1. Advisor
  2. xmlsec
  3. xmlsec code examples
View all xmlsec analysis

How to use xmlsec - 10 common examples

To help you get started, we’ve selected a few xmlsec examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github mehcode / python-xmlsec / tests / test_enc.py View on Github external
def test_init(self):
        ctx = xmlsec.EncryptionContext(manager=xmlsec.KeysManager())
        del ctx
github mehcode / python-xmlsec / tests / examples / test_decrypt.py View on Github external
def test_decrypt2():
    manager = xmlsec.KeysManager()
    filename = path.join(BASE_DIR, 'rsakey.pem')
    key = xmlsec.Key.from_memory(read_from_file(filename), xmlsec.KeyFormat.PEM, None)
    assert key is not None
    manager.add_key(key)

    enc_ctx = xmlsec.EncryptionContext(manager)

    root = parse_xml("enc2-res.xml")
    enc_data = xmlsec.tree.find_child(root, xmlsec.Node.ENCRYPTED_DATA, xmlsec.Namespace.ENC)
    assert enc_data is not None
    decrypted = enc_ctx.decrypt(enc_data)
    assert decrypted.text == "\ntest\n"
github mehcode / python-xmlsec / tests / examples / test_encrypt.py View on Github external
def test_encrypt_xml():
    # Load the public cert
    manager = xmlsec.KeysManager()
    filename = path.join(BASE_DIR, 'rsacert.pem')
    key = xmlsec.Key.from_memory(read_from_file(filename), xmlsec.KeyFormat.CERT_PEM, None)
    assert key is not None
    manager.add_key(key)
    template = parse_xml('enc1-doc.xml')
    assert template is not None
    # Prepare for encryption
    enc_data = xmlsec.template.encrypted_data_create(
        template, xmlsec.Transform.AES128, type=xmlsec.EncryptionType.ELEMENT, ns="xenc")

    xmlsec.template.encrypted_data_ensure_cipher_value(enc_data)
    key_info = xmlsec.template.encrypted_data_ensure_key_info(enc_data, ns="dsig")
    enc_key = xmlsec.template.add_encrypted_key(key_info, xmlsec.Transform.RSA_OAEP)
    xmlsec.template.encrypted_data_ensure_cipher_value(enc_key)

    data = template.find('./Data')

    assert data is not None
github mehcode / python-xmlsec / tests / examples / test_decrypt.py View on Github external
def test_decrypt1():
    manager = xmlsec.KeysManager()
    filename = path.join(BASE_DIR, 'rsakey.pem')
    key = xmlsec.Key.from_memory(read_from_file(filename), xmlsec.KeyFormat.PEM, None)
    assert key is not None
    manager.add_key(key)

    enc_ctx = xmlsec.EncryptionContext(manager)

    root = parse_xml("enc1-res.xml")
    enc_data = xmlsec.tree.find_child(root, "EncryptedData", xmlsec.Namespace.ENC)
    assert enc_data is not None
    decrypted = enc_ctx.decrypt(enc_data)
    assert decrypted.tag == "Data"

    compare("enc1-doc.xml", root)
github mehcode / python-xmlsec / tests / examples / test_sign.py View on Github external
"""
    Should sign a pre-constructed template file
    using a key from a PEM file.
    """

    # Load the pre-constructed XML template.
    template = parse_xml('sign1-tmpl.xml')

    # Find the  node.
    signature_node = xmlsec.tree.find_node(template, xmlsec.Node.SIGNATURE)

    assert signature_node is not None
    assert signature_node.tag.endswith(xmlsec.Node.SIGNATURE)

    # Create a digital signature context (no key manager is needed).
    ctx = xmlsec.SignatureContext()

    # Load private key (assuming that there is no password).
    filename = path.join(BASE_DIR, 'rsakey.pem')
    key = xmlsec.Key.from_file(filename, xmlsec.KeyFormat.PEM)

    assert key is not None

    # Set key name to the file name (note: this is just a test).
    key.name = path.basename(filename)

    # Set the key on the context.
    ctx.key = key

    assert ctx.key is not None
    assert ctx.key.name == path.basename(filename)
    del key
github mehcode / python-xmlsec / tests / examples / test_sign.py View on Github external
template.append(signature_node)

