Canonicalizing XML in Ruby
Give these two gems a shot:
http://rubygems.org/gems/coupa-libxml-ruby
http://rubygems.org/gems/xmlsec-ruby
I wrote them for a SAML project. The first patches libxml-ruby to add a binding for the canonicalize function in the base C library.
The latter is ruby binding for xmlsec. Right now all that works is signature verification, which was all I needed for the project, but it sounds like it'd fit your needs too.
I'd recommend going with xmlsec because trying to write your own XML signature verification code is an exercise in futility. Just wait til you have to deal with multiple enveloped signatures, embedded certificates, gah. Let xmlsec handle that crap.
After looking around some more I've found that nokogiri has put c14n support on the todo list for the next release. Don't know more than that-- but it appears that no widely used XML library supports c14n as of June 2010. I'll close this out since nothing really popped up.
I have a ruby/rails Service Provider and a .NET (ComponentSoft) IDP
this worked for me ( I had no issues with the canonicalized version of the XML):
received_certificate = XPath.first(response_document,"//samlp:Response//Signature//KeyInfo//X509Data//X509Certificate").textdef self.verify_signature(received_certificate, idp_certificate_path) certificate ||= OpenSSL::X509::Certificate.new(File.read(idp_certificate_path)) cert_decoded = Base64.decode64(received_certificate) cert = OpenSSL::X509::Certificate.new(cert_decoded) certificate.verify(cert.public_key)end