def _c14n_parse_test(data, remove_whitespace=True, remove_comments=True): xml = xmlsec.parse_xml(data, remove_whitespace=remove_whitespace, remove_comments=remove_comments) out = xmlsec._c14n(xml, False, with_comments=(not remove_comments)) print "C14N output (remove_whitespace={}, remove_comments={}) :\n{}".format( remove_whitespace, remove_comments, out) return out
def sign_statement(self, statement, _class_name, key_file, node_id, _id_attr): """ Sign an XML statement. The parameters actually used in this CryptoBackend implementation are : :param statement: XML as string :param key_file: xmlsec key_spec string(), filename, "pkcs11://" URI or PEM data :returns: Signed XML as string """ import xmlsec import lxml.etree xml = xmlsec.parse_xml(statement) signed = xmlsec.sign(xml, key_file) return lxml.etree.tostring(signed, xml_declaration=True)
def validate_signature(self, signedtext, cert_file, cert_type, _node_name, _node_id, _id_attr): """ Validate signature on XML document. The parameters actually used in this CryptoBackend implementation are : :param signedtext: The signed XML data as string :param cert_file: xmlsec key_spec string(), filename, "pkcs11://" URI or PEM data :param cert_type: string, must be 'pem' for now :returns: True on successful validation, False otherwise """ if cert_type != "pem": raise Unsupported("Only PEM certs supported here") import xmlsec xml = xmlsec.parse_xml(signedtext) try: return xmlsec.verify(xml, cert_file) except xmlsec.XMLSigException: return False
def _c14n_parse_test(data, remove_whitespace=True, remove_comments=True): xml = xmlsec.parse_xml(data, remove_whitespace=remove_whitespace, remove_comments=remove_comments) out = xmlsec._c14n(xml, False, with_comments=(not remove_comments)) print "C14N output (remove_whitespace={}, remove_comments={}) :\n{}".format(remove_whitespace, remove_comments, out) return out
def as_etree(self, n, remove_whitespace=False, remove_comments=False): return xmlsec.parse_xml(self.as_buf(n), remove_whitespace=remove_whitespace, remove_comments=remove_comments)