def main(): # 1. Read XML # ======== xml = open("samples/second-unsigned.xml").read() # 2. Load RSA private key for signatures # ================================== data = open("samples/privkey_1_rsa_2048.pem").read() key_dict = rsa_x509_pem.parse(data) key = rsa_x509_pem.get_key(key_dict) # 3. Generate key info: choose one: # ============================== # - Style #1: embed RSA public key into signature itself key_info_xml1 = xmldsig.key_info_xml_rsa(key_dict['modulus'], key_dict['publicExponent']) # - Style #2: embed matching certificate from file into signature cert_lines = open("samples/rsa_cert_1_2048.pem").readlines() cert = ''.join([s.strip() for s in cert_lines[1:-1]]) key_info_xml2 = xmldsig.key_info_xml_cert(cert, "SubjectName") # note: subject_name = SubjectName to match provided example "samples/second.xml" # - Assume Style #2... key_info_xml = key_info_xml2 # 4. Sign XML Document # ============================== f_priv = rsa_x509_pem.f_private(key) signed_xml = xmldsig.sign(xml, f_priv, key_info_xml, key.size(), "Name") print signed_xml # 5. Verify signature f_pub = rsa_x509_pem.f_public(key) is_verified = xmldsig.verify(signed_xml, f_pub, key.size()) assert(is_verified) print "OK."
def test_signing_short(self): xmldsig.sign(EXAMPLE_XML, PEM_FILE, 'foobar', 'foo')
def sign(XML): result=xmldsig.sign(XML.replace("\n",""),'certs/file.key') print result