src/xmlsec/constants.py
from xmlsec.exceptions import XMLSigException
_SHA1_INTERNAL = 'SHA1'
_SHA256_INTERNAL = 'SHA256'
_SHA384_INTERNAL = 'SHA384'
_SHA512_INTERNAL = 'SHA512'
TRANSFORM_ENVELOPED_SIGNATURE = 'http://www.w3.org/2000/09/xmldsig#enveloped-signature'
TRANSFORM_C14N_EXCLUSIVE_WITH_COMMENTS = 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments'
TRANSFORM_C14N_EXCLUSIVE = 'http://www.w3.org/2001/10/xml-exc-c14n#'
TRANSFORM_C14N_INCLUSIVE = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'
ALGORITHM_DIGEST_SHA1 = "http://www.w3.org/2000/09/xmldsig#sha1"
ALGORITHM_DIGEST_SHA256 = "http://www.w3.org/2001/04/xmlenc#sha256"
ALGORITHM_DIGEST_SHA384 = "http://www.w3.org/2001/04/xmlenc#sha384"
ALGORITHM_DIGEST_SHA512 = "http://www.w3.org/2001/04/xmlenc#sha512"
ALGORITHM_SIGNATURE_RSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
ALGORITHM_SIGNATURE_RSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
ALGORITHM_SIGNATURE_RSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
ALGORITHM_SIGNATURE_RSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
# ASN.1 BER SHA1 algorithm designator prefixes (RFC3447)
ASN1_BER_ALG_DESIGNATOR_PREFIX = {
# disabled 'md2': '\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x02\x05\x00\x04\x10',
# disabled 'md5': '\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05\x05\x00\x04\x10',
_SHA1_INTERNAL: b'\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14',
_SHA256_INTERNAL: b'\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20',
_SHA384_INTERNAL: b'\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x05\x00\x04\x30',
_SHA512_INTERNAL: b'\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x05\x00\x04\x40',
}
sign_alg_xmldsig_digest_to_internal_d = {
ALGORITHM_DIGEST_SHA1: _SHA1_INTERNAL,
ALGORITHM_DIGEST_SHA256: _SHA256_INTERNAL,
ALGORITHM_DIGEST_SHA384: _SHA384_INTERNAL,
ALGORITHM_DIGEST_SHA512: _SHA512_INTERNAL,
}
sign_alg_xmldsig_sig_to_internal_d = {
ALGORITHM_SIGNATURE_RSA_SHA1: _SHA1_INTERNAL,
ALGORITHM_SIGNATURE_RSA_SHA256: _SHA256_INTERNAL,
ALGORITHM_SIGNATURE_RSA_SHA384: _SHA384_INTERNAL,
ALGORITHM_SIGNATURE_RSA_SHA512: _SHA512_INTERNAL,
}
def _try_a_to_b(dic, item):
try:
return dic[item]
except KeyError:
raise XMLSigException("Algorithm '%s' not supported." % item)
def sign_alg_xmldsig_sig_to_internal(xmldsig_sign_alg):
return _try_a_to_b(sign_alg_xmldsig_sig_to_internal_d, xmldsig_sign_alg)
def sign_alg_xmldsig_digest_to_internal(xmldsig_digest_alg):
return _try_a_to_b(sign_alg_xmldsig_digest_to_internal_d, xmldsig_digest_alg)