lib/saml/kit/signature.rb in saml-kit-1.0.24 vs lib/saml/kit/signature.rb in saml-kit-1.0.25
- old
+ new
@@ -22,17 +22,19 @@
# Returns the embedded X509 Certificate
def certificate
xpath = './ds:KeyInfo/ds:X509Data/ds:X509Certificate'
value = at_xpath(xpath).try(:text)
return if value.nil?
+
::Xml::Kit::Certificate.new(value, use: :signing)
end
# Returns true when the fingerprint of the certificate matches one of
# the certificates registered in the metadata.
def trusted?(metadata)
return false if metadata.nil?
+
metadata.matches?(certificate.fingerprint, use: :signing).present?
end
def digest_value
at_xpath('./ds:SignedInfo/ds:Reference/ds:DigestValue').try(:text)
@@ -119,9 +121,10 @@
errors.add(:certificate, message)
end
def at_xpath(xpath)
return nil unless node
+
node.at_xpath(xpath, Saml::Kit::Document::NAMESPACES)
end
def dsignature
@dsignature ||= Xmldsig::Signature.new(node, 'ID=$uri or @Id')