[ENHANCEMENT]: wssecurity - getCertFromKeyInfo not possible

[shunkica]

Is your feature request related to a problem? Please describe...

In wssecurity, the certificate is not contained within KeyInfo, instead KeyInfo only contains a reference to the BinarySecurityToken element, which contains the certificate.

Therefore the current getCertFromKeyInfo function can not be used to retrieve the certificate when wssecurity is used.

The BinarySecurityToken is also not inside the Signature element, so traversing to parents from the KeyInfo element is not possible.

Describe teh solution you'd like...

getCertFromKeyInfo currently only gets the KeyInfo node, but it should also be passed the Security element when wsssecurity is used. Alternatively, the root xml node should also be passed to getCertFromKeyInfo

xml-crypto/src/signed-xml.ts

Line 267 in 0ed7ab2

const key = this.getCertFromKeyInfo(this.keyInfo) || this.publicCert || this.privateKey;

Most simple solution would be:
const key = this.getCertFromKeyInfo(this.keyInfo, doc) || this.publicCert || this.privateKey;

Describe the alternatives you've considered...

Parsing the xml outside the library and injecting the BinarySecurityToken into the SignedXml publicCert property

[cjbarth]

This seems reasonable. If possible, please reference the spec on this and feel free to put up a PR that will do this. It seems that if the doc is being passed, then this.keyInfo wouldn't also be needed, but I'll wait for commenting until I see what code solution you have in mind.