a /$ZB @sxdZddlmZddlZddlZddlZddlmZddlm Z m Z m Z m Z m Z z ddlZWneyrdZYn0dZdZdZd Zd Zd Zd*d dZddZddd eefddZd+ddZddZd,ddZd-ddZd.ddZedkrtdZ ee Z!e"e!ee d d!d"Z#e"ee#d#Z ee d$d$d!d"edd%Z#e"e ee#ee$d&%Z&ee#d'e#d(e&dd)stJdS)/z,Pythonic XML Security Library implementation)print_functionN)StringIO)BIOEVPRSAX509m2a %(digest_value)s z %(signed_info)s %(signature_value)s %(key_info)s %(ref_xml)s aO %(digest_value)s z %(signed_info)s %(signature_value)s %(key_info)s z %(modulus)s %(exponent)s z %(issuer_name)s %(serial_number)s TcCsTt}tdur.tjt|}|j||dnddlm}||j||d|S)z@Return the canonical (c14n) form of the xml document for hashingN)Z exclusive)SimpleXMLElement)rlxmlZetreeparseZ write_c14nZ simplexmlr getvalue)xmlc14n_excoutputZetr r5/usr/lib/python3/dist-packages/pysimplesoap/xmlsec.py canonicalizebs rcCstt|S)z/Create a SHA1 hash and return the base64 string)base64 b64encodehashlibsha1digest)Zpayloadrrrsha1_hash_digestqsrc slt||}||t|d} t| |} t|fdd} | t| } ||| t | t | ||dS)zISign an XML document usign RSA (templates: enveloped -ref- or enveloping))ref_uriZ digest_valuecsS)Nr)argskwargspasswordrrzrsa_sign..)ref_xmlr signed_infosignature_valuekey_info) rrrZload_keyZsignrrrrrr$) rrZ private_keyrcertr sign_templatekey_info_templater!r"pkey signaturerrrrsa_signvs   r*cCsx|dr t|}t|}n tt}t}| ||j dd| | t |||t|}|dkS)zDVerify a XML document signature usign RSA-SHA1, return True if validz-----BEGIN PUBLIC KEY-----r)Zmdr ) startswithr MemoryBufferrZload_pub_key_bioZ load_pub_keyZ certificaterZPKeyZ assign_rsaZ reset_contextZ verify_initZ verify_updaterZ verify_finalrZ b64decode)rr)keyrbioZrsaZpubkeyZretrrr rsa_verifys      r/cCspt|jdd}tt|jdd}|r>t |nd}||||rX| nd|rf| nddS)zHConvert private key (PEM) to XML Signature format (RSAKeyValue/X509Data)Nhexr)modulusexponentZ issuer_nameZ serial_number) rrerZ bn_to_hexZ mpi_to_bnndecodeencodex509_parse_certZ get_issuerZas_textZget_serial_number)r(r%r'r4r3x509rrrr$sr$FcCsR|rt|}t|tj}n0|drBt|}t|tj}n t|d}|S)zECreate a X509 certificate from binary DER, plain text PEM or filenamez-----BEGIN CERTIFICATE-----r )rr,rZ load_cert_bioZ FORMAT_DERr+Z FORMAT_PEMZ load_cert)r%binaryr.r:rrrr9s    r9cCst||}|S)z:Return the public key (PEM format) from a X509 certificate)r9 get_pubkeyZget_rsaZas_pem)r%r;r:rrrx509_extract_rsa_public_keys r=cCs t|}t||}||S)zGValidate the certificate's authenticity using a certification authority)r9Zverifyr<)Zcacertr%r;ZcaZcrtrrr x509_verifys r>__main__zLdataz#objectzno_encriptada.keyrz=data%sr2)r&rzzunimercado.crtr"r#)r)T)T)F)F)F)'__doc__Z __future__rrrosZ cStringIOrZM2CryptorrrrrZ lxml.etreer ImportErrorZ SIGN_REF_TMPLZ SIGNED_TMPLZ SIGN_ENV_TMPLZSIGNATURE_TMPLZKEY_INFO_RSA_TMPLZKEY_INFO_X509_TMPLrrr*r/r$r9r=r>__name__Z sample_xmlrprintvarsopenreadZ public_keyrrrr sR