RubyGems - xmldsig - Versions diffs - 0.2.2 → 0.2.3 - Mend

xmldsig 0.2.2 → 0.2.3

Files changed (12) hide show

checksums.yaml +15 -0
data/{.travis.yaml → .travis.yml} +1 -2
data/decrypt.rb +85 -0
data/lib/xmldsig/signed_document.rb +2 -2
data/lib/xmldsig/version.rb +1 -1
data/rsa_ext.rb +116 -0
data/spec/fixtures/doc-plain.xml +9 -0
data/spec/fixtures/encryptedResponse.xml +103 -0
data/spec/fixtures/encrypted_assertion.xml +103 -0
data/spec/fixtures/keysncerts/post-office.pk8 +0 -0
data/spec/lib/xmldsig_spec.rb +11 -0
metadata +16 -10

checksums.yaml ADDED Viewed

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    NzYzM2U2MTA3OGEwYzAzZmJiZDNlNDc0N2FmMWE5NjY1YWFjNGJmZA==
+  data.tar.gz: !binary |-
+    ZWRlM2JmYTI3YzNiODMwYjM0MTgwZWI1YTIzYjkwNjAzYWNiYmRjZg==
+!binary "U0hBNTEy":
+  metadata.gz: !binary |-
+    Y2I3ODgyY2M0M2UwMGZhNzAwNDU0M2Q5NTQyODYyOTEyNTVmZTVjMjNjMDI2
+    NGFiZjI3YzY4YTQ3ZjNmN2FjMDQyNmJjODMyYzlmOTYyYTQzZGJjMzhhOTAw
+    OWI4ODExMGM3MGUxYzZjODc4NWU2OTZiZjA0YzYyNDU1MmZlOGQ=
+  data.tar.gz: !binary |-
+    MzE2NjBjYmE3MGY0ZmFiZDQ3Njg0ZGVkMDhhZjdkM2MwYTk3NDc0OGE3ZDk4
+    MDM1MjNlMDk1OGY4ODU2NzJlMDc5MWJiNWQ1NDFiNjExYzNjMTYzYTJmYmIy
+    ZmRjNjMwNjRhOWMyMzlmYzAxZTcwM2RhYTgxMzlkNDQ3NWExMzE=

data/{.travis.yaml → .travis.yml} RENAMED Viewed

@@ -1,5 +1,4 @@
 language: ruby
 rvm:
+  - 2.0.0
   - 1.9.3
-  - 1.8.7
-  - ree

data/decrypt.rb ADDED Viewed

@@ -0,0 +1,85 @@
+require 'openssl'
+require 'base64'
+require 'nokogiri'
+require 'securerandom'
+xml         = File.read('spec/fixtures/encryptedResponse.xml')
+private_key = OpenSSL::PKey::RSA.new File.read('spec/fixtures/keysncerts/userkey.pem'), 'hello'
+cv  = Base64.decode64 "YYq0hkSXofEEiiZ2LdCx8M/yvR0P+G4U510Bqkg4E3YoApqPJinqmOlNU7x/MChZp23zWHJqS4fH0VtK5ZT8gToEwbKQ/DsjYFQXVCRHxjrRp0Mfrvj89bTpivA3TPdVXhS80MFqtd7NfKEQSI4roJY9JgDvn45j77oXurr6h1c="
+cv2 = Base64.decode64 "TQzLeeCNG8y8+C1XpC7ZNtvrCyIOl7e4b1zOUwARlbmiIC1YIUHl38uhAkw0B7+BNZ9inafH2RyWO8MH5XSs4O7cyLkNJXETmc1CFozTa2J4DWLqDOByyT0LqlGir80PjfCeOnSFsLR9SCnvJpcpuEseRHfXnotnMpP1fQFiSheKGEb/oXn9feVxqlvBOOK0VHxFqis0Cb4KYsQWu0DiujBZQMj+tKNnnodb6jNwKcR4JDNda2JwWxXs0hViumO/2AC+YhAoiVBwPH2rXBv+yXkQcI0y8u+B9fYSoZ2pNXk="
+key = private_key.private_decrypt(cv)
+cipher = OpenSSL::Cipher::Cipher.new('des-ede3-cbc')
+cipher.decrypt
+cipher.padding = 0
+cipher.key     = key
+cipher.iv      = cv2[0..8]
+out = cipher.update(cv2[8..-1])
+out << cipher.final
+puts out.inspect
+out = out[0...-out.bytes.to_a.last]
+cipher.encrypt
+cipher.padding = 0
+cipher.key = key
+cipher.iv = cv2[0..8]
+padding_length = (out.length % 8)
+padding = SecureRandom.random_bytes(padding_length -1) + padding_length.chr
+puts padding.inspect
+out = cipher.update(out + padding)
+out << cipher.final
+cv2 = out
+key = private_key.private_decrypt(cv)
+cipher = OpenSSL::Cipher::Cipher.new('des-ede3-cbc')
+cipher.decrypt
+cipher.padding = 0
+cipher.key     = key
+cipher.iv      = cv2[0..8]
+out = cipher.update(cv2[8..-1])
+out << cipher.final
+puts out.inspect
+out = out[0...-out.bytes.to_a.last]
+puts out.inspect
+#doc = Nokogiri::XML::Document.parse(xml)
+#
+#wrapped_key = Base64.decode64('BxnBnHLtE1IjI9bTGDVs9EyJspS46SJrX4r3yYRdBJYawEp5AHWx6SgVB1TuU466ORIPX0HqdUvy8efOP/7gHhFlm/noKc+qToD1YSvGQ27kJdZbBJE+kcnDZpgqPHCR+fr3Nv/WfN+eZRYMlky1D8JaWFd1P6Eqi8xqY1BirHQ=')
+#
+#private_key = OpenSSL::PKey::RSA.new File.read('spec/fixtures/post-office.pem')
+#key = private_key.private_decrypt(wrapped_key, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+#
+#bytes = Base64.decode64(c2).unpack('C*')
+#puts key.inspect
+#
+#iv     = bytes.pack('c16')
+#others = bytes.pack('c16X16c*')
+#
+#cipher = OpenSSL::Cipher.new('aes-128-cbc')
+#cipher.decrypt
+#cipher.iv  = Base64.decode64(c2)[0..15]
+#cipher.key = key
+#
+#out = cipher.update(others)
+#
+#The encrypted string's length might not be a multiple of the block
+#length of aes-128-cbc (16), so add in another block and then trim
+#off the padding. More info about padding is available at
+#http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html in
+#Section 5.2
+#puts out << cipher.update("\x00" * 16)
+#puts out[0...(-out.bytes.to_a.last)]
+#

data/lib/xmldsig/signed_document.rb CHANGED Viewed

@@ -10,9 +10,9 @@ module Xmldsig
       signatures.any? && signatures.all? { |signature| signature.valid?(certificate, &block) }
     end
-    def sign(private_key = nil, &block)
+    def sign(private_key = nil, instruct = true, &block)
       signatures.each { |signature| signature.sign(private_key, &block) }
-      @document.to_s
+      instruct ? @document.to_s : @document.root.to_s
     end
     def signed_nodes

data/lib/xmldsig/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Xmldsig
-  VERSION = '0.2.2'
+  VERSION = '0.2.3'
 end