    # Add the  node to the signature template.
    ref = xmlsec.template.add_reference(signature_node, xmlsec.Transform.SHA1, uri=elem_id)

    # Add the enveloped transform descriptor.
    xmlsec.template.add_transform(ref, xmlsec.Transform.ENVELOPED)
    # Add the excl_c14n transform descriptor.
    xmlsec.template.add_transform(ref, xmlsec.Transform.EXCL_C14N)

    # Add the  and  nodes.
    key_info = xmlsec.template.ensure_key_info(signature_node)
    xmlsec.template.add_x509_data(key_info)

    # Create a digital signature context (no key manager is needed).
    ctx = xmlsec.SignatureContext()

    # Load private key (assuming that there is no password).
    filename = path.join(BASE_DIR, 'rsakey.pem')
    key = xmlsec.Key.from_file(filename, xmlsec.KeyFormat.PEM)

    assert key is not None

    # Load the certificate and add it to the key.
    filename = path.join(BASE_DIR, 'rsacert.pem')
    key.load_cert_from_file(filename, xmlsec.KeyFormat.PEM)

    # Set key name to the file name (note: this is just a test).
    key.name = path.basename(filename)

    # Set the key on the context.
    ctx.key = key
github mehcode / python-xmlsec / tests / examples / test_sign.py View on Github external
# Add the  node to the document.
    template.append(signature_node)

    # Add the  node to the signature template.
    ref = xmlsec.template.add_reference(signature_node, xmlsec.Transform.SHA1)

    # Add the enveloped transform descriptor.
    xmlsec.template.add_transform(ref, xmlsec.Transform.ENVELOPED)

    # Add the  and  nodes.
    key_info = xmlsec.template.ensure_key_info(signature_node)
    xmlsec.template.add_key_name(key_info)

    # Create a digital signature context (no key manager is needed).
    ctx = xmlsec.SignatureContext()

    # Load private key (assuming that there is no password).
    filename = path.join(BASE_DIR, 'rsakey.pem')
    key = xmlsec.Key.from_file(filename, xmlsec.KeyFormat.PEM)

    assert key is not None

    # Set key name to the file name (note: this is just a test).
    key.name = path.basename(filename)

    # Set the key on the context.
    ctx.key = key

    assert ctx.key is not None
    assert ctx.key.name == path.basename(filename)
github mehcode / python-xmlsec / tests / examples / test_encrypt.py View on Github external
manager.add_key(key)
    template = etree.Element("root")
    assert template is not None
    # Prepare for encryption
    enc_data = xmlsec.template.encrypted_data_create(
        template, xmlsec.Transform.AES128, type=xmlsec.EncryptionType.CONTENT, ns="xenc",
        mime_type="binary/octet-stream")

    xmlsec.template.encrypted_data_ensure_cipher_value(enc_data)
    key_info = xmlsec.template.encrypted_data_ensure_key_info(enc_data, ns="dsig")
    enc_key = xmlsec.template.add_encrypted_key(key_info, xmlsec.Transform.RSA_OAEP)
    xmlsec.template.encrypted_data_ensure_cipher_value(enc_key)

    # Encrypt!
    enc_ctx = xmlsec.EncryptionContext(manager)
    enc_ctx.key = xmlsec.Key.generate(xmlsec.KeyData.AES, 128, xmlsec.KeyDataType.SESSION)
    enc_data = enc_ctx.encrypt_binary(enc_data, b'test')
    assert enc_data is not None
    assert enc_data.tag == "{%s}%s" % (xmlsec.Namespace.ENC, xmlsec.Node.ENCRYPTED_DATA)
    print(xmlsec.Node.ENCRYPTION_METHOD)
    enc_method = xmlsec.tree.find_child(enc_data, xmlsec.Node.ENCRYPTION_METHOD, xmlsec.Namespace.ENC)
    assert enc_method is not None
    assert enc_method.get("Algorithm") == "http://www.w3.org/2001/04/xmlenc#aes128-cbc"
    key_info = xmlsec.tree.find_child(enc_data, xmlsec.Node.KEY_INFO, xmlsec.Namespace.DS)
    assert key_info is not None
    enc_method = xmlsec.tree.find_node(key_info, xmlsec.Node.ENCRYPTION_METHOD, xmlsec.Namespace.ENC)
    assert enc_method is not None
    assert enc_method.get("Algorithm") == "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
    cipher_value = xmlsec.tree.find_node(key_info, xmlsec.Node.CIPHER_VALUE, xmlsec.Namespace.ENC)
    assert cipher_value is not None
github mehcode / python-xmlsec / tests / test_enc.py View on Github external
def check_decrypt(self, i, ):
        root = self.load_xml('enc%d-out.xml' % i)
        enc_data = xmlsec.tree.find_child(root, consts.NodeEncryptedData, consts.EncNs)
        self.assertIsNotNone(enc_data)

