42 lines
1.3 KiB
Python
42 lines
1.3 KiB
Python
|
"""Signing code goes here."""
|
||
|
from logging import getLogger
|
||
|
|
||
|
from cryptography.hazmat.backends import default_backend
|
||
|
from cryptography.hazmat.primitives import serialization
|
||
|
from defusedxml import ElementTree
|
||
|
from signxml import XMLSigner
|
||
|
from signxml.util import strip_pem_header
|
||
|
|
||
|
from passbook.core.models import Setting
|
||
|
from passbook.lib.utils import render_to_string
|
||
|
|
||
|
LOGGER = getLogger(__name__)
|
||
|
|
||
|
|
||
|
def load_certificate(strip=False):
|
||
|
"""Get Public key from config"""
|
||
|
cert = Setting.get('certificate')
|
||
|
if strip:
|
||
|
return strip_pem_header(cert.replace('\r', '')).replace('\n', '')
|
||
|
return cert
|
||
|
|
||
|
|
||
|
def load_private_key():
|
||
|
"""Get Private Key from config"""
|
||
|
return Setting.get('private_key')
|
||
|
|
||
|
|
||
|
def sign_with_signxml(private_key, data, cert, reference_uri=None):
|
||
|
"""Sign Data with signxml"""
|
||
|
key = serialization.load_pem_private_key(
|
||
|
str.encode('\n'.join([x.strip() for x in private_key.split('\n')])),
|
||
|
password=None, backend=default_backend())
|
||
|
root = ElementTree.fromstring(data)
|
||
|
signer = XMLSigner(c14n_algorithm='http://www.w3.org/2001/10/xml-exc-c14n#')
|
||
|
return ElementTree.tostring(signer.sign(root, key=key, cert=cert, reference_uri=reference_uri))
|
||
|
|
||
|
|
||
|
def get_signature_xml():
|
||
|
"""Returns XML Signature for subject."""
|
||
|
return render_to_string('saml/xml/signature.xml', {})
|