data/rsa_ext.rb ADDED Viewed

@@ -0,0 +1,116 @@
+require 'digest/sha1'
+require 'rsa'
+module RSA
+  module OAEP
+    extend self
+    # Represents an error that occurs during decoding when using
+    # RSA::OAEP.decode or RSA::OAEP.eme_decode. There is one argument which is
+    # a brief message detailing the error
+    class DecodeError < StandardError; end
+    # The algorithms below need the HLEN variable. This is the length of the
+    # hashes generated by the hashing function. For now, this only supports SHA1
+    # as the hashing function, and this has a hash length of 20
+    HLEN = 20
+    # Performs the rsa-oaep-mgf1 decrypt algorithm. This is specified in section
+    # 7.1.2 of http://www.ietf.org/rfc/rfc2437.txt.
+    #
+    # This implementation assumes that the sha1 hashing algorithm was used.
+    #
+    # @param [RSA::Key] k the private key whose public key was used to
+    #        encrypt the data
+    # @param [String] c a string of raw bytes representing the text to be
+    #        decoded
+    # @param [String] p the options which were used in the original encoding of
+    #        the string. By default this is the empty string.
+    #
+    # @return [String] the decoded string of bytes
+    # @raise [DecodeError] If decoding cannot occur, an error is raised
+    def decode k, c, p = ''
+      # First, generate how many bytes the key's modulus is
+      n = k.modulus
+      bytes = 0
+      while n > 0
+        bytes += 1
+        n /= 2
+      end
+      bytes /= 8
+      raise DecodeError, 'input is wrong length!' unless c.length == bytes
+      puts [c, bytes].inspect
+      enc = RSA::PKCS1.os2ip c
+      m   = RSA::PKCS1.rsadp k, enc
+      em  = RSA::PKCS1.i2osp m, bytes - 1
+      eme_decode em, p
+    end
+    # Decodes the encrypted message as specified by the algorithm listed on
+    # http://www.ietf.org/rfc/rfc2437.txt in section 9.1.1.2
+    #
+    # @param [String] em the encoded message that needs to be decoded
+    # @param [String] p the flags used in the original encoding scheme.
+    #
+    # @return [String] the decoded byte string of the supplied message
+    # @raise [DecodeError] if decoding goes awry or the message does not pass
+    #        sanity checks during decoding
+    def eme_decode em, p = ''
+      raise DecodeError, 'message is too short!' if em.length < HLEN * 2 + 1
+      maskedSeed = em[0...HLEN]
+      maskedDB   = em[HLEN..-1]
+      seedMask   = mgf1 maskedDB, HLEN
+      seed       = xor maskedSeed, seedMask
+      dbMask     = mgf1 seed, em.size - HLEN
+      db         = xor maskedDB, dbMask
+      pHash      = Digest::SHA1.digest p
+      ind = db.index("\x01", HLEN)
+      raise DecodeError, 'message is invalid!' if ind.nil?
+      pHash2 = db[0...HLEN]
+      ps     = db[HLEN...ind]
+      m      = db[(ind + 1)..-1]
+      raise DecodeError, 'message is invalid!' unless ps.bytes.all?(&:zero?)
+      raise DecodeError, "specified p = #{p.inspect} is wrong!" unless pHash2 == pHash
+      m
+    end
+    # Defined in seciton 10.2.1 of http://www.ietf.org/rfc/rfc2437.txt, this
+    # is the mask generation function used in the eme_decode function
+    #
+    # @param [String] z this is the seed which the mask function runs off of
+    # @param [Integer] l the desired length of the resultant hash
+    #
+    # @return [String] the mask generated
+    def mgf1 z, l
+      t = ''
+      (0..(l / HLEN)).each{ |i|
+        t += Digest::SHA1.digest(z + RSA::PKCS1.i2osp(i, 4))
+      }
+      t[0...l]
+    end
+    private
+    def xor s1, s2
+      b1 = s1.unpack('c*')
+      b2 = s2.unpack('c*')
+      if b1.length != b2.length
+        raise DecodeError, 'cannot xor strings of different lengths!'
+      end
+      b1.zip(b2).map{ |a, b| a ^ b }.pack('c*')
+    end
+  end
+end

data/spec/fixtures/doc-plain.xml ADDED Viewed

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<PayInfo>
+  <Name>John Smith</Name>
+  <CreditCard Limit='2,000' Currency='USD'>
+    <Number>1076 2478 0678 5589</Number>
+    <Issuer>CitiBank</Issuer>
+    <Expiration>06/10</Expiration>
+  </CreditCard>
+</PayInfo>

