ollTCvY7nm6/VAOPyizOIIQUYIpP7Vo4geCH5vEd1hX4ptsCpMUe2NvnaPSX+kX8J8lgPd4f1eMG7DlKF2GYEFSQpwJbly2gkiaqVnQyhF+4IylBoZJ2zRR/JtjTvof7QRUXtScxjpnlwNz6WZdHnDiIjIfcUGj2+zIC/Qe0hQ3Oalv0JGD8kUmqD4PvPu53AUSN5aoCboE2mM2lCgPN2EQZQT1j6mFd9DRZBxSaUFUayTgAmJqavplFumrD0ZNpx+ktzP2dva5F6TVuPPMQ37n2Iq6xkMaUn58j2IL21RoLkkWpYELhntd17EBojiO/PC85QdgUi+HlD1GXJ5WgT17jIVSz0gve7TNYL4PyOr3S2/b+BSI7Ti52f7Plrksu5tNAoUhLWsYMBqf2ylkwuDugg6J+jOhXtm9wDbPDzleSn9mRzYplU64Ciq5yTC9OWGwn3ANSMsfVf1D3j+pB3fnJJv4JRbIgLjO56ypIj6I82XBx7tD4GQK4a3Oc+jvkXedhidvNBWe9ahLAn0Df4g/N+a31gZ5Nfc5xC+je5/GfhOolRMlIeh3+BaP0NnZlf3jwwYPSz2j69EizlBi2DYAJ/B/fiF9+ZqwHwEYxInS6cshG1Q4TdfV5ijgsmMr1H1Mg7UCN4fUHyuC5aoIdPyU80VSgwotLG480p0J8SNoJqhegtaKMyvWX0skI5U3eZwAiaewmtr4ngmisWNiXvmb8pmwvVGiaRErt7BqxdtDbMkfBBTNTC2myR3+fp4ehCv6+q0N0VKy8NkqpGIoHJM9NZCqWUSo4AQ5WcCdXyk9058YylBYhcKo/K7o3QI5ndALwrkAHvu8FElJezds8RwHVfEYtkOpjA9w4V0IcTs2AQM2Nanqz4gKiRgpwCyF9MF4Q8DnSKwishyAHsO0rrMjq+XCXWpFZNZoUjSeitIbuHhbgEIcEq/9OmneF4Eop57LppOXFBdQ3EpRbbAQhS1beFnGa4Dhh3/OpNfxgf8coOs2AxiG+nzlrfrLKXKk4OL1dyskbiKXDWrumIbjnEfagZWc0LDCwJjXh2oBl8oYHgI9iYLq5652gr1c/CO9MC6DCBmhwlfKAOVnNeLxwWM2LmB3wKqzQcGqohMrxCu1kDQZcId/+z4DNXEGhbfDD4drY7uXGZ1AhOVch8r2fsYM+vYJLnB3rJPTqBZXBTO++rVt6Ui++0ZLiHUkXQGe8Rl83SmGa4vGzUIob8Jq6bxrmYLJBQzteHX58MaAXiZ7effhSdlr3JPZ9tm6GfvXuwcAaBrJLsY8VYbSVbfyixvwh90fM/8Gg2o9cFBaMt1XODA4wE3bBDFmNUdbc0fpTSnE2hBxhtOaqFp430FJXBND6qSiUJn2xbxiOEoZPda9y584qAMed8lBHC7zzFIgQuw0ilYKKOg48UP86oQgeK5ELBc5hhRlfL7afJAnQijoK/60cRpZ83jiuMq+MB960vVaKAh7Yw/0cJhlbJNImG0UlMOuYr+3+UyYRESZ8guwf5Up+fhERJtNl8w/3owdC40NfXIa79XA+56c8fWMPf1dDGsroV/F/beMS2ZNVCgC4lo/Qy/GLhcAj5rXlmEX8jdvVNp8PD5GKV3E4iQNOyHkRQhYyUFgJufW/qVUvud3l5yIQNd8RmEqW/D3xB9BdoHrvn5iH4TGE6GMt3P92cArv8yb23eRvuDl2YyVTblnV+ZxRfs7fKIovUEqgK1IqUZwbrQkbN7/Kcw0dEbcL/umNZjLdR1UJMp0pHRLWPTp75I9aMgu/BCEs/rW27BZaIBOhIJMFHWHCChx7x3hMQXJzRg35G4pxMdps6Cy9UDcB5u0tn+ZlGLqwSTbkBx/k07/y4U/LgWiKeL2ajsBMTrnw4w9v1z+Zq8eh56CksexEm052OxNUqFy49qgVwEBo8ap67TCf60/NooSjq2tTwbIYu3XUJ/WVNbeZFpO2B/a1yoa7EBdJA4hvM7gFsIoy2jNLgO5Ohx/evdX0slZFyG82q1QjuGqnsHI8+Xz4D2vMnq6E/7UfqzGa0y/nO6cVTv8PtgdzJeSaVZTY2LPS25HF9FCuiKbbIz1ozZwOpi26FqyhuSrVxtEgAEK49Ym3U37HWJ5P57jKwrIw0HbXvoyI8R9o7SZJ54aeK9oW+mVA/pfxqi0kfKdcPXlrgme1fYfpcaVLY93ETvl7zHLgzKHZWcRCLzoA4jIjU9iS7NYUhvZxNTSNd2dcbSGuurhaIuQNK2vpCQ4e1udDiYFcfgKrco2O+3uOkQPpvbFC8geGsbQiie/F2wFQcg6qdnRmw/s+XkY957JxMH1+m8XJdM5J0Byu7PujdtqJduoIKiZlgsSMYmEh7s/J+89hyxN69eFpC6X7BNeYDkyfGE+iZCKvy6a6ARR11UDWj+96rZB1YVkvx04qdhrg5djhY1RoLff8THx6ohI+WJfo=</xenc:CipherValue>
+            </xenc:CipherData>
+        </xenc:EncryptedData>
+        <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                           Id="_6c694898eaa77962e78f2a01a15db34b"
+                           >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   >
+                <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                                 Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+                                 />
+            </xenc:EncryptionMethod>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>WWgxzBWoLT989XTVIiHrBBrW4BAQ4cuCkfmSVFoM1/BztSwYrslujZUoA3Iy1lTgqqQNil1RP6c7Rw2mZxz/dTCcy9hX99oRAzu/cGBDe4UnuXmN3z2oOauMaVmsOP/czf9dbJVJv76gQR3R4CVHH2kvbq563eosKGolAJMa5MU=</xenc:CipherValue>
+            </xenc:CipherData>
+            <xenc:ReferenceList>
+                <xenc:DataReference URI="#_db05d5b7575e140d99f8bf45cbd9fbfb" />
+            </xenc:ReferenceList>
+        </xenc:EncryptedKey>
+    </saml2:EncryptedAssertion>
+</saml2p:Response>

