def test_roundtrip(key_and_cert): ns = ElementMaker(namespace="urn:test", nsmap={"test": "urn:test"}) element_to_sign = ns.signed(ns.content("Value"), ID="test") ns.root(element_to_sign) unsigned_data = utils.serialize_xml(element_to_sign) config = SigningConfig.default() signed_data = sign( element=element_to_sign, private_key=key_and_cert.private_key, certificate=key_and_cert.certificate, config=config, ) verified_element = extract_verified_element( xml=signed_data, certificate=key_and_cert.certificate) assert unsigned_data == utils.serialize_xml(verified_element)
def test_verification_failed2(cert_and_signed): cert, xml = cert_and_signed root = utils.deserialize_xml(xml) signature_value = root.find( ".//{http://www.w3.org/2000/09/xmldsig#}SignatureValue") signature_value.text = signature_value.text + "x" xml = utils.serialize_xml(root) with pytest.raises(binascii.Error): extract_verified_element(xml=xml, certificate=cert)
def roundtrip() -> None: """ Create a super simple XML document: <tag ID='hoge'>Value</tag> Then sign that tag with a randomly generated key/cert pair. Then verify the resulting signed document. """ key, cert = make_key_and_cert() element = E.tag("Value", ID="hoge") print("Unsigned:") print(serialize_xml(element).decode("utf-8")) signed = sign(element=element, private_key=key, certificate=cert) print("=" * 70) print("Signed:") print(signed.decode("utf-8")) verified = extract_verified_element(xml=signed, certificate=cert) print("=" * 70) print("Verified:") print(serialize_xml(verified).decode("utf-8"))
def test_remove_element(input, output): tree = utils.deserialize_xml(input) element = tree.find("remove") utils.remove_preserving_whitespace(element) result = utils.serialize_xml(tree) assert result == output