data/spec/fixtures/encryptedResponse.xml ADDED Viewed

@@ -0,0 +1,103 @@
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                 Destination="https://samlproxy.showcase.ida.digital.cabinet-office.gov.uk:443/SAML2/SSO/Response/POST"
+                 ID="_e3e6587a-8d13-47c6-8153-18af97d0ab08"
+                 InResponseTo="_0afc9d05-a0e8-4ca8-85b6-d6096fcdd0cf"
+                 IssueInstant="2013-08-15T06:58:54.478Z"
+                 Version="2.0"
+                 xsi:type="saml2p:ResponseType"
+                 >
+    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+                  Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
+                  >http://stub_idp.acme.org/post-office/SSO/POST</saml2:Issuer>
+    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:SignedInfo>
+            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+            <ds:Reference URI="#_e3e6587a-8d13-47c6-8153-18af97d0ab08">
+                <ds:Transforms>
+                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                </ds:Transforms>
+                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+                <ds:DigestValue>2J5oHzmbC8N1UGW2hwEVT8aB0sA=</ds:DigestValue>
+            </ds:Reference>
+        </ds:SignedInfo>
+        <ds:SignatureValue>ixCjDwTs3HZulePsQBsXp7jUwZoMEXXXwYfmir/OVrvtPmDRFmONSlGMRDREAa5PxtLPCviaL5fu+W5n8L4GsiM/3VvBmVpky8PdpLsSWo9IEvapGGYJ37/3CprJhyk/5GLZLiDY6GlucJ9QDTwLliJnDz7iaUJTxnAqXsOLB8A=</ds:SignatureValue>
+    </ds:Signature>
+    <saml2p:Status xsi:type="saml2p:StatusType">
+        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"
+                           xsi:type="saml2p:StatusCodeType"
+                           />
+    </saml2p:Status>
+    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+        <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                            Id="_35f50720fbff674d0c13517d8c1055f7"
+                            Type="http://www.w3.org/2001/04/xmlenc#Element"
+                            >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   />
+            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"
+                                    URI="#_cb6151de16daa2d211f217fe935c2439"
+                                    />
+            </ds:KeyInfo>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>YXef7aTXDEmPcNzUIK0BwO9cfOR3+Ld3JIj3WKXgudfk/JogEhbqfMFHxXOr+dZI/X692fpgAPSL2/kILXjQYVpJ1BnyvgJjeTDbrw+IsbeU+Zmto1wVc8GtUjJ0HG6QhvyXqDJOdjvkpO2qgviunZiq3fKNhLY//7jLLMDuIq1mzcePJ6v0J1x6A0ZpjbMuW6KX04LA/Zl3QdfqPZXC4JLNA4eOt8VSrdAujJ9I8pUSxD6G+IEwxyisMjPBCDqW9c2bHdGmVNRzrYwbmuaZmmU3a4XuHYDeVIGbSlKJZwAzyaTTB6lqD5frALZu4AJWuIHfmcP1McYBgbCET8gMjj0r0KtaCvkb5IDDnFJO3PlvxoKLI6O57pkHwLCFTxAMDT4byYEArkroOT1dVbONj6vSAa2TPQAVvywpmK5P9UCI7nIUGtNY/1p7xw9DPnWn6YEqljAa7iuswAucisQuvVTq5uUrj+LIgGEW86UWpLhUZGlyO+wwOEQC/CA9+96fj9z4h6nHT4w3F9c3gM3yVB/z5cy2b34OtKwGxkliBlzHrN0+bKlonlL/QWWl9UAhMAfBlKJ2W0/gKtmJfiqhARL8OOEINAuTNagBJsh+z7SA5bB9otwzZ1D0EEVP7mYcY7UOhAl8bljVNQ7Hc0OLqsdh5Tr6T7pVnxYulx91GKOyO65U3rkPpVY61VRq2GQSFAmAw/9kFfNy4k3JOknRCtRYSEf0OFq8H2YZHptvMQwo3/Tb/BZLlBByzYsKhRQfLF+jz4LU0qC6xuKsFWIKirONNbuMg+H2ohvJHIGDVCvpJW08OyaocFEM+FP/qsQPB7b/ysiWyX3TNRxfVy4PrS23aPun36NRSqUSdNmsWJ/CfPJ+PWbXtdWDHJvuHm82TQqZgEQbLbrrlveNzV0VUhlBDMHsxOBobXRM+X51WYlAewbC/mvvWOovVSFTFG29Vq6pwJiMilJYy+Xf3O/7mM0MNcKxazpmjcqYd+bULsJfoLNxVyYg9gv/EG0pKDuGGK4s4w/yPX7NHdC/prBDRot29g+Qg5L9+ubottfMzcJ2yBMETLTg7JY7XB9XOfzVVikLtxPta63E5YduSOfNhkI6XMnUE5/YAx8ggrfmw1MXSWs22eoiBJYF4dW6yGR7Cef/oQOGMi6Wi27+Y7JuJKHEEgpMw8hAqR16eE1yJhfH4XNEZYzksSQCAiFIIW3Mb0SaTO/kK0oh/JfvUbKZ6z/jgJZ4LmiS8E5ezn6J/Jr2O52ZBqEbrqbyQZ3x1bfKEkVAAI3Y7vK2CtgMlAqhyGwYF4otlHCyl437vh7xHpg1XIvIahpPz9JnNuY4jAXlXGuk28vFrPCjH/65wFrrK4b+5kSA5mvTTcKcNp4y6DqlEAGDA5Ji+6Y3ZGYq28rWHVyVo6GWRK1+yEQghQ2Udg1CNEdTax43Bs9jpRdve1+O8VCJkA4eu52lmJpJb5sX8+5W/rgQiOstHEAPOSD+9gqqJSOTYCR+ZIjwHmYwqU6HxLkrIgfy37gGi3ppk1+tqPAXykJAFcAnx8duaHWHLrXC2N8gkUqggGKV7/4naaKaE1sVzAJmlp++Saj9MbYb7lIlvQ7jjmEL2c1JqXKy6G0QIsKEDtAFrdoVID6l8kJTjWOPtQsrnsceaXX8AVdjNkWB2tYCQQ9OYfTahjtkG4WH6WyEskYgxbAqaIzKGmBJXruIxOOXMFfdOZd6d5IsknHzNFMqvhcOW+OzDzCtC5bPblxMkdBG8mTeibo+MRvD47sEOvmc5WR5FOOc9EcJvjTvBC5MxvdTTpnxkwYTghelnEiBdzSQFlFirtbK3CJ1LTltVN0ImAjkK+rQyOG3/vR0/payLqOj7Y/+AQHUxBjfmNnVtSu86qSUdvHrB3V/4dBGz2JigA8j57ArMWYLNwrFqNq47PDUdlxt+ffN1bSDO+n8pxXdLcs2NakRrZbtIEkOf9WdhqUdVuNXVDyBPEFhz2u+vxkT1/T46UrnxNjAFXtdaABoKEg/jduEkauoImHqEe6apgheeaFpySEOhoWjSxTr6PF44847FAePkjANj/9N/odtMULJtI5X18o/gGnEsYjnr/pcrCy5LRiMOqWu5Go4N+3gnMiEjHf6ppSkTPtrORqI+TnQ40QXYPBlpQfpXvF7VsH87Vz+46PTOFYo8q3VaAAEwf2PTnfEzuzVJVfnemAL0ge1wVXpNa4cR7YeNaFaOs4zK5LABXePbB12kummK58j2SOdGiE4pBgaNPorRBkvvdS19zE991jDo5in9X0nE89UC8QD7A8QDaYh8LNEZejc9+RTVnNuxUljo9zoW0TaPA5HEqMV5lRpPu/ibloKXPbdjOISkcoF0P0YKIazraM0jVGUOjefVJyynbzmMvDZUnJj38Lg7xg2UNy3MwHeBHqs7gbyHRdK3V1buqKHyQ9kF9OGjozq/4Sangb3kTVOR+Lt8oDrCpW1GadkNoqUCnntLAZeKfc6q95OGVHqVsy8YpBiXJap5aek165dVZ3nj2Egm6gT1LXhDrnR1XWQdkmkyfouRhTCqIZ6ztTyz8Ew2Lo92wXTP9OkfnEn3sz3PT0miMxTVUfFTN7Qi9+WnTsFzEOact/49+vUnA7lzDbotETIwgmzvZaaiqH8xMiUyUJ4cRL8q9lpD2tZ4ls3q7vN7AftUVuXTL4GsaPr3B3ASUcfYco2FHigoAxGxtOJKn7QFWctB0CqPdQKw0x2MLx5Ag/0pZ+ACBm5s64gToQuiMEoT3+2/Unp+DQFVQTB0C02LthryYc06udzEKPG8rUfLo9svJcwLZSm4ceerYNh5PpxtF8QhyoPTSBSZ5DdYPLDC4Fwqxe/TRzirWPxGZA2f13W857ATZSdzomXO8pOtOB1rt0/G+fnpb/OjnYspp2/g5bxCbbos1w2pKkyNXQUSFEuxY2Z03lqMqLnKxzXtTJHh75eAclAYt6dTzmBBM15ir3Y6brKV+5F5wUwqM+g8BL+3xZDdSC2EyBm0gDuL1tT8/SbcrQppGaJYntxJm8mpClaHtEIsYfcb3X1QdAXVLby3nEstEGizbnL2KzazMp/S+tMku9Bf7irxwumYTS6QWBM+vJFRI5/7LHoplrOmFqdbQIxuN8ybXVJgqujuhvOowiu4/y4KUqZb0Lr8KJenEUIRrM1Voray8n875JTZuosYmDi7Vl7vLf5KPH4D5b7Di58qNVxYHPbyCVWNmk1CepmHQ/foOuU7HxSPUuruoytnKKu5Gd0r5AqEdrSEXvbaRb98dxaequWwaDARztfJHMt2ciy6Ygvfv/Y4kzfO/c+RIfXiIuDnGfbBAIHNYOosxIFQMPIWA1K1QqnZ0AzTBJkSfS3fQjw8q2gWA/XCWEbK9n2+zZjXSieXbiShag4JP9B5DdcFjCAsKzDzPpBUMMmwmH1092n1jJBKZP/G/SPn3zsqqj277y1KIqYF7+St1N6Wu6kkADqQZjYhSI/jCQPW8qf0gQzg8w+Ju+15isNmM0xJH1QRK3n4CS9/Z9RLefTX9RXJo+Kz+Tnhf7UVokfrAee9AlZT0THNHS6AYotzcNwkE36s4w6eD7DhyMjUrNoGL0XagVT0ueoRtcugnTGDaWQpa1MvlmWBrv2iFX+cMes0HJyDyg2h3BWGm4DIrdkIiRe8fAukLH2STVTvEmGI1oMoV8MaakHLdjyhQ+IhapBXJYUFjo7e5fdSK8Sy80mfoLRJWWpbSMORnhiVHYwSe6Gg1+0KJ5AJI8xPwosBrSzWXh46QWM9fu0fgN1yrdD1cu2jbexUyUd0H92HNPzzVV6FMCG+WvLGxEVWNWo/Qg6sZuytuGPdER9EmH23NwDFr5/85JLGOtWznQ+WdTFbNiR0EsB1yHenhD79wx0l5wOSx6ysU3wMc9VFmfCs+h7Sb3Hk1grKZzS53vpZM8YwTfloZnYbzfGU8vCKSf/S8RZMdz/eilQfedNO8eZrCfPPzXdXjZHFpNbJQccCDxtAN5H1oXFrm9zp7yIIb8B145hoqy+kNSLKWkhI9vLhQnALprf0paTRMNjHfdQydBh76h2DJivv9JlQTehVwHnWgowcgPvhPCEU7nIv2yp7+B1qqBxJPEM3JvKhONHMH1SqyqULaTENd9EN5l6cehbUCLvS4Kuke/vQSJActmzvdI2hBVznyKsYdxt9u/FgcoIncSvGqpQS2hMrlMSYrLss8RWUP+Pzz3n3cKDL1P75ibZCSZTH6YgVEEm6U+HNGol7KVh773aUTy6g7/9zkKPUCPA8ngivCJRREhZz++q5vniQ4fCcvEF6G8zKJBY6VroeDyfW14zj2g0/7SyJ1mVl09VEZ6DRLE6IaB6H6gCRzZ180sAOiaioa8WO8MByoORt7Nt30n6+7kLXopCI6BXuWcx+OF86A4/gXK7+H8vz1oxHVP/+w7dIZfZMiQHGC12FqaOIYDkp1UYwqSOtcwRHU7V+Ps2d14CRJMTBdP4yrKk4VKvIDP8+V3Omaaj4WhhLgdPZLZEJQX4aWJmaqeE7zYm4tF/qF1LoQuhTq1dIbR5UMGADN8oXUjHhsXjgngI3h9tm+LmaynRenvStdHJCyblB4JkHkJYCYRTXlDBLTwZJlL6Us1qoRCjl0PfUZbpA4KTkwReDSBPY7I1FeOLixXmzOVeSq1DDVvtJNwzQTPjfaYxgrfHDF8QCdLmC5Y+EXlxu/HMAOWiy03zYYVMR46aBZqficIJpGhyLz6AD9iZkYWdsfRFxHGnY4J23QzRF8ibEl2WiHS8pgrYl0mdvVTBRuPb0DC2GlKzwN+AVK/XVXMgKdHCzh6YPraNIdzNjyZLnZ6sCy4bRvlhWd8ftyIpI9lF4c3O/UtJYOzVrrKKik0cVJvYb2AUQRxAlS9nMFMPtZ6hOuDcCpm9UJBq362h/oijWC+xn8lT34nRKsNIx9xtKzs7PoU8TFoX2Vl/AeT7wRdkpIILJkoSdr6+U2PNw25Gii3UbsiRUF+XNkKsNGWf/xb8xPpEuA3Wmbmpm+0F2tq7nul8OWtzGepKXgV5LfUcqbwTfdUCgmFRLy0iY2prckNEmbxRbGite/DOQRPnrUqxu8soBgbZ0GT5T0Z6gP16Tvz6LzAl59u71GPbhW0aP0iETOkCqkeaEnoSqlVwSeoUzCkdwruoeLi6ZG0T+9VHRT3nieSIvSNY+CtFocQS2bXu9dhORi8TCgfovRKGyJ6k9PMPp8CpsVYlb6piRJYD0s7LtGsidNL2sOBEk2KduhLJj02N0hY1NF+RZkG86lHwUAw+6ed6C/Tl86ke/OEqoZg7f63foyi8Yuh6szztghisI3oYVIV7+oftE2AMwMf1+Spj0WE6N3xms+K7hpp/kNzMXb0YaMbNU5btD6hdlAdrTlFY0BRJ5PuKCTsM3xQI/mGyU6nXzaPBs+Dypt4U1/ZVzdmrNOyJ8VmfXi9+rOyr49dHuMWhkGHjYte6UFjwyPvKx7TWtPXv1bJ9MuZA/wjYtFrk/ABuiKEp8KBo3pBCO5i014oTtq+0ZGhwFI0o6BhFs87+qepCeeMBJa7ZhxYhEkizXHnwvYf8HKpSiec0qj3khRoql42EDsvZFVmcjii23IWzSV3/HmbebLWnQ05UpQs7+xiSBjpPgfC0ytC3qnnFVFPyb8iVI2UOZ6hHlD/36G25YtAXhiOuwpBgOAyfx+KoQ7PlU+TwvT0ZY5+6nm6G/F03HJaBITtS7FlKbD/vT+irNASwi5kphLaQJvQaqM7C234eAZHHuu9VJknuQu+h+rXzk8WgwHgITxbl7noOTGuIkwFXBYtvztUoSfF4xNG4ShdebKbzhNsyylG+VC42gJUL7hwC3/vevyna4QphpcvTRtgIMUbZrZ3j7+4C1Ino4jdteYYd3KvfnwYoz4n7cGpmgQ4oc6YqecKrVuy+w0DYPJ5mR3xKamvlvFrL2j58vigKqSUZOx3Rq7xnD7Z0hbNMxuJifEUOpUI04+fFquBXbzJSTHpxZ0Vl08mpJPoq19ejK03IDehL+083RB7I/ew07ipmk6KEkTS+Xu0vNLH3JJfAf1vRuTJq96yFWJf7ZbK0kqV+bNGpy6WuMg3lIiGeShVpUxEg5AvJp2gCuZRAdhAmlibPjJGnrP1SFLko4HjLC4c6/4A374w1mrt7xfGOsvLMzwgiqllc4UUzhX/bDmEud8pIXDDNTSS2w1Nyt59sWVOvOr97dWvFEqP4tVeqj7Ppit8qYEr6keUrjfuArWMmDCp6fUDipFFkOXAauajgFjxThW8LISemq8sUJgcW8HUfw6b7/Gl5J23yzTPmYF1wa3n1HpODXsJae5lRYlSTP1XYY6+D/IQyWhoYiKdYFM6KcrK/uyr3fSNKHUdY9XM3R8TxgEaVZ13hTZlmbhbsh2AEESLN3heekq//f0+M7ETIW9vhUH77jO+5vaoIEh7wo8yjTe7Kbc0zuhELPoHcWpO544kmegKDeHCcavf9ZNsOPmcAa/le85dUIiQDAZxaXEd5yORuQ44SJPtH5L/qhVkjVw==</xenc:CipherValue>
+            </xenc:CipherData>
+        </xenc:EncryptedData>
+        <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                           Id="_cb6151de16daa2d211f217fe935c2439"
+                           >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   >
+                <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                                 Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+                                 />
+            </xenc:EncryptionMethod>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>BxnBnHLtE1IjI9bTGDVs9EyJspS46SJrX4r3yYRdBJYawEp5AHWx6SgVB1TuU466ORIPX0HqdUvy8efOP/7gHhFlm/noKc+qToD1YSvGQ27kJdZbBJE+kcnDZpgqPHCR+fr3Nv/WfN+eZRYMlky1D8JaWFd1P6Eqi8xqY1BirHQ=</xenc:CipherValue>
+            </xenc:CipherData>
+            <xenc:ReferenceList>
+                <xenc:DataReference URI="#_35f50720fbff674d0c13517d8c1055f7" />
+            </xenc:ReferenceList>
+        </xenc:EncryptedKey>
+    </saml2:EncryptedAssertion>
+    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+        <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                            Id="_db05d5b7575e140d99f8bf45cbd9fbfb"
+                            Type="http://www.w3.org/2001/04/xmlenc#Element"
+                            >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   />
+            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"
+                                    URI="#_6c694898eaa77962e78f2a01a15db34b"
+                                    />
+            </ds:KeyInfo>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>IgD71bb6jamYDY9qLxLGcOSwucbStZTX2+3V2pyTxd4v+MsnlQxvbqPu3VW2p44FWohsvPhP16wuChrGrLOo+ji0j4ZfQ+4ktObzV1NJzlOcbF0mpfzGqIFX0x6T5lHyQssdmZXI8xLZvK8v46ZIwaCQNWs1GgfflVSvzStzfz9cBuch2ELBbrNehWtqR/UEhhlh1qLXgMmDmCczPDavtxxqSYuU4W0uQfWSNz1tWRiuUCepTJi2Z+3Qkz60Qw35VdcomQcswyooKnOUID7y4DL8XymVRK98rguDfRlI/yZszq+fQOXEfXrIS0DmSxesDP12Aulpyg4KR3dsUYke3bAr8Ag3020RV3VY04zCMm9fVa8YCUNes7QWZYwkQ69gJk9Na2Y7UdHwIBPkFKej/Ot0uALL1IXZsHnAcRL5FKUBmtzs/nf8HFqM8mXWMwZh+/wR/iruX0+89H6hIICpniDNvZI3kGBIsyHGXsRR2zOyXVflRnL9vYUedC0QAKyK36fy2niNb6nBk7xZ6340+NyWl78ollTCvY7nm6/VAOPyizOIIQUYIpP7Vo4geCH5vEd1hX4ptsCpMUe2NvnaPSX+kX8J8lgPd4f1eMG7DlKF2GYEFSQpwJbly2gkiaqVnQyhF+4IylBoZJ2zRR/JtjTvof7QRUXtScxjpnlwNz6WZdHnDiIjIfcUGj2+zIC/Qe0hQ3Oalv0JGD8kUmqD4PvPu53AUSN5aoCboE2mM2lCgPN2EQZQT1j6mFd9DRZBxSaUFUayTgAmJqavplFumrD0ZNpx+ktzP2dva5F6TVuPPMQ37n2Iq6xkMaUn58j2IL21RoLkkWpYELhntd17EBojiO/PC85QdgUi+HlD1GXJ5WgT17jIVSz0gve7TNYL4PyOr3S2/b+BSI7Ti52f7Plrksu5tNAoUhLWsYMBqf2ylkwuDugg6J+jOhXtm9wDbPDzleSn9mRzYplU64Ciq5yTC9OWGwn3ANSMsfVf1D3j+pB3fnJJv4JRbIgLjO56ypIj6I82XBx7tD4GQK4a3Oc+jvkXedhidvNBWe9ahLAn0Df4g/N+a31gZ5Nfc5xC+je5/GfhOolRMlIeh3+BaP0NnZlf3jwwYPSz2j69EizlBi2DYAJ/B/fiF9+ZqwHwEYxInS6cshG1Q4TdfV5ijgsmMr1H1Mg7UCN4fUHyuC5aoIdPyU80VSgwotLG480p0J8SNoJqhegtaKMyvWX0skI5U3eZwAiaewmtr4ngmisWNiXvmb8pmwvVGiaRErt7BqxdtDbMkfBBTNTC2myR3+fp4ehCv6+q0N0VKy8NkqpGIoHJM9NZCqWUSo4AQ5WcCdXyk9058YylBYhcKo/K7o3QI5ndALwrkAHvu8FElJezds8RwHVfEYtkOpjA9w4V0IcTs2AQM2Nanqz4gKiRgpwCyF9MF4Q8DnSKwishyAHsO0rrMjq+XCXWpFZNZoUjSeitIbuHhbgEIcEq/9OmneF4Eop57LppOXFBdQ3EpRbbAQhS1beFnGa4Dhh3/OpNfxgf8coOs2AxiG+nzlrfrLKXKk4OL1dyskbiKXDWrumIbjnEfagZWc0LDCwJjXh2oBl8oYHgI9iYLq5652gr1c/CO9MC6DCBmhwlfKAOVnNeLxwWM2LmB3wKqzQcGqohMrxCu1kDQZcId/+z4DNXEGhbfDD4drY7uXGZ1AhOVch8r2fsYM+vYJLnB3rJPTqBZXBTO++rVt6Ui++0ZLiHUkXQGe8Rl83SmGa4vGzUIob8Jq6bxrmYLJBQzteHX58MaAXiZ7effhSdlr3JPZ9tm6GfvXuwcAaBrJLsY8VYbSVbfyixvwh90fM/8Gg2o9cFBaMt1XODA4wE3bBDFmNUdbc0fpTSnE2hBxhtOaqFp430FJXBND6qSiUJn2xbxiOEoZPda9y584qAMed8lBHC7zzFIgQuw0ilYKKOg48UP86oQgeK5ELBc5hhRlfL7afJAnQijoK/60cRpZ83jiuMq+MB960vVaKAh7Yw/0cJhlbJNImG0UlMOuYr+3+UyYRESZ8guwf5Up+fhERJtNl8w/3owdC40NfXIa79XA+56c8fWMPf1dDGsroV/F/beMS2ZNVCgC4lo/Qy/GLhcAj5rXlmEX8jdvVNp8PD5GKV3E4iQNOyHkRQhYyUFgJufW/qVUvud3l5yIQNd8RmEqW/D3xB9BdoHrvn5iH4TGE6GMt3P92cArv8yb23eRvuDl2YyVTblnV+ZxRfs7fKIovUEqgK1IqUZwbrQkbN7/Kcw0dEbcL/umNZjLdR1UJMp0pHRLWPTp75I9aMgu/BCEs/rW27BZaIBOhIJMFHWHCChx7x3hMQXJzRg35G4pxMdps6Cy9UDcB5u0tn+ZlGLqwSTbkBx/k07/y4U/LgWiKeL2ajsBMTrnw4w9v1z+Zq8eh56CksexEm052OxNUqFy49qgVwEBo8ap67TCf60/NooSjq2tTwbIYu3XUJ/WVNbeZFpO2B/a1yoa7EBdJA4hvM7gFsIoy2jNLgO5Ohx/evdX0slZFyG82q1QjuGqnsHI8+Xz4D2vMnq6E/7UfqzGa0y/nO6cVTv8PtgdzJeSaVZTY2LPS25HF9FCuiKbbIz1ozZwOpi26FqyhuSrVxtEgAEK49Ym3U37HWJ5P57jKwrIw0HbXvoyI8R9o7SZJ54aeK9oW+mVA/pfxqi0kfKdcPXlrgme1fYfpcaVLY93ETvl7zHLgzKHZWcRCLzoA4jIjU9iS7NYUhvZxNTSNd2dcbSGuurhaIuQNK2vpCQ4e1udDiYFcfgKrco2O+3uOkQPpvbFC8geGsbQiie/F2wFQcg6qdnRmw/s+XkY957JxMH1+m8XJdM5J0Byu7PujdtqJduoIKiZlgsSMYmEh7s/J+89hyxN69eFpC6X7BNeYDkyfGE+iZCKvy6a6ARR11UDWj+96rZB1YVkvx04qdhrg5djhY1RoLff8THx6ohI+WJfo=</xenc:CipherValue>
+            </xenc:CipherData>
+        </xenc:EncryptedData>
+        <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                           Id="_6c694898eaa77962e78f2a01a15db34b"
+                           >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   >
+                <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                                 Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+                                 />
+            </xenc:EncryptionMethod>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>WWgxzBWoLT989XTVIiHrBBrW4BAQ4cuCkfmSVFoM1/BztSwYrslujZUoA3Iy1lTgqqQNil1RP6c7Rw2mZxz/dTCcy9hX99oRAzu/cGBDe4UnuXmN3z2oOauMaVmsOP/czf9dbJVJv76gQR3R4CVHH2kvbq563eosKGolAJMa5MU=</xenc:CipherValue>
+            </xenc:CipherData>
+            <xenc:ReferenceList>
+                <xenc:DataReference URI="#_db05d5b7575e140d99f8bf45cbd9fbfb" />
+            </xenc:ReferenceList>
+        </xenc:EncryptedKey>
+    </saml2:EncryptedAssertion>
+</saml2p:Response>