data/spec/fixtures/keysncerts/post-office.pk8 ADDED Viewed

Binary file

data/spec/lib/xmldsig_spec.rb CHANGED Viewed

@@ -42,6 +42,17 @@ describe Xmldsig do
         end
       end
     end
+    Dir["spec/fixtures/signed/*.xml"].each do |document|
+      describe "#{document}" do
+        let(:signed_document) { Xmldsig::SignedDocument.new(File.read(document)) }
+        let(:certificate) { OpenSSL::X509::Certificate.new(File.read(document.gsub('.xml', '.cert'))) }
+        it "should be validateable" do
+          signed_document.validate(certificate).should be_true
+        end
+      end
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,20 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: xmldsig
 version: !ruby/object:Gem::Version
-  version: 0.2.2
-  prerelease:
+  version: 0.2.3
 platform: ruby
 authors:
 - benoist
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-08-03 00:00:00.000000000 Z
+date: 2013-11-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -36,13 +33,14 @@ extra_rdoc_files: []
 files:
 - .gitignore
 - .rspec
-- .travis.yaml
+- .travis.yml
 - CHANGELOG.md
 - Gemfile
 - Guardfile
 - LICENSE
 - README.md
 - Rakefile
+- decrypt.rb
 - lib/xmldsig.rb
 - lib/xmldsig/canonicalizer.rb
 - lib/xmldsig/reference.rb
@@ -53,10 +51,15 @@ files:
 - lib/xmldsig/transforms/enveloped_signature.rb
 - lib/xmldsig/transforms/transform.rb
 - lib/xmldsig/version.rb
+- rsa_ext.rb
 - signing_service.rb
 - spec/fixtures/certificate.cer
 - spec/fixtures/certificate2.cer
+- spec/fixtures/doc-plain.xml
+- spec/fixtures/encryptedResponse.xml
+- spec/fixtures/encrypted_assertion.xml
 - spec/fixtures/key.pem
+- spec/fixtures/keysncerts/post-office.pk8
 - spec/fixtures/signed.xml
 - spec/fixtures/signed/ideal.cert
 - spec/fixtures/signed/ideal.txt
@@ -81,32 +84,35 @@ files:
 - xmldsig.gemspec
 homepage: https://github.com/benoist/xmldsig
 licenses: []
+metadata: {}
 post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 1.8.25
+rubygems_version: 2.0.7
 signing_key:
-specification_version: 3
+specification_version: 4
 summary: This gem is a (partial) implementation of the XMLDsig specification (http://www.w3.org/TR/xmldsig-core)
 test_files:
 - spec/fixtures/certificate.cer
 - spec/fixtures/certificate2.cer
+- spec/fixtures/doc-plain.xml
+- spec/fixtures/encryptedResponse.xml
+- spec/fixtures/encrypted_assertion.xml
 - spec/fixtures/key.pem
+- spec/fixtures/keysncerts/post-office.pk8
 - spec/fixtures/signed.xml
 - spec/fixtures/signed/ideal.cert
 - spec/fixtures/signed/ideal.txt