def test_encrypt_assertion_no_assertion(self): root = Element(Q_NAMES['saml2p:Response']) response = SAMLResponse((ElementTree(root))) # Nothing to encrypt. self.assertFalse( response.encrypt_assertion(CERT_FILE, XmlBlockCipher.AES256_CBC, XmlKeyTransport.RSA_OAEP_MGF1P))
def test_encrypt_assertion_without_encrypted_assertion_elm(self): root = Element(Q_NAMES['saml2p:Response']) first_child = SubElement(root, 'FirstChild') assertion = SubElement(root, Q_NAMES['saml2:Assertion']) SubElement(assertion, Q_NAMES['saml2:Issuer']).text = 'CZ.NIC' third_child = SubElement(root, 'ThirdChild') response = SAMLResponse((ElementTree(root))) # Encryption happened. self.assertTrue( response.encrypt_assertion(CERT_FILE, XmlBlockCipher.AES256_CBC, XmlKeyTransport.RSA_OAEP_MGF1P)) # Order of elements kept. self.assertIs(root[0], first_child) self.assertIs(root[2], third_child) # <Assertion> replaced with <EncryptedAssertion>. self.assertEqual(root[1].tag, Q_NAMES['saml2:EncryptedAssertion']) self.assertEqual(root[1][0].tag, Q_NAMES['xmlenc:EncryptedData']) # Make sure we can decrypt the result. self.assertEqual(response.decrypt(KEY_FILE), 1)