data/spec/fixtures/encrypted_assertion.xml ADDED Viewed

@@ -0,0 +1,103 @@
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                 Destination="https://samlproxy.showcase.ida.digital.cabinet-office.gov.uk:443/SAML2/SSO/Response/POST"
+                 ID="_e3e6587a-8d13-47c6-8153-18af97d0ab08"
+                 InResponseTo="_0afc9d05-a0e8-4ca8-85b6-d6096fcdd0cf"
+                 IssueInstant="2013-08-15T06:58:54.478Z"
+                 Version="2.0"
+                 xsi:type="saml2p:ResponseType"
+                 >
+    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+                  Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
+                  >http://stub_idp.acme.org/post-office/SSO/POST</saml2:Issuer>
+    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:SignedInfo>
+            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+            <ds:Reference URI="#_e3e6587a-8d13-47c6-8153-18af97d0ab08">
+                <ds:Transforms>
+                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                </ds:Transforms>
+                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+                <ds:DigestValue>2J5oHzmbC8N1UGW2hwEVT8aB0sA=</ds:DigestValue>
+            </ds:Reference>
+        </ds:SignedInfo>
+        <ds:SignatureValue>ixCjDwTs3HZulePsQBsXp7jUwZoMEXXXwYfmir/OVrvtPmDRFmONSlGMRDREAa5PxtLPCviaL5fu+W5n8L4GsiM/3VvBmVpky8PdpLsSWo9IEvapGGYJ37/3CprJhyk/5GLZLiDY6GlucJ9QDTwLliJnDz7iaUJTxnAqXsOLB8A=</ds:SignatureValue>
+    </ds:Signature>
+    <saml2p:Status xsi:type="saml2p:StatusType">
+        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"
+                           xsi:type="saml2p:StatusCodeType"
+                           />
+    </saml2p:Status>
+    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+        <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                            Id="_35f50720fbff674d0c13517d8c1055f7"
+                            Type="http://www.w3.org/2001/04/xmlenc#Element"
+                            >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   />
+            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"
+                                    URI="#_cb6151de16daa2d211f217fe935c2439"
+                                    />
+            </ds:KeyInfo>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>YXef7aTXDEmPcNzUIK0BwO9cfOR3+Ld3JIj3WKXgudfk/JogEhbqfMFHxXOr+dZI/X692fpgAPSL2/kILXjQYVpJ1BnyvgJjeTDbrw+IsbeU+Zmto1wVc8GtUjJ0HG6QhvyXqDJOdjvkpO2qgviunZiq3fKNhLY//7jLLMDuIq1mzcePJ6v0J1x6A0ZpjbMuW6KX04LA/Zl3QdfqPZXC4JLNA4eOt8VSrdAujJ9I8pUSxD6G+IEwxyisMjPBCDqW9c2bHdGmVNRzrYwbmuaZmmU3a4XuHYDeVIGbSlKJZwAzyaTTB6lqD5frALZu4AJWuIHfmcP1McYBgbCET8gMjj0r0KtaCvkb5IDDnFJO3PlvxoKLI6O57pkHwLCFTxAMDT4byYEArkroOT1dVbONj6vSAa2TPQAVvywpmK5P9UCI7nIUGtNY/1p7xw9DPnWn6YEqljAa7iuswAucisQuvVTq5uUrj+LIgGEW86UWpLhUZGlyO+wwOEQC/CA9+96fj9z4h6nHT4w3F9c3gM3yVB/z5cy2b34OtKwGxkliBlzHrN0+bKlonlL/QWWl9UAhMAfBlKJ2W0/gKtmJfiqhARL8OOEINAuTNagBJsh+z7SA5bB9otwzZ1D0EEVP7mYcY7UOhAl8bljVNQ7Hc0OLqsdh5Tr6T7pVnxYulx91GKOyO65U3rkPpVY61VRq2GQSFAmAw/9kFfNy4k3JOknRCtRYSEf0OFq8H2YZHptvMQwo3/Tb/BZLlBByzYsKhRQfLF+jz4LU0qC6xuKsFWIKirONNbuMg+H2ohvJHIGDVCvpJW08OyaocFEM+FP/qsQPB7b/ysiWyX3TNRxfVy4PrS23aPun36NRSqUSdNmsWJ/CfPJ+PWbXtdWDHJvuHm82TQqZgEQbLbrrlveNzV0VUhlBDMHsxOBobXRM+X51WYlAewbC/mvvWOovVSFTFG29Vq6pwJiMilJYy+Xf3O/7mM0MNcKxazpmjcqYd+bULsJfoLNxVyYg9gv/EG0pKDuGGK4s4w/yPX7NHdC/prBDRot29g+Qg5L9+ubottfMzcJ2yBMETLTg7JY7XB9XOfzVVikLtxPta63E5YduSOfNhkI6XMnUE5/YAx8ggrfmw1MXSWs22eoiBJYF4dW6yGR7Cef/oQOGMi6Wi27+Y7JuJKHEEgpMw8hAqR16eE1yJhfH4XNEZYzksSQCAiFIIW3Mb0SaTO/kK0oh/JfvUbKZ6z/jgJZ4LmiS8E5ezn6J/Jr2O52ZBqEbrqbyQZ3x1bfKEkVAAI3Y7vK2CtgMlAqhyGwYF4otlHCyl437vh7xHpg1XIvIahpPz9JnNuY4jAXlXGuk28vFrPCjH/65wFrrK4b+5kSA5mvTTcKcNp4y6DqlEAGDA5Ji+6Y3ZGYq28rWHVyVo6GWRK1+yEQghQ2Udg1CNEdTax43Bs9jpRdve1+O8VCJkA4eu52lmJpJb5sX8+5W/rgQiOstHEAPOSD+9gqqJSOTYCR+ZIjwHmYwqU6HxLkrIgfy37gGi3ppk1+tqPAXykJAFcAnx8duaHWHLrXC2N8gkUqggGKV7/4naaKaE1sVzAJmlp++Saj9MbYb7lIlvQ7jjmEL2c1JqXKy6G0QIsKEDtAFrdoVID6l8kJTjWOPtQsrnsceaXX8AVdjNkWB2tYCQQ9OYfTahjtkG4WH6WyEskYgxbAqaIzKGmBJXruIxOOXMFfdOZd6d5IsknHzNFMqvhcOW+OzDzCtC5bPblxMkdBG8mTeibo+MRvD47sEOvmc5WR5FOOc9EcJvjTvBC5MxvdTTpnxkwYTghelnEiBdzSQFlFirtbK3CJ1LTltVN0ImAjkK+rQyOG3/vR0/payLqOj7Y/+AQHUxBjfmNnVtSu86qSUdvHrB3V/4dBGz2JigA8j57ArMWYLNwrFqNq47PDUdlxt+ffN1bSDO+n8pxXdLcs2NakRrZbtIEkOf9WdhqUdVuNXVDyBPEFhz2u+vxkT1/T46UrnxNjAFXtdaABoKEg/jduEkauoImHqEe6apgheeaFpySEOhoWjSxTr6PF44847FAePkjANj/9N/odtMULJtI5X18o/gGnEsYjnr/pcrCy5LRiMOqWu5Go4N+3gnMiEjHf6ppSkTPtrORqI+TnQ40QXYPBlpQfpXvF7VsH87Vz+46PTOFYo8q3VaAAEwf2PTnfEzuzVJVfnemAL0ge1wVXpNa4cR7YeNaFaOs4zK5LABXePbB12kummK58j2SOdGiE4pBgaNPorRBkvvdS19zE991jDo5in9X0nE89UC8QD7A8QDaYh8LNEZejc9+RTVnNuxUljo9zoW0TaPA5HEqMV5lRpPu/ibloKXPbdjOISkcoF0P0YKIazraM0jVGUOjefVJyynbzmMvDZUnJj38Lg7xg2UNy3MwHeBHqs7gbyHRdK3V1buqKHyQ9kF9OGjozq/4Sangb3kTVOR+Lt8oDrCpW1GadkNoqUCnntLAZeKfc6q95OGVHqVsy8YpBiXJap5aek165dVZ3nj2Egm6gT1LXhDrnR1XWQdkmkyfouRhTCqIZ6ztTyz8Ew2Lo92wXTP9OkfnEn3sz3PT0miMxTVUfFTN7Qi9+WnTsFzEOact/49+vUnA7lzDbotETIwgmzvZaaiqH8xMiUyUJ4cRL8q9lpD2tZ4ls3q7vN7AftUVuXTL4GsaPr3B3ASUcfYco2FHigoAxGxtOJKn7QFWctB0CqPdQKw0x2MLx5Ag/0pZ+ACBm5s64gToQuiMEoT3+2/Unp+DQFVQTB0C02LthryYc06udzEKPG8rUfLo9svJcwLZSm4ceerYNh5PpxtF8QhyoPTSBSZ5DdYPLDC4Fwqxe/TRzirWPxGZA2f13W857ATZSdzomXO8pOtOB1rt0/G+fnpb/OjnYspp2/g5bxCbbos1w2pKkyNXQUSFEuxY2Z03lqMqLnKxzXtTJHh75eAclAYt6dTzmBBM15ir3Y6brKV+5F5wUwqM+g8BL+3xZDdSC2EyBm0gDuL1tT8/SbcrQppGaJYntxJm8mpClaHtEIsYfcb3X1QdAXVLby3nEstEGizbnL2KzazMp/S+tMku9Bf7irxwumYTS6QWBM+vJFRI5/7LHoplrOmFqdbQIxuN8ybXVJgqujuhvOowiu4/y4KUqZb0Lr8KJenEUIRrM1Voray8n875JTZuosYmDi7Vl7vLf5KPH4D5b7Di58qNVxYHPbyCVWNmk1CepmHQ/foOuU7HxSPUuruoytnKKu5Gd0r5AqEdrSEXvbaRb98dxaequWwaDARztfJHMt2ciy6Ygvfv/Y4kzfO/c+RIfXiIuDnGfbBAIHNYOosxIFQMPIWA1K1QqnZ0AzTBJkSfS3fQjw8q2gWA/XCWEbK9n2+zZjXSieXbiShag4JP9B5DdcFjCAsKzDzPpBUMMmwmH1092n1jJBKZP/G/SPn3zsqqj277y1KIqYF7+St1N6Wu6kkADqQZjYhSI/jCQPW8qf0gQzg8w+Ju+15isNmM0xJH1QRK3n4CS9/Z9RLefTX9RXJo+Kz+Tnhf7UVokfrAee9AlZT0THNHS6AYotzcNwkE36s4w6eD7DhyMjUrNoGL0XagVT0ueoRtcugnTGDaWQpa1MvlmWBrv2iFX+cMes0HJyDyg2h3BWGm4DIrdkIiRe8fAukLH2STVTvEmGI1oMoV8MaakHLdjyhQ+IhapBXJYUFjo7e5fdSK8Sy80mfoLRJWWpbSMORnhiVHYwSe6Gg1+0KJ5AJI8xPwosBrSzWXh46QWM9fu0fgN1yrdD1cu2jbexUyUd0H92HNPzzVV6FMCG+WvLGxEVWNWo/Qg6sZuytuGPdER9EmH23NwDFr5/85JLGOtWznQ+WdTFbNiR0EsB1yHenhD79wx0l5wOSx6ysU3wMc9VFmfCs+h7Sb3Hk1grKZzS53vpZM8YwTfloZnYbzfGU8vCKSf/S8RZMdz/eilQfedNO8eZrCfPPzXdXjZHFpNbJQccCDxtAN5H1oXFrm9zp7yIIb8B145hoqy+kNSLKWkhI9vLhQnALprf0paTRMNjHfdQydBh76h2DJivv9JlQTehVwHnWgowcgPvhPCEU7nIv2yp7+B1qqBxJPEM3JvKhONHMH1SqyqULaTENd9EN5l6cehbUCLvS4Kuke/vQSJActmzvdI2hBVznyKsYdxt9u/FgcoIncSvGqpQS2hMrlMSYrLss8RWUP+Pzz3n3cKDL1P75ibZCSZTH6YgVEEm6U+HNGol7KVh773aUTy6g7/9zkKPUCPA8ngivCJRREhZz++q5vniQ4fCcvEF6G8zKJBY6VroeDyfW14zj2g0/7SyJ1mVl09VEZ6DRLE6IaB6H6gCRzZ180sAOiaioa8WO8MByoORt7Nt30n6+7kLXopCI6BXuWcx+OF86A4/gXK7+H8vz1oxHVP/+w7dIZfZMiQHGC12FqaOIYDkp1UYwqSOtcwRHU7V+Ps2d14CRJMTBdP4yrKk4VKvIDP8+V3Omaaj4WhhLgdPZLZEJQX4aWJmaqeE7zYm4tF/qF1LoQuhTq1dIbR5UMGADN8oXUjHhsXjgngI3h9tm+LmaynRenvStdHJCyblB4JkHkJYCYRTXlDBLTwZJlL6Us1qoRCjl0PfUZbpA4KTkwReDSBPY7I1FeOLixXmzOVeSq1DDVvtJNwzQTPjfaYxgrfHDF8QCdLmC5Y+EXlxu/HMAOWiy03zYYVMR46aBZqficIJpGhyLz6AD9iZkYWdsfRFxHGnY4J23QzRF8ibEl2WiHS8pgrYl0mdvVTBRuPb0DC2GlKzwN+AVK/XVXMgKdHCzh6YPraNIdzNjyZLnZ6sCy4bRvlhWd8ftyIpI9lF4c3O/UtJYOzVrrKKik0cVJvYb2AUQRxAlS9nMFMPtZ6hOuDcCpm9UJBq362h/oijWC+xn8lT34nRKsNIx9xtKzs7PoU8TFoX2Vl/AeT7wRdkpIILJkoSdr6+U2PNw25Gii3UbsiRUF+XNkKsNGWf/xb8xPpEuA3Wmbmpm+0F2tq7nul8OWtzGepKXgV5LfUcqbwTfdUCgmFRLy0iY2prckNEmbxRbGite/DOQRPnrUqxu8soBgbZ0GT5T0Z6gP16Tvz6LzAl59u71GPbhW0aP0iETOkCqkeaEnoSqlVwSeoUzCkdwruoeLi6ZG0T+9VHRT3nieSIvSNY+CtFocQS2bXu9dhORi8TCgfovRKGyJ6k9PMPp8CpsVYlb6piRJYD0s7LtGsidNL2sOBEk2KduhLJj02N0hY1NF+RZkG86lHwUAw+6ed6C/Tl86ke/OEqoZg7f63foyi8Yuh6szztghisI3oYVIV7+oftE2AMwMf1+Spj0WE6N3xms+K7hpp/kNzMXb0YaMbNU5btD6hdlAdrTlFY0BRJ5PuKCTsM3xQI/mGyU6nXzaPBs+Dypt4U1/ZVzdmrNOyJ8VmfXi9+rOyr49dHuMWhkGHjYte6UFjwyPvKx7TWtPXv1bJ9MuZA/wjYtFrk/ABuiKEp8KBo3pBCO5i014oTtq+0ZGhwFI0o6BhFs87+qepCeeMBJa7ZhxYhEkizXHnwvYf8HKpSiec0qj3khRoql42EDsvZFVmcjii23IWzSV3/HmbebLWnQ05UpQs7+xiSBjpPgfC0ytC3qnnFVFPyb8iVI2UOZ6hHlD/36G25YtAXhiOuwpBgOAyfx+KoQ7PlU+TwvT0ZY5+6nm6G/F03HJaBITtS7FlKbD/vT+irNASwi5kphLaQJvQaqM7C234eAZHHuu9VJknuQu+h+rXzk8WgwHgITxbl7noOTGuIkwFXBYtvztUoSfF4xNG4ShdebKbzhNsyylG+VC42gJUL7hwC3/vevyna4QphpcvTRtgIMUbZrZ3j7+4C1Ino4jdteYYd3KvfnwYoz4n7cGpmgQ4oc6YqecKrVuy+w0DYPJ5mR3xKamvlvFrL2j58vigKqSUZOx3Rq7xnD7Z0hbNMxuJifEUOpUI04+fFquBXbzJSTHpxZ0Vl08mpJPoq19ejK03IDehL+083RB7I/ew07ipmk6KEkTS+Xu0vNLH3JJfAf1vRuTJq96yFWJf7ZbK0kqV+bNGpy6WuMg3lIiGeShVpUxEg5AvJp2gCuZRAdhAmlibPjJGnrP1SFLko4HjLC4c6/4A374w1mrt7xfGOsvLMzwgiqllc4UUzhX/bDmEud8pIXDDNTSS2w1Nyt59sWVOvOr97dWvFEqP4tVeqj7Ppit8qYEr6keUrjfuArWMmDCp6fUDipFFkOXAauajgFjxThW8LISemq8sUJgcW8HUfw6b7/Gl5J23yzTPmYF1wa3n1HpODXsJae5lRYlSTP1XYY6+D/IQyWhoYiKdYFM6KcrK/uyr3fSNKHUdY9XM3R8TxgEaVZ13hTZlmbhbsh2AEESLN3heekq//f0+M7ETIW9vhUH77jO+5vaoIEh7wo8yjTe7Kbc0zuhELPoHcWpO544kmegKDeHCcavf9ZNsOPmcAa/le85dUIiQDAZxaXEd5yORuQ44SJPtH5L/qhVkjVw==</xenc:CipherValue>
+            </xenc:CipherData>
+        </xenc:EncryptedData>
+        <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                           Id="_cb6151de16daa2d211f217fe935c2439"
+                           >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   >
+                <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                                 Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+                                 />
+            </xenc:EncryptionMethod>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>BxnBnHLtE1IjI9bTGDVs9EyJspS46SJrX4r3yYRdBJYawEp5AHWx6SgVB1TuU466ORIPX0HqdUvy8efOP/7gHhFlm/noKc+qToD1YSvGQ27kJdZbBJE+kcnDZpgqPHCR+fr3Nv/WfN+eZRYMlky1D8JaWFd1P6Eqi8xqY1BirHQ=</xenc:CipherValue>
+            </xenc:CipherData>
+            <xenc:ReferenceList>
+                <xenc:DataReference URI="#_35f50720fbff674d0c13517d8c1055f7" />
