From 375a67cc63ff542b54f7e0e7cf9104aa4a865439 Mon Sep 17 00:00:00 2001
From: Martin van Es <martin@mrvanes.com>
Date: Wed, 26 Jan 2022 08:46:30 +0100
Subject: [PATCH] Use xmlsec for all signing

---
 mdserver.py |  4 ++--
 mdsigner.py |  4 ++--
 signers.py  | 11 +++++------
 utils.py    |  3 ---
 4 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/mdserver.py b/mdserver.py
index 8fed186..b3dec1a 100755
--- a/mdserver.py
+++ b/mdserver.py
@@ -1,10 +1,10 @@
 #!/usr/bin/env python
-from utils import read_config, Resource, server
+from utils import read_config, Resource, Server
 from flask import Flask, Response
 
 config = read_config()
 app = Flask(__name__)
-
+server = Server()
 
 @app.route('/<domain>/entities/<path:entity_id>', methods=['GET'])
 def serve(domain, entity_id):
diff --git a/mdsigner.py b/mdsigner.py
index 3dc533f..7c3e160 100755
--- a/mdsigner.py
+++ b/mdsigner.py
@@ -6,8 +6,8 @@ from concurrent.futures import ThreadPoolExecutor
 from lxml import etree as ET
 # import traceback
 
-from utils import hasher, Signers
-
+from utils import hasher
+from signers import Signers
 
 # Find all IdP's in edugain metadata
 idps = []
diff --git a/signers.py b/signers.py
index 9168c7a..e9717f0 100644
--- a/signers.py
+++ b/signers.py
@@ -1,22 +1,21 @@
 import xmlsec
-from signxml import XMLSigner
 
-cert = open("meta.crt").read()
-key = open("meta.key").read()
+cert = "meta.crt"
+key = "meta.key"
 
 
 def Signers(signer):
     def _normal_signer(xml):
         print("Normal signer")
-        return XMLSigner().sign(xml, key=key, cert=cert)
+        return xmlsec.sign(xml, key_spec=key, cert_spec=cert)
 
     def _test_signer(xml):
         print("Test signer")
-        return XMLSigner().sign(xml, key=key, cert=cert)
+        return xmlsec.sign(xml, key_spec=key, cert_spec=cert)
 
     def _foobar_signer(xml):
         print("Foobar signer")
-        return XMLSigner().sign(xml, key=key, cert=cert)
+        return xmlsec.sign(xml, key_spec=key, cert_spec=cert)
 
     def _hsm_signer(xml):
         print("HSM signer")
diff --git a/utils.py b/utils.py
index 6fffdcd..0792dc0 100755
--- a/utils.py
+++ b/utils.py
@@ -151,6 +151,3 @@ class Server:
 
     def __getitem__(self, domain):
         return self.__dict__[domain]
-
-
-server = Server()
-- 
GitLab