Exemplo n.º 1
0
 def readFile(self):
     if self._aodsFile[-4:] == '.xml':
         # verify whether the signature is valid
         xml_sig_verifyer = XmlSigVerifyer(testhint='aods signature');
         xml_sig_verifyer_response = xml_sig_verifyer.verify(self._aodsFile)
         # verify whether the signer is authorized
         if not os.path.isfile(self.trustCertsFile):
             raise ValidationError('Trust certs file not found: %s' % self.trustCertsFile)
         with open(self.trustCertsFile) as f:
             trustCerts = json.loads(f.read())
         if xml_sig_verifyer_response.signer_cert_pem not in trustCerts:
             raise UnauthorizedAODSSignerError("Signature certificate of policy journal not in "
                 "trusted list. Certificate:\n" + xml_sig_verifyer_response.signer_cert_pem)
         if self.list_trustedcerts:
             self.do_list_trustedcerts(trustCerts, xml_sig_verifyer_response.signer_cert_pem)
         # get contents
         tree = ET.parse(self._aodsFile)
         content = tree.findtext('{http://www.w3.org/2000/09/xmldsig#}Object')
         if len(content) < 0:
             raise ValidationError('AODS contained in XML signature value is empty')
         # logging.debug('Found dsig:SignatureValue/text() in aods:\n%s\n' % content)
         content_body_str = content.replace(DATA_HEADER_B64BZIP, '', 1)
         j_bzip2 = base64.b64decode(content_body_str)
         j = bz2.decompress(j_bzip2)
         return json.loads(j.decode('UTF-8'))
     else:  # must be json
         with open(self._aodsFile, 'r') as f:
             j = json.loads(f.read())
         return j
Exemplo n.º 2
0
 def adminCertSignChallenge(self) -> str:
     logging.debug('challenging admin to create a signature to extract signing cert')
     x = creSignedXML('sign this dummy text - result is used to extract signature certificate.')
     fn = self.mk_temp_filename() + '.xml'
     with open(fn, 'w') as f:
         f.write(x)
     xml_sig_verifyer = XmlSigVerifyer();
     xml_sig_verifyer_response = xml_sig_verifyer.verify(fn, verify_file_extension=False)
     return XY509cert('-----BEGIN CERTIFICATE-----\n' + \
                      xml_sig_verifyer_response.signer_cert_pem + \
                      '\n-----END CERTIFICATE-----\n')
Exemplo n.º 3
0
 def adminCertSignChallenge(self) -> str:
     logging.debug(
         'challenging admin to create a signature to extract signing cert')
     x = creSignedXML(
         'sign this dummy text - result is used to extract signature certificate.'
     )
     fn = self.mk_temp_filename() + '.xml'
     with open(fn, 'w') as f:
         f.write(x)
     xml_sig_verifyer = XmlSigVerifyer()
     xml_sig_verifyer_response = xml_sig_verifyer.verify(
         fn, verify_file_extension=False)
     return XY509cert('-----BEGIN CERTIFICATE-----\n' + \
                      xml_sig_verifyer_response.signer_cert_pem + \
                      '\n-----END CERTIFICATE-----\n')