        manager = xmlsec.KeysManager()
        manager.add_key(xmlsec.Key.from_file(self.path("rsakey.pem"), format=consts.KeyDataFormatPem))
        ctx = xmlsec.EncryptionContext(manager)
        decrypted = ctx.decrypt(enc_data)
        self.assertIsNotNone(decrypted)
        self.assertEqual(self.load_xml("enc%d-in.xml" % i), root)
github mehcode / python-xmlsec / tests / examples / test_sign.py View on Github external
def test_sign_binary():
    ctx = xmlsec.SignatureContext()
    filename = path.join(BASE_DIR, 'rsakey.pem')
    key = xmlsec.Key.from_file(filename, xmlsec.KeyFormat.PEM)
    assert key is not None

    key.name = path.basename(filename)

    # Set the key on the context.
    ctx.key = key

    assert ctx.key is not None
    assert ctx.key.name == path.basename(filename)

    data = b'\xa8f4dP\x82\x02\xd3\xf5.\x02\xc1\x03\xef\xc4\x86\xabC\xec\xb7>\x8e\x1f\xa3\xa3\xc5\xb9qc\xc2\x81\xb1-\xa4B\xdf\x03>\xba\xd1'
    expected_sign = b"h\xcb\xb1\x82\xfa`e\x89x\xe5\xc5ir\xd6\xd1Q\x9a\x0b\xeaU_G\xcc'\xa4c\xa3>\x9b27\xbf^`\xa7p\xfb\x98\xcb\x81\xd2\xb1\x0c'\x9d\xe2\n\xec\xb2<\xcf@\x98=\xe0}O8}fy\xc2\xc4\xe9\xec\x87\xf6\xc1\xde\xfd\x96*o\xab\xae\x12\xc9{\xcc\x0e\x93y\x9a\x16\x80o\x92\xeb\x02^h|\xa0\x9b<\x99_\x97\xcb\xe27\xe9u\xc3\xfa_\xcct/sTb\xa0\t\xd3\x93'\xb4\xa4\x0ez\xcbL\x14D\xdb\xe3\x84\x886\xe9J[\xe7\xce\xc0\xb1\x99\x07\x17{\xc6:\xff\x1dt\xfd\xab^2\xf7\x9e\xa4\xccT\x8e~b\xdb\x9a\x04\x04\xbaM\xfa\xbd\xec)z\xbb\x89\xd7\xb2Q\xac\xaf\x13\xdcD\xcd\n6\x92\xfao\xb9\xd9\x96$\xce\xa6\xcf\xf8\xe4Bb60\xf5\xd2a\xb1o\x8c\x0f\x8bl\x88vh\xb5h\xfa\xfa\xb66\xedQ\x10\xc4\xef\xfa\x81\xf0\xc9.^\x98\x1ePQS\x9e\xafAy\x90\xe4\x95\x03V\xc2\xa0\x18\xa5d\xc2\x15*\xb6\xd7$\xc0\t2\xa1"
    sign = ctx.sign_binary(data, xmlsec.Transform.RSA_SHA1)
    assert sign == expected_sign

xmlsec

Python bindings for the XML Security Library

GitHub
MIT
Latest version published 23 days ago

Package Health Score

85 / 100
Full package analysis

Popular xmlsec functions

Similar packages