发表新帖
发表新帖

Validating SAML signature in python

前端 未结
关注
2 1688
逝去的感伤
逝去的感伤 2021-01-19 07:24

I need to implement authentication in python from a 3rd party by using SAML2. I have looked into pysaml2 and found that to be quite confusing, and decided to give M2Crypto a

2条回答
  • 时光取名叫无心
    时光取名叫无心 (楼主)
    2021-01-19 07:27

    I faced the same problem, and had to develop a module for it: https://github.com/kislyuk/signxml. I chose to rely only on PyCrypto and pyOpenSSL, since M2Crypto is less popular and not well-maintained, which is a hazard from both compatibility (e.g. PyPy) and security perspectives. I also use lxml for the canonicalization (c14n). From the signxml docs:

    from signxml import xmldsig

cert = open("example.pem").read()
key = open("example.key").read()
root = ElementTree.fromstring(data)
xmldsig(root).verify()

    0 讨论(0)
 看不清?
提交回复
热议问题