def test_encrypt_assertion_no_assertion(self):
root = Element(Q_NAMES['saml2p:Response'])
response = SAMLResponse((ElementTree(root)))
# Nothing to encrypt.
self.assertFalse(
response.encrypt_assertion(CERT_FILE, XmlBlockCipher.AES256_CBC,
XmlKeyTransport.RSA_OAEP_MGF1P))
def test_encrypt_assertion_without_encrypted_assertion_elm(self):
root = Element(Q_NAMES['saml2p:Response'])
first_child = SubElement(root, 'FirstChild')
assertion = SubElement(root, Q_NAMES['saml2:Assertion'])
SubElement(assertion, Q_NAMES['saml2:Issuer']).text = 'CZ.NIC'
third_child = SubElement(root, 'ThirdChild')
response = SAMLResponse((ElementTree(root)))
# Encryption happened.
self.assertTrue(
response.encrypt_assertion(CERT_FILE, XmlBlockCipher.AES256_CBC,
XmlKeyTransport.RSA_OAEP_MGF1P))
# Order of elements kept.
self.assertIs(root[0], first_child)
self.assertIs(root[2], third_child)
# <Assertion> replaced with <EncryptedAssertion>.
self.assertEqual(root[1].tag, Q_NAMES['saml2:EncryptedAssertion'])
self.assertEqual(root[1][0].tag, Q_NAMES['xmlenc:EncryptedData'])
# Make sure we can decrypt the result.
self.assertEqual(response.decrypt(KEY_FILE), 1)
