Skip to content

Commit

Permalink
If timestamp is not listed in sp, don't sign
Browse files Browse the repository at this point in the history
  • Loading branch information
@blaggacao
blaggacao committed Sep 21, 2024
1 parent 74526d1 commit e6267bd
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 6 deletions.
7 changes: 1 addition & 6 deletions src/zeep/wsse/signature.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -247,12 +247,7 @@ def _signature_prepare(envelope, key, signature_method, digest_method, signature
# Perform the actual signing.
ctx = xmlsec.SignatureContext()
ctx.key = key
# Sign default elements if present
timestamp = security.find(QName(ns.WSU, "Timestamp"))
if timestamp != None:
_sign_node(ctx, signature, timestamp, digest_method)

# Sign extra elements defined in WSDL
# Sign elements defined in WSDL
if signatures is not None:
if signatures["body"] or signatures["everything"]:
_sign_node(
Expand Down
2 changes: 2 additions & 0 deletions tests/test_wsse_signature.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,13 +74,15 @@ def test_sign_timestamp_if_present(
"""
)

signatures = {"everything": False, "body": True, "header": [{'Name': 'Timestamp', 'Namespace': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'}]}
signature.sign_envelope(
envelope,
KEY_FILE,
KEY_FILE,
None,
signature_method=getattr(xmlsec.Transform, signature_method),
digest_method=getattr(xmlsec.Transform, digest_method),
signatures=signatures,
)
signature.verify_envelope(envelope, KEY_FILE)
digests = envelope.xpath("//ds:DigestMethod", namespaces={"ds": ns.DS})
Expand Down

0 comments on commit e6267bd

Please sign in to comment.