Skip to content

Commit 40603ae

Browse files
author
Roland Hedberg
committed
Merge branch 'master' of github.com:rohe/pysaml2
2 parents c495b58 + 27187f6 commit 40603ae

File tree

3 files changed

+25
-29
lines changed

3 files changed

+25
-29
lines changed

LICENSE.txt

Lines changed: 9 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,13 @@
11
Copyright 2014 Roland Hedberg. All rights reserved.
22

3-
Redistribution and use in source and binary forms, with or without modification, are
4-
permitted provided that the following conditions are met:
3+
Licensed under the Apache License, Version 2.0 (the "License");
4+
you may not use this file except in compliance with the License.
5+
You may obtain a copy of the License at
56

6-
1. Redistributions of source code must retain the above copyright notice, this list of
7-
conditions and the following disclaimer.
7+
http://www.apache.org/licenses/LICENSE-2.0
88

9-
2. Redistributions in binary form must reproduce the above copyright notice, this list
10-
of conditions and the following disclaimer in the documentation and/or other materials
11-
provided with the distribution.
12-
13-
THIS SOFTWARE IS PROVIDED BY Roland Hedberg ``AS IS'' AND ANY EXPRESS OR IMPLIED
14-
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
15-
FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL Roland Hedberg OR
16-
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
17-
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
18-
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
19-
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
20-
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
21-
ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
22-
23-
The views and conclusions contained in the software and documentation are those of the
24-
authors and should not be interpreted as representing official policies, either expressed
25-
or implied of their employers.
9+
Unless required by applicable law or agreed to in writing, software
10+
distributed under the License is distributed on an "AS IS" BASIS,
11+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
See the License for the specific language governing permissions and
13+
limitations under the License.

MANIFEST.in

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
include INSTALL
2+
include LICENSE.txt
23
include README
34
include TODO
45
recursive-include tests *

src/saml2/sigver.py

Lines changed: 15 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,10 @@
55
""" Functions connected to signing and verifying.
66
Based on the use of xmlsec1 binaries and not the python xmlsec module.
77
"""
8+
from OpenSSL import crypto
89

910
import base64
11+
from base64 import b64decode
1012
import hashlib
1113
import logging
1214
import os
@@ -382,20 +384,25 @@ def active_cert(key):
382384
:param key: The Key
383385
:return: True if the key is active else False
384386
"""
385-
cert_str = pem_format(key)
386-
certificate = importKey(cert_str)
387387
try:
388-
not_before = to_time(str(certificate.get_not_before()))
389-
not_after = to_time(str(certificate.get_not_after()))
390-
assert not_before < utc_now()
391-
assert not_after > utc_now()
392-
return True
388+
cert_str = pem_format(key)
389+
try:
390+
certificate = importKey(cert_str)
391+
not_before = to_time(str(certificate.get_not_before()))
392+
not_after = to_time(str(certificate.get_not_after()))
393+
assert not_before < utc_now()
394+
assert not_after > utc_now()
395+
return True
396+
except:
397+
cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert_str)
398+
assert cert.has_expired() == 0
399+
assert not OpenSSLWrapper().certificate_not_valid_yet(cert)
400+
return True
393401
except AssertionError:
394402
return False
395403
except AttributeError:
396404
return False
397405

398-
399406
def cert_from_key_info(key_info, ignore_age=False):
400407
""" Get all X509 certs from a KeyInfo instance. Care is taken to make sure
401408
that the certs are continues sequences of bytes.

0 commit comments

Comments
 (0)