+            </xenc:ReferenceList>
+        </xenc:EncryptedKey>
+    </saml2:EncryptedAssertion>
+    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+        <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                            Id="_db05d5b7575e140d99f8bf45cbd9fbfb"
+                            Type="http://www.w3.org/2001/04/xmlenc#Element"
+                            >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   />
+            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"
+                                    URI="#_6c694898eaa77962e78f2a01a15db34b"
+                                    />
+            </ds:KeyInfo>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>IgD71bb6jamYDY9qLxLGcOSwucbStZTX2+3V2pyTxd4v+MsnlQxvbqPu3VW2p44FWohsvPhP16wuChrGrLOo+ji0j4ZfQ+4ktObzV1NJzlOcbF0mpfzGqIFX0x6T5lHyQssdmZXI8xLZvK8v46ZIwaCQNWs1GgfflVSvzStzfz9cBuch2ELBbrNehWtqR/UEhhlh1qLXgMmDmCczPDavtxxqSYuU4W0uQfWSNz1tWRiuUCepTJi2Z+3Qkz60Qw35VdcomQcswyooKnOUID7y4DL8XymVRK98rguDfRlI/yZszq+fQOXEfXrIS0DmSxesDP12Aulpyg4KR3dsUYke3bAr8Ag3020RV3VY04zCMm9fVa8YCUNes7QWZYwkQ69gJk9Na2Y7UdHwIBPkFKej/Ot0uALL1IXZsHnAcRL5FKUBmtzs/nf8HFqM8mXWMwZh+/wR/iruX0+89H6hIICpniDNvZI3kGBIsyHGXsRR2zOyXVflRnL9vYUedC0QAKyK36fy2niNb6nBk7xZ6340+NyWl78ollTCvY7nm6/VAOPyizOIIQUYIpP7Vo4geCH5vEd1hX4ptsCpMUe2NvnaPSX+kX8J8lgPd4f1eMG7DlKF2GYEFSQpwJbly2gkiaqVnQyhF+4IylBoZJ2zRR/JtjTvof7QRUXtScxjpnlwNz6WZdHnDiIjIfcUGj2+zIC/Qe0hQ3Oalv0JGD8kUmqD4PvPu53AUSN5aoCboE2mM2lCgPN2EQZQT1j6mFd9DRZBxSaUFUayTgAmJqavplFumrD0ZNpx+ktzP2dva5F6TVuPPMQ37n2Iq6xkMaUn58j2IL21RoLkkWpYELhntd17EBojiO/PC85QdgUi+HlD1GXJ5WgT17jIVSz0gve7TNYL4PyOr3S2/b+BSI7Ti52f7Plrksu5tNAoUhLWsYMBqf2ylkwuDugg6J+jOhXtm9wDbPDzleSn9mRzYplU64Ciq5yTC9OWGwn3ANSMsfVf1D3j+pB3fnJJv4JRbIgLjO56ypIj6I82XBx7tD4GQK4a3Oc+jvkXedhidvNBWe9ahLAn0Df4g/N+a31gZ5Nfc5xC+je5/GfhOolRMlIeh3+BaP0NnZlf3jwwYPSz2j69EizlBi2DYAJ/B/fiF9+ZqwHwEYxInS6cshG1Q4TdfV5ijgsmMr1H1Mg7UCN4fUHyuC5aoIdPyU80VSgwotLG480p0J8SNoJqhegtaKMyvWX0skI5U3eZwAiaewmtr4ngmisWNiXvmb8pmwvVGiaRErt7BqxdtDbMkfBBTNTC2myR3+fp4ehCv6+q0N0VKy8NkqpGIoHJM9NZCqWUSo4AQ5WcCdXyk9058YylBYhcKo/K7o3QI5ndALwrkAHvu8FElJezds8RwHVfEYtkOpjA9w4V0IcTs2AQM2Nanqz4gKiRgpwCyF9MF4Q8DnSKwishyAHsO0rrMjq+XCXWpFZNZoUjSeitIbuHhbgEIcEq/9OmneF4Eop57LppOXFBdQ3EpRbbAQhS1beFnGa4Dhh3/OpNfxgf8coOs2AxiG+nzlrfrLKXKk4OL1dyskbiKXDWrumIbjnEfagZWc0LDCwJjXh2oBl8oYHgI9iYLq5652gr1c/CO9MC6DCBmhwlfKAOVnNeLxwWM2LmB3wKqzQcGqohMrxCu1kDQZcId/+z4DNXEGhbfDD4drY7uXGZ1AhOVch8r2fsYM+vYJLnB3rJPTqBZXBTO++rVt6Ui++0ZLiHUkXQGe8Rl83SmGa4vGzUIob8Jq6bxrmYLJBQzteHX58MaAXiZ7effhSdlr3JPZ9tm6GfvXuwcAaBrJLsY8VYbSVbfyixvwh90fM/8Gg2o9cFBaMt1XODA4wE3bBDFmNUdbc0fpTSnE2hBxhtOaqFp430FJXBND6qSiUJn2xbxiOEoZPda9y584qAMed8lBHC7zzFIgQuw0ilYKKOg48UP86oQgeK5ELBc5hhRlfL7afJAnQijoK/60cRpZ83jiuMq+MB960vVaKAh7Yw/0cJhlbJNImG0UlMOuYr+3+UyYRESZ8guwf5Up+fhERJtNl8w/3owdC40NfXIa79XA+56c8fWMPf1dDGsroV/F/beMS2ZNVCgC4lo/Qy/GLhcAj5rXlmEX8jdvVNp8PD5GKV3E4iQNOyHkRQhYyUFgJufW/qVUvud3l5yIQNd8RmEqW/D3xB9BdoHrvn5iH4TGE6GMt3P92cArv8yb23eRvuDl2YyVTblnV+ZxRfs7fKIovUEqgK1IqUZwbrQkbN7/Kcw0dEbcL/umNZjLdR1UJMp0pHRLWPTp75I9aMgu/BCEs/rW27BZaIBOhIJMFHWHCChx7x3hMQXJzRg35G4pxMdps6Cy9UDcB5u0tn+ZlGLqwSTbkBx/k07/y4U/LgWiKeL2ajsBMTrnw4w9v1z+Zq8eh56CksexEm052OxNUqFy49qgVwEBo8ap67TCf60/NooSjq2tTwbIYu3XUJ/WVNbeZFpO2B/a1yoa7EBdJA4hvM7gFsIoy2jNLgO5Ohx/evdX0slZFyG82q1QjuGqnsHI8+Xz4D2vMnq6E/7UfqzGa0y/nO6cVTv8PtgdzJeSaVZTY2LPS25HF9FCuiKbbIz1ozZwOpi26FqyhuSrVxtEgAEK49Ym3U37HWJ5P57jKwrIw0HbXvoyI8R9o7SZJ54aeK9oW+mVA/pfxqi0kfKdcPXlrgme1fYfpcaVLY93ETvl7zHLgzKHZWcRCLzoA4jIjU9iS7NYUhvZxNTSNd2dcbSGuurhaIuQNK2vpCQ4e1udDiYFcfgKrco2O+3uOkQPpvbFC8geGsbQiie/F2wFQcg6qdnRmw/s+XkY957JxMH1+m8XJdM5J0Byu7PujdtqJduoIKiZlgsSMYmEh7s/J+89hyxN69eFpC6X7BNeYDkyfGE+iZCKvy6a6ARR11UDWj+96rZB1YVkvx04qdhrg5djhY1RoLff8THx6ohI+WJfo=</xenc:CipherValue>
+            </xenc:CipherData>
+        </xenc:EncryptedData>
+        <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                           Id="_6c694898eaa77962e78f2a01a15db34b"
+                           >
+            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+                                   xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+                                   >
+                <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                                 Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+                                 />
+            </xenc:EncryptionMethod>
+            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+                <xenc:CipherValue>WWgxzBWoLT989XTVIiHrBBrW4BAQ4cuCkfmSVFoM1/BztSwYrslujZUoA3Iy1lTgqqQNil1RP6c7Rw2mZxz/dTCcy9hX99oRAzu/cGBDe4UnuXmN3z2oOauMaVmsOP/czf9dbJVJv76gQR3R4CVHH2kvbq563eosKGolAJMa5MU=</xenc:CipherValue>
+            </xenc:CipherData>
+            <xenc:ReferenceList>
+                <xenc:DataReference URI="#_db05d5b7575e140d99f8bf45cbd9fbfb" />
+            </xenc:ReferenceList>
+        </xenc:EncryptedKey>
+    </saml2:EncryptedAssertion>
+</saml2p:Response>

