Commit 4b9d634

@@ -0,0 +1,7 @@
+xml.KeyDescriptor use: use do
+  xml.KeyInfo "xmlns": Saml::Kit::Namespaces::XMLDSIG do
+    xml.X509Data do
+      xml.X509Certificate stripped
+    end
+  end
+end

@@ -3,22 +3,10 @@ xml.EntityDescriptor entity_descriptor_options do
   signature_for(reference_id: id, xml: xml)
   xml.IDPSSODescriptor idp_sso_descriptor_options do
     if configuration.signing_certificate_pem.present?
-      xml.KeyDescriptor use: "signing" do
-        xml.KeyInfo "xmlns": Saml::Kit::Namespaces::XMLDSIG do
-          xml.X509Data do
-            xml.X509Certificate configuration.stripped_signing_certificate
-          end
-        end
-      end
+      render configuration.signing_certificate, xml: xml
     end
     if configuration.encryption_certificate_pem.present?
-      xml.KeyDescriptor use: "encryption" do
-        xml.KeyInfo "xmlns": Saml::Kit::Namespaces::XMLDSIG do
-          xml.X509Data do
-            xml.X509Certificate configuration.stripped_encryption_certificate
-          end
-        end
-      end
+      render configuration.encryption_certificate, xml: xml
     end
     logout_urls.each do |item|
       xml.SingleLogoutService Binding: item[:binding], Location: item[:location]

@@ -3,22 +3,10 @@ xml.EntityDescriptor entity_descriptor_options do
   signature_for(reference_id: id, xml: xml)
   xml.SPSSODescriptor descriptor_options do
     if configuration.signing_certificate_pem.present?
-      xml.KeyDescriptor use: "signing" do
-        xml.KeyInfo "xmlns": Saml::Kit::Namespaces::XMLDSIG do
-          xml.X509Data do
-            xml.X509Certificate configuration.stripped_signing_certificate
-          end
-        end
-      end
+      render configuration.signing_certificate, xml: xml
     end
     if configuration.encryption_certificate_pem.present?
-      xml.KeyDescriptor use: "encryption" do
-        xml.KeyInfo "xmlns": Saml::Kit::Namespaces::XMLDSIG do
-          xml.X509Data do
-            xml.X509Certificate configuration.stripped_encryption_certificate
-          end
-        end
-      end
+      render configuration.encryption_certificate, xml: xml
     end
     logout_urls.each do |item|
       xml.SingleLogoutService Binding: item[:binding], Location: item[:location]

@@ -1,6 +1,8 @@
 module Saml
   module Kit
     class Certificate
+      BEGIN_CERT=/-----BEGIN CERTIFICATE-----/
+      END_CERT=/-----END CERTIFICATE-----/
       attr_reader :value, :use
 
       def initialize(value, use:)
@@ -56,6 +58,10 @@ module Saml
         to_h.inspect
       end
 
+      def stripped
+        value.to_s.gsub(BEGIN_CERT, '').gsub(END_CERT, '').gsub(/\n/, '')
+      end
+
       def self.to_x509(value)
         OpenSSL::X509::Certificate.new(Base64.decode64(value))
       rescue OpenSSL::X509::CertificateError => error

@@ -31,6 +31,14 @@ module Saml
         normalize(encryption_certificate_pem)
       end
 
+      def signing_certificate
+        Saml::Kit::Certificate.new(signing_certificate_pem, use: :signing)
+      end
+
+      def encryption_certificate
+        Saml::Kit::Certificate.new(encryption_certificate_pem, use: :encryption)
+      end
+
       def signing_x509
         Certificate.to_x509(signing_certificate_pem)
       end

@@ -7,8 +7,8 @@ module Saml
         @target = target
       end
 
-      def to_xml(xml: ::Builder::XmlMarkup.new)
-        template.render(target, xml: xml)
+      def to_xml(options)
+        template.render(target, options)
       end
 
       private