def test_encrypt_assertion_no_assertion(self):
     root = Element(Q_NAMES['saml2p:Response'])
     response = SAMLResponse((ElementTree(root)))
     # Nothing to encrypt.
     self.assertFalse(
         response.encrypt_assertion(CERT_FILE, XmlBlockCipher.AES256_CBC,
                                    XmlKeyTransport.RSA_OAEP_MGF1P))
    def test_encrypt_assertion_without_encrypted_assertion_elm(self):
        root = Element(Q_NAMES['saml2p:Response'])
        first_child = SubElement(root, 'FirstChild')
        assertion = SubElement(root, Q_NAMES['saml2:Assertion'])
        SubElement(assertion, Q_NAMES['saml2:Issuer']).text = 'CZ.NIC'
        third_child = SubElement(root, 'ThirdChild')
        response = SAMLResponse((ElementTree(root)))

        # Encryption happened.
        self.assertTrue(
            response.encrypt_assertion(CERT_FILE, XmlBlockCipher.AES256_CBC,
                                       XmlKeyTransport.RSA_OAEP_MGF1P))
        # Order of elements kept.
        self.assertIs(root[0], first_child)
        self.assertIs(root[2], third_child)
        # <Assertion> replaced with <EncryptedAssertion>.
        self.assertEqual(root[1].tag, Q_NAMES['saml2:EncryptedAssertion'])
        self.assertEqual(root[1][0].tag, Q_NAMES['xmlenc:EncryptedData'])
        # Make sure we can decrypt the result.
        self.assertEqual(response.decrypt(KEY_FILE), 1)