data/spec/fixtures/keysncerts/post-office.pk8 ADDED Viewed

Binary file

data/spec/lib/xmldsig_spec.rb CHANGED Viewed

@@ -42,6 +42,17 @@ describe Xmldsig do
         end
       end
     end
+    Dir["spec/fixtures/signed/*.xml"].each do |document|
+      describe "#{document}" do
+        let(:signed_document) { Xmldsig::SignedDocument.new(File.read(document)) }
+        let(:certificate) { OpenSSL::X509::Certificate.new(File.read(document.gsub('.xml', '.cert'))) }
+        it "should be validateable" do
+          signed_document.validate(certificate).should be_true
+        end
+      end
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,20 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: xmldsig
 version: !ruby/object:Gem::Version
-  version: 0.2.2
-  prerelease:
+  version: 0.2.3
 platform: ruby
 authors:
 - benoist
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-08-03 00:00:00.000000000 Z
+date: 2013-11-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -36,13 +33,14 @@ extra_rdoc_files: []
 files:
 - .gitignore
 - .rspec
-- .travis.yaml
+- .travis.yml
 - CHANGELOG.md
 - Gemfile
 - Guardfile
 - LICENSE
 - README.md
 - Rakefile
+- decrypt.rb
 - lib/xmldsig.rb
 - lib/xmldsig/canonicalizer.rb
 - lib/xmldsig/reference.rb
@@ -53,10 +51,15 @@ files:
 - lib/xmldsig/transforms/enveloped_signature.rb
 - lib/xmldsig/transforms/transform.rb
 - lib/xmldsig/version.rb
+- rsa_ext.rb
 - signing_service.rb
 - spec/fixtures/certificate.cer
 - spec/fixtures/certificate2.cer
+- spec/fixtures/doc-plain.xml
+- spec/fixtures/encryptedResponse.xml
+- spec/fixtures/encrypted_assertion.xml
 - spec/fixtures/key.pem
+- spec/fixtures/keysncerts/post-office.pk8
 - spec/fixtures/signed.xml
 - spec/fixtures/signed/ideal.cert
 - spec/fixtures/signed/ideal.txt
@@ -81,32 +84,35 @@ files:
 - xmldsig.gemspec
 homepage: https://github.com/benoist/xmldsig
 licenses: []
+metadata: {}
 post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 1.8.25
+rubygems_version: 2.0.7
 signing_key:
-specification_version: 3
+specification_version: 4
 summary: This gem is a (partial) implementation of the XMLDsig specification (http://www.w3.org/TR/xmldsig-core)
 test_files:
 - spec/fixtures/certificate.cer
 - spec/fixtures/certificate2.cer
+- spec/fixtures/doc-plain.xml
+- spec/fixtures/encryptedResponse.xml
+- spec/fixtures/encrypted_assertion.xml
 - spec/fixtures/key.pem
+- spec/fixtures/keysncerts/post-office.pk8
 - spec/fixtures/signed.xml
 - spec/fixtures/signed/ideal.cert
 - spec/fixtures/signed/ideal.txt