Changeset 4133


Ignore:
Timestamp:
26/08/08 16:35:22 (11 years ago)
Author:
cbyrom
Message:

Fix checks for inclusive/exclusive namespace use + set default use
of exclusive NS canonicalisation for the dom class - since the ZSI
Canonicalization method does not seem to work without this.

Location:
TI12-security/trunk/python/ndg.security.common/ndg/security/common/wssecurity
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/wssecurity/BaseSignatureHandler.py

    r4131 r4133  
    402402    def __refC14nIsExcl(self): 
    403403        return isinstance(self._refC14nKw, dict) and \ 
    404                isinstance(self._refC14nKw.get('inclusive_namespaces'), list) 
     404               isinstance(self._refC14nKw.get('inclusive_namespaces'), list) and \ 
     405               len(self._refC14nKw['inclusive_namespaces']) > 0 
    405406                
    406407    refC14nIsExcl = property(fget=__refC14nIsExcl, 
    407408    doc="Return True/False c14n for reference elements set to exclusive type") 
     409 
    408410      
    409  
    410411    #_________________________________________________________________________ 
    411412    def __signedInfoC14nIsExcl(self): 
    412413        return isinstance(self._signedInfoC14nKw, dict) and \ 
    413         isinstance(self._signedInfoC14nKw.get('inclusive_namespaces'), list) 
    414                 
     414        isinstance(self._signedInfoC14nKw.get('inclusive_namespaces'), list) and \ 
     415        len(self._signedInfoC14nKw['inclusive_namespaces']) > 0 
     416         
    415417    signedInfoC14nIsExcl = property(fget=__signedInfoC14nIsExcl, 
    416     doc="Return True/False c14n for SignedInfo element set to exclusive type") 
     418                                    doc="Return True/False c14n for SignedInfo element set to exclusive type") 
    417419     
    418420     
     
    469471        "Set property method for X.509 cert. used to verify a signature" 
    470472        log.debug("Setting verifying cert") 
    471         print "Cert:", verifyingCert 
    472473        self._verifyingCert = self.__setCert(verifyingCert) 
    473474        # Reset file path as it may no longer apply 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/wssecurity/dom.py

    r4129 r4133  
    231231         
    232232        refC14nPfxSet = False 
    233         if isinstance(self.refC14nKw.get('inclusive_namespaces'), list) and \ 
    234             len(self.refC14nKw['inclusive_namespaces']) > 0: 
     233        if self.refC14nIsExcl: 
    235234            refC14nPfxSet = True  
    236235 
    237236        signedInfoC14nPfxSet = False 
    238         if isinstance(self.signedInfoC14nKw.get('inclusive_namespaces'), list) and \ 
    239             len(self.signedInfoC14nKw['inclusive_namespaces']) > 0: 
     237        if self.signedInfoC14nIsExcl: 
    240238            signedInfoC14nPfxSet = True 
    241239                 
     
    302300        c14nAlgOpt = (DSIG.C14N, DSIG.C14N_EXCL) 
    303301        signedInfoC14nAlg = c14nAlgOpt[int(self.signedInfoC14nIsExcl)] 
     302 
     303        log.info("Forcing use of exclusive namespaces - inclusive namespaces \ 
     304            do not seem to work for ZSI.Canonicalize") 
     305        # TODO: remove this line if ZSI.Canonicalize ever starts working with 
     306        # inclusive NS 
     307        signedInfoC14nAlg = c14nAlgOpt[1] 
    304308         
    305309        c14nMethodElem.node.setAttribute('Algorithm', signedInfoC14nAlg) 
     
    351355        # Set based on 'signedInfoIsExcl' property 
    352356        refC14nAlg = c14nAlgOpt[self.refC14nIsExcl] 
     357 
     358        log.info("Forcing use of exclusive namespaces - inclusive namespaces \ 
     359            do not seem to work for ZSI.Canonicalize") 
     360        # TODO: remove this line if ZSI.Canonicalize ever starts working with 
     361        # inclusive NS 
     362        refC14nAlg = c14nAlgOpt[1] 
    353363         
    354364        # 1) Reference Generation 
Note: See TracChangeset for help on using the changeset viewer.